- update to 1.3.6 - add blacklistd support.diff -r1.87 -r1.88 pkgsrc/net/proftpd/Makefile
(christos)
@@ -1,16 +1,16 @@ | @@ -1,16 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.87 2019/08/11 13:22:28 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.88 2019/10/07 19:29:47 christos Exp $ | |
2 | 2 | |||
3 | PKGREVISION= 2 | 3 | #PKGREVISION= 2 | |
4 | .include "../../net/proftpd/Makefile.common" | 4 | .include "../../net/proftpd/Makefile.common" | |
5 | 5 | |||
6 | COMMENT= Highly configurable FTP server software | 6 | COMMENT= Highly configurable FTP server software | |
7 | 7 | |||
8 | MODULES+= \ | 8 | MODULES+= \ | |
9 | mod_ban \ | 9 | mod_ban \ | |
10 | mod_copy \ | 10 | mod_copy \ | |
11 | mod_ctrls_admin \ | 11 | mod_ctrls_admin \ | |
12 | mod_deflate \ | 12 | mod_deflate \ | |
13 | mod_dnsbl \ | 13 | mod_dnsbl \ | |
14 | mod_dynmasq \ | 14 | mod_dynmasq \ | |
15 | mod_exec \ | 15 | mod_exec \ | |
16 | mod_ifsession \ | 16 | mod_ifsession \ | |
@@ -44,26 +44,26 @@ RCD_SCRIPTS= proftpd | @@ -44,26 +44,26 @@ RCD_SCRIPTS= proftpd | |||
44 | REPLACE_PERL+= contrib/ftpasswd | 44 | REPLACE_PERL+= contrib/ftpasswd | |
45 | REPLACE_PERL+= contrib/ftpmail | 45 | REPLACE_PERL+= contrib/ftpmail | |
46 | REPLACE_PERL+= contrib/ftpquota | 46 | REPLACE_PERL+= contrib/ftpquota | |
47 | REPLACE_PERL+= src/prxs.in | 47 | REPLACE_PERL+= src/prxs.in | |
48 | 48 | |||
49 | CONF_FILES= ${PREFIX}/share/examples/proftpd/basic.conf \ | 49 | CONF_FILES= ${PREFIX}/share/examples/proftpd/basic.conf \ | |
50 | ${PKG_SYSCONFDIR}/proftpd.conf | 50 | ${PKG_SYSCONFDIR}/proftpd.conf | |
51 | 51 | |||
52 | INSTALLATION_DIRS+= lib/proftpd | 52 | INSTALLATION_DIRS+= lib/proftpd | |
53 | INSTALLATION_DIRS+= share/doc/proftpd | 53 | INSTALLATION_DIRS+= share/doc/proftpd | |
54 | INSTALLATION_DIRS+= share/examples/proftpd | 54 | INSTALLATION_DIRS+= share/examples/proftpd | |
55 | 55 | |||
56 | post-install: | 56 | post-install: | |
57 | .for i in NEWS README README.IPv6 README.LDAP README.PAM README.capabilities \ | 57 | .for i in NEWS README.md README.IPv6 README.LDAP README.PAM README.capabilities \ | |
58 | README.classes README.controls README.facl README.modules | 58 | README.classes README.controls README.facl README.modules | |
59 | ${INSTALL_DATA} ${WRKSRC}/${i} ${DESTDIR}${PREFIX}/share/doc/proftpd | 59 | ${INSTALL_DATA} ${WRKSRC}/${i} ${DESTDIR}${PREFIX}/share/doc/proftpd | |
60 | .endfor | 60 | .endfor | |
61 | .for i in Configuration.html faq.html license.txt | 61 | .for i in Configuration.html faq.html license.txt | |
62 | ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/share/doc/proftpd | 62 | ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/share/doc/proftpd | |
