Attachment #91 for bug #230

View | Details | Raw Unified | Return to bug 230
Collapse All | Expand All

Lines 136-141 Link Here

(-)auth.h (+2 lines)
136	void userauth_finish(Authctxt , int, char );	136	void userauth_finish(Authctxt , int, char );
137	int auth_root_allowed(char *);	137	int auth_root_allowed(char *);
138		138
		139	char *auth2_read_banner(void);
		140
139	void privsep_challenge_enable(void);	141	void privsep_challenge_enable(void);
140		142
141	int auth2_challenge(Authctxt , char );	143	int auth2_challenge(Authctxt , char );




	}
}

char *
auth2_read_banner(void)
{
	struct stat st;
	char *banner = NULL;
	off_t len, n;
	int fd;

	if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
		return;
	if ((fd = open(options.banner, O_RDONLY)) < 0)
		return (NULL);
	if (fstat(fd, &st) < 0) {
		close(fd);
		return (NULL);
	}
	len = st.st_size;
	banner = xmalloc(len + 1);
	n = read(fd, banner, len);
	close(fd);

	if (n < 0) {
		free(banner);
		return(NULL);
	}
	banner[n] = '\0';
	
	return (banner);
}

static void
userauth_banner(void)
{
	char *banner = NULL;

	if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
		return;

	if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
		goto done;

	packet_start(SSH2_MSG_USERAUTH_BANNER);
	packet_put_cstring(banner);
	packet_put_cstring("");		/* language, unused */

done:
	if (banner)
		xfree(banner);
	close(fd);
	return;
}





int mm_answer_moduli(int, Buffer *);
int mm_answer_sign(int, Buffer *);
int mm_answer_pwnamallow(int, Buffer *);
int mm_answer_auth2_read_banner(int, Buffer *);
int mm_answer_authserv(int, Buffer *);
int mm_answer_authpassword(int, Buffer *);
int mm_answer_bsdauthquery(int, Buffer *);

    {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
    {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
    {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
    {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
    {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
#ifdef USE_PAM
    {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},

	/* For SSHv1 allow authentication now */
	if (!compat20)
		monitor_permit_authentications(1);
	else {
		/* Allow service/style information on the auth context */
		monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
		monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
	}


	return (0);
}

int mm_answer_auth2_read_banner(int socket, Buffer *m)
{
	char *banner;

	buffer_clear(m);

	banner = auth2_read_banner();
	
	buffer_put_cstring(m, banner != NULL ? banner : "");
	
	mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
	
	return (0);
}


Lines 33-38 Link Here

(-)monitor.h (+1 lines)
33	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,	33	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
34	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,	34	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
35	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,	35	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
		36	MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,
36	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,	37	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
37	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,	38	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,
38	MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND,	39	MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND,




	return (pw);
}

char* mm_auth2_read_banner(void)
{
	Buffer m;
	char *banner;

	debug3("%s entering", __FUNCTION__);

	buffer_init(&m);

	mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);

	buffer_clear(&m);

	mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m);

	banner = buffer_get_string(&m, NULL);

	buffer_free(&m);
	
	return (banner);
}

/* Inform the privileged process about service and style */

void

Lines 44-49 Link Here

(-)monitor_wrap.h (+1 lines)
44	int mm_key_sign(Key , u_char , u_int , u_char *, u_int);	44	int mm_key_sign(Key , u_char , u_int , u_char *, u_int);
45	void mm_inform_authserv(char , char );	45	void mm_inform_authserv(char , char );
46	struct passwd mm_getpwnamallow(const char );	46	struct passwd mm_getpwnamallow(const char );
		47	char* mm_auth2_read_banner(void);
47	int mm_auth_password(struct Authctxt , char );	48	int mm_auth_password(struct Authctxt , char );
48	int mm_key_allowed(enum mm_keytype, char , char , Key *);	49	int mm_key_allowed(enum mm_keytype, char , char , Key *);
49	int mm_user_key_allowed(struct passwd , Key );	50	int mm_user_key_allowed(struct passwd , Key );

Return to bug 230

Lines 281-305 Link Here

(-)auth2.c (-10 / +29 lines)
281	}	281	}
282	}	282	}
283		283
284	static void	284	char *
285	userauth_banner(void)	285	auth2_read_banner(void)
286	{	286	{
287	struct stat st;	287	struct stat st;
288	char *banner = NULL;	288	char *banner = NULL;
289	off_t len, n;	289	off_t len, n;
290	int fd;	290	int fd;
291		291
292	if (options.banner == NULL \|\| (datafellows & SSH_BUG_BANNER))
293	return;
294	if ((fd = open(options.banner, O_RDONLY)) < 0)	292	if ((fd = open(options.banner, O_RDONLY)) < 0)
295	return;	293	return (NULL);
296	if (fstat(fd, &st) < 0)	294	if (fstat(fd, &st) < 0) {
297	goto done;	295	close(fd);
		296	return (NULL);
		297	}
298	len = st.st_size;	298	len = st.st_size;
299	banner = xmalloc(len + 1);	299	banner = xmalloc(len + 1);
300	if ((n = read(fd, banner, len)) < 0)	300	n = read(fd, banner, len);
301	goto done;	301	close(fd);
		302
		303	if (n < 0) {
		304	free(banner);
		305	return(NULL);
		306	}
302	banner[n] = '\0';	307	banner[n] = '\0';
		308
		309	return (banner);
		310	}
		311
		312	static void
		313	userauth_banner(void)
		314	{
		315	char *banner = NULL;
		316
		317	if (options.banner == NULL \|\| (datafellows & SSH_BUG_BANNER))
		318	return;
		319
		320	if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
		321	goto done;
		322
303	packet_start(SSH2_MSG_USERAUTH_BANNER);	323	packet_start(SSH2_MSG_USERAUTH_BANNER);
304	packet_put_cstring(banner);	324	packet_put_cstring(banner);
305	packet_put_cstring(""); /* language, unused */	325	packet_put_cstring(""); /* language, unused */
Lines 308-314 Link Here
308	done:	328	done:
309	if (banner)	329	if (banner)
310	xfree(banner);	330	xfree(banner);
311	close(fd);
312	return;	331	return;
313	}	332	}
314		333

Lines 96-101 Link Here

(-)monitor.c (-1 / +20 lines)
96	int mm_answer_moduli(int, Buffer *);	96	int mm_answer_moduli(int, Buffer *);
97	int mm_answer_sign(int, Buffer *);	97	int mm_answer_sign(int, Buffer *);
98	int mm_answer_pwnamallow(int, Buffer *);	98	int mm_answer_pwnamallow(int, Buffer *);
		99	int mm_answer_auth2_read_banner(int, Buffer *);
99	int mm_answer_authserv(int, Buffer *);	100	int mm_answer_authserv(int, Buffer *);
100	int mm_answer_authpassword(int, Buffer *);	101	int mm_answer_authpassword(int, Buffer *);
101	int mm_answer_bsdauthquery(int, Buffer *);	102	int mm_answer_bsdauthquery(int, Buffer *);
Lines 147-152 Link Here
147	{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},	148	{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
148	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},	149	{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
149	{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},	150	{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
		151	{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
150	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},	152	{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
151	#ifdef USE_PAM	153	#ifdef USE_PAM
152	{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},	154	{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
Lines 521-531 Link Here
521	/* For SSHv1 allow authentication now */	523	/* For SSHv1 allow authentication now */
522	if (!compat20)	524	if (!compat20)
523	monitor_permit_authentications(1);	525	monitor_permit_authentications(1);
524	else	526	else {
525	/* Allow service/style information on the auth context */	527	/* Allow service/style information on the auth context */
526	monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);	528	monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
		529	monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
		530	}
		531
		532
		533	return (0);
		534	}
		535
		536	int mm_answer_auth2_read_banner(int socket, Buffer *m)
		537	{
		538	char *banner;
527		539
		540	buffer_clear(m);
528		541
		542	banner = auth2_read_banner();
		543
		544	buffer_put_cstring(m, banner != NULL ? banner : "");
		545
		546	mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
		547
529	return (0);	548	return (0);
530	}	549	}
531		550

Lines 207-212 Link Here

(-)monitor_wrap.c (+22 lines)
207	return (pw);	207	return (pw);
208	}	208	}
209		209
		210	char* mm_auth2_read_banner(void)
		211	{
		212	Buffer m;
		213	char *banner;
		214
		215	debug3("%s entering", __FUNCTION__);
		216
		217	buffer_init(&m);
		218
		219	mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
		220
		221	buffer_clear(&m);
		222
		223	mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m);
		224
		225	banner = buffer_get_string(&m, NULL);
		226
		227	buffer_free(&m);
		228
		229	return (banner);
		230	}
		231
210	/* Inform the privileged process about service and style */	232	/* Inform the privileged process about service and style */
211		233
212	void	234	void