svn commit: r322341 - in stable: 10/crypto/openssh 11/crypto/openssh
Xin LI
delphij at FreeBSD.org
Thu Aug 10 06:36:38 UTC 2017
Author: delphij
Date: Thu Aug 10 06:36:37 2017
New Revision: 322341
URL: https://svnweb.freebsd.org/changeset/base/322341
Log:
Apply upstream fix:
Skip passwords longer than 1k in length so clients can't
easily DoS sshd by sending very long passwords, causing it to spend CPU
hashing them. feedback djm@, ok markus at .
Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org
Security: CVE-2016-6515
Security: FreeBSD-SA-17:06.openssh
Modified:
stable/11/crypto/openssh/auth-passwd.c
Changes in other areas also in this revision:
Modified:
stable/10/crypto/openssh/auth-passwd.c
Modified: stable/11/crypto/openssh/auth-passwd.c
==============================================================================
--- stable/11/crypto/openssh/auth-passwd.c Thu Aug 10 05:38:31 2017 (r322340)
+++ stable/11/crypto/openssh/auth-passwd.c Thu Aug 10 06:36:37 2017 (r322341)
@@ -66,6 +66,8 @@ extern login_cap_t *lc;
#define DAY (24L * 60 * 60) /* 1 day in seconds */
#define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */
+#define MAX_PASSWORD_LEN 1024
+
void
disable_forwarding(void)
{
@@ -86,6 +88,9 @@ auth_password(Authctxt *authctxt, const char *password
#if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
static int expire_checked = 0;
#endif
+
+ if (strlen(password) > MAX_PASSWORD_LEN)
+ return 0;
#ifndef HAVE_CYGWIN
if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
More information about the svn-src-all
mailing list