NetBSD/libexec/ftpd/ftpcmd.y

1876 lines
38 KiB
Plaintext
Raw Normal View History

/* $NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $ */
/*-
* Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Luke Mewburn.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
1993-03-21 12:45:37 +03:00
/*
1994-06-29 05:49:37 +04:00
* Copyright (c) 1985, 1988, 1993, 1994
* The Regents of the University of California. All rights reserved.
1993-03-21 12:45:37 +03:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
1993-03-21 12:45:37 +03:00
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
1994-06-29 05:49:37 +04:00
* @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94
1993-03-21 12:45:37 +03:00
*/
/*
* Grammar for FTP commands.
* See RFC 959.
*/
%{
#include <sys/cdefs.h>
1993-03-21 12:45:37 +03:00
#ifndef lint
#if 0
1994-06-29 05:49:37 +04:00
static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94";
#else
__RCSID("$NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $");
#endif
1993-03-21 12:45:37 +03:00
#endif /* not lint */
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/stat.h>
1994-06-29 05:49:37 +04:00
1993-03-21 12:45:37 +03:00
#include <netinet/in.h>
#include <arpa/ftp.h>
#include <arpa/inet.h>
1994-06-29 05:49:37 +04:00
#include <ctype.h>
#include <errno.h>
1993-03-21 12:45:37 +03:00
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
1994-06-29 05:49:37 +04:00
#include <syslog.h>
#include <time.h>
#include <tzfile.h>
1994-06-29 05:49:37 +04:00
#include <unistd.h>
#include <netdb.h>
1994-06-29 05:49:37 +04:00
#ifdef KERBEROS5
1999-08-25 20:23:52 +04:00
#include <krb5/krb5.h>
#endif
1994-06-29 05:49:37 +04:00
#include "extern.h"
#include "version.h"
1993-03-21 12:45:37 +03:00
static int cmd_type;
static int cmd_form;
static int cmd_bytesz;
char cbuf[FTP_BUFLEN];
char *cmdp;
1993-03-21 12:45:37 +03:00
char *fromname;
extern int epsvall;
struct tab sitetab[];
static int check_write(const char *, int);
static void help(struct tab *, const char *);
static void port_check(const char *, int);
int yylex(void);
1993-03-21 12:45:37 +03:00
%}
1994-06-29 05:49:37 +04:00
%union {
struct {
LLT ll;
int i;
} u;
char *s;
const char *cs;
1994-06-29 05:49:37 +04:00
}
1993-03-21 12:45:37 +03:00
%token
A B C E F I
L N P R S T
SP CRLF COMMA ALL
1993-03-21 12:45:37 +03:00
USER PASS ACCT CWD CDUP SMNT
QUIT REIN PORT PASV TYPE STRU
MODE RETR STOR STOU APPE ALLO
REST RNFR RNTO ABOR DELE RMD
MKD PWD LIST NLST SITE SYST
STAT HELP NOOP
AUTH ADAT PROT PBSZ CCC MIC
CONF ENC
FEAT OPTS
SIZE MDTM MLST MLSD
1993-03-21 12:45:37 +03:00
LPRT LPSV EPRT EPSV
MAIL MLFL MRCP MRSQ MSAM MSND
MSOM
CHMOD IDLE RATEGET RATEPUT UMASK
1993-03-21 12:45:37 +03:00
LEXERR
1994-06-29 05:49:37 +04:00
%token <s> STRING
%token <u> NUMBER
1994-06-29 05:49:37 +04:00
%type <u.i> check_login octal_number byte_size
%type <u.i> struct_code mode_code type_code form_code decimal_integer
1994-06-29 05:49:37 +04:00
%type <s> pathstring pathname password username
%type <s> mechanism_name base64data prot_code
1994-06-29 05:49:37 +04:00
%start cmd_sel
1993-03-21 12:45:37 +03:00
%%
cmd_sel
: cmd
1994-06-29 05:49:37 +04:00
{
REASSIGN(fromname, NULL);
1993-03-21 12:45:37 +03:00
restart_point = (off_t) 0;
}
| rcmd
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
cmd
/* RFC 959 */
1994-06-29 05:49:37 +04:00
: USER SP username CRLF
{
user($3);
free($3);
1993-03-21 12:45:37 +03:00
}
1994-06-29 05:49:37 +04:00
| PASS SP password CRLF
{
pass($3);
explicit_memset($3, 0, strlen($3));
1994-06-29 05:49:37 +04:00
free($3);
1993-03-21 12:45:37 +03:00
}
| CWD check_login CRLF
{
if ($2)
cwd(homedir);
}
| CWD check_login SP pathname CRLF
{
if ($2 && $4 != NULL)
cwd($4);
if ($4 != NULL)
free($4);
}
| CDUP check_login CRLF
{
if ($2)
cwd("..");
}
| QUIT CRLF
{
if (logged_in) {
2000-07-08 22:24:28 +04:00
reply(-221, "%s", "");
reply(0,
"Data traffic for this session was " LLF " byte%s in " LLF " file%s.",
(LLT)total_data, PLURAL(total_data),
(LLT)total_files, PLURAL(total_files));
reply(0,
"Total traffic for this session was " LLF " byte%s in " LLF " transfer%s.",
(LLT)total_bytes, PLURAL(total_bytes),
(LLT)total_xfers, PLURAL(total_xfers));
}
reply(221,
"Thank you for using the FTP service on %s.",
hostname);
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
if (logged_in && logging) {
syslog(LOG_INFO,
"Data traffic: " LLF " byte%s in " LLF " file%s",
(LLT)total_data, PLURAL(total_data),
(LLT)total_files, PLURAL(total_files));
syslog(LOG_INFO,
"Total traffic: " LLF " byte%s in " LLF " transfer%s",
(LLT)total_bytes, PLURAL(total_bytes),
(LLT)total_xfers, PLURAL(total_xfers));
}
dologout(0);
}
| PORT check_login SP host_port CRLF
1994-06-29 05:49:37 +04:00
{
if ($2)
port_check("PORT", AF_INET);
}
| LPRT check_login SP host_long_port4 CRLF
{
if ($2)
port_check("LPRT", AF_INET);
}
| LPRT check_login SP host_long_port6 CRLF
{
#ifdef INET6
if ($2)
port_check("LPRT", AF_INET6);
#else
reply(500, "IPv6 support not available.");
#endif
}
| EPRT check_login SP STRING CRLF
{
if ($2) {
if (extended_port($4) == 0)
port_check("EPRT", -1);
}
free($4);
1993-03-21 12:45:37 +03:00
}
| PASV check_login CRLF
1994-06-29 05:49:37 +04:00
{
if ($2) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (CURCLASS_FLAGS_ISSET(passive))
passive();
else
reply(500, "PASV mode not available.");
}
1993-03-21 12:45:37 +03:00
}
| LPSV check_login CRLF
{
if ($2) {
if (CURCLASS_FLAGS_ISSET(passive)) {
if (epsvall)
reply(501,
"LPSV disallowed after EPSV ALL");
else
long_passive("LPSV", PF_UNSPEC);
} else
reply(500, "LPSV mode not available.");
}
}
| EPSV check_login SP NUMBER CRLF
{
if ($2) {
if (CURCLASS_FLAGS_ISSET(passive))
long_passive("EPSV",
epsvproto2af($4.i));
else
reply(500, "EPSV mode not available.");
}
}
| EPSV check_login SP ALL CRLF
{
if ($2) {
if (CURCLASS_FLAGS_ISSET(passive)) {
reply(200,
"EPSV ALL command successful.");
epsvall++;
} else
reply(500, "EPSV mode not available.");
}
}
| EPSV check_login CRLF
{
if ($2) {
if (CURCLASS_FLAGS_ISSET(passive))
long_passive("EPSV", PF_UNSPEC);
else
reply(500, "EPSV mode not available.");
}
}
| TYPE check_login SP type_code CRLF
1994-06-29 05:49:37 +04:00
{
if ($2) {
1993-03-21 12:45:37 +03:00
switch (cmd_type) {
case TYPE_A:
if (cmd_form == FORM_N) {
reply(200, "Type set to A.");
type = cmd_type;
form = cmd_form;
} else
reply(504, "Form must be N.");
break;
case TYPE_E:
reply(504, "Type E not implemented.");
break;
case TYPE_I:
reply(200, "Type set to I.");
type = cmd_type;
break;
case TYPE_L:
#if NBBY == 8
if (cmd_bytesz == 8) {
reply(200,
"Type set to L (byte size 8).");
type = cmd_type;
} else
reply(504, "Byte size must be 8.");
#else /* NBBY == 8 */
UNIMPLEMENTED for NBBY != 8
#endif /* NBBY == 8 */
}
}
1993-03-21 12:45:37 +03:00
}
| STRU check_login SP struct_code CRLF
1994-06-29 05:49:37 +04:00
{
if ($2) {
switch ($4) {
1993-03-21 12:45:37 +03:00
case STRU_F:
reply(200, "STRU F ok.");
break;
1993-03-21 12:45:37 +03:00
default:
reply(504, "Unimplemented STRU type.");
}
1993-03-21 12:45:37 +03:00
}
}
| MODE check_login SP mode_code CRLF
1994-06-29 05:49:37 +04:00
{
if ($2) {
switch ($4) {
1993-03-21 12:45:37 +03:00
case MODE_S:
reply(200, "MODE S ok.");
break;
1993-03-21 12:45:37 +03:00
default:
reply(502, "Unimplemented MODE type.");
}
1993-03-21 12:45:37 +03:00
}
}
1994-06-29 05:49:37 +04:00
| RETR check_login SP pathname CRLF
{
1993-03-21 12:45:37 +03:00
if ($2 && $4 != NULL)
retrieve(NULL, $4);
1993-03-21 12:45:37 +03:00
if ($4 != NULL)
1994-06-29 05:49:37 +04:00
free($4);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| STOR SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 1))
store($3, "w", 0);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| STOU SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 1))
store($3, "w", 1);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| APPE SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 1))
store($3, "a", 0);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
| ALLO check_login SP NUMBER CRLF
1994-06-29 05:49:37 +04:00
{
if ($2)
reply(202, "ALLO command ignored.");
1993-03-21 12:45:37 +03:00
}
| ALLO check_login SP NUMBER SP R SP NUMBER CRLF
1994-06-29 05:49:37 +04:00
{
if ($2)
reply(202, "ALLO command ignored.");
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| RNTO SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 0)) {
if (fromname) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
renamecmd(fromname, $3);
REASSIGN(fromname, NULL);
} else {
reply(503, "Bad sequence of commands.");
}
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
| ABOR check_login CRLF
1994-06-29 05:49:37 +04:00
{
if (is_oob)
abor();
else if ($2)
reply(225, "ABOR command successful.");
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| DELE SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 0))
delete($3);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| RMD SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 0))
removedir($3);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| MKD SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($3, 0))
makedir($3);
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
| PWD check_login CRLF
{
if ($2)
pwd();
}
| LIST check_login CRLF
{
const char *argv[] = { INTERNAL_LS, "-lgA", NULL };
if (CURCLASS_FLAGS_ISSET(hidesymlinks))
argv[1] = "-LlgA";
if ($2)
retrieve(argv, "");
}
| LIST check_login SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
const char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL };
if (CURCLASS_FLAGS_ISSET(hidesymlinks))
argv[1] = "-LlgA";
if ($2 && $4 != NULL) {
argv[2] = $4;
retrieve(argv, $4);
}
1993-03-21 12:45:37 +03:00
if ($4 != NULL)
1994-06-29 05:49:37 +04:00
free($4);
1993-03-21 12:45:37 +03:00
}
| NLST check_login CRLF
1994-06-29 05:49:37 +04:00
{
1993-03-21 12:45:37 +03:00
if ($2)
send_file_list(".");
1993-03-21 12:45:37 +03:00
}
| NLST check_login SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
if ($2)
send_file_list($4);
free($4);
1993-03-21 12:45:37 +03:00
}
1994-06-29 05:49:37 +04:00
| SITE SP HELP CRLF
{
help(sitetab, NULL);
1993-03-21 12:45:37 +03:00
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| SITE SP CHMOD SP octal_number SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (check_write($7, 0)) {
if (($5 == -1) || ($5 > 0777))
1993-03-21 12:45:37 +03:00
reply(501,
"CHMOD: Mode value must be between 0 and 0777");
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
else if (chmod($7, $5) < 0)
perror_reply(550, $7);
1993-03-21 12:45:37 +03:00
else
reply(200, "CHMOD command successful.");
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if ($7 != NULL)
free($7);
1993-03-21 12:45:37 +03:00
}
| SITE SP HELP SP STRING CRLF
{
help(sitetab, $5);
free($5);
}
| SITE SP IDLE check_login CRLF
1994-06-29 05:49:37 +04:00
{
if ($4) {
reply(200,
"Current IDLE time limit is " LLF
" seconds; max " LLF,
(LLT)curclass.timeout,
(LLT)curclass.maxtimeout);
}
1993-03-21 12:45:37 +03:00
}
| SITE SP IDLE check_login SP NUMBER CRLF
1994-06-29 05:49:37 +04:00
{
if ($4) {
if ($6.i < 30 || $6.i > curclass.maxtimeout) {
reply(501,
"IDLE time limit must be between 30 and "
LLF " seconds",
(LLT)curclass.maxtimeout);
} else {
curclass.timeout = $6.i;
(void) alarm(curclass.timeout);
reply(200,
"IDLE time limit set to "
LLF " seconds",
(LLT)curclass.timeout);
}
1993-03-21 12:45:37 +03:00
}
}
| SITE SP RATEGET check_login CRLF
{
if ($4) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
reply(200,
"Current RATEGET is " LLF " bytes/sec",
