Index: modules/mod_auth.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/modules/mod_auth.c,v
retrieving revision 1.252
diff -u -r1.252 mod_auth.c
--- modules/mod_auth.c	11 Feb 2009 06:56:43 -0000	1.252
+++ modules/mod_auth.c	12 Feb 2009 18:48:16 -0000
@@ -1074,11 +1074,13 @@
    * through with the login process.  Oh well.
    */
 
+  memset(sess_ttyname, '\0', sizeof(sess_ttyname));
 #if (defined(BSD) && (BSD >= 199103))
   snprintf(sess_ttyname, sizeof(sess_ttyname), "ftp%ld", (long) getpid());
 #else
   snprintf(sess_ttyname, sizeof(sess_ttyname), "ftpd%d", (int) getpid());
 #endif
+  sess_ttyname[sizeof(sess_ttyname)-1] = '\0';
 
   /* Perform wtmp logging only if not turned off in <Anonymous>
    * or the current server
Index: src/main.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/src/main.c,v
retrieving revision 1.361
diff -u -r1.361 main.c
--- src/main.c	11 Feb 2009 05:57:12 -0000	1.361
+++ src/main.c	12 Feb 2009 18:48:16 -0000
@@ -92,8 +92,6 @@
 
 static unsigned char have_dead_child = FALSE;
 
-static char sbuf[PR_TUNABLE_BUFFER_SIZE] = {'\0'};
-
 #define PR_DEFAULT_CMD_BUFSZ	512
 
 /* From mod_auth_unix.c */
@@ -108,7 +106,16 @@
 static int syntax_check = 0;
 
 static const char *protocol_name = "FTP";
+
+/* This protocol_name_lc variable is used only by WtmpLog logging.  Newer
+ * BSD variants require a name of "ftp" while other, non-BSD variants
+ * prefer "ftpd".
+ */
+#if (defined(BSD) && (BSD >= 199103))
 static const char *protocol_name_lc = "ftp";
+#else
+static const char *protocol_name_lc = "ftpd";
+#endif
 
 /* Command handling */
 static void cmd_loop(server_rec *, conn_t *);
@@ -185,6 +192,7 @@
 }
 
 static void end_login_noexit(void) {
+  char wtmp_buf[PR_TUNABLE_BUFFER_SIZE];
 
   /* Clear the scoreboard entry. */
   if (ServerType == SERVER_STANDALONE) {
@@ -206,20 +214,25 @@
         strerror(errno));
   }
 
+  if (session.wtmp_log) {
+    memset(wtmp_buf, '\0', sizeof(wtmp_buf));
+  }
+
   /* If session.user is set, we have a valid login */
   if (session.user) {
 #if (defined(BSD) && (BSD >= 199103))
-    snprintf(sbuf, sizeof(sbuf), "%s%ld", protocol_name_lc,
+    snprintf(wtmp_buf, sizeof(wtmp_buf), "%s%ld", protocol_name_lc,
       (long) (session.pid ? session.pid : getpid()));
 #else
-    snprintf(sbuf, sizeof(sbuf), "%s%d", protocol_name_lc,
+    snprintf(wtmp_buf, sizeof(wtmp_buf), "%s%d", protocol_name_lc,
       (int) (session.pid ? session.pid : getpid()));
 #endif
-    sbuf[sizeof(sbuf) - 1] = '\0';
+    wtmp_buf[sizeof(wtmp_buf) - 1] = '\0';
 
-    if (session.wtmp_log)
-      log_wtmp(sbuf, "", pr_netaddr_get_sess_remote_name(),
+    if (session.wtmp_log) {
+      log_wtmp(wtmp_buf, "", pr_netaddr_get_sess_remote_name(),
         pr_netaddr_get_sess_remote_addr());
+    }
   }
 
   /* These are necessary in order that cleanups associated with these pools
@@ -573,7 +586,6 @@
   }
 
   protocol_name_lc = lc;
-
   return 0;
 }