Commit the patch for CAN-2003-0254.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@100504 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index fde087cf36b2926445f521939691320932b22e1f..65620a774c52eeb04419bdc3006959c11722d2fc 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 Changes with Apache 2.0.47
 
+  *) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
+     of service when target host is IPv6 but proxy server can't create
+     IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
+     <tsuneo.yoshioka@f-secure.com>]
+
   *) SECURITY [VU#379828] Prevent the server from crashing when entering
      infinite loops. The new LimitInternalRecursion directive configures
      limits of subsequent internal redirects and nested subrequests, after

diff --git a/modules/proxy/proxy_ftp.c b/modules/proxy/proxy_ftp.c
index 279205884ef32b0ddf6a70f55ad89abeaf15efff..c38773cb6b6f6dae9a4265351c6996404e6fe116 100644 (file)
--- a/modules/proxy/proxy_ftp.c
+++ b/modules/proxy/proxy_ftp.c
@@ -957,6 +957,7 @@ int ap_proxy_ftp_handler(request_rec *r, proxy_server_conf *conf,
            if ((rv = apr_socket_create(&sock, connect_addr->family, SOCK_STREAM, r->pool)) != APR_SUCCESS) {
                ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
                              "proxy: FTP: error creating socket");
+                connect_addr = connect_addr->next;
                continue;
            }
 
@@ -974,6 +975,7 @@ int ap_proxy_ftp_handler(request_rec *r, proxy_server_conf *conf,
 #ifndef _OSD_POSIX              /* BS2000 has this option "always on" */
                ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
                              "proxy: FTP: error setting reuseaddr option: apr_socket_opt_set(APR_SO_REUSEADDR)");
+                connect_addr = connect_addr->next;
                continue;
 #endif                          /* _OSD_POSIX */
            }