2001-04-10 05:41:18 +04:00
|
|
|
/* $NetBSD: ftpcmd.y,v 1.61 2001/04/10 01:41:18 itojun Exp $ */
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
|
|
|
|
/*-
|
2000-06-14 17:44:21 +04:00
|
|
|
* Copyright (c) 1997-2000 The NetBSD Foundation, Inc.
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* This code is derived from software contributed to The NetBSD Foundation
|
|
|
|
* by Luke Mewburn.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the NetBSD
|
|
|
|
* Foundation, Inc. and its contributors.
|
|
|
|
* 4. Neither the name of The NetBSD Foundation nor the names of its
|
|
|
|
* contributors may be used to endorse or promote products derived
|
|
|
|
* from this software without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
1995-04-11 06:44:45 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
1994-06-29 05:49:37 +04:00
|
|
|
* Copyright (c) 1985, 1988, 1993, 1994
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
1993-03-21 12:45:37 +03:00
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the University of
|
|
|
|
* California, Berkeley and its contributors.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
1994-06-29 05:49:37 +04:00
|
|
|
* @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Grammar for FTP commands.
|
|
|
|
* See RFC 959.
|
|
|
|
*/
|
|
|
|
|
|
|
|
%{
|
1997-06-18 23:05:46 +04:00
|
|
|
#include <sys/cdefs.h>
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
#ifndef lint
|
1995-04-11 06:44:45 +04:00
|
|
|
#if 0
|
1994-06-29 05:49:37 +04:00
|
|
|
static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94";
|
1995-04-11 06:44:45 +04:00
|
|
|
#else
|
2001-04-10 05:41:18 +04:00
|
|
|
__RCSID("$NetBSD: ftpcmd.y,v 1.61 2001/04/10 01:41:18 itojun Exp $");
|
1995-04-11 06:44:45 +04:00
|
|
|
#endif
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif /* not lint */
|
|
|
|
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/stat.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <arpa/ftp.h>
|
1997-11-11 08:48:03 +03:00
|
|
|
#include <arpa/inet.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
|
|
|
|
#include <ctype.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <glob.h>
|
1993-03-21 12:45:37 +03:00
|
|
|
#include <pwd.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
#include <setjmp.h>
|
|
|
|
#include <signal.h>
|
1993-03-21 12:45:37 +03:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
#include <syslog.h>
|
|
|
|
#include <time.h>
|
1998-05-21 04:09:32 +04:00
|
|
|
#include <tzfile.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
#include <unistd.h>
|
1999-07-02 09:52:14 +04:00
|
|
|
#include <netdb.h>
|
1994-06-29 05:49:37 +04:00
|
|
|
|
1999-02-24 19:45:13 +03:00
|
|
|
#ifdef KERBEROS5
|
1999-08-25 20:23:52 +04:00
|
|
|
#include <krb5/krb5.h>
|
1999-02-24 19:45:13 +03:00
|
|
|
#endif
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
#include "extern.h"
|
2000-03-05 09:12:19 +03:00
|
|
|
#include "version.h"
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
static int cmd_type;
|
|
|
|
static int cmd_form;
|
|
|
|
static int cmd_bytesz;
|
2000-01-13 01:39:27 +03:00
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
char cbuf[FTP_BUFLEN];
|
|
|
|
char *cmdp;
|
1993-03-21 12:45:37 +03:00
|
|
|
char *fromname;
|
1998-12-28 07:54:00 +03:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
%}
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
%union {
|
|
|
|
int i;
|
|
|
|
char *s;
|
|
|
|
}
|
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
%token
|
|
|
|
A B C E F I
|
|
|
|
L N P R S T
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
SP CRLF COMMA
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
USER PASS ACCT CWD CDUP SMNT
|
|
|
|
QUIT REIN PORT PASV TYPE STRU
|
|
|
|
MODE RETR STOR STOU APPE ALLO
|
|
|
|
REST RNFR RNTO ABOR DELE RMD
|
|
|
|
MKD PWD LIST NLST SITE SYST
|
|
|
|
STAT HELP NOOP
|
|
|
|
|
1999-02-06 00:40:49 +03:00
|
|
|
AUTH ADAT PROT PBSZ CCC MIC
|
|
|
|
CONF ENC
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
FEAT OPTS
|
1998-09-05 21:33:00 +04:00
|
|
|
|
2000-06-14 17:44:21 +04:00
|
|
|
SIZE MDTM MLST MLSD
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1999-07-02 09:52:14 +04:00
|
|
|
LPRT LPSV EPRT EPSV
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
MAIL MLFL MRCP MRSQ MSAM MSND
|
|
|
|
MSOM
|
|
|
|
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
CHMOD IDLE RATEGET RATEPUT UMASK
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
LEXERR
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
%token <s> STRING
|
1999-07-02 09:52:14 +04:00
|
|
|
%token <s> ALL
|
1994-06-29 05:49:37 +04:00
|
|
|
%token <i> NUMBER
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
%type <i> check_login octal_number byte_size
|
1999-02-06 00:40:49 +03:00
|
|
|
%type <i> struct_code mode_code type_code form_code decimal_integer
|
1994-06-29 05:49:37 +04:00
|
|
|
%type <s> pathstring pathname password username
|
1999-02-06 00:40:49 +03:00
|
|
|
%type <s> mechanism_name base64data prot_code
|
1994-06-29 05:49:37 +04:00
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
%start cmd_sel
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
%%
|
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
cmd_sel
|
|
|
|
: cmd
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1998-09-06 14:39:40 +04:00
|
|
|
fromname = NULL;
|
1993-03-21 12:45:37 +03:00
|
|
|
restart_point = (off_t) 0;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
| rcmd
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
cmd
|
1998-09-07 12:11:20 +04:00
|
|
|
/* RFC 959 */
|
1994-06-29 05:49:37 +04:00
|
|
|
: USER SP username CRLF
|
|
|
|
{
|
|
|
|
user($3);
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| PASS SP password CRLF
|
|
|
|
{
|
|
|
|
pass($3);
|
1999-12-18 08:51:34 +03:00
|
|
|
memset($3, 0, strlen($3));
|
1994-06-29 05:49:37 +04:00
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
|
|
|
| CWD check_login CRLF
|
|
|
|
{
|
|
|
|
if ($2)
|
2000-07-17 06:30:52 +04:00
|
|
|
cwd(homedir);
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| CWD check_login SP pathname CRLF
|
|
|
|
{
|
|
|
|
if ($2 && $4 != NULL)
|
|
|
|
cwd($4);
|
|
|
|
if ($4 != NULL)
|
|
|
|
free($4);
|
|
|
|
}
|
|
|
|
|
|
|
|
| CDUP check_login CRLF
|
|
|
|
{
|
|
|
|
if ($2)
|
|
|
|
cwd("..");
|
|
|
|
}
|
|
|
|
|
|
|
|
| QUIT CRLF
|
|
|
|
{
|
1999-05-17 19:14:53 +04:00
|
|
|
if (logged_in) {
|
2000-07-08 22:24:28 +04:00
|
|
|
reply(-221, "%s", "");
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
reply(0,
|
2000-11-15 05:32:30 +03:00
|
|
|
"Data traffic for this session was " LLF " byte%s in " LLF " file%s.",
|
|
|
|
(LLT)total_data, PLURAL(total_data),
|
|
|
|
(LLT)total_files, PLURAL(total_files));
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
reply(0,
|
2000-11-15 05:32:30 +03:00
|
|
|
"Total traffic for this session was " LLF " byte%s in " LLF " transfer%s.",
|
|
|
|
(LLT)total_bytes, PLURAL(total_bytes),
|
|
|
|
(LLT)total_xfers, PLURAL(total_xfers));
|
1999-05-26 17:30:10 +04:00
|
|
|
}
|
|
|
|
reply(221,
|
|
|
|
"Thank you for using the FTP service on %s.",
|
|
|
|
hostname);
|
2000-12-18 05:32:50 +03:00
|
|
|
if (logged_in && logging) {
|
1999-05-17 19:14:53 +04:00
|
|
|
syslog(LOG_INFO,
|
2000-11-15 05:32:30 +03:00
|
|
|
"Data traffic: " LLF " byte%s in " LLF " file%s",
|
|
|
|
(LLT)total_data, PLURAL(total_data),
|
|
|
|
(LLT)total_files, PLURAL(total_files));
|
1999-05-17 19:14:53 +04:00
|
|
|
syslog(LOG_INFO,
|
2000-11-15 05:32:30 +03:00
|
|
|
"Total traffic: " LLF " byte%s in " LLF " transfer%s",
|
|
|
|
(LLT)total_bytes, PLURAL(total_bytes),
|
|
|
|
(LLT)total_xfers, PLURAL(total_xfers));
|
1999-05-17 19:14:53 +04:00
|
|
|
}
|
1999-05-26 17:30:10 +04:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
dologout(0);
|
|
|
|
}
|
|
|
|
|
1997-11-11 08:48:03 +03:00
|
|
|
| PORT check_login SP host_port CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
if ($2)
|
|
|
|
port_check("PORT", AF_INET);
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
|
1999-07-12 00:03:41 +04:00
|
|
|
| LPRT check_login SP host_long_port4 CRLF
|
1999-07-02 09:52:14 +04:00
|
|
|
{
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
if ($2)
|
|
|
|
port_check("LPRT", AF_INET);
|
1999-07-12 00:03:41 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| LPRT check_login SP host_long_port6 CRLF
|
|
|
|
{
