1 /* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25 #include "includes.h" 26 RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $"); 27 28 #include "auth.h" 29 #include "xmalloc.h" 30 #include "packet.h" 31 #include "log.h" 32 #include "servconf.h" 33 #include "atomicio.h" 34 #include "compat.h" 35 #include "ssh2.h" 36 #include "monitor_wrap.h" 37 38 /* import */ 39 extern ServerOptions options; 40 41 /* "none" is allowed only one time */ 42 static int none_enabled = 1; 43 44 char * 45 auth2_read_banner(void) 46 { 47 struct stat st; 48 char *banner = NULL; 49 size_t len, n; 50 int fd; 51 52 if ((fd = open(options.banner, O_RDONLY)) == -1) 53 return (NULL); 54 if (fstat(fd, &st) == -1) { 55 close(fd); 56 return (NULL); 57 } 58 if (st.st_size > 1*1024*1024) { 59 close(fd); 60 return (NULL); 61 } 62 63 len = (size_t)st.st_size; /* truncate */ 64 banner = xmalloc(len + 1); 65 n = atomicio(read, fd, banner, len); 66 close(fd); 67 68 if (n != len) { 69 xfree(banner); 70 return (NULL); 71 } 72 banner[n] = '\0'; 73 74 return (banner); 75 } 76 77 void 78 userauth_send_banner(const char *msg) 79 { 80 if (datafellows & SSH_BUG_BANNER) 81 return; 82 83 packet_start(SSH2_MSG_USERAUTH_BANNER); 84 packet_put_cstring(msg); 85 packet_put_cstring(""); /* language, unused */ 86 packet_send(); 87 debug("%s: sent", __func__); 88 } 89 90 static void 91 userauth_banner(void) 92 { 93 char *banner = NULL; 94 95 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) 96 return; 97 98 if ((banner = PRIVSEP(auth2_read_banner())) == NULL) 99 goto done; 100 userauth_send_banner(banner); 101 102 done: 103 if (banner) 104 xfree(banner); 105 } 106 107 static int 108 userauth_none(Authctxt *authctxt) 109 { 110 none_enabled = 0; 111 packet_check_eom(); 112 userauth_banner(); 113 #ifdef HAVE_CYGWIN 114 if (check_nt_auth(1, authctxt->pw) == 0) 115 return (0); 116 #endif 117 if (options.password_authentication) 118 return (PRIVSEP(auth_password(authctxt, ""))); 119 return (0); 120 } 121 122 Authmethod method_none = { 123 "none", 124 userauth_none, 125 &none_enabled 126 }; 127