Mercurial > dropbear
comparison svr-auth.c @ 818:8fe36617bf4e
Send PAM error messages as a banner messages
Patch from Martin Donnelly, modified.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 03 Oct 2013 23:04:11 +0800 |
parents | d7784616409a |
children | 4095b6d7c9fc |
comparison
equal
deleted
inserted
replaced
817:a625f9e135a4 | 818:8fe36617bf4e |
---|---|
35 #include "runopts.h" | 35 #include "runopts.h" |
36 #include "random.h" | 36 #include "random.h" |
37 | 37 |
38 static void authclear(); | 38 static void authclear(); |
39 static int checkusername(unsigned char *username, unsigned int userlen); | 39 static int checkusername(unsigned char *username, unsigned int userlen); |
40 static void send_msg_userauth_banner(); | |
41 | 40 |
42 /* initialise the first time for a session, resetting all parameters */ | 41 /* initialise the first time for a session, resetting all parameters */ |
43 void svr_authinitialise() { | 42 void svr_authinitialise() { |
44 | 43 |
45 ses.authstate.failcount = 0; | 44 ses.authstate.failcount = 0; |
80 | 79 |
81 } | 80 } |
82 | 81 |
83 /* Send a banner message if specified to the client. The client might | 82 /* Send a banner message if specified to the client. The client might |
84 * ignore this, but possibly serves as a legal "no trespassing" sign */ | 83 * ignore this, but possibly serves as a legal "no trespassing" sign */ |
85 static void send_msg_userauth_banner() { | 84 void send_msg_userauth_banner(buffer *banner) { |
86 | 85 |
87 TRACE(("enter send_msg_userauth_banner")) | 86 TRACE(("enter send_msg_userauth_banner")) |
88 if (svr_opts.banner == NULL) { | |
89 TRACE(("leave send_msg_userauth_banner: banner is NULL")) | |
90 return; | |
91 } | |
92 | 87 |
93 CHECKCLEARTOWRITE(); | 88 CHECKCLEARTOWRITE(); |
94 | 89 |
95 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER); | 90 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER); |
96 buf_putstring(ses.writepayload, buf_getptr(svr_opts.banner, | 91 buf_putstring(ses.writepayload, buf_getptr(banner, banner->len), |
97 svr_opts.banner->len), svr_opts.banner->len); | 92 banner->len); |
98 buf_putstring(ses.writepayload, "en", 2); | 93 buf_putstring(ses.writepayload, "en", 2); |
99 | 94 |
100 encrypt_packet(); | 95 encrypt_packet(); |
101 buf_free(svr_opts.banner); | |
102 svr_opts.banner = NULL; | |
103 | 96 |
104 TRACE(("leave send_msg_userauth_banner")) | 97 TRACE(("leave send_msg_userauth_banner")) |
105 } | 98 } |
106 | 99 |
107 /* handle a userauth request, check validity, pass to password or pubkey | 100 /* handle a userauth request, check validity, pass to password or pubkey |
120 return; | 113 return; |
121 } | 114 } |
122 | 115 |
123 /* send the banner if it exists, it will only exist once */ | 116 /* send the banner if it exists, it will only exist once */ |
124 if (svr_opts.banner) { | 117 if (svr_opts.banner) { |
125 send_msg_userauth_banner(); | 118 send_msg_userauth_banner(svr_opts.banner); |
119 buf_free(svr_opts.banner); | |
120 svr_opts.banner = NULL; | |
126 } | 121 } |
127 | 122 |
128 username = buf_getstring(ses.payload, &userlen); | 123 username = buf_getstring(ses.payload, &userlen); |
129 servicename = buf_getstring(ses.payload, &servicelen); | 124 servicename = buf_getstring(ses.payload, &servicelen); |
130 methodname = buf_getstring(ses.payload, &methodlen); | 125 methodname = buf_getstring(ses.payload, &methodlen); |