- (djm) [openbsd-compat/regress/snprintftest.c]

[openssh.git] / auth2-none.c

diff --git a/auth2-none.c b/auth2-none.c
index 30337fd6dd9c432ad52dc2fae81d56f4e9411194..1e4afa0e7b6386da13b3df6e3a89b1617c6b5114 100644 (file)
--- a/auth2-none.c
+++ b/auth2-none.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: auth2-none.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,16 +24,26 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-none.c,v 1.2 2002/05/31 11:35:15 markus Exp $");
 
-#include "auth.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <fcntl.h>
+
 #include "xmalloc.h"
+#include "key.h"
+#include "hostfile.h"
+#include "auth.h"
 #include "packet.h"
 #include "log.h"
+#include "buffer.h"
 #include "servconf.h"
 #include "atomicio.h"
 #include "compat.h"
 #include "ssh2.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
 #include "monitor_wrap.h"
 
 /* import */
@@ -46,7 +57,7 @@ auth2_read_banner(void)
 {
        struct stat st;
        char *banner = NULL;
-       off_t len, n;
+       size_t len, n;
        int fd;
 
        if ((fd = open(options.banner, O_RDONLY)) == -1)
@@ -55,20 +66,38 @@ auth2_read_banner(void)
                close(fd);
                return (NULL);
        }
-       len = st.st_size;
+       if (st.st_size > 1*1024*1024) {
+               close(fd);
+               return (NULL);
+       }
+
+       len = (size_t)st.st_size;               /* truncate */
        banner = xmalloc(len + 1);
        n = atomicio(read, fd, banner, len);
        close(fd);
 
        if (n != len) {
-               free(banner);
+               xfree(banner);
                return (NULL);
        }
        banner[n] = '\0';
-       
+
        return (banner);
 }
 
+void
+userauth_send_banner(const char *msg)
+{
+       if (datafellows & SSH_BUG_BANNER)
+               return;
+
+       packet_start(SSH2_MSG_USERAUTH_BANNER);
+       packet_put_cstring(msg);
+       packet_put_cstring("");         /* language, unused */
+       packet_send();
+       debug("%s: sent", __func__);
+}
+
 static void
 userauth_banner(void)
 {
@@ -79,16 +108,11 @@ userauth_banner(void)
 
        if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
                goto done;
+       userauth_send_banner(banner);
 
-       packet_start(SSH2_MSG_USERAUTH_BANNER);
-       packet_put_cstring(banner);
-       packet_put_cstring("");         /* language, unused */
-       packet_send();
-       debug("userauth_banner: sent");
 done:
        if (banner)
                xfree(banner);
-       return;
 }
 
 static int
@@ -99,9 +123,11 @@ userauth_none(Authctxt *authctxt)
        userauth_banner();
 #ifdef HAVE_CYGWIN
        if (check_nt_auth(1, authctxt->pw) == 0)
-               return(0);
+               return (0);
 #endif
-       return (authctxt->valid ? PRIVSEP(auth_password(authctxt, "")) : 0);
+       if (options.password_authentication)
+               return (PRIVSEP(auth_password(authctxt, "")));
+       return (0);
 }
 
 Authmethod method_none = {