- (tim) [contrib/cygwin/README] add minires-devel requirement. Patch from

[openssh.git] / auth2-none.c

diff --git a/auth2-none.c b/auth2-none.c
index 720d3c10f13c4e39920579b6eb54c8e54c48d596..2bf5b5c80c931123438a6606e031e49ded76601b 100644 (file)
--- a/auth2-none.c
+++ b/auth2-none.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2-none.c,v 1.3 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $");
 
 #include "auth.h"
 #include "xmalloc.h"
@@ -46,7 +46,7 @@ auth2_read_banner(void)
 {
        struct stat st;
        char *banner = NULL;
-       off_t len, n;
+       size_t len, n;
        int fd;
 
        if ((fd = open(options.banner, O_RDONLY)) == -1)
@@ -55,13 +55,18 @@ auth2_read_banner(void)
                close(fd);
                return (NULL);
        }
-       len = st.st_size;
+       if (st.st_size > 1*1024*1024) {
+               close(fd);
+               return (NULL);
+       }
+
+       len = (size_t)st.st_size;               /* truncate */
        banner = xmalloc(len + 1);
        n = atomicio(read, fd, banner, len);
        close(fd);
 
        if (n != len) {
-               free(banner);
+               xfree(banner);
                return (NULL);
        }
        banner[n] = '\0';
@@ -100,7 +105,9 @@ userauth_none(Authctxt *authctxt)
        if (check_nt_auth(1, authctxt->pw) == 0)
                return(0);
 #endif
-       return (authctxt->valid ? PRIVSEP(auth_password(authctxt, "")) : 0);
+       if (options.password_authentication)
+               return (PRIVSEP(auth_password(authctxt, "")));
+       return (0);
 }
 
 Authmethod method_none = {