SOURCES: pure-ftpd-sleep.patch (NEW) - sleep first and THEN say 'n...

arekm arekm at pld-linux.org
Thu Dec 20 09:45:05 CET 2007 

Author: arekm                        Date: Thu Dec 20 08:45:05 2007 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- sleep first and THEN say 'no auth', not the other way

---- Files affected:
SOURCES:
   pure-ftpd-sleep.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/pure-ftpd-sleep.patch
diff -u /dev/null SOURCES/pure-ftpd-sleep.patch:1.1
--- /dev/null	Thu Dec 20 09:45:05 2007
+++ SOURCES/pure-ftpd-sleep.patch	Thu Dec 20 09:45:00 2007
@@ -0,0 +1,57 @@
+--- pure-ftpd/src/ftpd.c.org	2007-12-20 09:23:58.180941494 +0100
++++ pure-ftpd/src/ftpd.c	2007-12-20 09:34:06.613793269 +0100
+@@ -1532,6 +1532,11 @@
+     return chdir(home);
+ }
+ 
++static void randomsleep(unsigned int t) {
++    usleep2((unsigned long) (zrand() % PASSWD_FAILURE_DELAY));        
++    usleep2(t * PASSWD_FAILURE_DELAY);
++}
++
+ void dopass(char *password)
+ {
+     static unsigned int tapping;    
+@@ -1572,27 +1577,26 @@
+         }
+     }
+     if (authresult.auth_ok != 1) {
+-        addreply_noformat(530, MSG_AUTH_FAILED);
+-        doreply();
+-        if (tapping >= MAX_PASSWD_TRIES) {
+-            toomanytries:
+-            logfile(LOG_ERR, MSG_AUTH_TOOMANY);
+-            _EXIT(EXIT_FAILURE);
+-        }
+-        logfile(LOG_WARNING, MSG_AUTH_FAILED_LOG, account);
+-        randomsleep:
+         tapping++;
+-        usleep2((unsigned long) (zrand() % PASSWD_FAILURE_DELAY));        
+-        usleep2(tapping * PASSWD_FAILURE_DELAY);
++	randomsleep(tapping);
++	addreply_noformat(530, MSG_AUTH_FAILED);
++	doreply();
++	if (tapping > MAX_PASSWD_TRIES) {
++	    logfile(LOG_ERR, MSG_AUTH_TOOMANY);
++	    _EXIT(EXIT_FAILURE);
++	}
++	logfile(LOG_WARNING, MSG_AUTH_FAILED_LOG, account);
+         return;
+     }
+     if (authresult.uid < useruid) {
+         logfile(LOG_WARNING, MSG_ACCOUNT_DISABLED, account);
+-        if (tapping >= MAX_PASSWD_TRIES) {
+-            goto toomanytries;
+-        }
+-        addreply_noformat(530, MSG_NOTRUST);
+-        goto randomsleep;
++	randomsleep(tapping);
++        if (tapping >= MAX_PASSWD_TRIES)
++	    addreply_noformat(530, MSG_AUTH_FAILED);
++	else
++	    addreply_noformat(530, MSG_NOTRUST);
++	doreply();
++	_EXIT(EXIT_FAILURE);
+     }
+ 
+ #ifdef PER_USER_LIMITS
================================================================

More information about the pld-cvs-commit mailing list