diff options
-rw-r--r-- | ftp/proftpd/Makefile | 3 | ||||
-rw-r--r-- | ftp/proftpd/distinfo | 8 | ||||
-rw-r--r-- | ftp/proftpd/files/patch-cmd_too_long | 189 |
3 files changed, 5 insertions, 195 deletions
diff --git a/ftp/proftpd/Makefile b/ftp/proftpd/Makefile index 43ae07bead2a..7015367ecbe0 100644 --- a/ftp/proftpd/Makefile +++ b/ftp/proftpd/Makefile @@ -6,8 +6,7 @@ # PORTNAME= proftpd -DISTVERSION= 1.3.2rc2 -PORTREVISION= 1 +DISTVERSION= 1.3.2rc3 CATEGORIES= ftp MASTER_SITES= ftp://ftp.proftpd.org/distrib/source/ \ ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org/distrib/source/ \ diff --git a/ftp/proftpd/distinfo b/ftp/proftpd/distinfo index 533561cf9b00..e5f53eb53e89 100644 --- a/ftp/proftpd/distinfo +++ b/ftp/proftpd/distinfo @@ -1,7 +1,7 @@ -MD5 (proftpd-1.3.2rc2.tar.bz2) = c8b32ffb8febc33c5897165f0d61a475 -SHA256 (proftpd-1.3.2rc2.tar.bz2) = 1fb46b8b0d1ac11ed80a3106e261e15fd4c0b3bc83c198ab9620a852d31f96b7 -SIZE (proftpd-1.3.2rc2.tar.bz2) = 2356053 -MD5 (mod_clamav-0.10.tar.bz2) = 7150cde88f6c692711c007f6312bd495 +MD5 (proftpd-1.3.2rc3.tar.bz2) = 8ecfc2976aa6a5016bd4f4f6745aa3d4 +SHA256 (proftpd-1.3.2rc3.tar.bz2) = e98938c6ee38e036010d3c345facb7ebfc37a48d358aca8f311e0301747b7e94 +SIZE (proftpd-1.3.2rc3.tar.bz2) = 2407996 +MD5 (mod_clamav-0.10.tar.bz2) = 7150cde88f6c692711c007f6312bd495 SHA256 (mod_clamav-0.10.tar.bz2) = 4f6d09979514a8b3f120890753dcf7c6247dfce0aa09d340edf8a359b031a1f4 SIZE (mod_clamav-0.10.tar.bz2) = 5435 MD5 (mod_digest.c) = e706e66fa4d82cf7875a1a5d6767fe00 diff --git a/ftp/proftpd/files/patch-cmd_too_long b/ftp/proftpd/files/patch-cmd_too_long deleted file mode 100644 index 917f548c991a..000000000000 --- a/ftp/proftpd/files/patch-cmd_too_long +++ /dev/null @@ -1,189 +0,0 @@ -Index: src/main.c -=================================================================== -RCS file: /cvsroot/proftp/proftpd/src/main.c,v -retrieving revision 1.344 -diff -u -r1.344 main.c ---- src/main.c 8 Sep 2008 00:47:11 -0000 1.344 -+++ src/main.c 20 Sep 2008 20:10:49 -0000 -@@ -516,20 +516,32 @@ - static long get_max_cmd_len(size_t buflen) { - long res; - int *bufsz = NULL; -+ size_t default_cmd_bufsz; - -+ /* It's possible for the admin to select a PR_TUNABLE_BUFFER_SIZE which -+ * is smaller than PR_DEFAULT_CMD_BUFSZ. We need to handle such cases -+ * properly. -+ */ -+ default_cmd_bufsz = PR_DEFAULT_CMD_BUFSZ; -+ if (default_cmd_bufsz > buflen) { -+ default_cmd_bufsz = buflen; -+ } -+ - bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE); - if (bufsz == NULL) { -- res = PR_DEFAULT_CMD_BUFSZ; -+ res = default_cmd_bufsz; - - } else if (*bufsz <= 0) { - pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, " -- "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ); -- res = PR_DEFAULT_CMD_BUFSZ; -+ "using default buffer size (%lu) instead", *bufsz, -+ (unsigned long) default_cmd_bufsz); -+ res = default_cmd_bufsz; - - } else if (*bufsz + 1 > buflen) { - pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, " -- "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ); -- res = PR_DEFAULT_CMD_BUFSZ; -+ "using default buffer size (%lu) instead", *bufsz, -+ (unsigned long) default_cmd_bufsz); -+ res = default_cmd_bufsz; - - } else { - pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz); -@@ -577,11 +589,26 @@ - return -1; - } - -- memset(buf, '\0', sizeof(buf)); -+ while (TRUE) { -+ pr_signals_handle(); - -- if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm, -- session.c->outstrm) == NULL) -- return -1; -+ memset(buf, '\0', sizeof(buf)); -+ -+ if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm, -+ session.c->outstrm) == NULL) { -+ -+ if (errno == E2BIG) { -+ /* The client sent a too-long command which was ignored; give -+ * them another chance? -+ */ -+ continue; -+ } -+ -+ return -1; -+ } -+ -+ break; -+ } - - if (cmd_bufsz == -1) - cmd_bufsz = get_max_cmd_len(sizeof(buf)); -Index: src/netio.c -=================================================================== -RCS file: /cvsroot/proftp/proftpd/src/netio.c,v -retrieving revision 1.33 -diff -u -r1.33 netio.c ---- src/netio.c 3 Apr 2008 03:14:31 -0000 1.33 -+++ src/netio.c 20 Sep 2008 20:10:49 -0000 -@@ -1,6 +1,6 @@ - /* - * ProFTPD - FTP server daemon -- * Copyright (c) 2001-2007 The ProFTPD Project team -+ * Copyright (c) 2001-2008 The ProFTPD Project team - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by -@@ -30,19 +30,19 @@ - #include <signal.h> - - #ifndef IAC --#define IAC 255 -+# define IAC 255 - #endif - #ifndef DONT --#define DONT 254 -+# define DONT 254 - #endif - #ifndef DO --#define DO 253 -+# define DO 253 - #endif - #ifndef WONT --#define WONT 252 -+# define WONT 252 - #endif - #ifndef WILL --#define WILL 251 -+# define WILL 251 - #endif - - static const char *trace_channel = "netio"; -@@ -51,6 +51,17 @@ - static pr_netio_t *core_data_netio = NULL, *data_netio = NULL; - static pr_netio_t *core_othr_netio = NULL, *othr_netio = NULL; - -+/* Used to track whether the previous text read from the client's control -+ * connection was a properly-terminated command. If so, then read in the -+ * next/current text as per normal. If NOT (e.g. the client sent a too-long -+ * command), then read in the next/current text, but ignore it. Only clear -+ * this flag if the next/current command can be read as per normal. -+ * -+ * The pr_netio_telnet_gets() uses this variable, in conjunction with its -+ * saw_newline flag, for handling too-long commands from clients. -+ */ -+static int properly_terminated_prev_command = TRUE; -+ - static pr_netio_stream_t *netio_stream_alloc(pool *parent_pool) { - pool *netio_pool = NULL; - pr_netio_stream_t *nstrm = NULL; -@@ -950,7 +961,7 @@ - char *bp = buf; - unsigned char cp; - static unsigned char mode = 0; -- int toread, handle_iac = TRUE; -+ int toread, handle_iac = TRUE, saw_newline = FALSE; - pr_buffer_t *pbuf = NULL; - - if (buflen == 0) { -@@ -983,8 +994,9 @@ - *bp = '\0'; - return buf; - -- } else -+ } else { - return NULL; -+ } - } - - pbuf->remaining = pbuf->buflen - toread; -@@ -1049,6 +1061,8 @@ - toread--; - *bp++ = *pbuf->current++; - pbuf->remaining++; -+ -+ saw_newline = TRUE; - break; - } - -@@ -1056,6 +1070,25 @@ - pbuf->current = NULL; - } - -+ if (!saw_newline) { -+ /* If we haven't seen a newline, then assume the client is deliberately -+ * sending a too-long command, trying to exploit buffer sizes and make -+ * the server make some possibly bad assumptions. -+ */ -+ -+ properly_terminated_prev_command = FALSE; -+ errno = E2BIG; -+ return NULL; -+ } -+ -+ if (!properly_terminated_prev_command) { -+ properly_terminated_prev_command = TRUE; -+ pr_log_pri(PR_LOG_NOTICE, "client sent too-long command, ignoring"); -+ errno = E2BIG; -+ return NULL; -+ } -+ -+ properly_terminated_prev_command = TRUE; - *bp = '\0'; - return buf; - } |