- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III

   <tibbs@math.uh.edu>
 - (djm) OpenBSD CVS updates:
  - todd@cvs.openbsd.org
    [sshconnect2.c]
    teach protocol v2 to count login failures properly and also enable an
    explanation of why the password prompt comes up again like v1; this is NOT
    crypto
  - markus@cvs.openbsd.org
    [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
    xauth_location support; pr 1234
    [readconf.c sshconnect2.c]
    typo, unused
    [session.c]
    allow use_login only for login sessions, otherwise remote commands are
    execed with uid==0
    [sshd.8]
    document UseLogin better
    [version.h]
    OpenSSH 2.1.1
    [auth-rsa.c]
    fix match_hostname() logic for auth-rsa: deny access if we have a
    negative match or no match at all
    [channels.c hostfile.c match.c]
    don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
    kris@FreeBSD.org

1 files changed, 5 insertions, 3 deletions

diff --git a/sshconnect2.c b/sshconnect2.c
index 0abcf89a..77b8652e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.11 2000/05/25 20:45:20 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -71,7 +71,6 @@ void
 ssh_kex_dh(Kex *kex, char *host, struct sockaddr *hostaddr,
     Buffer *client_kexinit, Buffer *server_kexinit)
 {
-	int i;
 	int plen, dlen;
 	unsigned int klen, kout;
 	char *signature = NULL;
@@ -265,9 +264,12 @@ ssh2_try_passwd(const char *server_user, const char *host, const char *service)
 	char prompt[80];
 	char *password;
 
-	if (attempt++ > options.number_of_password_prompts)
+	if (attempt++ >= options.number_of_password_prompts)
 		return 0;
 
+	if(attempt != 1)
+		error("Permission denied, please try again.");
+
 	snprintf(prompt, sizeof(prompt), "%.30s@%.40s's password: ",
 	    server_user, host);
 	password = read_passphrase(prompt, 0);