[LON-CAPA-cvs] cvs: loncom / lond
foxr
lon-capa-cvs@mail.lon-capa.org
Fri, 20 Sep 2002 02:04:07 -0000
foxr Thu Sep 19 22:04:07 2002 EDT
Modified files:
/loncom lond
Log:
bug 779 Detect local auth of a nonexistent user and unconditionally fail it.
Index: loncom/lond
diff -u loncom/lond:1.98 loncom/lond:1.99
--- loncom/lond:1.98 Thu Sep 19 17:16:24 2002
+++ loncom/lond Thu Sep 19 22:04:07 2002
@@ -2,7 +2,7 @@
# The LearningOnline Network
# lond "LON Daemon" Server (port "LOND" 5663)
#
-# $Id: lond,v 1.98 2002/09/19 21:16:24 foxr Exp $
+# $Id: lond,v 1.99 2002/09/20 02:04:07 foxr Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -695,21 +695,29 @@
my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
my $pwdcorrect=0;
if ($howpwd eq 'internal') {
+ &Debug("Internal auth");
$pwdcorrect=
(crypt($upass,$contentpwd) eq $contentpwd);
} elsif ($howpwd eq 'unix') {
- $contentpwd=(getpwnam($uname))[1];
- my $pwauth_path="/usr/local/sbin/pwauth";
- unless ($contentpwd eq 'x') {
- $pwdcorrect=
- (crypt($upass,$contentpwd) eq $contentpwd);
- }
+ &Debug("Unix auth");
+ if((getpwnam($uname))[1] eq "") { #no such user!
+ $pwdcorrect = 0;
+ } else {
+ $contentpwd=(getpwnam($uname))[1];
+ my $pwauth_path="/usr/local/sbin/pwauth";
+ unless ($contentpwd eq 'x') {
+ $pwdcorrect=
+ (crypt($upass,$contentpwd) eq
+ $contentpwd);
+ }
+
elsif (-e $pwauth_path) {
open PWAUTH, "|$pwauth_path" or
die "Cannot invoke authentication";
print PWAUTH "$uname\n$upass\n";
close PWAUTH;
$pwdcorrect=!$?;
+ }
}
} elsif ($howpwd eq 'krb4') {
$null=pack("C",0);