]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
projects / thirdparty / squid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4d15c64)
Polish FTP login error handing
authorAmos Jeffries <squid3@treenet.co.nz>
Sat, 9 Oct 2010 11:20:12 +0000 (00:20 +1300)
committerAmos Jeffries <squid3@treenet.co.nz>
Sat, 9 Oct 2010 11:20:12 +0000 (00:20 +1300)
Reverts a regression added recently that blocked the challenge events.
Fixes another potential nul-pointer dereference bug.

* 421/426 server overload equate to HTTP overload. But do special such that
  the credentials are asked of the browser on retries.

* 43x and 53x FTP status are all credentials failures of various types.
  Other failures are not credential related.
  This leaves the other non-credential errors as general failures.

src/ftp.cc patch | blob | blame | history

diff --git a/src/ftp.cc b/src/ftp.cc
index bd82d92205fce54f46fcd93f45711f3f09462080..fb7d7bcf79a105ed28fa8ce7894a8524d5b9a7c2 100644 (file)
--- a/src/ftp.cc
+++ b/src/ftp.cc
@@ -1838,18 +1838,24 @@ FtpStateData::loginFailed()
     ErrorState *err = NULL;
     const char *command, *reply;
 
-    if (state == SENT_USER || state == SENT_PASS) {
-        if (ctrl.replycode > 500) {
-            if (password_url)
+    if ((state == SENT_USER || state == SENT_PASS) && ctrl.replycode >= 400) {
+        if (ctrl.replycode == 421 || ctrl.replycode == 426) {
+            // 421/426 - Service Overload - retry permitted.
+            err = errorCon(ERR_FTP_UNAVAILABLE, HTTP_SERVICE_UNAVAILABLE, fwd->request);
+        } else if (ctrl.replycode >= 430 && ctrl.replycode <= 439) {
+            // 43x - Invalid or Credential Error - retry challenge required.
+            err = errorCon(ERR_FTP_FORBIDDEN, HTTP_UNAUTHORIZED, fwd->request);
+        } else if (ctrl.replycode >= 530 && ctrl.replycode <= 539) {
+            // 53x - Credentials Missing - retry challenge required
+            if (password_url) // but they were in the URI! major fail.
                 err = errorCon(ERR_FTP_FORBIDDEN, HTTP_FORBIDDEN, fwd->request);
             else
                 err = errorCon(ERR_FTP_FORBIDDEN, HTTP_UNAUTHORIZED, fwd->request);
-        } else if (ctrl.replycode == 421) {
-            err = errorCon(ERR_FTP_UNAVAILABLE, HTTP_SERVICE_UNAVAILABLE, fwd->request);
         }
     }
 
-    if (err) {
+    // any other problems are general falures.
+    if (!err) {
         ftpFail(this);
         return;
     }
Mirror of https://github.com/squid-cache/squid.git