CVE-2010-5107: Improve DoS resistance by changing default of MaxStartups

to 10:30:100 (closes: #700102).
author: Colin Watson <cjwatson@debian.org> 2013-02-08 21:07:09 +0000
committer: Colin Watson <cjwatson@debian.org> 2013-02-08 21:07:09 +0000
commit: 57beeaa6b23799ef7986a16bfc81b2de84a00aa8 (patch)
tree: 90c4d4dc1553b0a9d92004a353ec6ec216cd92b6 /servconf.c
parent: 1327f52870f5b4bc5b1b34d4ead9bedd9998b609 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/servconf.c b/servconf.c
index 5b8c686c2..9a8822938 100644
--- a/servconf.c
+++ b/servconf.c
@@ -265,11 +265,11 @@ fill_default_server_options(ServerOptions *options)
        if (options->gateway_ports == -1)
                options->gateway_ports = 0;
        if (options->max_startups == -1)
-                options->max_startups = 10;
+                options->max_startups = 100;
        if (options->max_startups_rate == -1)
-                options->max_startups_rate = 100;               /* 100% */
+                options->max_startups_rate = 30;                /* 30% */
        if (options->max_startups_begin == -1)
-                options->max_startups_begin = options->max_startups;
+                options->max_startups_begin = 10;
        if (options->max_authtries == -1)
                options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
        if (options->max_sessions == -1)
author	Colin Watson <cjwatson@debian.org>	2013-02-08 21:07:09 +0000
committer	Colin Watson <cjwatson@debian.org>	2013-02-08 21:07:09 +0000
commit	57beeaa6b23799ef7986a16bfc81b2de84a00aa8 (patch)
tree	90c4d4dc1553b0a9d92004a353ec6ec216cd92b6 /servconf.c
parent	1327f52870f5b4bc5b1b34d4ead9bedd9998b609 (diff)

diff --git a/servconf.c b/servconf.c index 5b8c686c2..9a8822938 100644 --- a/servconf.c +++ b/servconf.c
@@ -265,11 +265,11 @@ fill_default_server_options(ServerOptions *options)
265	if (options->gateway_ports == -1)	265	if (options->gateway_ports == -1)
266	options->gateway_ports = 0;	266	options->gateway_ports = 0;
267	if (options->max_startups == -1)	267	if (options->max_startups == -1)
268	options->max_startups = 10;	268	options->max_startups = 100;
269	if (options->max_startups_rate == -1)	269	if (options->max_startups_rate == -1)
270	options->max_startups_rate = 100; /* 100% */	270	options->max_startups_rate = 30; /* 30% */
271	if (options->max_startups_begin == -1)	271	if (options->max_startups_begin == -1)
272	options->max_startups_begin = options->max_startups;	272	options->max_startups_begin = 10;
273	if (options->max_authtries == -1)	273	if (options->max_authtries == -1)
274	options->max_authtries = DEFAULT_AUTH_FAIL_MAX;	274	options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
275	if (options->max_sessions == -1)	275	if (options->max_sessions == -1)