|
2000-11-28 12:31:29 +03:00
|
|
|
#ifdef INET6
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
if ($2)
|
|
|
|
port_check("LPRT", AF_INET6);
|
2000-11-28 12:31:29 +03:00
|
|
|
#else
|
|
|
|
reply(500, "IPv6 support not available.");
|
|
|
|
#endif
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| EPRT check_login SP STRING CRLF
|
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
2000-11-13 14:50:46 +03:00
|
|
|
if (extended_port($4) == 0)
|
|
|
|
port_check("EPRT", -1);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1998-07-01 00:18:52 +04:00
|
|
|
| PASV check_login CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
2000-11-16 16:15:13 +03:00
|
|
|
if (CURCLASS_FLAGS_ISSET(passive))
|
1999-12-18 08:51:34 +03:00
|
|
|
passive();
|
|
|
|
else
|
|
|
|
reply(500, "PASV mode not available.");
|
1998-07-01 00:18:52 +04:00
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| LPSV check_login CRLF
|
1999-07-02 09:52:14 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
|
|
|
if (epsvall)
|
|
|
|
reply(501,
|
|
|
|
"LPSV disallowed after EPSV ALL");
|
|
|
|
else
|
|
|
|
long_passive("LPSV", PF_UNSPEC);
|
|
|
|
}
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| EPSV check_login SP NUMBER CRLF
|
1999-07-02 09:52:14 +04:00
|
|
|
{
|
2000-11-13 14:50:46 +03:00
|
|
|
if ($2)
|
|
|
|
long_passive("EPSV", epsvproto2af($4));
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| EPSV check_login SP ALL CRLF
|
1999-07-02 09:52:14 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
1999-07-02 09:52:14 +04:00
|
|
|
reply(200, "EPSV ALL command successful.");
|
|
|
|
epsvall++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| EPSV check_login CRLF
|
1999-07-02 09:52:14 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2)
|
|
|
|
long_passive("EPSV", PF_UNSPEC);
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| TYPE check_login SP type_code CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
switch (cmd_type) {
|
|
|
|
|
|
|
|
case TYPE_A:
|
|
|
|
if (cmd_form == FORM_N) {
|
|
|
|
reply(200, "Type set to A.");
|
|
|
|
type = cmd_type;
|
|
|
|
form = cmd_form;
|
|
|
|
} else
|
|
|
|
reply(504, "Form must be N.");
|
|
|
|
break;
|
|
|
|
|
|
|
|
case TYPE_E:
|
|
|
|
reply(504, "Type E not implemented.");
|
|
|
|
break;
|
|
|
|
|
|
|
|
case TYPE_I:
|
|
|
|
reply(200, "Type set to I.");
|
|
|
|
type = cmd_type;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case TYPE_L:
|
|
|
|
#if NBBY == 8
|
|
|
|
if (cmd_bytesz == 8) {
|
|
|
|
reply(200,
|
|
|
|
"Type set to L (byte size 8).");
|
|
|
|
type = cmd_type;
|
|
|
|
} else
|
|
|
|
reply(504, "Byte size must be 8.");
|
|
|
|
#else /* NBBY == 8 */
|
|
|
|
UNIMPLEMENTED for NBBY != 8
|
|
|
|
#endif /* NBBY == 8 */
|
|
|
|
}
|
1999-12-18 08:51:34 +03:00
|
|
|
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| STRU check_login SP struct_code CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
|
|
|
switch ($4) {
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
case STRU_F:
|
|
|
|
reply(200, "STRU F ok.");
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
default:
|
|
|
|
reply(504, "Unimplemented STRU type.");
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| MODE check_login SP mode_code CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
|
|
|
switch ($4) {
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
case MODE_S:
|
|
|
|
reply(200, "MODE S ok.");
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
default:
|
|
|
|
reply(502, "Unimplemented MODE type.");
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| RETR check_login SP pathname CRLF
|
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($2 && $4 != NULL)
|
1998-09-06 14:39:40 +04:00
|
|
|
retrieve(NULL, $4);
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| STOR SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 1))
|
|
|
|
store($3, "w", 0);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| STOU SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 1))
|
|
|
|
store($3, "w", 1);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| APPE SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 1))
|
|
|
|
store($3, "a", 0);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| ALLO check_login SP NUMBER CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2)
|
|
|
|
reply(202, "ALLO command ignored.");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| ALLO check_login SP NUMBER SP R SP NUMBER CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2)
|
|
|
|
reply(202, "ALLO command ignored.");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| RNTO SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 0)) {
|
1999-12-18 08:51:34 +03:00
|
|
|
if (fromname) {
|
2000-11-16 16:15:13 +03:00
|
|
|
renamecmd(fromname, $3);
|
1999-12-18 08:51:34 +03:00
|
|
|
free(fromname);
|
|
|
|
fromname = NULL;
|
|
|
|
} else {
|
|
|
|
reply(503, "Bad sequence of commands.");
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
2000-11-16 16:15:13 +03:00
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| ABOR check_login CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2001-04-02 03:04:30 +04:00
|
|
|
if (is_oob)
|
|
|
|
abor();
|
|
|
|
else if ($2)
|
1999-12-18 08:51:34 +03:00
|
|
|
reply(225, "ABOR command successful.");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| DELE SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 0))
|
|
|
|
delete($3);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| RMD SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 0))
|
|
|
|
removedir($3);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| MKD SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 0))
|
|
|
|
makedir($3);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
|
|
|
| PWD check_login CRLF
|
|
|
|
{
|
|
|
|
if ($2)
|
|
|
|
pwd();
|
|
|
|
}
|
|
|
|
|
|
|
|
| LIST check_login CRLF
|
|
|
|
{
|
1999-12-07 08:30:53 +03:00
|
|
|
char *argv[] = { INTERNAL_LS, "-lgA", NULL };
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
if ($2)
|
1999-12-07 08:30:53 +03:00
|
|
|
retrieve(argv, "");
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| LIST check_login SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-07 08:30:53 +03:00
|
|
|
char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL };
|
|
|
|
|
|
|
|
if ($2 && $4 != NULL) {
|
|
|
|
argv[2] = $4;
|
|
|
|
retrieve(argv, $4);
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
|
|
|
| NLST check_login CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($2)
|
1998-09-07 12:11:20 +04:00
|
|
|
send_file_list(".");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-07-17 06:30:52 +04:00
|
|
|
| NLST check_login SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2)
|
1998-09-07 12:11:20 +04:00
|
|
|
send_file_list($4);
|
1999-12-18 08:51:34 +03:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| SITE SP HELP CRLF
|
|
|
|
{
|
1998-09-06 14:39:40 +04:00
|
|
|
help(sitetab, NULL);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| SITE SP CHMOD SP octal_number SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($7, 0)) {
|
|
|
|
if ($5 > 0777)
|
1993-03-21 12:45:37 +03:00
|
|
|
reply(501,
|
|
|
|
"CHMOD: Mode value must be between 0 and 0777");
|
2000-11-16 16:15:13 +03:00
|
|
|
else if (chmod($7, $5) < 0)
|
|
|
|
perror_reply(550, $7);
|
1993-03-21 12:45:37 +03:00
|
|
|
else
|
|
|
|
reply(200, "CHMOD command successful.");
|
|
|
|
}
|
2000-11-16 16:15:13 +03:00
|
|
|
if ($7 != NULL)
|
|
|
|
free($7);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
| SITE SP HELP SP STRING CRLF
|
|
|
|
{
|
|
|
|
help(sitetab, $5);
|
1999-12-18 08:51:34 +03:00
|
|
|
free($5);
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP IDLE check_login CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
|
|
|
reply(200,
|
1993-03-21 12:45:37 +03:00
|
|
|
"Current IDLE time limit is %d seconds; max %d",
|
1999-12-18 08:51:34 +03:00
|
|
|
curclass.timeout, curclass.maxtimeout);
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP IDLE check_login SP NUMBER CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
|
|
|
if ($6 < 30 || $6 > curclass.maxtimeout) {
|
|
|
|
reply(501,
|
|
|
|
"IDLE time limit must be between 30 and %d seconds",
|
|
|
|
curclass.maxtimeout);
|
|
|
|
} else {
|
|
|
|
curclass.timeout = $6;
|
|
|
|
(void) alarm(curclass.timeout);
|
|
|
|
