Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/libexec/ftpd/ftpd.c

2772 lines
66 KiB
C
Raw Normal View History

plug memory leak
2000-11-13 14:52:41 +03:00
/* $NetBSD: ftpd.c,v 1.107 2000/11/13 11:52:41 itojun Exp $ */
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
/*
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
* Copyright (c) 1997-2000 The NetBSD Foundation, Inc.
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
* All rights reserved.
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
*
* This code is derived from software contributed to The NetBSD Foundation
* by Luke Mewburn.
*
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the NetBSD
* Foundation, Inc. and its contributors.
* 4. Neither the name of The NetBSD Foundation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
*/
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
* Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
/*
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* Copyright (C) 1997 and 1998 WIDE Project.
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
* All rights reserved.
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
*
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
*/
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#include <sys/cdefs.h>
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#ifndef lint
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
__COPYRIGHT(
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
"@(#) Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994\n\
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
The Regents of the University of California. All rights reserved.\n");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#endif /* not lint */
#ifndef lint
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
#if 0
4.4lite2 update. (The one minor bugfix between 4.4lite and 4.4lite2 was already in our sources, thus just the sccsid line is changed.)
1997-03-29 00:55:41 +03:00
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
#else
plug memory leak
2000-11-13 14:52:41 +03:00
__RCSID("$NetBSD: ftpd.c,v 1.107 2000/11/13 11:52:41 itojun Exp $");
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
#endif
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#endif /* not lint */
/*
* FTP server.
*/
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#define FTP_NAMES
#include <arpa/ftp.h>
#include <arpa/inet.h>
#include <arpa/telnet.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <ctype.h>
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#include <dirent.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <err.h>
#include <errno.h>
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#include <fcntl.h>
/etc/ftpusers now matches globs against the username. mycroft suggested this.
1997-04-29 08:00:39 +04:00
#include <fnmatch.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <glob.h>
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
#include <grp.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <limits.h>
#include <netdb.h>
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#include <pwd.h>
#include <setjmp.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <signal.h>
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
#include <stdarg.h>
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include <syslog.h>
#include <time.h>
#include <unistd.h>
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
#include <util.h>
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
#include <utmp.h>
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#ifdef SKEY
#include <skey.h>
#endif
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
#ifdef KERBEROS5
Move include/kerberosIV/com_err.h to include/com_err.h
2000-02-14 06:26:06 +03:00
#include <com_err.h>
Make this compile with krb5.
1999-08-25 20:23:52 +04:00
#include <krb5/krb5.h>
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
#endif
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
#define GLOBAL
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
#include "extern.h"
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
#include "pathnames.h"
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
#include "version.h"
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
int data;
* don't bother with a version[] string, just use the macro as appropriate * clean some more of the GLOBAL stuff * fix unused var if -UHASSETPROCTITLE
2000-03-05 09:12:19 +03:00
jmp_buf urgcatch;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
struct passwd *pw;
add "-s" flag (SecureID).
1998-06-26 21:41:38 +04:00
int sflag;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
int stru; /* avoid C keyword */
int mode;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
int doutmp; /* update utmp file */
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
int dowtmp; /* update wtmp file */
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
int dropprivs; /* if privileges should or have been dropped */
int mapped; /* IPv4 connection on AF_INET6 socket */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
off_t file_size;
off_t byte_count;
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
static char ttyline[20];
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
static struct utmp utmp; /* for utmp */
* complete fix for `multiple replies returned for single parse error' problem; move `hasyyerrored' state flag out of yylex() so that check_{login,modify} can also set it. * check result of check_login for PORT command * set initial timeout before the "setjmp(); for(;;) yyparse()", otherwise an invalid command after login incorrectly sets the timeout to 5 minutes (rather than what was set in ftpd.conf) * replace (char *)0 with NULL * move yyerror() from ftpd.c to ftpcmd.y * remove need for -Dunix, by using the version string from ftpd.c (instead of `BSD-199506') * move all extern-ed vars into extern.h
1998-09-06 14:39:40 +04:00
Allow setting the directory to which anonymous users chdir from the command line. Document -u option. A couple of minor cleanups.
1997-05-24 02:09:48 +04:00
static char *anondir = NULL;
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
static char confdir[MAXPATHLEN];
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
#if defined(KERBEROS) || defined(KERBEROS5)
Make this build again with crypto-us, after recent changes to k{,5}login.c.
