K 10
svn:author
V 3
des
K 8
svn:date
V 27
2002-08-02T10:14:18.000000Z
K 7
svn:log
V 454
Fix an inverted test that, instead of checking for a null password, checked
for a null response.  This caused pam_sm_authenticate() to always succeed
if the user's password was null (which in itself isn't so bad, except it
didn't honor the PAM_DISALLOW_NULL_AUTHTOK flag).

Merge some more code from -CURRENT that adds the "nullok" option and checks
both that and the PAM_DISALLOW_NULL_AUTHTOK flag before allowing a user
with a null password to log in.

END