diff options
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | auth.c | 13 |
2 files changed, 20 insertions, 0 deletions
@@ -1,3 +1,10 @@ | |||
1 | 20100228 | ||
2 | - (djm) [auth.c] On Cygwin, refuse usernames that have differences in | ||
3 | case from that matched in the system password database. On this | ||
4 | platform, passwords are stored case-insensitively, but sshd requires | ||
5 | exact case matching for Match blocks in sshd_config(5). Based on | ||
6 | a patch from vinschen AT redhat.com. | ||
7 | |||
1 | 20100227 | 8 | 20100227 |
2 | - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded | 9 | - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded |
3 | - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment | 10 | - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment |
@@ -535,6 +535,19 @@ getpwnamallow(const char *user) | |||
535 | get_canonical_hostname(options.use_dns), get_remote_ipaddr()); | 535 | get_canonical_hostname(options.use_dns), get_remote_ipaddr()); |
536 | 536 | ||
537 | pw = getpwnam(user); | 537 | pw = getpwnam(user); |
538 | #ifdef HAVE_CYGWIN | ||
539 | /* | ||
540 | * Windows usernames are case-insensitive. To avoid later problems | ||
541 | * when trying to match the username, the user is only allowed to | ||
542 | * login if the username is given in the same case as stored in the | ||
543 | * user database. | ||
544 | */ | ||
545 | if (pw != NULL && strcmp(user, pw->pw_name) != 0) { | ||
546 | logit("Login name %.100s does not match stored username %.100s", | ||
547 | user, pw->pw_name); | ||
548 | pw = NULL; | ||
549 | } | ||
550 | #endif | ||
538 | if (pw == NULL) { | 551 | if (pw == NULL) { |
539 | logit("Invalid user %.100s from %.100s", | 552 | logit("Invalid user %.100s from %.100s", |
540 | user, get_remote_ipaddr()); | 553 | user, get_remote_ipaddr()); |