diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2015-02-25 17:29:39 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2015-02-25 17:29:39 +0000 |
commit | a470bc30a500906af364baa4b1016df81d60aad6 (patch) | |
tree | be47deca45d37b95dcc8abc605f20d945f1d2fb6 /usr.bin/ssh/auth.c | |
parent | b601eda308dc15547af1341e9cbf82e3b66e7f05 (diff) |
don't leak validity of user in "too many authentication failures"
disconnect message; reported by Sebastian Reitenbach
Diffstat (limited to 'usr.bin/ssh/auth.c')
-rw-r--r-- | usr.bin/ssh/auth.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index a5695301678..6eea5386946 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.109 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: auth.c,v 1.110 2015/02/25 17:29:38 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -240,13 +240,14 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, void auth_maxtries_exceeded(Authctxt *authctxt) { - packet_disconnect("Too many authentication failures for " + error("maximum authentication attempts exceeded for " "%s%.100s from %.200s port %d %s", authctxt->valid ? "" : "invalid user ", authctxt->user, get_remote_ipaddr(), get_remote_port(), compat20 ? "ssh2" : "ssh1"); + packet_disconnect("Too many authentication failures"); /* NOTREACHED */ } |