From 0b228013734983ec12ddaa535d42704b5e4cee90 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 29 Sep 2006 11:11:50 +0000
Subject: * Backport from 4.4p1 (since I don't have an updated version of the
 GSSAPI   patch yet):   - CVE-2006-4924: Fix a pre-authentication denial of
 service found by     Tavis Ormandy, that would cause sshd(8) to spin until
 the login grace     time expired (closes: #389995).

---
 packet.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'packet.c')

diff --git a/packet.c b/packet.c
index 3208383e8..827ae16b3 100644
--- a/packet.c
+++ b/packet.c
@@ -992,9 +992,16 @@ packet_read_poll1(void)
 	 * (C)1998 CORE-SDI, Buenos Aires Argentina
 	 * Ariel Futoransky(futo@core-sdi.com)
 	 */
-	if (!receive_context.plaintext &&
-	    detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)
-		packet_disconnect("crc32 compensation attack: network attack detected");
+	if (!receive_context.plaintext) {
+		switch (detect_attack(buffer_ptr(&input), padded_len, NULL)) {
+		case DEATTACK_DETECTED:
+			packet_disconnect("crc32 compensation attack: "
+			    "network attack detected");
+		case DEATTACK_DOS_DETECTED:
+			packet_disconnect("deattack denial of "
+			    "service detected");
+		}
+	}
 
 	/* Decrypt data to incoming_packet. */
 	buffer_clear(&incoming_packet);
-- 
cgit v1.2.3