Hi all!
I tried to send the following directly to shadow mailing list but their
server told me "Your server has been used for a lot of spam email. As
such, it has been blacklisted" so I send this to you.
I use shadow-4.0.15 and I seem to detect a bug.
HOW TO REPRODUCE:
1. Compile with PAM, install :)
2. Add the following line to /etc/login.defs to have 3 tries to log in
LOGIN_RETRIES=3
3.Try to log in (using the "login" program) with a _wrong_ password
i.e. enter you username as a username and something random as a
password.
4. "Login" will tell you "Login incorrect" (as expected). Now you have
only 2 tries to log in.
5. Repeat the steps 3, 4 once again. Now you have only 1 try to log in.
6. Use the last try to really log in. Enter your username and a
_correct_ password.
7. "Login" will say "Maximum number of tries exceeded (3)" and terminate
though it should open a new session since the login/password you gave
were correct. I think that's bug.
So, if one enters a correct login/password at the _last_ try, "login"
denies not paying attention at the password _correctness_.
The attached patch fixes the problem.
If you have any questions concerning reproducing the bug (for
example, /etc/pam.d/login file, or exact configure options), ask me
please.
P.S. The problem is _known_ to exist only in 4.0.15 because I didn't use
4.0.16. Besides, 4.0.14 had the similar problem but with
the /etc/login.defs and the steps described above you'll have 4 (four)
tries to enter a login/password, the last try being unimportant. That's
you have to enter a login/password for the fourth time but you'll be
refused even if having entered the correct values.
Should I send this to [EMAIL PROTECTED]
--
Nothing but perfection
pv
diff -ur shadow-4.0.15.orig/src/login.c shadow-4.0.15/src/login.c
--- shadow-4.0.15.orig/src/login.c 2006-03-07 18:50:33.000000000 +0300
+++ shadow-4.0.15/src/login.c 2006-07-03 18:00:32.000000000 +0400
@@ -662,7 +662,9 @@
failent_user = "UNKNOWN";
}
- if (retcode == PAM_MAXTRIES || failcount >= retries) {
+ if (retcode == PAM_MAXTRIES
+ || retcode != PAM_SUCCESS && failcount >= retries)
+ {
SYSLOG ((LOG_NOTICE,
"TOO MANY LOGIN TRIES (%d)%s FOR `%s'",
failcount, fromhost, failent_user));
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
