code.ossystems Code Review - openembedded-core.git/commit

author	Chen Qi <Qi.Chen@windriver.com>
	Wed, 2 Jul 2014 06:24:39 +0000 (14:24 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 3 Jul 2014 16:38:47 +0000 (17:38 +0100)
commit	e017ae71dad4837b0d22f291b0b0e0949075f822
tree	1ad8f59dd021e72ad630b4ec9e9cfed463316004	tree \| snapshot
parent	adaa0568390d0dfef1c4d87809601aab85299e97	commit \| diff

openssh: avoid checking empty passwords to mess up with PAM modules

Previously, even if PAM is enabled for ssh, the daemon still tries to
authenticate an empty password. This leads to authentication failure
which would mess up with PAM modules.

As a result, if 'UsePAM', 'PermitEmptyPasswords' and 'PasswordAuthentication'
are enabled, no user can login correctly. We would meet the following error
message at the client side.

Write failed: Broken Pipe

This patch fixes the above problem by checking whether PAM is enabled before
authenticating an empty password. After all, if PAM is enabled, the task of
authenticating passwords should be handled to PAM modules.

[YOCTO #6466]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/openssh/openssh_6.6p1.bb		diff \| blob \| history