https://bugzilla.mindrot.org/show_bug.cgi?id=2415
--- Comment #3 from Damien Miller <[email protected]> --- Right, but SSH2_MSG_USERAUTH_PK_OK tests are not really "authentication attempts" because they don't include a signature. Attempts that do include a signature are treated like every other authentication attempt wrt logging and maxauthtries handling. In the monitor, authctxt->failures gets incremented in the main monitor_child_preauth() after mm_answer_keyverify() returns without completing authentication. The monitor and preauth privsep process failures counter should not be out of sync, but keyallowed isn't the right place to increment it because it will put it out of sync in a different way :/ I just noticed that the increment in monitor.c is wrong in a different way though, it fails to account for partial authentication that shouldn't increment the counter. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
