implement option 'Banner /etc/issue.net' for ssh2, move version to

2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
is enabled).

8 files changed, 64 insertions, 9 deletions

diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index 844d39a81f4..9df3d720efc 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.24 2000/12/28 14:25:51 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.25 2001/01/08 22:29:05 markus Exp $");
 
 #include <openssl/dsa.h>
 #include <openssl/rsa.h>
@@ -79,6 +79,7 @@ int	user_key_allowed(struct passwd *pw, Key *key);
 char	*authmethods_get(void);
 
 /* auth */
+void	userauth_banner(void);
 int	userauth_none(Authctxt *authctxt);
 int	userauth_passwd(Authctxt *authctxt);
 int	userauth_pubkey(Authctxt *authctxt);
@@ -236,6 +237,39 @@ input_userauth_request(int type, int plen, void *ctxt)
 	xfree(method);
 }
 
+void
+userauth_banner(void)
+{
+	struct stat st;
+	char *banner = NULL;
+	off_t len, n;
+	int fd;
+
+	if (options.banner == NULL || (datafellows & SSH_BUG_BANNER))
+		return;
+	if ((fd = open(options.banner, O_RDONLY)) < 0) {
+		error("userauth_banner: open %s failed: %s",
+		    options.banner, strerror(errno));
+		return;
+	}
+	if (fstat(fd, &st) < 0)
+		goto done;
+	len = st.st_size;
+	banner = xmalloc(len + 1);
+	if ((n = read(fd, banner, len)) < 0)
+		goto done;
+	banner[n] = '\0';
+	packet_start(SSH2_MSG_USERAUTH_BANNER);
+	packet_put_cstring(banner);
+	packet_put_cstring("");		/* language, unused */
+	packet_send();
+	debug("userauth_banner: sent");
+done:
+	if (banner)
+		xfree(banner);
+	close(fd);
+	return;
+}
 
 void
 userauth_log(Authctxt *authctxt, int authenticated, char *method)
@@ -308,6 +342,7 @@ userauth_none(Authctxt *authctxt)
 	if (m != NULL)
 		m->enabled = NULL;
 	packet_done();
+	userauth_banner();
 	return authctxt->valid ? auth_password(authctxt->pw, "") : 0;
 }
 
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index fb3c7475366..c7df1906b06 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.32 2000/12/09 23:51:11 provos Exp $");
+RCSID("$OpenBSD: compat.c,v 1.33 2001/01/08 22:29:05 markus Exp $");
 
 #include "ssh.h"
 #include "packet.h"
@@ -58,7 +58,10 @@ compat_datafellows(const char *version)
 		char	*pat;
 		int	bugs;
 	} check[] = {
-		{ "^OpenSSH[-_]2\\.[012]",	SSH_OLD_SESSIONID },
+		{ "^OpenSSH[-_]2\\.[012]",
+					SSH_OLD_SESSIONID|SSH_BUG_BANNER },
+		{ "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER },
+		{ "^OpenSSH",		0 },
 		{ "MindTerm",		0 },
 		{ "^2\\.1\\.0",		SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 					SSH_OLD_SESSIONID|SSH_BUG_DEBUG },
diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h
index cf97c7d2807..fb65cd6d631 100644
--- a/usr.bin/ssh/compat.h
+++ b/usr.bin/ssh/compat.h
@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: compat.h,v 1.13 2000/12/06 22:58:15 markus Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.14 2001/01/08 22:29:05 markus Exp $"); */
 
 #ifndef COMPAT_H
 #define COMPAT_H
@@ -38,6 +38,7 @@
 #define SSH_OLD_SESSIONID	0x10
 #define SSH_BUG_PKAUTH		0x20
 #define SSH_BUG_DEBUG		0x40
+#define SSH_BUG_BANNER		0x80
 
 void    enable_compat13(void);
 void    enable_compat20(void);
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 6604e3d2349..fb42d74ef16 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.56 2001/01/07 11:28:06 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.57 2001/01/08 22:29:05 markus Exp $");
 
 #include "ssh.h"
 #include "servconf.h"
@@ -78,6 +78,7 @@ initialize_server_options(ServerOptions *options)
 	options->max_startups_begin = -1;
 	options->max_startups_rate = -1;
 	options->max_startups = -1;
+	options->banner = NULL;
 }
 
 void
@@ -198,6 +199,7 @@ typedef enum {
 	sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
 	sIgnoreUserKnownHosts, sCiphers, sProtocol, sPidFile,
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
+	sBanner
 } ServerOpCodes;
 
 /* Textual representation of the tokens. */
@@ -257,6 +259,7 @@ static struct {
 	{ "gatewayports", sGatewayPorts },
 	{ "subsystem", sSubsystem },
 	{ "maxstartups", sMaxStartups },
+	{ "banner", sBanner },
 	{ NULL, 0 }
 };
 
@@ -697,6 +700,10 @@ parse_flag:
 			intptr = &options->max_startups;
 			goto parse_int;
 
+		case sBanner:
+			charptr = &options->banner;
+			goto parse_filename;
+			
 		default:
 			fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
 				filename, linenum, arg, opcode);
diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h
index 7d5016662ca..532b22f6e67 100644
--- a/usr.bin/ssh/servconf.h
+++ b/usr.bin/ssh/servconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: servconf.h,v 1.32 2000/12/19 23:17:58 markus Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.33 2001/01/08 22:29:05 markus Exp $"); */
 
 #ifndef SERVCONF_H
 #define SERVCONF_H
@@ -104,6 +104,7 @@ typedef struct {
 	int	max_startups_begin;
 	int	max_startups_rate;
 	int	max_startups;
+	char   *banner;			/* SSH-2 banner message */
 
 }       ServerOptions;
 /*
diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index d6232f4b253..fef26b50bc6 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.79 2001/01/07 11:28:07 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.80 2001/01/08 22:29:05 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -333,6 +333,13 @@ wildcards in the patterns.
 Only user names are valid; a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
 .Pp
+.It Cm Banner
+In some jurisdictions, sending a warning message before authentication
+may be relevant for getting legal protection.
+The contents of the specified file are sent to the remote user before
+authentication is allowed.
+This option is only available for protocol version 2.
+.Pp
 .It Cm Ciphers
 Specifies the ciphers allowed for protocol version 2.
 Multiple ciphers must be comma-separated.
diff --git a/usr.bin/ssh/sshd_config b/usr.bin/ssh/sshd_config
index cad63dd4d52..ad8db2746cf 100644
--- a/usr.bin/ssh/sshd_config
+++ b/usr.bin/ssh/sshd_config
@@ -56,3 +56,4 @@ PermitEmptyPasswords no
 # Uncomment if you want to enable sftp
 #Subsystem	sftp	/usr/libexec/sftp-server
 #MaxStartups 10:30:60
+#Banner /etc/issue.net
diff --git a/usr.bin/ssh/version.h b/usr.bin/ssh/version.h
index d60c9dfc841..eda3d733d97 100644
--- a/usr.bin/ssh/version.h
+++ b/usr.bin/ssh/version.h
@@ -1,3 +1,3 @@
-/* $OpenBSD: version.h,v 1.15 2000/12/27 14:10:13 markus Exp $ */
+/* $OpenBSD: version.h,v 1.16 2001/01/08 22:29:05 markus Exp $ */
 
-#define SSH_VERSION	"OpenSSH_2.3.0"
+#define SSH_VERSION	"OpenSSH_2.3.1"