Subject: bin/23616: login might not back-off as expected
To: None <gnats-bugs@gnats.netbsd.org>
From: Christian Biere <christianbiere@gmx.de>
List: netbsd-bugs
Date: 12/02/2003 00:08:52
>Number: 23616
>Category: bin
>Synopsis: login might not back-off as expected
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Dec 02 00:09:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 1.6ZF
>Organization:
>Environment:
System: NetBSD cyclonus 1.6ZF NetBSD 1.6ZF (STARSCREAM) #0: Sun Nov 30 01:56:21 CET 2003 bin@cyclonus:/usr/build/obj/sys/arch/i386/compile/STARSCREAM i386
Architecture: i386
Machine: i386
>Description:
Due to a hardcoded value in the back-off time calculation code the
time to back-off can become negative. As this value is (automatically)
casted to an unsigned int, sleep() is called with a pretty uge value.
As this exceeds 1000000000 sleep returns immediately. This happens
for at most every 4 first login tries. The fact that login-backoff is
not always 3 because it's configurable was probably to overseen or
the code wasn't updated when the feature was added.
>How-To-Repeat:
Edit /etc/login.conf and add login-backoff=1 to any class. Try to
login as a user of this class and use a wrong password. Be surprised
that backing off starts even later.
>Fix:
Index: login.c
===================================================================
RCS file: /cvsroot/src/usr.bin/login/login.c,v
retrieving revision 1.75
diff -u -r1.75 login.c
--- login.c 2003/10/16 05:31:47 1.75
+++ login.c 2003/12/01 23:45:10
@@ -512,7 +512,7 @@
badlogin(username);
sleepexit(1);
}
- sleep((u_int)((cnt - 3) * 5));
+ sleep((u_int)((cnt - login_backoff) * 5));
}
}
>Release-Note:
>Audit-Trail:
>Unformatted: