xref: /minix3/external/bsd/blacklist/diff/ftpd.diff (revision 0a6a1f1d05b60e214de2f05a7310ddd1f0e590e7)
1*0a6a1f1dSLionel Sambuc--- /dev/null	2015-01-23 17:30:40.000000000 -0500
2*0a6a1f1dSLionel Sambuc+++ pfilter.c	2015-01-23 17:12:02.000000000 -0500
3*0a6a1f1dSLionel Sambuc@@ -0,0 +1,24 @@
4*0a6a1f1dSLionel Sambuc+#include <stdio.h>
5*0a6a1f1dSLionel Sambuc+#include <blacklist.h>
6*0a6a1f1dSLionel Sambuc+
7*0a6a1f1dSLionel Sambuc+#include "pfilter.h"
8*0a6a1f1dSLionel Sambuc+
9*0a6a1f1dSLionel Sambuc+static struct blacklist *blstate;
10*0a6a1f1dSLionel Sambuc+
11*0a6a1f1dSLionel Sambuc+void
12*0a6a1f1dSLionel Sambuc+pfilter_open(void)
13*0a6a1f1dSLionel Sambuc+{
14*0a6a1f1dSLionel Sambuc+	if (blstate == NULL)
15*0a6a1f1dSLionel Sambuc+		blstate = blacklist_open();
16*0a6a1f1dSLionel Sambuc+}
17*0a6a1f1dSLionel Sambuc+
18*0a6a1f1dSLionel Sambuc+void
19*0a6a1f1dSLionel Sambuc+pfilter_notify(int what, const char *msg)
20*0a6a1f1dSLionel Sambuc+{
21*0a6a1f1dSLionel Sambuc+	pfilter_open();
22*0a6a1f1dSLionel Sambuc+
23*0a6a1f1dSLionel Sambuc+	if (blstate == NULL)
24*0a6a1f1dSLionel Sambuc+		return;
25*0a6a1f1dSLionel Sambuc+
26*0a6a1f1dSLionel Sambuc+	blacklist_r(blstate, what, 0, msg);
27*0a6a1f1dSLionel Sambuc+}
28*0a6a1f1dSLionel Sambuc--- /dev/null	2015-01-23 17:30:40.000000000 -0500
29*0a6a1f1dSLionel Sambuc+++ pfilter.h	2015-01-23 17:07:25.000000000 -0500
30*0a6a1f1dSLionel Sambuc@@ -0,0 +1,2 @@
31*0a6a1f1dSLionel Sambuc+void pfilter_open(void);
32*0a6a1f1dSLionel Sambuc+void pfilter_notify(int, const char *);
33*0a6a1f1dSLionel SambucIndex: Makefile
34*0a6a1f1dSLionel Sambuc===================================================================
35*0a6a1f1dSLionel SambucRCS file: /cvsroot/src/libexec/ftpd/Makefile,v
36*0a6a1f1dSLionel Sambucretrieving revision 1.63
37*0a6a1f1dSLionel Sambucdiff -u -p -u -r1.63 Makefile
38*0a6a1f1dSLionel Sambuc--- Makefile	14 Aug 2011 11:46:28 -0000	1.63
39*0a6a1f1dSLionel Sambuc+++ Makefile	23 Jan 2015 22:32:20 -0000
40*0a6a1f1dSLionel Sambuc@@ -11,6 +11,10 @@ LDADD+=	-lcrypt -lutil
41*0a6a1f1dSLionel Sambuc MAN=	ftpd.conf.5 ftpusers.5 ftpd.8
42*0a6a1f1dSLionel Sambuc MLINKS=	ftpusers.5 ftpchroot.5
43*0a6a1f1dSLionel Sambuc
44*0a6a1f1dSLionel Sambuc+SRCS+=	pfilter.c
45*0a6a1f1dSLionel Sambuc+LDADD+=	-lblacklist
46*0a6a1f1dSLionel Sambuc+DPADD+=	${LIBBLACKLIST}
47*0a6a1f1dSLionel Sambuc+
48*0a6a1f1dSLionel Sambuc .if defined(NO_INTERNAL_LS)
49*0a6a1f1dSLionel Sambuc CPPFLAGS+=-DNO_INTERNAL_LS
50*0a6a1f1dSLionel Sambuc .else
51*0a6a1f1dSLionel SambucIndex: ftpd.c
52*0a6a1f1dSLionel Sambuc===================================================================
53*0a6a1f1dSLionel SambucRCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v
54*0a6a1f1dSLionel Sambucretrieving revision 1.200
55*0a6a1f1dSLionel Sambucdiff -u -p -u -r1.200 ftpd.c
56*0a6a1f1dSLionel Sambuc--- ftpd.c	31 Jul 2013 19:50:47 -0000	1.200
57*0a6a1f1dSLionel Sambuc+++ ftpd.c	23 Jan 2015 22:32:20 -0000
58*0a6a1f1dSLionel Sambuc@@ -165,6 +165,8 @@ __RCSID("$NetBSD: ftpd.c,v 1.200 2013/07
59*0a6a1f1dSLionel Sambuc #include <security/pam_appl.h>
60*0a6a1f1dSLionel Sambuc #endif
61*0a6a1f1dSLionel Sambuc
62*0a6a1f1dSLionel Sambuc+#include "pfilter.h"
63*0a6a1f1dSLionel Sambuc+
64*0a6a1f1dSLionel Sambuc #define	GLOBAL
65*0a6a1f1dSLionel Sambuc #include "extern.h"
66*0a6a1f1dSLionel Sambuc #include "pathnames.h"
67*0a6a1f1dSLionel Sambuc@@ -471,6 +473,8 @@ main(int argc, char *argv[])
68*0a6a1f1dSLionel Sambuc 	if (EMPTYSTR(confdir))
69*0a6a1f1dSLionel Sambuc 		confdir = _DEFAULT_CONFDIR;
70*0a6a1f1dSLionel Sambuc
71*0a6a1f1dSLionel Sambuc+	pfilter_open();
72*0a6a1f1dSLionel Sambuc+
73*0a6a1f1dSLionel Sambuc 	if (dowtmp) {
74*0a6a1f1dSLionel Sambuc #ifdef SUPPORT_UTMPX
75*0a6a1f1dSLionel Sambuc 		ftpd_initwtmpx();
76*0a6a1f1dSLionel Sambuc@@ -1401,6 +1405,7 @@ do_pass(int pass_checked, int pass_rval,
77*0a6a1f1dSLionel Sambuc 		if (rval) {
78*0a6a1f1dSLionel Sambuc 			reply(530, "%s", rval == 2 ? "Password expired." :
79*0a6a1f1dSLionel Sambuc 			    "Login incorrect.");
80*0a6a1f1dSLionel Sambuc+			pfilter_notify(1, rval == 2 ? "exppass" : "badpass");
81*0a6a1f1dSLionel Sambuc 			if (logging) {
82*0a6a1f1dSLionel Sambuc 				syslog(LOG_NOTICE,
83*0a6a1f1dSLionel Sambuc 				    "FTP LOGIN FAILED FROM %s", remoteloghost);
84*0a6a1f1dSLionel Sambuc@@ -1444,6 +1449,7 @@ do_pass(int pass_checked, int pass_rval,
85*0a6a1f1dSLionel Sambuc 				*remote_ip = 0;
86*0a6a1f1dSLionel Sambuc 		remote_ip[sizeof(remote_ip) - 1] = 0;
87*0a6a1f1dSLionel Sambuc 		if (!auth_hostok(lc, remotehost, remote_ip)) {
88*0a6a1f1dSLionel Sambuc+			pfilter_notify(1, "bannedhost");
89*0a6a1f1dSLionel Sambuc 			syslog(LOG_INFO|LOG_AUTH,
90*0a6a1f1dSLionel Sambuc 			    "FTP LOGIN FAILED (HOST) as %s: permission denied.",
91*0a6a1f1dSLionel Sambuc 			    pw->pw_name);
92