Subject: bin/36468: ftpd(8) always logs names
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <andreas@planix.com>
List: netbsd-bugs
Date: 06/10/2007 19:15:01
>Number:         36468
>Category:       bin
>Synopsis:       ftpd(8) always logs names
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 10 19:15:00 +0000 2007
>Originator:     Andreas Wrede
>Release:        NetBSD 4.0_BETA2
>Organization:
Andreas Wrede              Planix, Inc.
andreas@planix.com         Networking, System Administration, Consulting
http://www.planix.com      Toronto, Ontario, Canada

"The steady state of disks is full."
                               -- Ken Thompson
>Environment:
	
	
System: NetBSD whome.planix.com 4.0_BETA2 NetBSD 4.0_BETA2 (PLANIX.MPACPI) #156: Sun May 6 03:48:04 EDT 2007 root@whome.planix.com:/u2/netbsd-4.0/obj.i386/sys/arch/i386/compile/PLANIX.MPACPI i386

Architecture: i386
Machine: i386
>Description:
	
	ftpd(8)  always logs the client's IP address as a translated hostname
(via getnameinfo(3)).  This is not always desirable as frequently the A 
record for such PTR records does not exists, making the reconstruction of
the actual IP address the client connected from difficult at best.

>How-To-Repeat:
	
$ grep 'LOGIN FAILED' /var/log/messages
Jun  9 03:11:30 whome ftpd[17166]: FTP LOGIN FAILED FROM gatekeeper.socaldata.com, administrator
$  /usr/bin/host gatekeeper.socaldata.com
Host gatekeeper.socaldata.com not found: 3(NXDOMAIN)

>Fix:
	
The patch below introduces a -n option to ftpd(8)


Index: ftpd.8
===================================================================
RCS file: /cvsroot/src/libexec/ftpd/ftpd.8,v
retrieving revision 1.76
diff -u -r1.76 ftpd.8
--- ftpd.8	7 Aug 2005 11:13:34 -0000	1.76
+++ ftpd.8	10 Jun 2007 17:46:51 -0000
@@ -63,7 +63,7 @@
 .\"
 .\"     @(#)ftpd.8	8.2 (Berkeley) 4/19/94
 .\"
-.Dd August 4, 2005
+.Dd June 10, 2007
 .Dt FTPD 8
 .Os
 .Sh NAME
@@ -72,7 +72,7 @@
 Internet File Transfer Protocol server
 .Sh SYNOPSIS
 .Nm
-.Op Fl 46DdHlQqrsUuWwX
+.Op Fl 46DdHlnQqrsUuWwX
 .Op Fl a Ar anondir
 .Op Fl C Ar user
 .Op Fl c Ar confdir
@@ -194,6 +194,8 @@
 If this option is specified more than once, the retrieve (get), store (put),
 append, delete, make directory, remove directory and rename operations and
 their file name arguments are also logged.
+.It Fl n
+Don't attempt translation of IP addresses to hostnames.
 .It Fl P Ar dataport
 Use
 .Ar dataport
Index: ftpd.c
===================================================================
RCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.177
diff -u -r1.177 ftpd.c
--- ftpd.c	26 Sep 2006 06:47:20 -0000	1.177
+++ ftpd.c	10 Jun 2007 17:46:51 -0000
@@ -192,6 +192,7 @@
 int	dowtmp;			/* update wtmp file */
 int	doxferlog;		/* syslog/write wu-ftpd style xferlog entries */
 int	xferlogfd;		/* fd to write wu-ftpd xferlog entries to */
+int	getnameopts;		/* flags for use with getname() */
 int	dropprivs;		/* if privileges should or have been dropped */
 int	mapped;			/* IPv4 connection on AF_INET6 socket */
 off_t	file_size;
@@ -309,6 +310,7 @@
 	dowtmp = 1;		/* default: DO log to wtmp */
 	doxferlog = 0;		/* default: Do NOT syslog xferlog */
 	xferlogfd = -1;		/* default: Do NOT write xferlog file */
+	getnameopts = 0;	/* default: xlate addrs to name */
 	dropprivs = 0;
 	mapped = 0;
 	usedefault = 1;
@@ -326,7 +328,7 @@
 	openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
 
 	while ((ch = getopt(argc, argv,
-	    "46a:c:C:Dde:h:HlL:P:qQrst:T:uUvV:wWX")) != -1) {
+	    "46a:c:C:Dde:h:HlL:nP:qQrst:T:uUvV:wWX")) != -1) {
 		switch (ch) {
 		case '4':
 			af = AF_INET;
@@ -380,6 +382,10 @@
 			xferlogname = optarg;
 			break;
 
+		case 'n':
+			getnameopts = NI_NUMERICHOST;
+			break;
+
 		case 'P':
 			errno = 0;
 			p = NULL;
@@ -651,8 +657,8 @@
 	/* if the hostname hasn't been given, attempt to determine it */ 
 	if (hostname[0] == '\0') {
 		if (getnameinfo((struct sockaddr *)&ctrl_addr.si_su,
-		    ctrl_addr.su_len, hostname, sizeof(hostname), NULL, 0, 0)
-		    != 0)
+		    ctrl_addr.su_len, hostname, sizeof(hostname), NULL, 0, 
+			getnameopts) != 0)
 			(void)gethostname(hostname, sizeof(hostname));
 		hostname[sizeof(hostname) - 1] = '\0';
 	}
@@ -2786,7 +2792,8 @@
 {
 
 	if (getnameinfo((struct sockaddr *)&who->si_su,
-	    who->su_len, remotehost, sizeof(remotehost), NULL, 0, 0))
+	    who->su_len, remotehost, sizeof(remotehost), NULL, 0, 
+	    getnameopts))
 		strlcpy(remotehost, "?", sizeof(remotehost));
 
 #if HAVE_SETPROCTITLE

>Unformatted: