From 5057f6560663c73932639c33d7b138c634d3ef99 Mon Sep 17 00:00:00 2001
From: Kurt Lidl <lidl@FreeBSD.org>
Date: Sun, 19 Feb 2017 20:35:39 +0000
Subject: [PATCH] Only notify blacklistd for successful logins in auth.c

Reported by:	Rick Adams
Reviewed by:	des
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
---
 crypto/openssh/auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c
index 1259385f8af9..c5dac04d6a5b 100644
--- a/crypto/openssh/auth.c
+++ b/crypto/openssh/auth.c
@@ -295,8 +295,8 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
 		authmsg = "Partial";
 	else {
 		authmsg = authenticated ? "Accepted" : "Failed";
-		BLACKLIST_NOTIFY(authenticated ?
-		    BLACKLIST_AUTH_OK : BLACKLIST_AUTH_FAIL);
+		if (authenticated)
+			BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK);
 	}
 
 	authlog("%s %s%s%s for %s%.100s from %.200s port %d %s%s%s",