Relevant BUGIDs:

[linux-pam] / modules / pam_unix / pam_unix_auth.c

diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c
index 5cdec27f46fe868d605f21629acf7211b93ba6f7..dfedd608b84086eb9fa11416065f1883ca082132 100644 (file)
--- a/modules/pam_unix/pam_unix_auth.c
+++ b/modules/pam_unix/pam_unix_auth.c
@@ -111,7 +111,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
 
        D(("called."));
 
-       ctrl = _set_ctrl(pamh, flags, NULL, argc, argv);
+       ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv);
 
        /* Get a few bytes so we can pass our return value to
           pam_sm_setcred(). */
@@ -124,11 +124,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
        if (retval == PAM_SUCCESS) {
                /*
                 * Various libraries at various times have had bugs related to
-                * '+' or '-' as the first character of a user name. Don't take
-                * any chances here. Require that the username starts with an
-                * alphanumeric character.
+                * '+' or '-' as the first character of a user name. Don't
+                * allow this characters here.
                 */
-               if (name == NULL || !isalnum(*name)) {
+               if (name == NULL || name[0] == '-' || name[0] == '+') {
                        pam_syslog(pamh, LOG_ERR, "bad username [%s]", name);
                        retval = PAM_USER_UNKNOWN;
                        AUTH_RETURN;