===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth-passwd.c,v
retrieving revision 1.24.2.3
retrieving revision 1.25
diff -u -r1.24.2.3 -r1.25
--- src/usr.bin/ssh/auth-passwd.c	2002/06/26 15:30:37	1.24.2.3
+++ src/usr.bin/ssh/auth-passwd.c	2002/05/06 23:00:59	1.25
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-passwd.c,v 1.24.2.3 2002/06/26 15:30:37 jason Exp $");
+RCSID("$OpenBSD: auth-passwd.c,v 1.25 2002/05/06 23:00:59 mouring Exp $");
 
 #include "packet.h"
 #include "log.h"
@@ -54,13 +54,14 @@
 auth_password(Authctxt *authctxt, const char *password)
 {
 	struct passwd * pw = authctxt->pw;
+	char *encrypted_password;
 
 	/* deny if no user. */
 	if (pw == NULL)
 		return 0;
 	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
 		return 0;
-	if (*password == '\0' && options.permit_empty_passwd == 0)
+	if (*pw->pw_passwd == '\0' && options.permit_empty_passwd == 0)
 		return 0;
 #ifdef KRB5
 	if (options.kerberos_authentication == 1) {
@@ -84,20 +85,14 @@
 		return 0;
 	else
 		return 1;
-#else
+#endif
 	/* Check for users with no password. */
 	if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
 		return 1;
-	else {
-		/* Encrypt the candidate password using the proper salt. */
-		char *encrypted_password = crypt(password,
-		    (pw->pw_passwd[0] && pw->pw_passwd[1]) ?
-		    pw->pw_passwd : "xx");
-		/*
-		 * Authentication is accepted if the encrypted passwords
-		 * are identical.
-		 */
-		return (strcmp(encrypted_password, pw->pw_passwd) == 0);
-	}
-#endif
+	/* Encrypt the candidate password using the proper salt. */
+	encrypted_password = crypt(password,
+	    (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx");
+
+	/* Authentication is accepted if the encrypted passwords are identical. */
+	return (strcmp(encrypted_password, pw->pw_passwd) == 0);
 }