upstream: avoid integer overflow of auth attempts (harmless, caught by monitor) OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86

commit: 32ebaa0dbca5d0bb86e384e72bebc153f48413e4 [log] [tgz]
author: djm@openbsd.org <djm@openbsd.org> Wed Feb 23 11:18:13 2022 +0000
committer: Damien Miller <djm@mindrot.org> Wed Feb 23 22:22:20 2022 +1100
tree: ff93af97a74281386553f8ffcd44ff39c62b79f1
parent: 6e0258c64c901753df695e06498b26f9f4812ea6 [diff]
diff --git a/auth2.c b/auth2.c
index 6ae27bd..6c06193 100644
--- a/auth2.c
+++ b/auth2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.163 2021/12/26 23:34:41 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -279,6 +279,8 @@
 	if ((style = strchr(user, ':')) != NULL)
 		*style++ = 0;
 
+	if (authctxt->attempt >= 1024)
+		auth_maxtries_exceeded(ssh);
 	if (authctxt->attempt++ == 0) {
 		/* setup auth context */
 		authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
@@ -287,6 +289,7 @@
 			authctxt->valid = 1;
 			debug2_f("setting up authctxt for %s", user);
 		} else {
+			authctxt->valid = 0;
 			/* Invalid user, fake password information */
 			authctxt->pw = fakepw();
 #ifdef SSH_AUDIT_EVENTS
commit	32ebaa0dbca5d0bb86e384e72bebc153f48413e4	[log] [tgz]
author	djm@openbsd.org <djm@openbsd.org>	Wed Feb 23 11:18:13 2022 +0000
committer	Damien Miller <djm@mindrot.org>	Wed Feb 23 22:22:20 2022 +1100
tree	ff93af97a74281386553f8ffcd44ff39c62b79f1
parent	6e0258c64c901753df695e06498b26f9f4812ea6 [diff]