Date: Sun, 23 Feb 1997 09:55:59 -0800 (PST) From: richterb@furball.wellsfargo.com To: freebsd-gnats-submit@freebsd.org Subject: bin/2805: remove hard coded slowdown count and failed login count Message-ID: <199702231755.JAA21913@freefall.freebsd.org> Resent-Message-ID: <199702231800.KAA22201@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2805 >Category: bin >Synopsis: remove hard coded slowdown count and failed login count >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Feb 23 10:00:01 PST 1997 >Last-Modified: >Originator: Bill Richter >Organization: >Release: 2.2-GAMMA >Environment: FreeBSD binkley 2.2-GAMMA FreeBSD 2.2-GAMMA #2: Mon Feb 17 14:29:56 PST 1997 richterb@binkley:/usr/src/sys/compile/BINKLEY i386 >Description: Both 3 and 10 are hardcoded numbers and 10 is a lot of attempts at a failed login even with the default delay commencing after 3 failures. Just change 3 and 10 to defines instead would make customization of the function easier. Would prefer moving the numbers out to a configuration file but alas that might be a bit more complicated. /* we allow 10 tries, but after 3 we start backing off */ if (++cnt > 3) { if (cnt >= 10) { badlogin(username); sleepexit(1); } >How-To-Repeat: n/a >Fix: *** login.c Sun Feb 23 09:47:42 1997 --- mylogin.c Sun Feb 23 09:47:27 1997 *************** *** 94,99 **** --- 94,101 ---- extern void login __P((struct utmp *)); #define TTYGRPNAME "tty" /* name of group to own ttys */ + #define RETRY 3 /* count before slowing prompt * / + #define BAD_ATTEMPTS 10 /* count before aborting login * / /* * This bounds the time given to login. Not a define so it can *************** *** 341,351 **** (void)printf("Login incorrect\n"); failures++; ! /* we allow 10 tries, but after 3 we start backing off */ ! if (++cnt > 3) { ! if (cnt >= 10) { ! badlogin(username); ! sleepexit(1); } sleep((u_int)((cnt - 3) * 5)); } --- 343,355 ---- (void)printf("Login incorrect\n"); failures++; ! ! /* when bad logins exceeds BAD_ATTEMPTS, we exit but when ! bad logins exceeds RETRY we start adding delay to the prompt */ ! if (++cnt > RETRY) { ! if (cnt >= BAD_ATTEMPTS) { ! badlogin(username); ! sleepexit(1); } sleep((u_int)((cnt - 3) * 5)); } >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702231755.JAA21913>