1 /* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */ 2 /* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include "includes.h" 27 28 #include <sys/types.h> 29 #include <sys/stat.h> 30 #include <sys/uio.h> 31 32 #include <fcntl.h> 33 #include <stdarg.h> 34 #include <unistd.h> 35 36 #include "xmalloc.h" 37 #include "key.h" 38 #include "hostfile.h" 39 #include "auth.h" 40 #include "packet.h" 41 #include "log.h" 42 #include "buffer.h" 43 #include "servconf.h" 44 #include "atomicio.h" 45 #include "compat.h" 46 #include "ssh2.h" 47 #ifdef GSSAPI 48 #include "ssh-gss.h" 49 #endif 50 #include "monitor_wrap.h" 51 52 /* import */ 53 extern ServerOptions options; 54 55 /* "none" is allowed only one time */ 56 static int none_enabled = 1; 57 58 char * 59 auth2_read_banner(void) 60 { 61 struct stat st; 62 char *banner = NULL; 63 size_t len, n; 64 int fd; 65 66 if ((fd = open(options.banner, O_RDONLY)) == -1) 67 return (NULL); 68 if (fstat(fd, &st) == -1) { 69 close(fd); 70 return (NULL); 71 } 72 if (st.st_size > 1*1024*1024) { 73 close(fd); 74 return (NULL); 75 } 76 77 len = (size_t)st.st_size; /* truncate */ 78 banner = xmalloc(len + 1); 79 n = atomicio(read, fd, banner, len); 80 close(fd); 81 82 if (n != len) { 83 xfree(banner); 84 return (NULL); 85 } 86 banner[n] = '\0'; 87 88 return (banner); 89 } 90 91 void 92 userauth_send_banner(const char *msg) 93 { 94 if (datafellows & SSH_BUG_BANNER) 95 return; 96 97 packet_start(SSH2_MSG_USERAUTH_BANNER); 98 packet_put_cstring(msg); 99 packet_put_cstring(""); /* language, unused */ 100 packet_send(); 101 debug("%s: sent", __func__); 102 } 103 104 static void 105 userauth_banner(void) 106 { 107 char *banner = NULL; 108 109 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) 110 return; 111 112 if ((banner = PRIVSEP(auth2_read_banner())) == NULL) 113 goto done; 114 userauth_send_banner(banner); 115 116 done: 117 if (banner) 118 xfree(banner); 119 } 120 121 static int 122 userauth_none(Authctxt *authctxt) 123 { 124 none_enabled = 0; 125 packet_check_eom(); 126 userauth_banner(); 127 #ifdef HAVE_CYGWIN 128 if (check_nt_auth(1, authctxt->pw) == 0) 129 return (0); 130 #endif 131 if (options.password_authentication) 132 return (PRIVSEP(auth_password(authctxt, ""))); 133 return (0); 134 } 135 136 Authmethod method_none = { 137 "none", 138 userauth_none, 139 &none_enabled 140 }; 141