openssh unix dev - Oct 2014 - Username case sensitivity issue with multiple variants in /etc/passwd

Hi,

I recently upgraded from 4.3 to 6.7 on Windows with cygwin and noticed that case
sensitivity had been introduced for Windows usernames as per this discussion:
http://marc.info/?l=openssh-unix-dev&m=126505289206175&w=2

It seems there is still a bug in the handling of usernames regarding case
sensitivity however. The following /etc/passwd allows me to login as either
Jason or dave to the same uid (case-sensitive, therefore jason and Dave do not
work as expected):

Jason:unused:1006:513:Jason
Jacques,U-SERVER\jason,S-1-5-21-XXXXXXXXXX-436374069-527237240-1006:/home/jason:/bin/bash
dave:unused:1006:513:Jason
Jacques,U-SERVER\jason,S-1-5-21-XXXXXXXXXX-436374069-527237240-1006:/home/jason:/bin/bash

If I change the /etc/passwd to the following however, I can only login with the
username Jason. jason (lower-case) does not work. This is dependant on which
occurs first in the /etc/passwd file (i.e. if lowercase is first, that is the
allowed variant):

Jason:unused:1006:513:Jason
Jacques,U-SERVER\jason,S-1-5-21-XXXXXXXXXX-436374069-527237240-1006:/home/jason:/bin/bash
jason:unused:1006:513:Jason
Jacques,U-SERVER\jason,S-1-5-21-XXXXXXXXXX-436374069-527237240-1006:/home/jason:/bin/bash

In essence, it seems OpenSSH is now treating Jason and jason as different
accounts based on unix practices, but if different cases are specified in
/etc/passwd only the first variant is evaluated before determining if the login
should proceed.

Thanks,

Jason Jacques
Email: jtjacques at gmail.com
Web: http://jasonjacques.co.uk