diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -194,6 +194,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
194 | #endif | 194 | #endif |
195 | 195 | ||
196 | authctxt->postponed = 0; | 196 | authctxt->postponed = 0; |
197 | authctxt->server_caused_failure = 0; | ||
197 | 198 | ||
198 | /* try to authenticate user */ | 199 | /* try to authenticate user */ |
199 | m = authmethod_lookup(method); | 200 | m = authmethod_lookup(method); |
@@ -236,7 +237,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
236 | packet_write_wait(); | 237 | packet_write_wait(); |
237 | } | 238 | } |
238 | fatal("Access denied for user %s by PAM account " | 239 | fatal("Access denied for user %s by PAM account " |
239 | "configuration", authctxt->user); | 240 | "configuration", authctxt->user); |
240 | } | 241 | } |
241 | } | 242 | } |
242 | #endif | 243 | #endif |
@@ -264,7 +265,9 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
264 | /* now we can break out */ | 265 | /* now we can break out */ |
265 | authctxt->success = 1; | 266 | authctxt->success = 1; |
266 | } else { | 267 | } else { |
267 | if (authctxt->failures++ > options.max_authtries) { | 268 | /* Dont count server configuration issues against the client */ |
269 | if (!authctxt->server_caused_failure && | ||
270 | authctxt->failures++ > options.max_authtries) { | ||
268 | #ifdef SSH_AUDIT_EVENTS | 271 | #ifdef SSH_AUDIT_EVENTS |
269 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | 272 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); |
270 | #endif | 273 | #endif |