summaryrefslogtreecommitdiff
path: root/auth-passwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth-passwd.c')
-rw-r--r--auth-passwd.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/auth-passwd.c b/auth-passwd.c
index 93756e9e..850e2583 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -37,6 +37,13 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.16 2000/06/20 01:39:38 markus Exp $");
# include "md5crypt.h"
#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */
+#ifdef HAVE_CYGWIN
+#undef ERROR
+#include <windows.h>
+#include <sys/cygwin.h>
+#define is_winnt (GetVersion() < 0x80000000)
+#endif
+
/*
* Tries to authenticate the user using password. Returns true if
* authentication succeeds.
@@ -63,11 +70,31 @@ auth_password(struct passwd * pw, const char *password)
/* deny if no user. */
if (pw == NULL)
return 0;
+#ifndef HAVE_CYGWIN
if (pw->pw_uid == 0 && options.permit_root_login == 2)
return 0;
+#endif
+#ifdef HAVE_CYGWIN
+ /*
+ * Empty password is only possible on NT if the user has _really_
+ * an empty password and authentication is done, though.
+ */
+ if (!is_winnt)
+#endif
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
+#ifdef HAVE_CYGWIN
+ if (is_winnt) {
+ HANDLE hToken = cygwin_logon_user(pw, password);
+
+ if (hToken == INVALID_HANDLE_VALUE)
+ return 0;
+ cygwin_set_impersonation_token(hToken);
+ return 1;
+ }
+#endif
+
#ifdef SKEY
if (options.skey_authentication == 1) {
int ret = auth_skey_password(pw, password);