diff options
author | jdp <jdp@FreeBSD.org> | 1999-11-17 01:54:17 +0000 |
---|---|---|
committer | jdp <jdp@FreeBSD.org> | 1999-11-17 01:54:17 +0000 |
commit | 3776d08208bf7d6dcba99c148cba092dbc52eb1b (patch) | |
tree | 7645ba4a62a94cbd12b02416d859c685231674ef /lib | |
parent | 98a212df1f8810b90c299e120edcbfba1877933a (diff) | |
download | FreeBSD-src-3776d08208bf7d6dcba99c148cba092dbc52eb1b.zip FreeBSD-src-3776d08208bf7d6dcba99c148cba092dbc52eb1b.tar.gz |
Fix a bug in the hack that protects against FTP bounce attacks.
It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection. That will
take it back to the select() loop where all transports can be
serviced. I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/rpc/svc_tcp.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/libc/rpc/svc_tcp.c b/lib/libc/rpc/svc_tcp.c index a87b361..b0aafbf 100644 --- a/lib/libc/rpc/svc_tcp.c +++ b/lib/libc/rpc/svc_tcp.c @@ -244,12 +244,11 @@ rendezvous_request(xprt) return (FALSE); } /* - * XXX careful for ftp bounce attacks. If discovered, close the - * socket and look for another connection. + * Guard against FTP bounce attacks. */ if (addr.sin_port == htons(20)) { close(sock); - goto again; + return (FALSE); } /* * make a new transporter (re-uses xprt) |