upstream commit

Skip passwords longer than 1k in length so clients can't
easily DoS sshd by sending very long passwords, causing it to spend CPU
hashing them. feedback djm@, ok markus@.

Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org

Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333

0 files changed, 0 insertions, 0 deletions