summaryrefslogtreecommitdiffstats
path: root/auth2.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2022-02-23 12:18:13 +0100
committerDamien Miller <djm@mindrot.org>2022-02-23 12:22:20 +0100
commit32ebaa0dbca5d0bb86e384e72bebc153f48413e4 (patch)
treeff93af97a74281386553f8ffcd44ff39c62b79f1 /auth2.c
parentupstream: randomise the password used in fakepw (diff)
downloadopenssh-32ebaa0dbca5d0bb86e384e72bebc153f48413e4.tar.xz
openssh-32ebaa0dbca5d0bb86e384e72bebc153f48413e4.zip
upstream: avoid integer overflow of auth attempts (harmless, caught
by monitor) OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
Diffstat (limited to '')
-rw-r--r--auth2.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/auth2.c b/auth2.c
index 6ae27bd45..6c061934b 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.163 2021/12/26 23:34:41 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -279,6 +279,8 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
if ((style = strchr(user, ':')) != NULL)
*style++ = 0;
+ if (authctxt->attempt >= 1024)
+ auth_maxtries_exceeded(ssh);
if (authctxt->attempt++ == 0) {
/* setup auth context */
authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
@@ -287,6 +289,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
authctxt->valid = 1;
debug2_f("setting up authctxt for %s", user);
} else {
+ authctxt->valid = 0;
/* Invalid user, fake password information */
authctxt->pw = fakepw();
#ifdef SSH_AUDIT_EVENTS