summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-06-09 01:40:00 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-06-09 01:40:00 +0000
commit9d0c06667eb4ca616ffa690e88b9dd7c438e3103 (patch)
tree640548fec4f56158a0cfc6b3d3f58eabdc73eeed
parent5acb5d03edecae6ecbd062b9da9f7f4fde382287 (diff)
- markus@cvs.openbsd.org 2001/06/07 19:57:53
[auth2.c] style is used for bsdauth. disconnect on user/service change (ietf-drafts)
-rw-r--r--ChangeLog6
-rw-r--r--auth2.c16
2 files changed, 12 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index a7d071eee..a00010ee0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -62,6 +62,10 @@
62 - markus@cvs.openbsd.org 2001/06/06 23:19:35 62 - markus@cvs.openbsd.org 2001/06/06 23:19:35
63 [ssh-add.c] 63 [ssh-add.c]
64 remove debug message; Darren.Moffat@eng.sun.com 64 remove debug message; Darren.Moffat@eng.sun.com
65 - markus@cvs.openbsd.org 2001/06/07 19:57:53
66 [auth2.c]
67 style is used for bsdauth.
68 disconnect on user/service change (ietf-drafts)
65 69
6620010606 7020010606
67 - OpenBSD CVS Sync 71 - OpenBSD CVS Sync
@@ -5573,4 +5577,4 @@
5573 - Wrote replacements for strlcpy and mkdtemp 5577 - Wrote replacements for strlcpy and mkdtemp
5574 - Released 1.0pre1 5578 - Released 1.0pre1
5575 5579
5576$Id: ChangeLog,v 1.1265 2001/06/09 01:38:24 mouring Exp $ 5580$Id: ChangeLog,v 1.1266 2001/06/09 01:40:00 mouring Exp $
diff --git a/auth2.c b/auth2.c
index 0b4df9cda..554ca4c10 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth2.c,v 1.61 2001/05/31 10:30:12 markus Exp $"); 26RCSID("$OpenBSD: auth2.c,v 1.62 2001/06/07 19:57:53 markus Exp $");
27 27
28#include <openssl/evp.h> 28#include <openssl/evp.h>
29 29
@@ -219,14 +219,12 @@ input_userauth_request(int type, int plen, void *ctxt)
219 setproctitle("%s", pw ? user : "unknown"); 219 setproctitle("%s", pw ? user : "unknown");
220 authctxt->user = xstrdup(user); 220 authctxt->user = xstrdup(user);
221 authctxt->service = xstrdup(service); 221 authctxt->service = xstrdup(service);
222 authctxt->style = style ? xstrdup(style) : NULL; /* currently unused */ 222 authctxt->style = style ? xstrdup(style) : NULL;
223 } else if (authctxt->valid) { 223 } else if (strcmp(user, authctxt->user) != 0 ||
224 if (strcmp(user, authctxt->user) != 0 || 224 strcmp(service, authctxt->service) != 0) {
225 strcmp(service, authctxt->service) != 0) { 225 packet_disconnect("Change of username or service not allowed: "
226 log("input_userauth_request: mismatch: (%s,%s)!=(%s,%s)", 226 "(%s,%s) -> (%s,%s)",
227 user, service, authctxt->user, authctxt->service); 227 authctxt->user, authctxt->service, user, service);
228 authctxt->valid = 0;
229 }
230 } 228 }
231 /* reset state */ 229 /* reset state */
232 dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error); 230 dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error);