2000-06-02 04:19:04 +04:00
int has_ccache = 0;
clean up RCS Id's and a couple of stype nits. Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 06:44:45 +04:00
int notickets = 1;
char *krbtkfile_env = NULL;
Make this build again with crypto-us, after recent changes to k{,5}login.c.
2000-06-02 04:19:04 +04:00
char *tty = ttyline;
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
int login_krb5_forwardable_tgt = 0;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
#endif
some changes to make Kerberos a bit easier to use. from Michael Graff <explorer@vorpal.com>, with some work by myself...
1994-03-30 06:49:15 +04:00
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifndef INET6_ADDRSTRLEN
#define INET6_ADDRSTRLEN MAXHOSTNAMELEN
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
int epsvall = 0;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* Timeout intervals for retrying connections
* to hosts that don't accept PORT cmds. This
* is a kludge, but given the problems with TCP...
*/
#define SWAITMAX 90 /* wait at most 90 seconds */
#define SWAITINT 5 /* interval between retries */
int swaitmax = SWAITMAX;
int swaitint = SWAITINT;
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
static int bind_pasv_addr(void);
static int checkuser(const char *, const char *, int, int, char **);
static int checkaccess(const char *);
static void dolog(struct sockaddr *);
static void end_login(void);
static FILE *getdatasock(const char *);
static char *gunique(const char *);
static void lostconn(int);
static void myoob(int);
static int receive_data(FILE *, FILE *);
static int send_data(FILE *, FILE *, off_t, int);
static struct passwd *sgetpwnam(const char *);
int main(int, char *[]);
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS)
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
int klogin(struct passwd *, char *, char *, char *);
void kdestroy(void);
Need prototype for klogin() - probably ought to go in a header file, but klogin probably ought to go in a library first
1997-06-21 08:38:54 +04:00
#endif
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS5)
int k5login(struct passwd *, char *, char *, char *);
void k5destroy(void);
#endif
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
main(int argc, char *argv[])
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
int addrlen, ch, on = 1, tos, keepalive;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
#ifdef KERBEROS5
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
krb5_error_code kerror;
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
#endif
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* don't bother with a version[] string, just use the macro as appropriate * clean some more of the GLOBAL stuff * fix unused var if -UHASSETPROCTITLE
2000-03-05 09:12:19 +03:00
connections = 1;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
debug = 0;
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
logging = 0;
* don't bother with a version[] string, just use the macro as appropriate * clean some more of the GLOBAL stuff * fix unused var if -UHASSETPROCTITLE
2000-03-05 09:12:19 +03:00
pdata = -1;
add "-s" flag (SecureID).
1998-06-26 21:41:38 +04:00
sflag = 0;
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
doutmp = 0; /* default: don't log to utmp */
dowtmp = 1; /* default: DO log to wtmp */
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
dropprivs = 0;
mapped = 0;
* don't bother with a version[] string, just use the macro as appropriate * clean some more of the GLOBAL stuff * fix unused var if -UHASSETPROCTITLE
2000-03-05 09:12:19 +03:00
usedefault = 1;
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
(void)strcpy(confdir, _DEFAULT_CONFDIR);
* add back support for `-h hostname'; it still may be useful to override the name advertised to the client, even if ftpd can determine it from the ip address that ftpd is bound to. requested by mrg. * remove -4/-6; they were effectively no-ops since itojun's change in 1.75. * crank version
1999-12-19 03:09:31 +03:00
hostname[0] = '\0';
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
homedir[0] = '\0';
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
gidcount = 0;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
version = FTPD_VERSION;
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
while ((ch = getopt(argc, argv, "a:c:C:dh:Hlrst:T:u:UvV:W")) != -1) {
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
switch (ch) {
Allow setting the directory to which anonymous users chdir from the command line. Document -u option. A couple of minor cleanups.
1997-05-24 02:09:48 +04:00
case 'a':
anondir = optarg;
break;
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
case 'c':
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
(void)strlcpy(confdir, optarg, sizeof(confdir));
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
break;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
case 'C':
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
pw = sgetpwnam(optarg);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
exit(checkaccess(optarg) ? 0 : 1);
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
/* NOTREACHED */
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case 'd':
Allow setting the directory to which anonymous users chdir from the command line. Document -u option. A couple of minor cleanups.
