- markus@cvs.openbsd.org 2001/06/07 19:57:53

[auth2.c] style is used for bsdauth. disconnect on user/service change (ietf-drafts)
2001-06-09 01:40:00 +00:00 · 2001-06-09 01:40:00 +00:00 · 9d0c06667e
parent 5acb5d03ed
commit 9d0c06667e
2 changed files with 12 additions and 10 deletions
--- a/6
+++ b/6
@ -62,6 +62,10 @@
   - markus@cvs.openbsd.org 2001/06/06 23:19:35
     [ssh-add.c]
     remove debug message; Darren.Moffat@eng.sun.com
   - markus@cvs.openbsd.org 2001/06/07 19:57:53
     [auth2.c]
     style is used for bsdauth.
     disconnect on user/service change (ietf-drafts)
 20010606
 - OpenBSD CVS Sync
@ -5573,4 +5577,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1265 2001/06/09 01:38:24 mouring Exp $
+$Id: ChangeLog,v 1.1266 2001/06/09 01:40:00 mouring Exp $
--- a/auth2.c
+++ b/auth2.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.61 2001/05/31 10:30:12 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.62 2001/06/07 19:57:53 markus Exp $");
 #include <openssl/evp.h>
@ -219,14 +219,12 @@ input_userauth_request(int type, int plen, void *ctxt)
 		setproctitle("%s", pw ? user : "unknown");
 		authctxt->user = xstrdup(user);
 		authctxt->service = xstrdup(service);
-		authctxt->style = style ? xstrdup(style) : NULL; /* currently unused */
+		authctxt->style = style ? xstrdup(style) : NULL;
-	} else if (authctxt->valid) {
+	} else if (strcmp(user, authctxt->user) != 0 ||
 		if (strcmp(user, authctxt->user) != 0 ||
 	    strcmp(service, authctxt->service) != 0) {
-			log("input_userauth_request: mismatch: (%s,%s)!=(%s,%s)",
+		packet_disconnect("Change of username or service not allowed: "
-			    user, service, authctxt->user, authctxt->service);
+		    "(%s,%s) -> (%s,%s)",
-			authctxt->valid = 0;
+		    authctxt->user, authctxt->service, user, service);
 		}
 	}
 	/* reset state */
 	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error);