Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/libexec/ftpd/conf.c

950 lines
23 KiB
C
Raw Normal View History

debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
/* $NetBSD: conf.c,v 1.57 2006/02/01 14:20:12 christos Exp $ */
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/*-
* Add hidesymlinks configuration option This adds a -L to all ls command arguments so that the file or directory the link references is listed rather than the link itself. This was inspired by IRIX ftpd's -S option. [Discussed with lukem some time ago.] * Crank version.h [right Luke? :-)]
2005-03-04 01:19:47 +03:00
* Copyright (c) 1997-2005 The NetBSD Foundation, Inc.
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Simon Burge and Luke Mewburn.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the NetBSD
* Foundation, Inc. and its contributors.
* 4. Neither the name of The NetBSD Foundation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
Fix files using old TNF copyright notice
1997-07-31 04:08:03 +04:00
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#include <sys/cdefs.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#ifndef lint
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
__RCSID("$NetBSD: conf.c,v 1.57 2006/02/01 14:20:12 christos Exp $");
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#endif /* not lint */
#include <sys/types.h>
#include <sys/param.h>
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
#include <sys/socket.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include <sys/stat.h>
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
#include <ctype.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include <errno.h>
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
#include <fcntl.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include <glob.h>
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
#include <netdb.h>
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
#include <signal.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include <stdio.h>
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#include <stdlib.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include <string.h>
#include <stringlist.h>
#include <syslog.h>
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
#include <time.h>
#include <unistd.h>
#include <util.h>
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
Make this build with KERBEROS5 defined.
1999-02-24 19:45:13 +03:00
#ifdef KERBEROS5
more kerberos5 fixes
1999-08-26 00:07:33 +04:00
#include <krb5/krb5.h>
Make this build with KERBEROS5 defined.
1999-02-24 19:45:13 +03:00
#endif
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include "extern.h"
#include "pathnames.h"
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
static char *strend(const char *, char *);
static int filetypematch(char *, int);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* complete fix for `multiple replies returned for single parse error' problem; move `hasyyerrored' state flag out of yylex() so that check_{login,modify} can also set it. * check result of check_login for PORT command * set initial timeout before the "setjmp(); for(;;) yyparse()", otherwise an invalid command after login incorrectly sets the timeout to 5 minutes (rather than what was set in ftpd.conf) * replace (char *)0 with NULL * move yyerror() from ftpd.c to ftpcmd.y * remove need for -Dunix, by using the version string from ftpd.c (instead of `BSD-199506') * move all extern-ed vars into extern.h
1998-09-06 14:39:40 +04:00
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
/* class defaults */
#define DEFAULT_LIMIT -1 /* unlimited connections */
#define DEFAULT_MAXFILESIZE -1 /* unlimited file size */
#define DEFAULT_MAXTIMEOUT 7200 /* 2 hours */
#define DEFAULT_TIMEOUT 900 /* 15 minutes */
Fix comment about DEFAULT_UMASK. Pointed out in private mail by Tetsuya Isaki and Dmitry Sivachenko.
2005-10-03 03:03:04 +04:00
#define DEFAULT_UMASK 027 /* rw-r----- */
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/*
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* Initialise curclass to an `empty' state
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
*/
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
init_curclass(void)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
{
struct ftpconv *conv, *cnext;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
for (conv = curclass.conversions; conv != NULL; conv = cnext) {
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
REASSIGN(conv->suffix, NULL);
REASSIGN(conv->types, NULL);
REASSIGN(conv->disable, NULL);
REASSIGN(conv->command, NULL);
cnext = conv->next;
free(conv);
}
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
memset((char *)&curclass.advertise, 0, sizeof(curclass.advertise));
curclass.advertise.su_len = 0; /* `not used' */
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
REASSIGN(curclass.chroot, NULL);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
REASSIGN(curclass.classname, NULL);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
curclass.conversions = NULL;
REASSIGN(curclass.display, NULL);
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
REASSIGN(curclass.homedir, NULL);
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.limit = DEFAULT_LIMIT;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
REASSIGN(curclass.limitfile, NULL);
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.maxfilesize = DEFAULT_MAXFILESIZE;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.maxrateget = 0;
curclass.maxrateput = 0;
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.maxtimeout = DEFAULT_MAXTIMEOUT;
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
REASSIGN(curclass.motd, ftpd_strdup(_NAME_FTPLOGINMESG));
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
REASSIGN(curclass.notify, NULL);
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
curclass.portmin = 0;
curclass.portmax = 0;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.rateget = 0;
curclass.rateput = 0;
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.timeout = DEFAULT_TIMEOUT;
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
/* curclass.type is set elsewhere */
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.umask = DEFAULT_UMASK;
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
curclass.mmapsize = 0;
curclass.readsize = 0;
curclass.writesize = 0;
curclass.sendbufsize = 0;
curclass.sendlowat = 0;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CURCLASS_FLAGS_SET(checkportcmd);
Add two new ftpd.conf(5) directives: - 'denyquick'; deny a connection so tagged by ftpusers(5) after the USER command instead of the PASS command. whilst this might provide some info leakage of accounts names if you have some `real' or `chroot' users enabled and not others, it does prevent accidental entering of such passwords if you have all such users denied. This option is strongly recommended on anonymous-only servers. Functionality requested by Rob Windsor in [bin/12602] - 'private'; don't display class related information in the output of STAT. For paranoid admins.
