diff options
| author | Damien Miller <djm@mindrot.org> | 2004-04-18 21:15:43 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2004-04-18 21:15:43 +1000 |
| commit | 2eb4236d86c657dadd2dc782efd5c0857a673c4f (patch) | |
| tree | a8d738823ca99c810ee4201f99112128922e49cb | |
| parent | 7f64afdc092e7c4a69772be968618cf29cf5de3f (diff) | |
- (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
change of user context without a password, so relax auth method
restrictions; from vinschen AT redhat.com; ok dtucker@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | openbsd-compat/bsd-cygwin_util.c | 12 |
2 files changed, 14 insertions, 3 deletions
@@ -1,6 +1,9 @@ 20040418 - (dtucker) [auth-pam.c] Log username and source host for failed PAM authentication attempts. With & ok djm@ + - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow + change of user context without a password, so relax auth method + restrictions; from vinschen AT redhat.com; ok dtucker@ 20040416 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since @@ -979,4 +982,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3315 2004/04/18 01:00:26 dtucker Exp $ +$Id: ChangeLog,v 1.3316 2004/04/18 11:15:43 djm Exp $ diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index a87cf3c9..92cdba6e 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c @@ -29,7 +29,7 @@ #include "includes.h" -RCSID("$Id: bsd-cygwin_util.c,v 1.11 2003/08/07 06:23:43 dtucker Exp $"); +RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $"); #ifdef HAVE_CYGWIN @@ -77,6 +77,7 @@ binary_pipe(int fd[2]) #define HAS_CREATE_TOKEN 1 #define HAS_NTSEC_BY_DEFAULT 2 +#define HAS_CREATE_TOKEN_WO_NTSEC 3 static int has_capability(int what) @@ -84,6 +85,7 @@ has_capability(int what) static int inited; static int has_create_token; static int has_ntsec_by_default; + static int has_create_token_wo_ntsec; /* * has_capability() basically calls uname() and checks if @@ -113,6 +115,9 @@ has_capability(int what) has_create_token = 1; if (api_major_version > 0 || api_minor_version >= 56) has_ntsec_by_default = 1; + if (major_high > 1 || + (major_high == 1 && major_low >= 5)) + has_create_token_wo_ntsec = 1; inited = 1; } } @@ -121,6 +126,8 @@ has_capability(int what) return (has_create_token); case HAS_NTSEC_BY_DEFAULT: return (has_ntsec_by_default); + case HAS_CREATE_TOKEN_WO_NTSEC: + return (has_create_token_wo_ntsec); } return (0); } @@ -151,7 +158,8 @@ check_nt_auth(int pwd_authenticated, struct passwd *pw) if (has_capability(HAS_CREATE_TOKEN) && (ntsec_on(cygwin) || (has_capability(HAS_NTSEC_BY_DEFAULT) && - !ntsec_off(cygwin)))) + !ntsec_off(cygwin)) || + has_capability(HAS_CREATE_TOKEN_WO_NTSEC))) has_create_token = 1; } if (has_create_token < 1 && |