only query each keyboard-interactive device once (#1245971)
Upstream commit https://anongit.mindrot.org/openssh.git/commit/?id=5b64f85bb811246c59ebab70aed331f26ba37b18
This commit is contained in:
Jakub Jelen
parent
ca62b6133e
commit
c6d2eca7de
47
openssh-6.9p1-authentication-limits-bypass.patch
Normal file
47
openssh-6.9p1-authentication-limits-bypass.patch
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||||
|
Date: Sat, 18 Jul 2015 07:57:14 +0000
|
||||||
|
Subject: upstream commit
|
||||||
|
|
||||||
|
only query each keyboard-interactive device once per
|
||||||
|
authentication request regardless of how many times it is listed; ok markus@
|
||||||
|
|
||||||
|
Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
|
||||||
|
---
|
||||||
|
auth2-chall.c | 11 ++++++++---
|
||||||
|
1 file changed, 8 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/auth2-chall.c b/auth2-chall.c
|
||||||
|
index ddabe1a..4aff09d 100644
|
||||||
|
--- a/auth2-chall.c
|
||||||
|
+++ b/auth2-chall.c
|
||||||
|
@@ -83,6 +83,7 @@ struct KbdintAuthctxt
|
||||||
|
void *ctxt;
|
||||||
|
KbdintDevice *device;
|
||||||
|
u_int nreq;
|
||||||
|
+ u_int devices_done;
|
||||||
|
};
|
||||||
|
|
||||||
|
#ifdef USE_PAM
|
||||||
|
@@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)
|
||||||
|
if (len == 0)
|
||||||
|
break;
|
||||||
|
for (i = 0; devices[i]; i++) {
|
||||||
|
- if (!auth2_method_allowed(authctxt,
|
||||||
|
+ if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
|
||||||
|
+ !auth2_method_allowed(authctxt,
|
||||||
|
"keyboard-interactive", devices[i]->name))
|
||||||
|
continue;
|
||||||
|
- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
|
||||||
|
+ if (strncmp(kbdintctxt->devices, devices[i]->name,
|
||||||
|
+ len) == 0) {
|
||||||
|
kbdintctxt->device = devices[i];
|
||||||
|
+ kbdintctxt->devices_done |= 1 << i;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
t = kbdintctxt->devices;
|
||||||
|
kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
|
||||||
|
--
|
||||||
|
cgit v0.11.2
|
||||||
|
|
||||||
|
|
||||||
@ -223,6 +223,8 @@ Patch926: openssh-6.7p1-sftp-force-permission.patch
|
|||||||
Patch928: openssh-6.8p1-memory-problems.patch
|
Patch928: openssh-6.8p1-memory-problems.patch
|
||||||
# Restore compatible default (#89216)
|
# Restore compatible default (#89216)
|
||||||
Patch929: openssh-6.9p1-permit-root-login.patch
|
Patch929: openssh-6.9p1-permit-root-login.patch
|
||||||
|
# authentication limits (MaxAuthTries) bypass [security] (#1245971)
|
||||||
|
Patch930: openssh-6.9p1-authentication-limits-bypass.patch
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -446,6 +448,7 @@ popd
|
|||||||
%patch926 -p1 -b .sftp-force-mode
|
%patch926 -p1 -b .sftp-force-mode
|
||||||
%patch928 -p1 -b .memory
|
%patch928 -p1 -b .memory
|
||||||
%patch929 -p1 -b .root-login
|
%patch929 -p1 -b .root-login
|
||||||
|
%patch930 -p1 -b .kbd
|
||||||
|
|
||||||
%patch200 -p1 -b .audit
|
%patch200 -p1 -b .audit
|
||||||
%patch700 -p1 -b .fips
|
%patch700 -p1 -b .fips
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user