Bug 204

Summary: Authentication fails when username contains an at-sign
Product: Portable OpenSSH Reporter: Britt <britt>
Component: sshdAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED FIXED    
Severity: normal    
Priority: P2    
Version: -current   
Hardware: All   
OS: Other   
Attachments:
Description Flags
this should help, but patch needs some more work
none
what about this? please test none

Description Britt 2002-04-04 17:51:42 AEST 
I have a Linux box running the Ensim web hosting software.  Users on virtual 
accounts are required to log in using domain-qualified usernames 
like "user@host.com", for instance:

  ssh hostname -l user@host.com

This worked with SSH version 2.9p2-11.7 but fails with 3.1p1.  I tracked the 
problem down to a change at line 376 in auth1.c:

        /* XXX - SSH.com Kerberos v5 braindeath. */
        if ((p = strchr(user, '@')) != NULL)
                *p = '\0';

Commenting out that code fixes the problem, although now I'm having a problem 
with pty allocation.  Sigh.

-britt
Comment 1 Britt 2002-04-04 18:49:41 AEST 
Okay, commenting out those lines definitely solved the problem.  The pty issue 
happened because I didn't configure with PAM, and evidently Ensim has done 
something sneaky there.

So, definitely a problem.

-britt
Comment 2 Markus Friedl 2002-04-05 00:22:09 AEST 
Created attachment 61 [details]
this should help, but patch needs some more work
Comment 3 Markus Friedl 2002-04-08 20:59:03 AEST 
Created attachment 66 [details]
what about this? please test
Comment 4 Britt 2002-04-08 23:12:57 AEST 
I will test this on my system today, but I have no way to test whether Kerberos 
V5 still works after the fix.

-britt
Comment 5 Britt 2002-04-09 09:56:30 AEST 
Yes, that patch fixes the problem on my system.  Again, I can't speak for 
Kerberos though.

Thanks!

-britt
Comment 6 Markus Friedl 2002-07-18 18:00:50 AEST 
patch commited (some time ago)
Comment 7 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED