1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Uppity: configurable SSH-2 authentication banner.

I've had to test banner handling several times recently, what with
trust sigils and the fix for CONF_ssh_show_banner. So it's the thing
I've most wanted to keep reconfiguring about Uppity so far.
This commit is contained in:
Simon Tatham 2019-03-28 18:36:45 +00:00
parent 8a884eaef9
commit e566972f00
3 changed files with 25 additions and 1 deletions

View File

@ -127,6 +127,13 @@ static void ssh2_userauth_server_process_queue(PacketProtocolLayer *ppl)
s->session_id = ssh2_transport_get_session_id(s->transport_layer);
if (s->ssc->banner.ptr) {
pktout = ssh_bpp_new_pktout(s->ppl.bpp, SSH2_MSG_USERAUTH_BANNER);
put_stringpl(pktout, s->ssc->banner);
put_stringz(pktout, ""); /* language tag */
pq_push(s->ppl.out_pq, pktout);
}
while (1) {
crMaybeWaitUntilV((pktin = ssh2_userauth_server_pop(s)) != NULL);
if (pktin->type != SSH2_MSG_USERAUTH_REQUEST) {

View File

@ -1,7 +1,7 @@
typedef struct AuthPolicy AuthPolicy;
struct SshServerConfig {
int dummy; /* no fields in here yet */
ptrlen banner; /* banner.ptr == NULL indicates no banner */
};
Plug *ssh_server_plug(

View File

@ -510,6 +510,23 @@ int main(int argc, char **argv)
"(%s)\n", appname, val, key_type_to_str(keytype));
exit(1);
}
} else if (longoptarg(arg, "--bannerfile", &val, &argc, &argv)) {
FILE *fp = fopen(val, "r");
if (!fp) {
fprintf(stderr, "%s: %s: open: %s\n", appname,
val, strerror(errno));
exit(1);
}
strbuf *sb = strbuf_new();
if (!read_file_into(BinarySink_UPCAST(sb), fp)) {
fprintf(stderr, "%s: %s: read: %s\n", appname,
val, strerror(errno));
exit(1);
}
fclose(fp);
ssc.banner = ptrlen_from_strbuf(sb);
} else if (longoptarg(arg, "--bannertext", &val, &argc, &argv)) {
ssc.banner = ptrlen_from_asciz(val);
} else if (longoptarg(arg, "--sshlog", &val, &argc, &argv) ||
longoptarg(arg, "-sshlog", &val, &argc, &argv)) {
Filename *logfile = filename_from_str(val);