tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-23 22:15:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

sshd fixed to now take domain\user format for domain user login

Browse Source 
domain\user form now works. user@domain format already worked but now
fixd to allow local machine name as the domain name also. So all these
formats now work:
For a domain acct: user OR domain\user  OR user@domain
For a local acct:  user OR localmachinename\user OR
user@localmachinename
Note: public key logon still only works for a local user acct and the
localmachinename must not be given and only the username specified for
public key logon to work.
This commit is contained in:
quamrulmina 2016-02-27 23:03:57 -06:00
parent b1fb747716
commit 74f2c00457
1 changed files with 63 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
auth-passwd.c
View File

@ -223,8 +223,65 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
/* /*
* Identify domain or local login. * Identify domain or local login.
*/ */
domain_UTF16 = strchr(authctxt -> user, '@') ? NULL : L"."; char *username = authctxt->user;
char *domainslash = strchr(authctxt->user, '\\');
if (domainslash) {
// domain\username format
char *domainname = authctxt->user;
*domainslash = '\0';
username = ++domainslash; // username is past the domain \ is the username
// Convert domainname from UTF-8 to UTF-16
buffer_size = MultiByteToWideChar(CP_UTF8, 0, domainname, -1, NULL, 0);
if (buffer_size > 0)
{
domain_UTF16 = xmalloc(4 * buffer_size);
}
else
{
return 0;
}
if (0 == MultiByteToWideChar(CP_UTF8, 0, domainname,
-1, domain_UTF16, buffer_size))
{
free(domain_UTF16);
return 0;
}
}
else if (domainslash = strchr(authctxt->user, '@')) {
// username@domain format
username = authctxt->user;
*domainslash = '\0';
char *domainname = ++domainslash; // domainname is past the user@
// Convert domainname from UTF-8 to UTF-16
buffer_size = MultiByteToWideChar(CP_UTF8, 0, domainname, -1, NULL, 0);
if (buffer_size > 0)
{
domain_UTF16 = xmalloc(4 * buffer_size);
}
else
{
return 0;
}
if (0 == MultiByteToWideChar(CP_UTF8, 0, domainname,
-1, domain_UTF16, buffer_size))
{
free(domain_UTF16);
return 0;
}
}
else {
domain_UTF16 = strchr(authctxt->user, '@') ? NULL : L".";
}
authctxt -> methoddata = hToken; authctxt -> methoddata = hToken;
@ -237,7 +294,7 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
* Convert username from UTF-8 to UTF-16 * Convert username from UTF-8 to UTF-16
*/ */
buffer_size = MultiByteToWideChar(CP_UTF8, 0, authctxt -> user, -1, NULL, 0); buffer_size = MultiByteToWideChar(CP_UTF8, 0, username, -1, NULL, 0);
if (buffer_size > 0) if (buffer_size > 0)
{ {
@ -248,7 +305,7 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
return 0; return 0;
} }
if (0 == MultiByteToWideChar(CP_UTF8, 0, authctxt -> user, if (0 == MultiByteToWideChar(CP_UTF8, 0, username,
-1, user_UTF16, buffer_size)) -1, user_UTF16, buffer_size))
{ {
free(user_UTF16); free(user_UTF16);
@ -296,7 +353,7 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
HANDLE weakToken = INVALID_HANDLE_VALUE; HANDLE weakToken = INVALID_HANDLE_VALUE;
debug3("Netork login attemp [%s][%ls]...", debug3("Netork login attemp [%s][%ls]...",
authctxt -> user, domain_UTF16); username, domain_UTF16);
worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16, worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16,
LOGON32_LOGON_NETWORK, LOGON32_LOGON_NETWORK,
@ -314,6 +371,7 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
free(user_UTF16); free(user_UTF16);
free(password_UTF16); free(password_UTF16);
if (domainslash) free(domain_UTF16);
/* /*
* If login still fails, go out. * If login still fails, go out.