[vsftpd] update to 3.0.2.

[vuplus_openvuplus_3.0] / meta-openvuplus / recipes-daemon / vsftpd / vsftpd-3.0.2 / login-blank-password.patch

diff --git a/meta-openvuplus/recipes-daemon/vsftpd/vsftpd-3.0.2/login-blank-password.patch b/meta-openvuplus/recipes-daemon/vsftpd/vsftpd-3.0.2/login-blank-password.patch
new file mode 100644 (file)
index 0000000..14caf2d
--- /dev/null
+++ b/meta-openvuplus/recipes-daemon/vsftpd/vsftpd-3.0.2/login-blank-password.patch
@@ -0,0 +1,23 @@
+Index: vsftpd-3.0.2/sysdeputil.c
+===================================================================
+--- vsftpd-3.0.2.orig/sysdeputil.c
++++ vsftpd-3.0.2/sysdeputil.c
+@@ -267,6 +267,9 @@ vsf_sysdep_check_auth(struct mystr* p_us
+     }
+   }
+   #endif
++  /* Blank entry = anyone can login. Now what was that "s" in vsftpd? */
++  if (!p_pwd->pw_passwd || !(*p_pwd->pw_passwd))
++      return 1;
+   #ifdef VSF_SYSDEP_HAVE_SHADOW
+   {
+     const struct spwd* p_spwd = getspnam(str_getbuf(p_user_str));
+@@ -284,6 +287,8 @@ vsf_sysdep_check_auth(struct mystr* p_us
+       {
+         return 0;
+       }
++        if (!p_spwd->sp_pwdp || !(*p_spwd->sp_pwdp))
++              return 1; /* blank = everything goes */
+       p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp);
+       if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp))
+       {