Changeset View
Changeset View
Standalone View
Standalone View
contrib/blacklist/diff/ftpd.diff
- This file was added.
| --- /dev/null 2015-01-23 17:30:40.000000000 -0500 | |||||
| +++ pfilter.c 2015-01-23 17:12:02.000000000 -0500 | |||||
| @@ -0,0 +1,24 @@ | |||||
| +#include <stdio.h> | |||||
| +#include <blacklist.h> | |||||
| + | |||||
| +#include "pfilter.h" | |||||
| + | |||||
| +static struct blacklist *blstate; | |||||
| + | |||||
| +void | |||||
| +pfilter_open(void) | |||||
| +{ | |||||
| + if (blstate == NULL) | |||||
| + blstate = blacklist_open(); | |||||
| +} | |||||
| + | |||||
| +void | |||||
| +pfilter_notify(int what, const char *msg) | |||||
| +{ | |||||
| + pfilter_open(); | |||||
| + | |||||
| + if (blstate == NULL) | |||||
| + return; | |||||
| + | |||||
| + blacklist_r(blstate, what, 0, msg); | |||||
| +} | |||||
| --- /dev/null 2015-01-23 17:30:40.000000000 -0500 | |||||
| +++ pfilter.h 2015-01-23 17:07:25.000000000 -0500 | |||||
| @@ -0,0 +1,2 @@ | |||||
| +void pfilter_open(void); | |||||
| +void pfilter_notify(int, const char *); | |||||
| Index: Makefile | |||||
| =================================================================== | |||||
| RCS file: /cvsroot/src/libexec/ftpd/Makefile,v | |||||
| retrieving revision 1.63 | |||||
| diff -u -p -u -r1.63 Makefile | |||||
| --- Makefile 14 Aug 2011 11:46:28 -0000 1.63 | |||||
| +++ Makefile 23 Jan 2015 22:32:20 -0000 | |||||
| @@ -11,6 +11,10 @@ LDADD+= -lcrypt -lutil | |||||
| MAN= ftpd.conf.5 ftpusers.5 ftpd.8 | |||||
| MLINKS= ftpusers.5 ftpchroot.5 | |||||
| +SRCS+= pfilter.c | |||||
| +LDADD+= -lblacklist | |||||
| +DPADD+= ${LIBBLACKLIST} | |||||
| + | |||||
| .if defined(NO_INTERNAL_LS) | |||||
| CPPFLAGS+=-DNO_INTERNAL_LS | |||||
| .else | |||||
| Index: ftpd.c | |||||
| =================================================================== | |||||
| RCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v | |||||
| retrieving revision 1.200 | |||||
| diff -u -p -u -r1.200 ftpd.c | |||||
| --- ftpd.c 31 Jul 2013 19:50:47 -0000 1.200 | |||||
| +++ ftpd.c 23 Jan 2015 22:32:20 -0000 | |||||
| @@ -165,6 +165,8 @@ __RCSID("$NetBSD: ftpd.c,v 1.200 2013/07 | |||||
| #include <security/pam_appl.h> | |||||
| #endif | |||||
| +#include "pfilter.h" | |||||
| + | |||||
| #define GLOBAL | |||||
| #include "extern.h" | |||||
| #include "pathnames.h" | |||||
| @@ -471,6 +473,8 @@ main(int argc, char *argv[]) | |||||
| if (EMPTYSTR(confdir)) | |||||
| confdir = _DEFAULT_CONFDIR; | |||||
| + pfilter_open(); | |||||
| + | |||||
| if (dowtmp) { | |||||
| #ifdef SUPPORT_UTMPX | |||||
| ftpd_initwtmpx(); | |||||
| @@ -1401,6 +1405,7 @@ do_pass(int pass_checked, int pass_rval, | |||||
| if (rval) { | |||||
| reply(530, "%s", rval == 2 ? "Password expired." : | |||||
| "Login incorrect."); | |||||
| + pfilter_notify(1, rval == 2 ? "exppass" : "badpass"); | |||||
| if (logging) { | |||||
| syslog(LOG_NOTICE, | |||||
| "FTP LOGIN FAILED FROM %s", remoteloghost); | |||||
| @@ -1444,6 +1449,7 @@ do_pass(int pass_checked, int pass_rval, | |||||
| *remote_ip = 0; | |||||
| remote_ip[sizeof(remote_ip) - 1] = 0; | |||||
| if (!auth_hostok(lc, remotehost, remote_ip)) { | |||||
| + pfilter_notify(1, "bannedhost"); | |||||
| syslog(LOG_INFO|LOG_AUTH, | |||||
| "FTP LOGIN FAILED (HOST) as %s: permission denied.", | |||||
| pw->pw_name); | |||||