Date: Thu, 10 Aug 2017 06:36:37 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r322341 - in stable: 10/crypto/openssh 11/crypto/openssh Message-ID: <201708100636.v7A6abxI037853@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Thu Aug 10 06:36:37 2017 New Revision: 322341 URL: https://svnweb.freebsd.org/changeset/base/322341 Log: Apply upstream fix: Skip passwords longer than 1k in length so clients can't easily DoS sshd by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org Security: CVE-2016-6515 Security: FreeBSD-SA-17:06.openssh Modified: stable/10/crypto/openssh/auth-passwd.c Changes in other areas also in this revision: Modified: stable/11/crypto/openssh/auth-passwd.c Modified: stable/10/crypto/openssh/auth-passwd.c ============================================================================== --- stable/10/crypto/openssh/auth-passwd.c Thu Aug 10 05:38:31 2017 (r322340) +++ stable/10/crypto/openssh/auth-passwd.c Thu Aug 10 06:36:37 2017 (r322341) @@ -66,6 +66,8 @@ extern login_cap_t *lc; #define DAY (24L * 60 * 60) /* 1 day in seconds */ #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ +#define MAX_PASSWORD_LEN 1024 + void disable_forwarding(void) { @@ -86,6 +88,9 @@ auth_password(Authctxt *authctxt, const char *password #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) static int expire_checked = 0; #endif + + if (strlen(password) > MAX_PASSWORD_LEN) + return 0; #ifndef HAVE_CYGWIN if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201708100636.v7A6abxI037853>