Don't display skey error on s/key logins... This gives attackers some

information
1996-09-18 21:23:37 +00:00 · 1996-09-18 21:23:37 +00:00 · e1fa4673e0
parent 8644dce05c
commit e1fa4673e0
1 changed files with 5 additions and 8 deletions
--- a/usr.bin/login/login.c
+++ b/usr.bin/login/login.c
@ -1,4 +1,4 @@
-/*	$NetBSD: login.c,v 1.13 1996/05/15 23:50:16 jtc Exp $	*/
+/*	$NetBSD: login.c,v 1.14 1996/09/18 21:23:37 explorer Exp $	*/

 /*-
 * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@ -43,7 +43,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "@(#)login.c	8.4 (Berkeley) 4/2/94";
 #endif
-static char rcsid[] = "$NetBSD: login.c,v 1.13 1996/05/15 23:50:16 jtc Exp $";
+static char rcsid[] = "$NetBSD: login.c,v 1.14 1996/09/18 21:23:37 explorer Exp $";
 #endif /* not lint */

 /*
@ -467,14 +467,11 @@ pwcheck(user, p, salt, passwd)
 	char *user, *p, *salt, *passwd;
 {
 #ifdef SKEY
-	if (strcasecmp(p, "s/key") == 0) {
-		if (skey_haskey(user)) {
-			fprintf(stderr, "You have no s/key. ");
+	if (strcasecmp(p, "s/key") == 0)
+		if (skey_haskey(user))
 			return 1;
-		} else {
+		else
 			return skey_authenticate(user);
-		}
-	}
 #endif
 	return strcmp(crypt(p, salt), passwd);
 }