X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/884dc78b37d30d2afc7a88c60fd6a88563d126d7..9c941fe441da210762824b0d4fb76b03f866248c:/openssh/auth2-none.c?ds=sidebyside

diff --git a/openssh/auth2-none.c b/openssh/auth2-none.c
index 720d3c1..952b448 100644
--- a/openssh/auth2-none.c
+++ b/openssh/auth2-none.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,16 +24,29 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-none.c,v 1.3 2002/06/19 00:27:55 deraadt Exp $");
 
-#include "auth.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/uio.h>
+
+#include <fcntl.h>
+#include <stdarg.h>
+#include <unistd.h>
+
 #include "xmalloc.h"
+#include "key.h"
+#include "hostfile.h"
+#include "auth.h"
 #include "packet.h"
 #include "log.h"
+#include "buffer.h"
 #include "servconf.h"
 #include "atomicio.h"
 #include "compat.h"
 #include "ssh2.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
 #include "monitor_wrap.h"
 
 /* import */
@@ -46,7 +60,7 @@ auth2_read_banner(void)
 {
 	struct stat st;
 	char *banner = NULL;
-	off_t len, n;
+	size_t len, n;
 	int fd;
 
 	if ((fd = open(options.banner, O_RDONLY)) == -1)
@@ -55,13 +69,18 @@ auth2_read_banner(void)
 		close(fd);
 		return (NULL);
 	}
-	len = st.st_size;
+	if (st.st_size > 1*1024*1024) {
+		close(fd);
+		return (NULL);
+	}
+
+	len = (size_t)st.st_size;		/* truncate */
 	banner = xmalloc(len + 1);
 	n = atomicio(read, fd, banner, len);
 	close(fd);
 
 	if (n != len) {
-		free(banner);
+		xfree(banner);
 		return (NULL);
 	}
 	banner[n] = '\0';
@@ -69,6 +88,19 @@ auth2_read_banner(void)
 	return (banner);
 }
 
+void
+userauth_send_banner(const char *msg)
+{
+	if (datafellows & SSH_BUG_BANNER)
+		return;
+
+	packet_start(SSH2_MSG_USERAUTH_BANNER);
+	packet_put_cstring(msg);
+	packet_put_cstring("");		/* language, unused */
+	packet_send();
+	debug("%s: sent", __func__);
+}
+
 static void
 userauth_banner(void)
 {
@@ -79,12 +111,8 @@ userauth_banner(void)
 
 	if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
 		goto done;
+	userauth_send_banner(banner);
 
-	packet_start(SSH2_MSG_USERAUTH_BANNER);
-	packet_put_cstring(banner);
-	packet_put_cstring("");		/* language, unused */
-	packet_send();
-	debug("userauth_banner: sent");
 done:
 	if (banner)
 		xfree(banner);
@@ -98,9 +126,11 @@ userauth_none(Authctxt *authctxt)
 	userauth_banner();
 #ifdef HAVE_CYGWIN
 	if (check_nt_auth(1, authctxt->pw) == 0)
-		return(0);
+		return (0);
 #endif
-	return (authctxt->valid ? PRIVSEP(auth_password(authctxt, "")) : 0);
+	if (options.password_authentication)
+		return (PRIVSEP(auth_password(authctxt, "")));
+	return (0);
 }
 
 Authmethod method_none = {