- djm@cvs.openbsd.org 2011/03/10 11:34:25

     [auth.h]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@ before lock

2 files changed, 3 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 62f026e2e..24b13ad0e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,7 +10,7 @@
    Thanks to tim@ for testing on affected platforms.
  - OpenBSD CVS Sync
    - djm@cvs.openbsd.org 2011/03/10 02:52:57
-     [auth2-gss.c auth2.c]
+     [auth2-gss.c auth2.c auth.h]
      allow GSSAPI authentication to detect when a server-side failure causes
      authentication failure and don't count such failures against MaxAuthTries;
      bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
diff --git a/auth.h b/auth.h
index 77317aee6..772a8c898 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.66 2010/05/07 11:30:29 djm Exp $ */
+/* $OpenBSD: auth.h,v 1.67 2011/03/10 11:34:25 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -53,6 +53,7 @@ struct Authctxt {
         int              valid;         /* user exists and is allowed to login */
         int              attempt;
         int              failures;
+        int              server_caused_failure; 
         int              force_pwchange;
         char            *user;          /* username sent by the client */
         char            *service;