diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-04-25 11:06:29 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-04-25 11:06:29 +0000 |
| commit | 1227c60cf78b16467dc2fa4a7a65966ba2f275cc (patch) | |
| tree | b3a72a20db40076498fb2c05a819236c74584b3d /libexec | |
| parent | 8e3a6c49433da7ca4fdecc8322b68675f41d2f92 (diff) | |
do not allow connect to a 2049 either, helps firewall cases; adam@math.tau.ac.il
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/ftpd/ftpd.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 879f47a72de..d2eaeffafdf 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ftpd.c,v 1.33 1997/03/25 22:47:10 millert Exp $ */ +/* $OpenBSD: ftpd.c,v 1.34 1997/04/25 11:06:28 deraadt Exp $ */ /* $NetBSD: ftpd.c,v 1.15 1995/06/03 22:46:47 mycroft Exp $ */ /* @@ -1191,7 +1191,8 @@ dataconn(name, size, mode) * attempt to connect to reserved port on client machine; * this looks like an attack */ - if (ntohs(data_dest.sin_port) < IPPORT_RESERVED) { + if (ntohs(data_dest.sin_port) < IPPORT_RESERVED || + ntohs(data_dest.sin_port) == 2049) { /* XXX */ perror_reply(425, "Can't build data connection"); (void) fclose(file); data = -1; |