reply(200,
|
|
|
|
"IDLE time limit set to %d seconds",
|
|
|
|
curclass.timeout);
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP RATEGET check_login CRLF
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
2000-11-16 16:15:13 +03:00
|
|
|
reply(200,
|
|
|
|
"Current RATEGET is " LLF " bytes/sec",
|
|
|
|
(LLT)curclass.rateget);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP RATEGET check_login SP STRING CRLF
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
char *p = $6;
|
2000-11-16 16:15:13 +03:00
|
|
|
LLT rate;
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
2000-11-16 16:15:13 +03:00
|
|
|
rate = strsuftoll(p);
|
1999-12-18 08:51:34 +03:00
|
|
|
if (rate == -1)
|
|
|
|
reply(501, "Invalid RATEGET %s", p);
|
|
|
|
else if (curclass.maxrateget &&
|
|
|
|
rate > curclass.maxrateget)
|
|
|
|
reply(501,
|
2000-11-16 16:15:13 +03:00
|
|
|
"RATEGET " LLF " is larger than maximum RATEGET " LLF,
|
|
|
|
(LLT)rate,
|
|
|
|
(LLT)curclass.maxrateget);
|
1999-12-18 08:51:34 +03:00
|
|
|
else {
|
|
|
|
curclass.rateget = rate;
|
|
|
|
reply(200,
|
2000-11-16 16:15:13 +03:00
|
|
|
"RATEGET set to " LLF " bytes/sec",
|
|
|
|
(LLT)curclass.rateget);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
1999-12-18 08:51:34 +03:00
|
|
|
free($6);
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP RATEPUT check_login CRLF
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
2000-11-16 16:15:13 +03:00
|
|
|
reply(200,
|
|
|
|
"Current RATEPUT is " LLF " bytes/sec",
|
|
|
|
(LLT)curclass.rateput);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
| SITE SP RATEPUT check_login SP STRING CRLF
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
char *p = $6;
|
2000-11-16 16:15:13 +03:00
|
|
|
LLT rate;
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($4) {
|
2000-11-16 16:15:13 +03:00
|
|
|
rate = strsuftoll(p);
|
1999-12-18 08:51:34 +03:00
|
|
|
if (rate == -1)
|
|
|
|
reply(501, "Invalid RATEPUT %s", p);
|
|
|
|
else if (curclass.maxrateput &&
|
|
|
|
rate > curclass.maxrateput)
|
|
|
|
reply(501,
|
2000-11-16 16:15:13 +03:00
|
|
|
"RATEPUT " LLF " is larger than maximum RATEPUT " LLF,
|
|
|
|
(LLT)rate,
|
|
|
|
(LLT)curclass.maxrateput);
|
1999-12-18 08:51:34 +03:00
|
|
|
else {
|
|
|
|
curclass.rateput = rate;
|
|
|
|
reply(200,
|
2000-11-16 16:15:13 +03:00
|
|
|
"RATEPUT set to " LLF " bytes/sec",
|
|
|
|
(LLT)curclass.rateput);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
1999-12-18 08:51:34 +03:00
|
|
|
free($6);
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| SITE SP UMASK check_login CRLF
|
|
|
|
{
|
|
|
|
int oldmask;
|
|
|
|
|
|
|
|
if ($4) {
|
|
|
|
oldmask = umask(0);
|
|
|
|
(void) umask(oldmask);
|
|
|
|
reply(200, "Current UMASK is %03o", oldmask);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| SITE SP UMASK check_login SP octal_number CRLF
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
{
|
|
|
|
int oldmask;
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
if ($4 && CURCLASS_FLAGS_ISSET(modify)) {
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
if (($6 == -1) || ($6 > 0777)) {
|
|
|
|
reply(501, "Bad UMASK value");
|
|
|
|
} else {
|
|
|
|
oldmask = umask($6);
|
|
|
|
reply(200,
|
|
|
|
"UMASK set to %03o (was %03o)",
|
|
|
|
$6, oldmask);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
| SYST CRLF
|
|
|
|
{
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
if (EMPTYSTR(version))
|
|
|
|
reply(215, "UNIX Type: L%d", NBBY);
|
|
|
|
else
|
|
|
|
reply(215, "UNIX Type: L%d Version: %s", NBBY,
|
|
|
|
version);
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| STAT check_login SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($2 && $4 != NULL)
|
1998-09-07 12:11:20 +04:00
|
|
|
statfilecmd($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
|
|
|
| STAT CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
2001-04-02 03:04:30 +04:00
|
|
|
if (is_oob)
|
|
|
|
statxfer();
|
|
|
|
else
|
|
|
|
statcmd();
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| HELP CRLF
|
|
|
|
{
|
|
|
|
help(cmdtab, NULL);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
| HELP SP STRING CRLF
|
|
|
|
{
|
|
|
|
char *cp = $3;
|
|
|
|
|
|
|
|
if (strncasecmp(cp, "SITE", 4) == 0) {
|
|
|
|
cp = $3 + 4;
|
|
|
|
if (*cp == ' ')
|
|
|
|
cp++;
|
|
|
|
if (*cp)
|
|
|
|
help(sitetab, cp);
|
|
|
|
else
|
|
|
|
help(sitetab, NULL);
|
|
|
|
} else
|
|
|
|
help(cmdtab, $3);
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| NOOP CRLF
|
|
|
|
{
|
|
|
|
reply(200, "NOOP command successful.");
|
|
|
|
}
|
|
|
|
|
1999-02-06 00:40:49 +03:00
|
|
|
/* RFC 2228 */
|
|
|
|
| AUTH SP mechanism_name CRLF
|
|
|
|
{
|
|
|
|
reply(502, "RFC 2228 authentication not implemented.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| ADAT SP base64data CRLF
|
|
|
|
{
|
|
|
|
reply(503,
|
|
|
|
"Please set authentication state with AUTH.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| PROT SP prot_code CRLF
|
|
|
|
{
|
|
|
|
reply(503,
|
|
|
|
"Please set protection buffer size with PBSZ.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| PBSZ SP decimal_integer CRLF
|
|
|
|
{
|
|
|
|
reply(503,
|
|
|
|
"Please set authentication state with AUTH.");
|
|
|
|
}
|
|
|
|
|
|
|
|
| CCC CRLF
|
|
|
|
{
|
|
|
|
reply(533, "No protection enabled.");
|
|
|
|
}
|
|
|
|
|
|
|
|
| MIC SP base64data CRLF
|
|
|
|
{
|
|
|
|
reply(502, "RFC 2228 authentication not implemented.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| CONF SP base64data CRLF
|
|
|
|
{
|
|
|
|
reply(502, "RFC 2228 authentication not implemented.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
| ENC SP base64data CRLF
|
|
|
|
{
|
|
|
|
reply(502, "RFC 2228 authentication not implemented.");
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1999-02-06 00:40:49 +03:00
|
|
|
}
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
/* RFC 2389 */
|
|
|
|
| FEAT CRLF
|
|
|
|
{
|
2000-06-14 17:44:21 +04:00
|
|
|
|
|
|
|
feat();
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
| OPTS SP STRING CRLF
|
|
|
|
{
|
|
|
|
|
|
|
|
opts($3);
|
1999-12-18 08:51:34 +03:00
|
|
|
free($3);
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-07-15 07:45:19 +04:00
|
|
|
/* extensions from draft-ietf-ftpext-mlst-11 */
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
|
|
|
* Return size of file in a format suitable for
|
|
|
|
* using with RESTART (we just count bytes).
|
|
|
|
*/
|
1994-06-29 05:49:37 +04:00
|
|
|
| SIZE check_login SP pathname CRLF
|
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($2 && $4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
sizecmd($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Return modification time of file as an ISO 3307
|
|
|
|
* style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx
|
|
|
|
* where xxx is the fractional second (of any precision,
|
|
|
|
* not necessarily 3 digits)
|
|
|
|
*/
|
1994-06-29 05:49:37 +04:00
|
|
|
| MDTM check_login SP pathname CRLF
|
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
if ($2 && $4 != NULL) {
|
|
|
|
struct stat stbuf;
|
1994-06-29 05:49:37 +04:00
|
|
|
if (stat($4, &stbuf) < 0)
|
1998-09-06 14:39:40 +04:00
|
|
|
perror_reply(550, $4);
|
1994-06-29 05:49:37 +04:00
|
|
|
else if (!S_ISREG(stbuf.st_mode)) {
|
|
|
|
reply(550, "%s: not a plain file.", $4);
|
1993-03-21 12:45:37 +03:00
|
|
|
} else {
|
1994-06-29 05:49:37 +04:00
|
|
|
struct tm *t;
|
2000-06-14 17:44:21 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
t = gmtime(&stbuf.st_mtime);
|
|
|
|
reply(213,
|
1996-04-08 23:03:11 +04:00
|
|
|
"%04d%02d%02d%02d%02d%02d",
|
1998-05-21 04:09:32 +04:00
|
|
|
TM_YEAR_BASE + t->tm_year,
|
1996-04-08 23:03:11 +04:00
|
|
|
t->tm_mon+1, t->tm_mday,
|
1993-03-21 12:45:37 +03:00
|
|
|
t->tm_hour, t->tm_min, t->tm_sec);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($4 != NULL)
|
1994-06-29 05:49:37 +04:00
|
|
|
free($4);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-06-14 17:44:21 +04:00
|
|
|
| MLST check_login SP pathname CRLF
|
|
|
|
{
|
|
|
|
if ($2 && $4 != NULL)
|
|
|
|
mlst($4);
|
|
|
|
if ($4 != NULL)
|
|
|
|
free($4);
|
|
|
|
}
|
|
|
|
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
| MLST check_login CRLF
|
2000-06-14 17:44:21 +04:00
|
|
|
{
|
|
|
|
mlst(NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
| MLSD check_login SP pathname CRLF
|
|
|
|
{
|
|
|
|
if ($2 && $4 != NULL)
|
|
|
|
mlsd($4);
|
|
|
|
if ($4 != NULL)
|
|
|
|
free($4);
|
|
|
|
}
|
|
|
|
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
| MLSD check_login CRLF
|
2000-06-14 17:44:21 +04:00
|
|
|
{
|
|
|
|
mlsd(NULL);
|
|
|
|
}
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| error CRLF
|
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
yyerrok;
|
|
|
|
}
|
|
|
|
;
|
1998-09-05 21:33:00 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
rcmd
|
1999-12-18 08:51:34 +03:00
|
|
|
: REST check_login SP byte_size CRLF
|
1998-09-07 12:11:20 +04:00
|
|
|
{
|
1999-12-18 08:51:34 +03:00
|
|
|
if ($2) {
|
|
|
|
fromname = NULL;
|
2000-12-18 05:32:50 +03:00
|
|
|
restart_point = $4; /* XXX: $4 is only "int" */
|
2000-11-15 05:32:30 +03:00
|
|
|
reply(350,
|
|
|
|
"Restarting at " LLF ". Send STORE or RETRIEVE to initiate transfer.",
|
|
|
|
(LLT)restart_point);
|
1999-12-18 08:51:34 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
1999-12-18 08:51:34 +03:00
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
| RNFR SP pathname CRLF
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
1993-03-21 12:45:37 +03:00
|
|
|
restart_point = (off_t) 0;
|
2000-11-16 16:15:13 +03:00
|
|
|
if (check_write($3, 0))
|
|
|
|
fromname = renamefrom($3);
|
|
|
|
if ($3 != NULL)
|
|
|
|
free($3);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
;
|
1994-06-29 05:49:37 +04:00
|
|
|
|
|
|
|
username
|
|
|
|
: STRING
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
password
|
|
|
|
: /* empty */
|
|
|
|
{
|
|
|
|
$$ = (char *)calloc(1, sizeof(char));
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| STRING
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
byte_size
|
|
|
|
: NUMBER
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
host_port
|
|
|
|
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
1993-03-21 12:45:37 +03:00
|
|
|
NUMBER COMMA NUMBER
|
1994-06-29 05:49:37 +04:00
|
|
|
{
|
|
|
|
char *a, *p;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
2000-11-15 05:32:30 +03:00
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
1999-07-02 09:52:14 +04:00
|
|
|
data_dest.su_len = sizeof(struct sockaddr_in);
|
|
|
|
data_dest.su_family = AF_INET;
|
2000-11-15 05:32:30 +03:00
|
|
|
p = (char *)&data_dest.su_port;
|
1993-03-21 12:45:37 +03:00
|
|
|
p[0] = $9; p[1] = $11;
|
2000-11-15 05:32:30 +03:00
|
|
|
a = (char *)&data_dest.su_addr;
|
1995-06-04 02:37:19 +04:00
|
|
|
a[0] = $1; a[1] = $3; a[2] = $5; a[3] = $7;
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
;
|
|
|
|
|
1999-07-12 00:03:41 +04:00
|
|
|
host_long_port4
|
|
|
|
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER
|
|
|
|
{
|
|
|
|
char *a, *p;
|
|
|
|
|
2000-11-15 05:32:30 +03:00
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
|
|
|
data_dest.su_len = sizeof(struct sockaddr_in);
|
1999-07-12 00:03:41 +04:00
|
|
|
data_dest.su_family = AF_INET;
|
|
|
|
p = (char *)&data_dest.su_port;
|
|
|
|
p[0] = $15; p[1] = $17;
|
2000-11-15 05:32:30 +03:00
|
|
|
a = (char *)&data_dest.su_addr;
|
1999-07-12 00:03:41 +04:00
|
|
|
a[0] = $5; a[1] = $7; a[2] = $9; a[3] = $11;
|
1999-07-12 00:09:23 +04:00
|
|
|
|
|
|
|
/* reject invalid LPRT command */
|
|
|
|
if ($1 != 4 || $3 != 4 || $13 != 2)
|
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
1999-07-12 00:03:41 +04:00
|
|
|
}
|
|
|
|
;
|
|
|
|
|
|
|
|
host_long_port6
|
1999-07-02 09:52:14 +04:00
|
|
|
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
|
|
|
|
NUMBER
|
|
|
|
{
|
2000-09-15 18:55:16 +04:00
|
|
|
#ifdef INET6
|
1999-07-02 09:52:14 +04:00
|
|
|
char *a, *p;
|
|
|
|
|
2000-11-15 05:32:30 +03:00
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
|
|
|
data_dest.su_len = sizeof(struct sockaddr_in6);
|
1999-07-02 09:52:14 +04:00
|
|
|
data_dest.su_family = AF_INET6;
|
|
|
|
p = (char *)&data_dest.su_port;
|
|
|
|
p[0] = $39; p[1] = $41;
|
2000-11-15 05:32:30 +03:00
|
|
|
a = (char *)&data_dest.si_su.su_sin6.sin6_addr;
|
1999-07-02 09:52:14 +04:00
|
|
|
a[0] = $5; a[1] = $7; a[2] = $9; a[3] = $11;
|
|
|
|
a[4] = $13; a[5] = $15; a[6] = $17; a[7] = $19;
|
|
|
|
a[8] = $21; a[9] = $23; a[10] = $25; a[11] = $27;
|
|
|
|
a[12] = $29; a[13] = $31; a[14] = $33; a[15] = $35;
|
1999-09-01 09:03:41 +04:00
|
|
|
if (his_addr.su_family == AF_INET6) {
|
2000-12-18 05:32:50 +03:00
|
|
|
/* XXX: more sanity checks! */
|
2000-11-15 05:32:30 +03:00
|
|
|
data_dest.su_scope_id = his_addr.su_scope_id;
|
1999-09-01 09:03:41 +04:00
|
|
|
}
|
2000-09-15 18:55:16 +04:00
|
|
|
#else
|
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
2000-11-15 05:32:30 +03:00
|
|
|
#endif /* INET6 */
|
1999-07-12 00:09:23 +04:00
|
|
|
/* reject invalid LPRT command */
|
|
|
|
if ($1 != 6 || $3 != 16 || $37 != 2)
|
|
|
|
memset(&data_dest, 0, sizeof(data_dest));
|
1999-07-02 09:52:14 +04:00
|
|
|
}
|
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
form_code
|
|
|
|
: N
|
|
|
|
{
|
|
|
|
$$ = FORM_N;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| T
|
|
|
|
{
|
|
|
|
$$ = FORM_T;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| C
|
|
|
|
{
|
|
|
|
$$ = FORM_C;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
type_code
|
|
|
|
: A
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_A;
|
|
|
|
cmd_form = FORM_N;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| A SP form_code
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_A;
|
|
|
|
cmd_form = $3;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| E
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_E;
|
|
|
|
cmd_form = FORM_N;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| E SP form_code
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_E;
|
|
|
|
cmd_form = $3;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| I
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_I;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| L
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_L;
|
|
|
|
cmd_bytesz = NBBY;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| L SP byte_size
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_L;
|
|
|
|
cmd_bytesz = $3;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
/* this is for a bug in the BBN ftp */
|
|
|
|
| L byte_size
|
|
|
|
{
|
|
|
|
cmd_type = TYPE_L;
|
|
|
|
cmd_bytesz = $2;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
struct_code
|
|
|
|
: F
|
|
|
|
{
|
|
|
|
$$ = STRU_F;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| R
|
|
|
|
{
|
|
|
|
$$ = STRU_R;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| P
|
|
|
|
{
|
|
|
|
$$ = STRU_P;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
mode_code
|
|
|
|
: S
|
|
|
|
{
|
|
|
|
$$ = MODE_S;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| B
|
|
|
|
{
|
|
|
|
$$ = MODE_B;
|
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
| C
|
|
|
|
{
|
|
|
|
$$ = MODE_C;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
pathname
|
|
|
|
: pathstring
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Problem: this production is used for all pathname
|
|
|
|
* processing, but only gives a 550 error reply.
|
1997-04-27 07:21:38 +04:00
|
|
|
* This is a valid reply in some cases but not in
|
|
|
|
* others.
|
1994-06-29 05:49:37 +04:00
|
|
|
*/
|
|
|
|
if (logged_in && $1 && *$1 == '~') {
|
|
|
|
glob_t gl;
|
2000-07-17 06:30:52 +04:00
|
|
|
int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_TILDE;
|
1994-06-29 05:49:37 +04:00
|
|
|
|
1997-04-27 07:21:38 +04:00
|
|
|
if ($1[1] == '\0')
|
2000-07-17 06:30:52 +04:00
|
|
|
$$ = xstrdup(homedir);
|
1997-04-27 07:21:38 +04:00
|
|
|
else {
|
|
|
|
memset(&gl, 0, sizeof(gl));
|
|
|
|
if (glob($1, flags, NULL, &gl) ||
|
|
|
|
gl.gl_pathc == 0) {
|
|
|
|
reply(550, "not found");
|
|
|
|
$$ = NULL;
|
|
|
|
} else
|
1998-09-07 12:11:20 +04:00
|
|
|
$$ = xstrdup(gl.gl_pathv[0]);
|
1997-04-27 07:21:38 +04:00
|
|
|
globfree(&gl);
|
1994-06-29 05:49:37 +04:00
|
|
|
}
|
|
|
|
free($1);
|
|
|
|
} else
|
|
|
|
$$ = $1;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
pathstring
|
|
|
|
: STRING
|
1993-03-21 12:45:37 +03:00
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
octal_number
|
|
|
|
: NUMBER
|
|
|
|
{
|
|
|
|
int ret, dec, multby, digit;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
/*
|
|
|
|
* Convert a number that was read as decimal number
|
|
|
|
* to what it would be if it had been read as octal.
|
|
|
|
*/
|
|
|
|
dec = $1;
|
|
|
|
multby = 1;
|
|
|
|
ret = 0;
|
|
|
|
while (dec) {
|
|
|
|
digit = dec%10;
|
|
|
|
if (digit > 7) {
|
|
|
|
ret = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
ret += digit * multby;
|
|
|
|
multby *= 8;
|
|
|
|
dec /= 10;
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1994-06-29 05:49:37 +04:00
|
|
|
$$ = ret;
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
;
|
|
|
|
|
1999-02-06 00:40:49 +03:00
|
|
|
mechanism_name
|
|
|
|
: STRING
|
|
|
|
;
|
|
|
|
|
|
|
|
base64data
|
|
|
|
: STRING
|
|
|
|
;
|
|
|
|
|
|
|
|
prot_code
|
|
|
|
: STRING
|
|
|
|
;
|
|
|
|
|
|
|
|
decimal_integer
|
|
|
|
: NUMBER
|
|
|
|
;
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
check_login
|
|
|
|
: /* empty */
|
|
|
|
{
|
|
|
|
if (logged_in)
|
|
|
|
$$ = 1;
|
|
|
|
else {
|
|
|
|
reply(530, "Please login with USER and PASS.");
|
|
|
|
$$ = 0;
|
1998-09-06 14:39:40 +04:00
|
|
|
hasyyerrored = 1;
|
1994-06-29 05:49:37 +04:00
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
;
|
1998-09-05 21:33:00 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
%%
|
|
|
|
|
|
|
|
#define CMD 0 /* beginning of command */
|
|
|
|
#define ARGS 1 /* expect miscellaneous arguments */
|
|
|
|
#define STR1 2 /* expect SP followed by STRING */
|
|
|
|
#define STR2 3 /* expect STRING */
|
|
|
|
#define OSTR 4 /* optional SP then STRING */
|
|
|
|
#define ZSTR1 5 /* SP then optional STRING */
|
|
|
|
#define ZSTR2 6 /* optional STRING after SP */
|
|
|
|
#define SITECMD 7 /* SITE command */
|
|
|
|
#define NSTR 8 /* Number followed by a string */
|
1998-09-05 21:33:00 +04:00
|
|
|
#define NOARGS 9 /* No arguments allowed */
|
2001-04-02 03:04:30 +04:00
|
|
|
#define EOLN 10 /* End of line */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-05 21:33:00 +04:00
|
|
|
struct tab cmdtab[] = {
|
|
|
|
/* From RFC 959, in order defined (5.3.1) */
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "USER", USER, STR1, 1, "<sp> username" },
|
|
|
|
{ "PASS", PASS, ZSTR1, 1, "<sp> password" },
|
|
|
|
{ "ACCT", ACCT, STR1, 0, "(specify account)" },
|
|
|
|
{ "CWD", CWD, OSTR, 1, "[ <sp> directory-name ]" },
|
|
|
|
{ "CDUP", CDUP, NOARGS, 1, "(change to parent directory)" },
|
|
|
|
{ "SMNT", SMNT, ARGS, 0, "(structure mount)" },
|
|
|
|
{ "QUIT", QUIT, NOARGS, 1, "(terminate service)" },
|
|
|
|
{ "REIN", REIN, NOARGS, 0, "(reinitialize server state)" },
|
|
|
|
{ "PORT", PORT, ARGS, 1, "<sp> b0, b1, b2, b3, b4" },
|
|
|
|
{ "LPRT", LPRT, ARGS, 1, "<sp> af, hal, h1, h2, h3,..., pal, p1, p2..." },
|
|
|
|
{ "EPRT", EPRT, STR1, 1, "<sp> |af|addr|port|" },
|
|
|
|
{ "PASV", PASV, NOARGS, 1, "(set server in passive mode)" },
|
|
|
|
{ "LPSV", LPSV, ARGS, 1, "(set server in passive mode)" },
|
|
|
|
{ "EPSV", EPSV, ARGS, 1, "[<sp> af|ALL]" },
|
|
|
|
{ "TYPE", TYPE, ARGS, 1, "<sp> [ A | E | I | L ]" },
|
|
|
|
{ "STRU", STRU, ARGS, 1, "(specify file structure)" },
|
|
|
|
{ "MODE", MODE, ARGS, 1, "(specify transfer mode)" },
|
|
|
|
{ "RETR", RETR, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "STOR", STOR, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "STOU", STOU, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "APPE", APPE, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)" },
|
|
|
|
{ "REST", REST, ARGS, 1, "<sp> offset (restart command)" },
|
|
|
|
{ "RNFR", RNFR, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "RNTO", RNTO, STR1, 1, "<sp> file-name" },
|
2001-04-02 03:04:30 +04:00
|
|
|
{ "ABOR", ABOR, NOARGS, 4, "(abort operation)" },
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "DELE", DELE, STR1, 1, "<sp> file-name" },
|
|
|
|
{ "RMD", RMD, STR1, 1, "<sp> path-name" },
|
|
|
|
{ "MKD", MKD, STR1, 1, "<sp> path-name" },
|
|
|
|
{ "PWD", PWD, NOARGS, 1, "(return current directory)" },
|
|
|
|
{ "LIST", LIST, OSTR, 1, "[ <sp> path-name ]" },
|
|
|
|
{ "NLST", NLST, OSTR, 1, "[ <sp> path-name ]" },
|
|
|
|
{ "SITE", SITE, SITECMD, 1, "site-cmd [ <sp> arguments ]" },
|
|
|
|
{ "SYST", SYST, NOARGS, 1, "(get type of operating system)" },
|
2001-04-02 03:04:30 +04:00
|
|
|
{ "STAT", STAT, OSTR, 4, "[ <sp> path-name ]" },
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" },
|
|
|
|
{ "NOOP", NOOP, NOARGS, 2, "" },
|
1998-09-07 12:11:20 +04:00
|
|
|
|
1999-02-06 00:40:49 +03:00
|
|
|
/* From RFC 2228, in order defined */
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "AUTH", AUTH, STR1, 1, "<sp> mechanism-name" },
|
|
|
|
{ "ADAT", ADAT, STR1, 1, "<sp> base-64-data" },
|
|
|
|
{ "PROT", PROT, STR1, 1, "<sp> prot-code" },
|
|
|
|
{ "PBSZ", PBSZ, ARGS, 1, "<sp> decimal-integer" },
|
|
|
|
{ "CCC", CCC, NOARGS, 1, "(Disable data protection)" },
|
2001-04-02 03:04:30 +04:00
|
|
|
{ "MIC", MIC, STR1, 4, "<sp> base64data" },
|
|
|
|
{ "CONF", CONF, STR1, 4, "<sp> base64data" },
|
|
|
|
{ "ENC", ENC, STR1, 4, "<sp> base64data" },
|
1999-02-06 00:40:49 +03:00
|
|
|
|
|
|
|
/* From RFC 2389, in order defined */
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "FEAT", FEAT, NOARGS, 1, "(display extended features)" },
|
|
|
|
{ "OPTS", OPTS, STR1, 1, "<sp> command [ <sp> options ]" },
|
1998-09-07 12:11:20 +04:00
|
|
|
|
2000-07-15 07:45:19 +04:00
|
|
|
/* from draft-ietf-ftpext-mlst-11 */
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "MDTM", MDTM, OSTR, 1, "<sp> path-name" },
|
|
|
|
{ "SIZE", SIZE, OSTR, 1, "<sp> path-name" },
|
|
|
|
{ "MLST", MLST, OSTR, 2, "[ <sp> path-name ]" },
|
|
|
|
{ "MLSD", MLSD, OSTR, 1, "[ <sp> directory-name ]" },
|
1998-09-05 21:33:00 +04:00
|
|
|
|
|
|
|
/* obsolete commands */
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "MAIL", MAIL, OSTR, 0, "(mail to user)" },
|
|
|
|
{ "MLFL", MLFL, OSTR, 0, "(mail file)" },
|
|
|
|
{ "MRCP", MRCP, STR1, 0, "(mail recipient)" },
|
|
|
|
{ "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)" },
|
|
|
|
{ "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)" },
|
|
|
|
{ "MSND", MSND, OSTR, 0, "(mail send to terminal)" },
|
|
|
|
{ "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)" },
|
|
|
|
{ "XCUP", CDUP, NOARGS, 1, "(change to parent directory)" },
|
|
|
|
{ "XCWD", CWD, OSTR, 1, "[ <sp> directory-name ]" },
|
|
|
|
{ "XMKD", MKD, STR1, 1, "<sp> path-name" },
|
|
|
|
{ "XPWD", PWD, NOARGS, 1, "(return current directory)" },
|
|
|
|
{ "XRMD", RMD, STR1, 1, "<sp> path-name" },
|
|
|
|
|
|
|
|
{ NULL, 0, 0, 0, 0 }
|
1993-03-21 12:45:37 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
struct tab sitetab[] = {
|
2000-06-14 17:44:21 +04:00
|
|
|
{ "CHMOD", CHMOD, NSTR, 1, "<sp> mode <sp> file-name" },
|
|
|
|
{ "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" },
|
|
|
|
{ "IDLE", IDLE, ARGS, 1, "[ <sp> maximum-idle-time ]" },
|
|
|
|
{ "RATEGET", RATEGET,OSTR, 1, "[ <sp> get-throttle-rate ]" },
|
|
|
|
{ "RATEPUT", RATEPUT,OSTR, 1, "[ <sp> put-throttle-rate ]" },
|
|
|
|
{ "UMASK", UMASK, ARGS, 1, "[ <sp> umask ]" },
|
|
|
|
{ NULL, 0, 0, 0, NULL }
|
1993-03-21 12:45:37 +03:00
|
|
|
};
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
static int check_write(const char *, int);
|
|
|
|
static void help(struct tab *, const char *);
|
|
|
|
static void port_check(const char *, int);
|
|
|
|
static void toolong(int);
|
|
|
|
static int yylex(void);
|
1994-06-29 05:49:37 +04:00
|
|
|
|
1999-07-02 09:52:14 +04:00
|
|
|
extern int epsvall;
|
|
|
|
|
2000-11-16 16:15:13 +03:00
|
|
|
/*
|
|
|
|
* Check if a filename is allowed to be modified (isupload == 0) or
|
|
|
|
* uploaded (isupload == 1), and if necessary, check the filename is `sane'.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
check_write(const char *file, int isupload)
|
|
|
|
{
|
|
|
|
if (file == NULL)
|
|
|
|
return (0);
|
|
|
|
if (! logged_in) {
|
|
|
|
reply(530, "Please login with USER and PASS.");
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
/* checking modify */
|
|
|
|
if (! isupload && ! CURCLASS_FLAGS_ISSET(modify)) {
|
|
|
|
reply(502, "No permission to use this command.");
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
/* checking upload */
|
|
|
|
if (isupload && ! CURCLASS_FLAGS_ISSET(upload)) {
|
|
|
|
reply(502, "No permission to use this command.");
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
/* checking sanenames */
|
|
|
|
if (CURCLASS_FLAGS_ISSET(sanenames)) {
|
|
|
|
const char *p;
|
|
|
|
|
|
|
|
if (file[0] == '.')
