From 6b4105ffe62c1df203ac7a9220e4780c1c69ceaf Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Wed, 9 May 2012 22:51:59 +0800
Subject: [PATCH] Fix empty password immediate login

---
 options.h        | 3 +--
 svr-auth.c       | 3 ++-
 svr-authpasswd.c | 9 +--------
 3 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/options.h b/options.h
index 4c7433ed..14dda0c7 100644
--- a/options.h
+++ b/options.h
@@ -179,8 +179,7 @@ much traffic. */
 
 /* Define this to allow logging in to accounts that have no password specified.
  * Public key logins are allowed for blank-password accounts regardless of this
- * setting.  PAM is not affected by this setting, it uses the normal pam.d
- * settings ('nullok' option) */
+ * setting. */
 /* #define ALLOW_BLANK_PASSWORD */
 
 #define ENABLE_CLI_PASSWORD_AUTH
diff --git a/svr-auth.c b/svr-auth.c
index 04321fe2..fbfd27c2 100644
--- a/svr-auth.c
+++ b/svr-auth.c
@@ -155,9 +155,10 @@ void recv_msg_userauth_request() {
 				AUTH_METHOD_NONE_LEN) == 0) {
 		TRACE(("recv_msg_userauth_request: 'none' request"))
 #ifdef ALLOW_BLANK_PASSWORD
+		TRACE(("pw_passwd '%s'", ses.authstate.pw_passwd))
 		if (!svr_opts.noauthpass 
 				&& !(svr_opts.norootpass && ses.authstate.pw_uid == 0) 
-				&& ses.authstate.pw_passwd == '\0') 
+				&& ses.authstate.pw_passwd[0] == '\0') 
 		{
 			dropbear_log(LOG_NOTICE, 
 					"Auth succeeded with blank password for '%s' from %s",
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index ceeb4d8c..c8c83f91 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -39,7 +39,6 @@ void svr_auth_password() {
 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
 	unsigned char * password;
-	int success_blank = 0;
 	unsigned int passwordlen;
 
 	unsigned int changepw;
@@ -68,19 +67,13 @@ void svr_auth_password() {
 
 	/* check for empty password */
 	if (passwdcrypt[0] == '\0') {
-#ifdef ALLOW_BLANK_PASSWORD
-		if (passwordlen == 0) {
-			success_blank = 1;
-		}
-#else
 		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
 				ses.authstate.pw_name);
 		send_msg_userauth_failure(0, 1);
 		return;
-#endif
 	}
 
-	if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) {
+	if (strcmp(testcrypt, passwdcrypt) == 0) {
 		/* successful authentication */
 		dropbear_log(LOG_NOTICE, 
 				"Password auth succeeded for '%s' from %s",
-- 
GitLab