(LLT)curclass.rateget);
}
}
| SITE SP RATEGET check_login SP STRING CRLF
{
char errbuf[100];
char *p = $6;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
LLT rate;
if ($4) {
rate = strsuftollx("RATEGET", p, 0,
curclass.maxrateget
? curclass.maxrateget
: LLTMAX, errbuf, sizeof(errbuf));
if (errbuf[0])
reply(501, "%s", errbuf);
else {
curclass.rateget = rate;
reply(200,
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
"RATEGET set to " LLF " bytes/sec",
(LLT)curclass.rateget);
}
}
free($6);
}
| SITE SP RATEPUT check_login CRLF
{
if ($4) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
reply(200,
"Current RATEPUT is " LLF " bytes/sec",
(LLT)curclass.rateput);
}
}
| SITE SP RATEPUT check_login SP STRING CRLF
{
char errbuf[100];
char *p = $6;
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
LLT rate;
if ($4) {
rate = strsuftollx("RATEPUT", p, 0,
curclass.maxrateput
? curclass.maxrateput
: LLTMAX, errbuf, sizeof(errbuf));
if (errbuf[0])
reply(501, "%s", errbuf);
else {
curclass.rateput = rate;
reply(200,
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
"RATEPUT set to " LLF " bytes/sec",
(LLT)curclass.rateput);
}
}
free($6);
}
| SITE SP UMASK check_login CRLF
{
int oldmask;
if ($4) {
oldmask = umask(0);
(void) umask(oldmask);
reply(200, "Current UMASK is %03o", oldmask);
}
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| SITE SP UMASK check_login SP octal_number CRLF
{
int oldmask;
if ($4 && check_write("", 0)) {
if (($6 == -1) || ($6 > 0777)) {
reply(501, "Bad UMASK value");
} else {
oldmask = umask($6);
reply(200,
"UMASK set to %03o (was %03o)",
$6, oldmask);
}
}
}
| SYST CRLF
{
if (EMPTYSTR(version))
reply(215, "UNIX Type: L%d", NBBY);
else
reply(215, "UNIX Type: L%d Version: %s", NBBY,
version);
}
| STAT check_login SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
1993-03-21 12:45:37 +03:00
if ($2 && $4 != NULL)
statfilecmd($4);
1993-03-21 12:45:37 +03:00
if ($4 != NULL)
1994-06-29 05:49:37 +04:00
free($4);
1993-03-21 12:45:37 +03:00
}
| STAT CRLF
1994-06-29 05:49:37 +04:00
{
if (is_oob)
statxfer();
else
statcmd();
}
| HELP CRLF
{
help(cmdtab, NULL);
1993-03-21 12:45:37 +03:00
}
| HELP SP STRING CRLF
{
char *cp = $3;
if (strncasecmp(cp, "SITE", 4) == 0) {
cp = $3 + 4;
if (*cp == ' ')
cp++;
if (*cp)
help(sitetab, cp);
else
help(sitetab, NULL);
} else
help(cmdtab, $3);
free($3);
}
| NOOP CRLF
{
reply(200, "NOOP command successful.");
}
/* RFC 2228 */
| AUTH SP mechanism_name CRLF
{
reply(502, "RFC 2228 authentication not implemented.");
free($3);
}
| ADAT SP base64data CRLF
{
reply(503,
"Please set authentication state with AUTH.");
free($3);
}
| PROT SP prot_code CRLF
{
reply(503,
"Please set protection buffer size with PBSZ.");
free($3);
}
| PBSZ SP decimal_integer CRLF
{
reply(503,
"Please set authentication state with AUTH.");
}
| CCC CRLF
{
reply(533, "No protection enabled.");
}
| MIC SP base64data CRLF
{
reply(502, "RFC 2228 authentication not implemented.");
free($3);
}
| CONF SP base64data CRLF
{
reply(502, "RFC 2228 authentication not implemented.");
free($3);
}
| ENC SP base64data CRLF
{
reply(502, "RFC 2228 authentication not implemented.");
free($3);
}
/* RFC 2389 */
| FEAT CRLF
{
feat();
}
| OPTS SP STRING CRLF
{
opts($3);
free($3);
}
/* RFC 3659 */
1993-03-21 12:45:37 +03:00
/*
* Return size of file in a format suitable for
* using with RESTART (we just count bytes).
*/
1994-06-29 05:49:37 +04:00
| SIZE check_login SP pathname CRLF
{
1993-03-21 12:45:37 +03:00
if ($2 && $4 != NULL)
1994-06-29 05:49:37 +04:00
sizecmd($4);
1993-03-21 12:45:37 +03:00
if ($4 != NULL)
1994-06-29 05:49:37 +04:00
free($4);
1993-03-21 12:45:37 +03:00
}
/*
* Return modification time of file as an ISO 3307
* style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx
* where xxx is the fractional second (of any precision,
* not necessarily 3 digits)
*/
1994-06-29 05:49:37 +04:00
| MDTM check_login SP pathname CRLF
{
1993-03-21 12:45:37 +03:00
if ($2 && $4 != NULL) {
struct stat stbuf;
1994-06-29 05:49:37 +04:00
if (stat($4, &stbuf) < 0)
perror_reply(550, $4);
1994-06-29 05:49:37 +04:00
else if (!S_ISREG(stbuf.st_mode)) {
reply(550, "%s: not a plain file.", $4);
1993-03-21 12:45:37 +03:00
} else {
1994-06-29 05:49:37 +04:00
struct tm *t;
1993-03-21 12:45:37 +03:00
t = gmtime(&stbuf.st_mtime);
reply(213,
"%04d%02d%02d%02d%02d%02d",
TM_YEAR_BASE + t->tm_year,
t->tm_mon+1, t->tm_mday,
1993-03-21 12:45:37 +03:00
t->tm_hour, t->tm_min, t->tm_sec);
}
}
if ($4 != NULL)
1994-06-29 05:49:37 +04:00
free($4);
1993-03-21 12:45:37 +03:00
}
| MLST check_login SP pathname CRLF
{
if ($2 && $4 != NULL)
mlst($4);
if ($4 != NULL)
free($4);
}
| MLST check_login CRLF
{
mlst(NULL);
}
| MLSD check_login SP pathname CRLF
{
if ($2 && $4 != NULL)
mlsd($4);
if ($4 != NULL)
free($4);
}
| MLSD check_login CRLF
{
mlsd(NULL);
}
1994-06-29 05:49:37 +04:00
| error CRLF
{
1993-03-21 12:45:37 +03:00
yyerrok;
}
;
1994-06-29 05:49:37 +04:00
rcmd
: REST check_login SP NUMBER CRLF
{
if ($2) {
REASSIGN(fromname, NULL);
restart_point = (off_t)$4.ll;
reply(350,
"Restarting at " LLF ". Send STORE or RETRIEVE to initiate transfer.",
(LLT)restart_point);
}
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
| RNFR SP pathname CRLF
1994-06-29 05:49:37 +04:00
{
1993-03-21 12:45:37 +03:00
restart_point = (off_t) 0;
if (check_write($3, 0)) {
REASSIGN(fromname, NULL);
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
fromname = renamefrom($3);
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if ($3 != NULL)
free($3);
1993-03-21 12:45:37 +03:00
}
;
1994-06-29 05:49:37 +04:00
username
: STRING
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
password
: /* empty */
{
$$ = (char *)calloc(1, sizeof(char));
1993-03-21 12:45:37 +03:00
