tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: defence-in-depth MaxAuthTries check in monitor; ok markus 

OpenBSD-Commit-ID: 65a4225dc708e2dae71315adf93677edace46c21
This commit is contained in:
djm@openbsd.org 2023-08-16 16:14:11 +00:00 committed by Damien Miller
parent d1ab7eb904
commit e706bca324
No known key found for this signature in database
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monitor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.236 2023/05/10 10:04:20 dtucker Exp $ */ /* $OpenBSD: monitor.c,v 1.237 2023/08/16 16:14:11 djm Exp $ */
/* /*
* Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org> * Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -342,6 +342,11 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
auth_method, auth_submethod); auth_method, auth_submethod);
} }
} }
if (authctxt->failures > options.max_authtries) {
/* Shouldn't happen */
fatal_f("privsep child made too many authentication "
"attempts");
}
} }
if (!authctxt->valid) if (!authctxt->valid)