only query each keyboard-interactive device once (#1245971)
This commit is contained in:
Jakub Jelen
parent
2cad5f521e
commit
88adbf2b73
47
openssh-6.6p1-authentication-limits-bypass.patch
Normal file
47
openssh-6.6p1-authentication-limits-bypass.patch
Normal file
@ -0,0 +1,47 @@
|
||||
From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Sat, 18 Jul 2015 07:57:14 +0000
|
||||
Subject: upstream commit
|
||||
|
||||
only query each keyboard-interactive device once per
|
||||
authentication request regardless of how many times it is listed; ok markus@
|
||||
|
||||
Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
|
||||
---
|
||||
auth2-chall.c | 11 ++++++++---
|
||||
1 file changed, 8 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/auth2-chall.c b/auth2-chall.c
|
||||
index ddabe1a..4aff09d 100644
|
||||
--- a/auth2-chall.c
|
||||
+++ b/auth2-chall.c
|
||||
@@ -83,6 +83,7 @@ struct KbdintAuthctxt
|
||||
void *ctxt;
|
||||
KbdintDevice *device;
|
||||
u_int nreq;
|
||||
+ u_int devices_done;
|
||||
};
|
||||
|
||||
#ifdef USE_PAM
|
||||
@@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)
|
||||
if (len == 0)
|
||||
break;
|
||||
for (i = 0; devices[i]; i++) {
|
||||
- if (!auth2_method_allowed(authctxt,
|
||||
+ if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
|
||||
+ !auth2_method_allowed(authctxt,
|
||||
"keyboard-interactive", devices[i]->name))
|
||||
continue;
|
||||
- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
|
||||
+ if (strncmp(kbdintctxt->devices, devices[i]->name,
|
||||
+ len) == 0) {
|
||||
kbdintctxt->device = devices[i];
|
||||
+ kbdintctxt->devices_done |= 1 << i;
|
||||
+ }
|
||||
}
|
||||
t = kbdintctxt->devices;
|
||||
kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
|
||||
--
|
||||
cgit v0.11.2
|
||||
|
||||
|
||||
@ -230,6 +230,8 @@ Patch922: openssh-6.7p1-ssh-copy-id-truncated-keys.patch
|
||||
# XSECURITY restrictions bypass under certain conditions in ssh(1) (#1238231)
|
||||
# weakness of agent locking (ssh-add -x) to password guessing (#1238238)
|
||||
Patch923: openssh-6.6p1-security-from-6.9.patch
|
||||
# authentication limits (MaxAuthTries) bypass [security] (#1245971)
|
||||
Patch924: openssh-6.6p1-authentication-limits-bypass.patch
|
||||
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
@ -446,6 +448,7 @@ popd
|
||||
%patch921 -p1 -b .ssh-copy-id
|
||||
%patch922 -p1 -b .newline
|
||||
%patch923 -p1 -b .security
|
||||
%patch924 -p1 -b .kbd
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-fps
|
||||
|
||||
Loading…
Reference in New Issue
Block a user