}
1994-06-29 05:49:37 +04:00
| STRING
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
byte_size
: NUMBER
{
$$ = $1.i;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
host_port
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
1993-03-21 12:45:37 +03:00
NUMBER COMMA NUMBER
1994-06-29 05:49:37 +04:00
{
char *a, *p;
1993-03-21 12:45:37 +03:00
memset(&data_dest, 0, sizeof(data_dest));
data_dest.su_len = sizeof(struct sockaddr_in);
data_dest.su_family = AF_INET;
p = (char *)&data_dest.su_port;
p[0] = $9.i; p[1] = $11.i;
a = (char *)&data_dest.su_addr;
a[0] = $1.i; a[1] = $3.i; a[2] = $5.i; a[3] = $7.i;
1993-03-21 12:45:37 +03:00
}
;
host_long_port4
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER
{
char *a, *p;
memset(&data_dest, 0, sizeof(data_dest));
data_dest.su_len = sizeof(struct sockaddr_in);
data_dest.su_family = AF_INET;
p = (char *)&data_dest.su_port;
p[0] = $15.i; p[1] = $17.i;
a = (char *)&data_dest.su_addr;
a[0] = $5.i; a[1] = $7.i; a[2] = $9.i; a[3] = $11.i;
1999-07-12 00:09:23 +04:00
/* reject invalid LPRT command */
if ($1.i != 4 || $3.i != 4 || $13.i != 2)
1999-07-12 00:09:23 +04:00
memset(&data_dest, 0, sizeof(data_dest));
}
;
host_long_port6
: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
NUMBER
{
#ifdef INET6
unsigned char buf[16];
(void)memset(&data_dest, 0, sizeof(data_dest));
data_dest.su_len = sizeof(struct sockaddr_in6);
data_dest.su_family = AF_INET6;
buf[0] = $39.i; buf[1] = $41.i;
(void)memcpy(&data_dest.su_port, buf,
2011-07-01 06:46:15 +04:00
sizeof(data_dest.su_port));
buf[0] = $5.i; buf[1] = $7.i;
buf[2] = $9.i; buf[3] = $11.i;
buf[4] = $13.i; buf[5] = $15.i;
buf[6] = $17.i; buf[7] = $19.i;
buf[8] = $21.i; buf[9] = $23.i;
buf[10] = $25.i; buf[11] = $27.i;
buf[12] = $29.i; buf[13] = $31.i;
buf[14] = $33.i; buf[15] = $35.i;
(void)memcpy(&data_dest.si_su.su_sin6.sin6_addr,
buf, sizeof(data_dest.si_su.su_sin6.sin6_addr));
if (his_addr.su_family == AF_INET6) {
Features: * Add ftpd.conf(5) directive `advertise'; change the address that is advertised to the client for PASV transfers. this may be useful in certain firewall/NAT environments. Feature requested in [bin/9606] by Scott Presnell. * Add -X option; syslog wu-ftpd style xferlog messages, prefixed with `xferlog: '. An example line from syslog (wrapped): Dec 16 18:50:24 odysseus ftpd[571]: xferlog: Sat Dec 16 18:50:24 2000 2 localhost 3747328 /pub/WLW2K601.EXE b _ o a lukem@ FTP 0 * c These messages can be converted to a wu-ftpd style xferlog file suitable for parsing with third-party tools with something like: grep 'xferlog: ' /var/log/xferlog | \ sed -e 's/^.*xferlog: //' >wuxferlog The format is the same as the wu-ftpd xferlog entries (with the leading syslog stuff), but different from the wu-ftpd syslogged xferlog entries because the latter is not as easy to convert into the standard xferlog file format. The choice to only syslog the xferlog messages rather than append to a /var/log/xferlog file was made because the latter doesn't work to well in the situation where the logfile is rotated and compressed and a long-running ftpd still has a file-descriptor to the now nonexistant xferlog file, and the log message will then get lost. Feature requested in [bin/11651] by Hubert Feyrer. Fixes: * In ftpd(8), clarify the -a and -c options. * More clarifications in ftpd.conf(5). * Ensure that all ftpd.conf commands set a parameter back to sane defaults if an argument of `none' or bad settings are given. * Support the `chroot' directive for `REAL' users too (for consistency). * For `GUEST' users, store the supplied password in pw->pw_passwd for use later in the xferlog. * If show_chdir_messages() is given a code of -1, flush the cache of visited directories. Invoke show_chdir_messages(-1) in end_login(). * Only syslog session stats if logging is requested. * Rename logcmd() -> logxfer(), and dolog() -> logremotehost(). * Use cprintf() instead of fprintf() where appropriate. * Minor KNF, and make a couple of functions static that were declared static.
2000-12-18 05:32:50 +03:00
/* XXX: more sanity checks! */
data_dest.su_scope_id = his_addr.su_scope_id;
}
#else
memset(&data_dest, 0, sizeof(data_dest));
#endif /* INET6 */
1999-07-12 00:09:23 +04:00
/* reject invalid LPRT command */
if ($1.i != 6 || $3.i != 16 || $37.i != 2)
1999-07-12 00:09:23 +04:00
memset(&data_dest, 0, sizeof(data_dest));
}
;
1994-06-29 05:49:37 +04:00
form_code
: N
{
$$ = FORM_N;
}
1994-06-29 05:49:37 +04:00
| T
{
$$ = FORM_T;
}
1994-06-29 05:49:37 +04:00
| C
{
$$ = FORM_C;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
type_code
: A
{
cmd_type = TYPE_A;
cmd_form = FORM_N;
}
1994-06-29 05:49:37 +04:00
| A SP form_code
{
cmd_type = TYPE_A;
cmd_form = $3;
}
1994-06-29 05:49:37 +04:00
| E
{
cmd_type = TYPE_E;
cmd_form = FORM_N;
}
1994-06-29 05:49:37 +04:00
| E SP form_code
{
cmd_type = TYPE_E;
cmd_form = $3;
}
1994-06-29 05:49:37 +04:00
| I
{
cmd_type = TYPE_I;
}
1994-06-29 05:49:37 +04:00
| L
{
cmd_type = TYPE_L;
cmd_bytesz = NBBY;
}
1994-06-29 05:49:37 +04:00
| L SP byte_size
{
cmd_type = TYPE_L;
cmd_bytesz = $3;
}
1994-06-29 05:49:37 +04:00
/* this is for a bug in the BBN ftp */
| L byte_size
{
cmd_type = TYPE_L;
cmd_bytesz = $2;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
struct_code
: F
{
$$ = STRU_F;
}
1994-06-29 05:49:37 +04:00
| R
{
$$ = STRU_R;
}
1994-06-29 05:49:37 +04:00
| P
{
$$ = STRU_P;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
mode_code
: S
{
$$ = MODE_S;
}
1994-06-29 05:49:37 +04:00
| B
{
$$ = MODE_B;
}
1994-06-29 05:49:37 +04:00
| C
{
$$ = MODE_C;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
pathname
: pathstring
{
/*
* Problem: this production is used for all pathname
* processing, but only gives a 550 error reply.
