From b8bb5d9a091438e4e357a7a9370e02beecf6f240 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Fri, 8 Feb 2013 16:55:36 +0100
Subject: [PATCH] change default value of MaxStartups - CVE-2010-5107 (#908707)

---
 openssh-5.8p2-change-max-startups.patch | 42 +++++++++++++++++++++++++
 openssh.spec                            |  3 ++
 2 files changed, 45 insertions(+)
 create mode 100644 openssh-5.8p2-change-max-startups.patch

diff --git a/openssh-5.8p2-change-max-startups.patch b/openssh-5.8p2-change-max-startups.patch
new file mode 100644
index 0000000..7af8e1c
--- /dev/null
+++ b/openssh-5.8p2-change-max-startups.patch
@@ -0,0 +1,42 @@
+diff -up openssh-5.8p2/servconf.c.max-startups openssh-5.8p2/servconf.c
+--- openssh-5.8p2/servconf.c.max-startups	2013-02-08 16:54:23.003052391 +0100
++++ openssh-5.8p2/servconf.c	2013-02-08 16:54:23.021052316 +0100
+@@ -262,11 +262,11 @@ fill_default_server_options(ServerOption
+ 	if (options->gateway_ports == -1)
+ 		options->gateway_ports = 0;
+ 	if (options->max_startups == -1)
+-		options->max_startups = 10;
++		options->max_startups = 100;
+ 	if (options->max_startups_rate == -1)
+-		options->max_startups_rate = 100;		/* 100% */
++		options->max_startups_rate = 30;		/* 30% */
+ 	if (options->max_startups_begin == -1)
+-		options->max_startups_begin = options->max_startups;
++		options->max_startups_begin = 10;
+ 	if (options->max_authtries == -1)
+ 		options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
+ 	if (options->max_sessions == -1)
+diff -up openssh-5.8p2/sshd_config.5.max-startups openssh-5.8p2/sshd_config.5
+--- openssh-5.8p2/sshd_config.5.max-startups	2013-02-08 16:54:23.004052387 +0100
++++ openssh-5.8p2/sshd_config.5	2013-02-08 16:54:23.021052316 +0100
+@@ -778,7 +778,7 @@ SSH daemon.
+ Additional connections will be dropped until authentication succeeds or the
+ .Cm LoginGraceTime
+ expires for a connection.
+-The default is 10.
++The default is 10:30:100.
+ .Pp
+ Alternatively, random early drop can be enabled by specifying
+ the three colon separated values
+diff -up openssh-5.8p2/sshd_config.max-startups openssh-5.8p2/sshd_config
+--- openssh-5.8p2/sshd_config.max-startups	2013-02-08 16:54:23.017052333 +0100
++++ openssh-5.8p2/sshd_config	2013-02-08 16:54:23.021052316 +0100
+@@ -122,7 +122,7 @@ X11Forwarding yes
+ #ShowPatchLevel no
+ #UseDNS yes
+ #PidFile /var/run/sshd.pid
+-#MaxStartups 10
++#MaxStartups 10:30:100
+ #PermitTunnel no
+ #ChrootDirectory none
+ 
diff --git a/openssh.spec b/openssh.spec
index de90484..d640914 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -202,6 +202,8 @@ Patch70: openssh-5.8p2-copy-id-restorecon.patch
 Patch71: openssh-5.8p2-log-usepam-no.patch
 #https://bugzilla.redhat.com/show_bug.cgi?id=841065
 Patch72: openssh-5.8p2-man-moduli.patch
+# change default value of MaxStartups - CVE-2010-5107 - #908707
+Patch73: openssh-5.8p2-change-max-startups.patch
 
 #---
 #https://bugzilla.mindrot.org/show_bug.cgi?id=1604
@@ -444,6 +446,7 @@ popd
 %patch70 -p1 -b .restorecon
 %patch71 -p1 -b .log-usepam-no
 %patch72 -p1 -b .man-moduli
+%patch73 -p1 -b .max-startups
 
 autoreconf
 pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}