diff options
author | Conrad Meyer <cem@FreeBSD.org> | 2017-10-03 00:53:11 +0000 |
---|---|---|
committer | Conrad Meyer <cem@FreeBSD.org> | 2017-10-03 00:53:11 +0000 |
commit | 2c9a33f557a311c4a445104c60a08ad25b3c3ec8 (patch) | |
tree | b1985ba868ff98013b7bdcb82868810e810f61dc /sbin | |
parent | 61d53d8fce597670a475e3b5e8c26cc4d44c63f9 (diff) | |
download | src-2c9a33f557a311c4a445104c60a08ad25b3c3ec8.tar.gz src-2c9a33f557a311c4a445104c60a08ad25b3c3ec8.zip |
Correct sense of crypt(3) NULL checks in init(8) and lock(1)
In r231994, an attempt was made to fix crypt(3) failure returns (NULL).
However, instead of treating crypt(3) failure as authentication failure,
some of the changes treated crypt(3) failure as authentication success.
This is wrong.
r324225 fixed this for ppp, which also inspired this review. The other
changes in the 231994 revision were audited for correctness and look ok.
Reviewed by: jhb
Security: yes
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12571
Notes
Notes:
svn path=/head/; revision=324229
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/init/init.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sbin/init/init.c b/sbin/init/init.c index 34e40457622f..5fac6e2e180a 100644 --- a/sbin/init/init.c +++ b/sbin/init/init.c @@ -919,7 +919,7 @@ single_user(void) _exit(0); password = crypt(clear, pp->pw_passwd); bzero(clear, _PASSWORD_LEN); - if (password == NULL || + if (password != NULL && strcmp(password, pp->pw_passwd) == 0) break; warning("single-user login failed\n"); |