Sophie

Sophie

distrib > Fedora > 13 > i386 > media > updates-src > by-pkgid > 2a4fbd3ed20314308cb13c049ab27cb4 > files > 9

vsftpd-2.3.4-1.fc13.src.rpm

diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c
--- vsftpd-2.1.0/logging.c.userlist_log	2008-12-17 20:56:45.000000000 +0100
+++ vsftpd-2.1.0/logging.c	2009-02-24 09:12:42.000000000 +0100
@@ -95,6 +95,13 @@ vsf_log_line(struct vsf_session* p_sess,
   vsf_log_common(p_sess, 1, what, p_str);
 }
 
+void
+vsf_log_failed_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
+             struct mystr* p_str)
+{
+  vsf_log_common(p_sess, 0, what, p_str);
+}
+
 int
 vsf_log_entry_pending(struct vsf_session* p_sess)
 {
diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h
--- vsftpd-2.1.0/logging.h.userlist_log	2008-07-30 03:29:21.000000000 +0200
+++ vsftpd-2.1.0/logging.h	2009-02-24 09:12:42.000000000 +0100
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session* 
 void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
                   struct mystr* p_str);
 
+/* vsf_log_failed_line()
+ * PURPOSE
+ * Same as vsf_log_line(), except that it logs the line as failed operation.
+ * PARAMETERS
+ * p_sess       - the current session object
+ * what         - the type of operation to log
+ * p_str        - the string to log
+ */
+void vsf_log_failed_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
+                  struct mystr* p_str);
+
 #endif /* VSF_LOGGING_H */
 
diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c
--- vsftpd-2.1.0/parseconf.c.userlist_log	2008-12-18 07:21:41.000000000 +0100
+++ vsftpd-2.1.0/parseconf.c	2009-02-24 09:12:42.000000000 +0100
@@ -96,6 +96,7 @@ parseconf_bool_array[] =
   { "mdtm_write", &tunable_mdtm_write },
   { "lock_upload_files", &tunable_lock_upload_files },
   { "pasv_addr_resolve", &tunable_pasv_addr_resolve },
+  { "userlist_log", &tunable_userlist_log },
   { "debug_ssl", &tunable_debug_ssl },
   { "require_cert", &tunable_require_cert },
   { "validate_cert", &tunable_validate_cert },
diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c
--- vsftpd-2.1.0/prelogin.c.userlist_log	2009-02-18 23:23:53.000000000 +0100
+++ vsftpd-2.1.0/prelogin.c	2009-02-24 09:17:41.000000000 +0100
@@ -220,6 +220,20 @@ handle_user_command(struct vsf_session* 
       check_login_delay();
       vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied.");
       check_login_fails(p_sess);
+      if (tunable_userlist_log)
+      {
+        struct mystr str_log_line = INIT_MYSTR;
+        if (tunable_userlist_deny)
+        {
+          str_alloc_text(&str_log_line, "User is in the deny user list.");
+        }
+        else
+        {
+          str_alloc_text(&str_log_line, "User is not in the allow user list.");
+        }
+        vsf_log_failed_line(p_sess, kVSFLogEntryLogin, &str_log_line);
+        str_free(&str_log_line);
+      }
       str_empty(&p_sess->user_str);
       return;
     }
diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
--- vsftpd-2.1.0/tunables.c.userlist_log	2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/tunables.c	2009-02-24 09:12:42.000000000 +0100
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
 int tunable_mdtm_write;
 int tunable_lock_upload_files;
 int tunable_pasv_addr_resolve;
+int tunable_userlist_log;
 int tunable_debug_ssl;
 int tunable_require_cert;
 int tunable_validate_cert;
@@ -206,6 +207,7 @@ tunables_load_defaults()
   tunable_mdtm_write = 1;
   tunable_lock_upload_files = 1;
   tunable_pasv_addr_resolve = 0;
+  tunable_userlist_log = 0;
   tunable_debug_ssl = 0;
   tunable_require_cert = 0;
   tunable_validate_cert = 0;
diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h
--- vsftpd-2.1.0/tunables.h.userlist_log	2008-12-17 06:47:11.000000000 +0100
+++ vsftpd-2.1.0/tunables.h	2009-02-24 09:12:42.000000000 +0100
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; 
 extern int tunable_mdtm_write;                /* Allow MDTM to set timestamps */
 extern int tunable_lock_upload_files;         /* Lock uploading files */
 extern int tunable_pasv_addr_resolve;         /* DNS resolve pasv_addr */
+extern int tunable_userlist_log;              /* Log every failed login attempt */
 extern int tunable_debug_ssl;                 /* Verbose SSL logging */
 extern int tunable_require_cert;              /* SSL client cert required */
 extern int tunable_validate_cert;             /* SSL certs must be valid */
diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5
--- vsftpd-2.1.0/vsftpd.conf.5.userlist_log	2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/vsftpd.conf.5	2009-02-24 09:12:42.000000000 +0100
@@ -585,6 +585,14 @@ Self-signed certs do not constitute OK v
 
 Default: NO
 .TP
+.B userlist_log
+This option is examined if
+.BR userlist_enable
+is activated. If enabled, every login denial based on the user list will be
+logged.
+
+Default: NO
+.TP
 .B virtual_use_local_privs
 If enabled, virtual users will use the same privileges as local users. By
 default, virtual users will use the same privileges as anonymous users, which

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional