- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
<tibbs@math.uh.edu>
- (djm) OpenBSD CVS updates:
- todd@cvs.openbsd.org
[sshconnect2.c]
teach protocol v2 to count login failures properly and also enable an
explanation of why the password prompt comes up again like v1; this is NOT
crypto
- markus@cvs.openbsd.org
[readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
xauth_location support; pr 1234
[readconf.c sshconnect2.c]
typo, unused
[session.c]
allow use_login only for login sessions, otherwise remote commands are
execed with uid==0
[sshd.8]
document UseLogin better
[version.h]
OpenSSH 2.1.1
[auth-rsa.c]
fix match_hostname() logic for auth-rsa: deny access if we have a
negative match or no match at all
[channels.c hostfile.c match.c]
don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
kris@FreeBSD.org
diff --git a/sshconnect2.c b/sshconnect2.c
index 0abcf89..77b8652 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.11 2000/05/25 20:45:20 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -71,7 +71,6 @@
ssh_kex_dh(Kex *kex, char *host, struct sockaddr *hostaddr,
Buffer *client_kexinit, Buffer *server_kexinit)
{
- int i;
int plen, dlen;
unsigned int klen, kout;
char *signature = NULL;
@@ -265,9 +264,12 @@
char prompt[80];
char *password;
- if (attempt++ > options.number_of_password_prompts)
+ if (attempt++ >= options.number_of_password_prompts)
return 0;
+ if(attempt != 1)
+ error("Permission denied, please try again.");
+
snprintf(prompt, sizeof(prompt), "%.30s@%.40s's password: ",
server_user, host);
password = read_passphrase(prompt, 0);