New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BanOnEvent BadProtocol triggers segfault #1445
Comments
In the provided log, I do see these log messages, indicating that
What is the current |
Hi, I'm just excepting it to work. You know, showing the ip up in ftpdctl ban info -v, getting the BanMessage, and so on. Maybe the allowlist is causing the problem? edit: no, i tried removing it |
Can you tell me exactly how you're testing this feature, and what you see (and expect to see), so that I can reproduce locally the behavior you're seeing?
Yes, but how, exactly? I don't know what your expectations are, so I don't know where to start to see where your configuration differs from the behavior you want to see.. |
ok.
So it turns out many of the issue were me assuming the wrong thing.
Yet, I managed to find what looks like an actual different, even though it's different. Along the various events I tried triggering, there is BadProtocol. BadProtocol still does not trigger. What I try to do:
This is written in the logs:
As I said before, after this request i'm expecting to see myself in the ftpdctl list, but instead I will always get the "no bans" message. After this request, I tried logging in with filezilla and I could open the connection without issues, while I'm expecting the authentication to not go through (as I said before, I'm expecting the login to fail or the server to close the tcp connection before checking for valid user/pass authentication).. This however, seems to be because of the server crashing! :) So, sorry for being unclear at the beginning, now I'm happy and looks like we found an actual issue |
No worries about reporting the issues you see; it sometimes takes a little while for both sides to take a step back, and clarify what both sides are looking at. Once that happens, debugging (and fixing!) the behaviors we both see happens much faster. This is definitely a problem:
I see that you are running ProFTPD 1.3.6, which is a little older (and currently no longer supported) -- but that doesn't mean this bug doesn't exist anymore! I'll work on verifying this first. Might if I ask what distribution (and version) you are using? With that info, I should be able to spin up a Docker container of that distribution, install the same ProFTPD package, and then make it crash the same way you are. (Crashing would definitely prevent any |
I think I've managed to reproduce this "signal 11" behavior locally; tracking down the cause now. |
Issue #1445: The handling of the "bad protocol" event by `mod_ban` wa…
This segfault should now be fixed in the master branch; the fix has been backported to the 1.3.7 branch as well. |
What I Did
I configured mod_ban in order to ban users and I tried banning myself.
What I Expected/Wanted
I expected proftpd to ban me.
Note that I can get myself banned using ftpdctl .
ProFTPD Version and Configuration
proftpd.conf
modules.conf
conf.d/ctrl.conf
conf.d/ban.conf
mod_ban logs only show:
general-log.txt
general logs
The text was updated successfully, but these errors were encountered: