summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog7
-rw-r--r--auth.c13
2 files changed, 20 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 760fff736..06f519868 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
120100228
2 - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
3 case from that matched in the system password database. On this
4 platform, passwords are stored case-insensitively, but sshd requires
5 exact case matching for Match blocks in sshd_config(5). Based on
6 a patch from vinschen AT redhat.com.
7
120100227 820100227
2 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded 9 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
3 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment 10 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
diff --git a/auth.c b/auth.c
index 3005f815e..ab9c69fb8 100644
--- a/auth.c
+++ b/auth.c
@@ -535,6 +535,19 @@ getpwnamallow(const char *user)
535 get_canonical_hostname(options.use_dns), get_remote_ipaddr()); 535 get_canonical_hostname(options.use_dns), get_remote_ipaddr());
536 536
537 pw = getpwnam(user); 537 pw = getpwnam(user);
538#ifdef HAVE_CYGWIN
539 /*
540 * Windows usernames are case-insensitive. To avoid later problems
541 * when trying to match the username, the user is only allowed to
542 * login if the username is given in the same case as stored in the
543 * user database.
544 */
545 if (pw != NULL && strcmp(user, pw->pw_name) != 0) {
546 logit("Login name %.100s does not match stored username %.100s",
547 user, pw->pw_name);
548 pw = NULL;
549 }
550#endif
538 if (pw == NULL) { 551 if (pw == NULL) {
539 logit("Invalid user %.100s from %.100s", 552 logit("Invalid user %.100s from %.100s",
540 user, get_remote_ipaddr()); 553 user, get_remote_ipaddr());