aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorache <ache@FreeBSD.org>1996-10-19 01:15:19 +0800
committerache <ache@FreeBSD.org>1996-10-19 01:15:19 +0800
commitfce685f83d3658fe6d0f5d4bbd3df7a25383cd5d (patch)
tree74cb9053867af8e23d96a4feabd8d66487a27921
parent4c9d432a70549261f64e17ac5c50e17264d9400c (diff)
downloadfreebsd-ports-graphics-fce685f83d3658fe6d0f5d4bbd3df7a25383cd5d.tar.gz
freebsd-ports-graphics-fce685f83d3658fe6d0f5d4bbd3df7a25383cd5d.tar.zst
freebsd-ports-graphics-fce685f83d3658fe6d0f5d4bbd3df7a25383cd5d.zip
Implement alternative strategy: if it impossible to confirm password, ask for
it anycase, but not tell that S/key password required It looks like non-s/key system from outside Additionly tell that s/key required if it is so for normal case
-rw-r--r--ftp/wu-ftpd+ipv6/files/patch-ad88
-rw-r--r--ftp/wu-ftpd/files/patch-ad88
2 files changed, 78 insertions, 98 deletions
diff --git a/ftp/wu-ftpd+ipv6/files/patch-ad b/ftp/wu-ftpd+ipv6/files/patch-ad
index 132e500da65..d6ddda015e1 100644
--- a/ftp/wu-ftpd+ipv6/files/patch-ad
+++ b/ftp/wu-ftpd+ipv6/files/patch-ad
@@ -1,5 +1,5 @@
-*** src/ftpd.c.orig Thu Apr 14 01:17:18 1994
---- src/ftpd.c Thu Oct 17 21:27:32 1996
+*** src/ftpd.c.orig Wed Apr 13 23:17:18 1994
+--- src/ftpd.c Tue May 30 00:17:25 1995
***************
*** 139,146 ****
*freopen(const char *, const char *, FILE *);
@@ -21,14 +21,13 @@
***************
*** 237,242 ****
---- 237,248 ----
+--- 237,247 ----
#endif /* SETPROCTITLE */
+ #ifdef SKEY
+ #include <skey.h>
+ int pwok = 0;
-+ int sflag;
+ #endif
+
#ifdef KERBEROS
@@ -36,7 +35,7 @@
void end_krb();
***************
*** 252,257 ****
---- 258,269 ----
+--- 257,269 ----
char ls_short[50];
struct aclmember *entry = NULL;
@@ -46,6 +45,7 @@
+ void dologout(int);
+ void perror_reply(int, char *);
+
++ void
main(int argc, char **argv, char **envp)
{
int addrlen,
@@ -62,23 +62,13 @@
register char *cp;
***************
*** 878,884 ****
---- 892,913 ----
+--- 892,903 ----
} else
acl_setfunctions();
+ #ifdef SKEY
+ pwok = skeyaccess(name, NULL, remotehost, remoteaddr);
-+ cp = skey_challenge(name, pw, pwok, &sflag);
-+ if (!pwok && sflag) {
-+ reply(530, cp);
-+ if (logging)
-+ syslog(LOG_NOTICE,
-+ "FTP LOGIN REFUSED (s/key password not exist) FROM %s [%s], %s",
-+ remotehost, remoteaddr, name);
-+ pw = (struct passwd *) NULL;
-+ return;
-+ }
-+ reply(331, cp);
++ reply(331, "%s", skey_challenge(name, pw, pwok));
+ #else
reply(331, "Password required for %s.", name);
