diff options
| author | Dennis Kaarsemaker <dennis@kaarsemaker.net> | 2017-07-06 00:22:55 +0200 |
|---|---|---|
| committer | Dennis Kaarsemaker <dennis@kaarsemaker.net> | 2017-07-06 00:26:12 +0200 |
| commit | bd807adfa5b8bee01fe30eee5c7c5247aa3fd530 (patch) | |
| tree | 78beafa43a187fd0b8215ec6ce800afaf45d7410 | |
| parent | 842caba00262a81975cbfd186b846c83f72354e3 (diff) | |
server: Support pre-authentication banners
The ssh protocol allows for the server to send a pre-authentication
banner. It may be sent any time between the start of authentication and
successful authentication. This commit allow ServerInterface subclasses
to define messages which we'll send right right at the start of
authentication before we send the supported authentication methods.
| -rw-r--r-- | paramiko/auth_handler.py | 8 | ||||
| -rw-r--r-- | paramiko/server.py | 11 |
2 files changed, 19 insertions, 0 deletions
diff --git a/paramiko/auth_handler.py b/paramiko/auth_handler.py index ae88179e..e229df8d 100644 --- a/paramiko/auth_handler.py +++ b/paramiko/auth_handler.py @@ -36,6 +36,7 @@ from paramiko.common import ( cMSG_USERAUTH_GSSAPI_MIC, MSG_USERAUTH_GSSAPI_RESPONSE, MSG_USERAUTH_GSSAPI_TOKEN, MSG_USERAUTH_GSSAPI_ERROR, MSG_USERAUTH_GSSAPI_ERRTOK, MSG_USERAUTH_GSSAPI_MIC, MSG_NAMES, + cMSG_USERAUTH_BANNER ) from paramiko.message import Message from paramiko.py3compat import bytestring @@ -225,6 +226,13 @@ class AuthHandler (object): m.add_byte(cMSG_SERVICE_ACCEPT) m.add_string(service) self.transport._send_message(m) + banner, language = self.transport.server_object.get_banner() + if banner: + m = Message() + m.add_byte(cMSG_USERAUTH_BANNER) + m.add_string(banner) + m.add_string(language) + self.transport._send_message(m) return # dunno this one self._disconnect_service_not_available() diff --git a/paramiko/server.py b/paramiko/server.py index adc606bf..f876e779 100644 --- a/paramiko/server.py +++ b/paramiko/server.py @@ -570,6 +570,17 @@ class ServerInterface (object): """ return False + def get_banner(self): + """ + A pre-login banner to display to the user. The message may span + multiple lines separated by crlf pairs. The language should be in + rfc3066 style, for example: en-US + + The default implementation always returns ``(None, None)``. + + :returns: A tuple containing the banner and language code. + """ + return (None, None) class InteractiveQuery (object): """ |