|
|
|
|
goto insane_name;
|
|
|
|
for (p = file; *p; p++) {
|
|
|
|
if (isalnum(*p) || *p == '-' || *p == '+' ||
|
|
|
|
*p == ',' || *p == '.' || *p == '_')
|
|
|
|
continue;
|
|
|
|
insane_name:
|
|
|
|
reply(553, "File name `%s' not allowed.", file);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
|
2000-06-14 17:44:21 +04:00
|
|
|
struct tab *
|
2000-05-20 06:20:18 +04:00
|
|
|
lookup(struct tab *p, const char *cmd)
|
1993-03-21 12:45:37 +03:00
|
|
|
{
|
|
|
|
|
|
|
|
for (; p->name != NULL; p++)
|
1998-09-07 12:11:20 +04:00
|
|
|
if (strcasecmp(cmd, p->name) == 0)
|
1993-03-21 12:45:37 +03:00
|
|
|
return (p);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
#include <arpa/telnet.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
* getline - a hacked up version of fgets to ignore TELNET escape codes.
|
|
|
|
*/
|
|
|
|
char *
|
2000-05-20 06:20:18 +04:00
|
|
|
getline(char *s, int n, FILE *iop)
|
1993-03-21 12:45:37 +03:00
|
|
|
{
|
1994-06-29 05:49:37 +04:00
|
|
|
int c;
|
1998-09-05 21:33:00 +04:00
|
|
|
char *cs;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
cs = s;
|
|
|
|
/* tmpline may contain saved command from urgent mode interruption */
|
|
|
|
for (c = 0; tmpline[c] != '\0' && --n > 0; ++c) {
|
|
|
|
*cs++ = tmpline[c];
|
|
|
|
if (tmpline[c] == '\n') {
|
|
|
|
*cs++ = '\0';
|
|
|
|
if (debug)
|
|
|
|
syslog(LOG_DEBUG, "command: %s", s);
|
|
|
|
tmpline[0] = '\0';
|
|
|
|
return(s);
|
|
|
|
}
|
|
|
|
if (c == 0)
|
|
|
|
tmpline[0] = '\0';
|
|
|
|
}
|
|
|
|
while ((c = getc(iop)) != EOF) {
|
1999-05-17 19:14:53 +04:00
|
|
|
total_bytes++;
|
|
|
|
total_bytes_in++;
|
1993-03-21 12:45:37 +03:00
|
|
|
c &= 0377;
|
|
|
|
if (c == IAC) {
|
|
|
|
if ((c = getc(iop)) != EOF) {
|
1999-05-17 19:14:53 +04:00
|
|
|
total_bytes++;
|
|
|
|
total_bytes_in++;
|
1993-03-21 12:45:37 +03:00
|
|
|
c &= 0377;
|
|
|
|
switch (c) {
|
|
|
|
case WILL:
|
|
|
|
case WONT:
|
|
|
|
c = getc(iop);
|
1999-05-17 19:14:53 +04:00
|
|
|
total_bytes++;
|
|
|
|
total_bytes_in++;
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
cprintf(stdout, "%c%c%c", IAC, DONT, 0377&c);
|
1993-03-21 12:45:37 +03:00
|
|
|
(void) fflush(stdout);
|
|
|
|
continue;
|
|
|
|
case DO:
|
|
|
|
case DONT:
|
|
|
|
c = getc(iop);
|
1999-05-17 19:14:53 +04:00
|
|
|
total_bytes++;
|
|
|
|
total_bytes_in++;
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
cprintf(stdout, "%c%c%c", IAC, WONT, 0377&c);
|
1993-03-21 12:45:37 +03:00
|
|
|
(void) fflush(stdout);
|
|
|
|
continue;
|
|
|
|
case IAC:
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
continue; /* ignore command */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
*cs++ = c;
|
|
|
|
if (--n <= 0 || c == '\n')
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (c == EOF && cs == s)
|
|
|
|
return (NULL);
|
|
|
|
*cs++ = '\0';
|
1994-06-29 05:49:37 +04:00
|
|
|
if (debug) {
|
2000-11-30 05:59:11 +03:00
|
|
|
if ((curclass.type != CLASS_GUEST &&
|
|
|
|
strncasecmp(s, "PASS ", 5) == 0) ||
|
|
|
|
strncasecmp(s, "ACCT ", 5) == 0) {
|
1994-06-29 05:49:37 +04:00
|
|
|
/* Don't syslog passwords */
|
2000-11-30 05:59:11 +03:00
|
|
|
syslog(LOG_DEBUG, "command: %.4s ???", s);
|
1994-06-29 05:49:37 +04:00
|
|
|
} else {
|
1998-09-05 21:33:00 +04:00
|
|
|
char *cp;
|
|
|
|
int len;
|
1994-06-29 05:49:37 +04:00
|
|
|
|
|
|
|
/* Don't syslog trailing CR-LF */
|
|
|
|
len = strlen(s);
|
|
|
|
cp = s + len - 1;
|
|
|
|
while (cp >= s && (*cp == '\n' || *cp == '\r')) {
|
|
|
|
--cp;
|
|
|
|
--len;
|
|
|
|
}
|
|
|
|
syslog(LOG_DEBUG, "command: %.*s", len, s);
|
|
|
|
}
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
return (s);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2000-05-20 06:20:18 +04:00
|
|
|
toolong(int signo)
|
1993-03-21 12:45:37 +03:00
|
|
|
{
|
|
|
|
|
|
|
|
reply(421,
|
* implement /etc/ftpd.conf, which adds support for the following features,
controllable on a per class (which is one of: real, chroot, guest,
all or none) basis:
* on-the-fly execution of a command to build the file (a ``conversion''),
providing support for "get dirname.tar" and the like.
* displaying the contents of a file when a directory is entered
for the first time.
* maximum value for timeout (replaces -T).
* control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST.
* notifying the user of the existance of a files matching a glob
pattern when a directory is entered for the first time.
* default value for timeout (replaces -t).
* default umask (replaces -DGUEST_CMASK and -u).
The conversion, display, and notify functionality was based on code by
Simon Burge <simonb@telstra.com.au>.
* clean up and re-order parts of the man page into subsections.
* STAT displays the settings defined for the class of the current user.
* bump version from 6.00 to 7.00, because of ftpd.conf.
* deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and
-t, -T and -u, as ftpd.conf allows finer control of these.
* add "nostderr" argument to ftpd_popen(), because you don't want the
stderr stream mixing with the stdout stream during a conversion,
as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
|
|
|
"Timeout (%d seconds): closing control connection.",
|
|
|
|
curclass.timeout);
|
1994-06-29 05:49:37 +04:00
|
|
|
if (logging)
|
|
|
|
syslog(LOG_INFO, "User %s timed out after %d seconds",
|
* change format of /etc/ftpusers lines from
userglob [allow|deny]
to
userglob[@host] [allow|deny [classname]]
where class is a userdefined classname.
- if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a
hostglob (e.g, `*.foo.com'), and the remote host is matched against that.
- if classname is given, use that to match entries in ftpd.conf (defaults
to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in
/etc/ftpchroot, and `real' for everyone else.
* implement new /etc/ftpd.conf directives:
classtype classname type set type of classname to GUEST, CHROOT, or REAL
motd classname file file to use instead of /etc/motd
rateget classname rate set rateget throttle to rate
rateput classname rate set rateput throttle to rate
upload classname allow/deny uploads (STOU, STOR, APPE). if
denied, also acts as `modify deny'.
* implement new `SITE' commands:
RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that
RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that
* implement format_file(), which outputs a file to the user, parsing %
escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file.
* implement strsuftoi() (from ftp(1)), which parses a number and
optional suffix (for use with rateget, etc)
* don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since
we don't need reserved ports (at wasn't getting them anyway).
* update & reorder copyrights
* use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
|
|
|
(pw ? pw->pw_name : "unknown"), curclass.timeout);
|
1993-03-21 12:45:37 +03:00
|
|
|
dologout(1);
|
|
|
|
}
|
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
void
|
|
|
|
ftp_handle_line(char *cp)
|
|
|
|
{
|
|
|
|
cmdp = cp;
|
|
|
|
yyparse();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ftp_loop(void)
|
|
|
|
{
|
|
|
|
while (1) {
|
|
|
|
(void) signal(SIGALRM, toolong);
|
|
|
|
(void) alarm(curclass.timeout);
|
|
|
|
if (getline(cbuf, sizeof(cbuf)-1, stdin) == NULL) {
|
|
|
|
reply(221, "You could at least say goodbye.");
|
|
|
|
dologout(0);
|
|
|
|
}
|
|
|
|
(void) alarm(0);
|
|
|
|
ftp_handle_line(cbuf);
|
|
|
|
}
|
|
|
|
/*NOTREACHED*/
|
|
|
|
}
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
static int
|
2000-05-20 06:20:18 +04:00
|
|
|
yylex(void)
|
1993-03-21 12:45:37 +03:00
|
|
|
{
|
|
|
|
static int cpos, state;
|
1994-06-29 05:49:37 +04:00
|
|
|
char *cp, *cp2;
|
|
|
|
struct tab *p;
|
1998-09-06 14:39:40 +04:00
|
|
|
int n;
|
1994-06-29 05:49:37 +04:00
|
|
|
char c;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
switch (state) {
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case CMD:
|
|
|
|
hasyyerrored = 0;
|
2001-04-02 03:04:30 +04:00
|
|
|
if ((cp = strchr(cmdp, '\r'))) {
|
1999-12-18 08:51:34 +03:00
|
|
|
*cp = '\0';
|
2000-11-30 05:59:11 +03:00
|
|
|
#if HAVE_SETPROCTITLE
|
2001-04-02 03:04:30 +04:00
|
|
|
if (strncasecmp(cmdp, "PASS", 4) != 0 &&
|
|
|
|
strncasecmp(cmdp, "ACCT", 4) != 0)
|
|
|
|
setproctitle("%s: %s", proctitle, cmdp);
|
2000-11-30 05:59:11 +03:00
|
|
|
#endif /* HAVE_SETPROCTITLE */
|
1998-09-07 12:11:20 +04:00
|
|
|
*cp++ = '\n';
|
|
|
|
*cp = '\0';
|
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
if ((cp = strpbrk(cmdp, " \n")))
|
|
|
|
cpos = cp - cmdp;
|
1998-09-07 12:11:20 +04:00
|
|
|
if (cpos == 0)
|
|
|
|
cpos = 4;
|
2001-04-02 03:04:30 +04:00
|
|
|
c = cmdp[cpos];
|
|
|
|
cmdp[cpos] = '\0';
|
|
|
|
p = lookup(cmdtab, cmdp);
|
|
|
|
cmdp[cpos] = c;
|
1998-09-07 12:11:20 +04:00
|
|
|
if (p != NULL) {
|
2001-04-02 03:04:30 +04:00
|
|
|
if (is_oob && ! CMD_OOB(p)) {
|
|
|
|
/* command will be handled in-band */
|
|
|
|
return (0);
|
|
|
|
} else if (! CMD_IMPLEMENTED(p)) {
|
1998-09-07 12:11:20 +04:00
|
|
|
reply(502, "%s command not implemented.",
|
|
|
|
p->name);
|
|
|
|
hasyyerrored = 1;
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
state = p->state;
|
|
|
|
yylval.s = p->name;
|
|
|
|
return (p->token);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SITECMD:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == ' ') {
|
1998-09-07 12:11:20 +04:00
|
|
|
cpos++;
|
|
|
|
return (SP);
|
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
cp = &cmdp[cpos];
|
1998-09-07 12:11:20 +04:00
|
|
|
if ((cp2 = strpbrk(cp, " \n")))
|
2001-04-02 03:04:30 +04:00
|
|
|
cpos = cp2 - cmdp;
|
|
|
|
c = cmdp[cpos];
|
|
|
|
cmdp[cpos] = '\0';
|
1998-09-07 12:11:20 +04:00
|
|
|
p = lookup(sitetab, cp);
|
2001-04-02 03:04:30 +04:00
|
|
|
cmdp[cpos] = c;
|
1998-09-07 12:11:20 +04:00
|
|
|
if (p != NULL) {
|
2000-06-14 17:44:21 +04:00
|
|
|
if (!CMD_IMPLEMENTED(p)) {
|
1998-09-07 12:11:20 +04:00
|
|
|
reply(502, "SITE %s command not implemented.",
|
|
|
|
p->name);
|
|
|
|
hasyyerrored = 1;
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
state = p->state;
|
|
|
|
yylval.s = p->name;
|
|
|
|
return (p->token);
|
|
|
|
}
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case OSTR:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == '\n') {
|
|
|
|
state = EOLN;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (CRLF);
|
|
|
|
}
|
|
|
|
/* FALLTHROUGH */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case STR1:
|
|
|
|
case ZSTR1:
|
|
|
|
dostr1:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == ' ') {
|
1998-09-07 12:11:20 +04:00
|
|
|
cpos++;
|
1999-10-04 21:36:52 +04:00
|
|
|
state = state == OSTR ? STR2 : state+1;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (SP);
|
|
|
|
}
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case ZSTR2:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == '\n') {
|
|
|
|
state = EOLN;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (CRLF);
|
|
|
|
}
|
|
|
|
/* FALLTHROUGH */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case STR2:
|
2001-04-02 03:04:30 +04:00
|
|
|
cp = &cmdp[cpos];
|
1998-09-07 12:11:20 +04:00
|
|
|
n = strlen(cp);
|
|
|
|
cpos += n - 1;
|
|
|
|
/*
|
|
|
|
* Make sure the string is nonempty and \n terminated.
|
|
|
|
*/
|
2001-04-02 03:04:30 +04:00
|
|
|
if (n > 1 && cmdp[cpos] == '\n') {
|
|
|
|
cmdp[cpos] = '\0';
|
1998-09-07 12:11:20 +04:00
|
|
|
yylval.s = xstrdup(cp);
|
2001-04-02 03:04:30 +04:00
|
|
|
cmdp[cpos] = '\n';
|
1998-09-07 12:11:20 +04:00
|
|
|
state = ARGS;
|
|
|
|
return (STRING);
|
|
|
|
}
|
|
|
|
break;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case NSTR:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == ' ') {
|
1998-09-07 12:11:20 +04:00
|
|
|
cpos++;
|
|
|
|
return (SP);
|
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
if (isdigit(cmdp[cpos])) {
|
|
|
|
cp = &cmdp[cpos];
|
|
|
|
while (isdigit(cmdp[++cpos]))
|
1998-09-07 12:11:20 +04:00
|
|
|
;
|
2001-04-02 03:04:30 +04:00
|
|
|
c = cmdp[cpos];
|
|
|
|
cmdp[cpos] = '\0';
|
1998-09-07 12:11:20 +04:00
|
|
|
yylval.i = atoi(cp);
|
2001-04-02 03:04:30 +04:00
|
|
|
cmdp[cpos] = c;
|
1993-03-21 12:45:37 +03:00
|
|
|
state = STR1;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (NUMBER);
|
|
|
|
}
|
|
|
|
state = STR1;
|
|
|
|
goto dostr1;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case ARGS:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (isdigit(cmdp[cpos])) {
|
|
|
|
cp = &cmdp[cpos];
|
|
|
|
while (isdigit(cmdp[++cpos]))
|
1998-09-07 12:11:20 +04:00
|
|
|
;
|
2001-04-02 03:04:30 +04:00
|
|
|
c = cmdp[cpos];
|
|
|
|
cmdp[cpos] = '\0';
|
1998-09-07 12:11:20 +04:00
|
|
|
yylval.i = atoi(cp);
|
2001-04-02 03:04:30 +04:00
|
|
|
cmdp[cpos] = c;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (NUMBER);
|
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
if (strncasecmp(&cmdp[cpos], "ALL", 3) == 0
|
|
|
|
&& !isalnum(cmdp[cpos + 3])) {
|
1999-07-02 09:52:14 +04:00
|
|
|
yylval.s = xstrdup("ALL");
|
|
|
|
cpos += 3;
|
|
|
|
return ALL;
|
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
switch (cmdp[cpos++]) {
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case '\n':
|
2001-04-02 03:04:30 +04:00
|
|
|
state = EOLN;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (CRLF);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case ' ':
|
|
|
|
return (SP);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case ',':
|
|
|
|
return (COMMA);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'A':
|
|
|
|
case 'a':
|
|
|
|
return (A);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'B':
|
|
|
|
case 'b':
|
|
|
|
return (B);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'C':
|
|
|
|
case 'c':
|
|
|
|
return (C);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'E':
|
|
|
|
case 'e':
|
|
|
|
return (E);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'F':
|
|
|
|
case 'f':
|
|
|
|
return (F);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'I':
|
|
|
|
case 'i':
|
|
|
|
return (I);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'L':
|
|
|
|
case 'l':
|
|
|
|
return (L);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'N':
|
|
|
|
case 'n':
|
|
|
|
return (N);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'P':
