Rivoreo Source Code Repositories
src.rivoreo.one / security / openssh-library / fcd135c9df440bcd2d5870405ad3311743d78d97
commitfcd135c9df440bcd2d5870405ad3311743d78d97[log] [download]
authordtucker@openbsd.org <dtucker@openbsd.org>Thu Jul 21 01:39:35 2016 +0000
committerDamien Miller <djm@mindrot.org>Fri Jul 22 13:36:40 2016 +1000
tree0d66a792ade2b7cca30f5df586714fb1cf5f2265
parent324583e8fb3935690be58790425793df619c6d4d [diff]
upstream commit

Skip passwords longer than 1k in length so clients can't
easily DoS sshd by sending very long passwords, causing it to spend CPU
hashing them. feedback djm@, ok markus@.

Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org

Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
1 file changed
tree: 0d66a792ade2b7cca30f5df586714fb1cf5f2265
  1. .skipped-commit-ids
  2. CREDITS
  3. INSTALL
  4. LICENCE
  5. Makefile.in
  6. OVERVIEW
  7. PROTOCOL
  8. PROTOCOL.agent
  9. PROTOCOL.certkeys
  10. PROTOCOL.chacha20poly1305
  11. PROTOCOL.key
  12. PROTOCOL.krl
  13. PROTOCOL.mux
  14. README
  15. README.dns
  16. README.platform
  17. README.privsep
  18. README.tun
  19. TODO
  20. aclocal.m4
  21. addrmatch.c
  22. atomicio.c
  23. atomicio.h
  24. audit-bsm.c
  25. audit-linux.c
  26. audit.c
  27. audit.h
  28. auth-bsdauth.c
  29. auth-chall.c
  30. auth-krb5.c
  31. auth-options.c
  32. auth-options.h
  33. auth-pam.c
  34. auth-pam.h
  35. auth-passwd.c
  36. auth-rh-rsa.c
  37. auth-rhosts.c
  38. auth-rsa.c
  39. auth-shadow.c
  40. auth-sia.c
  41. auth-sia.h
  42. auth-skey.c
  43. auth.c
  44. auth.h
  45. auth1.c
  46. auth2-chall.c
  47. auth2-gss.c
  48. auth2-hostbased.c
  49. auth2-kbdint.c
  50. auth2-none.c
  51. auth2-passwd.c
  52. auth2-pubkey.c
  53. auth2.c
  54. authfd.c
  55. authfd.h
  56. authfile.c
  57. authfile.h
  58. bitmap.c
  59. bitmap.h
  60. blocks.c
  61. bufaux.c
  62. bufbn.c
  63. bufec.c
  64. buffer.c
  65. buffer.h
  66. buildpkg.sh.in
  67. canohost.c
  68. canohost.h
  69. chacha.c
  70. chacha.h
  71. channels.c
  72. channels.h
  73. cipher-3des1.c
  74. cipher-aes.c
  75. cipher-aesctr.c
  76. cipher-aesctr.h
  77. cipher-bf1.c
  78. cipher-chachapoly.c
  79. cipher-chachapoly.h
  80. cipher-ctr.c
  81. cipher.c
  82. cipher.h
  83. cleanup.c
  84. clientloop.c
  85. clientloop.h
  86. compat.c
  87. compat.h
  88. config.guess
  89. config.sub
  90. configure.ac
  91. contrib/
  92. crc32.c
  93. crc32.h
  94. crypto_api.h
  95. deattack.c
  96. deattack.h
  97. defines.h
  98. dh.c
  99. dh.h
  100. digest-libc.c
  101. digest-openssl.c
  102. digest.h
  103. dispatch.c
  104. dispatch.h
  105. dns.c
  106. dns.h
  107. ed25519.c
  108. entropy.c
  109. entropy.h
  110. fatal.c
  111. fe25519.c
  112. fe25519.h
  113. fixalgorithms
  114. fixpaths
  115. fixprogs
  116. ge25519.c
  117. ge25519.h
  118. ge25519_base.data
  119. groupaccess.c
  120. groupaccess.h
  121. gss-genr.c
  122. gss-serv-krb5.c
  123. gss-serv.c
  124. hash.c
  125. hmac.c
  126. hmac.h
  127. hostfile.c
  128. hostfile.h
  129. includes.h
  130. install-sh
  131. kex.c
  132. kex.h
  133. kexc25519.c
