commit f7a99bee8c579ad40157acffe974f10c7e57b4fd
author Michal Vasko <mvasko@cesnet.cz> Tue Feb 07 10:57:27 2017 +0100
committer Michal Vasko <mvasko@cesnet.cz> Tue Feb 07 11:00:48 2017 +0100
tree c8e8a39bcef3d44612a46a1c685ee5a444f3c992
parent 2e5dbbb2389ade70b3a23543006981cbe2ab2b6a

server session BUGFIX moved place for chekcing max auth attempts

src/session_server_ssh.c

diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c
index 56da365..2d0f5d6 100644
--- a/src/session_server_ssh.c
+++ b/src/session_server_ssh.c
@@ -900,12 +900,6 @@
             return 0;
         }
 
-        if (session->ssh_auth_attempts >= ((struct nc_server_ssh_opts *)session->data)->auth_attempts) {
-            /* too many failed attempts */
-            ssh_message_reply_default(msg);
-            return 0;
-        }
-
         /* save the username, do not let the client change it */
         username = ssh_message_auth_user(msg);
         if (!session->username) {
@@ -1145,6 +1139,11 @@
             return -1;
         }
 
+        if (session->opts.server.ssh_auth_attempts >= opts->auth_attempts) {
+            ERR("Too many failed authentication attempts of user \"%s\".", session->username);
+            return -1;
+        }
+
         if (session->flags & NC_SESSION_SSH_AUTHENTICATED) {
             break;
         }