MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-02-23 11:32:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Letting password enable auth bypass caPublicKey (only if passauth is … (#20022)

Browse Source
This commit is contained in:
Sveinn 2024-07-01 22:02:01 +00:00 committed by GitHub
parent f7ff19cb18
commit e404abf103
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/sftp-server.go
View File

@ -161,11 +161,13 @@ internalAuth:
return nil, errNoSuchUser
}
if caPublicKey != nil {
if caPublicKey != nil && pass == nil {
err := validateKey(c, key)
if err != nil {
return nil, errAuthentication
}
} else {
// Temporary credentials are not allowed.