From: nekral-guest Date: Sat, 20 Sep 2008 20:05:22 +0000 (+0000) Subject: * src/login.c: Erase the username later since it it used for the X-Git-Tag: 4.1.3~153 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c8d2175981bb7dd96ebc4541d33f7a3f1083efea;p=shadow * src/login.c: Erase the username later since it it used for the fake password check (in case of empty password). --- diff --git a/ChangeLog b/ChangeLog index c590ac64..586a5be2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ * src/login.c: Make sure a username is specified with -f. * src/login.c: Explicitly tag the end of the #ifdef RLOGIN sections. + * src/login.c: Erase the username later since it it used for the + fake password check (in case of empty password). 2008-09-20 Nicolas François diff --git a/src/login.c b/src/login.c index 4a9cab01..eb500825 100644 --- a/src/login.c +++ b/src/login.c @@ -975,14 +975,13 @@ int main (int argc, char **argv) failent.ut_type = USER_PROCESS; failtmp (&failent); } - free (username); - username = NULL; retries--; if (retries <= 0) { SYSLOG ((LOG_CRIT, "REPEATED login failures%s", fromhost)); } + /* * If this was a passwordless account and we get here, login * was denied (securetty, faillog, etc.). There was no @@ -994,6 +993,13 @@ int main (int argc, char **argv) pw_auth ("!", username, reason, (char *) 0); } + /* + * Authentication of this user failed. + * The username must be confirmed in the next try. + */ + free (username); + username = NULL; + /* * Wait a while (a la SVR4 /usr/bin/login) before attempting * to login the user again. If the earlier alarm occurs