On Fri, Sep 30, 2005 at 02:38:29PM -0700, Max Alekseyev wrote: > Steve Langasek wrote:
> >>I still see the problem for users with empty passwords. > >>So for non-empty passwords everything works fine as with ver. 0.76 > >>But users with empty passwords, vsftp reports "530 Login incorrect." > >>even though in auth.log I see > >>"pam_userdb[21267]: user 'xxx' granted acces" > >>Needless to say, ver. 076 works fine in both cases. > >Hmm, I can't find this bug in the pam_userdb code: there haven't been any > >changes to the code which does the retrieval/comparison of passwords from > >the database. Would you mind trying to apply the same patch to pam 0.79-1 > >instead of 0.79-2, to see whether this is a libdb3 vs. libdb4.2 issue? > Patched 0.79-1 does not work either. So it is not libdb4.2 issue. Ok. Can you tell me how to *create* a pam_userdb account with an empty password? My attempts with create.pl don't work even with 0.76 (after using db4.2_dump | db3_load to get something that 0.76 will actually read, that is...). As far as I can see, this code really is identical, and the only way 0.76 would have allowed empty passwords where 0.79 does not would be if libdb3 behaved differently when returning empty records in the db. In the meantime, I'm going to go ahead and get the segfaults fixed so that the module is minimally useful to people. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
