pam_usertype: avoid determining if user exists

Taking a look at the time for the password prompt to appear it was possible to determine if a user existed in a system. Solved it by matching the runtime until the password prompt was shown by always checking the password hash for an existing and a non-existing user. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1629598
author: ikerexxe <ipedrosa@redhat.com> 2020-06-16 14:44:04 +0200
committer: Tomáš Mráz <7125407+t8m@users.noreply.github.com> 2020-06-17 14:36:09 +0200
commit: 0e9b286afe1224b91ff00936058b084ad4b776e4 (patch)
tree: b46db284d1ae7dd93c3f5a902261007af6d82707 /modules
parent: af0faf666c5008e54dfe43684f210e3581ff1bca (diff)
download: pam-0e9b286afe1224b91ff00936058b084ad4b776e4.tar.gz
pam-0e9b286afe1224b91ff00936058b084ad4b776e4.tar.bz2
pam-0e9b286afe1224b91ff00936058b084ad4b776e4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/pam_usertype/pam_usertype.c b/modules/pam_usertype/pam_usertype.c
index 2807c306..d03b73b5 100644
--- a/modules/pam_usertype/pam_usertype.c
+++ b/modules/pam_usertype/pam_usertype.c
@@ -139,8 +139,11 @@ pam_usertype_get_uid(struct pam_usertype_opts *opts,
                        "error retrieving information about user %s", username);
         }
 
+        pam_modutil_getpwnam(pamh, "root");
+
         return PAM_USER_UNKNOWN;
     }
+    pam_modutil_getpwnam(pamh, "pam_usertype_non_existent:");
 
     *_uid = pwd->pw_uid;
author	ikerexxe <ipedrosa@redhat.com>	2020-06-16 14:44:04 +0200
committer	Tomáš Mráz <7125407+t8m@users.noreply.github.com>	2020-06-17 14:36:09 +0200
commit	0e9b286afe1224b91ff00936058b084ad4b776e4 (patch)
tree	b46db284d1ae7dd93c3f5a902261007af6d82707 /modules
parent	af0faf666c5008e54dfe43684f210e3581ff1bca (diff)
download	pam-0e9b286afe1224b91ff00936058b084ad4b776e4.tar.gz pam-0e9b286afe1224b91ff00936058b084ad4b776e4.tar.bz2 pam-0e9b286afe1224b91ff00936058b084ad4b776e4.zip