diff options
Diffstat (limited to 'auth2.c')
| -rw-r--r-- | auth2.c | 17 |
1 files changed, 3 insertions, 14 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2.c,v 1.143 2017/06/24 06:34:38 djm Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.145 2018/03/03 03:15:51 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -140,9 +140,6 @@ auth2_read_banner(void) | |||
| 140 | void | 140 | void |
| 141 | userauth_send_banner(const char *msg) | 141 | userauth_send_banner(const char *msg) |
| 142 | { | 142 | { |
| 143 | if (datafellows & SSH_BUG_BANNER) | ||
| 144 | return; | ||
| 145 | |||
| 146 | packet_start(SSH2_MSG_USERAUTH_BANNER); | 143 | packet_start(SSH2_MSG_USERAUTH_BANNER); |
| 147 | packet_put_cstring(msg); | 144 | packet_put_cstring(msg); |
| 148 | packet_put_cstring(""); /* language, unused */ | 145 | packet_put_cstring(""); /* language, unused */ |
| @@ -155,7 +152,7 @@ userauth_banner(void) | |||
| 155 | { | 152 | { |
| 156 | char *banner = NULL; | 153 | char *banner = NULL; |
| 157 | 154 | ||
| 158 | if (options.banner == NULL || (datafellows & SSH_BUG_BANNER) != 0) | 155 | if (options.banner == NULL) |
| 159 | return; | 156 | return; |
| 160 | 157 | ||
| 161 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) | 158 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
| @@ -321,7 +318,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 321 | 318 | ||
| 322 | /* Special handling for root */ | 319 | /* Special handling for root */ |
| 323 | if (authenticated && authctxt->pw->pw_uid == 0 && | 320 | if (authenticated && authctxt->pw->pw_uid == 0 && |
| 324 | !auth_root_allowed(method)) { | 321 | !auth_root_allowed(ssh, method)) { |
| 325 | authenticated = 0; | 322 | authenticated = 0; |
| 326 | #ifdef SSH_AUDIT_EVENTS | 323 | #ifdef SSH_AUDIT_EVENTS |
| 327 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); | 324 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); |
| @@ -360,13 +357,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 360 | } | 357 | } |
| 361 | #endif | 358 | #endif |
| 362 | 359 | ||
| 363 | #ifdef _UNICOS | ||
| 364 | if (authenticated && cray_access_denied(authctxt->user)) { | ||
| 365 | authenticated = 0; | ||
| 366 | fatal("Access denied for user %s.", authctxt->user); | ||
| 367 | } | ||
| 368 | #endif /* _UNICOS */ | ||
| 369 | |||
| 370 | if (authenticated == 1) { | 360 | if (authenticated == 1) { |
| 371 | /* turn off userauth */ | 361 | /* turn off userauth */ |
| 372 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); | 362 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); |
| @@ -377,7 +367,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 377 | authctxt->success = 1; | 367 | authctxt->success = 1; |
| 378 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | 368 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); |
| 379 | } else { | 369 | } else { |
| 380 | |||
| 381 | /* Allow initial try of "none" auth without failure penalty */ | 370 | /* Allow initial try of "none" auth without failure penalty */ |
| 382 | if (!partial && !authctxt->server_caused_failure && | 371 | if (!partial && !authctxt->server_caused_failure && |
| 383 | (authctxt->attempt > 1 || strcmp(method, "none") != 0)) | 372 | (authctxt->attempt > 1 || strcmp(method, "none") != 0)) |