summaryrefslogtreecommitdiff
path: root/auth-bsdauth.c
diff options
context:
space:
mode:
authordtucker@openbsd.org <dtucker@openbsd.org>2016-07-21 01:39:35 +0000
committerDamien Miller <djm@mindrot.org>2016-07-22 13:36:40 +1000
commitfcd135c9df440bcd2d5870405ad3311743d78d97 (patch)
tree0d66a792ade2b7cca30f5df586714fb1cf5f2265 /auth-bsdauth.c
parent324583e8fb3935690be58790425793df619c6d4d (diff)
upstream commit
Skip passwords longer than 1k in length so clients can't easily DoS sshd by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
Diffstat (limited to 'auth-bsdauth.c')
0 files changed, 0 insertions, 0 deletions