Page MenuHomeFreeBSD
Files F145837218

D8374.id21769.diff
No OneTemporary
Actions

D8374.id21769.diff
View Options

Index: libexec/ftpd/blacklist.c
===================================================================
--- libexec/ftpd/blacklist.c
+++ libexec/ftpd/blacklist.c
@@ -36,17 +36,22 @@
#include "blacklist_client.h"
#include <blacklist.h>
-static struct blacklist *blstate;
+static struct blacklist *blstate = NULL;
+
+extern int use_blacklist;
void
blacklist_init(void)
{
- blstate = blacklist_open();
+
+ if (use_blacklist)
+ blstate = blacklist_open();
}
void
blacklist_notify(int action, int fd, char *msg)
{
+
if (blstate == NULL)
return;
(void)blacklist_r(blstate, action, fd, msg);
Index: libexec/ftpd/blacklist_client.h
===================================================================
--- libexec/ftpd/blacklist_client.h
+++ libexec/ftpd/blacklist_client.h
@@ -28,5 +28,26 @@
/* $FreeBSD$ */
-void blacklist_notify(int, int, char *);
+#ifndef BLACKLIST_CLIENT_H
+#define BLACKLIST_CLIENT_H
+
+enum {
+ BLACKLIST_AUTH_OK = 0,
+ BLACKLIST_AUTH_FAIL
+};
+
+#ifdef USE_BLACKLIST
void blacklist_init(void);
+void blacklist_notify(int, int, char *);
+
+#define BLACKLIST_INIT() blacklist_init()
+#define BLACKLIST_NOTIFY(x, y, z) blacklist_notify(x, y, z)
+
+#else
+
+#define BLACKLIST_INIT()
+#define BLACKLIST_NOTIFY(x, y, z)
+
+#endif
+
+#endif /* BLACKLIST_CLIENT_H */
Index: libexec/ftpd/ftpd.8
===================================================================
--- libexec/ftpd/ftpd.8
+++ libexec/ftpd/ftpd.8
@@ -36,7 +36,7 @@
.Nd Internet File Transfer Protocol server
.Sh SYNOPSIS
.Nm
-.Op Fl 468ADdEhMmOoRrSUvW
+.Op Fl 468ABDdEhMmOoRrSUvW
.Op Fl l Op Fl l
.Op Fl a Ar address
.Op Fl P Ar port
@@ -95,6 +95,14 @@
.Fl D
is specified, accept connections only on the specified
.Ar address .
+.It Fl B
+With this option set,
+.Nm
+sends authentication success and failure messages to the
+.Xr blacklistd 8
+daemon. If this option is not specified, no communcation with the
+.Xr blacklistd 8
+daemon is attempted.
.It Fl D
With this option set,
.Nm
Index: libexec/ftpd/ftpd.c
===================================================================
--- libexec/ftpd/ftpd.c
+++ libexec/ftpd/ftpd.c
@@ -144,6 +144,7 @@
int noguestretr = 0; /* RETR command is disabled for anon users. */
int noguestmkd = 0; /* MKD command is disabled for anon users. */
int noguestmod = 1; /* anon users may not modify existing files. */
+int use_blacklist = 0;
off_t file_size;
off_t byte_count;
@@ -305,7 +306,7 @@
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
while ((ch = getopt(argc, argv,
- "468a:AdDEhlmMoOp:P:rRSt:T:u:UvW")) != -1) {
+ "468a:ABdDEhlmMoOp:P:rRSt:T:u:UvW")) != -1) {
switch (ch) {
case '4':
family = (family == AF_INET6) ? AF_UNSPEC : AF_INET;
@@ -327,6 +328,14 @@
anon_only = 1;
break;
+ case 'B':
+#ifdef USE_BLACKLIST
+ use_blacklist = 1;
+#else
+ syslog(LOG_WARNING, "not compiled with USE_BLACKLIST support");
+#endif
+ break;
+
case 'd':
ftpdebug++;
break;
@@ -644,9 +653,7 @@
reply(220, "%s FTP server (%s) ready.", hostname, version);
else
reply(220, "FTP server ready.");
-#ifdef USE_BLACKLIST
- blacklist_init();
-#endif
+ BLACKLIST_INIT();
for (;;)
(void) yyparse();
/* NOTREACHED */
@@ -1422,9 +1429,7 @@
*/
if (rval) {
reply(530, "Login incorrect.");
-#ifdef USE_BLACKLIST
- blacklist_notify(1, STDIN_FILENO, "Login incorrect");
-#endif
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, STDIN_FILENO, "Login incorrect");
if (logging) {
syslog(LOG_NOTICE,
"FTP LOGIN FAILED FROM %s",
@@ -1441,12 +1446,9 @@
exit(0);
}
return;
+ } else {
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, STDIN_FILENO, "Login successful");
}
-#ifdef USE_BLACKLIST
- else {
- blacklist_notify(0, STDIN_FILENO, "Login successful");
- }
-#endif
}
login_attempts = 0; /* this time successful */
if (setegid(pw->pw_gid) < 0) {

File Metadata

Mime Type
text/plain
Expires
Thu, Feb 26, 2:03 AM (25 m, 3 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
28999204
Default Alt Text
D8374.id21769.diff (3 KB)

Event Timeline