+ #endif
@@ -87,7 +77,7 @@
* passwd-guessing programs. */
***************
*** 887,892 ****
---- 916,922 ----
+--- 906,912 ----
}
/* Check if a user is in the file _PATH_FTPUSERS */
@@ -97,7 +87,7 @@
register FILE *fd;
***************
*** 911,916 ****
---- 941,947 ----
+--- 931,937 ----
/* Terminate login as previous user, if any, resetting state; used when USER
* command is given or login fails. */
@@ -107,7 +97,7 @@
***************
*** 965,970 ****
---- 996,1002 ----
+--- 986,992 ----
return 0;
}
@@ -117,7 +107,7 @@
char *xpasswd,
***************
*** 1007,1014 ****
---- 1039,1051 ----
+--- 1029,1041 ----
#ifdef KERBEROS
xpasswd = crypt16(passwd, salt);
#else
@@ -140,7 +130,7 @@
logwtmp(ttyline, pw->pw_name, remotehost);
logged_in = 1;
---- 1132,1142 ----
+--- 1122,1132 ----
(void) initgroups(pw->pw_name, pw->pw_gid);
/* open wtmp before chroot */
@@ -162,7 +152,7 @@
setproctitle("%s", proctitle);
#endif /* SETPROCTITLE */
if (logging)
---- 1231,1238 ----
+--- 1221,1228 ----
reply(230, "Guest login ok, access restrictions apply.");
#ifdef SETPROCTITLE
sprintf(proctitle, "%s: anonymous/%.*s", remotehost,
@@ -173,7 +163,7 @@
if (logging)
***************
*** 1235,1240 ****
---- 1276,1282 ----
+--- 1266,1272 ----
return (buf);
}
@@ -183,7 +173,7 @@
FILE *fin,
***************
*** 1422,1428 ****
---- 1464,1474 ----
+--- 1454,1464 ----
for (loop = 0; namebuf[loop]; loop++)
if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
namebuf[loop] = '_';
@@ -197,7 +187,7 @@
remotehost,
***************
*** 1445,1450 ****
---- 1491,1497 ----
+--- 1481,1487 ----
(*closefunc) (fin);
}
@@ -214,7 +204,7 @@
ctime(&curtime),
xfertime,
remotehost,
---- 1657,1667 ----
+--- 1647,1657 ----
for (loop = 0; namebuf[loop]; loop++)
if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
namebuf[loop] = '_';
@@ -235,7 +225,7 @@
else
(void) strcpy(sizebuf, "");
if (pdata >= 0) {
---- 1750,1760 ----
+--- 1740,1750 ----
file_size = size;
byte_count = 0;
if (size != (off_t) - 1)
@@ -258,7 +248,7 @@
(void) close(pdata);
pdata = -1;
return (NULL);
---- 1762,1784 ----
+--- 1752,1774 ----
int s,
fromlen = sizeof(from);
@@ -284,7 +274,7 @@
return (NULL);
***************
*** 1764,1769 ****
---- 1833,1839 ----
+--- 1823,1829 ----
* encapsulation of the data subject to Mode, Structure, and Type.
*
* NB: Form isn't handled. */
@@ -294,7 +284,7 @@
register int c,
***************
*** 1839,1844 ****
---- 1909,1915 ----
+--- 1899,1905 ----
* the data subject to Mode, Structure, and Type.
*
* N.B.: Form isn't handled. */
@@ -304,7 +294,7 @@
register int c;
***************
*** 1915,1920 ****
---- 1986,1992 ----
+--- 1976,1982 ----
return (-1);
}
@@ -314,7 +304,7 @@
char line[BUFSIZ];
***************
*** 1948,1953 ****
---- 2020,2026 ----
+--- 2010,2016 ----
reply(211, "End of Status");
}
@@ -324,7 +314,7 @@
struct sockaddr_in *sin;
***************
*** 2001,2006 ****
---- 2074,2080 ----
+--- 2064,2070 ----
reply(211, "End of status");
}
@@ -334,7 +324,7 @@
reply(451, "Error in server: %s\n", s);
***************
*** 2095,2100 ****
---- 2169,2175 ----
+--- 2159,2165 ----
#else
/* VARARGS2 */
@@ -344,7 +334,7 @@
if (autospout != NULL) {
***************
*** 2129,2134 ****
---- 2204,2210 ----
+--- 2194,2200 ----
}
/* VARARGS2 */
@@ -354,7 +344,7 @@
if (!dolreplies)
***************
*** 2144,2160 ****
---- 2220,2239 ----
+--- 2210,2229 ----
}
#endif
@@ -377,7 +367,7 @@
char *cp;
***************
*** 2164,2169 ****
---- 2243,2249 ----
+--- 2233,2239 ----
reply(500, "'%s': command not understood.", cbuf);
}
@@ -387,7 +377,7 @@
struct stat st;
***************
*** 2208,2213 ****
---- 2288,2294 ----
+--- 2278,2284 ----
ack("DELE");
}
@@ -397,7 +387,7 @@
struct aclmember *entry = NULL;
***************
*** 2248,2253 ****
---- 2329,2335 ----
+--- 2319,2325 ----
}
}
@@ -416,7 +406,7 @@
int valid = 0;
/*
---- 2356,2365 ----
+--- 2346,2355 ----
reply(257, "MKD command successful.");
}
@@ -429,7 +419,7 @@
/*
***************
*** 2298,2303 ****
---- 2381,2387 ----
+--- 2371,2377 ----
ack("RMD");
}
@@ -446,7 +436,7 @@
else
reply(257, "\"%s\" is current directory.", path);
}
---- 2396,2403 ----
+--- 2386,2393 ----
#else
if (getwd(path) == (char *) NULL)
#endif
@@ -457,7 +447,7 @@
}
***************
*** 2342,2347 ****
---- 2427,2433 ----
+--- 2417,2423 ----
return (name);
}
@@ -467,7 +457,7 @@
***************
*** 2357,2362 ****
---- 2443,2449 ----
+--- 2433,2439 ----
ack("RNTO");
}
@@ -477,7 +467,7 @@
struct hostent *hp;
***************
*** 2412,2417 ****
---- 2499,2505 ----
+--- 2489,2495 ----
}
/* Record logout in wtmp file and exit with supplied status. */
@@ -487,7 +477,7 @@
if (logged_in) {
***************
*** 2459,2464 ****
---- 2547,2553 ----
+--- 2537,2543 ----
* PASV command in RFC959. However, it has been blessed as a legitimate
* response by Jon Postel in a telephone conversation with Rick Adams on 25
* Jan 89. */
@@ -497,7 +487,7 @@
int len;
***************
*** 2530,2535 ****
---- 2619,2625 ----
+--- 2609,2615 ----
}
/* Format and send reply containing system error number. */
@@ -507,7 +497,7 @@
reply(code, "%s: %s.", string, strerror(errno));
***************
*** 2538,2543 ****
---- 2628,2634 ----
+--- 2618,2624 ----
static char *onefile[] =
{"", 0};
diff --git a/ftp/wu-ftpd/files/patch-ad b/ftp/wu-ftpd/files/patch-ad
index 132e500da65..d6ddda015e1 100644
--- a/ftp/wu-ftpd/files/patch-ad
+++ b/ftp/wu-ftpd/files/patch-ad
@@ -1,5 +1,5 @@
-*** src/ftpd.c.orig Thu Apr 14 01:17:18 1994
---- src/ftpd.c Thu Oct 17 21:27:32 1996
+*** src/ftpd.c.orig Wed Apr 13 23:17:18 1994
+--- src/ftpd.c Tue May 30 00:17:25 1995
***************
*** 139,146 ****
*freopen(const char *, const char *, FILE *);
@@ -21,14 +21,13 @@
***************
*** 237,242 ****
---- 237,248 ----
+--- 237,247 ----
#endif /* SETPROCTITLE */
+ #ifdef SKEY
+ #include <skey.h>
+ int pwok = 0;
-+ int sflag;
+ #endif
+
#ifdef KERBEROS
@@ -36,7 +35,7 @@
void end_krb();
***************
*** 252,257 ****
---- 258,269 ----
+--- 257,269 ----
char ls_short[50];
struct aclmember *entry = NULL;
@@ -46,6 +45,7 @@
+ void dologout(int);
+ void perror_reply(int, char *);
+
++ void
main(int argc, char **argv, char **envp)
{
int addrlen,
@@ -62,23 +62,13 @@
register char *cp;
***************
*** 878,884 ****
---- 892,913 ----
+--- 892,903 ----
} else
acl_setfunctions();
+ #ifdef SKEY
+ pwok = skeyaccess(name, NULL, remotehost, remoteaddr);
-+ cp = skey_challenge(name, pw, pwok, &sflag);
-+ if (!pwok && sflag) {
-+ reply(530, cp);
-+ if (logging)
-+ syslog(LOG_NOTICE,
-+ "FTP LOGIN REFUSED (s/key password not exist) FROM %s [%s], %s",
-+ remotehost, remoteaddr, name);
-+ pw = (struct passwd *) NULL;
-+ return;
-+ }
-+ reply(331, cp);
++ reply(331, "%s", skey_challenge(name, pw, pwok));
+ #else
reply(331, "Password required for %s.", name);
+ #endif
@@ -87,7 +77,7 @@
* passwd-guessing programs. */
***************
*** 887,892 ****
---- 916,922 ----
+--- 906,912 ----
}
/* Check if a user is in the file _PATH_FTPUSERS */
@@ -97,7 +87,7 @@
register FILE *fd;
***************
*** 911,916 ****
---- 941,947 ----
+--- 931,937 ----
/* Terminate login as previous user, if any, resetting state; used when USER
* command is given or login fails. */
@@ -107,7 +97,7 @@
***************
*** 965,970 ****
---- 996,1002 ----
+--- 986,992 ----
return 0;
}
@@ -117,7 +107,7 @@
char *xpasswd,
***************
*** 1007,1014 ****
---- 1039,1051 ----
+--- 1029,1041 ----
#ifdef KERBEROS
xpasswd = crypt16(passwd, salt);
#else
@@ -140,7 +130,7 @@
logwtmp(ttyline, pw->pw_name, remotehost);
logged_in = 1;
---- 1132,1142 ----
+--- 1122,1132 ----
(void) initgroups(pw->pw_name, pw->pw_gid);
/* open wtmp before chroot */
@@ -162,7 +152,7 @@
setproctitle("%s", proctitle);
#endif /* SETPROCTITLE */
if (logging)
---- 1231,1238 ----
+--- 1221,1228 ----
reply(230, "Guest login ok, access restrictions apply.");
#ifdef SETPROCTITLE
sprintf(proctitle, "%s: anonymous/%.*s", remotehost,
@@ -173,7 +163,7 @@
if (logging)
***************
*** 1235,1240 ****
---- 1276,1282 ----
+--- 1266,1272 ----
return (buf);
}
@@ -183,7 +173,7 @@
FILE *fin,
***************
*** 1422,1428 ****
---- 1464,1474 ----
+--- 1454,1464 ----
for (loop = 0; namebuf[loop]; loop++)
if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
namebuf[loop] = '_';
@@ -197,7 +187,7 @@
remotehost,
***************
*** 1445,1450 ****
---- 1491,1497 ----
+--- 1481,1487 ----
(*closefunc) (fin);
}
@@ -214,7 +204,7 @@
ctime(&curtime),
xfertime,
remotehost,
---- 1657,1667 ----
+--- 1647,1657 ----
for (loop = 0; namebuf[loop]; loop++)
if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
namebuf[loop] = '_';
@@ -235,7 +225,7 @@
else
(void) strcpy(sizebuf, "");
if (pdata >= 0) {
---- 1750,1760 ----
+--- 1740,1750 ----
file_size = size;
byte_count = 0;
if (size != (off_t) - 1)
@@ -258,7 +248,7 @@
(void) close(pdata);
pdata = -1;
return (NULL);
---- 1762,1784 ----
+--- 1752,1774 ----
int s,
fromlen = sizeof(from);
@@ -284,7 +274,7 @@
return (NULL);
***************
*** 1764,1769 ****
---- 1833,1839 ----
+--- 1823,1829 ----
* encapsulation of the data subject to Mode, Structure, and Type.
