- (bal) Allow sshd to switch user context without password for Cygwin.

         Patch by Corinna Vinschen <vinschen@redhat.com>

diff --git a/ChangeLog b/ChangeLog
index 3f4fecd1d0ee1344f02f51280685e8888f775913..cbac74a22192b1cec07bc74afe5786b88c471017 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,8 @@
      keep track of both maxfd and the size of the malloc'ed fdsets.
      update maxfd if maxfd gets closed.
  - (bal) Cleaned up trailing spaces in ChangeLog.
+ - (bal) Allow sshd to switch user context without password for Cygwin.
+         Patch by Corinna Vinschen <vinschen@redhat.com>
 
 20010715
  - (bal) Set "BROKEN_GETADDRINFO" for darwin platform.  Reported by

diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index f481a6d916f23c16e2b7fab6abf8285152d470a5..f5133319650c6e85ba264b6dd9d8337509618408 100644 (file)
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -21,10 +21,14 @@ RCSID("$Id$");
 
 #include <fcntl.h>
 #include <stdlib.h>
+#include <sys/utsname.h>
 #include <sys/vfs.h>
 #include <windows.h>
 #define is_winnt       (GetVersion() < 0x80000000)
 
+#define ntsec_on(c)    ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
+#define ntea_on(c)     ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
+
 #if defined(open) && open == binary_open
 # undef open
 #endif
@@ -61,12 +65,34 @@ int check_nt_auth(int pwd_authenticated, uid_t uid)
        * context on NT systems is the password authentication. So
        * we deny all requsts for changing the user context if another
        * authentication method is used.
-       * This may change in future when a special openssh
-       * subauthentication package is available.
+       *
+       * This doesn't apply to Cygwin versions >= 1.3.2 anymore which
+       * uses the undocumented NtCreateToken() call to create a user
+       * token if the process has the appropriate privileges and if
+       * CYGWIN ntsec setting is on.
        */
-       if (is_winnt && !pwd_authenticated && geteuid() != uid)
-               return 0;
-       
+       static int has_create_token = -1;
+
+       if (is_winnt) {
+               if (has_create_token < 0) {
+                       struct utsname uts;
+                       int major_high = 0, major_low = 0, minor = 0;
+                       char *cygwin = getenv("CYGWIN");
+
+                       has_create_token = 0;
+                       if (ntsec_on(cygwin) && !uname(&uts)) {
+                               sscanf(uts.release, "%d.%d.%d",
+                                      &major_high, &major_low, &minor);
+                               if (major_high > 1 ||
+                                   (major_high == 1 && (major_low > 3 ||
+                                    (major_low == 3 && minor >= 2))))
+                                       has_create_token = 1;
+                       }
+               }
+               if (has_create_token < 1 &&
+                   !pwd_authenticated && geteuid() != uid)
+                       return 0;
+       }
        return 1;
 }
 
@@ -82,12 +108,9 @@ int check_ntsec(const char *filename)
                return 0;
 
        /* Evaluate current CYGWIN settings. */
-       if ((cygwin = getenv("CYGWIN")) != NULL) {
-               if (strstr(cygwin, "ntea") && !strstr(cygwin, "nontea"))
-                       allow_ntea = 1;
-               if (strstr(cygwin, "ntsec") && !strstr(cygwin, "nontsec"))
-                       allow_ntsec = 1;
-       }
+       cygwin = getenv("CYGWIN");
+       allow_ntea = ntea_on(cygwin);
+       allow_ntsec = ntsec_on(cygwin);
 
        /*
         * `ntea' is an emulation of POSIX attributes. It doesn't support