[src/trunk]: src/crypto/external/bsd/openssh/dist Prevent DoS from hosts tryi...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/1aca04c94942
branches:  trunk
changeset: 459374:1aca04c94942
user:      christos <christos%NetBSD.org@localhost>
date:      Sat Sep 07 13:45:30 2019 +0000

description:
Prevent DoS from hosts trying to eat all the sshd slots by marking timeouts
for blacklistd.

diffstat:

 crypto/external/bsd/openssh/dist/sshd.c |  5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diffs (26 lines):

diff -r cb3b07b444da -r 1aca04c94942 crypto/external/bsd/openssh/dist/sshd.c
--- a/crypto/external/bsd/openssh/dist/sshd.c   Sat Sep 07 13:17:43 2019 +0000
+++ b/crypto/external/bsd/openssh/dist/sshd.c   Sat Sep 07 13:45:30 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $       */
+/*     $NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $       */
 /* $OpenBSD: sshd.c,v 1.533 2019/03/01 02:32:39 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -44,7 +44,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/ioctl.h>
@@ -370,6 +370,7 @@
 
        /* XXX pre-format ipaddr/port so we don't need to access active_state */
        /* Log error and exit. */
+       pfilter_notify(1);
        sigdie("Timeout before authentication for %s port %d",
            ssh_remote_ipaddr(the_active_state),
            ssh_remote_port(the_active_state));