* This is a valid reply in some cases but not in
* others.
1994-06-29 05:49:37 +04:00
*/
if (logged_in && $1 && *$1 == '~') {
char *path, *home, *result;
size_t len;
1994-06-29 05:49:37 +04:00
path = strchr($1 + 1, '/');
if (path != NULL)
*path++ = '\0';
if ($1[1] == '\0')
home = homedir;
else {
struct passwd *hpw;
if ((hpw = getpwnam($1 + 1)) != NULL)
home = hpw->pw_dir;
else
home = $1;
}
len = strlen(home) + 1;
if (path != NULL)
len += strlen(path) + 1;
if ((result = malloc(len)) == NULL)
fatal("Local resource failure: malloc");
strlcpy(result, home, len);
if (path != NULL) {
strlcat(result, "/", len);
strlcat(result, path, len);
1994-06-29 05:49:37 +04:00
}
$$ = result;
1994-06-29 05:49:37 +04:00
free($1);
} else
$$ = $1;
}
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
pathstring
: STRING
1993-03-21 12:45:37 +03:00
;
1994-06-29 05:49:37 +04:00
octal_number
: NUMBER
{
int ret, dec, multby, digit;
1993-03-21 12:45:37 +03:00
1994-06-29 05:49:37 +04:00
/*
* Convert a number that was read as decimal number
* to what it would be if it had been read as octal.
*/
dec = $1.i;
1994-06-29 05:49:37 +04:00
multby = 1;
ret = 0;
while (dec) {
digit = dec%10;
if (digit > 7) {
ret = -1;
break;
}
ret += digit * multby;
multby *= 8;
dec /= 10;
1993-03-21 12:45:37 +03:00
}
1994-06-29 05:49:37 +04:00
$$ = ret;
1993-03-21 12:45:37 +03:00
}
;
mechanism_name
: STRING
;
base64data
: STRING
;
prot_code
: STRING
;
decimal_integer
: NUMBER
{
$$ = $1.i;
}
;
1994-06-29 05:49:37 +04:00
check_login
: /* empty */
{
if (logged_in)
$$ = 1;
else {
reply(530, "Please login with USER and PASS.");
$$ = 0;
hasyyerrored = 1;
1994-06-29 05:49:37 +04:00
}
1993-03-21 12:45:37 +03:00
}
;
1993-03-21 12:45:37 +03:00
%%
#define CMD 0 /* beginning of command */
#define ARGS 1 /* expect miscellaneous arguments */
#define STR1 2 /* expect SP followed by STRING */
#define STR2 3 /* expect STRING */
#define OSTR 4 /* optional SP then STRING */
#define ZSTR1 5 /* SP then optional STRING */
#define ZSTR2 6 /* optional STRING after SP */
#define SITECMD 7 /* SITE command */
#define NSTR 8 /* Number followed by a string */
#define NOARGS 9 /* No arguments allowed */
#define EOLN 10 /* End of line */
1993-03-21 12:45:37 +03:00
struct tab cmdtab[] = {
/* From RFC 959, in order defined (5.3.1) */
{ "USER", USER, STR1, 1, "<sp> username", 0, },
{ "PASS", PASS, ZSTR1, 1, "<sp> password", 0, },
{ "ACCT", ACCT, STR1, 0, "(specify account)", 0, },
{ "CWD", CWD, OSTR, 1, "[ <sp> directory-name ]", 0, },
{ "CDUP", CDUP, NOARGS, 1, "(change to parent directory)", 0, },
{ "SMNT", SMNT, ARGS, 0, "(structure mount)", 0, },
{ "QUIT", QUIT, NOARGS, 1, "(terminate service)", 0, },
{ "REIN", REIN, NOARGS, 0, "(reinitialize server state)", 0, },
{ "PORT", PORT, ARGS, 1, "<sp> b0, b1, b2, b3, b4, b5", 0, },
{ "LPRT", LPRT, ARGS, 1, "<sp> af, hal, h1, h2, h3,..., pal, p1, p2...", 0, },
{ "EPRT", EPRT, STR1, 1, "<sp> |af|addr|port|", 0, },
{ "PASV", PASV, NOARGS, 1, "(set server in passive mode)", 0, },
{ "LPSV", LPSV, ARGS, 1, "(set server in passive mode)", 0, },
{ "EPSV", EPSV, ARGS, 1, "[<sp> af|ALL]", 0, },
{ "TYPE", TYPE, ARGS, 1, "<sp> [ A | E | I | L ]", 0, },
{ "STRU", STRU, ARGS, 1, "(specify file structure)", 0, },
{ "MODE", MODE, ARGS, 1, "(specify transfer mode)", 0, },
{ "RETR", RETR, STR1, 1, "<sp> file-name", 0, },
{ "STOR", STOR, STR1, 1, "<sp> file-name", 0, },
{ "STOU", STOU, STR1, 1, "<sp> file-name", 0, },
{ "APPE", APPE, STR1, 1, "<sp> file-name", 0, },
{ "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)", 0, },
{ "REST", REST, ARGS, 1, "<sp> offset (restart command)", 0, },
{ "RNFR", RNFR, STR1, 1, "<sp> file-name", 0, },
{ "RNTO", RNTO, STR1, 1, "<sp> file-name", 0, },
{ "ABOR", ABOR, NOARGS, 4, "(abort operation)", 0, },
{ "DELE", DELE, STR1, 1, "<sp> file-name", 0, },
{ "RMD", RMD, STR1, 1, "<sp> path-name", 0, },
{ "MKD", MKD, STR1, 1, "<sp> path-name", 0, },
{ "PWD", PWD, NOARGS, 1, "(return current directory)", 0, },
{ "LIST", LIST, OSTR, 1, "[ <sp> path-name ]", 0, },
{ "NLST", NLST, OSTR, 1, "[ <sp> path-name ]", 0, },
{ "SITE", SITE, SITECMD, 1, "site-cmd [ <sp> arguments ]", 0, },
{ "SYST", SYST, NOARGS, 1, "(get type of operating system)", 0, },
{ "STAT", STAT, OSTR, 4, "[ <sp> path-name ]", 0, },
{ "HELP", HELP, OSTR, 1, "[ <sp> <string> ]", 0, },
{ "NOOP", NOOP, NOARGS, 2, "", 0, },
/* From RFC 2228, in order defined */
{ "AUTH", AUTH, STR1, 1, "<sp> mechanism-name", 0, },
{ "ADAT", ADAT, STR1, 1, "<sp> base-64-data", 0, },
{ "PROT", PROT, STR1, 1, "<sp> prot-code", 0, },
{ "PBSZ", PBSZ, ARGS, 1, "<sp> decimal-integer", 0, },
{ "CCC", CCC, NOARGS, 1, "(Disable data protection)", 0, },
{ "MIC", MIC, STR1, 4, "<sp> base64data", 0, },
{ "CONF", CONF, STR1, 4, "<sp> base64data", 0, },
{ "ENC", ENC, STR1, 4, "<sp> base64data", 0, },
