mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-29 06:47:21 +01:00
Fix a bug in the hack that protects against FTP bounce attacks.
It used to loop back up to the accept() call and block there, shutting out all other transports until a new connection came in. Now it returns instead after dropping the connection. That will take it back to the select() loop where all transports can be serviced. I intend to MFC this within a day or two since it fixes a DoS vulnerability.
This commit is contained in:
parent
98af7850dd
commit
6b2bdf2c08
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=53254
@ -244,12 +244,11 @@ rendezvous_request(xprt)
|
||||
return (FALSE);
|
||||
}
|
||||
/*
|
||||
* XXX careful for ftp bounce attacks. If discovered, close the
|
||||
* socket and look for another connection.
|
||||
* Guard against FTP bounce attacks.
|
||||
*/
|
||||
if (addr.sin_port == htons(20)) {
|
||||
close(sock);
|
||||
goto again;
|
||||
return (FALSE);
|
||||
}
|
||||
/*
|
||||
* make a new transporter (re-uses xprt)
|
||||
|
Loading…
Reference in New Issue
Block a user