diff options
author | Markus Friedl <markus@cvs.openbsd.org> | 1999-11-03 23:31:04 +0000 |
---|---|---|
committer | Markus Friedl <markus@cvs.openbsd.org> | 1999-11-03 23:31:04 +0000 |
commit | e0044234828e4e7919ddd5018070c4b8dd6b9ebc (patch) | |
tree | 706001dbe64917fc2a028335498d9c70c3641272 /usr.bin/ssh/sshd.c | |
parent | 7bdd0aedf4fb033a022dd959e3f2399aabb2a89f (diff) |
don't send fail-msg but disconnect if too many authentication failures
Diffstat (limited to 'usr.bin/ssh/sshd.c')
-rw-r--r-- | usr.bin/ssh/sshd.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index f5ccd5991b5..01673fcf358 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.44 1999/11/02 19:42:37 markus Exp $"); +RCSID("$Id: sshd.c,v 1.45 1999/11/03 23:31:03 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -1048,15 +1048,15 @@ do_authentication(char *user, int privileged_port) packet_send_debug(skeyinfo); } #endif + if (++authentication_failures >= MAX_AUTH_FAILURES) { + packet_disconnect("Too many authentication failures for %.100s from %.200s", + user, get_canonical_hostname()); + } /* Send failure. This should be indistinguishable from a failed authentication. */ packet_start(SSH_SMSG_FAILURE); packet_send(); packet_write_wait(); - if (++authentication_failures >= MAX_AUTH_FAILURES) { - packet_disconnect("Too many authentication failures for %.100s from %.200s", - user, get_canonical_hostname()); - } } /*NOTREACHED*/ abort(); @@ -1351,15 +1351,15 @@ do_authentication(char *user, int privileged_port) if (authenticated) break; + if (++authentication_failures >= MAX_AUTH_FAILURES) { + packet_disconnect("Too many authentication failures for %.100s from %.200s", + pw->pw_name, get_canonical_hostname()); + } /* Send a message indicating that the authentication attempt failed. */ packet_start(SSH_SMSG_FAILURE); packet_send(); packet_write_wait(); - if (++authentication_failures >= MAX_AUTH_FAILURES) { - packet_disconnect("Too many authentication failures for %.100s from %.200s", - pw->pw_name, get_canonical_hostname()); - } } /* Check if the user is logging in as root and root logins are disallowed. */ |