version 1.14, 2007/08/23 03:22:16 |
version 1.15, 2008/07/02 12:36:39 |
|
|
*/ |
*/ |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <sys/stat.h> |
|
#include <sys/uio.h> |
|
|
|
#include <fcntl.h> |
|
#include <unistd.h> |
|
#include <string.h> |
|
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
#include "key.h" |
#include "key.h" |
#include "hostfile.h" |
#include "hostfile.h" |
|
|
#include "log.h" |
#include "log.h" |
#include "buffer.h" |
#include "buffer.h" |
#include "servconf.h" |
#include "servconf.h" |
#include "atomicio.h" |
|
#include "compat.h" |
#include "compat.h" |
#include "ssh2.h" |
#include "ssh2.h" |
#ifdef GSSAPI |
#ifdef GSSAPI |
|
|
/* "none" is allowed only one time */ |
/* "none" is allowed only one time */ |
static int none_enabled = 1; |
static int none_enabled = 1; |
|
|
char * |
|
auth2_read_banner(void) |
|
{ |
|
struct stat st; |
|
char *banner = NULL; |
|
size_t len, n; |
|
int fd; |
|
|
|
if ((fd = open(options.banner, O_RDONLY)) == -1) |
|
return (NULL); |
|
if (fstat(fd, &st) == -1) { |
|
close(fd); |
|
return (NULL); |
|
} |
|
if (st.st_size > 1*1024*1024) { |
|
close(fd); |
|
return (NULL); |
|
} |
|
|
|
len = (size_t)st.st_size; /* truncate */ |
|
banner = xmalloc(len + 1); |
|
n = atomicio(read, fd, banner, len); |
|
close(fd); |
|
|
|
if (n != len) { |
|
xfree(banner); |
|
return (NULL); |
|
} |
|
banner[n] = '\0'; |
|
|
|
return (banner); |
|
} |
|
|
|
static void |
|
userauth_banner(void) |
|
{ |
|
char *banner = NULL; |
|
|
|
if (options.banner == NULL || |
|
strcasecmp(options.banner, "none") == 0 || |
|
(datafellows & SSH_BUG_BANNER) != 0) |
|
return; |
|
|
|
if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
|
goto done; |
|
|
|
packet_start(SSH2_MSG_USERAUTH_BANNER); |
|
packet_put_cstring(banner); |
|
packet_put_cstring(""); /* language, unused */ |
|
packet_send(); |
|
debug("userauth_banner: sent"); |
|
done: |
|
if (banner) |
|
xfree(banner); |
|
} |
|
|
|
static int |
static int |
userauth_none(Authctxt *authctxt) |
userauth_none(Authctxt *authctxt) |
{ |
{ |
none_enabled = 0; |
none_enabled = 0; |
packet_check_eom(); |
packet_check_eom(); |
userauth_banner(); |
|
if (options.password_authentication) |
if (options.password_authentication) |
return (PRIVSEP(auth_password(authctxt, ""))); |
return (PRIVSEP(auth_password(authctxt, ""))); |
return (0); |
return (0); |