diff options
author | Damien Miller <djm@mindrot.org> | 2008-07-05 09:44:53 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2008-07-05 09:44:53 +1000 |
commit | 0b4d48ba74cca40e983d96ba13e66908cf5b5666 (patch) | |
tree | 6f73ac31ec892638ce9a3a4ce4784549674dda62 /auth1.c | |
parent | d874fa517be97bdd57b631fd409c337761f1ab46 (diff) |
- djm@cvs.openbsd.org 2008/07/04 23:30:16
[auth1.c auth2.c]
Make protocol 1 MaxAuthTries logic match protocol 2's.
Do not treat the first protocol 2 authentication attempt as
a failure IFF it is for method "none".
Makes MaxAuthTries' user-visible behaviour identical for
protocol 1 vs 2.
ok dtucker@
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth1.c,v 1.72 2008/05/08 12:02:23 djm Exp $ */ | 1 | /* $OpenBSD: auth1.c,v 1.73 2008/07/04 23:30:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -284,6 +284,8 @@ do_authloop(Authctxt *authctxt) | |||
284 | type != SSH_CMSG_AUTH_TIS_RESPONSE) | 284 | type != SSH_CMSG_AUTH_TIS_RESPONSE) |
285 | abandon_challenge_response(authctxt); | 285 | abandon_challenge_response(authctxt); |
286 | 286 | ||
287 | if (authctxt->failures >= options.max_authtries) | ||
288 | goto skip; | ||
287 | if ((meth = lookup_authmethod1(type)) == NULL) { | 289 | if ((meth = lookup_authmethod1(type)) == NULL) { |
288 | logit("Unknown message during authentication: " | 290 | logit("Unknown message during authentication: " |
289 | "type %d", type); | 291 | "type %d", type); |
@@ -368,7 +370,7 @@ do_authloop(Authctxt *authctxt) | |||
368 | if (authenticated) | 370 | if (authenticated) |
369 | return; | 371 | return; |
370 | 372 | ||
371 | if (authctxt->failures++ > options.max_authtries) { | 373 | if (++authctxt->failures >= options.max_authtries) { |
372 | #ifdef SSH_AUDIT_EVENTS | 374 | #ifdef SSH_AUDIT_EVENTS |
373 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | 375 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); |
374 | #endif | 376 | #endif |