$OpenBSD: patch-etc_uams_uams_dhx_passwd_c,v 1.1 2016/07/05 14:32:12 sthen Exp $
--- etc/uams/uams_dhx_passwd.c.orig	Thu Dec 11 12:27:44 2014
+++ etc/uams/uams_dhx_passwd.c	Tue Jul  5 15:27:45 2016
@@ -342,12 +342,19 @@ static int passwd_logincont(void *obj, struct passwd *
         return AFP_OK;
     }
 #else /* TRU64 */
+    if ((dhxpwd = getpwnam_shadow(dhxpwd->pw_name)) == NULL) {
+        LOG(log_info, logtype_uams,
+          "could not get shadow passwd for %s", dhxpwd->pw_name);
+	return (AFPERR_NOTAUTH);
+    }
+
     p = crypt( rbuf, dhxpwd->pw_passwd );
     memset(rbuf, 0, PASSWDLEN);
-    if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) {
+    if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) {
       *uam_pwd = dhxpwd;
       err = AFP_OK;
     }
+    memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd));
 #ifdef SHADOWPW
     if (( sp = getspnam( dhxpwd->pw_name )) == NULL ) {
 	LOG(log_info, logtype_uams, "no shadow passwd entry for %s", dhxpwd->pw_name);
