1 /*
   2  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions
   6  * are met:
   7  * 1. Redistributions of source code must retain the above copyright
   8  *    notice, this list of conditions and the following disclaimer.
   9  * 2. Redistributions in binary form must reproduce the above copyright
  10  *    notice, this list of conditions and the following disclaimer in the
  11  *    documentation and/or other materials provided with the distribution.
  12  *
  13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  23  */
  24 /*
  25  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  26  * Use is subject to license terms.
  27  */
  28 
  29 #include "includes.h"
  30 RCSID("$OpenBSD: auth2-none.c,v 1.4 2002/06/27 10:35:47 deraadt Exp $");
  31 
  32 #include "auth.h"
  33 #include "xmalloc.h"
  34 #include "packet.h"
  35 #include "log.h"
  36 #include "servconf.h"
  37 #include "atomicio.h"
  38 #include "compat.h"
  39 #include "ssh2.h"
  40 
  41 /* import */
  42 extern ServerOptions options;
  43 
  44 /* "none" is allowed only one time */
  45 static int none_enabled = 1;
  46 
  47 char *
  48 auth2_read_banner(void)
  49 {
  50         struct stat st;
  51         char *banner, *ubanner, *errstr;
  52         off_t len, n;
  53         int fd;
  54         uint_t ilen;
  55 
  56         if ((fd = open(options.banner, O_RDONLY)) == -1)
  57                 return (NULL);
  58         if (fstat(fd, &st) == -1) {
  59                 close(fd);
  60                 return (NULL);
  61         }
  62         len = st.st_size;
  63         banner = xmalloc(len + 1);
  64         n = atomicio(read, fd, banner, len);
  65         close(fd);
  66 
  67         if (n != len) {
  68                 xfree(banner);
  69                 return (NULL);
  70         }
  71         banner[n] = '\0';
  72 
  73         if (datafellows & SSH_BUG_STRING_ENCODING) {
  74                 ubanner = banner;
  75         } else {
  76                 ilen = (uint_t)n;
  77                 ubanner = g11n_convert_to_utf8(banner, &ilen, 1, &errstr);
  78                 if (ubanner == NULL) {
  79                         if (errstr != NULL) {
  80                                 error("Can't convert banner contents "
  81                                     "to UTF-8: %s\n", errstr);
  82                         }
  83                         ubanner = banner;
  84                 } else {
  85                         xfree(banner);
  86                 }
  87         }
  88 
  89         return (ubanner);
  90 }
  91 
  92 static void
  93 userauth_banner(void)
  94 {
  95         char *banner = NULL;
  96 
  97         if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
  98                 return;
  99 
 100         if ((banner = auth2_read_banner()) == NULL)
 101                 goto done;
 102 
 103         packet_start(SSH2_MSG_USERAUTH_BANNER);
 104         packet_put_cstring(banner);
 105         packet_put_cstring("");         /* language, unused */
 106         packet_send();
 107         debug("userauth_banner: sent");
 108 done:
 109         if (banner)
 110                 xfree(banner);
 111 }
 112 
 113 static void
 114 userauth_none(Authctxt *authctxt)
 115 {
 116         none_enabled = 0;
 117 
 118         if (!authctxt || !authctxt->method)
 119                 fatal("%s: missing context", __func__);
 120 
 121         packet_check_eom();
 122         userauth_banner();
 123 #ifdef HAVE_CYGWIN
 124         if (check_nt_auth(1, authctxt->pw) == 0)
 125                 return (0);
 126 #endif
 127         authctxt->method->authenticated = auth_password(authctxt, "");
 128 }
 129 
 130 Authmethod method_none = {
 131         "none",
 132         &none_enabled,
 133         userauth_none,
 134         NULL,               /* no abandon function */
 135         NULL, NULL,         /* method data and hist data */
 136         0,                  /* not really initial userauth */
 137         0, 0, 0,            /* counters */
 138         0, 0, 0, 0, 0, 0    /* state */
 139 };