forked from pool/vsftpd
156 lines
4.2 KiB
Diff
156 lines
4.2 KiB
Diff
Index: vsftpd-3.0.2/main.c
|
|
===================================================================
|
|
--- vsftpd-3.0.2.orig/main.c
|
|
+++ vsftpd-3.0.2/main.c
|
|
@@ -155,6 +155,9 @@ main(int argc, const char* argv[])
|
|
the_session.num_clients = ret.num_children;
|
|
the_session.num_this_ip = ret.num_this_ip;
|
|
}
|
|
+
|
|
+ die_init(&the_session);
|
|
+
|
|
if (tunable_tcp_wrappers)
|
|
{
|
|
the_session.tcp_wrapper_ok = vsf_tcp_wrapper_ok(VSFTP_COMMAND_FD);
|
|
Index: vsftpd-3.0.2/utility.c
|
|
===================================================================
|
|
--- vsftpd-3.0.2.orig/utility.c
|
|
+++ vsftpd-3.0.2/utility.c
|
|
@@ -9,9 +9,22 @@
|
|
#include "sysutil.h"
|
|
#include "str.h"
|
|
#include "defs.h"
|
|
+#include "session.h"
|
|
+#include "tunables.h"
|
|
+#include "privsock.h"
|
|
+#include "ssl.h"
|
|
+#include <stdio.h>
|
|
|
|
#define DIE_DEBUG
|
|
|
|
+static struct vsf_session *s_p_sess = NULL;
|
|
+
|
|
+void
|
|
+die_init(struct vsf_session *p_sess)
|
|
+{
|
|
+ s_p_sess = p_sess;
|
|
+}
|
|
+
|
|
void
|
|
die(const char* p_text)
|
|
{
|
|
@@ -40,12 +53,70 @@ die2(const char* p_text1, const char* p_
|
|
void
|
|
bug(const char* p_text)
|
|
{
|
|
+ /* Detect calls caused by failed logging from bug() itself
|
|
+ * to prevent infinite loops */
|
|
+ static int s_in_bug = 0;
|
|
+ const unsigned int buffer_size = 256;
|
|
+ char text_buffer[buffer_size];
|
|
+ unsigned int text_len;
|
|
+
|
|
+ if (s_in_bug)
|
|
+ return;
|
|
+
|
|
+ s_in_bug = 1;
|
|
+
|
|
+ if (s_p_sess)
|
|
+ {
|
|
+ /* Try to write the message to logs */
|
|
+ if (s_p_sess->vsftpd_log_fd != -1)
|
|
+ {
|
|
+ snprintf(text_buffer, buffer_size,
|
|
+ "%s vsftpd [pid %d]: \"%s\" from \"%s\": %s",
|
|
+ vsf_sysutil_get_current_date(), vsf_sysutil_getpid(),
|
|
+ str_getbuf(&s_p_sess->user_str),
|
|
+ str_getbuf(&s_p_sess->remote_ip_str), p_text);
|
|
+ text_len = vsf_sysutil_strlen(text_buffer);
|
|
+ vsf_sysutil_write_loop(s_p_sess->vsftpd_log_fd, text_buffer, text_len);
|
|
+ }
|
|
+
|
|
+ if (tunable_syslog_enable)
|
|
+ {
|
|
+ snprintf(text_buffer, buffer_size, "\"%s\" from \"%s\": %s",
|
|
+ str_getbuf(&s_p_sess->user_str),
|
|
+ str_getbuf(&s_p_sess->remote_ip_str), p_text);
|
|
+ vsf_sysutil_syslog(text_buffer, 1);
|
|
+ }
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ /* dummy logging before the system is fully set up */
|
|
+ if (tunable_syslog_enable)
|
|
+ {
|
|
+ vsf_sysutil_syslog(p_text, 1);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ snprintf(text_buffer, buffer_size, "500 OOPS: %s\r\n", p_text);
|
|
+ text_len = vsf_sysutil_strlen(text_buffer);
|
|
+
|
|
/* Rats. Try and write the reason to the network for diagnostics */
|
|
- vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD);
|
|
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10);
|
|
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text,
|
|
- vsf_sysutil_strlen(p_text));
|
|
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2);
|
|
+ if (s_p_sess && s_p_sess->control_use_ssl)
|
|
+ {
|
|
+ if (s_p_sess->ssl_slave_active)
|
|
+ {
|
|
+ priv_sock_send_cmd(s_p_sess->ssl_consumer_fd, PRIV_SOCK_WRITE_USER_RESP);
|
|
+ priv_sock_send_buf(s_p_sess->ssl_consumer_fd, text_buffer, text_len);
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ (void)ssl_write(s_p_sess->p_control_ssl, text_buffer, text_len);
|
|
+ }
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD);
|
|
+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, text_buffer, text_len);
|
|
+ }
|
|
vsf_sysutil_exit(2);
|
|
}
|
|
|
|
Index: vsftpd-3.0.2/utility.h
|
|
===================================================================
|
|
--- vsftpd-3.0.2.orig/utility.h
|
|
+++ vsftpd-3.0.2/utility.h
|
|
@@ -2,6 +2,18 @@
|
|
#define VSF_UTILITY_H
|
|
|
|
struct mystr;
|
|
+struct vsf_session;
|
|
+
|
|
+/* die_init
|
|
+ * PURPOSE
|
|
+ * Initialize static pointer to vsf_session used for
|
|
+ * logging and SSL support used by die() and bug().
|
|
+ * If not set (or set to NULL) only dummy write
|
|
+ * to VSFTP_COMMAND_FD will be done.
|
|
+ * PARAMETERS
|
|
+ * p_sess - pointer to vsf_session or NULL
|
|
+ */
|
|
+void die_init(struct vsf_session *p_sess);
|
|
|
|
/* die()
|
|
* PURPOSE
|
|
Index: vsftpd-3.0.2/seccompsandbox.c
|
|
===================================================================
|
|
--- vsftpd-3.0.2.orig/seccompsandbox.c
|
|
+++ vsftpd-3.0.2/seccompsandbox.c
|
|
@@ -556,6 +556,10 @@ seccomp_sandbox_setup_postlogin_broker()
|
|
allow_nr(__NR_fchown);
|
|
allow_nr_1_arg_match(__NR_recvmsg, 3, 0);
|
|
}
|
|
+ if (tunable_syslog_enable)
|
|
+ {
|
|
+ allow_nr_1_arg_match(__NR_sendto, 6, 0);
|
|
+ }
|
|
}
|
|
|
|
void
|