|
Lines 229-234
Link Here
|
| 229 |
debug("userauth-request for user %s service %s method %s", user, service, method); |
229 |
debug("userauth-request for user %s service %s method %s", user, service, method); |
| 230 |
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); |
230 |
debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); |
| 231 |
|
231 |
|
|
|
232 |
if (authctxt->attempt == 0) authctxt->user = xstrdup(user); |
| 233 |
|
| 232 |
if ((role = strchr(user, '/')) != NULL) |
234 |
if ((role = strchr(user, '/')) != NULL) |
| 233 |
*role++ = 0; |
235 |
*role++ = 0; |
| 234 |
|
236 |
|
|
Lines 240-246
Link Here
|
| 240 |
if (authctxt->attempt++ == 0) { |
242 |
if (authctxt->attempt++ == 0) { |
| 241 |
/* setup auth context */ |
243 |
/* setup auth context */ |
| 242 |
authctxt->pw = PRIVSEP(getpwnamallow(user)); |
244 |
authctxt->pw = PRIVSEP(getpwnamallow(user)); |
| 243 |
authctxt->user = xstrdup(user); |
|
|
| 244 |
if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
245 |
if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
| 245 |
authctxt->valid = 1; |
246 |
authctxt->valid = 1; |
| 246 |
debug2("input_userauth_request: setting up authctxt for %s", user); |
247 |
debug2("input_userauth_request: setting up authctxt for %s", user); |
|
Lines 263-269
Link Here
|
| 263 |
if (use_privsep) |
264 |
if (use_privsep) |
| 264 |
mm_inform_authserv(service, style, role); |
265 |
mm_inform_authserv(service, style, role); |
| 265 |
userauth_banner(); |
266 |
userauth_banner(); |
| 266 |
} else if (strcmp(user, authctxt->user) != 0 || |
267 |
} else if (strcmp(user, authctxt->pw->pw_name) != 0 || |
| 267 |
strcmp(service, authctxt->service) != 0) { |
268 |
strcmp(service, authctxt->service) != 0) { |
| 268 |
packet_disconnect("Change of username or service not allowed: " |
269 |
packet_disconnect("Change of username or service not allowed: " |
| 269 |
"(%s,%s) -> (%s,%s)", |
270 |
"(%s,%s) -> (%s,%s)", |