61 lines
1.8 KiB
Diff
61 lines
1.8 KiB
Diff
From 4286e434ab29c077a42d52c97e7a2e92f93fc1c3 Mon Sep 17 00:00:00 2001
|
|
From: zhuqingfu <zhuqingfu1@huawei.com>
|
|
Date: Tue, 15 Sep 2020 15:09:52 +0800
|
|
Subject: [PATCH] CVE-2018-15919
|
|
|
|
---
|
|
auth.h | 1 +
|
|
auth2-gss.c | 1 +
|
|
auth2.c | 4 ++++
|
|
3 files changed, 6 insertions(+)
|
|
|
|
diff --git a/auth.h b/auth.h
|
|
index c3a92df..1127fdf 100644
|
|
--- a/auth.h
|
|
+++ b/auth.h
|
|
@@ -58,6 +58,7 @@ struct Authctxt {
|
|
int attempt;
|
|
int failures;
|
|
int server_caused_failure;
|
|
+ int server_caused_gssapi_failure;
|
|
int force_pwchange;
|
|
char *user; /* username sent by the client */
|
|
char *service;
|
|
diff --git a/auth2-gss.c b/auth2-gss.c
|
|
index 4708375..6008319 100644
|
|
--- a/auth2-gss.c
|
|
+++ b/auth2-gss.c
|
|
@@ -156,6 +156,7 @@ userauth_gssapi(struct ssh *ssh)
|
|
ssh_gssapi_delete_ctx(&ctxt);
|
|
free(doid);
|
|
authctxt->server_caused_failure = 1;
|
|
+ authctxt->server_caused_gssapi_failure = 1;
|
|
return (0);
|
|
}
|
|
|
|
diff --git a/auth2.c b/auth2.c
|
|
index 956b9cf..2c4fc97 100644
|
|
--- a/auth2.c
|
|
+++ b/auth2.c
|
|
@@ -345,6 +345,7 @@ if (options.check_user_splash)
|
|
auth2_authctxt_reset_info(authctxt);
|
|
authctxt->postponed = 0;
|
|
authctxt->server_caused_failure = 0;
|
|
+ authctxt->server_caused_gssapi_failure = 0;
|
|
|
|
/* try to authenticate user */
|
|
m = authmethod_lookup(authctxt, method);
|
|
@@ -442,6 +443,9 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
|
|
if (!partial && !authctxt->server_caused_failure &&
|
|
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
|
|
authctxt->failures++;
|
|
+ if (!partial && authctxt->server_caused_gssapi_failure &&
|
|
+ (authctxt->attempt > 1 || strcmp(method, "none") != 0))
|
|
+ authctxt->failures++;
|
|
if (authctxt->failures >= options.max_authtries) {
|
|
#ifdef SSH_AUDIT_EVENTS
|
|
PRIVSEP(audit_event(ssh, SSH_LOGIN_EXCEED_MAXTRIES));
|
|
--
|
|
1.8.3.1
|
|
|