From donn@u.washington.edu Fri Oct 5 15:03:35 2001
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id PAA12438
for <bugs@RT-11.mit.edu>; Fri, 5 Oct 2001 15:03:35 -0400 (EDT)
Received: from melville.u.washington.edu (melville.u.washington.edu [128.95.135.35])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA01757
for <krb5-bugs@mit.edu>; Fri, 5 Oct 2001 15:03:34 -0400 (EDT)
Received: (from donn@localhost)
by melville.u.washington.edu (8.11.6+UW01.08/8.11.6+UW01.08) id f95J3XA60982;
Fri, 5 Oct 2001 12:03:33 -0700
Message-Id: <200110051903.f95J3XA60982@melville.u.washington.edu>
Date: Fri, 5 Oct 2001 12:03:33 -0700
From: donn@u.washington.edu
Reply-To: donn@u.washington.edu
To: krb5-bugs@mit.edu
Subject: ftpd continues with 232 after 230-No directory
X-Send-Pr-Version: 3.99
University of Washington
System: AIX melville 2 4 00600210C000
the user's home directory fails. It leaves the continuation
of that line up to the caller, and in the case of a GSS
authenticated login, the code comes out "232". Ftp clients,
including MIT krb5, need the same code before the continuation
is finished, so they're stuck.
would normally use. Following context diff is relative to
krb5-1.2.2 + buffer overflow patches.
-----------------
*** appl/gssftp/ftpd/ftpd.c.orig2 Wed Aug 8 13:27:43 2001
--- appl/gssftp/ftpd/ftpd.c Fri Oct 5 11:49:31 2001
***************
*** 818,824 ****
syslog(authorized ? LOG_INFO : LOG_ERR, "%s", buf);
if (result == 232)
! login(NULL);
return;
}
--- 818,824 ----
syslog(authorized ? LOG_INFO : LOG_ERR, "%s", buf);
if (result == 232)
! login(NULL, result);
return;
}
***************
*** 1086,1096 ****
}
login_attempts = 0; /* this time successful */
! login(passwd);
return;
}
! login(passwd)
char *passwd;
{
if (have_creds) {
--- 1086,1096 ----
}
login_attempts = 0; /* this time successful */
! login(passwd, 0);
return;
}
! login(passwd, logincode)
char *passwd;
{
if (have_creds) {
***************
*** 1149,1156 ****
reply(530, "User %s: can't change directory to %s.",
pw->pw_name, pw->pw_dir);
goto bad;
! } else
! lreply(230, "No directory! Logging in with home=/");
}
}
if (guest) {
--- 1149,1159 ----
reply(530, "User %s: can't change directory to %s.",
pw->pw_name, pw->pw_dir);
goto bad;
! } else {
! if (!logincode)
! logincode = 230;
! lreply(logincode, "No directory! Logging in with home=/");
! }
}
}
if (guest) {
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id PAA12438
for <bugs@RT-11.mit.edu>; Fri, 5 Oct 2001 15:03:35 -0400 (EDT)
Received: from melville.u.washington.edu (melville.u.washington.edu [128.95.135.35])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA01757
for <krb5-bugs@mit.edu>; Fri, 5 Oct 2001 15:03:34 -0400 (EDT)
Received: (from donn@localhost)
by melville.u.washington.edu (8.11.6+UW01.08/8.11.6+UW01.08) id f95J3XA60982;
Fri, 5 Oct 2001 12:03:33 -0700
Message-Id: <200110051903.f95J3XA60982@melville.u.washington.edu>
Date: Fri, 5 Oct 2001 12:03:33 -0700
From: donn@u.washington.edu
Reply-To: donn@u.washington.edu
To: krb5-bugs@mit.edu
Subject: ftpd continues with 232 after 230-No directory
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 1003
>Category: krb5-appl
>Synopsis: ftpd continues with 232 after 230-No directory
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Oct 5 15:04:00 EDT 2001
>Last-Modified:
>Originator: Donn Cave
>Organization:
University Computing Services>Category: krb5-appl
>Synopsis: ftpd continues with 232 after 230-No directory
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Oct 5 15:04:00 EDT 2001
>Last-Modified:
>Originator: Donn Cave
>Organization:
University of Washington
Show quoted text
>Release: krb5-1.2.2
>Environment:
Any>Environment:
System: AIX melville 2 4 00600210C000
Show quoted text
>Description:
login() issues a line "230-No directory!..." when chdir tothe user's home directory fails. It leaves the continuation
of that line up to the caller, and in the case of a GSS
authenticated login, the code comes out "232". Ftp clients,
including MIT krb5, need the same code before the continuation
is finished, so they're stuck.
Show quoted text
>How-To-Repeat:
Rename your home directory, ftp in with Kerberos 5 credentials.Show quoted text
>Fix:
Pass code into login(), when it's different than what login()would normally use. Following context diff is relative to
krb5-1.2.2 + buffer overflow patches.
-----------------
*** appl/gssftp/ftpd/ftpd.c.orig2 Wed Aug 8 13:27:43 2001
--- appl/gssftp/ftpd/ftpd.c Fri Oct 5 11:49:31 2001
***************
*** 818,824 ****
syslog(authorized ? LOG_INFO : LOG_ERR, "%s", buf);
if (result == 232)
! login(NULL);
return;
}
--- 818,824 ----
syslog(authorized ? LOG_INFO : LOG_ERR, "%s", buf);
if (result == 232)
! login(NULL, result);
return;
}
***************
*** 1086,1096 ****
}
login_attempts = 0; /* this time successful */
! login(passwd);
return;
}
! login(passwd)
char *passwd;
{
if (have_creds) {
--- 1086,1096 ----
}
login_attempts = 0; /* this time successful */
! login(passwd, 0);
return;
}
! login(passwd, logincode)
char *passwd;
{
if (have_creds) {
***************
*** 1149,1156 ****
reply(530, "User %s: can't change directory to %s.",
pw->pw_name, pw->pw_dir);
goto bad;
! } else
! lreply(230, "No directory! Logging in with home=/");
}
}
if (guest) {
--- 1149,1159 ----
reply(530, "User %s: can't change directory to %s.",
pw->pw_name, pw->pw_dir);
goto bad;
! } else {
! if (!logincode)
! logincode = 230;
! lreply(logincode, "No directory! Logging in with home=/");
! }
}
}
if (guest) {
Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: