Fix a bug in the hack that protects against FTP bounce attacks.

It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection.  That will
take it back to the select() loop where all transports can be
serviced.  I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
This commit is contained in:
John Polstra 1999-11-17 01:54:17 +00:00
parent 98af7850dd
commit 6b2bdf2c08
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=53254

View File

@ -244,12 +244,11 @@ rendezvous_request(xprt)
return (FALSE);
}
/*
* XXX careful for ftp bounce attacks. If discovered, close the
* socket and look for another connection.
* Guard against FTP bounce attacks.
*/
if (addr.sin_port == htons(20)) {
close(sock);
goto again;
return (FALSE);
}
/*
* make a new transporter (re-uses xprt)