artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8cb10e2) | patch
split PerSourcePenalties address tracking. Previously it used one
authordjm <djm@openbsd.org>
Wed, 12 Jun 2024 22:36:00 +0000 (22:36 +0000)
committerdjm <djm@openbsd.org>
Wed, 12 Jun 2024 22:36:00 +0000 (22:36 +0000)
commitcd187d0bf5f90a5e9e8ee62ae93d04529dff09e2
tree8e6a4ff9b8f81d13e7ddd4ee7c743ea8fcbc6ec1tree | snapshot
parent8cb10e2e689805d672a2e226c47d37165c4dcd53commit | diff
split PerSourcePenalties address tracking. Previously it used one
shared table and overflow policy for IPv4 and IPv6 addresses, now
it will use separate tables and optionally different overflow
policies.

This prevents misbehaviour from IPv6 addresses (which are vastly easier
to obtain many of) from affecting IPv4 connections and may allow for
stricter overflow policies.

ok deraadt@
usr.bin/ssh/servconf.c diff | blob | history
usr.bin/ssh/servconf.h diff | blob | history
usr.bin/ssh/srclimit.c diff | blob | history
usr.bin/ssh/sshd_config.5 diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim