xref: /src/contrib/blocklist/diff/ftpd.diff (revision 48e64ca13d4f36795ac718911b805e3e9a726f1b) 
1df0cfa3bSKurt Lidl--- /dev/null	2015-01-23 17:30:40.000000000 -0500
2df0cfa3bSKurt Lidl+++ pfilter.c	2015-01-23 17:12:02.000000000 -0500
3df0cfa3bSKurt Lidl@@ -0,0 +1,24 @@
4df0cfa3bSKurt Lidl+#include <stdio.h>
5e6a066acSEd Maste+#include <blocklist.h>
6df0cfa3bSKurt Lidl+
7df0cfa3bSKurt Lidl+#include "pfilter.h"
8df0cfa3bSKurt Lidl+
9e6a066acSEd Maste+static struct blocklist *blstate;
10df0cfa3bSKurt Lidl+
11df0cfa3bSKurt Lidl+void
12df0cfa3bSKurt Lidl+pfilter_open(void)
13df0cfa3bSKurt Lidl+{
14df0cfa3bSKurt Lidl+	if (blstate == NULL)
15e6a066acSEd Maste+		blstate = blocklist_open();
16df0cfa3bSKurt Lidl+}
17df0cfa3bSKurt Lidl+
18df0cfa3bSKurt Lidl+void
19df0cfa3bSKurt Lidl+pfilter_notify(int what, const char *msg)
20df0cfa3bSKurt Lidl+{
21df0cfa3bSKurt Lidl+	pfilter_open();
22df0cfa3bSKurt Lidl+
23df0cfa3bSKurt Lidl+	if (blstate == NULL)
24df0cfa3bSKurt Lidl+		return;
25df0cfa3bSKurt Lidl+
26e6a066acSEd Maste+	blocklist_r(blstate, what, 0, msg);
27df0cfa3bSKurt Lidl+}
28df0cfa3bSKurt Lidl--- /dev/null	2015-01-23 17:30:40.000000000 -0500
29df0cfa3bSKurt Lidl+++ pfilter.h	2015-01-23 17:07:25.000000000 -0500
30df0cfa3bSKurt Lidl@@ -0,0 +1,2 @@
31df0cfa3bSKurt Lidl+void pfilter_open(void);
32df0cfa3bSKurt Lidl+void pfilter_notify(int, const char *);
33df0cfa3bSKurt LidlIndex: Makefile
34df0cfa3bSKurt Lidl===================================================================
35df0cfa3bSKurt LidlRCS file: /cvsroot/src/libexec/ftpd/Makefile,v
36df0cfa3bSKurt Lidlretrieving revision 1.63
37df0cfa3bSKurt Lidldiff -u -p -u -r1.63 Makefile
38df0cfa3bSKurt Lidl--- Makefile	14 Aug 2011 11:46:28 -0000	1.63
39df0cfa3bSKurt Lidl+++ Makefile	23 Jan 2015 22:32:20 -0000
40df0cfa3bSKurt Lidl@@ -11,6 +11,10 @@ LDADD+=	-lcrypt -lutil
41df0cfa3bSKurt Lidl MAN=	ftpd.conf.5 ftpusers.5 ftpd.8
42df0cfa3bSKurt Lidl MLINKS=	ftpusers.5 ftpchroot.5
43df0cfa3bSKurt Lidl
44df0cfa3bSKurt Lidl+SRCS+=	pfilter.c
45e6a066acSEd Maste+LDADD+=	-lblocklist
46e6a066acSEd Maste+DPADD+=	${LIBBLOCKLIST}
47df0cfa3bSKurt Lidl+
48df0cfa3bSKurt Lidl .if defined(NO_INTERNAL_LS)
49df0cfa3bSKurt Lidl CPPFLAGS+=-DNO_INTERNAL_LS
50df0cfa3bSKurt Lidl .else
51df0cfa3bSKurt LidlIndex: ftpd.c
52df0cfa3bSKurt Lidl===================================================================
53df0cfa3bSKurt LidlRCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v
54df0cfa3bSKurt Lidlretrieving revision 1.200
55df0cfa3bSKurt Lidldiff -u -p -u -r1.200 ftpd.c
56df0cfa3bSKurt Lidl--- ftpd.c	31 Jul 2013 19:50:47 -0000	1.200
57df0cfa3bSKurt Lidl+++ ftpd.c	23 Jan 2015 22:32:20 -0000
58df0cfa3bSKurt Lidl@@ -165,6 +165,8 @@ __RCSID("$NetBSD: ftpd.c,v 1.200 2013/07
59df0cfa3bSKurt Lidl #include <security/pam_appl.h>
60df0cfa3bSKurt Lidl #endif
61df0cfa3bSKurt Lidl
62df0cfa3bSKurt Lidl+#include "pfilter.h"
63df0cfa3bSKurt Lidl+
64df0cfa3bSKurt Lidl #define	GLOBAL
65df0cfa3bSKurt Lidl #include "extern.h"
66df0cfa3bSKurt Lidl #include "pathnames.h"
67df0cfa3bSKurt Lidl@@ -471,6 +473,8 @@ main(int argc, char *argv[])
68df0cfa3bSKurt Lidl 	if (EMPTYSTR(confdir))
69df0cfa3bSKurt Lidl 		confdir = _DEFAULT_CONFDIR;
70df0cfa3bSKurt Lidl
71df0cfa3bSKurt Lidl+	pfilter_open();
72df0cfa3bSKurt Lidl+
73df0cfa3bSKurt Lidl 	if (dowtmp) {
74df0cfa3bSKurt Lidl #ifdef SUPPORT_UTMPX
75df0cfa3bSKurt Lidl 		ftpd_initwtmpx();
76df0cfa3bSKurt Lidl@@ -1401,6 +1405,7 @@ do_pass(int pass_checked, int pass_rval,
77df0cfa3bSKurt Lidl 		if (rval) {
78df0cfa3bSKurt Lidl 			reply(530, "%s", rval == 2 ? "Password expired." :
79df0cfa3bSKurt Lidl 			    "Login incorrect.");
80df0cfa3bSKurt Lidl+			pfilter_notify(1, rval == 2 ? "exppass" : "badpass");
81df0cfa3bSKurt Lidl 			if (logging) {
82df0cfa3bSKurt Lidl 				syslog(LOG_NOTICE,
83df0cfa3bSKurt Lidl 				    "FTP LOGIN FAILED FROM %s", remoteloghost);
84df0cfa3bSKurt Lidl@@ -1444,6 +1449,7 @@ do_pass(int pass_checked, int pass_rval,
85df0cfa3bSKurt Lidl 				*remote_ip = 0;
86df0cfa3bSKurt Lidl 		remote_ip[sizeof(remote_ip) - 1] = 0;
87df0cfa3bSKurt Lidl 		if (!auth_hostok(lc, remotehost, remote_ip)) {
88df0cfa3bSKurt Lidl+			pfilter_notify(1, "bannedhost");
89df0cfa3bSKurt Lidl 			syslog(LOG_INFO|LOG_AUTH,
90df0cfa3bSKurt Lidl 			    "FTP LOGIN FAILED (HOST) as %s: permission denied.",
91df0cfa3bSKurt Lidl 			    pw->pw_name);
92