1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
Description: Enforce -z secure when logging in with USER command
Author: Ian Beckwith <ianb@debian.org>
Forwarded: no
Last-Update: 2010-04-06
--- a/ftp/cmds.c
+++ b/ftp/cmds.c
@@ -1640,6 +1640,12 @@
code = -1;
return;
}
+#ifdef USE_SSL
+ if (ssl_secure_flag && !ssl_available) {
+ fprintf(stdout, "SSL not available - login failed.\n");
+ return;
+ }
+#endif /* USE_SSL */
n = command("USER %s", argv[1]);
if (n == CONTINUE) {
if (argc < 3 )
--- a/ftp/ftp.c
+++ b/ftp/ftp.c
@@ -94,6 +94,7 @@
static int ptflag = 0;
static int ptabflg = 0;
#ifdef USE_SSL
+int ssl_available=1;
static int pdata = -1;
static int
auth_user(char *u,char *p);
@@ -2118,8 +2119,10 @@
/* spit the dummy as we will only talk ssl
* when running in "secure" mode
*/
- if (ssl_secure_flag)
+ if (ssl_secure_flag) {
+ ssl_available=0;
return ERROR;
+ }
} else if (n == CONTINUE || n == COMPLETE ) {
/* do SSL */
ssl_con=(SSL *)SSL_new(ssl_ctx);
--- a/ftp/sslapp.h
+++ b/ftp/sslapp.h
@@ -59,7 +59,9 @@
extern int server_verify_callback();
extern int client_verify_callback();*/
+extern int ssl_available;
extern int ssl_init(void);
+
#endif /* USE_SSL */
|
