Bug#294077: proftpd-mysql: proftpd not allowing exit handlers to access db backends before core.exit

Mon, 07 Feb 2005 11:40:03 -0800 

Package: proftpd-mysql
Version: 1.2.10-9
Severity: important
Tags: patch

According to the mod_sql docs, the SQLLog directive will accept a
pseudo-command called "EXIT" which allows mod_sql to log the end of a
session even if the client does not issue a "QUIT" command.

In my analysis of the code, it does not appear that the above-detailed
functionality can work, due to the fact that a core.exit event is
generated before run_exit_handlers() is called by finish_terminate() in
main.c.  In other words, the mod_sql_mysql module's core.exit handler is
called before the mod_sql exit handler gets a crack at the database
connection, and the result is a segfault.

Simply calling run_exit_handlers() before pr_event_generate() fixed the
problem for us, and doesn't seem to have caused any problems.  I don't
claim to have any deep understanding of the ramifications of this
change, though.

Patch:
--- ../../upstream/tarballs/proftpd-1.2.10/src/main.c   2004-08-07 
18:22:42.000000000 -0400
+++ src/main.c  2005-02-07 13:45:54.000000000 -0500
@@ -348,14 +348,14 @@
         errno != EINVAL)
       pr_log_debug(DEBUG1, "error deleting scoreboard entry: %s",
         strerror(errno));
   }

   /* Run all the exit handlers */
-  pr_event_generate("core.exit", NULL);
   run_exit_handlers();
+  pr_event_generate("core.exit", NULL);

   /* If session.user is set, we have a valid login */
   if (session.user) {
 #if (defined(BSD) && (BSD >= 199103))
     snprintf(sbuf, sizeof(sbuf), "ftp%ld",(long)getpid());
 #else

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-1-686-smp
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages proftpd-mysql depends on:
ii  adduser                     3.59         Add and remove users and groups
ii  debconf                     1.4.30.11    Debian configuration management sy
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libcap1                     1:1.10-14    support for getting/setting POSIX.
ii  libmysqlclient10            3.23.56-2    LGPL-licensed client library for M
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-2     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  netbase                     4.19         Basic TCP/IP networking system
ii  proftpd-common              1.2.10-9     Versatile, virtual-hosting FTP dae
ii  ucf                         1.13         Update Configuration File: preserv
ii  zlib1g                      1:1.2.2-3    compression library - runtime

-- debconf information:
  shared/proftpd/warning:
* shared/proftpd/inetd_or_standalone: standalone


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to