summaryrefslogtreecommitdiff
path: root/vendor/golang.org/x/crypto/ssh/server.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/golang.org/x/crypto/ssh/server.go')
-rw-r--r--vendor/golang.org/x/crypto/ssh/server.go30
1 files changed, 30 insertions, 0 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index e2ae4f891..3ca9e89e2 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -462,6 +462,24 @@ func (p *PartialSuccessError) Error() string {
// It is returned in ServerAuthError.Errors from NewServerConn.
var ErrNoAuth = errors.New("ssh: no auth passed yet")
+// BannerError is an error that can be returned by authentication handlers in
+// ServerConfig to send a banner message to the client.
+type BannerError struct {
+ Err error
+ Message string
+}
+
+func (b *BannerError) Unwrap() error {
+ return b.Err
+}
+
+func (b *BannerError) Error() string {
+ if b.Err == nil {
+ return b.Message
+ }
+ return b.Err.Error()
+}
+
func (s *connection) serverAuthenticate(config *ServerConfig) (*Permissions, error) {
sessionID := s.transport.getSessionID()
var cache pubKeyCache
@@ -734,6 +752,18 @@ userAuthLoop:
config.AuthLogCallback(s, userAuthReq.Method, authErr)
}
+ var bannerErr *BannerError
+ if errors.As(authErr, &bannerErr) {
+ if bannerErr.Message != "" {
+ bannerMsg := &userAuthBannerMsg{
+ Message: bannerErr.Message,
+ }
+ if err := s.transport.writePacket(Marshal(bannerMsg)); err != nil {
+ return nil, err
+ }
+ }
+ }
+
if authErr == nil {
break userAuthLoop
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 12:41:47 +0000