Update blacklist support in ftpd to clarify fd usage

The ftp daemon dups the control socket to stdin and uses that fd
throughout the code.  Clarify this usage slightly by changing from
explicit use of "0" for the fd to a variable, to make it clear what
the zero represents in the non-blacklist code. Make the
blacklist_notify routine use STDIN_FILENO so as to have less of a
"magic number" feel to the code.

Reviewed by:	cem
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D6716

2 files changed, 11 insertions, 13 deletions

diff --git a/libexec/ftpd/blacklist.c b/libexec/ftpd/blacklist.c
index e56fc65455c5..b66a1cd60403 100644
--- a/libexec/ftpd/blacklist.c
+++ b/libexec/ftpd/blacklist.c
@@ -48,8 +48,6 @@ void
 blacklist_notify(int action, int fd, char *msg)
 {
 	if (blstate == NULL)
-		blacklist_init();
-	if (blstate == NULL)
 		return;
 	(void)blacklist_r(blstate, action, fd, msg);
 }
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index 5ce1d3af405f..16c7523b7a0c 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -268,7 +268,7 @@ int
 main(int argc, char *argv[], char **envp)
 {
 	socklen_t addrlen;
-	int ch, on = 1, tos;
+	int ch, on = 1, tos, s = STDIN_FILENO;
 	char *cp, line[LINE_MAX];
 	FILE *fd;
 	char	*bindname = NULL;
@@ -504,8 +504,8 @@ main(int argc, char *argv[], char **envp)
 					switch (pid = fork()) {
 					case 0:
 						/* child */
-						(void) dup2(fd, 0);
-						(void) dup2(fd, 1);
+						(void) dup2(fd, s);
+						(void) dup2(fd, STDOUT_FILENO);
 						(void) close(fd);
 						for (i = 1; i <= *ctl_sock; i++)
 							close(ctl_sock[i]);
@@ -522,7 +522,7 @@ main(int argc, char *argv[], char **envp)
 		}
 	} else {
 		addrlen = sizeof(his_addr);
-		if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
+		if (getpeername(s, (struct sockaddr *)&his_addr, &addrlen) < 0) {
 			syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
 			exit(1);
 		}
@@ -557,7 +557,7 @@ gotchild:
 	(void)sigaction(SIGPIPE, &sa, NULL);
 
 	addrlen = sizeof(ctrl_addr);
-	if (getsockname(0, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) {
+	if (getsockname(s, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) {
 		syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
 		exit(1);
 	}
@@ -570,7 +570,7 @@ gotchild:
 	if (ctrl_addr.su_family == AF_INET)
       {
 	tos = IPTOS_LOWDELAY;
-	if (setsockopt(0, IPPROTO_IP, IP_TOS, &tos, sizeof(int)) < 0)
+	if (setsockopt(s, IPPROTO_IP, IP_TOS, &tos, sizeof(int)) < 0)
 		syslog(LOG_WARNING, "control setsockopt (IP_TOS): %m");
       }
 #endif
@@ -578,7 +578,7 @@ gotchild:
 	 * Disable Nagle on the control channel so that we don't have to wait
 	 * for peer's ACK before issuing our next reply.
 	 */
-	if (setsockopt(0, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) < 0)
+	if (setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) < 0)
 		syslog(LOG_WARNING, "control setsockopt (TCP_NODELAY): %m");
 
 	data_source.su_port = htons(ntohs(ctrl_addr.su_port) - 1);
@@ -587,12 +587,12 @@ gotchild:
 
 	/* Try to handle urgent data inline */
 #ifdef SO_OOBINLINE
-	if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on)) < 0)
+	if (setsockopt(s, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on)) < 0)
 		syslog(LOG_WARNING, "control setsockopt (SO_OOBINLINE): %m");
 #endif
 
 #ifdef	F_SETOWN
-	if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
+	if (fcntl(s, F_SETOWN, getpid()) == -1)
 		syslog(LOG_ERR, "fcntl F_SETOWN: %m");
 #endif
 	dolog((struct sockaddr *)&his_addr);
@@ -1423,7 +1423,7 @@ skip:
 		if (rval) {
 			reply(530, "Login incorrect.");
 #ifdef USE_BLACKLIST
-			blacklist_notify(1, 0, "Login incorrect");
+			blacklist_notify(1, STDIN_FILENO, "Login incorrect");
 #endif
 			if (logging) {
 				syslog(LOG_NOTICE,
@@ -1444,7 +1444,7 @@ skip:
 		}
 #ifdef USE_BLACKLIST
 		 else {
-			blacklist_notify(0, 0, "Login successful");
+			blacklist_notify(0, STDIN_FILENO, "Login successful");
 		}
 #endif
 	}