- (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
<vinschen@redhat.com> Could be abused to guess valid usernames
diff --git a/ChangeLog b/ChangeLog
index bcacfc5..3b78b88 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20011229
+ - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
+ <vinschen@redhat.com> Could be abused to guess valid usernames
+
20011228
- (djm) Remove recommendation to use GNU make, we should support most
make programs.
@@ -7108,4 +7112,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1709 2001/12/27 22:57:33 djm Exp $
+$Id: ChangeLog,v 1.1710 2001/12/29 03:08:28 djm Exp $
diff --git a/auth1.c b/auth1.c
index d7e80c2..3aac26f 100644
--- a/auth1.c
+++ b/auth1.c
@@ -313,9 +313,9 @@
#ifdef HAVE_CYGWIN
if (authenticated &&
- !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) {
+ !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
packet_disconnect("Authentication rejected for uid %d.",
- (int)pw->pw_uid);
+ pw == NULL ? -1 : pw->pw_uid);
authenticated = 0;
}
#else
diff --git a/auth2.c b/auth2.c
index b564a8f..2b23651 100644
--- a/auth2.c
+++ b/auth2.c
@@ -335,7 +335,7 @@
return(0);
#ifdef HAVE_CYGWIN
- if (check_nt_auth(1, authctxt->pw->pw_uid) == 0)
+ if (check_nt_auth(1, authctxt->pw) == 0)
return(0);
#endif
#ifdef USE_PAM
@@ -361,7 +361,7 @@
packet_done();
if (authctxt->valid &&
#ifdef HAVE_CYGWIN
- check_nt_auth(1, authctxt->pw->pw_uid) &&
+ check_nt_auth(1, authctxt->pw) &&
#endif
#ifdef USE_PAM
auth_pam_password(authctxt->pw, password) == 1)
@@ -398,7 +398,7 @@
xfree(devs);
xfree(lang);
#ifdef HAVE_CYGWIN
- if (check_nt_auth(0, authctxt->pw->pw_uid) == 0)
+ if (check_nt_auth(0, authctxt->pw) == 0)
return(0);
#endif
return authenticated;
@@ -504,7 +504,7 @@
xfree(pkalg);
xfree(pkblob);
#ifdef HAVE_CYGWIN
- if (check_nt_auth(0, authctxt->pw->pw_uid) == 0)
+ if (check_nt_auth(0, authctxt->pw) == 0)
return(0);
#endif
return authenticated;
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 6d6aafa..b127257 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -15,7 +15,7 @@
#include "includes.h"
-RCSID("$Id: bsd-cygwin_util.c,v 1.6 2001/11/27 01:19:44 tim Exp $");
+RCSID("$Id: bsd-cygwin_util.c,v 1.7 2001/12/29 03:08:30 djm Exp $");
#ifdef HAVE_CYGWIN
@@ -58,7 +58,7 @@
return ret;
}
-int check_nt_auth(int pwd_authenticated, uid_t uid)
+int check_nt_auth(int pwd_authenticated, struct passwd *pw)
{
/*
* The only authentication which is able to change the user
@@ -73,6 +73,8 @@
*/
static int has_create_token = -1;
+ if (pw == NULL)
+ return 0;
if (is_winnt) {
if (has_create_token < 0) {
struct utsname uts;
@@ -90,7 +92,7 @@
}
}
if (has_create_token < 1 &&
- !pwd_authenticated && geteuid() != uid)
+ !pwd_authenticated && geteuid() != pw->pw_uid)
return 0;
}
return 1;
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 24063d3..c3d9051 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -13,7 +13,7 @@
* binary mode on Windows systems.
*/
-/* $Id: bsd-cygwin_util.h,v 1.5 2001/11/27 01:19:44 tim Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.6 2001/12/29 03:08:30 djm Exp $ */
#ifndef _BSD_CYGWIN_UTIL_H
#define _BSD_CYGWIN_UTIL_H
@@ -24,7 +24,7 @@
int binary_open(const char *filename, int flags, ...);
int binary_pipe(int fd[2]);
-int check_nt_auth(int pwd_authenticated, uid_t uid);
+int check_nt_auth(int pwd_authenticated, struct passwd *pw);
int check_ntsec(const char *filename);
void register_9x_service(void);