Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 23 Feb 1997 09:55:59 -0800 (PST)
From:      richterb@furball.wellsfargo.com
To:        freebsd-gnats-submit@freebsd.org
Subject:   bin/2805: remove hard coded slowdown count and failed login count
Message-ID:  <199702231755.JAA21913@freefall.freebsd.org>
Resent-Message-ID: <199702231800.KAA22201@freefall.freebsd.org>
index | next in thread | raw e-mail 


>Number:         2805
>Category:       bin
>Synopsis:       remove hard coded slowdown count and failed login count
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Feb 23 10:00:01 PST 1997
>Last-Modified:
>Originator:     Bill Richter
>Organization:
>Release:        2.2-GAMMA
>Environment:
FreeBSD binkley 2.2-GAMMA FreeBSD 2.2-GAMMA #2: Mon Feb 17 14:29:56 PST
 1997     richterb@binkley:/usr/src/sys/compile/BINKLEY  i386

>Description:
Both 3 and 10 are hardcoded numbers and 10 is a lot of
attempts at a failed login even with the default delay
commencing after 3 failures.  Just change 3 and 10 to
defines instead would make customization of the function
easier.  Would prefer moving the numbers out to a configuration
file but alas that might be a bit more complicated. 

/* we allow 10 tries, but after 3 we start backing off */
                if (++cnt > 3) {
                        if (cnt >= 10) {
                                badlogin(username);
                                sleepexit(1);
                        }

>How-To-Repeat:
n/a
>Fix:
*** login.c     Sun Feb 23 09:47:42 1997
--- mylogin.c   Sun Feb 23 09:47:27 1997
***************
*** 94,99 ****
--- 94,101 ----
  extern void login __P((struct utmp *));

  #define       TTYGRPNAME      "tty"           /* name of group to own ttys */
+ #define RETRY 3                               /* count before slowing prompt *
/
+ #define BAD_ATTEMPTS 10                       /* count before aborting login *
/

  /*
   * This bounds the time given to login.  Not a define so it can
***************
*** 341,351 ****

                (void)printf("Login incorrect\n");
                failures++;
!               /* we allow 10 tries, but after 3 we start backing off */
!               if (++cnt > 3) {
!                       if (cnt >= 10) {
!                               badlogin(username);
!                               sleepexit(1);
                        }
                        sleep((u_int)((cnt - 3) * 5));
                }
--- 343,355 ----

                (void)printf("Login incorrect\n");
                failures++;
! 
!          /* when bad logins exceeds BAD_ATTEMPTS, we exit but when
!             bad logins exceeds RETRY we start adding delay to the prompt */
!                        if (++cnt > RETRY) {
!                                if (cnt >= BAD_ATTEMPTS) {
!                                        badlogin(username);
!                                        sleepexit(1);
                        }
                        sleep((u_int)((cnt - 3) * 5));
                }       


>Audit-Trail:
>Unformatted:
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702231755.JAA21913>