blocklistd detects a failure for a killed ssh session

To: tech-net%netbsd.org@localhost
Subject: blocklistd detects a failure for a killed ssh session
From: Anthony Mallet <anthony.mallet%laas.fr@localhost>
Date: Tue, 22 Nov 2022 00:43:25 +0100

On Monday 21 Nov 2022, at 23:21, Anthony Mallet wrote:
> Would there be a way to improve this, by detecting properly
> established connections and not notify blacklistd anymore about these?

Maybe like this?

Index: crypto/external/bsd/openssh/dist/pfilter.c
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/pfilter.c,v
retrieving revision 1.8
diff -u -r1.8 pfilter.c
--- crypto/external/bsd/openssh/dist/pfilter.c	15 Jun 2020 01:57:29 -0000	1.8
+++ crypto/external/bsd/openssh/dist/pfilter.c	21 Nov 2022 23:39:42 -0000
@@ -3,6 +3,8 @@
 #include "includes.h"
 #include "ssh.h"
 #include "packet.h"
+#include "hostfile.h"
+#include "auth.h"
 #include "log.h"
 #include "pfilter.h"
 #include <blocklist.h>
@@ -23,6 +25,7 @@
 }
 
 extern struct ssh *the_active_state;
+extern Authctxt *the_authctxt;
 
 void
 pfilter_notify(int a)
@@ -31,6 +34,8 @@
 	int fd;
 	if (the_active_state == NULL)
 		return;
+	if (the_authctxt != NULL && the_authctxt->authenticated == 1)
+		return;
 	if (blstate == NULL)
 		pfilter_init();
 	if (blstate == NULL)

References:
- blocklistd detects a failure for a killed ssh session
  - From: Anthony Mallet

Prev by Date: blocklistd detects a failure for a killed ssh session
Next by Date: Re: Enable to send packets on if_loop via bpf
Previous by Thread: blocklistd detects a failure for a killed ssh session
Next by Thread: Re: blocklistd detects a failure for a killed ssh session
Indexes:

Home | Main Index | Thread Index | Old Index