hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2025-01-01 00:18:15 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix a bug in the hack that protects against FTP bounce attacks.

Browse Source 
It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection.  That will
take it back to the select() loop where all transports can be
serviced.  I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
This commit is contained in:
John Polstra 1999-11-17 01:54:17 +00:00
parent 98af7850dd
commit 6b2bdf2c08
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=53254
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/libc/rpc/svc_tcp.c
View File

@ -244,12 +244,11 @@ rendezvous_request(xprt)
return (FALSE); return (FALSE);
} }
/* /*
* XXX careful for ftp bounce attacks. If discovered, close the * Guard against FTP bounce attacks.
* socket and look for another connection.
*/ */
if (addr.sin_port == htons(20)) { if (addr.sin_port == htons(20)) {
close(sock); close(sock);
goto again; return (FALSE);
} }
/* /*
* make a new transporter (re-uses xprt) * make a new transporter (re-uses xprt)