summaryrefslogtreecommitdiff
path: root/auth2.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth2.c')
-rw-r--r--auth2.c17
1 files changed, 3 insertions, 14 deletions
diff --git a/auth2.c b/auth2.c
index 862e09960..e0034229a 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2.c,v 1.143 2017/06/24 06:34:38 djm Exp $ */ 1/* $OpenBSD: auth2.c,v 1.145 2018/03/03 03:15:51 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -138,9 +138,6 @@ auth2_read_banner(void)
138void 138void
139userauth_send_banner(const char *msg) 139userauth_send_banner(const char *msg)
140{ 140{
141 if (datafellows & SSH_BUG_BANNER)
142 return;
143
144 packet_start(SSH2_MSG_USERAUTH_BANNER); 141 packet_start(SSH2_MSG_USERAUTH_BANNER);
145 packet_put_cstring(msg); 142 packet_put_cstring(msg);
146 packet_put_cstring(""); /* language, unused */ 143 packet_put_cstring(""); /* language, unused */
@@ -153,7 +150,7 @@ userauth_banner(void)
153{ 150{
154 char *banner = NULL; 151 char *banner = NULL;
155 152
156 if (options.banner == NULL || (datafellows & SSH_BUG_BANNER) != 0) 153 if (options.banner == NULL)
157 return; 154 return;
158 155
159 if ((banner = PRIVSEP(auth2_read_banner())) == NULL) 156 if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
@@ -313,7 +310,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
313 310
314 /* Special handling for root */ 311 /* Special handling for root */
315 if (authenticated && authctxt->pw->pw_uid == 0 && 312 if (authenticated && authctxt->pw->pw_uid == 0 &&
316 !auth_root_allowed(method)) { 313 !auth_root_allowed(ssh, method)) {
317 authenticated = 0; 314 authenticated = 0;
318#ifdef SSH_AUDIT_EVENTS 315#ifdef SSH_AUDIT_EVENTS
319 PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); 316 PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
@@ -352,13 +349,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
352 } 349 }
353#endif 350#endif
354 351
355#ifdef _UNICOS
356 if (authenticated && cray_access_denied(authctxt->user)) {
357 authenticated = 0;
358 fatal("Access denied for user %s.", authctxt->user);
359 }
360#endif /* _UNICOS */
361
362 if (authenticated == 1) { 352 if (authenticated == 1) {
363 /* turn off userauth */ 353 /* turn off userauth */
364 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); 354 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
@@ -369,7 +359,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
369 authctxt->success = 1; 359 authctxt->success = 1;
370 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); 360 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
371 } else { 361 } else {
372
373 /* Allow initial try of "none" auth without failure penalty */ 362 /* Allow initial try of "none" auth without failure penalty */
374 if (!partial && !authctxt->server_caused_failure && 363 if (!partial && !authctxt->server_caused_failure &&
375 (authctxt->attempt > 1 || strcmp(method, "none") != 0)) 364 (authctxt->attempt > 1 || strcmp(method, "none") != 0))