/* From RFC 2389, in order defined */
{ "FEAT", FEAT, NOARGS, 1, "(display extended features)", 0, },
{ "OPTS", OPTS, STR1, 1, "<sp> command [ <sp> options ]", 0, },
/* From RFC 3659, in order defined */
{ "MDTM", MDTM, OSTR, 1, "<sp> path-name", 0, },
{ "SIZE", SIZE, OSTR, 1, "<sp> path-name", 0, },
{ "MLST", MLST, OSTR, 2, "[ <sp> path-name ]", 0, },
{ "MLSD", MLSD, OSTR, 1, "[ <sp> directory-name ]", 0, },
/* obsolete commands */
{ "MAIL", MAIL, OSTR, 0, "(mail to user)", 0, },
{ "MLFL", MLFL, OSTR, 0, "(mail file)", 0, },
{ "MRCP", MRCP, STR1, 0, "(mail recipient)", 0, },
{ "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)", 0, },
{ "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)", 0, },
{ "MSND", MSND, OSTR, 0, "(mail send to terminal)", 0, },
{ "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)", 0, },
{ "XCUP", CDUP, NOARGS, 1, "(change to parent directory)", 0, },
{ "XCWD", CWD, OSTR, 1, "[ <sp> directory-name ]", 0, },
{ "XMKD", MKD, STR1, 1, "<sp> path-name", 0, },
{ "XPWD", PWD, NOARGS, 1, "(return current directory)", 0, },
{ "XRMD", RMD, STR1, 1, "<sp> path-name", 0, },
{ NULL, 0, 0, 0, 0, 0, }
1993-03-21 12:45:37 +03:00
};
struct tab sitetab[] = {
{ "CHMOD", CHMOD, NSTR, 1, "<sp> mode <sp> file-name", 0, },
{ "HELP", HELP, OSTR, 1, "[ <sp> <string> ]", 0, },
{ "IDLE", IDLE, ARGS, 1, "[ <sp> maximum-idle-time ]", 0, },
{ "RATEGET", RATEGET,OSTR, 1, "[ <sp> get-throttle-rate ]", 0, },
{ "RATEPUT", RATEPUT,OSTR, 1, "[ <sp> put-throttle-rate ]", 0, },
{ "UMASK", UMASK, ARGS, 1, "[ <sp> umask ]", 0, },
{ NULL, 0, 0, 0, 0, 0, }
1993-03-21 12:45:37 +03:00
};
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
/*
* Check if a filename is allowed to be modified (isupload == 0) or
* uploaded (isupload == 1), and if necessary, check the filename is `sane'.
* If the filename is NULL, fail.
* If the filename is "", don't do the sane name check.
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
*/
static int
check_write(const char *file, int isupload)
{
if (file == NULL)
return (0);
if (! logged_in) {
reply(530, "Please login with USER and PASS.");
return (0);
}
/* checking modify */
if (! isupload && ! CURCLASS_FLAGS_ISSET(modify)) {
reply(502, "No permission to use this command.");
return (0);
}
/* checking upload */
if (isupload && ! CURCLASS_FLAGS_ISSET(upload)) {
reply(502, "No permission to use this command.");
return (0);
}
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
/* checking sanenames */
if (file[0] != '\0' && CURCLASS_FLAGS_ISSET(sanenames)) {
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
const char *p;
if (file[0] == '.')
goto insane_name;
for (p = file; *p; p++) {
if (isalnum((unsigned char)*p) || *p == '-' || *p == '+' ||
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
*p == ',' || *p == '.' || *p == '_')
continue;
insane_name:
reply(553, "File name `%s' not allowed.", file);
return (0);
}
}
return (1);
}
struct tab *
2000-05-20 06:20:18 +04:00
lookup(struct tab *p, const char *cmd)
1993-03-21 12:45:37 +03:00
{
for (; p->name != NULL; p++)
if (strcasecmp(cmd, p->name) == 0)
1993-03-21 12:45:37 +03:00
return (p);
return (0);
}
#include <arpa/telnet.h>
/*
* get_line - a hacked up version of fgets to ignore TELNET escape codes.
* `s' is the buffer to read into.
* `n' is the 1 less than the size of the buffer, to allow trailing NUL
* `iop' is the FILE to read from.
* Returns 0 on success, -1 on EOF, -2 if the command was too long.
1993-03-21 12:45:37 +03:00
*/
int
get_line(char *s, int n, FILE *iop)
1993-03-21 12:45:37 +03:00
{
1994-06-29 05:49:37 +04:00
int c;
char *cs;
1993-03-21 12:45:37 +03:00
cs = s;
/* tmpline may contain saved command from urgent mode interruption */
for (c = 0; tmpline[c] != '\0' && --n > 0; ++c) {
*cs++ = tmpline[c];
if (tmpline[c] == '\n') {
*cs++ = '\0';
if (ftpd_debug)
1993-03-21 12:45:37 +03:00
syslog(LOG_DEBUG, "command: %s", s);
tmpline[0] = '\0';
return(0);
1993-03-21 12:45:37 +03:00
}
if (c == 0)
tmpline[0] = '\0';
}
while ((c = getc(iop)) != EOF) {
total_bytes++;
total_bytes_in++;
1993-03-21 12:45:37 +03:00
c &= 0377;
if (c == IAC) {
if ((c = getc(iop)) != EOF) {
total_bytes++;
total_bytes_in++;
1993-03-21 12:45:37 +03:00
c &= 0377;
switch (c) {
case WILL:
case WONT:
c = getc(iop);
total_bytes++;
total_bytes_in++;
cprintf(stdout, "%c%c%c", IAC, DONT, 0377&c);
1993-03-21 12:45:37 +03:00
(void) fflush(stdout);
continue;
case DO:
case DONT:
c = getc(iop);
total_bytes++;
total_bytes_in++;
cprintf(stdout, "%c%c%c", IAC, WONT, 0377&c);
1993-03-21 12:45:37 +03:00
(void) fflush(stdout);
continue;
case IAC:
break;
default:
continue; /* ignore command */
}
}
}
*cs++ = c;
if (--n <= 0) {
/*
* If command doesn't fit into buffer, discard the
* rest of the command and indicate truncation.
* This prevents the command to be split up into
* multiple commands.
*/
if (ftpd_debug)
syslog(LOG_DEBUG,
"command too long, last char: %d", c);
while (c != '\n' && (c = getc(iop)) != EOF)
continue;
return (-2);
}
if (c == '\n')
1993-03-21 12:45:37 +03:00
break;
}
if (c == EOF && cs == s)
return (-1);
1993-03-21 12:45:37 +03:00
*cs++ = '\0';
if (ftpd_debug) {
if ((curclass.type != CLASS_GUEST &&
strncasecmp(s, "PASS ", 5) == 0) ||
strncasecmp(s, "ACCT ", 5) == 0) {
1994-06-29 05:49:37 +04:00
/* Don't syslog passwords */
syslog(LOG_DEBUG, "command: %.4s ???", s);
1994-06-29 05:49:37 +04:00
} else {
char *cp;
int len;
1994-06-29 05:49:37 +04:00
/* Don't syslog trailing CR-LF */
len = strlen(s);
cp = s + len - 1;
while (cp >= s && (*cp == '\n' || *cp == '\r')) {
--cp;
--len;
}
syslog(LOG_DEBUG, "command: %.*s", len, s);
}
}
return (0);
1993-03-21 12:45:37 +03:00
}
void
ftp_handle_line(char *cp)
{
2001-04-12 06:28:59 +04:00
cmdp = cp;
yyparse();
}
void
ftp_loop(void)
{
int ret;
2001-04-12 06:28:59 +04:00
while (1) {
(void) alarm(curclass.timeout);
ret = get_line(cbuf, sizeof(cbuf)-1, stdin);
(void) alarm(0);
if (ret == -1) {
reply(221, "You could at least say goodbye.");
dologout(0);
} else if (ret == -2) {
reply(500, "Command too long.");
} else {
ftp_handle_line(cbuf);
}
}
/*NOTREACHED*/
}
int
2000-05-20 06:20:18 +04:00
yylex(void)
1993-03-21 12:45:37 +03:00
{
static int cpos, state;
1994-06-29 05:49:37 +04:00
char *cp, *cp2;
struct tab *p;
int n;
1994-06-29 05:49:37 +04:00
char c;
1993-03-21 12:45:37 +03:00
switch (state) {
1993-03-21 12:45:37 +03:00
case CMD:
hasyyerrored = 0;
if ((cp = strchr(cmdp, '\r'))) {
*cp = '\0';
#if defined(HAVE_SETPROCTITLE)
if (strncasecmp(cmdp, "PASS", 4) != 0 &&
strncasecmp(cmdp, "ACCT", 4) != 0)
setproctitle("%s: %s", proctitle, cmdp);
#endif /* defined(HAVE_SETPROCTITLE) */
*cp++ = '\n';
*cp = '\0';
}
if ((cp = strpbrk(cmdp, " \n")))
cpos = cp - cmdp;
if (cpos == 0)
cpos = 4;
c = cmdp[cpos];
cmdp[cpos] = '\0';
p = lookup(cmdtab, cmdp);
cmdp[cpos] = c;
if (p != NULL) {
if (is_oob && ! CMD_OOB(p)) {
/* command will be handled in-band */
return (0);
} else if (! CMD_IMPLEMENTED(p)) {
reply(502, "%s command not implemented.",
p->name);
hasyyerrored = 1;
break;
1993-03-21 12:45:37 +03:00
}
state = p->state;
yylval.cs = p->name;
return (p->token);
}
break;
case SITECMD:
if (cmdp[cpos] == ' ') {
cpos++;
return (SP);
}
cp = &cmdp[cpos];
if ((cp2 = strpbrk(cp, " \n")))
cpos = cp2 - cmdp;
c = cmdp[cpos];
cmdp[cpos] = '\0';
p = lookup(sitetab, cp);
cmdp[cpos] = c;
if (p != NULL) {
if (!CMD_IMPLEMENTED(p)) {
reply(502, "SITE %s command not implemented.",
p->name);
hasyyerrored = 1;
break;
1993-03-21 12:45:37 +03:00
}
state = p->state;
yylval.cs = p->name;
return (p->token);
}
break;
1993-03-21 12:45:37 +03:00
case OSTR:
if (cmdp[cpos] == '\n') {
state = EOLN;
return (CRLF);
}
/* FALLTHROUGH */
1993-03-21 12:45:37 +03:00
case STR1:
case ZSTR1:
dostr1:
if (cmdp[cpos] == ' ') {
cpos++;
state = state == OSTR ? STR2 : state+1;
return (SP);
}
break;
1993-03-21 12:45:37 +03:00
case ZSTR2:
if (cmdp[cpos] == '\n') {
state = EOLN;
return (CRLF);
}
/* FALLTHROUGH */
1993-03-21 12:45:37 +03:00
case STR2:
cp = &cmdp[cpos];
n = strlen(cp);
cpos += n - 1;
/*
* Make sure the string is nonempty and \n terminated.
*/
if (n > 1 && cmdp[cpos] == '\n') {
cmdp[cpos] = '\0';
yylval.s = ftpd_strdup(cp);
cmdp[cpos] = '\n';
state = ARGS;
return (STRING);
}
break;
1993-03-21 12:45:37 +03:00
case NSTR:
if (cmdp[cpos] == ' ') {
cpos++;
return (SP);
}
if (isdigit((unsigned char)cmdp[cpos])) {
cp = &cmdp[cpos];
while (isdigit((unsigned char)cmdp[++cpos]))
;
c = cmdp[cpos];
cmdp[cpos] = '\0';
yylval.u.i = atoi(cp);
cmdp[cpos] = c;
1993-03-21 12:45:37 +03:00
state = STR1;
return (NUMBER);
}
state = STR1;
goto dostr1;
1993-03-21 12:45:37 +03:00
case ARGS:
if (isdigit((unsigned char)cmdp[cpos])) {
cp = &cmdp[cpos];
while (isdigit((unsigned char)cmdp[++cpos]))
;
c = cmdp[cpos];
cmdp[cpos] = '\0';
yylval.u.i = atoi(cp);
2011-09-16 20:13:16 +04:00
yylval.u.ll = STRTOLL(cp, NULL, 10);
cmdp[cpos] = c;
return (NUMBER);
}
if (strncasecmp(&cmdp[cpos], "ALL", 3) == 0
&& !isalnum((unsigned char)cmdp[cpos + 3])) {
cpos += 3;
return (ALL);
}
switch (cmdp[cpos++]) {
1993-03-21 12:45:37 +03:00
case '\n':
state = EOLN;
return (CRLF);
1993-03-21 12:45:37 +03:00
case ' ':
return (SP);
1993-03-21 12:45:37 +03:00
case ',':
return (COMMA);
1993-03-21 12:45:37 +03:00
case 'A':
case 'a':
return (A);
1993-03-21 12:45:37 +03:00
case 'B':
case 'b':
return (B);
1993-03-21 12:45:37 +03:00
case 'C':
case 'c':
return (C);
1993-03-21 12:45:37 +03:00
case 'E':
case 'e':
return (E);
1993-03-21 12:45:37 +03:00
case 'F':
case 'f':
return (F);
1993-03-21 12:45:37 +03:00
case 'I':
case 'i':
return (I);
1993-03-21 12:45:37 +03:00
case 'L':
case 'l':
return (L);
1993-03-21 12:45:37 +03:00
case 'N':
case 'n':
return (N);
1993-03-21 12:45:37 +03:00
case 'P':
case 'p':
return (P);
1993-03-21 12:45:37 +03:00
case 'R':
case 'r':
return (R);
1993-03-21 12:45:37 +03:00
case 'S':
case 's':
return (S);
1993-03-21 12:45:37 +03:00
case 'T':
case 't':
return (T);
1993-03-21 12:45:37 +03:00
}
break;
case NOARGS:
if (cmdp[cpos] == '\n') {
state = EOLN;
return (CRLF);
1993-03-21 12:45:37 +03:00
}
c = cmdp[cpos];
cmdp[cpos] = '\0';
reply(501, "'%s' command does not take any arguments.", cmdp);
hasyyerrored = 1;
cmdp[cpos] = c;
break;
case EOLN:
state = CMD;
return (0);
