bin/60270: blocklist: Add back probes

["jlduran%FreeBSD.org@localhost via gnats" <gnats-admin%NetBSD.org@localhost>]

>Number:         60270
>Category:       bin
>Synopsis:       blocklist: Add back probes
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat May 16 06:35:00 +0000 2026
>Originator:     Jose Luis Duran
>Release:        trunk
>Organization:
FreeBSD
>Environment:
>Description:
These probes were accidentally removed in sshd-session.c,v 1.12.
The banner exchange was moved to the sshd-auth process in upstream commit bb781f02d4efd178e329a62a838962bee16e3e9b.
>How-To-Repeat:
N/A
>Fix:
Subject: [PATCH] blocklist: Add back probes

These probes were accidentally removed in sshd-session.c,v 1.12.

The banner exchange was moved to the sshd-auth process in upstream
commit bb781f02d4efd178e329a62a838962bee16e3e9b.
---
 crypto/external/bsd/openssh/dist/sshd-auth.c    | 6 +++++-
 crypto/external/bsd/openssh/dist/sshd-session.c | 4 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/crypto/external/bsd/openssh/dist/sshd-auth.c b/crypto/external/bsd/openssh/dist/sshd-auth.c
index c460e4bbbc2a..a5da53173eed 100644
--- a/crypto/external/bsd/openssh/dist/sshd-auth.c
+++ b/crypto/external/bsd/openssh/dist/sshd-auth.c
@@ -100,6 +100,8 @@ __RCSID("$NetBSD: sshd-auth.c,v 1.5 2026/04/08 18:58:41 christos Exp $");
 #include "srclimit.h"
 #include "dh.h"
 
+#include "pfilter.h"
+
 /* Privsep fds */
 #define PRIVSEP_MONITOR_FD		(STDERR_FILENO + 1)
 #define PRIVSEP_LOG_FD			(STDERR_FILENO + 2)
@@ -787,8 +789,10 @@ do_ssh2_kex(struct ssh *ssh)
 	free(hkalgs);
 
 	if ((r = kex_exchange_identification(ssh, -1,
-	    options.version_addendum)) != 0)
+	    options.version_addendum)) != 0) {
+		pfilter_notify(1);
 		sshpkt_fatal(ssh, r, "banner exchange");
+	}
 	mm_sshkey_setcompat(ssh); /* tell monitor */
 
 	if ((ssh->compat & SSH_BUG_NOREKEY))
diff --git a/crypto/external/bsd/openssh/dist/sshd-session.c b/crypto/external/bsd/openssh/dist/sshd-session.c
index 9cf56d786e8e..fba96b7a9feb 100644
--- a/crypto/external/bsd/openssh/dist/sshd-session.c
+++ b/crypto/external/bsd/openssh/dist/sshd-session.c
@@ -1342,8 +1342,10 @@ cleanup_exit(int i)
 		}
 	}
 	/* Override default fatal exit value when auth was attempted */
-	if (i == 255 && monitor_auth_attempted())
+	if (i == 255 && monitor_auth_attempted()) {
+		pfilter_notify(1);
 		_exit(EXIT_AUTH_ATTEMPTED);
+	}
 	if (i == 255 && monitor_invalid_user())
 		_exit(EXIT_INVALID_USER);
 	_exit(i);
-- 
Jose Luis Duran