Add blacklist support to sshd
ClosedPublic
Actions

Authored by • lidl on Apr 11 2016, 4:17 PM.

Details

Reviewers

Commits

rS301551: Add blacklist support to sshd

Summary

Add blacklist support to sshd

Depends on D5912
Depends on D5913

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

• lidl retitled this revision from to Add blacklist support to sshd.

• lidl updated this object.

• lidl edited the test plan for this revision. (Show Details)

crypto/openssh/blacklist.c
28 ↗	(On Diff #15084)	Indeed, what is fd 3 here?

Updated to address emaste's comment, and log an error message when that condition arises.

I have never run into that condition in all my testing.

rpaulo edited edge metadata.

rpaulo added inline comments.

crypto/openssh/blacklist.c
1 ↗	(On Diff #16968)	Missing some kind of copyright.
22 ↗	(On Diff #16968)	What exactly is "a" ? It's always 1. Please drop the variable if it's not really used.
crypto/openssh/blacklist_client.h
1 ↗	(On Diff #16968)	Missing copyright.

This revision is now accepted and ready to land.May 27 2016, 7:23 PM

crypto/openssh/blacklist.c
1 ↗	(On Diff #16968)	This is a verbatim import from NetBSD's patches, but doesn't have a copyright on it. I guess I should put on the NetBSD copyright, and have Christos augment the upstream diffs.
22 ↗	(On Diff #16968)	It's the action (zero = successful login), (one = failed login). Ideally, the code would also send successful login to zero out any bad login counts that are in progress. e.g. - two failed logins from an IP address, and then a successful login would reset the running count of failed logins to zero for that IP address.