sources/wu-ftpd-connect-dos.patch

   1 --- src/ftpd.c.00       Wed Jan 29 12:00:12 2003
   2 +++ src/ftpd.c  Wed Jan 29 12:20:53 2003
   3 @@ -4753,6 +4753,7 @@
   4      FILE *file;
   5      int retry = 0;
   6      int on = 1;
   7 +    int cval, serrno;
   8  #ifdef IPTOS_LOWDELAY
   9      int tos;
  10  #endif
  11 @@ -4873,32 +4874,41 @@
  12         return (NULL);
  13      }
  14      usedefault = 1;
  15 -    file = getdatasock(mode);
  16 -    if (file == NULL) {
  17 -       reply(425, "Can't create data socket (%s,%d): %s.",
  18 -             inet_ntoa(data_source.sin_addr),
  19 -             ntohs(data_source.sin_port), strerror(errno));
  20 -       return (NULL);
  21 -    }
  22 -    data = fileno(file);
  23 -    (void) signal(SIGALRM, alarm_signal);
  24 -    alarm(timeout_connect);
  25 -    while (connect(data, (struct sockaddr *) &data_dest,
  26 -                  sizeof(data_dest)) < 0) {
  27 +    do {
  28 +       file = getdatasock(mode);
  29 +       if (file == NULL) {
  30 +           reply(425, "Can't create data socket (%s,%d): %s.",
  31 +                 inet_ntoa(data_source.sin_addr),
  32 +                 ntohs(data_source.sin_port), strerror(errno));
  33 +           return (NULL);
  34 +       }
  35 +       data = fileno(file);
  36 +       (void) signal(SIGALRM, alarm_signal);
  37 +       alarm(timeout_connect);
  38 +       cval = connect(data, (struct sockaddr *) &data_dest, sizeof(data_dest));
  39 +       serrno = errno;
  40         alarm(0);
  41 -       if ((errno == EADDRINUSE || errno == EINTR) && retry < swaitmax) {
  42 -           sleep((unsigned) swaitint);
  43 -           retry += swaitint;
  44 -           (void) signal(SIGALRM, alarm_signal);
  45 -           alarm(timeout_connect);
  46 -           continue;
  47 +       if (cval == -1) {
  48 +           /*
  49 +            * When connect fails, the state of the socket is unspecified so
  50 +            * it should be closed and a new socket created for each connection
  51 +            * attempt. This also prevents denial of service problems when
  52 +            * running on operating systems that only allow one non-connected
  53 +            * socket bound to the same local address.
  54 +            */
  55 +           (void) fclose(file);
  56 +           data = -1;
  57 +           errno = serrno;
  58 +           if ((errno == EADDRINUSE || errno == EINTR) && retry < swaitmax) {
  59 +               sleep((unsigned) swaitint);
  60 +               retry += swaitint;
  61 +           }
  62 +           else {
  63 +               perror_reply(425, "Can't build data connection");
  64 +               return (NULL);
  65 +           }
  66         }
  67 -       perror_reply(425, "Can't build data connection");
  68 -       (void) fclose(file);
  69 -       data = -1;
  70 -       return (NULL);
  71 -    }
  72 -    alarm(0);
  73 +    } while (cval == -1);
  74      if (keepalive)
  75         (void) setsockopt(pdata, SOL_SOCKET, SO_KEEPALIVE, (char *) &on, sizeof(on));
  76      if (TCPwindowsize)