63 | .endfor | 63 | .endfor | |
64 | ${INSTALL_DATA} ${WRKSRC}/sample-configurations/*.conf \ | 64 | ${INSTALL_DATA} ${WRKSRC}/sample-configurations/*.conf \ | |
65 | ${DESTDIR}${PREFIX}/share/examples/proftpd | 65 | ${DESTDIR}${PREFIX}/share/examples/proftpd | |
66 | ${INSTALL_SCRIPT} ${WRKSRC}/contrib/ftpasswd \ | 66 | ${INSTALL_SCRIPT} ${WRKSRC}/contrib/ftpasswd \ | |
67 | ${DESTDIR}${PREFIX}/share/examples/proftpd | 67 | ${DESTDIR}${PREFIX}/share/examples/proftpd | |
68 | 68 | |||
69 | .include "../../mk/bsd.pkg.mk" | 69 | .include "../../mk/bsd.pkg.mk" |
@@ -1,28 +1,28 @@ | @@ -1,28 +1,28 @@ | |||
1 | # $NetBSD: Makefile.common,v 1.7 2019/05/14 11:39:38 kim Exp $ | 1 | # $NetBSD: Makefile.common,v 1.8 2019/10/07 19:29:47 christos Exp $ | |
2 | 2 | |||
3 | # used by net/proftpd/Makefile | 3 | # used by net/proftpd/Makefile | |
4 | # used by net/proftpd/Makefile.module | 4 | # used by net/proftpd/Makefile.module | |
5 | 5 | |||
6 | DISTNAME= proftpd-1.3.5d | 6 | DISTNAME= proftpd-1.3.6 | |
7 | CATEGORIES= net | 7 | CATEGORIES= net | |
8 | MASTER_SITES= ftp://ftp.proftpd.org/distrib/source/ | 8 | MASTER_SITES= ftp://ftp.proftpd.org/distrib/source/ | |
9 | MASTER_SITES+= ftp://ftp.servus.at/ProFTPD/distrib/source/ | 9 | MASTER_SITES+= ftp://ftp.servus.at/ProFTPD/distrib/source/ | |
10 | MASTER_SITES+= ftp://ftp.fsn.hu/pub/proftpd/distrib/source/ | 10 | MASTER_SITES+= ftp://ftp.fsn.hu/pub/proftpd/distrib/source/ | |
11 | 11 | |||
12 | PATCH_SITES= https://github.com/proftpd/proftpd/commit/ | 12 | #PATCH_SITES= https://github.com/proftpd/proftpd/commit/ | |
13 | PATCH_DIST_STRIP= -p1 | 13 | #PATCH_DIST_STRIP= -p1 | |
14 | # For CVE-2017-7418 | 14 | # For CVE-2017-7418 | |
15 | PATCHFILES= ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch | 15 | #PATCHFILES= ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch | |
16 | 16 | |||
17 | MAINTAINER= pkgsrc-users@NetBSD.org | 17 | MAINTAINER= pkgsrc-users@NetBSD.org | |
18 | HOMEPAGE= http://www.proftpd.org/ | 18 | HOMEPAGE= http://www.proftpd.org/ | |
19 | LICENSE= gnu-gpl-v2 | 19 | LICENSE= gnu-gpl-v2 | |
20 | 20 | |||
21 | DISTINFO_FILE= ${.CURDIR}/../../net/proftpd/distinfo | 21 | DISTINFO_FILE= ${.CURDIR}/../../net/proftpd/distinfo | |
22 | PATCHDIR= ${.CURDIR}/../../net/proftpd/patches | 22 | PATCHDIR= ${.CURDIR}/../../net/proftpd/patches | |
23 | 23 | |||
24 | USE_TOOLS+= gmake intltool msgfmt perl:run | 24 | USE_TOOLS+= gmake intltool msgfmt perl:run | |
25 | USE_LIBTOOL= yes | 25 | USE_LIBTOOL= yes | |
26 | GNU_CONFIGURE= yes | 26 | GNU_CONFIGURE= yes | |
27 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | 27 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | |
28 | CONFIGURE_ARGS+= --libexecdir=${PREFIX}/libexec/proftpd | 28 | CONFIGURE_ARGS+= --libexecdir=${PREFIX}/libexec/proftpd |
@@ -1,88 +1,94 @@ | @@ -1,88 +1,94 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.27 2015/09/25 10:01:37 wiedi Exp $ | 1 | @comment $NetBSD: PLIST,v 1.28 2019/10/07 19:29:47 christos Exp $ | |
2 | bin/ftpasswd | 2 | bin/ftpasswd | |
3 | bin/ftpcount | 3 | bin/ftpcount | |
4 | bin/ftpdctl | 4 | bin/ftpdctl | |
5 | bin/ftpmail | 5 | bin/ftpmail | |
6 | bin/ftpquota | 6 | bin/ftpquota | |
7 | bin/ftptop | 7 | bin/ftptop | |
8 | bin/ftpwho | 8 | bin/ftpwho | |
9 | bin/prxs | 9 | bin/prxs | |
10 | include/proftpd/ascii.h | 10 | include/proftpd/ascii.h | |
11 | include/proftpd/auth.h | 11 | include/proftpd/auth.h | |
12 | include/proftpd/bindings.h | 12 | include/proftpd/bindings.h | |
13 | include/proftpd/buildstamp.h | 13 | include/proftpd/buildstamp.h | |
14 | include/proftpd/ccan-json.h | |||
14 | include/proftpd/child.h | 15 | include/proftpd/child.h | |
15 | include/proftpd/class.h | 16 | include/proftpd/class.h | |
16 | include/proftpd/cmd.h | 17 | include/proftpd/cmd.h | |
17 | include/proftpd/compat.h | 18 | include/proftpd/compat.h | |
18 | include/proftpd/conf.h | 19 | include/proftpd/conf.h | |
19 | include/proftpd/config.h | 20 | include/proftpd/config.h | |
21 | include/proftpd/configdb.h | |||
20 | include/proftpd/ctrls.h | 22 | include/proftpd/ctrls.h | |
21 | include/proftpd/data.h | 23 | include/proftpd/data.h | |
22 | include/proftpd/default_paths.h | 24 | include/proftpd/default_paths.h | |
23 | include/proftpd/dirtree.h | 25 | include/proftpd/dirtree.h | |
24 | include/proftpd/display.h | 26 | include/proftpd/display.h | |
25 | include/proftpd/encode.h | 27 | include/proftpd/encode.h | |
26 | include/proftpd/env.h | 28 | include/proftpd/env.h | |
27 | include/proftpd/event.h | 29 | include/proftpd/event.h | |
28 | include/proftpd/expr.h | 30 | include/proftpd/expr.h | |
29 | include/proftpd/feat.h | 31 | include/proftpd/feat.h | |
30 | include/proftpd/filter.h | 32 | include/proftpd/filter.h | |
31 | include/proftpd/fsio.h | 33 | include/proftpd/fsio.h | |
32 | include/proftpd/ftp.h | 34 | include/proftpd/ftp.h | |
33 | include/proftpd/glibc-glob.h | 35 | include/proftpd/glibc-glob.h | |
36 | include/proftpd/hanson-tpl.h | |||
34 | include/proftpd/help.h | 37 | include/proftpd/help.h | |
35 | include/proftpd/ident.h | 38 | include/proftpd/ident.h | |
36 | include/proftpd/inet.h | 39 | include/proftpd/inet.h | |
40 | include/proftpd/json.h | |||
37 | include/proftpd/lastlog.h | 41 | include/proftpd/lastlog.h | |
38 | include/proftpd/libsupp.h | 42 | include/proftpd/libsupp.h | |
39 | include/proftpd/log.h | 43 | include/proftpd/log.h | |
44 | include/proftpd/logfmt.h | |||
40 | include/proftpd/memcache.h | 45 | include/proftpd/memcache.h | |
41 | include/proftpd/mkhome.h | 46 | include/proftpd/mkhome.h | |
42 | include/proftpd/mod_ctrls.h | 47 | include/proftpd/mod_ctrls.h | |
43 | include/proftpd/mod_dnsbl.h | 48 | include/proftpd/mod_dnsbl.h | |
44 | include/proftpd/mod_load.h | 49 | include/proftpd/mod_load.h | |
45 | include/proftpd/mod_log.h | |||
46 | include/proftpd/mod_quotatab.h | 50 | include/proftpd/mod_quotatab.h | |
47 | include/proftpd/mod_sftp.h | 51 | include/proftpd/mod_sftp.h | |
48 | include/proftpd/mod_sql.h | 52 | include/proftpd/mod_sql.h | |
49 | include/proftpd/mod_tls.h | 53 | include/proftpd/mod_tls.h | |
50 | include/proftpd/mod_wrap2.h | 54 | include/proftpd/mod_wrap2.h | |
51 | include/proftpd/modules.h | 55 | include/proftpd/modules.h | |
52 | include/proftpd/netacl.h | 56 | include/proftpd/netacl.h | |
53 | include/proftpd/netaddr.h | 57 | include/proftpd/netaddr.h | |
54 | include/proftpd/netio.h | 58 | include/proftpd/netio.h | |
55 | include/proftpd/options.h | 59 | include/proftpd/options.h | |
56 | include/proftpd/parser.h | 60 | include/proftpd/parser.h | |
61 | include/proftpd/pfilter.h | |||
57 | include/proftpd/pidfile.h | 62 | include/proftpd/pidfile.h | |
58 | include/proftpd/pool.h | 63 | include/proftpd/pool.h | |
59 | include/proftpd/pr-syslog.h | 64 | include/proftpd/pr-syslog.h | |
60 | include/proftpd/privs.h | 65 | include/proftpd/privs.h | |
61 | include/proftpd/proctitle.h | 66 | include/proftpd/proctitle.h | |
62 | include/proftpd/proftpd.h | 67 | include/proftpd/proftpd.h | |
68 | include/proftpd/redis.h | |||
63 | include/proftpd/regexp.h | 69 | include/proftpd/regexp.h | |
64 | include/proftpd/response.h | 70 | include/proftpd/response.h | |
65 | include/proftpd/rlimit.h | 71 | include/proftpd/rlimit.h | |
66 | include/proftpd/scoreboard.h | 72 | include/proftpd/scoreboard.h | |
67 | include/proftpd/session.h | 73 | include/proftpd/session.h | |
68 | include/proftpd/sets.h | 74 | include/proftpd/sets.h | |
75 | include/proftpd/signals.h | |||
69 | include/proftpd/stash.h | 76 | include/proftpd/stash.h | |
70 | include/proftpd/str.h | 77 | include/proftpd/str.h | |
71 | include/proftpd/support.h | 78 | include/proftpd/support.h | |
72 | include/proftpd/table.h | 79 | include/proftpd/table.h | |
73 | include/proftpd/throttle.h | 80 | include/proftpd/throttle.h | |
74 | include/proftpd/timers.h | 81 | include/proftpd/timers.h | |
75 | include/proftpd/tpl.h | |||
76 | include/proftpd/trace.h | 82 | include/proftpd/trace.h | |
77 | include/proftpd/utf8.h | 83 | include/proftpd/utf8.h | |
