From 5ad9fd982037e512355cfd5fe060a554934be243 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Mon, 13 May 2002 11:07:41 +1000
Subject:  - (djm) Bug #231: UsePrivilegeSeparation turns off Banner.

---
 ChangeLog      |  3 ++-
 auth.h         |  4 +++-
 auth2.c        | 43 +++++++++++++++++++++++++++++++------------
 monitor.c      | 23 +++++++++++++++++++++--
 monitor.h      |  3 ++-
 monitor_wrap.c | 20 +++++++++++++++++++-
 monitor_wrap.h |  3 ++-
 7 files changed, 80 insertions(+), 19 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c4e583fe..92afe6b4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 20020513
  - (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
    the superuser receives.
+ - (djm) Bug #231: UsePrivilegeSeparation turns off Banner.
 
 20020511
  - (tim) [configure.ac] applied a rework of djm's OpenSSL search cleanup patch.
@@ -571,4 +572,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2107 2002/05/13 00:48:57 djm Exp $
+$Id: ChangeLog,v 1.2108 2002/05/13 01:07:41 djm Exp $
diff --git a/auth.h b/auth.h
index a336926f..f03a26e0 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: auth.h,v 1.35 2002/03/19 10:35:39 markus Exp $	*/
+/*	$OpenBSD: auth.h,v 1.36 2002/05/12 23:53:45 djm Exp $	*/
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -136,6 +136,8 @@ void	auth_log(Authctxt *, int, char *, char *);
 void	userauth_finish(Authctxt *, int, char *);
 int	auth_root_allowed(char *);
 
+char	*auth2_read_banner(void);
+
 void	privsep_challenge_enable(void);
 
 int	auth2_challenge(Authctxt *, char *);
diff --git a/auth2.c b/auth2.c
index 61fd0a73..20584caa 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.89 2002/03/19 14:27:39 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.90 2002/05/12 23:53:45 djm Exp $");
 
 #include <openssl/evp.h>
 
@@ -283,25 +283,45 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 	}
 }
 
-static void
-userauth_banner(void)
+char *
+auth2_read_banner(void)
 {
 	struct stat st;
 	char *banner = NULL;
 	off_t len, n;
 	int fd;
 
-	if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
-		return;
-	if ((fd = open(options.banner, O_RDONLY)) < 0)
-		return;
-	if (fstat(fd, &st) < 0)
-		goto done;
+	if ((fd = open(options.banner, O_RDONLY)) == -1)
+		return (NULL);
+	if (fstat(fd, &st) == -1) {
+		close(fd);
+		return (NULL);
+	}
 	len = st.st_size;
 	banner = xmalloc(len + 1);
-	if ((n = read(fd, banner, len)) < 0)
-		goto done;
+	n = atomicio(read, fd, banner, len);
+	close(fd);
+
+	if (n != len) {
+		free(banner);
+		return (NULL);
+	}
 	banner[n] = '\0';
+	
+	return (banner);
+}
+
+static void
+userauth_banner(void)
+{
+	char *banner = NULL;
+
+	if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
+		return;
+
+	if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
+		goto done;
+
 	packet_start(SSH2_MSG_USERAUTH_BANNER);
 	packet_put_cstring(banner);
 	packet_put_cstring("");		/* language, unused */
@@ -310,7 +330,6 @@ userauth_banner(void)
 done:
 	if (banner)
 		xfree(banner);
-	close(fd);
 	return;
 }
 
diff --git a/monitor.c b/monitor.c
index a27cf0f3..279ec37f 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.9 2002/03/30 18:51:15 markus Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.10 2002/05/12 23:53:45 djm Exp $");
 
 #include <openssl/dh.h>
 
@@ -96,6 +96,7 @@ struct {
 int mm_answer_moduli(int, Buffer *);
 int mm_answer_sign(int, Buffer *);
 int mm_answer_pwnamallow(int, Buffer *);
+int mm_answer_auth2_read_banner(int, Buffer *);
 int mm_answer_authserv(int, Buffer *);
 int mm_answer_authpassword(int, Buffer *);
 int mm_answer_bsdauthquery(int, Buffer *);
@@ -147,6 +148,7 @@ struct mon_table mon_dispatch_proto20[] = {
     {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
     {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
     {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
+    {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
     {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
 #ifdef USE_PAM
     {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
@@ -524,9 +526,11 @@ mm_answer_pwnamallow(int socket, Buffer *m)
 	/* For SSHv1 allow authentication now */
 	if (!compat20)
 		monitor_permit_authentications(1);
-	else
+	else {
 		/* Allow service/style information on the auth context */
 		monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
+		monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
+	}
 
 #ifdef USE_PAM
 	monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
@@ -535,6 +539,21 @@ mm_answer_pwnamallow(int socket, Buffer *m)
 	return (0);
 }
 
+int mm_answer_auth2_read_banner(int socket, Buffer *m)
+{
+	char *banner;
+
+	buffer_clear(m);
+	banner = auth2_read_banner();
+	buffer_put_cstring(m, banner != NULL ? banner : "");
+	mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
+
+	if (banner != NULL)
+		free(banner);
+
+	return (0);
+}
+
 int
 mm_answer_authserv(int socket, Buffer *m)
 {
diff --git a/monitor.h b/monitor.h
index 56ec9d91..b5db9998 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: monitor.h,v 1.3 2002/03/26 03:24:01 stevesk Exp $     */
+/*	$OpenBSD: monitor.h,v 1.4 2002/05/12 23:53:45 djm Exp $	*/
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -33,6 +33,7 @@ enum monitor_reqtype {
 	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
 	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
 	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
+	MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,
 	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
 	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,
 	MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND,
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 0fe5bc10..38017582 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.5 2002/03/25 20:12:10 stevesk Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.6 2002/05/12 23:53:45 djm Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dh.h>
@@ -207,6 +207,24 @@ mm_getpwnamallow(const char *login)
 	return (pw);
 }
 
+char* mm_auth2_read_banner(void)
+{
+	Buffer m;
+	char *banner;
+
+	debug3("%s entering", __FUNCTION__);
+
+	buffer_init(&m);
+	mm_request_send(monitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m);
+	buffer_clear(&m);
+
+	mm_request_receive_expect(monitor->m_recvfd, MONITOR_ANS_AUTH2_READ_BANNER, &m);
+	banner = buffer_get_string(&m, NULL);
+	buffer_free(&m);
+	
+	return (banner);
+}
+
 /* Inform the privileged process about service and style */
 
 void
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 975ba054..ce721247 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: monitor_wrap.h,v 1.4 2002/03/26 03:24:01 stevesk Exp $	*/
+/*	$OpenBSD: monitor_wrap.h,v 1.5 2002/05/12 23:53:45 djm Exp $	*/
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -44,6 +44,7 @@ DH *mm_choose_dh(int, int, int);
 int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
 void mm_inform_authserv(char *, char *);
 struct passwd *mm_getpwnamallow(const char *);
+char* mm_auth2_read_banner(void);
 int mm_auth_password(struct Authctxt *, char *);
 int mm_key_allowed(enum mm_keytype, char *, char *, Key *);
 int mm_user_key_allowed(struct passwd *, Key *);
-- 
cgit v1.2.3