xref: /openbsd-src/usr.bin/ssh/auth2-none.c (revision d874cce4b1d9fe6b41c9e4f2117a77d8a4a37b92) 
1 /* $OpenBSD: auth2-none.c,v 1.14 2007/08/23 03:22:16 djm Exp $ */
2 /*
3  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <sys/uio.h>
29 
30 #include <fcntl.h>
31 #include <unistd.h>
32 #include <string.h>
33 
34 #include "xmalloc.h"
35 #include "key.h"
36 #include "hostfile.h"
37 #include "auth.h"
38 #include "packet.h"
39 #include "log.h"
40 #include "buffer.h"
41 #include "servconf.h"
42 #include "atomicio.h"
43 #include "compat.h"
44 #include "ssh2.h"
45 #ifdef GSSAPI
46 #include "ssh-gss.h"
47 #endif
48 #include "monitor_wrap.h"
49 
50 /* import */
51 extern ServerOptions options;
52 
53 /* "none" is allowed only one time */
54 static int none_enabled = 1;
55 
56 char *
57 auth2_read_banner(void)
58 {
59 	struct stat st;
60 	char *banner = NULL;
61 	size_t len, n;
62 	int fd;
63 
64 	if ((fd = open(options.banner, O_RDONLY)) == -1)
65 		return (NULL);
66 	if (fstat(fd, &st) == -1) {
67 		close(fd);
68 		return (NULL);
69 	}
70 	if (st.st_size > 1*1024*1024) {
71 		close(fd);
72 		return (NULL);
73 	}
74 
75 	len = (size_t)st.st_size;		/* truncate */
76 	banner = xmalloc(len + 1);
77 	n = atomicio(read, fd, banner, len);
78 	close(fd);
79 
80 	if (n != len) {
81 		xfree(banner);
82 		return (NULL);
83 	}
84 	banner[n] = '\0';
85 
86 	return (banner);
87 }
88 
89 static void
90 userauth_banner(void)
91 {
92 	char *banner = NULL;
93 
94 	if (options.banner == NULL ||
95 	    strcasecmp(options.banner, "none") == 0 ||
96 	    (datafellows & SSH_BUG_BANNER) != 0)
97 		return;
98 
99 	if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
100 		goto done;
101 
102 	packet_start(SSH2_MSG_USERAUTH_BANNER);
103 	packet_put_cstring(banner);
104 	packet_put_cstring("");		/* language, unused */
105 	packet_send();
106 	debug("userauth_banner: sent");
107 done:
108 	if (banner)
109 		xfree(banner);
110 }
111 
112 static int
113 userauth_none(Authctxt *authctxt)
114 {
115 	none_enabled = 0;
116 	packet_check_eom();
117 	userauth_banner();
118 	if (options.password_authentication)
119 		return (PRIVSEP(auth_password(authctxt, "")));
120 	return (0);
121 }
122 
123 Authmethod method_none = {
124 	"none",
125 	userauth_none,
126 	&none_enabled
127 };
128