|
 |
90e381 |
From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001
|
|
|
90e381 |
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
|
|
|
90e381 |
Date: Mon, 18 Jun 2018 10:13:48 +0200
|
|
|
90e381 |
Subject: [PATCH 58/59] Make the max number of bind retries tunable
|
|
|
90e381 |
|
|
|
90e381 |
Resolves: rhbz#1318198
|
|
|
90e381 |
---
|
|
|
90e381 |
parseconf.c | 1 +
|
|
|
90e381 |
privops.c | 8 ++++++--
|
|
|
90e381 |
tunables.c | 2 ++
|
|
|
90e381 |
tunables.h | 1 +
|
|
|
90e381 |
vsftpd.conf.5 | 5 +++++
|
|
|
90e381 |
5 files changed, 15 insertions(+), 2 deletions(-)
|
|
|
90e381 |
|
|
|
90e381 |
diff --git a/parseconf.c b/parseconf.c
|
|
|
90e381 |
index aeb401a..3cfe7da 100644
|
|
|
90e381 |
--- a/parseconf.c
|
|
|
90e381 |
+++ b/parseconf.c
|
|
|
90e381 |
@@ -143,6 +143,7 @@ parseconf_uint_array[] =
|
|
|
90e381 |
{ "delay_successful_login", &tunable_delay_successful_login },
|
|
|
90e381 |
{ "max_login_fails", &tunable_max_login_fails },
|
|
|
90e381 |
{ "chown_upload_mode", &tunable_chown_upload_mode },
|
|
|
90e381 |
+ { "bind_retries", &tunable_bind_retries },
|
|
|
90e381 |
{ 0, 0 }
|
|
|
90e381 |
};
|
|
|
90e381 |
|
|
|
90e381 |
diff --git a/privops.c b/privops.c
|
|
|
90e381 |
index 010d28d..83b25c7 100644
|
|
|
90e381 |
--- a/privops.c
|
|
|
90e381 |
+++ b/privops.c
|
|
|
90e381 |
@@ -120,8 +120,8 @@ unsigned short
|
|
|
90e381 |
vsf_privop_pasv_listen(struct vsf_session* p_sess)
|
|
|
90e381 |
{
|
|
|
90e381 |
static struct vsf_sysutil_sockaddr* s_p_sockaddr;
|
|
|
90e381 |
- int bind_retries = 10;
|
|
|
90e381 |
- unsigned short the_port;
|
|
|
90e381 |
+ int bind_retries = tunable_bind_retries + 1;
|
|
|
90e381 |
+ unsigned short the_port = 0;
|
|
|
90e381 |
/* IPPORT_RESERVED */
|
|
|
90e381 |
unsigned short min_port = 1024;
|
|
|
90e381 |
unsigned short max_port = 65535;
|
|
|
90e381 |
@@ -131,6 +131,10 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess)
|
|
|
90e381 |
die("listed fd already active");
|
|
|
90e381 |
}
|
|
|
90e381 |
|
|
|
90e381 |
+ if (bind_retries < 2)
|
|
|
90e381 |
+ {
|
|
|
90e381 |
+ bind_retries = 2;
|
|
|
90e381 |
+ }
|
|
|
90e381 |
if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port)
|
|
|
90e381 |
{
|
|
|
90e381 |
min_port = (unsigned short) tunable_pasv_min_port;
|
|
|
90e381 |
diff --git a/tunables.c b/tunables.c
|
|
|
90e381 |
index 63de8e6..a7ce9c8 100644
|
|
|
90e381 |
--- a/tunables.c
|
|
|
90e381 |
+++ b/tunables.c
|
|
|
90e381 |
@@ -115,6 +115,7 @@ unsigned int tunable_delay_failed_login;
|
|
|
90e381 |
unsigned int tunable_delay_successful_login;
|
|
|
90e381 |
unsigned int tunable_max_login_fails;
|
|
|
90e381 |
unsigned int tunable_chown_upload_mode;
|
|
|
90e381 |
+unsigned int tunable_bind_retries;
|
|
|
90e381 |
|
|
|
90e381 |
const char* tunable_secure_chroot_dir;
|
|
|
90e381 |
const char* tunable_ftp_username;
|
|
|
90e381 |
@@ -268,6 +269,7 @@ tunables_load_defaults()
|
|
|
90e381 |
tunable_max_login_fails = 3;
|
|
|
90e381 |
/* -rw------- */
|
|
|
90e381 |
tunable_chown_upload_mode = 0600;
|
|
|
90e381 |
+ tunable_bind_retries = 9;
|
|
|
90e381 |
|
|
|
90e381 |
install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
|
|
|
90e381 |
install_str_setting("ftp", &tunable_ftp_username);
|
|
|
90e381 |
diff --git a/tunables.h b/tunables.h
|
|
|
90e381 |
index 8a4b8b2..029d645 100644
|
|
|
90e381 |
--- a/tunables.h
|
|
|
90e381 |
+++ b/tunables.h
|
|
|
90e381 |
@@ -120,6 +120,7 @@ extern unsigned int tunable_delay_failed_login;
|
|
|
90e381 |
extern unsigned int tunable_delay_successful_login;
|
|
|
90e381 |
extern unsigned int tunable_max_login_fails;
|
|
|
90e381 |
extern unsigned int tunable_chown_upload_mode;
|
|
|
90e381 |
+extern unsigned int tunable_bind_retries;
|
|
|
90e381 |
|
|
|
90e381 |
/* String defines */
|
|
|
90e381 |
extern const char* tunable_secure_chroot_dir;
|
|
|
90e381 |
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
|
|
|
90e381 |
index f246906..ce3fba3 100644
|
|
|
90e381 |
--- a/vsftpd.conf.5
|
|
|
90e381 |
+++ b/vsftpd.conf.5
|
|
|
90e381 |
@@ -760,6 +760,11 @@ value will be treated as a base 10 integer!
|
|
|
90e381 |
|
|
|
90e381 |
Default: 077
|
|
|
90e381 |
.TP
|
|
|
90e381 |
+.B bind_retries
|
|
|
90e381 |
+Maximum number of attempts to find a free listening port in passive mode.
|
|
|
90e381 |
+
|
|
|
90e381 |
+Default: 9
|
|
|
90e381 |
+.TP
|
|
|
90e381 |
.B chown_upload_mode
|
|
|
90e381 |
The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6).
|
|
|
90e381 |
|
|
|
90e381 |
--
|
|
|
90e381 |
2.14.4
|
|
|
90e381 |
|