1997-05-24 02:09:48 +04:00
case 'v': /* deprecated */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
debug = 1;
break;
* add back support for `-h hostname'; it still may be useful to override the name advertised to the client, even if ftpd can determine it from the ip address that ftpd is bound to. requested by mrg. * remove -4/-6; they were effectively no-ops since itojun's change in 1.75. * crank version
1999-12-19 03:09:31 +03:00
case 'h':
strlcpy(hostname, optarg, sizeof(hostname));
break;
* add -H, which acts like -h `hostname`. (requested by kim@) * refer to draft-ietf-ftpext-mlst-11 instead of -10
2000-07-15 07:45:19 +04:00
case 'H':
if (gethostname(hostname, sizeof(hostname)) == -1)
hostname[0] = '\0';
hostname[sizeof(hostname) - 1] = '\0';
break;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case 'l':
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
logging++; /* > 1 == extra logging */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
break;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
case 'r':
dropprivs = 1;
break;
add "-s" flag (SecureID).
1998-06-26 21:41:38 +04:00
case 's':
sflag = 1;
break;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case 't':
case 'T':
case 'u':
fix grammo
1997-08-26 17:10:39 +04:00
warnx("-%c has been deprecated in favour of ftpd.conf",
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
ch);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
break;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
case 'U':
doutmp = 1;
break;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
case 'V':
if (EMPTYSTR(optarg) || strcmp(optarg, "-") == 0)
version = NULL;
else
version = xstrdup(optarg);
break;
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
case 'W':
dowtmp = 0;
break;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
default:
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
if (optopt == 'a' || optopt == 'C')
exit(1);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
warnx("unknown flag -%c ignored", optopt);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
break;
}
}
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
/*
* LOG_NDELAY sets up the logging connection immediately,
* necessary for anonymous ftp's that chroot and can't do it later.
*/
deprecate -h hostname in favour of automatic determination of local hostname. this is a much cleaner solution for supporting multihomed virtual servers. from Geoff C. Wing <gcw@pobox.com> in [bin/8137].
1999-12-18 09:33:54 +03:00
openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
addrlen = sizeof(his_addr); /* xxx */
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
exit(1);
}
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
addrlen = sizeof(ctrl_addr);
if (getsockname(0, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
exit(1);
}
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef INET6
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
if (his_addr.su_family == AF_INET6
&& IN6_IS_ADDR_V4MAPPED(&his_addr.su_sin6.sin6_addr)) {
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
#if 1
/*
* IPv4 control connection arrived to AF_INET6 socket.
* I hate to do this, but this is the easiest solution.
add comment on IPv4 mapped address twist
2000-05-30 09:31:31 +04:00
*
* The assumption is untrue on SIIT environment.
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
*/
union sockunion tmp_addr;
avoid use of s6_addr32, as it is non-standard. (sync with KAME)
1999-12-13 07:36:10 +03:00
const int off = sizeof(struct in6_addr) - sizeof(struct in_addr);
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
tmp_addr = his_addr;
memset(&his_addr, 0, sizeof(his_addr));
his_addr.su_sin.sin_family = AF_INET;
his_addr.su_sin.sin_len = sizeof(his_addr.su_sin);
memcpy(&his_addr.su_sin.sin_addr,
avoid use of s6_addr32, as it is non-standard. (sync with KAME)
1999-12-13 07:36:10 +03:00
&tmp_addr.su_sin6.sin6_addr.s6_addr[off],
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
sizeof(his_addr.su_sin.sin_addr));
his_addr.su_sin.sin_port = tmp_addr.su_sin6.sin6_port;
tmp_addr = ctrl_addr;
memset(&ctrl_addr, 0, sizeof(ctrl_addr));
ctrl_addr.su_sin.sin_family = AF_INET;
ctrl_addr.su_sin.sin_len = sizeof(ctrl_addr.su_sin);
memcpy(&ctrl_addr.su_sin.sin_addr,
avoid use of s6_addr32, as it is non-standard. (sync with KAME)
1999-12-13 07:36:10 +03:00
&tmp_addr.su_sin6.sin6_addr.s6_addr[off],
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
sizeof(ctrl_addr.su_sin.sin_addr));
ctrl_addr.su_sin.sin_port = tmp_addr.su_sin6.sin6_port;
#else
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
while (fgets(line, sizeof(line), fd) != NULL) {
if ((cp = strchr(line, '\n')) != NULL)
*cp = '\0';
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-530, "%s", line);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
(void) fflush(stdout);
(void) fclose(fd);
reply(530,
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
"Connection from IPv4 mapped address is not supported.");
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
exit(0);
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
#endif
do not perform setsockopt(IP_TOS) on mapped connections (IPv4 connection toward AF_INET6 socket).
1999-12-13 19:30:37 +03:00
mapped = 1;
} else
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#endif
do not perform setsockopt(IP_TOS) on mapped connections (IPv4 connection toward AF_INET6 socket).
1999-12-13 19:30:37 +03:00
mapped = 0;
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
#ifdef IP_TOS
do not perform setsockopt(IP_TOS) on mapped connections (IPv4 connection toward AF_INET6 socket).
1999-12-13 19:30:37 +03:00
if (!mapped && his_addr.su_family == AF_INET) {
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
tos = IPTOS_LOWDELAY;
if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&tos,
sizeof(int)) < 0)
syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
}
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
#endif
* add back support for `-h hostname'; it still may be useful to override the name advertised to the client, even if ftpd can determine it from the ip address that ftpd is bound to. requested by mrg. * remove -4/-6; they were effectively no-ops since itojun's change in 1.75. * crank version
1999-12-19 03:09:31 +03:00
/* if the hostname hasn't been given, attempt to determine it */
if (hostname[0] == '\0') {
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef NI_MAXHOST
* add back support for `-h hostname'; it still may be useful to override the name advertised to the client, even if ftpd can determine it from the ip address that ftpd is bound to. requested by mrg. * remove -4/-6; they were effectively no-ops since itojun's change in 1.75. * crank version
1999-12-19 03:09:31 +03:00
if (getnameinfo((struct sockaddr *)&ctrl_addr, ctrl_addr.su_len,
hostname, sizeof(hostname), NULL, 0, 0) != 0)
(void)gethostname(hostname, sizeof(hostname));
hostname[sizeof(hostname) - 1] = '\0';
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#else
struct hostent *hp;
if ((hp = gethostbyaddr((const char *)&ctrl_addr,
ctrl_addr.su_len, AF_INET)) == NULL)
(void)gethostname(hostname, sizeof(hostname));
else
(void)strlcpy(hostname, hp->h_name, sizeof(hostname));
#endif
* add back support for `-h hostname'; it still may be useful to override the name advertised to the client, even if ftpd can determine it from the ip address that ftpd is bound to. requested by mrg. * remove -4/-6; they were effectively no-ops since itojun's change in 1.75. * crank version
1999-12-19 03:09:31 +03:00
}
deprecate -h hostname in favour of automatic determination of local hostname. this is a much cleaner solution for supporting multihomed virtual servers. from Geoff C. Wing <gcw@pobox.com> in [bin/8137].
1999-12-18 09:33:54 +03:00
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
/* set this here so klogin can use it... */
(void)snprintf(ttyline, sizeof(ttyline), "ftp%d", getpid());
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void) freopen(_PATH_DEVNULL, "w", stderr);
(void) signal(SIGPIPE, lostconn);
(void) signal(SIGCHLD, SIG_IGN);
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
if (signal(SIGURG, myoob) == SIG_ERR)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
syslog(LOG_ERR, "signal: %m");
/* Try to handle urgent data inline */
#ifdef SO_OOBINLINE
if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (char *)&on, sizeof(on)) < 0)
syslog(LOG_ERR, "setsockopt: %m");
#endif
Set keepalives on the sockets to force logouts on connections that have disappeared.
1999-06-05 17:49:53 +04:00
/* Set keepalives on the socket to detect dropped connections. */
#ifdef SO_KEEPALIVE
keepalive = 1;
if (setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&keepalive,
sizeof(int)) < 0)
syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
#endif
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#ifdef F_SETOWN
if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
syslog(LOG_ERR, "fcntl F_SETOWN: %m");
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
dolog((struct sockaddr *)&his_addr);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* Set up default state
*/
data = -1;
type = TYPE_A;
form = FORM_N;
stru = STRU_F;
mode = MODE_S;
tmpline[0] = '\0';
* complete fix for `multiple replies returned for single parse error' problem; move `hasyyerrored' state flag out of yylex() so that check_{login,modify} can also set it. * check result of check_login for PORT command * set initial timeout before the "setjmp(); for(;;) yyparse()", otherwise an invalid command after login incorrectly sets the timeout to 5 minutes (rather than what was set in ftpd.conf) * replace (char *)0 with NULL * move yyerror() from ftpd.c to ftpcmd.y * remove need for -Dunix, by using the version string from ftpd.c (instead of `BSD-199506') * move all extern-ed vars into extern.h
1998-09-06 14:39:40 +04:00
hasyyerrored = 0;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
#ifdef KERBEROS5
kerror = krb5_init_context(&kcontext);
if (kerror) {
syslog(LOG_NOTICE, "%s when initializing Kerberos context",
error_message(kerror));
exit(0);
}
- #endif foo -> #endif /* foo */ - #if __STDC__ -> #ifdef __STDC__ - Don't allow expired accounts to login.
