CVS commit: [netbsd-9] src/crypto/external/bsd/openssh/dist

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: [netbsd-9] src/crypto/external/bsd/openssh/dist
From: "Martin Husemann" <martin%netbsd.org@localhost>
Date: Wed, 9 Oct 2024 10:23:40 +0000

Module Name:    src
Committed By:   martin
Date:           Wed Oct  9 10:23:40 UTC 2024

Modified Files:
        src/crypto/external/bsd/openssh/dist [netbsd-9]: auth.c auth2.c

Log Message:
Additionaly pull up following revision(s) (requested by rin in ticket #1893):

        crypto/external/bsd/openssh/dist/auth.c: revision 1.37
        crypto/external/bsd/openssh/dist/auth2.c: revision 1.32

sshd: Finally fix spurious blocklistd activation (PR bin/58369)

Drop one more pfilter_notify() call from userauth_finish(),
for single failure in authentication attempt.
This happens for users with multiple public keys; e.g., both
rsa and ed25519 keys are registered into ssh-agent(1), while
only the latter is in remote authorized_keys.

Instead, it is called from auth_maxtries_exceeded(), when
authentication process is actually failed. This function is
called also from input_userauth_request(). But I guess this
cannot happen frequently; this path is taken with >= 1024
failed attempts, although MaxAuthTries is 6 by default...


To generate a diff of this commit:
cvs rdiff -u -r1.24.2.1 -r1.24.2.2 \
    src/crypto/external/bsd/openssh/dist/auth.c
cvs rdiff -u -r1.19.2.2 -r1.19.2.3 \
    src/crypto/external/bsd/openssh/dist/auth2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [netbsd-10] src/doc
Next by Date: CVS commit: [netbsd-9] src/doc
Previous by Thread: CVS commit: [netbsd-10] src/doc
Next by Thread: CVS commit: [netbsd-9] src/doc
Indexes:

Home | Main Index | Thread Index | Old Index