default:
fatal("Unknown state in scanner.");
1993-03-21 12:45:37 +03:00
}
yyerror(NULL);
state = CMD;
return (0);
1993-03-21 12:45:37 +03:00
}
/* ARGSUSED */
void
yyerror(const char *s)
{
char *cp;
if (hasyyerrored || is_oob)
return;
if ((cp = strchr(cmdp,'\n')) != NULL)
*cp = '\0';
reply(500, "'%s': command not understood.", cmdp);
hasyyerrored = 1;
}
1994-06-29 05:49:37 +04:00
static void
2000-05-20 06:20:18 +04:00
help(struct tab *ctab, const char *s)
1993-03-21 12:45:37 +03:00
{
1994-06-29 05:49:37 +04:00
struct tab *c;
int width, NCMDS;
const char *htype;
1993-03-21 12:45:37 +03:00
if (ctab == sitetab)
htype = "SITE ";
1993-03-21 12:45:37 +03:00
else
htype = "";
1993-03-21 12:45:37 +03:00
width = 0, NCMDS = 0;
for (c = ctab; c->name != NULL; c++) {
int len = strlen(c->name);
if (len > width)
width = len;
NCMDS++;
}
width = (width + 8) &~ 7;
if (s == 0) {
1994-06-29 05:49:37 +04:00
int i, j, w;
1993-03-21 12:45:37 +03:00
int columns, lines;
2000-07-08 22:24:28 +04:00
reply(-214, "%s", "");
reply(0, "The following %scommands are recognized.", htype);
reply(0, "(`-' = not implemented, `+' = supports options)");
1993-03-21 12:45:37 +03:00
columns = 76 / width;
if (columns == 0)
columns = 1;
lines = (NCMDS + columns - 1) / columns;
for (i = 0; i < lines; i++) {
cprintf(stdout, " ");
1993-03-21 12:45:37 +03:00
for (j = 0; j < columns; j++) {
c = ctab + j * lines + i;
cprintf(stdout, "%s", c->name);
w = strlen(c->name);
if (! CMD_IMPLEMENTED(c)) {
CPUTC('-', stdout);
w++;
}
if (CMD_HAS_OPTIONS(c)) {
CPUTC('+', stdout);
w++;
}
1993-03-21 12:45:37 +03:00
if (c + lines >= &ctab[NCMDS])
break;
while (w < width) {
CPUTC(' ', stdout);
1993-03-21 12:45:37 +03:00
w++;
}
}
cprintf(stdout, "\r\n");
1993-03-21 12:45:37 +03:00
}
(void) fflush(stdout);
reply(214, "Direct comments to ftp-bugs@%s.", hostname);
return;
}
c = lookup(ctab, s);
if (c == (struct tab *)0) {
reply(502, "Unknown command '%s'.", s);
1993-03-21 12:45:37 +03:00
return;
}
if (CMD_IMPLEMENTED(c))
reply(214, "Syntax: %s%s %s", htype, c->name, c->help);
1993-03-21 12:45:37 +03:00
else
reply(504, "%s%-*s\t%s; not implemented.", htype, width,
1993-03-21 12:45:37 +03:00
c->name, c->help);
}
/*
* Check that the structures used for a PORT, LPRT or EPRT command are
* valid (data_dest, his_addr), and if necessary, detect ftp bounce attacks.
* If family != -1 check that his_addr.su_family == family.
*/
static void
port_check(const char *cmd, int family)
{
char h1[NI_MAXHOST], h2[NI_MAXHOST];
char s1[NI_MAXHOST], s2[NI_MAXHOST];
#ifdef NI_WITHSCOPEID
const int niflags = NI_NUMERICHOST | NI_NUMERICSERV | NI_WITHSCOPEID;
#else
const int niflags = NI_NUMERICHOST | NI_NUMERICSERV;
#endif
if (epsvall) {
reply(501, "%s disallowed after EPSV ALL", cmd);
return;
}
if (family != -1 && his_addr.su_family != family) {
port_check_fail:
reply(500, "Illegal %s command rejected", cmd);
return;
}
if (data_dest.su_family != his_addr.su_family)
goto port_check_fail;
/* be paranoid, if told so */
- new ftpd.conf directives: maxfilesize set the maximum size of uploaded files sanenames if set, only permit uploaded filenames that contain characters from the set "-+,._A-Za-z0-9" and that don't start with `.' - new/changed command line options: -e emailaddr define email address for %E (see below) -P dataport use dataport as the dataport (instead of ctrlport-1) -q use pid files to count users [default] -Q don't use pid files to count users -u write entries to utmp -U don't write entries to utmp [default] -w write entries to wtmp [default] -W don't write entries to wtmp NOTE: -U used to mean `write utmp entries'. Its meaning has changed so that it's orthogonal with -q/-Q and -w/-W. This isn't considered a major problem, because using -U isn't going to enable something you don't want, but will disable something you did want (which is safer). - new display file escape sequences: %E email address %s literal `s' if the previous %M or %N wasn't ``1''. %S literal `S' if the previous %M or %N wasn't ``1''. - expand the description of building ~ftp/incoming to cover the appropriate ftpd.conf(5) directives (which are defaults, but it pays to explicitly explain them) - replace strsuftoi() with strsuftoll(), which returns a long long if supported, otherwise a long - rework the way that check_modify and check_upload are done in the yacc parser; they're merged into a common check_write() function which is called explicitly - merge all ftpclass `flag variables' into a single bitfield-based flag element - move various common bits of parse_conf() into a couple of macros - clean up some comments
2000-11-16 16:15:13 +03:00
if (CURCLASS_FLAGS_ISSET(checkportcmd)) {
#ifdef INET6
/*
* be paranoid, there are getnameinfo implementation that does
* not present scopeid portion
*/
if (data_dest.su_family == AF_INET6 &&
data_dest.su_scope_id != his_addr.su_scope_id)
goto port_check_fail;
#endif
if (getnameinfo((struct sockaddr *)&data_dest, data_dest.su_len,
h1, sizeof(h1), s1, sizeof(s1), niflags))
goto port_check_fail;
if (getnameinfo((struct sockaddr *)&his_addr, his_addr.su_len,
h2, sizeof(h2), s2, sizeof(s2), niflags))
goto port_check_fail;
if (atoi(s1) < IPPORT_RESERVED || strcmp(h1, h2) != 0)
goto port_check_fail;
}
usedefault = 0;
if (pdata >= 0) {
(void) close(pdata);
pdata = -1;
}
reply(200, "%s command successful.", cmd);
}