1998-02-01 17:10:22 +03:00
#endif /* KERBEROS5 */
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
init_curclass();
curclass.timeout = 300; /* 5 minutes, as per login(1) */
curclass.type = CLASS_REAL;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
/* If logins are disabled, print out the message. */
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
if (display_file(_PATH_NOLOGIN, 530)) {
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
reply(530, "System not available.");
exit(0);
}
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
(void)display_file(conffilename(_PATH_FTPWELCOME), 220);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
/* reply(220,) must follow */
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (EMPTYSTR(version))
reply(220, "%s FTP server ready.", hostname);
else
reply(220, "%s FTP server (%s) ready.", hostname, version);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* complete fix for `multiple replies returned for single parse error' problem; move `hasyyerrored' state flag out of yylex() so that check_{login,modify} can also set it. * check result of check_login for PORT command * set initial timeout before the "setjmp(); for(;;) yyparse()", otherwise an invalid command after login incorrectly sets the timeout to 5 minutes (rather than what was set in ftpd.conf) * replace (char *)0 with NULL * move yyerror() from ftpd.c to ftpcmd.y * remove need for -Dunix, by using the version string from ftpd.c (instead of `BSD-199506') * move all extern-ed vars into extern.h
1998-09-06 14:39:40 +04:00
(void) setjmp(errcatch);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
for (;;)
(void) yyparse();
/* NOTREACHED */
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
lostconn(int signo)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (debug)
syslog(LOG_DEBUG, "lost connection");
- add '-C user', which runs checkaccess(user) and exits with the result (0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers). from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods - getopt returns -1 not EOF - in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 18:25:30 +04:00
dologout(1);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
/*
* Save the result of a getpwnam. Used for USER command, since
* the data returned must not be clobbered by any other command
* (e.g., globbing).
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static struct passwd *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
sgetpwnam(const char *name)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
static struct passwd save;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
struct passwd *p;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if ((p = getpwnam(name)) == NULL)
return (p);
if (save.pw_name) {
const poisoning.
1998-07-27 05:45:09 +04:00
free((char *)save.pw_name);
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
memset(save.pw_passwd, 0, strlen(save.pw_passwd));
const poisoning.
1998-07-27 05:45:09 +04:00
free((char *)save.pw_passwd);
free((char *)save.pw_gecos);
free((char *)save.pw_dir);
free((char *)save.pw_shell);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
save = *p;
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
save.pw_name = xstrdup(p->pw_name);
save.pw_passwd = xstrdup(p->pw_passwd);
save.pw_gecos = xstrdup(p->pw_gecos);
save.pw_dir = xstrdup(p->pw_dir);
save.pw_shell = xstrdup(p->pw_shell);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
return (&save);
}
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
static int login_attempts; /* number of failed login attempts */
static int askpasswd; /* had user command, ask for passwd */
static char curname[10]; /* current USER name */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* USER command.
* Sets global passwd pointer pw if named account exists and is acceptable;
* sets askpasswd if a PASS command is expected. If logged in previously,
* need to reset state. If name is "ftp" or "anonymous", the name is not in
* _PATH_FTPUSERS, and ftp account exists, set guest and pw, then just return.
* If account doesn't exist, ask for passwd anyway. Otherwise, check user
* requesting login privileges. Disallow anyone who does not have a standard
* shell as returned by getusershell(). Disallow anyone mentioned in the file
* _PATH_FTPUSERS to allow people such as root and uucp to be avoided.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
user(const char *name)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
if (logged_in) {
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
switch (curclass.type) {
case CLASS_GUEST:
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(530, "Can't change user from guest login.");
return;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case CLASS_CHROOT:
Jarle.F.Greipsland@idt.unit.no's changes to allow for password-protected chrooted ftp logins.
1994-04-07 00:49:52 +04:00
reply(530, "Can't change user from chroot user.");
return;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
case CLASS_REAL:
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (dropprivs) {
reply(530, "Can't change user.");
return;
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
end_login();
break;
default:
abort();
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
}
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS)
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
kdestroy();
#endif
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS5)
k5destroy();
#endif
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.type = CLASS_REAL;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) {
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
/* need `pw' setup for checkaccess() and checkuser () */
if ((pw = sgetpwnam("ftp")) == NULL)
reply(530, "User %s unknown.", name);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
else if (! checkaccess("ftp") || ! checkaccess("anonymous"))
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(530, "User %s access denied.", name);
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
else {
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.type = CLASS_GUEST;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
askpasswd = 1;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
reply(331,
"Guest login ok, type your name as password.");
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (!askpasswd && logging)
syslog(LOG_NOTICE,
"ANONYMOUS FTP LOGIN REFUSED FROM %s", remotehost);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
return;
}
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
pw = sgetpwnam(name);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (logging)
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
strlcpy(curname, name, sizeof(curname));
Format police. Also, try s/key before Kerberos.
1997-10-12 17:18:56 +04:00
add skey support
1994-05-24 10:52:17 +04:00
#ifdef SKEY
Format police. Also, try s/key before Kerberos.
1997-10-12 17:18:56 +04:00
if (skey_haskey(name) == 0) {
Fixed s/key compile bug.
2000-07-29 12:20:02 +04:00
const char *myskey;
add skey support
1994-05-24 10:52:17 +04:00
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
myskey = skey_keyinfo(name);
Format police. Also, try s/key before Kerberos.
1997-10-12 17:18:56 +04:00
reply(331, "Password [%s] required for %s.",
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
myskey ? myskey : "error getting challenge", name);
add skey support
1994-05-24 10:52:17 +04:00
} else
#endif
reply(331, "Password required for %s.", name);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
askpasswd = 1;
/*
* Delay before reading passwd after first failed
* attempt to slow down passwd-guessing programs.
*/
if (login_attempts)
sleep((unsigned) login_attempts);
}
/*
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
* Determine whether something is to happen (allow access, chroot)
* for a user. Each line is a shell-style glob followed by
* `yes' or `no'.
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
*
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
* For backward compatability, `allow' and `deny' are synonymns
* for `yes' and `no', respectively.
/etc/ftpusers now matches globs against the username. mycroft suggested this.
1997-04-29 08:00:39 +04:00
*
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
* Each glob is matched against the username in turn, and the first
* match found is used. If no match is found, the result is the
* argument `def'. If a match is found but without and explicit
* `yes'/`no', the result is the opposite of def.
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
*
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
* If the file doesn't exist at all, the result is the argument
* `nofile'
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
*
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
* Any line starting with `#' is considered a comment and ignored.
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
*
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* Returns 0 if the user is denied, or 1 if they are allowed.
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
*
* NOTE: needs struct passwd *pw setup before use.
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
*/
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
checkuser(const char *fname, const char *name, int def, int nofile,
char **retclass)
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
{
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
FILE *fd;
int retval;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
char *glob, *perm, *class, *buf, *p;
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
size_t len, line;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
retval = def;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (retclass != NULL)
*retclass = NULL;
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
if ((fd = fopen(conffilename(fname), "r")) == NULL)
return nofile;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
line = 0;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
for (;
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
(buf = fparseln(fd, &len, &line, NULL, FPARSELN_UNESCCOMM |
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
FPARSELN_UNESCCONT | FPARSELN_UNESCESC)) != NULL;
free(buf), buf = NULL) {
glob = perm = class = NULL;
p = buf;
if (len < 1)
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
continue;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (p[len - 1] == '\n')
p[--len] = '\0';
if (EMPTYSTR(p))
Avoid segmention fault if there is an empty line in "/etc/ftpusers". Problem noted by Emmanuel Dreyfus in PR bin/8504.
