Bug 60708

Summary: identd delays caused by xinetd config
Product: [Retired] Red Hat Linux Reporter: Ian Mortimer <i.mortimer>
Component: wu-ftpdAssignee: wdovlrrw <brosenkr>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: low Docs Contact:
Priority: medium    
Version: 7.2   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-03-05 05:08:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ian Mortimer 2002-03-05 05:08:19 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686)

Description of problem:
The default xinetd config /etc/xinetd.d/wu-ftpd add USERID as a log option for
success or failure.  This causes xinetd to attempt an identd (auth) connection
to the
connecting host.  This fails when the host isn't running an identd daemon or is
behind a
firewall blocking identd connections.
   

Version-Release number of selected component (if applicable):
wu-ftpd-2.6.1-20

How reproducible:
Always

Steps to Reproduce:
1.Make an ftp connection from a host without an identd daemon or one behind a
firewall
2.Start tcpdump or some other packet sniffer on the connection.
3.
	

Actual Results:  There is a long delay before the ftp server responds.  tcpdump
shows attempts by the ftp server to connect to identd (tcp port 113).

Expected Results:  identd should not be invoked.  It's a security problem and
forcing clients 
to run it or suffer delays if they don't is a bad idea.

Additional info:

This was reported (by someone else) as a problem with xinetd (bug #55936).
However  the problem is not with xinetd itself but with the configuration of
various daemons which require it to initiate an identd connection.
Comment 1 Bernhard Rosenkraenzer 2002-03-12 10:20:23 UTC 
Agreed, turned off in 2.6.2-5