78 | include/proftpd/var.h | 84 | include/proftpd/var.h | |
79 | include/proftpd/version.h | 85 | include/proftpd/version.h | |
80 | include/proftpd/xferlog.h | 86 | include/proftpd/xferlog.h | |
81 | lib/pkgconfig/proftpd.pc | 87 | lib/pkgconfig/proftpd.pc | |
82 | libexec/proftpd/mod_ban.la | 88 | libexec/proftpd/mod_ban.la | |
83 | libexec/proftpd/mod_copy.la | 89 | libexec/proftpd/mod_copy.la | |
84 | libexec/proftpd/mod_ctrls_admin.la | 90 | libexec/proftpd/mod_ctrls_admin.la | |
85 | libexec/proftpd/mod_deflate.la | 91 | libexec/proftpd/mod_deflate.la | |
86 | libexec/proftpd/mod_dnsbl.la | 92 | libexec/proftpd/mod_dnsbl.la | |
87 | libexec/proftpd/mod_dynmasq.la | 93 | libexec/proftpd/mod_dynmasq.la | |
88 | libexec/proftpd/mod_exec.la | 94 | libexec/proftpd/mod_exec.la | |
@@ -119,27 +125,27 @@ man/man1/ftptop.1 | @@ -119,27 +125,27 @@ man/man1/ftptop.1 | |||
119 | man/man1/ftpwho.1 | 125 | man/man1/ftpwho.1 | |
120 | man/man5/proftpd.conf.5 | 126 | man/man5/proftpd.conf.5 | |
121 | man/man5/xferlog.5 | 127 | man/man5/xferlog.5 | |
122 | man/man8/ftpdctl.8 | 128 | man/man8/ftpdctl.8 | |
123 | man/man8/ftpscrub.8 | 129 | man/man8/ftpscrub.8 | |
124 | man/man8/ftpshut.8 | 130 | man/man8/ftpshut.8 | |
125 | man/man8/proftpd.8 | 131 | man/man8/proftpd.8 | |
126 | sbin/ftpscrub | 132 | sbin/ftpscrub | |
127 | sbin/ftpshut | 133 | sbin/ftpshut | |
128 | sbin/in.proftpd | 134 | sbin/in.proftpd | |
129 | sbin/proftpd | 135 | sbin/proftpd | |
130 | share/doc/proftpd/Configuration.html | 136 | share/doc/proftpd/Configuration.html | |
131 | share/doc/proftpd/NEWS | 137 | share/doc/proftpd/NEWS | |
132 | share/doc/proftpd/README | 138 | share/doc/proftpd/README.md | |
133 | share/doc/proftpd/README.IPv6 | 139 | share/doc/proftpd/README.IPv6 | |
134 | share/doc/proftpd/README.LDAP | 140 | share/doc/proftpd/README.LDAP | |
135 | share/doc/proftpd/README.PAM | 141 | share/doc/proftpd/README.PAM | |
136 | share/doc/proftpd/README.capabilities | 142 | share/doc/proftpd/README.capabilities | |
137 | share/doc/proftpd/README.classes | 143 | share/doc/proftpd/README.classes | |
138 | share/doc/proftpd/README.controls | 144 | share/doc/proftpd/README.controls | |
139 | share/doc/proftpd/README.facl | 145 | share/doc/proftpd/README.facl | |
140 | share/doc/proftpd/README.modules | 146 | share/doc/proftpd/README.modules | |
141 | share/doc/proftpd/faq.html | 147 | share/doc/proftpd/faq.html | |
142 | share/doc/proftpd/license.txt | 148 | share/doc/proftpd/license.txt | |
143 | share/examples/proftpd/anonymous.conf | 149 | share/examples/proftpd/anonymous.conf | |
144 | share/examples/proftpd/basic.conf | 150 | share/examples/proftpd/basic.conf | |
145 | share/examples/proftpd/blacklist.dat | 151 | share/examples/proftpd/blacklist.dat |
@@ -1,13 +1,14 @@ | @@ -1,13 +1,14 @@ | |||
1 | $NetBSD: distinfo,v 1.46 2017/04/05 17:36:00 kim Exp $ | 1 | $NetBSD: distinfo,v 1.47 2019/10/07 19:29:47 christos Exp $ | |
2 | 2 | |||
3 | SHA1 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = a508c2b37482b178d8ff7b06e45d36044818b5f8 | 3 | SHA1 (proftpd-1.3.6.tar.gz) = 7e9269f9448c37f82e6faa9edaa3186ff5ba82d2 | |
4 | RMD160 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 5cc12fd67e6c722151f0d0c2a22365aff16f7219 | 4 | RMD160 (proftpd-1.3.6.tar.gz) = 5da3934e46ea517ee6652382e5e3a9f87e591dd6 | |
5 | SHA512 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 7cfadcdb33eff71925d61c78d9d54fe171df3c161d43a940485bd70965046da4ad82d2381d94452dee80548b3131be6801d4f85bbfb2fc3afc7b9a872a00d707 | 5 | SHA512 (proftpd-1.3.6.tar.gz) = 2a3ca76a0c35ba31e9d79f7f652f4f35768262f5039c5dc04ef83ac9218f624645ac6cee445af4ec6a8c59a9bdad1e7b48e0e90cd13934cbe7c3e77a2f6013c0 | |
6 | Size (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 3851 bytes | 6 | Size (proftpd-1.3.6.tar.gz) = 20251898 bytes | |
7 | SHA1 (proftpd-1.3.5d.tar.gz) = e7271c9f6df331eda393a834ad66ff60eff134ca | 7 | SHA1 (patch-Make.rules.in) = 6ce8ab0f65270f701b455a3fd3f008c9f24511c3 | |
8 | RMD160 (proftpd-1.3.5d.tar.gz) = 2052a7c41824c8ce9558fd11c78843b1b07ab6e7 | |||
9 | SHA512 (proftpd-1.3.5d.tar.gz) = 3297ddd1f11d46123bbe46488d75fa7a6dcdf2c2d6e7e880a78a427f9f1e9901878dab179e41092e0b9864a615d8ba0b0bf444d4f829870e993e3169c7141c37 | |||
10 | Size (proftpd-1.3.5d.tar.gz) = 29966560 bytes | |||
11 | SHA1 (patch-Makefile.in) = 332dcd9d773770c10d876dc9da1dc7f6b1c15421 | 8 | SHA1 (patch-Makefile.in) = 332dcd9d773770c10d876dc9da1dc7f6b1c15421 | |
12 | SHA1 (patch-contrib_mod__sftp_Makefile.in) = 8a805d777597b4fb06a45b484373880e535a0cee | 9 | SHA1 (patch-contrib_mod__sftp_Makefile.in) = 8a805d777597b4fb06a45b484373880e535a0cee | |
13 | SHA1 (patch-contrib_mod_tls.c) = e36dfa9427804b41eb2ad49378b62890325d50ed | 10 | SHA1 (patch-contrib_mod_tls.c) = e36dfa9427804b41eb2ad49378b62890325d50ed | |
11 | SHA1 (patch-include_pfilter.h) = 399ba8873e6a58db89c3be44b4f09a1f4ab04e60 | |||
12 | SHA1 (patch-modules_mod__auth.c) = b1ff5c3236edabce5016da3230e0bd30ec92db48 | |||
13 | SHA1 (patch-src_main.c) = c00e1b1830d36d17bea5a10d8e13ec2328d3df88 | |||
14 | SHA1 (patch-src_pfilter.c) = 0f83e751072586f2b6359952b09328d820accc8f |
--- Make.rules.in.orig 2015-05-27 20:25:54.000000000 -0400
+++ Make.rules.in 2016-01-25 21:48:47.000000000 -0500
@@ -110,3 +110,8 @@
FTPWHO_OBJS=ftpwho.o scoreboard.o misc.o
BUILD_FTPWHO_OBJS=utils/ftpwho.o utils/scoreboard.o utils/misc.o
+
