Dag-Erling Smørgrav 4520e72ebf key_load_private() ignores the passphrase argument if the private key ... is unencrypted. This defeats the nullok check, because it means a non-null passphrase will successfully unlock the key. To address this, try at first to load the key without a passphrase. If this succeeds and the user provided a non-empty passphrase *or* nullok is false, reject the key. MFC after: 1 week Noticed by: Guy Helmer <guy.helmer@palisadesystems.com>		2011-11-20 15:18:49 +00:00
..
Makefile
pam_ssh.8
pam_ssh.c	key_load_private() ignores the passphrase argument if the private key	2011-11-20 15:18:49 +00:00