  134. kexc25519c.c
  135. kexc25519s.c
  136. kexdh.c
  137. kexdhc.c
  138. kexdhs.c
  139. kexecdh.c
  140. kexecdhc.c
  141. kexecdhs.c
  142. kexgex.c
  143. kexgexc.c
  144. kexgexs.c
  145. key.c
  146. key.h
  147. krl.c
  148. krl.h
  149. log.c
  150. log.h
  151. loginrec.c
  152. loginrec.h
  153. logintest.c
  154. mac.c
  155. mac.h
  156. match.c
  157. match.h
  158. md-sha256.c
  159. md5crypt.c
  160. md5crypt.h
  161. mdoc2man.awk
  162. misc.c
  163. misc.h
  164. mkinstalldirs
  165. moduli
  166. moduli.5
  167. moduli.c
  168. monitor.c
  169. monitor.h
  170. monitor_fdpass.c
  171. monitor_fdpass.h
  172. monitor_mm.c
  173. monitor_mm.h
  174. monitor_wrap.c
  175. monitor_wrap.h
  176. msg.c
  177. msg.h
  178. mux.c
  179. myproposal.h
  180. nchan.c
  181. nchan.ms
  182. nchan2.ms
  183. opacket.c
  184. opacket.h
  185. openbsd-compat/
  186. openssh.xml.in
  187. opensshd.init.in
  188. packet.c
  189. packet.h
  190. pathnames.h
  191. pkcs11.h
  192. platform-pledge.c
  193. platform-tracing.c
  194. platform.c
  195. platform.h
  196. poly1305.c
  197. poly1305.h
  198. progressmeter.c
  199. progressmeter.h
  200. readconf.c
  201. readconf.h
  202. readpass.c
  203. regress/
  204. rijndael.c
  205. rijndael.h
  206. rsa.c
  207. rsa.h
  208. sandbox-capsicum.c
  209. sandbox-darwin.c
  210. sandbox-null.c
  211. sandbox-pledge.c
  212. sandbox-rlimit.c
  213. sandbox-seccomp-filter.c
  214. sandbox-solaris.c
  215. sandbox-systrace.c
  216. sc25519.c
  217. sc25519.h
  218. scp.1
  219. scp.c
  220. servconf.c
  221. servconf.h
  222. serverloop.c
  223. serverloop.h
  224. session.c
  225. session.h
  226. sftp-client.c
  227. sftp-client.h
  228. sftp-common.c
  229. sftp-common.h
  230. sftp-glob.c
  231. sftp-server-main.c
  232. sftp-server.8
  233. sftp-server.c
  234. sftp.1
  235. sftp.c
  236. sftp.h
  237. smult_curve25519_ref.c
  238. ssh-add.1
  239. ssh-add.c
  240. ssh-agent.1
  241. ssh-agent.c
  242. ssh-dss.c
  243. ssh-ecdsa.c
  244. ssh-ed25519.c
  245. ssh-gss.h
  246. ssh-keygen.1
  247. ssh-keygen.c
  248. ssh-keyscan.1
  249. ssh-keyscan.c
  250. ssh-keysign.8
  251. ssh-keysign.c
  252. ssh-pkcs11-client.c
  253. ssh-pkcs11-helper.8
  254. ssh-pkcs11-helper.c
  255. ssh-pkcs11.c
  256. ssh-pkcs11.h
  257. ssh-rsa.c
  258. ssh-sandbox.h
  259. ssh.1
  260. ssh.c
  261. ssh.h
  262. ssh1.h
  263. ssh2.h
  264. ssh_api.c
  265. ssh_api.h
  266. ssh_config
  267. ssh_config.5
  268. sshbuf-getput-basic.c
  269. sshbuf-getput-crypto.c
  270. sshbuf-misc.c
  271. sshbuf.c
  272. sshbuf.h
  273. sshconnect.c
  274. sshconnect.h
  275. sshconnect1.c
  276. sshconnect2.c
  277. sshd.8
  278. sshd.c
  279. sshd_config
  280. sshd_config.5
  281. ssherr.c
  282. ssherr.h
  283. sshkey.c
  284. sshkey.h
  285. sshlogin.c
  286. sshlogin.h
  287. sshpty.c
  288. sshpty.h
  289. sshtty.c
  290. survey.sh.in
  291. ttymodes.c
  292. ttymodes.h
  293. uidswap.c
  294. uidswap.h
  295. umac.c
  296. umac.h
  297. utf8.c
  298. utf8.h
  299. uuencode.c
  300. uuencode.h
  301. verify.c
  302. version.h
  303. xmalloc.c
  304. xmalloc.h