+CPPFLAGS+=-DHAVE_BLACKLIST
+LIBS+=-lblacklist
+OBJS+= pfilter.o
+BUILD_OBJS+= src/pfilter.o
--- /dev/null 2016-01-22 17:30:55.000000000 -0500
+++ include/pfilter.h 2016-01-22 16:18:33.000000000 -0500
@@ -0,0 +1,3 @@
+
+void pfilter_notify(int);
+void pfilter_init(void);
$NetBSD: patch-modules_mod__auth.c,v 1.1 2019/10/07 19:29:47 christos Exp $
Add packet filter
--- modules/mod_auth.c.orig 2017-04-09 22:31:02.000000000 -0400
+++ modules/mod_auth.c 2019-10-07 15:10:42.316419545 -0400
@@ -28,6 +28,7 @@
#include "conf.h"
#include "privs.h"
+#include "pfilter.h"
#ifdef HAVE_USERSEC_H
# include <usersec.h>
@@ -97,6 +98,8 @@
_("Login timeout (%d %s): closing control connection"), TimeoutLogin,
TimeoutLogin != 1 ? "seconds" : "second");
+ pfilter_notify(1);
+
/* It's possible that any listeners of this event might terminate the
* session process themselves (e.g. mod_ban). So write out that the
* TimeoutLogin has been exceeded to the log here, in addition to the
@@ -1095,6 +1098,7 @@
pr_memscrub(pass, strlen(pass));
}
+ pfilter_notify(1);
pr_log_auth(PR_LOG_NOTICE, "SECURITY VIOLATION: Root login attempted");
return 0;
}
@@ -1952,6 +1956,7 @@
return 1;
auth_failure:
+ pfilter_notify(1);
if (pass)
pr_memscrub(pass, strlen(pass));
session.user = session.group = NULL;
$NetBSD: patch-src_main.c,v 1.1 2019/10/07 19:29:47 christos Exp $
Add packet filter
--- src/main.c.orig 2017-04-09 22:31:02.000000000 -0400
+++ src/main.c 2019-10-07 15:09:12.516004304 -0400
@@ -41,6 +41,7 @@
#endif
#include "privs.h"
+#include "pfilter.h"
int (*cmd_auth_chk)(cmd_rec *);
void (*cmd_handler)(server_rec *, conn_t *);
@@ -1089,6 +1090,7 @@
pid_t pid;
sigset_t sig_set;
+ pfilter_init();
if (no_fork == FALSE) {
/* A race condition exists on heavily loaded servers where the parent
@@ -1206,7 +1208,8 @@
/* Reseed pseudo-randoms */
srand((unsigned int) (time(NULL) * getpid()));
-
+#else
+ pfilter_init();
#endif /* PR_DEVEL_NO_FORK */
/* Child is running here */
--- /dev/null 2016-01-22 17:30:55.000000000 -0500
+++ src/pfilter.c 2016-01-22 16:37:55.000000000 -0500
@@ -0,0 +1,41 @@
+#include "pfilter.h"
+#include "conf.h"
+#include "privs.h"
+#ifdef HAVE_BLACKLIST
+#include <blacklist.h>
+#endif
+
+static struct blacklist *blstate;
+
+void
+pfilter_init(void)
+{
+#ifdef HAVE_BLACKLIST
+ if (blstate == NULL)
+ blstate = blacklist_open();
+#endif
+}
+
+void
+pfilter_notify(int a)
+{
+#ifdef HAVE_BLACKLIST
+ conn_t *c = session.c;
+ int fd;
+
+ if (c == NULL)
+ return;
+ if (c->rfd != -1)
+ fd = c->rfd;
+ else if (c->wfd != -1)
+ fd = c->wfd;
+ else
+ return;
+
+ if (blstate == NULL)
+ pfilter_init();
+ if (blstate == NULL)
+ return;
+ (void)blacklist_r(blstate, a, fd, "proftpd");
+#endif
+}