- Fix password support on systems with a mixture of shadowed and

non-shadowed passwords (e.g. NIS). Report and fix from
   HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>

ChangeLog

@@ -1,13 +1,22 @@
+19991231
+ - Fix password support on systems with a mixture of shadowed and 
+   non-shadowed passwords (e.g. NIS). Report and fix from 
+   HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
+
 19991230
  - OpenBSD CVS updates:
    - [auth-passwd.c]
      check for NULL 1st
  - Removed most of the pam code into its own file auth-pam.[ch]. This 
    cleaned up sshd.c up significantly.
+ - PAM authentication was incorrectly interpreting 
+   "PermitRootLogin without-password". Report from Matthias Andree
+   <ma@dt.e-technik.uni-dortmund.de
  - Several other cleanups
  - Merged Dante SOCKS support patch from David Rankin
   <drankin@bohemians.lexington.ky.us>
  - Updated documentation with ./configure options
+ - Released 1.2.1pre23
 
 19991229
  - Applied another NetBSD portability patch from David Rankin 

auth-passwd.c

@@ -11,7 +11,7 @@
 
 #ifndef USE_PAM
 
-RCSID("$Id: auth-passwd.c,v 1.13 1999/12/29 22:48:15 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.14 1999/12/30 21:49:13 damien Exp $");
 
 #include "packet.h"
 #include "ssh.h"
@@ -76,14 +76,14 @@ auth_password(struct passwd * pw, const char *password)
 
 #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
 	spw = getspnam(pw->pw_name);
-	if (spw == NULL) 
-		return(0);
+	if (spw != NULL) 
+	{
+		/* Check for users with no password. */
+		if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
+			return 1;
 
-	/* Check for users with no password. */
-	if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
-		return 1;
-
-	pw_password = spw->sp_pwdp;
+		pw_password = spw->sp_pwdp;
+	}
 #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
 
 	if (pw_password[0] != '\0')