diff options
author | Damien Miller <djm@mindrot.org> | 2000-09-05 16:13:06 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-09-05 16:13:06 +1100 |
commit | bac2d8aa5e642a70045e713853b13d020b9c5d57 (patch) | |
tree | 98ddc81efce2273b3dfaff03b51242c988d30abf /auth1.c | |
parent | 676092fad0b6edca8f1fe731d7c3a000465a9bef (diff) |
- (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -23,6 +23,11 @@ RCSID("$OpenBSD: auth1.c,v 1.3 2000/08/20 18:42:40 millert Exp $"); | |||
23 | # include <siad.h> | 23 | # include <siad.h> |
24 | #endif | 24 | #endif |
25 | 25 | ||
26 | #ifdef HAVE_CYGWIN | ||
27 | #include <windows.h> | ||
28 | #define is_winnt (GetVersion() < 0x80000000) | ||
29 | #endif | ||
30 | |||
26 | /* import */ | 31 | /* import */ |
27 | extern ServerOptions options; | 32 | extern ServerOptions options; |
28 | extern char *forced_command; | 33 | extern char *forced_command; |
@@ -371,6 +376,23 @@ do_authloop(struct passwd * pw) | |||
371 | break; | 376 | break; |
372 | } | 377 | } |
373 | 378 | ||
379 | #ifdef HAVE_CYGWIN | ||
380 | /* | ||
381 | * The only authentication which is able to change the user | ||
382 | * context on NT systems is the password authentication. So | ||
383 | * we deny all requsts for changing the user context if another | ||
384 | * authentication method is used. | ||
385 | * This may change in future when a special openssh | ||
386 | * subauthentication package is available. | ||
387 | */ | ||
388 | if (is_winnt && type != SSH_CMSG_AUTH_PASSWORD && | ||
389 | authenticated && geteuid() != pw->pw_uid) { | ||
390 | packet_disconnect("Authentication rejected for uid %d.", | ||
391 | (int) pw->pw_uid); | ||
392 | authenticated = 0; | ||
393 | } | ||
394 | #endif | ||
395 | |||
374 | /* | 396 | /* |
375 | * Check if the user is logging in as root and root logins | 397 | * Check if the user is logging in as root and root logins |
376 | * are disallowed. | 398 | * are disallowed. |
@@ -491,12 +513,15 @@ do_authentication() | |||
491 | start_pam(pw); | 513 | start_pam(pw); |
492 | #endif | 514 | #endif |
493 | 515 | ||
516 | #ifndef HAVE_CYGWIN | ||
494 | /* | 517 | /* |
495 | * If we are not running as root, the user must have the same uid as | 518 | * If we are not running as root, the user must have the same uid as |
496 | * the server. | 519 | * the server. |
520 | * Rule not valid on Windows systems. | ||
497 | */ | 521 | */ |
498 | if (getuid() != 0 && pw->pw_uid != getuid()) | 522 | if (getuid() != 0 && pw->pw_uid != getuid()) |
499 | packet_disconnect("Cannot change user when server not running as root."); | 523 | packet_disconnect("Cannot change user when server not running as root."); |
524 | #endif | ||
500 | 525 | ||
501 | debug("Attempting authentication for %.100s.", pw->pw_name); | 526 | debug("Attempting authentication for %.100s.", pw->pw_name); |
502 | 527 | ||