Check for and disallow MaxStartups values less than or equal to zero

during config parsing, rather than faling later at runtime.  bz#3489,
ok djm@

diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 07c5477..9822ff3 100644 (file)
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.386 2022/09/17 10:34:29 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.387 2022/11/07 10:02:59 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1861,6 +1861,10 @@ process_server_config_line_depth(ServerOptions *options, char *line,
                            filename, linenum, keyword);
                else
                        options->max_startups = options->max_startups_begin;
+               if (options->max_startups <= 0 ||
+                   options->max_startups_begin <= 0)
+                       fatal("%s line %d: Invalid %s spec.",
+                           filename, linenum, keyword);
                break;
 
        case sPerSourceNetBlockSize: