Bug 60708 - identd delays caused by xinetd config
Summary: identd delays caused by xinetd config
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd
Version: 7.2
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: wdovlrrw
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-03-05 05:08 UTC by Ian Mortimer
Modified: 2007-04-18 16:40 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-03-05 05:08:23 UTC
Embargoed:


Attachments (Terms of Use)

Description Ian Mortimer 2002-03-05 05:08:19 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686)

Description of problem:
The default xinetd config /etc/xinetd.d/wu-ftpd add USERID as a log option for
success or failure.  This causes xinetd to attempt an identd (auth) connection
to the
connecting host.  This fails when the host isn't running an identd daemon or is
behind a
firewall blocking identd connections.
   

Version-Release number of selected component (if applicable):
wu-ftpd-2.6.1-20

How reproducible:
Always

Steps to Reproduce:
1.Make an ftp connection from a host without an identd daemon or one behind a
firewall
2.Start tcpdump or some other packet sniffer on the connection.
3.
	

Actual Results:  There is a long delay before the ftp server responds.  tcpdump
shows attempts by the ftp server to connect to identd (tcp port 113).

Expected Results:  identd should not be invoked.  It's a security problem and
forcing clients 
to run it or suffer delays if they don't is a bad idea.

Additional info:

This was reported (by someone else) as a problem with xinetd (bug #55936).
However  the problem is not with xinetd itself but with the configuration of
various daemons which require it to initiate an identd connection.

Comment 1 Bernhard Rosenkraenzer 2002-03-12 10:20:23 UTC
Agreed, turned off in 2.6.2-5


Note You need to log in before you can comment on or make changes to this bug.