- (djm) Apply Cygwin pointer deref fix from Corinna Vinschen

<vinschen@redhat.com> Could be abused to guess valid usernames

ChangeLog

@@ -1,3 +1,7 @@
+20011229
+ - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen 
+   <vinschen@redhat.com> Could be abused to guess valid usernames
+
 20011228
  - (djm) Remove recommendation to use GNU make, we should support most
    make programs.
@@ -7108,4 +7112,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1709 2001/12/27 22:57:33 djm Exp $
+$Id: ChangeLog,v 1.1710 2001/12/29 03:08:28 djm Exp $

auth1.c

@@ -313,9 +313,9 @@ do_authloop(Authctxt *authctxt)
 
 #ifdef HAVE_CYGWIN
 		if (authenticated &&
-		    !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) {
+		    !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
 			packet_disconnect("Authentication rejected for uid %d.",
-			(int)pw->pw_uid);
+			pw == NULL ? -1 : pw->pw_uid);
 			authenticated = 0;
 		}
 #else

auth2.c

@@ -335,7 +335,7 @@ userauth_none(Authctxt *authctxt)
 		return(0);
 
 #ifdef HAVE_CYGWIN
-	if (check_nt_auth(1, authctxt->pw->pw_uid) == 0)
+	if (check_nt_auth(1, authctxt->pw) == 0)
 		return(0);
 #endif
 #ifdef USE_PAM
@@ -361,7 +361,7 @@ userauth_passwd(Authctxt *authctxt)
 	packet_done();
 	if (authctxt->valid &&
 #ifdef HAVE_CYGWIN
-		check_nt_auth(1, authctxt->pw->pw_uid) &&
+	    check_nt_auth(1, authctxt->pw) &&
 #endif
 #ifdef USE_PAM
 	    auth_pam_password(authctxt->pw, password) == 1)
@@ -398,7 +398,7 @@ userauth_kbdint(Authctxt *authctxt)
 	xfree(devs);
 	xfree(lang);
 #ifdef HAVE_CYGWIN
-	if (check_nt_auth(0, authctxt->pw->pw_uid) == 0)
+	if (check_nt_auth(0, authctxt->pw) == 0)
 		return(0);
 #endif
 	return authenticated;
@@ -504,7 +504,7 @@ userauth_pubkey(Authctxt *authctxt)
 	xfree(pkalg);
 	xfree(pkblob);
 #ifdef HAVE_CYGWIN
-	if (check_nt_auth(0, authctxt->pw->pw_uid) == 0)
+	if (check_nt_auth(0, authctxt->pw) == 0)
 		return(0);
 #endif
 	return authenticated;

openbsd-compat/bsd-cygwin_util.c

@@ -15,7 +15,7 @@
 
 #include "includes.h"
 
-RCSID("$Id: bsd-cygwin_util.c,v 1.6 2001/11/27 01:19:44 tim Exp $");
+RCSID("$Id: bsd-cygwin_util.c,v 1.7 2001/12/29 03:08:30 djm Exp $");
 
 #ifdef HAVE_CYGWIN
 
@@ -58,7 +58,7 @@ int binary_pipe(int fd[2])
 	return ret;
 }
 
-int check_nt_auth(int pwd_authenticated, uid_t uid)
+int check_nt_auth(int pwd_authenticated, struct passwd *pw)
 {
 	/*
 	* The only authentication which is able to change the user
@@ -73,6 +73,8 @@ int check_nt_auth(int pwd_authenticated, uid_t uid)
 	*/
 	static int has_create_token = -1;
 
+	if (pw == NULL)
+		return 0;
 	if (is_winnt) {
 		if (has_create_token < 0) {
 			struct utsname uts;
@@ -90,7 +92,7 @@ int check_nt_auth(int pwd_authenticated, uid_t uid)
 			}
 		}
 		if (has_create_token < 1 &&
-		    !pwd_authenticated && geteuid() != uid)
+		    !pwd_authenticated && geteuid() != pw->pw_uid)
 			return 0;
 	}
 	return 1;

openbsd-compat/bsd-cygwin_util.h

@@ -13,7 +13,7 @@
  * binary mode on Windows systems.
  */
 
-/* $Id: bsd-cygwin_util.h,v 1.5 2001/11/27 01:19:44 tim Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.6 2001/12/29 03:08:30 djm Exp $ */
 
 #ifndef _BSD_CYGWIN_UTIL_H
 #define _BSD_CYGWIN_UTIL_H
@@ -24,7 +24,7 @@
 
 int binary_open(const char *filename, int flags, ...);
 int binary_pipe(int fd[2]);
-int check_nt_auth(int pwd_authenticated, uid_t uid);
+int check_nt_auth(int pwd_authenticated, struct passwd *pw);
 int check_ntsec(const char *filename);
 void register_9x_service(void);