- (bal) Allow sshd to switch user context without password for Cygwin.

         Patch by Corinna Vinschen <vinschen@redhat.com>

2 files changed, 38 insertions, 13 deletions

diff --git a/ChangeLog b/ChangeLog
index 640aaa4ad..19286c6bb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,8 @@
      keep track of both maxfd and the size of the malloc'ed fdsets.
      update maxfd if maxfd gets closed.
  - (bal) Cleaned up trailing spaces in ChangeLog.
+ - (bal) Allow sshd to switch user context without password for Cygwin.
+         Patch by Corinna Vinschen <vinschen@redhat.com>
 
 20010715
  - (bal) Set "BROKEN_GETADDRINFO" for darwin platform.  Reported by
@@ -6059,4 +6061,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1410 2001/07/18 16:05:50 mouring Exp $
+$Id: ChangeLog,v 1.1411 2001/07/18 16:19:48 mouring Exp $
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 36f13e3f0..87f36c0cb 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -15,16 +15,20 @@
 
 #include "includes.h"
 
-RCSID("$Id: bsd-cygwin_util.c,v 1.4 2001/04/13 14:28:42 djm Exp $");
+RCSID("$Id: bsd-cygwin_util.c,v 1.5 2001/07/18 16:19:49 mouring Exp $");
 
 #ifdef HAVE_CYGWIN
 
 #include <fcntl.h>
 #include <stdlib.h>
+#include <sys/utsname.h>
 #include <sys/vfs.h>
 #include <windows.h>
 #define is_winnt       (GetVersion() < 0x80000000)
 
+#define ntsec_on(c)     ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
+#define ntea_on(c)      ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
+
 #if defined(open) && open == binary_open
 # undef open
 #endif
@@ -61,12 +65,34 @@ int check_nt_auth(int pwd_authenticated, uid_t uid)
         * context on NT systems is the password authentication. So
         * we deny all requsts for changing the user context if another
         * authentication method is used.
-        * This may change in future when a special openssh
-        * subauthentication package is available.
+        *
+        * This doesn't apply to Cygwin versions >= 1.3.2 anymore which
+        * uses the undocumented NtCreateToken() call to create a user
+        * token if the process has the appropriate privileges and if
+        * CYGWIN ntsec setting is on.
         */
-        if (is_winnt && !pwd_authenticated && geteuid() != uid)
-                return 0;
-        
+        static int has_create_token = -1;
+
+        if (is_winnt) {
+                if (has_create_token < 0) {
+                        struct utsname uts;
+                        int major_high = 0, major_low = 0, minor = 0;
+                        char *cygwin = getenv("CYGWIN");
+
+                        has_create_token = 0;
+                        if (ntsec_on(cygwin) && !uname(&uts)) {
+                                sscanf(uts.release, "%d.%d.%d",
+                                       &major_high, &major_low, &minor);
+                                if (major_high > 1 ||
+                                    (major_high == 1 && (major_low > 3 ||
+                                     (major_low == 3 && minor >= 2))))
+                                        has_create_token = 1;
+                        }
+                }
+                if (has_create_token < 1 &&
+                    !pwd_authenticated && geteuid() != uid)
+                        return 0;
+        }
         return 1;
 }
 
@@ -82,12 +108,9 @@ int check_ntsec(const char *filename)
                 return 0;
 
         /* Evaluate current CYGWIN settings. */
-        if ((cygwin = getenv("CYGWIN")) != NULL) {
-                if (strstr(cygwin, "ntea") && !strstr(cygwin, "nontea"))
-                        allow_ntea = 1;
-                if (strstr(cygwin, "ntsec") && !strstr(cygwin, "nontsec"))
-                        allow_ntsec = 1;
-        }
+        cygwin = getenv("CYGWIN");
+        allow_ntea = ntea_on(cygwin);
+        allow_ntsec = ntsec_on(cygwin);
 
         /*
          * `ntea' is an emulation of POSIX attributes. It doesn't support