[Bug 1113] Add Interix authentication support
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Nov 6 02:42:58 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=1113
------- Comment #3 from tv at pobox.com 2005-11-06 02:42 -------
> >+#ifdef HAVE_INTERIX
> >+ result = (!setuser(pw->pw_name, password, SU_CHECK);
> >+#else
> > result = sys_auth_passwd(authctxt, password);
> >+#endif
>
> This is exactly the kind of thing the sys_auth_passwd abstraction is designed
> to avoid. The correct way to do this is to implement your own
> sys_auth_passwd() and define CUSTOM_SYS_AUTH_PASSWD.
Will do, and will resubmit patch at that time.
> >+#ifndef HAVE_INTERIX
> > case ' ':
> >+#endif
>
> Why this change?
Interix users and groups are allowed to have spaces in them. (This is
because Interix is a Unix layer on top of Windows, similar to Cygwin but
working at a much lower NT level.)
> >+# if !defined(HAVE_INTERIX)
> > /* Initialize the group list. */
> > if (initgroups(pw->pw_name, pw->pw_gid) < 0) {
> > perror("initgroups");
> > exit(1);
> > }
> >+# endif /* !HAVE_INTERIX */
>
> Does Interix have initgroups()? If not, just implement initgroups() as a null
> function that just returns zero. Ditto setgroups.
OK, will do. There used to be a no-op setgroups() that was used for Cygwin
too, but it disappeared early in 2005. I'll have to track back to find
which portable release had it last, and merge it back in.
> >+#ifdef HAVE_INTERIX
> >+ use_privsep = 0;
> >+#else
> > use_privsep = 1;
> >+#endif
>
> Why doesn't privsep work? Does defining DISABLE_FD_PASSING make preauth
> privsep work? (That's what Cygwin and a number of other platforms do.)
I can't remember why this was here, but last time I looked,
DISABLE_FD_PASSING wasn't enough. I'll check again and resubmit.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list