[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-74-gc76e1f
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-74-gc76e1f1 |
|
Date: |
Fri, 13 Apr 2012 20:29:19 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via c76e1f1f0591a30a42d17bd7b18e1abd531b8d2a (commit)
from 982ff0eeab04235b193b312ea6433993296db515 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=c76e1f1f0591a30a42d17bd7b18e1abd531b8d2a
commit c76e1f1f0591a30a42d17bd7b18e1abd531b8d2a
Author: Mats Erik Andersson <address@hidden>
Date: Fri Apr 13 21:24:25 2012 +0200
ftpd: Incomplete access verification.
diff --git a/ChangeLog b/ChangeLog
index 09c71c5..8774399 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2012-04-13 Mats Erik Andersson <address@hidden>
+
+ Improve checking of FTP access verification.
+
+ * ftpd/ftpd.c (complete_login): Abort login attempt when
+ setegid() fails.
+ (pass): Clear LOGIN_ATTEMPTS only if login was really granted.
+
2012-04-11 Mats Erik Andersson <address@hidden>
Support for DragonFly BSD.
diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
index 4103dab..3693a21 100644
--- a/ftpd/ftpd.c
+++ b/ftpd/ftpd.c
@@ -646,7 +646,7 @@ complete_login (struct credentials *pcred)
if (setegid ((gid_t) pcred->gid) < 0)
{
reply (550, "Can't set gid.");
- return;
+ goto bad;
}
#ifdef HAVE_INITGROUPS
@@ -726,7 +726,7 @@ complete_login (struct credentials *pcred)
return;
bad:
/* Forget all about it... */
- end_login (pcred);
+ end_login (pcred); /* Resets pcred->logged_in. */
}
/* USER command.
@@ -864,7 +864,10 @@ pass (const char *passwd)
}
cred.logged_in = 1; /* Everything seems to be allright. */
complete_login (&cred);
- login_attempts = 0; /* This time successful. */
+ if (cred.logged_in)
+ login_attempts = 0; /* This time successful. */
+ else
+ ++login_attempts;
}
void
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 8 ++++++++
ftpd/ftpd.c | 9 ++++++---
2 files changed, 14 insertions(+), 3 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-74-gc76e1f1,
Mats Erik Andersson <=