1/* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h"
| 1/* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h"
|
26RCSID("$OpenBSD: auth2-none.c,v 1.6 2003/08/26 09:58:43 markus Exp $");
| 26RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $");
|
27 28#include "auth.h" 29#include "xmalloc.h" 30#include "packet.h" 31#include "log.h" 32#include "servconf.h" 33#include "atomicio.h" 34#include "compat.h" 35#include "ssh2.h" 36#include "monitor_wrap.h" 37 38/* import */ 39extern ServerOptions options; 40 41/* "none" is allowed only one time */ 42static int none_enabled = 1; 43 44char * 45auth2_read_banner(void) 46{ 47 struct stat st; 48 char *banner = NULL;
| 27 28#include "auth.h" 29#include "xmalloc.h" 30#include "packet.h" 31#include "log.h" 32#include "servconf.h" 33#include "atomicio.h" 34#include "compat.h" 35#include "ssh2.h" 36#include "monitor_wrap.h" 37 38/* import */ 39extern ServerOptions options; 40 41/* "none" is allowed only one time */ 42static int none_enabled = 1; 43 44char * 45auth2_read_banner(void) 46{ 47 struct stat st; 48 char *banner = NULL;
|
49 off_t len, n;
| 49 size_t len, n;
|
50 int fd; 51 52 if ((fd = open(options.banner, O_RDONLY)) == -1) 53 return (NULL); 54 if (fstat(fd, &st) == -1) { 55 close(fd); 56 return (NULL); 57 }
| 50 int fd; 51 52 if ((fd = open(options.banner, O_RDONLY)) == -1) 53 return (NULL); 54 if (fstat(fd, &st) == -1) { 55 close(fd); 56 return (NULL); 57 }
|
58 len = st.st_size;
| 58 if (st.st_size > 1*1024*1024) { 59 close(fd); 60 return (NULL); 61 } 62 63 len = (size_t)st.st_size; /* truncate */
|
59 banner = xmalloc(len + 1); 60 n = atomicio(read, fd, banner, len); 61 close(fd); 62 63 if (n != len) { 64 xfree(banner); 65 return (NULL); 66 } 67 banner[n] = '\0'; 68 69 return (banner); 70} 71 72static void 73userauth_banner(void) 74{ 75 char *banner = NULL; 76 77 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) 78 return; 79 80 if ((banner = PRIVSEP(auth2_read_banner())) == NULL) 81 goto done; 82 83 packet_start(SSH2_MSG_USERAUTH_BANNER); 84 packet_put_cstring(banner); 85 packet_put_cstring(""); /* language, unused */ 86 packet_send(); 87 debug("userauth_banner: sent"); 88done: 89 if (banner) 90 xfree(banner); 91} 92 93static int 94userauth_none(Authctxt *authctxt) 95{ 96 none_enabled = 0; 97 packet_check_eom(); 98 userauth_banner(); 99#ifdef HAVE_CYGWIN 100 if (check_nt_auth(1, authctxt->pw) == 0) 101 return(0); 102#endif 103 if (options.password_authentication) 104 return (PRIVSEP(auth_password(authctxt, ""))); 105 return (0); 106} 107 108Authmethod method_none = { 109 "none", 110 userauth_none, 111 &none_enabled 112};
| 64 banner = xmalloc(len + 1); 65 n = atomicio(read, fd, banner, len); 66 close(fd); 67 68 if (n != len) { 69 xfree(banner); 70 return (NULL); 71 } 72 banner[n] = '\0'; 73 74 return (banner); 75} 76 77static void 78userauth_banner(void) 79{ 80 char *banner = NULL; 81 82 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) 83 return; 84 85 if ((banner = PRIVSEP(auth2_read_banner())) == NULL) 86 goto done; 87 88 packet_start(SSH2_MSG_USERAUTH_BANNER); 89 packet_put_cstring(banner); 90 packet_put_cstring(""); /* language, unused */ 91 packet_send(); 92 debug("userauth_banner: sent"); 93done: 94 if (banner) 95 xfree(banner); 96} 97 98static int 99userauth_none(Authctxt *authctxt) 100{ 101 none_enabled = 0; 102 packet_check_eom(); 103 userauth_banner(); 104#ifdef HAVE_CYGWIN 105 if (check_nt_auth(1, authctxt->pw) == 0) 106 return(0); 107#endif 108 if (options.password_authentication) 109 return (PRIVSEP(auth_password(authctxt, ""))); 110 return (0); 111} 112 113Authmethod method_none = { 114 "none", 115 userauth_none, 116 &none_enabled 117};
|