1 /*
2 * Copyright (c) 2000 Markus Friedl. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24 /*
25 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
26 * Use is subject to license terms.
27 */
28
29 #include "includes.h"
30 RCSID("$OpenBSD: auth2-none.c,v 1.4 2002/06/27 10:35:47 deraadt Exp $");
31
32 #include "auth.h"
33 #include "xmalloc.h"
34 #include "packet.h"
35 #include "log.h"
36 #include "servconf.h"
37 #include "atomicio.h"
38 #include "compat.h"
39 #include "ssh2.h"
40
41 /* import */
42 extern ServerOptions options;
43
44 /* "none" is allowed only one time */
45 static int none_enabled = 1;
46
47 char *
auth2_read_banner(void)48 auth2_read_banner(void)
49 {
50 struct stat st;
51 char *banner, *ubanner, *errstr;
52 off_t len, n;
53 int fd;
54 uint_t ilen;
55
56 if ((fd = open(options.banner, O_RDONLY)) == -1)
57 return (NULL);
58 if (fstat(fd, &st) == -1) {
59 close(fd);
60 return (NULL);
61 }
62 len = st.st_size;
63 banner = xmalloc(len + 1);
64 n = atomicio(read, fd, banner, len);
65 close(fd);
66
67 if (n != len) {
68 xfree(banner);
69 return (NULL);
70 }
71 banner[n] = '\0';
72
73 if (datafellows & SSH_BUG_STRING_ENCODING) {
74 ubanner = banner;
75 } else {
76 ilen = (uint_t)n;
77 ubanner = g11n_convert_to_utf8(banner, &ilen, 1, &errstr);
78 if (ubanner == NULL) {
79 if (errstr != NULL) {
80 error("Can't convert banner contents "
81 "to UTF-8: %s\n", errstr);
82 }
83 ubanner = banner;
84 } else {
85 xfree(banner);
86 }
87 }
88
89 return (ubanner);
90 }
91
92 static void
userauth_banner(void)93 userauth_banner(void)
94 {
95 char *banner = NULL;
96
97 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
98 return;
99
100 if ((banner = auth2_read_banner()) == NULL)
101 goto done;
102
103 packet_start(SSH2_MSG_USERAUTH_BANNER);
104 packet_put_cstring(banner);
105 packet_put_cstring(""); /* language, unused */
106 packet_send();
107 debug("userauth_banner: sent");
108 done:
109 if (banner)
110 xfree(banner);
111 }
112
113 static void
userauth_none(Authctxt * authctxt)114 userauth_none(Authctxt *authctxt)
115 {
116 none_enabled = 0;
117
118 if (!authctxt || !authctxt->method)
119 fatal("%s: missing context", __func__);
120
121 packet_check_eom();
122 userauth_banner();
123 #ifdef HAVE_CYGWIN
124 if (check_nt_auth(1, authctxt->pw) == 0)
125 return (0);
126 #endif
127 authctxt->method->authenticated = auth_password(authctxt, "");
128 }
129
130 Authmethod method_none = {
131 "none",
132 &none_enabled,
133 userauth_none,
134 NULL, /* no abandon function */
135 NULL, NULL, /* method data and hist data */
136 0, /* not really initial userauth */
137 0, 0, 0, /* counters */
138 0, 0, 0, 0, 0, 0 /* state */
139 };
140