Module Name: src
Committed By: christos
Date: Sat Sep 7 13:45:30 UTC 2019
Modified Files:
src/crypto/external/bsd/openssh/dist: sshd.c
Log Message:
Prevent DoS from hosts trying to eat all the sshd slots by marking timeouts
for blacklistd.
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/sshd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssh/dist/sshd.c
diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.34 src/crypto/external/bsd/openssh/dist/sshd.c:1.35
--- src/crypto/external/bsd/openssh/dist/sshd.c:1.34 Sat Apr 20 13:16:40 2019
+++ src/crypto/external/bsd/openssh/dist/sshd.c Sat Sep 7 09:45:30 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $ */
+/* $NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $ */
/* $OpenBSD: sshd.c,v 1.533 2019/03/01 02:32:39 djm Exp $ */
/*
* Author: Tatu Ylonen <[email protected]>
@@ -44,7 +44,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/ioctl.h>
@@ -370,6 +370,7 @@ grace_alarm_handler(int sig)
/* XXX pre-format ipaddr/port so we don't need to access active_state */
/* Log error and exit. */
+ pfilter_notify(1);
sigdie("Timeout before authentication for %s port %d",
ssh_remote_ipaddr(the_active_state),
ssh_remote_port(the_active_state));
