- markus@cvs.openbsd.org 2001/06/07 19:57:53
[auth2.c]
style is used for bsdauth.
disconnect on user/service change (ietf-drafts)
diff --git a/ChangeLog b/ChangeLog
index a7d071e..a00010e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -62,6 +62,10 @@
- markus@cvs.openbsd.org 2001/06/06 23:19:35
[ssh-add.c]
remove debug message; Darren.Moffat@eng.sun.com
+ - markus@cvs.openbsd.org 2001/06/07 19:57:53
+ [auth2.c]
+ style is used for bsdauth.
+ disconnect on user/service change (ietf-drafts)
20010606
- OpenBSD CVS Sync
@@ -5573,4 +5577,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1265 2001/06/09 01:38:24 mouring Exp $
+$Id: ChangeLog,v 1.1266 2001/06/09 01:40:00 mouring Exp $
diff --git a/auth2.c b/auth2.c
index 0b4df9c..554ca4c 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.61 2001/05/31 10:30:12 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.62 2001/06/07 19:57:53 markus Exp $");
#include <openssl/evp.h>
@@ -219,14 +219,12 @@
setproctitle("%s", pw ? user : "unknown");
authctxt->user = xstrdup(user);
authctxt->service = xstrdup(service);
- authctxt->style = style ? xstrdup(style) : NULL; /* currently unused */
- } else if (authctxt->valid) {
- if (strcmp(user, authctxt->user) != 0 ||
- strcmp(service, authctxt->service) != 0) {
- log("input_userauth_request: mismatch: (%s,%s)!=(%s,%s)",
- user, service, authctxt->user, authctxt->service);
- authctxt->valid = 0;
- }
+ authctxt->style = style ? xstrdup(style) : NULL;
+ } else if (strcmp(user, authctxt->user) != 0 ||
+ strcmp(service, authctxt->service) != 0) {
+ packet_disconnect("Change of username or service not allowed: "
+ "(%s,%s) -> (%s,%s)",
+ authctxt->user, authctxt->service, user, service);
}
/* reset state */
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error);