rpms/vsftpd/F-10 vsftpd-2.0.7-failed_login.patch, NONE, 1.1 vsftpd.spec, 1.83, 1.84

Wed Jun 3 07:47:51 UTC 2009

Author: jskala

Update of /cvs/extras/rpms/vsftpd/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14464

Modified Files:
	vsftpd.spec 
Added Files:
	vsftpd-2.0.7-failed_login.patch 
Log Message:
* Tue Jun 02 2009 Jiri Skala <jskala at redhat.com> - 2.0.7-2
- fix #483604


vsftpd-2.0.7-failed_login.patch:

--- NEW FILE vsftpd-2.0.7-failed_login.patch ---
diff -up vsftpd-2.0.7/prelogin.c.failed_login vsftpd-2.0.7/prelogin.c
--- vsftpd-2.0.7/prelogin.c.failed_login	2009-06-02 16:25:01.000000000 +0200
+++ vsftpd-2.0.7/prelogin.c	2009-06-02 16:26:57.000000000 +0200
@@ -30,6 +30,8 @@ static void emit_greeting(struct vsf_ses
 static void parse_username_password(struct vsf_session* p_sess);
 static void handle_user_command(struct vsf_session* p_sess);
 static void handle_pass_command(struct vsf_session* p_sess);
+static void check_login_delay();
+static void check_login_fails(struct vsf_session* p_sess);
 
 void
 init_connection(struct vsf_session* p_sess)
@@ -193,7 +195,9 @@ handle_user_command(struct vsf_session* 
     if ((located && tunable_userlist_deny) ||
         (!located && !tunable_userlist_deny))
     {
+      check_login_delay();
       vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied.");
+      check_login_fails(p_sess);
       if (tunable_userlist_log)
       {
         struct mystr str_log_line = INIT_MYSTR;
@@ -241,12 +245,25 @@ handle_pass_command(struct vsf_session* 
   {
     vsf_two_process_login(p_sess, &p_sess->ftp_arg_str);
   }
+  check_login_delay();
   vsf_cmdio_write(p_sess, FTP_LOGINERR, "Login incorrect.");
+  check_login_fails(p_sess);
+  str_empty(&p_sess->user_str);
+  /* FALLTHRU if login fails */
+}
+
+static void check_login_delay()
+{
+  if (tunable_delay_failed_login)
+  {
+    vsf_sysutil_sleep((double) tunable_delay_failed_login);
+  }
+}
+
+static void check_login_fails(struct vsf_session* p_sess)
+{
   if (++p_sess->login_fails >= tunable_max_login_fails)
   {
     vsf_sysutil_exit(0);
   }
-  str_empty(&p_sess->user_str);
-  /* FALLTHRU if login fails */
 }
-


Index: vsftpd.spec
===================================================================
RCS file: /cvs/extras/rpms/vsftpd/F-10/vsftpd.spec,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -p -r1.83 -r1.84
--- vsftpd.spec	9 Sep 2008 03:53:37 -0000	1.83
+++ vsftpd.spec	3 Jun 2009 07:47:20 -0000	1.84
@@ -3,7 +3,7 @@
 Summary: Very Secure Ftp Daemon
 Name: vsftpd
 Version: 2.0.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 # OpenSSL link exception
 License: GPLv2 with exceptions
 Group: System Environment/Daemons
@@ -44,6 +44,7 @@ Patch35: vsftpd-2.0.5-uname_size.patch
 Patch36: vsftpd-2.0.5-greedy.patch
 Patch37: vsftpd-2.0.6-userlist_log.patch
 Patch38: vsftpd-2.0.6-listen.patch
+Patch39: vsftpd-2.0.7-failed_login.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 %if %{tcp_wrappers}
@@ -101,6 +102,7 @@ cp %{SOURCE1} .
 %patch36 -p1 -b .greedy
 %patch37 -p1 -b .userlist_log
 %patch38 -p1 -b .listen
+%patch39 -p1 -b .failed_login
 
 %build
 %ifarch s390x sparcv9 sparc64
@@ -159,6 +161,9 @@ fi
 %{_var}/ftp
 
 %changelog
+* Tue Jun 02 2009 Jiri Skala <jskala at redhat.com> - 2.0.7-2
+- fix #483604
+
 * Mon Sep  8 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 2.0.7-1
 - fix license tag
 - update to 2.0.7