2001-12-04 16:54:12 +03:00
CURCLASS_FLAGS_CLR(denyquick);
* Add hidesymlinks configuration option This adds a -L to all ls command arguments so that the file or directory the link references is listed rather than the link itself. This was inspired by IRIX ftpd's -S option. [Discussed with lukem some time ago.] * Crank version.h [right Luke? :-)]
2005-03-04 01:19:47 +03:00
CURCLASS_FLAGS_CLR(hidesymlinks);
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CURCLASS_FLAGS_SET(modify);
CURCLASS_FLAGS_SET(passive);
Add two new ftpd.conf(5) directives: - 'denyquick'; deny a connection so tagged by ftpusers(5) after the USER command instead of the PASS command. whilst this might provide some info leakage of accounts names if you have some `real' or `chroot' users enabled and not others, it does prevent accidental entering of such passwords if you have all such users denied. This option is strongly recommended on anonymous-only servers. Functionality requested by Rob Windsor in [bin/12602] - 'private'; don't display class related information in the output of STAT. For paranoid admins.
2001-12-04 16:54:12 +03:00
CURCLASS_FLAGS_CLR(private);
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CURCLASS_FLAGS_CLR(sanenames);
CURCLASS_FLAGS_SET(upload);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
}
/*
* Parse the configuration file, looking for the named class, and
* define curclass to contain the appropriate settings.
*/
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
parse_conf(const char *findclass)
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
{
FILE *f;
char *buf, *p;
size_t len;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
LLT llval;
int none, match;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
char *endp, errbuf[100];
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
char *class, *word, *arg, *template;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
const char *infile;
size_t line;
struct ftpconv *conv, *cnext;
init_curclass();
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
REASSIGN(curclass.classname, ftpd_strdup(findclass));
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
/* set more guest defaults */
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (strcasecmp(findclass, "guest") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CURCLASS_FLAGS_CLR(modify);
* change checkportcmd syntax to `checkportcmd class [off]' (as per `modify') * display current setting of checkportcmd in STAT * ensure that curclass.checkportcmd is initialised to 0 * document default setting of checkportcmd in ftpd(8) * cleanup code a bit, putting code for "checkportcmd" in alphabetical order
1997-11-11 15:42:24 +03:00
curclass.umask = 0707;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
change _PATH_FOO to _NAME_FOO where FOO is not a path. I'll discuss with luke what is the best way to fix this.
2004-12-11 21:37:26 +03:00
infile = conffilename(_NAME_FTPDCONF);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if ((f = fopen(infile, "r")) == NULL)
return;
line = 0;
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
template = NULL;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
for (;
(buf = fparseln(f, &len, &line, NULL, FPARSELN_UNESCCOMM |
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
FPARSELN_UNESCCONT | FPARSELN_UNESCESC)) != NULL;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
free(buf)) {
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
none = match = 0;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
p = buf;
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
if (len < 1)
continue;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (p[len - 1] == '\n')
p[--len] = '\0';
if (EMPTYSTR(p))
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
NEXTWORD(p, word);
NEXTWORD(p, class);
NEXTWORD(p, arg);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (EMPTYSTR(word) || EMPTYSTR(class))
continue;
if (strcasecmp(class, "none") == 0)
none = 1;
fix problem where ftpd.conf lines would match everything if there was no template defined. noted by Vebjorn Ljosa <ljosa@initio.no>
2000-01-10 11:03:50 +03:00
if (! (strcasecmp(class, findclass) == 0 ||
(template != NULL && strcasecmp(class, template) == 0) ||
none ||
strcasecmp(class, "all") == 0) )
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
#define CONF_FLAG(Field) \
do { \
if (none || \
(!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) \
CURCLASS_FLAGS_CLR(Field); \
else \
CURCLASS_FLAGS_SET(Field); \
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
} while (0)
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
#define CONF_STRING(Field) \
do { \
if (none || EMPTYSTR(arg)) \
arg = NULL; \
else \
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
arg = ftpd_strdup(arg); \
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
REASSIGN(curclass.Field, arg); \
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
} while (0)
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
#define CONF_LL(Field,Arg,Min,Max) \
do { \
if (none || EMPTYSTR(Arg)) \
goto nextline; \
llval = strsuftollx(#Field, Arg, Min, Max, \
errbuf, sizeof(errbuf)); \
if (errbuf[0]) { \
syslog(LOG_WARNING, "%s line %d: %s", \
infile, (int)line, errbuf); \
goto nextline; \
} \
curclass.Field = llval; \
Added CONF_LL macro, which understands raw 'strsuftoll' conf variables.
2002-06-18 13:59:47 +04:00
} while(0)
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
if (0) {
/* no-op */
s/tise/tize/ in docco, add "advertize" as synonym for "advertise"
2001-06-26 23:30:44 +04:00
} else if ((strcasecmp(word, "advertise") == 0)
|| (strcasecmp(word, "advertize") == 0)) {
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
struct addrinfo hints, *res;
int error;
memset((char *)&curclass.advertise, 0,
sizeof(curclass.advertise));
curclass.advertise.su_len = 0;
if (none || EMPTYSTR(arg))
continue;
res = NULL;
memset(&hints, 0, sizeof(hints));
/*
* only get addresses of the family
* that we're listening on
*/
hints.ai_family = ctrl_addr.su_family;
hints.ai_socktype = SOCK_STREAM;
error = getaddrinfo(arg, "0", &hints, &res);
if (error) {
syslog(LOG_WARNING, "%s line %d: %s",
infile, (int)line, gai_strerror(error));
advertiseparsefail:
if (res)
freeaddrinfo(res);
continue;
}
if (res->ai_next) {
syslog(LOG_WARNING,
"%s line %d: multiple addresses returned for `%s'; please be more specific",
infile, (int)line, arg);
goto advertiseparsefail;
}
if (sizeof(curclass.advertise) < res->ai_addrlen || (
#ifdef INET6
res->ai_family != AF_INET6 &&
#endif
res->ai_family != AF_INET)) {
syslog(LOG_WARNING,
"%s line %d: unsupported protocol %d for `%s'",
infile, (int)line, res->ai_family, arg);
goto advertiseparsefail;
}
memcpy(&curclass.advertise, res->ai_addr,
res->ai_addrlen);
curclass.advertise.su_len = res->ai_addrlen;
freeaddrinfo(res);
} else if (strcasecmp(word, "checkportcmd") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_FLAG(checkportcmd);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
} else if (strcasecmp(word, "chroot") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_STRING(chroot);
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
} else if (strcasecmp(word, "classtype") == 0) {
if (!none && !EMPTYSTR(arg)) {
if (strcasecmp(arg, "GUEST") == 0)
curclass.type = CLASS_GUEST;
else if (strcasecmp(arg, "CHROOT") == 0)
curclass.type = CLASS_CHROOT;
else if (strcasecmp(arg, "REAL") == 0)
curclass.type = CLASS_REAL;
else {
syslog(LOG_WARNING,
"%s line %d: unknown class type `%s'",
infile, (int)line, arg);
continue;
}
}
* change checkportcmd syntax to `checkportcmd class [off]' (as per `modify') * display current setting of checkportcmd in STAT * ensure that curclass.checkportcmd is initialised to 0 * document default setting of checkportcmd in ftpd(8) * cleanup code a bit, putting code for "checkportcmd" in alphabetical order
1997-11-11 15:42:24 +03:00
} else if (strcasecmp(word, "conversion") == 0) {
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
char *suffix, *types, *disable, *convcmd;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (EMPTYSTR(arg)) {
syslog(LOG_WARNING,
"%s line %d: %s requires a suffix",
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
infile, (int)line, word);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue; /* need a suffix */
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
NEXTWORD(p, types);
NEXTWORD(p, disable);
convcmd = p;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (convcmd)
convcmd += strspn(convcmd, " \t");
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
suffix = ftpd_strdup(arg);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (none || EMPTYSTR(types) ||
EMPTYSTR(disable) || EMPTYSTR(convcmd)) {
types = NULL;
disable = NULL;
convcmd = NULL;
} else {
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
types = ftpd_strdup(types);
disable = ftpd_strdup(disable);
convcmd = ftpd_strdup(convcmd);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
for (conv = curclass.conversions; conv != NULL;
conv = conv->next) {
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
if (strcmp(conv->suffix, suffix) == 0)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
break;
}
if (conv == NULL) {
conv = (struct ftpconv *)
calloc(1, sizeof(struct ftpconv));
if (conv == NULL) {
syslog(LOG_WARNING, "can't malloc");
continue;
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
conv->next = NULL;
for (cnext = curclass.conversions;
cnext != NULL; cnext = cnext->next)
if (cnext->next == NULL)
break;
if (cnext != NULL)
cnext->next = conv;
else
curclass.conversions = conv;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
REASSIGN(conv->suffix, suffix);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
REASSIGN(conv->types, types);
REASSIGN(conv->disable, disable);
REASSIGN(conv->command, convcmd);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
Add two new ftpd.conf(5) directives: - 'denyquick'; deny a connection so tagged by ftpusers(5) after the USER command instead of the PASS command. whilst this might provide some info leakage of accounts names if you have some `real' or `chroot' users enabled and not others, it does prevent accidental entering of such passwords if you have all such users denied. This option is strongly recommended on anonymous-only servers. Functionality requested by Rob Windsor in [bin/12602] - 'private'; don't display class related information in the output of STAT. For paranoid admins.
2001-12-04 16:54:12 +03:00
} else if (strcasecmp(word, "denyquick") == 0) {
CONF_FLAG(denyquick);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "display") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_STRING(display);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* Add hidesymlinks configuration option This adds a -L to all ls command arguments so that the file or directory the link references is listed rather than the link itself. This was inspired by IRIX ftpd's -S option. [Discussed with lukem some time ago.] * Crank version.h [right Luke? :-)]
2005-03-04 01:19:47 +03:00
} else if (strcasecmp(word, "hidesymlinks") == 0) {
CONF_FLAG(hidesymlinks);
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
} else if (strcasecmp(word, "homedir") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_STRING(homedir);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
} else if (strcasecmp(word, "limit") == 0) {
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.limit = DEFAULT_LIMIT;
REASSIGN(curclass.limitfile, NULL);
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(limit, arg, -1, LLTMAX);
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
REASSIGN(curclass.limitfile,
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
EMPTYSTR(p) ? NULL : ftpd_strdup(p));
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
} else if (strcasecmp(word, "maxfilesize") == 0) {
curclass.maxfilesize = DEFAULT_MAXFILESIZE;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(maxfilesize, arg, -1, LLTMAX);
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "maxtimeout") == 0) {
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.maxtimeout = DEFAULT_MAXTIMEOUT;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(maxtimeout, arg,
MIN(30, curclass.timeout), LLTMAX);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
} else if (strcasecmp(word, "mmapsize") == 0) {
curclass.mmapsize = 0;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(mmapsize, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
} else if (strcasecmp(word, "readsize") == 0) {
curclass.readsize = 0;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(readsize, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
} else if (strcasecmp(word, "writesize") == 0) {
curclass.writesize = 0;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(writesize, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
* Add recvbufsize configuration option This allows for setting the passive socket's SO_RCVBUF. Option works similarly to the current sendbufsize configuration option. * Change how recveive_data() works When reading data from the socket for passive transfers to the server, receive_data() now works very similar to send_data_with_read(). Reads from the network are now done using either the filesystem block size or the configuration option readsize chunks. * Crank version.h [Changes discussed with lukem.]
2005-08-24 19:51:41 +04:00
} else if (strcasecmp(word, "recvbufsize") == 0) {
curclass.recvbufsize = 0;
CONF_LL(recvbufsize, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
} else if (strcasecmp(word, "sendbufsize") == 0) {
curclass.sendbufsize = 0;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(sendbufsize, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
} else if (strcasecmp(word, "sendlowat") == 0) {
curclass.sendlowat = 0;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(sendlowat, arg, 0, LLTMAX);
Add optional mmap(2)/write(2) support for binary file transfer. The default is read(2)/write(2). Note that the sosend_loan needs some more work for better performance when a file isn't cached.
2002-05-30 04:24:47 +04:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "modify") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_FLAG(modify);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
} else if (strcasecmp(word, "motd") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_STRING(motd);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "notify") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_STRING(notify);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
Add the ability to disable passive connects in ftpd.conf (breaks RFC1123, STD3, but needed in some firewall environments).
1998-07-01 00:18:52 +04:00
} else if (strcasecmp(word, "passive") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_FLAG(passive);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
} else if (strcasecmp(word, "portrange") == 0) {
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
long minport, maxport;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.portmin = 0;
curclass.portmax = 0;
if (none || EMPTYSTR(arg))
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
continue;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
if (EMPTYSTR(p)) {
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
syslog(LOG_WARNING,
"%s line %d: missing maxport argument",
infile, (int)line);
continue;
}
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
minport = strsuftollx("minport", arg, IPPORT_RESERVED,
IPPORT_ANONMAX, errbuf, sizeof(errbuf));
if (errbuf[0]) {
syslog(LOG_WARNING, "%s line %d: %s",
infile, (int)line, errbuf);
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
continue;
}
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
maxport = strsuftollx("maxport", p, IPPORT_RESERVED,
IPPORT_ANONMAX, errbuf, sizeof(errbuf));
if (errbuf[0]) {
syslog(LOG_WARNING, "%s line %d: %s",
infile, (int)line, errbuf);
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
continue;
}
if (minport >= maxport) {
syslog(LOG_WARNING,
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
"%s line %d: minport %ld >= maxport %ld",
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
infile, (int)line, minport, maxport);
continue;
}
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
curclass.portmin = (int)minport;
curclass.portmax = (int)maxport;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
Add two new ftpd.conf(5) directives: - 'denyquick'; deny a connection so tagged by ftpusers(5) after the USER command instead of the PASS command. whilst this might provide some info leakage of accounts names if you have some `real' or `chroot' users enabled and not others, it does prevent accidental entering of such passwords if you have all such users denied. This option is strongly recommended on anonymous-only servers. Functionality requested by Rob Windsor in [bin/12602] - 'private'; don't display class related information in the output of STAT. For paranoid admins.
2001-12-04 16:54:12 +03:00
} else if (strcasecmp(word, "private") == 0) {
CONF_FLAG(private);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
} else if (strcasecmp(word, "rateget") == 0) {
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
curclass.maxrateget = curclass.rateget = 0;
CONF_LL(rateget, arg, 0, LLTMAX);
curclass.maxrateget = curclass.rateget;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
} else if (strcasecmp(word, "rateput") == 0) {
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
curclass.maxrateput = curclass.rateput = 0;
CONF_LL(rateput, arg, 0, LLTMAX);
curclass.maxrateput = curclass.rateput;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
} else if (strcasecmp(word, "sanenames") == 0) {
CONF_FLAG(sanenames);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "timeout") == 0) {
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.timeout = DEFAULT_TIMEOUT;
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
CONF_LL(timeout, arg, 30, curclass.maxtimeout);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
} else if (strcasecmp(word, "template") == 0) {
if (none)
continue;
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
REASSIGN(template, EMPTYSTR(arg) ? NULL : ftpd_strdup(arg));
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else if (strcasecmp(word, "umask") == 0) {
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
u_long fumask;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
curclass.umask = DEFAULT_UMASK;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (none || EMPTYSTR(arg))
continue;
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
errno = 0;
endp = NULL;
fumask = strtoul(arg, &endp, 8);
if (errno || *arg == '\0' || *endp != '\0' ||
fumask > 0777) {
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
syslog(LOG_WARNING,
"%s line %d: invalid umask %s",
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
infile, (int)line, arg);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue;
}
audit use of strto* - beware of ERANGE, as well as typecast on result.
2002-11-16 06:10:34 +03:00
curclass.umask = (mode_t)fumask;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
} else if (strcasecmp(word, "upload") == 0) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
CONF_FLAG(upload);
if (! CURCLASS_FLAGS_ISSET(upload))
CURCLASS_FLAGS_CLR(modify);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
} else {
syslog(LOG_WARNING,
"%s line %d: unknown directive '%s'",
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
infile, (int)line, word);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue;
}
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
nextline:
;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
REASSIGN(template, NULL);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
fclose(f);
}
/*
* Show file listed in curclass.display first time in, and list all the
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
* files named in curclass.notify in the current directory.
* Send back responses with the prefix `code' + "-".
* If code == -1, flush the internal cache of directory names and return.
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
*/
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
show_chdir_messages(int code)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
{
static StringList *slist = NULL;
struct stat st;
struct tm *t;
glob_t gl;
time_t now, then;
int age;
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
char curwd[MAXPATHLEN];
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
char *cp, **rlist;
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
if (code == -1) {
if (slist != NULL)
sl_free(slist, 1);
slist = NULL;
return;
}
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
if (quietmessages)
return;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/* Setup list for directory cache */
if (slist == NULL)
slist = sl_init();
check return val of sl_init() and sl_add()
1999-11-28 07:38:41 +03:00
if (slist == NULL) {
syslog(LOG_WARNING, "can't allocate memory for stringlist");
return;
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/* Check if this directory has already been visited */
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
if (getcwd(curwd, sizeof(curwd) - 1) == NULL) {
Show/log the strerror(errno) string when getcwd fails
1998-06-03 17:21:42 +04:00
syslog(LOG_WARNING, "can't getcwd: %s", strerror(errno));
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
return;
}
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
if (sl_find(slist, curwd) != NULL)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
return;
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
cp = ftpd_strdup(curwd);
check return val of sl_init() and sl_add()
1999-11-28 07:38:41 +03:00
if (sl_add(slist, cp) == -1)
syslog(LOG_WARNING, "can't add `%s' to stringlist", cp);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/* First check for a display file */
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
(void)display_file(curclass.display, code);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/* Now see if there are any notify files */
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (EMPTYSTR(curclass.notify))
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
return;
a few changes from Mike Heffner <mheffner@vt.edu> in private email: - totally clear a glob buffer before use, because FreeBSD depends on some of the other fields being cleared (other than just gl_offs) - in strend(), ensure that the source string isn't too large - remove unnecessarily complicated sizing of proctitle, since snprintf() will truncate it anyway
2001-09-19 04:50:52 +04:00
memset(&gl, 0, sizeof(gl));
Enable GLOB_BRACE for ftpd.conf(5)'s `notify' directive. Now it's much easier to list multiple files...
