Author: arekm Date: Thu Dec 20 08:45:05 2007 GMT Module: SOURCES Tag: HEAD ---- Log message: - sleep first and THEN say 'no auth', not the other way
---- Files affected: SOURCES: pure-ftpd-sleep.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: SOURCES/pure-ftpd-sleep.patch diff -u /dev/null SOURCES/pure-ftpd-sleep.patch:1.1 --- /dev/null Thu Dec 20 09:45:05 2007 +++ SOURCES/pure-ftpd-sleep.patch Thu Dec 20 09:45:00 2007 @@ -0,0 +1,57 @@ +--- pure-ftpd/src/ftpd.c.org 2007-12-20 09:23:58.180941494 +0100 ++++ pure-ftpd/src/ftpd.c 2007-12-20 09:34:06.613793269 +0100 +@@ -1532,6 +1532,11 @@ + return chdir(home); + } + ++static void randomsleep(unsigned int t) { ++ usleep2((unsigned long) (zrand() % PASSWD_FAILURE_DELAY)); ++ usleep2(t * PASSWD_FAILURE_DELAY); ++} ++ + void dopass(char *password) + { + static unsigned int tapping; +@@ -1572,27 +1577,26 @@ + } + } + if (authresult.auth_ok != 1) { +- addreply_noformat(530, MSG_AUTH_FAILED); +- doreply(); +- if (tapping >= MAX_PASSWD_TRIES) { +- toomanytries: +- logfile(LOG_ERR, MSG_AUTH_TOOMANY); +- _EXIT(EXIT_FAILURE); +- } +- logfile(LOG_WARNING, MSG_AUTH_FAILED_LOG, account); +- randomsleep: + tapping++; +- usleep2((unsigned long) (zrand() % PASSWD_FAILURE_DELAY)); +- usleep2(tapping * PASSWD_FAILURE_DELAY); ++ randomsleep(tapping); ++ addreply_noformat(530, MSG_AUTH_FAILED); ++ doreply(); ++ if (tapping > MAX_PASSWD_TRIES) { ++ logfile(LOG_ERR, MSG_AUTH_TOOMANY); ++ _EXIT(EXIT_FAILURE); ++ } ++ logfile(LOG_WARNING, MSG_AUTH_FAILED_LOG, account); + return; + } + if (authresult.uid < useruid) { + logfile(LOG_WARNING, MSG_ACCOUNT_DISABLED, account); +- if (tapping >= MAX_PASSWD_TRIES) { +- goto toomanytries; +- } +- addreply_noformat(530, MSG_NOTRUST); +- goto randomsleep; ++ randomsleep(tapping); ++ if (tapping >= MAX_PASSWD_TRIES) ++ addreply_noformat(530, MSG_AUTH_FAILED); ++ else ++ addreply_noformat(530, MSG_NOTRUST); ++ doreply(); ++ _EXIT(EXIT_FAILURE); + } + + #ifdef PER_USER_LIMITS ================================================================ _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit