tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow 

change of user context without a password, so relax auth method
   restrictions; from vinschen AT redhat.com; ok dtucker@
This commit is contained in:
Damien Miller 2004-04-18 21:15:43 +10:00
parent 7f64afdc09
commit 2eb4236d86
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,6 +1,9 @@
20040418 20040418
- (dtucker) [auth-pam.c] Log username and source host for failed PAM - (dtucker) [auth-pam.c] Log username and source host for failed PAM
authentication attempts. With & ok djm@ authentication attempts. With & ok djm@
- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
change of user context without a password, so relax auth method
restrictions; from vinschen AT redhat.com; ok dtucker@
20040416 20040416
- (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
@ -979,4 +982,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3315 2004/04/18 01:00:26 dtucker Exp $ $Id: ChangeLog,v 1.3316 2004/04/18 11:15:43 djm Exp $

12
openbsd-compat/bsd-cygwin_util.c
View File

@ -29,7 +29,7 @@
#include "includes.h" #include "includes.h"
RCSID("$Id: bsd-cygwin_util.c,v 1.11 2003/08/07 06:23:43 dtucker Exp $"); RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $");
#ifdef HAVE_CYGWIN #ifdef HAVE_CYGWIN
@ -77,6 +77,7 @@ binary_pipe(int fd[2])
#define HAS_CREATE_TOKEN 1 #define HAS_CREATE_TOKEN 1
#define HAS_NTSEC_BY_DEFAULT 2 #define HAS_NTSEC_BY_DEFAULT 2
#define HAS_CREATE_TOKEN_WO_NTSEC 3
static int static int
has_capability(int what) has_capability(int what)
@ -84,6 +85,7 @@ has_capability(int what)
static int inited; static int inited;
static int has_create_token; static int has_create_token;
static int has_ntsec_by_default; static int has_ntsec_by_default;
static int has_create_token_wo_ntsec;
/* /*
* has_capability() basically calls uname() and checks if * has_capability() basically calls uname() and checks if
@ -113,6 +115,9 @@ has_capability(int what)
has_create_token = 1; has_create_token = 1;
if (api_major_version > 0 || api_minor_version >= 56) if (api_major_version > 0 || api_minor_version >= 56)
has_ntsec_by_default = 1; has_ntsec_by_default = 1;
if (major_high > 1 ||
(major_high == 1 && major_low >= 5))
has_create_token_wo_ntsec = 1;
inited = 1; inited = 1;
} }
} }
@ -121,6 +126,8 @@ has_capability(int what)
return (has_create_token); return (has_create_token);
case HAS_NTSEC_BY_DEFAULT: case HAS_NTSEC_BY_DEFAULT:
return (has_ntsec_by_default); return (has_ntsec_by_default);
case HAS_CREATE_TOKEN_WO_NTSEC:
return (has_create_token_wo_ntsec);
} }
return (0); return (0);
} }
@ -151,7 +158,8 @@ check_nt_auth(int pwd_authenticated, struct passwd *pw)
if (has_capability(HAS_CREATE_TOKEN) && if (has_capability(HAS_CREATE_TOKEN) &&
(ntsec_on(cygwin) || (ntsec_on(cygwin) ||
(has_capability(HAS_NTSEC_BY_DEFAULT) && (has_capability(HAS_NTSEC_BY_DEFAULT) &&
!ntsec_off(cygwin)))) !ntsec_off(cygwin)) ||
has_capability(HAS_CREATE_TOKEN_WO_NTSEC)))
has_create_token = 1; has_create_token = 1;
} }
if (has_create_token < 1 && if (has_create_token < 1 &&