|
|
|
|
case 'p':
|
|
|
|
return (P);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'R':
|
|
|
|
case 'r':
|
|
|
|
return (R);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'S':
|
|
|
|
case 's':
|
|
|
|
return (S);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case 'T':
|
|
|
|
case 't':
|
|
|
|
return (T);
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
}
|
|
|
|
break;
|
1998-09-05 21:33:00 +04:00
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
case NOARGS:
|
2001-04-02 03:04:30 +04:00
|
|
|
if (cmdp[cpos] == '\n') {
|
|
|
|
state = EOLN;
|
1998-09-07 12:11:20 +04:00
|
|
|
return (CRLF);
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
2001-04-02 03:04:30 +04:00
|
|
|
c = cmdp[cpos];
|
|
|
|
cmdp[cpos] = '\0';
|
|
|
|
reply(501, "'%s' command does not take any arguments.", cmdp);
|
1998-09-07 12:11:20 +04:00
|
|
|
hasyyerrored = 1;
|
2001-04-02 03:04:30 +04:00
|
|
|
cmdp[cpos] = c;
|
1998-09-07 12:11:20 +04:00
|
|
|
break;
|
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
case EOLN:
|
|
|
|
state = CMD;
|
|
|
|
return (0);
|
|
|
|
|
1998-09-07 12:11:20 +04:00
|
|
|
default:
|
|
|
|
fatal("Unknown state in scanner.");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
1998-09-07 12:11:20 +04:00
|
|
|
yyerror(NULL);
|
|
|
|
state = CMD;
|
2001-04-02 03:04:30 +04:00
|
|
|
is_oob = 0;
|
1998-09-07 12:11:20 +04:00
|
|
|
longjmp(errcatch, 0);
|
|
|
|
/* NOTREACHED */
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
|
1998-09-06 14:39:40 +04:00
|
|
|
/* ARGSUSED */
|
|
|
|
void
|
2000-05-20 06:20:18 +04:00
|
|
|
yyerror(char *s)
|
1998-09-06 14:39:40 +04:00
|
|
|
{
|
|
|
|
char *cp;
|
|
|
|
|
2001-04-02 03:04:30 +04:00
|
|
|
if (hasyyerrored || is_oob)
|
1998-09-06 14:39:40 +04:00
|
|
|
return;
|
2001-04-02 03:04:30 +04:00
|
|
|
if ((cp = strchr(cmdp,'\n')) != NULL)
|
1998-09-06 14:39:40 +04:00
|
|
|
*cp = '\0';
|
2001-04-02 03:04:30 +04:00
|
|
|
reply(500, "'%s': command not understood.", cmdp);
|
1998-09-06 14:39:40 +04:00
|
|
|
hasyyerrored = 1;
|
|
|
|
}
|
|
|
|
|
1994-06-29 05:49:37 +04:00
|
|
|
static void
|
2000-05-20 06:20:18 +04:00
|
|
|
help(struct tab *ctab, const char *s)
|
1993-03-21 12:45:37 +03:00
|
|
|
{
|
1994-06-29 05:49:37 +04:00
|
|
|
struct tab *c;
|
|
|
|
int width, NCMDS;
|
1993-03-21 12:45:37 +03:00
|
|
|
char *type;
|
|
|
|
|
|
|
|
if (ctab == sitetab)
|
|
|
|
type = "SITE ";
|
|
|
|
else
|
|
|
|
type = "";
|
|
|
|
width = 0, NCMDS = 0;
|
|
|
|
for (c = ctab; c->name != NULL; c++) {
|
|
|
|
int len = strlen(c->name);
|
|
|
|
|
|
|
|
if (len > width)
|
|
|
|
width = len;
|
|
|
|
NCMDS++;
|
|
|
|
}
|
|
|
|
width = (width + 8) &~ 7;
|
|
|
|
if (s == 0) {
|
1994-06-29 05:49:37 +04:00
|
|
|
int i, j, w;
|
1993-03-21 12:45:37 +03:00
|
|
|
int columns, lines;
|
|
|
|
|
2000-07-08 22:24:28 +04:00
|
|
|
reply(-214, "%s", "");
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
reply(0, "The following %scommands are recognized.", type);
|
|
|
|
reply(0, "(`-' = not implemented, `+' = supports options)");
|
1993-03-21 12:45:37 +03:00
|
|
|
columns = 76 / width;
|
|
|
|
if (columns == 0)
|
|
|
|
columns = 1;
|
|
|
|
lines = (NCMDS + columns - 1) / columns;
|
|
|
|
for (i = 0; i < lines; i++) {
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
cprintf(stdout, " ");
|
1993-03-21 12:45:37 +03:00
|
|
|
for (j = 0; j < columns; j++) {
|
|
|
|
c = ctab + j * lines + i;
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
cprintf(stdout, "%s", c->name);
|
1998-09-07 12:11:20 +04:00
|
|
|
w = strlen(c->name);
|
2000-06-14 17:44:21 +04:00
|
|
|
if (! CMD_IMPLEMENTED(c)) {
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
CPUTC('-', stdout);
|
1998-09-07 12:11:20 +04:00
|
|
|
w++;
|
|
|
|
}
|
2000-06-14 17:44:21 +04:00
|
|
|
if (CMD_HAS_OPTIONS(c)) {
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
CPUTC('+', stdout);
|
1998-09-07 12:11:20 +04:00
|
|
|
w++;
|
|
|
|
}
|
1993-03-21 12:45:37 +03:00
|
|
|
if (c + lines >= &ctab[NCMDS])
|
|
|
|
break;
|
|
|
|
while (w < width) {
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
CPUTC(' ', stdout);
|
1993-03-21 12:45:37 +03:00
|
|
|
w++;
|
|
|
|
}
|
|
|
|
}
|
various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()
other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
lreply(-2, ) or lreply(-1, ).
now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
|
|
|
cprintf(stdout, "\r\n");
|
1993-03-21 12:45:37 +03:00
|
|
|
}
|
|
|
|
(void) fflush(stdout);
|
|
|
|
reply(214, "Direct comments to ftp-bugs@%s.", hostname);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
c = lookup(ctab, s);
|
|
|
|
if (c == (struct tab *)0) {
|
|
|
|
reply(502, "Unknown command %s.", s);
|
|
|
|
return;
|
|
|
|
}
|
2000-06-14 17:44:21 +04:00
|
|
|
if (CMD_IMPLEMENTED(c))
|
1993-03-21 12:45:37 +03:00
|
|
|
reply(214, "Syntax: %s%s %s", type, c->name, c->help);
|
|
|
|
else
|
1998-09-07 12:11:20 +04:00
|
|
|
reply(214, "%s%-*s\t%s; not implemented.", type, width,
|
1993-03-21 12:45:37 +03:00
|
|
|
c->name, c->help);
|
|
|
|
}
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check that the structures used for a PORT, LPRT or EPRT command are
|
|
|
|
* valid (data_dest, his_addr), and if necessary, detect ftp bounce attacks.
|
|
|
|
* If family != -1 check that his_addr.su_family == family.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
port_check(const char *cmd, int family)
|
|
|
|
{
|
2001-04-10 05:41:18 +04:00
|
|
|
char h1[NI_MAXHOST], h2[NI_MAXHOST];
|
|
|
|
char s1[NI_MAXHOST], s2[NI_MAXHOST];
|
|
|
|
#ifdef NI_WITHSCOPEID
|
|
|
|
const int niflags = NI_NUMERICHOST | NI_NUMERICSERV | NI_WITHSCOPEID;
|
|
|
|
#else
|
|
|
|
const int niflags = NI_NUMERICHOST | NI_NUMERICSERV;
|
|
|
|
#endif
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
|
|
|
|
if (epsvall) {
|
|
|
|
reply(501, "%s disallowed after EPSV ALL", cmd);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (family != -1 && his_addr.su_family != family) {
|
|
|
|
port_check_fail:
|
|
|
|
reply(500, "Illegal %s command rejected", cmd);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (data_dest.su_family != his_addr.su_family)
|
|
|
|
goto port_check_fail;
|
|
|
|
|
|
|
|
/* be paranoid, if told so */
|
2000-11-16 16:15:13 +03:00
|
|
|
if (CURCLASS_FLAGS_ISSET(checkportcmd)) {
|
2000-09-15 18:55:16 +04:00
|
|
|
#ifdef INET6
|
2001-04-10 05:41:18 +04:00
|
|
|
/*
|
|
|
|
* be paranoid, there are getnameinfo implementation that does
|
|
|
|
* not present scopeid portion
|
|
|
|
*/
|
|
|
|
if (data_dest.su_family == AF_INET6 &&
|
|
|
|
data_dest.su_scope_id != his_addr.su_scope_id)
|
|
|
|
goto port_check_fail;
|
2000-09-15 18:55:16 +04:00
|
|
|
#endif
|
2001-04-10 05:41:18 +04:00
|
|
|
|
|
|
|
if (getnameinfo((struct sockaddr *)&data_dest, data_dest.su_len,
|
|
|
|
h1, sizeof(h1), s1, sizeof(s1), niflags))
|
|
|
|
goto port_check_fail;
|
|
|
|
if (getnameinfo((struct sockaddr *)&his_addr, his_addr.su_len,
|
|
|
|
h2, sizeof(h2), s2, sizeof(s2), niflags))
|
|
|
|
goto port_check_fail;
|
|
|
|
|
|
|
|
if (atoi(s1) < IPPORT_RESERVED || strcmp(h1, h2) != 0)
|
* make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
> IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
merge). if root privs have been dropped, and this would be a port <
IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 18:40:48 +04:00
|
|
|
goto port_check_fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
usedefault = 0;
|
|
|
|
if (pdata >= 0) {
|
|
|
|
(void) close(pdata);
|
|
|
|
pdata = -1;
|
|
|
|
}
|
|
|
|
reply(200, "%s command successful.", cmd);
|
|
|
|
}
|