2002-10-03 06:56:47 +04:00
if (glob(curclass.notify, GLOB_BRACE|GLOB_LIMIT, NULL, &gl) != 0
don't leak globbed memory.
2001-03-19 01:42:22 +03:00
|| gl.gl_matchc == 0) {
globfree(&gl);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
return;
don't leak globbed memory.
2001-03-19 01:42:22 +03:00
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
time(&now);
for (rlist = gl.gl_pathv; *rlist != NULL; rlist++) {
if (stat(*rlist, &st) != 0)
continue;
Use S_IS*(), not S_IF*.
1997-10-19 22:15:23 +04:00
if (!S_ISREG(st.st_mode))
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
continue;
then = st.st_mtime;
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
if (code != 0) {
More -Wformat cleanups.
2000-07-09 06:24:30 +04:00
reply(-code, "%s", "");
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
code = 0;
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-code, "Please read the file %s", *rlist);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
t = localtime(&now);
age = 365 * t->tm_year + t->tm_yday;
t = localtime(&then);
age -= 365 * t->tm_year + t->tm_yday;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-code, " it was last modified on %.24s - %d day%s ago",
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
ctime(&then), age, PLURAL(age));
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
globfree(&gl);
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
int
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
display_file(const char *file, int code)
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
{
FILE *f;
Initialize a pointer needed when expanding the %C "display file escape sequence".
2001-05-26 03:40:25 +04:00
char *buf, *p;
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
char curwd[MAXPATHLEN];
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
size_t len;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
off_t lastnum;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
time_t now;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
lastnum = 0;
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
if (quietmessages)
return (0);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (EMPTYSTR(file))
return(0);
if ((f = fopen(file, "r")) == NULL)
return (0);
More -Wformat cleanups.
2000-07-09 06:24:30 +04:00
reply(-code, "%s", "");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
for (;
(buf = fparseln(f, &len, NULL, "\0\0\0", 0)) != NULL; free(buf)) {
if (len > 0)
if (buf[len - 1] == '\n')
buf[--len] = '\0';
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, " ");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
for (p = buf; *p; p++) {
if (*p == '%') {
p++;
switch (*p) {
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
case 'c':
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "%s",
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
curclass.classname ?
curclass.classname : "<unknown>");
break;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'C':
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
if (getcwd(curwd, sizeof(curwd)-1)
== NULL){
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
syslog(LOG_WARNING,
"can't getcwd: %s",
strerror(errno));
continue;
}
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5) - enable WARNS=2
2001-12-01 13:25:29 +03:00
cprintf(stdout, "%s", curwd);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'E':
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (! EMPTYSTR(emailaddr))
cprintf(stdout, "%s",
emailaddr);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'L':
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "%s", hostname);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
case 'M':
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (curclass.limit == -1) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "unlimited");
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
lastnum = 0;
} else {
- convert to using libc's strsuftoll(3) - use LLT (aka 'long long type') for all numeric class parameters - improve description of various ftpd.conf(5) options - statcmd(): print out: mmapsize readsize writesize sendbufsize sendlowat
2002-11-29 17:39:59 +03:00
cprintf(stdout, LLF,
(LLT)curclass.limit);
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
lastnum = curclass.limit;
}
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
break;
case 'N':
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
cprintf(stdout, "%d", connections);
lastnum = connections;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
break;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'R':
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "%s", remotehost);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
case 's':
if (lastnum != 1)
cprintf(stdout, "s");
break;
case 'S':
if (lastnum != 1)
cprintf(stdout, "S");
break;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'T':
now = time(NULL);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "%.24s", ctime(&now));
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case 'U':
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "%s",
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
pw ? pw->pw_name : "<unknown>");
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case '%':
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
CPUTC('%', stdout);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
} else
CPUTC(*p, stdout);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "\r\n");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
}
(void)fflush(stdout);
(void)fclose(f);
return (1);
}
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
/*
* Parse src, expanding '%' escapes, into dst (which must be at least
* MAXPATHLEN long).
*/
void
format_path(char *dst, const char *src)
{
size_t len;
const char *p;
dst[0] = '\0';
len = 0;
if (src == NULL)
return;
for (p = src; *p && len < MAXPATHLEN; p++) {
if (*p == '%') {
p++;
switch (*p) {
case 'c':
len += strlcpy(dst + len, curclass.classname,
MAXPATHLEN - len);
break;
case 'd':
len += strlcpy(dst + len, pw->pw_dir,
MAXPATHLEN - len);
break;
case 'u':
len += strlcpy(dst + len, pw->pw_name,
MAXPATHLEN - len);
break;
case '%':
dst[len++] = '%';
break;
}
} else
dst[len++] = *p;
}
if (len < MAXPATHLEN)
dst[len] = '\0';
dst[MAXPATHLEN - 1] = '\0';
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
/*
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
* Find s2 at the end of s1. If found, return a string up to (but
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* not including) s2, otherwise returns NULL.
*/
static char *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
strend(const char *s1, char *s2)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
{
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
static char buf[MAXPATHLEN];
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
char *start;
size_t l1, l2;
l1 = strlen(s1);
l2 = strlen(s2);
a few changes from Mike Heffner <mheffner@vt.edu> in private email: - totally clear a glob buffer before use, because FreeBSD depends on some of the other fields being cleared (other than just gl_offs) - in strend(), ensure that the source string isn't too large - remove unnecessarily complicated sizing of proctitle, since snprintf() will truncate it anyway
2001-09-19 04:50:52 +04:00
if (l2 >= l1 || l1 >= sizeof(buf))
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
return(NULL);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
strlcpy(buf, s1, sizeof(buf));
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
start = buf + (l1 - l2);
if (strcmp(start, s2) == 0) {
*start = '\0';
return(buf);
} else
return(NULL);
}
static int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
filetypematch(char *types, int mode)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
{
for ( ; types[0] != '\0'; types++)
switch (*types) {
case 'd':
if (S_ISDIR(mode))
return(1);
break;
case 'f':
if (S_ISREG(mode))
return(1);
break;
}
return(0);
}
/*
* Look for a conversion. If we succeed, return a pointer to the
* command to execute for the conversion.
*
* The command is stored in a static array so there's no memory
* leak problems, and not too much to change in ftpd.c. This
* routine doesn't need to be re-entrant unless we start using a
* multi-threaded ftpd, and that's not likely for a while...
*/
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
char **
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
do_conversion(const char *fname)
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
{
struct ftpconv *cp;
struct stat st;
int o_errno;
missed some warnings.
1997-06-23 02:33:12 +04:00
char *base = NULL;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
char *cmd, *p, *lp, **argv;
StringList *sl;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
o_errno = errno;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
sl = NULL;
cmd = NULL;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
for (cp = curclass.conversions; cp != NULL; cp = cp->next) {
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
if (cp->suffix == NULL) {
syslog(LOG_WARNING,
"cp->suffix==NULL in conv list; SHOULDN'T HAPPEN!");
continue;
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if ((base = strend(fname, cp->suffix)) == NULL)
continue;
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
if (cp->types == NULL || cp->disable == NULL ||
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
cp->command == NULL)
continue;
/* Is it enabled? */
if (strcmp(cp->disable, ".") != 0 &&
stat(cp->disable, &st) == 0)
continue;
/* Does the base exist? */
if (stat(base, &st) < 0)
continue;
/* Is the file type ok */
if (!filetypematch(cp->types, st.st_mode))
continue;
break; /* "We have a winner!" */
}
/* If we got through the list, no conversion */
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (cp == NULL)
goto cleanup_do_conv;
/* Split up command into an argv */
if ((sl = sl_init()) == NULL)
goto cleanup_do_conv;
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
cmd = ftpd_strdup(cp->command);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
p = cmd;
while (p) {
NEXTWORD(p, lp);
if (strcmp(lp, "%s") == 0)
lp = base;
debug -> ftpd_debug xstrdup -> ftpd_strdup
2006-02-01 17:20:12 +03:00
if (sl_add(sl, ftpd_strdup(lp)) == -1)
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
goto cleanup_do_conv;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (sl_add(sl, NULL) == -1)
goto cleanup_do_conv;
argv = sl->sl_str;
free(cmd);
free(sl);
return(argv);
cleanup_do_conv:
if (sl)
sl_free(sl, 1);
free(cmd);
errno = o_errno;
return(NULL);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* new ftpd.conf directive: template class [refclass] following directives for refclass will apply to class as well. this makes setting up a `template' class with many default settings easy, whilst allowing for class-specific overrides * prevent crash when the optional limitfile wasn't given to limit * document count_users() * document default setting of limit in ftpd.conf(5) * crank version
2000-01-09 13:08:45 +03:00
/*
* Count the number of current connections, reading from
* /var/run/ftpd.pids-<class>
* Does a kill -0 on each pid in that file, and only counts
* processes that exist (or frees the slot if it doesn't).
* Adds getpid() to the first free slot. Truncates the file
* if possible.
