From: Amos Jeffries Date: Sat, 9 Oct 2010 11:20:12 +0000 (+1300) Subject: Polish FTP login error handing X-Git-Tag: take1~191 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=493e0ad05594a1ac2d4a448553df2635c173d01d;p=thirdparty%2Fsquid.git Polish FTP login error handing Reverts a regression added recently that blocked the challenge events. Fixes another potential nul-pointer dereference bug. * 421/426 server overload equate to HTTP overload. But do special such that the credentials are asked of the browser on retries. * 43x and 53x FTP status are all credentials failures of various types. Other failures are not credential related. This leaves the other non-credential errors as general failures. --- diff --git a/src/ftp.cc b/src/ftp.cc index bd82d92205..fb7d7bcf79 100644 --- a/src/ftp.cc +++ b/src/ftp.cc @@ -1838,18 +1838,24 @@ FtpStateData::loginFailed() ErrorState *err = NULL; const char *command, *reply; - if (state == SENT_USER || state == SENT_PASS) { - if (ctrl.replycode > 500) { - if (password_url) + if ((state == SENT_USER || state == SENT_PASS) && ctrl.replycode >= 400) { + if (ctrl.replycode == 421 || ctrl.replycode == 426) { + // 421/426 - Service Overload - retry permitted. + err = errorCon(ERR_FTP_UNAVAILABLE, HTTP_SERVICE_UNAVAILABLE, fwd->request); + } else if (ctrl.replycode >= 430 && ctrl.replycode <= 439) { + // 43x - Invalid or Credential Error - retry challenge required. + err = errorCon(ERR_FTP_FORBIDDEN, HTTP_UNAUTHORIZED, fwd->request); + } else if (ctrl.replycode >= 530 && ctrl.replycode <= 539) { + // 53x - Credentials Missing - retry challenge required + if (password_url) // but they were in the URI! major fail. err = errorCon(ERR_FTP_FORBIDDEN, HTTP_FORBIDDEN, fwd->request); else err = errorCon(ERR_FTP_FORBIDDEN, HTTP_UNAUTHORIZED, fwd->request); - } else if (ctrl.replycode == 421) { - err = errorCon(ERR_FTP_UNAVAILABLE, HTTP_SERVICE_UNAVAILABLE, fwd->request); } } - if (err) { + // any other problems are general falures. + if (!err) { ftpFail(this); return; }