summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--openbsd-compat/bsd-cygwin_util.c12
2 files changed, 14 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index f34b6b381..fab3f923e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,9 @@
120040418 120040418
2 - (dtucker) [auth-pam.c] Log username and source host for failed PAM 2 - (dtucker) [auth-pam.c] Log username and source host for failed PAM
3 authentication attempts. With & ok djm@ 3 authentication attempts. With & ok djm@
4 - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
5 change of user context without a password, so relax auth method
6 restrictions; from vinschen AT redhat.com; ok dtucker@
4 7
520040416 820040416
6 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since 9 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
@@ -979,4 +982,4 @@
979 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 982 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
980 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 983 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
981 984
982$Id: ChangeLog,v 1.3315 2004/04/18 01:00:26 dtucker Exp $ 985$Id: ChangeLog,v 1.3316 2004/04/18 11:15:43 djm Exp $
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index a87cf3c97..92cdba6e0 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -29,7 +29,7 @@
29 29
30#include "includes.h" 30#include "includes.h"
31 31
32RCSID("$Id: bsd-cygwin_util.c,v 1.11 2003/08/07 06:23:43 dtucker Exp $"); 32RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $");
33 33
34#ifdef HAVE_CYGWIN 34#ifdef HAVE_CYGWIN
35 35
@@ -77,6 +77,7 @@ binary_pipe(int fd[2])
77 77
78#define HAS_CREATE_TOKEN 1 78#define HAS_CREATE_TOKEN 1
79#define HAS_NTSEC_BY_DEFAULT 2 79#define HAS_NTSEC_BY_DEFAULT 2
80#define HAS_CREATE_TOKEN_WO_NTSEC 3
80 81
81static int 82static int
82has_capability(int what) 83has_capability(int what)
@@ -84,6 +85,7 @@ has_capability(int what)
84 static int inited; 85 static int inited;
85 static int has_create_token; 86 static int has_create_token;
86 static int has_ntsec_by_default; 87 static int has_ntsec_by_default;
88 static int has_create_token_wo_ntsec;
87 89
88 /* 90 /*
89 * has_capability() basically calls uname() and checks if 91 * has_capability() basically calls uname() and checks if
@@ -113,6 +115,9 @@ has_capability(int what)
113 has_create_token = 1; 115 has_create_token = 1;
114 if (api_major_version > 0 || api_minor_version >= 56) 116 if (api_major_version > 0 || api_minor_version >= 56)
115 has_ntsec_by_default = 1; 117 has_ntsec_by_default = 1;
118 if (major_high > 1 ||
119 (major_high == 1 && major_low >= 5))
120 has_create_token_wo_ntsec = 1;
116 inited = 1; 121 inited = 1;
117 } 122 }
118 } 123 }
@@ -121,6 +126,8 @@ has_capability(int what)
121 return (has_create_token); 126 return (has_create_token);
122 case HAS_NTSEC_BY_DEFAULT: 127 case HAS_NTSEC_BY_DEFAULT:
123 return (has_ntsec_by_default); 128 return (has_ntsec_by_default);
129 case HAS_CREATE_TOKEN_WO_NTSEC:
130 return (has_create_token_wo_ntsec);
124 } 131 }
125 return (0); 132 return (0);
126} 133}
@@ -151,7 +158,8 @@ check_nt_auth(int pwd_authenticated, struct passwd *pw)
151 if (has_capability(HAS_CREATE_TOKEN) && 158 if (has_capability(HAS_CREATE_TOKEN) &&
152 (ntsec_on(cygwin) || 159 (ntsec_on(cygwin) ||
153 (has_capability(HAS_NTSEC_BY_DEFAULT) && 160 (has_capability(HAS_NTSEC_BY_DEFAULT) &&
154 !ntsec_off(cygwin)))) 161 !ntsec_off(cygwin)) ||
162 has_capability(HAS_CREATE_TOKEN_WO_NTSEC)))
155 has_create_token = 1; 163 has_create_token = 1;
156 } 164 }
157 if (has_create_token < 1 && 165 if (has_create_token < 1 &&