This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
FW: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
- To: "Cygwin" <cygwin at sourceware dot cygnus dot com>
- Subject: FW: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
- From: "Prentis Brooks" <prentis at aol dot net>
- Date: Tue, 30 May 2000 14:34:42 -0400
-----Original Message-----
From: Prentis Brooks [mailto:prentis@aol.net]
Sent: Tuesday, May 30, 2000 2:33 PM
To: Prentis Brooks
Subject: RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]
Ok, need to correct myself... it is not a patch that has the overflow, it is
RSAREF itself... do you know if this particular compilation has it
corrected, or was RSAREF compiled into OpenSSL?
-----Original Message-----
From: cygwin-owner@sourceware.cygnus.com
[mailto:cygwin-owner@sourceware.cygnus.com]On Behalf Of Prentis Brooks
Sent: Tuesday, May 30, 2000 2:19 PM
To: cygwin
Subject: RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]
Corinna,
your patches work great, one last quick question, then I am done, I hope
:). There is apparently an RSAREF patch out there with a buffer overflow
problem, I am still trying to track down the patch number. If you happen to
know of it, did you apply that patch to the OpenSSL code? If you don't know
of the one I am talking about, then I guess there is not much we can do
until I find that patch number ;)
Thanks
-----Original Message-----
From: cygwin-owner@sourceware.cygnus.com
[mailto:cygwin-owner@sourceware.cygnus.com]On Behalf Of Corinna Vinschen
Sent: Sunday, May 28, 2000 5:25 AM
To: Prentis Brooks
Cc: cygwin
Subject: Re: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]
Prentis Brooks wrote:
> different from what I was looking to do. Would you mind telling me how
you
> solved the problem of unauthorized access to a another account?
> (specifically, being able to login to RSA enabled SSHD eventhough your RSA
> key is not part of that SSHD's user's authorized_key file.)
Password authentication leads to a valid hToken, any
other authentication leads to hToken == INVALID_HANDLE_VALUE.
So after authentication I check for non-password authentication
and equality of getuid() to uid of authenticated user.
==== SNIP ====
@@ -1498,6 +1529,13 @@ do_authloop(struct passwd * pw)
break;
}
+#ifdef __CYGWIN__
+ if (is_winnt && hToken == INVALID_HANDLE_VALUE &&
+ authenticated && getuid() != pw->pw_uid) {
+ packet_disconnect("Authentication rejected for
uid %d.", (int) pw->pw_uid);
+ authenticated = 0;
+ }
+#endif
/* Raise logging level */
if (authenticated ||
attempt == AUTH_FAIL_LOG ||
==== SNAP ====
Corinna
--
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com