*
* NB: Form isn't handled. */
@@ -294,7 +284,7 @@
register int c,
***************
*** 1839,1844 ****
---- 1909,1915 ----
+--- 1899,1905 ----
* the data subject to Mode, Structure, and Type.
*
* N.B.: Form isn't handled. */
@@ -304,7 +294,7 @@
register int c;
***************
*** 1915,1920 ****
---- 1986,1992 ----
+--- 1976,1982 ----
return (-1);
}
@@ -314,7 +304,7 @@
char line[BUFSIZ];
***************
*** 1948,1953 ****
---- 2020,2026 ----
+--- 2010,2016 ----
reply(211, "End of Status");
}
@@ -324,7 +314,7 @@
struct sockaddr_in *sin;
***************
*** 2001,2006 ****
---- 2074,2080 ----
+--- 2064,2070 ----
reply(211, "End of status");
}
@@ -334,7 +324,7 @@
reply(451, "Error in server: %s\n", s);
***************
*** 2095,2100 ****
---- 2169,2175 ----
+--- 2159,2165 ----
#else
/* VARARGS2 */
@@ -344,7 +334,7 @@
if (autospout != NULL) {
***************
*** 2129,2134 ****
---- 2204,2210 ----
+--- 2194,2200 ----
}
/* VARARGS2 */
@@ -354,7 +344,7 @@
if (!dolreplies)
***************
*** 2144,2160 ****
---- 2220,2239 ----
+--- 2210,2229 ----
}
#endif
@@ -377,7 +367,7 @@
char *cp;
***************
*** 2164,2169 ****
---- 2243,2249 ----
+--- 2233,2239 ----
reply(500, "'%s': command not understood.", cbuf);
}
@@ -387,7 +377,7 @@
struct stat st;
***************
*** 2208,2213 ****
---- 2288,2294 ----
+--- 2278,2284 ----
ack("DELE");
}
@@ -397,7 +387,7 @@
struct aclmember *entry = NULL;
***************
*** 2248,2253 ****
---- 2329,2335 ----
+--- 2319,2325 ----
}
}
@@ -416,7 +406,7 @@
int valid = 0;
/*
---- 2356,2365 ----
+--- 2346,2355 ----
reply(257, "MKD command successful.");
}
@@ -429,7 +419,7 @@
/*
***************
*** 2298,2303 ****
---- 2381,2387 ----
+--- 2371,2377 ----
ack("RMD");
}
@@ -446,7 +436,7 @@
else
reply(257, "\"%s\" is current directory.", path);
}
---- 2396,2403 ----
+--- 2386,2393 ----
#else
if (getwd(path) == (char *) NULL)
#endif
@@ -457,7 +447,7 @@
}
***************
*** 2342,2347 ****
---- 2427,2433 ----
+--- 2417,2423 ----
return (name);
}
@@ -467,7 +457,7 @@
***************
*** 2357,2362 ****
---- 2443,2449 ----
+--- 2433,2439 ----
ack("RNTO");
}
@@ -477,7 +467,7 @@
struct hostent *hp;
***************
*** 2412,2417 ****
---- 2499,2505 ----
+--- 2489,2495 ----
}
/* Record logout in wtmp file and exit with supplied status. */
@@ -487,7 +477,7 @@
if (logged_in) {
***************
*** 2459,2464 ****
---- 2547,2553 ----
+--- 2537,2543 ----
* PASV command in RFC959. However, it has been blessed as a legitimate
* response by Jon Postel in a telephone conversation with Rick Adams on 25
* Jan 89. */
@@ -497,7 +487,7 @@
int len;
***************
*** 2530,2535 ****
---- 2619,2625 ----
+--- 2609,2615 ----
}
/* Format and send reply containing system error number. */
@@ -507,7 +497,7 @@
reply(code, "%s: %s.", string, strerror(errno));
***************
*** 2538,2543 ****
---- 2628,2634 ----
+--- 2618,2624 ----
static char *onefile[] =
{"", 0};