diff options
Diffstat (limited to 'auth2.c')
| -rw-r--r-- | auth2.c | 17 |
1 files changed, 3 insertions, 14 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2.c,v 1.143 2017/06/24 06:34:38 djm Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.145 2018/03/03 03:15:51 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -138,9 +138,6 @@ auth2_read_banner(void) | |||
| 138 | void | 138 | void |
| 139 | userauth_send_banner(const char *msg) | 139 | userauth_send_banner(const char *msg) |
| 140 | { | 140 | { |
| 141 | if (datafellows & SSH_BUG_BANNER) | ||
| 142 | return; | ||
| 143 | |||
| 144 | packet_start(SSH2_MSG_USERAUTH_BANNER); | 141 | packet_start(SSH2_MSG_USERAUTH_BANNER); |
| 145 | packet_put_cstring(msg); | 142 | packet_put_cstring(msg); |
| 146 | packet_put_cstring(""); /* language, unused */ | 143 | packet_put_cstring(""); /* language, unused */ |
| @@ -153,7 +150,7 @@ userauth_banner(void) | |||
| 153 | { | 150 | { |
| 154 | char *banner = NULL; | 151 | char *banner = NULL; |
| 155 | 152 | ||
| 156 | if (options.banner == NULL || (datafellows & SSH_BUG_BANNER) != 0) | 153 | if (options.banner == NULL) |
| 157 | return; | 154 | return; |
| 158 | 155 | ||
| 159 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) | 156 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
| @@ -313,7 +310,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 313 | 310 | ||
| 314 | /* Special handling for root */ | 311 | /* Special handling for root */ |
| 315 | if (authenticated && authctxt->pw->pw_uid == 0 && | 312 | if (authenticated && authctxt->pw->pw_uid == 0 && |
| 316 | !auth_root_allowed(method)) { | 313 | !auth_root_allowed(ssh, method)) { |
| 317 | authenticated = 0; | 314 | authenticated = 0; |
| 318 | #ifdef SSH_AUDIT_EVENTS | 315 | #ifdef SSH_AUDIT_EVENTS |
| 319 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); | 316 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); |
| @@ -352,13 +349,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 352 | } | 349 | } |
| 353 | #endif | 350 | #endif |
| 354 | 351 | ||
| 355 | #ifdef _UNICOS | ||
| 356 | if (authenticated && cray_access_denied(authctxt->user)) { | ||
| 357 | authenticated = 0; | ||
| 358 | fatal("Access denied for user %s.", authctxt->user); | ||
| 359 | } | ||
| 360 | #endif /* _UNICOS */ | ||
| 361 | |||
| 362 | if (authenticated == 1) { | 352 | if (authenticated == 1) { |
| 363 | /* turn off userauth */ | 353 | /* turn off userauth */ |
| 364 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); | 354 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); |
| @@ -369,7 +359,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 369 | authctxt->success = 1; | 359 | authctxt->success = 1; |
| 370 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | 360 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); |
| 371 | } else { | 361 | } else { |
| 372 | |||
| 373 | /* Allow initial try of "none" auth without failure penalty */ | 362 | /* Allow initial try of "none" auth without failure penalty */ |
| 374 | if (!partial && !authctxt->server_caused_failure && | 363 | if (!partial && !authctxt->server_caused_failure && |
| 375 | (authctxt->attempt > 1 || strcmp(method, "none") != 0)) | 364 | (authctxt->attempt > 1 || strcmp(method, "none") != 0)) |