diff options
author | Damien Miller <djm@mindrot.org> | 2008-07-05 09:44:53 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2008-07-05 09:44:53 +1000 |
commit | 0b4d48ba74cca40e983d96ba13e66908cf5b5666 (patch) | |
tree | 6f73ac31ec892638ce9a3a4ce4784549674dda62 /auth2.c | |
parent | d874fa517be97bdd57b631fd409c337761f1ab46 (diff) |
- djm@cvs.openbsd.org 2008/07/04 23:30:16
[auth1.c auth2.c]
Make protocol 1 MaxAuthTries logic match protocol 2's.
Do not treat the first protocol 2 authentication attempt as
a failure IFF it is for method "none".
Makes MaxAuthTries' user-visible behaviour identical for
protocol 1 vs 2.
ok dtucker@
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2.c,v 1.118 2008/07/02 13:30:34 djm Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.119 2008/07/04 23:30:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -36,6 +36,7 @@ | |||
36 | #include <unistd.h> | 36 | #include <unistd.h> |
37 | 37 | ||
38 | #include "xmalloc.h" | 38 | #include "xmalloc.h" |
39 | #include "atomicio.h" | ||
39 | #include "ssh2.h" | 40 | #include "ssh2.h" |
40 | #include "packet.h" | 41 | #include "packet.h" |
41 | #include "log.h" | 42 | #include "log.h" |
@@ -333,7 +334,11 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
333 | /* now we can break out */ | 334 | /* now we can break out */ |
334 | authctxt->success = 1; | 335 | authctxt->success = 1; |
335 | } else { | 336 | } else { |
336 | if (++authctxt->failures >= options.max_authtries) { | 337 | |
338 | /* Allow initial try of "none" auth without failure penalty */ | ||
339 | if (authctxt->attempt > 1 || strcmp(method, "none") != 0) | ||
340 | authctxt->failures++; | ||
341 | if (authctxt->failures >= options.max_authtries) { | ||
337 | #ifdef SSH_AUDIT_EVENTS | 342 | #ifdef SSH_AUDIT_EVENTS |
338 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | 343 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); |
339 | #endif | 344 | #endif |