aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2017-08-10 06:36:37 +0000
committerXin LI <delphij@FreeBSD.org>2017-08-10 06:36:37 +0000
commitd4649e920a1dc5448f530e327408a351ccc2ccce (patch)
treedc5da25a29f415c2b2632672858b1118bca607c0 /crypto
parentd6681fdb8e3a737c5a2d94ab1e7b608e5822acbe (diff)
downloadsrc-d4649e920a1dc5448f530e327408a351ccc2ccce.tar.gz
src-d4649e920a1dc5448f530e327408a351ccc2ccce.zip
Apply upstream fix:
Skip passwords longer than 1k in length so clients can't easily DoS sshd by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org Security: CVE-2016-6515 Security: FreeBSD-SA-17:06.openssh
Notes
Notes: svn path=/stable/11/; revision=322341
Diffstat (limited to 'crypto')
-rw-r--r--crypto/openssh/auth-passwd.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c
index 63ccf3cabe7d..f6825ecc0655 100644
--- a/crypto/openssh/auth-passwd.c
+++ b/crypto/openssh/auth-passwd.c
@@ -66,6 +66,8 @@ extern login_cap_t *lc;
#define DAY (24L * 60 * 60) /* 1 day in seconds */
#define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */
+#define MAX_PASSWORD_LEN 1024
+
void
disable_forwarding(void)
{
@@ -87,6 +89,9 @@ auth_password(Authctxt *authctxt, const char *password)
static int expire_checked = 0;
#endif
+ if (strlen(password) > MAX_PASSWORD_LEN)
+ return 0;
+
#ifndef HAVE_CYGWIN
if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
ok = 0;