summaryrefslogblamecommitdiffstats
path: root/source/installer/sources/dropbear/dropbear_emptypass.patch
blob: a3f27f47e3a2a13a8e404356e5ffb67bb59cba6c (plain) (tree) 
b893b1174 ^





76fc4757a ^

b893b1174 ^














1
2
3
4
5

6

7
8
9
10
11
12
13
14
15
16
17
18
19
20





                                                                                                      
 













                                                                                   
diff -Nur dropbear-20171018_fa3b0dd3.orig/svr-authpasswd.c dropbear-20171018_fa3b0dd3/svr-authpasswd.c
--- dropbear-20171018_fa3b0dd3.orig/svr-authpasswd.c	2018-01-13 19:19:59.000000000 -0600
+++ dropbear-20171018_fa3b0dd3/svr-authpasswd.c	2018-01-13 23:07:16.441369958 -0600
@@ -88,12 +88,16 @@
 	}
 
 	/* check for empty password */
+	/* Yep, good idea, but for our usage, it's okay - dropbear has to be
+	   started manually in the installer, so setting a password or not is
+	   up to the admin
 	if (passwdcrypt[0] == '\0') {
 		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
 				ses.authstate.pw_name);
 		send_msg_userauth_failure(0, 1);
 		return;
 	}
+	*/
 
 	if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
 		/* successful authentication */
generated by cgit v1.2.3-80-g2a13 (git 2.46.2) at 2024-11-01 16:28:27 +0000