avoid integer overflow of auth attempts (harmless, caught by monitor)

diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index ba7b357..706934a 100644 (file)
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.163 2021/12/26 23:34:41 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -269,6 +269,8 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
        if ((style = strchr(user, ':')) != NULL)
                *style++ = 0;
 
+       if (authctxt->attempt >= 1024)
+               auth_maxtries_exceeded(ssh);
        if (authctxt->attempt++ == 0) {
                /* setup auth context */
                authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
@@ -276,6 +278,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                        authctxt->valid = 1;
                        debug2_f("setting up authctxt for %s", user);
                } else {
+                       authctxt->valid = 0;
                        /* Invalid user, fake password information */
                        authctxt->pw = fakepw();
                }