Index: contrib/mod_sftp/auth.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_sftp/auth.c,v
retrieving revision 1.40
diff -u -r1.40 auth.c
--- contrib/mod_sftp/auth.c 11 Dec 2011 02:33:14 -0000 1.40
+++ contrib/mod_sftp/auth.c 14 Dec 2011 18:45:53 -0000
@@ -961,12 +961,12 @@
* queried.
*/
if (send_userauth_methods() < 0) {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
return -1;
}
@@ -984,12 +984,12 @@
pr_trace_msg(trace_channel, 10, "auth method '%s' not enabled", method);
if (send_userauth_methods() < 0) {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
return -1;
}
@@ -1009,12 +1009,12 @@
pr_trace_msg(trace_channel, 10, "auth method '%s' not enabled", method);
if (send_userauth_methods() < 0) {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
return -1;
}
@@ -1034,12 +1034,12 @@
pr_trace_msg(trace_channel, 10, "auth method '%s' not enabled", method);
if (send_userauth_methods() < 0) {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
return -1;
}
@@ -1059,12 +1059,12 @@
pr_trace_msg(trace_channel, 10, "auth method '%s' not enabled", method);
if (send_userauth_methods() < 0) {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
return -1;
}
@@ -1076,12 +1076,12 @@
}
} else {
- pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
- pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
-
pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(cmd, LOG_CMD_ERR, 0);
+
(void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
"unsupported authentication method '%s' requested", method);
return -1;
@@ -1095,6 +1095,9 @@
if (res <= 0) {
int xerrno = errno;
+ pr_cmd_dispatch_phase(pass_cmd, POST_CMD_ERR, 0);
+ pr_cmd_dispatch_phase(pass_cmd, LOG_CMD_ERR, 0);
+
pr_cmd_dispatch_phase(cmd, res == 0 ? POST_CMD : POST_CMD_ERR, 0);
pr_cmd_dispatch_phase(cmd, res == 0 ? LOG_CMD : LOG_CMD_ERR, 0);
Index: contrib/mod_wrap2/mod_wrap2.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/contrib/mod_wrap2/mod_wrap2.c,v
retrieving revision 1.40
diff -u -r1.40 mod_wrap2.c
--- contrib/mod_wrap2/mod_wrap2.c 23 Nov 2011 18:04:38 -0000 1.40
+++ contrib/mod_wrap2/mod_wrap2.c 14 Dec 2011 18:45:53 -0000
@@ -1844,6 +1844,12 @@
if (!wrap2_engine)
return PR_DECLINED(cmd);
+ /* Clear the values from the session struct as well, specifically
+ * session.user. Failure to do so caused Bug#3727.
+ */
+ session.user = NULL;
+ session.group = NULL;
+
wrap2_ctxt = NULL;
wrap2_allow_table = NULL;
wrap2_deny_table = NULL;