Bug 707

Summary: missing banner file now prints empty line
Product: Portable OpenSSH Reporter: Al Smith <Al.Smith>
Component: sshdAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED FIXED    
Severity: trivial    
Priority: P5    
Version: -current   
Hardware: All   
OS: All   
Attachments:
Description Flags
patch none

Description Al Smith 2003-09-24 01:30:33 AEST 
New in 3.7p1 and above, if the banner file is missing then sshd will send a
banner to an SSH2 client, containing a newline.

auth2_read_banner() correctly returns a NULL if the file is missing, but
this is lost in the privsep: if in auth2-none.c the PRIVSEP() is removed from
auth2_read_banner() then everything works fine.

Upon further analysis I came to the conclusion that
mm_answer_auth2_read_banner() will return either a banner string,
or an empty string. It will never return NULL, so presumably
mm_auth2_read_banner() will also never return NULL to its caller
in userauth_banner().

A patch will be attached. It could be better.
And a better solution is to just not point UseBanner to an non-existant file!
Comment 1 Al Smith 2003-09-24 01:31:42 AEST 
Created attachment 459 [details]
patch
Comment 2 Darren Tucker 2003-10-07 16:50:26 AEST 
This has been fixed in OpenBSD and will appear in -Portable's snapshots shortly.
Comment 3 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED