| @@ -1,30 +1,30 @@ | | | @@ -1,30 +1,30 @@ |
1 | $NetBSD: patch-af,v 1.2 2013/12/26 23:30:41 pettai Exp $ | | 1 | $NetBSD: patch-af,v 1.3 2014/02/04 15:38:16 pettai Exp $ |
2 | | | 2 | |
3 | Fix for CVE-2013-6890 | | 3 | Fix for CVE-2013-6890 (See http://seclists.org/oss-sec/2013/q4/535) |
4 | (See http://seclists.org/oss-sec/2013/q4/535) | | 4 | Added DSA-2826-2 fix for regression (See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734329) |
5 | | | 5 | |
6 | --- DenyHosts/regex.py.orig 2013-12-26 22:46:33.000000000 +0000 | | 6 | --- DenyHosts/regex.py.orig 2013-12-26 22:46:33.000000000 +0000 |
7 | +++ DenyHosts/regex.py | | 7 | +++ DenyHosts/regex.py |
8 | @@ -6,22 +6,22 @@ import re | | 8 | @@ -6,22 +6,22 @@ import re |
9 | | | 9 | |
10 | #DATE_FORMAT_REGEX = re.compile(r"""(?P<month>[A-z]{3,3})\s*(?P<day>\d+)""") | | 10 | #DATE_FORMAT_REGEX = re.compile(r"""(?P<month>[A-z]{3,3})\s*(?P<day>\d+)""") |
11 | | | 11 | |
12 | -SSHD_FORMAT_REGEX = re.compile(r""".* (sshd.*:|\[sshd\]) (?P<message>.*)""") | | 12 | -SSHD_FORMAT_REGEX = re.compile(r""".* (sshd.*:|\[sshd\]) (?P<message>.*)""") |
13 | +SSHD_FORMAT_REGEX = re.compile(r""".*? (sshd.*?:|\[sshd\]) (?P<message>.*)""") | | 13 | +SSHD_FORMAT_REGEX = re.compile(r""".*? (sshd.*?:|\[sshd\]) (?P<message>.*)""") |
14 | #SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""") | | 14 | #SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""") |
15 | | | 15 | |
16 | -FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") | | 16 | -FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") |
17 | +FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""") | | 17 | +FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})( port \d+)?( ssh2)?$""") |
18 | | | 18 | |
19 | -FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") | | 19 | -FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") |
20 | +FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""") | | 20 | +FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""") |
21 | | | 21 | |
22 | -FAILED_ENTRY_REGEX3 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") | | 22 | -FAILED_ENTRY_REGEX3 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") |
23 | +FAILED_ENTRY_REGEX3 = None | | 23 | +FAILED_ENTRY_REGEX3 = None |
24 | | | 24 | |
25 | -FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""") | | 25 | -FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""") |
26 | +FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) from (::ffff:)?(?P<host>\S+)$""") | | 26 | +FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) from (::ffff:)?(?P<host>\S+)$""") |
27 | | | 27 | |
28 | -FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups""") | | 28 | -FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups""") |
29 | +FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because none of user's groups are listed in AllowGroups$""") | | 29 | +FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because none of user's groups are listed in AllowGroups$""") |
30 | | | 30 | |