*/
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
count_users(void)
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
{
char fn[MAXPATHLEN];
int fd, i, last;
size_t count;
pid_t *pids, mypid;
struct stat sb;
(void)strlcpy(fn, _PATH_CLASSPIDS, sizeof(fn));
(void)strlcat(fn, curclass.classname, sizeof(fn));
pids = NULL;
connections = 1;
changes to improve portability: * replace union sockunion {} with struct sockinet {}, and modify the code accordingly. this is possibly more portable, as it doesn't rely upon the structure alignment within the union for our own stuff. uses local su_len unless HAVE_SOCKADDR_SA_LEN is defined (set ifdef BSD4_4) (XXX: haven't tested the ipv6 stuff) * always use getaddrinfo() and getnameinfo() instead of maintaining two code paths. (lukemftpd will provide replacements for these on older systems) * use lockf() instead of open(.., O_EXLOCK) to lock the pid file * minor KNF * clean up long long support: create helper #defines and use as appropriate: #define NO_LONG_LONG ! NO_LONG_LONG ------- ------------ -------------- LLF "%ld" "%lld" LLFP(x) "%" x "ld" "%" x "lld" LLT long long long ULLF "%lu" "%llu" ULLFP(x) "%" x "lu" "%" x "llu" ULLT unsigned long unsigned long long STRTOLL(x,y,z) strtol(x,y,z) strtoll(x,y,z)
2000-11-15 05:32:30 +03:00
if ((fd = open(fn, O_RDWR | O_CREAT, 0600)) == -1)
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
return;
changes to improve portability: * replace union sockunion {} with struct sockinet {}, and modify the code accordingly. this is possibly more portable, as it doesn't rely upon the structure alignment within the union for our own stuff. uses local su_len unless HAVE_SOCKADDR_SA_LEN is defined (set ifdef BSD4_4) (XXX: haven't tested the ipv6 stuff) * always use getaddrinfo() and getnameinfo() instead of maintaining two code paths. (lukemftpd will provide replacements for these on older systems) * use lockf() instead of open(.., O_EXLOCK) to lock the pid file * minor KNF * clean up long long support: create helper #defines and use as appropriate: #define NO_LONG_LONG ! NO_LONG_LONG ------- ------------ -------------- LLF "%ld" "%lld" LLFP(x) "%" x "ld" "%" x "lld" LLT long long long ULLF "%lu" "%llu" ULLFP(x) "%" x "lu" "%" x "llu" ULLT unsigned long unsigned long long STRTOLL(x,y,z) strtol(x,y,z) strtoll(x,y,z)
2000-11-15 05:32:30 +03:00
if (lockf(fd, F_TLOCK, 0) == -1)
goto cleanup_count;
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
if (fstat(fd, &sb) == -1)
goto cleanup_count;
if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL)
goto cleanup_count;
count = read(fd, pids, sb.st_size);
if (count < 0 || count != sb.st_size)
goto cleanup_count;
count /= sizeof(pid_t);
mypid = getpid();
last = 0;
for (i = 0; i < count; i++) {
if (pids[i] == 0)
continue;
if (kill(pids[i], 0) == -1 && errno != EPERM) {
if (mypid != 0) {
pids[i] = mypid;
mypid = 0;
last = i;
}
} else {
connections++;
last = i;
}
}
if (mypid != 0) {
if (pids[last] != 0)
last++;
pids[last] = mypid;
}
count = (last + 1) * sizeof(pid_t);
if (lseek(fd, 0, SEEK_SET) == -1)
goto cleanup_count;
if (write(fd, pids, count) == -1)
goto cleanup_count;
(void)ftruncate(fd, count);
cleanup_count:
changes to improve portability: * replace union sockunion {} with struct sockinet {}, and modify the code accordingly. this is possibly more portable, as it doesn't rely upon the structure alignment within the union for our own stuff. uses local su_len unless HAVE_SOCKADDR_SA_LEN is defined (set ifdef BSD4_4) (XXX: haven't tested the ipv6 stuff) * always use getaddrinfo() and getnameinfo() instead of maintaining two code paths. (lukemftpd will provide replacements for these on older systems) * use lockf() instead of open(.., O_EXLOCK) to lock the pid file * minor KNF * clean up long long support: create helper #defines and use as appropriate: #define NO_LONG_LONG ! NO_LONG_LONG ------- ------------ -------------- LLF "%ld" "%lld" LLFP(x) "%" x "ld" "%" x "lld" LLT long long long ULLF "%lu" "%llu" ULLFP(x) "%" x "lu" "%" x "llu" ULLT unsigned long unsigned long long STRTOLL(x,y,z) strtol(x,y,z) strtoll(x,y,z)
2000-11-15 05:32:30 +03:00
if (lseek(fd, 0, SEEK_SET) != -1)
(void)lockf(fd, F_ULOCK, 0);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
close(fd);
REASSIGN(pids, NULL);
}