1999-09-30 22:12:34 +04:00
continue;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
NEXTWORD(p, glob);
NEXTWORD(p, perm);
NEXTWORD(p, class);
if (EMPTYSTR(glob))
continue;
* add support for `-h hostname', which defines the hostname to advertise as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s ability to bind to a specific address). if this option is used, add `hostname' to the syslog messages. * improve documentation of command-line options * don't allow class names of `all' or `none' in ftpusers
1999-12-16 05:21:37 +03:00
if (!EMPTYSTR(class)) {
if (strcasecmp(class, "all") == 0 ||
strcasecmp(class, "none") == 0) {
syslog(LOG_WARNING,
"%s line %d: illegal user-defined class `%s' - skipping entry",
fname, (int)line, class);
continue;
}
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
/* have a host specifier */
if ((p = strchr(glob, '@')) != NULL) {
u_int32_t net, mask, addr;
int bits;
*p++ = '\0';
/* check against network or CIDR */
if (isdigit(*p) &&
(bits = inet_net_pton(AF_INET, p,
&net, sizeof(net))) != -1) {
net = ntohl(net);
mask = 0xffffffffU << (32 - bits);
addr = ntohl(his_addr.su_sin.sin_addr.s_addr);
if ((addr & mask) != net)
continue;
/* check against hostname glob */
} else if (fnmatch(p, remotehost, 0) != 0)
continue;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
/* have a group specifier */
if ((p = strchr(glob, ':')) != NULL) {
gid_t *groups, *ng;
int gsize, i, found;
*p++ = '\0';
groups = NULL;
gsize = 16;
do {
ng = realloc(groups, gsize * sizeof(gid_t));
if (ng == NULL)
fatal(
"Local resource failure: realloc");
groups = ng;
} while (getgrouplist(pw->pw_name, pw->pw_gid,
groups, &gsize) == -1);
found = 0;
for (i = 0; i < gsize; i++) {
struct group *g;
if ((g = getgrgid(groups[i])) == NULL)
continue;
if (fnmatch(p, g->gr_name, 0) == 0) {
found = 1;
break;
}
}
free(groups);
if (!found)
continue;
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
/* check against username glob */
if (fnmatch(glob, name, 0) != 0)
continue;
if (perm != NULL &&
((strcasecmp(perm, "allow") == 0) ||
(strcasecmp(perm, "yes") == 0)))
retval = 1;
else if (perm != NULL &&
((strcasecmp(perm, "deny") == 0) ||
(strcasecmp(perm, "no") == 0)))
retval = 0;
else
retval = !def;
if (!EMPTYSTR(class) && retclass != NULL)
*retclass = xstrdup(class);
free(buf);
break;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
}
(void) fclose(fd);
/etc/ftpusers now matches globs against the username. mycroft suggested this.
1997-04-29 08:00:39 +04:00
return (retval);
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
}
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
/*
* Check if user is allowed by /etc/ftpusers
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
* returns 1 for yes, 0 for no
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
*
* NOTE: needs struct passwd *pw setup (for checkuser())
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
*/
int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
checkaccess(const char *name)
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
{
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
return (checkuser(_PATH_FTPUSERS, name, 1, 0, NULL));
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
}
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* Terminate login as previous user, if any, resetting state;
* used when USER command is given or login fails.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
end_login(void)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
if (logged_in) {
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
if (dowtmp)
logwtmp(ttyline, "", "");
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
if (doutmp)
logout(utmp.ut_line);
}
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* reset login state */
(void) seteuid((uid_t)0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
pw = NULL;
logged_in = 0;
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
quietmessages = 0;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
gidcount = 0;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.type = CLASS_REAL;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
pass(const char *passwd)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
int rval;
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
const char *cp, *shell;
char *class, root[MAXPATHLEN];
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
class = NULL;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (logged_in || askpasswd == 0) {
reply(503, "Login with USER first.");
return;
}
askpasswd = 0;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.type != CLASS_GUEST) {
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* "ftp" is the only account allowed with no password */
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (pw == NULL) {
rval = 1; /* failure below */
goto skip;
}
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS)
Cast away a const for now; const poisoning kerberos #0.
1999-05-20 01:44:29 +04:00
if (klogin(pw, "", hostname, (char *)passwd) == 0) {
Add some krb5 hooks, though it probably doesn't work yet.
1997-10-12 18:04:36 +04:00
rval = 0;
goto skip;
}
#endif
make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file...
2000-06-02 18:47:19 +04:00
#if defined(KERBEROS5)
if (k5login(pw, "", hostname, (char *)passwd) == 0) {
rval = 0;
goto skip;
}
#endif
Actually, do Kerberos first, since we want to get a TGT if possible. Also, clean up some minor cruft.
1997-10-12 17:52:51 +04:00
#ifdef SKEY
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
if (skey_haskey(pw->pw_name) == 0) {
char *p;
int r;
p = xstrdup(passwd);
r = skey_passcheck(pw->pw_name, p);
free(p);
if (r != -1) {
rval = 0;
goto skip;
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
add skey support
1994-05-24 10:52:17 +04:00
#endif
add "-s" flag (SecureID).
1998-06-26 21:41:38 +04:00
if (!sflag && *pw->pw_passwd != '\0' &&
Actually, do Kerberos first, since we want to get a TGT if possible. Also, clean up some minor cruft.
1997-10-12 17:52:51 +04:00
!strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd)) {
rval = 0;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
goto skip;
add skey support
1994-05-24 10:52:17 +04:00
}
Actually, do Kerberos first, since we want to get a TGT if possible. Also, clean up some minor cruft.
1997-10-12 17:52:51 +04:00
rval = 1;
some changes to make Kerberos a bit easier to use. from Michael Graff <explorer@vorpal.com>, with some work by myself...
1994-03-30 06:49:15 +04:00
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
skip:
Send back an error message rather than dumping core when an invalid username is entered. The latter, while effective, does not appear to me to be an appropriate response.
1998-02-24 02:10:34 +03:00
if (pw != NULL && pw->pw_expire && time(NULL) >= pw->pw_expire)
- #endif foo -> #endif /* foo */ - #if __STDC__ -> #ifdef __STDC__ - Don't allow expired accounts to login.
1998-02-01 17:10:22 +03:00
rval = 2;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/*
* If rval > 0, the user failed the authentication check
* above. If rval == 0, either Kerberos or local
* authentication succeeded.
*/
some changes to make Kerberos a bit easier to use. from Michael Graff <explorer@vorpal.com>, with some work by myself...
1994-03-30 06:49:15 +04:00
if (rval) {
More format paranoia.
2000-07-08 22:24:28 +04:00
reply(530, "%s", rval == 2 ? "Password expired." :
- #endif foo -> #endif /* foo */ - #if __STDC__ -> #ifdef __STDC__ - Don't allow expired accounts to login.
1998-02-01 17:10:22 +03:00
"Login incorrect.");
* don't log failed usernames to ftp.notice; use authpriv.notice instead. closes [bin/1571] * don't quit if "PASV" is received without the user being logged in. closes [bin/2401], albiet with a modified test.
1997-05-29 14:31:48 +04:00
if (logging) {
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
syslog(LOG_NOTICE,
* don't log failed usernames to ftp.notice; use authpriv.notice instead. closes [bin/1571] * don't quit if "PASV" is received without the user being logged in. closes [bin/2401], albiet with a modified test.
1997-05-29 14:31:48 +04:00
"FTP LOGIN FAILED FROM %s", remotehost);
syslog(LOG_AUTHPRIV | LOG_NOTICE,
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
"FTP LOGIN FAILED FROM %s, %s",
remotehost, curname);
* don't log failed usernames to ftp.notice; use authpriv.notice instead. closes [bin/1571] * don't quit if "PASV" is received without the user being logged in. closes [bin/2401], albiet with a modified test.
1997-05-29 14:31:48 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
pw = NULL;
if (login_attempts++ >= 5) {
syslog(LOG_NOTICE,
"repeated login failures from %s",
remotehost);
exit(0);
}
return;
}
}
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* password ok; see if anything else prevents login */
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (! checkuser(_PATH_FTPUSERS, pw->pw_name, 1, 0, &class)) {
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
reply(530, "User %s may not use FTP.", pw->pw_name);
if (logging)
syslog(LOG_NOTICE, "FTP LOGIN REFUSED FROM %s, %s",
remotehost, pw->pw_name);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
goto bad;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
}
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* if not guest user, check for valid shell */
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
if ((shell = pw->pw_shell) == NULL || *shell == 0)
shell = _PATH_BSHELL;
while ((cp = getusershell()) != NULL)
if (strcmp(cp, shell) == 0)
break;
endusershell();
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (cp == NULL && curclass.type != CLASS_GUEST) {
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
reply(530, "User %s may not use FTP.", pw->pw_name);
if (logging)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
syslog(LOG_NOTICE, "FTP LOGIN REFUSED FROM %s, %s",
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
remotehost, pw->pw_name);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
goto bad;
Change the syntax of /etc/ftpusers to have both allow and deny information in the same file by following the username with `allow' or `deny'. Also, the user `*' can be used to set the default for users not listed in the file. This is entirely backward compatable with old /etc/ftpusers files. Also, do the /etc/ftpusers and the valid login shell checks after the password is verified, rather than before, so as not to give away whether or not a particular user ID is present on the system.
1997-04-06 11:53:10 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
login_attempts = 0; /* this time successful */
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (setegid((gid_t)pw->pw_gid) < 0) {
reply(550, "Can't set gid.");
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
goto bad;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void) initgroups(pw->pw_name, pw->pw_gid);
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* cache groups for cmds.c::matchgroup() */
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
gidcount = getgroups(sizeof(gidlist), gidlist);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* open wtmp before chroot */
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
if (dowtmp)
logwtmp(ttyline, pw->pw_name, remotehost);
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* open utmp before chroot */
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
if (doutmp) {
memset((void *)&utmp, 0, sizeof(utmp));
(void)time(&utmp.ut_time);
(void)strncpy(utmp.ut_name, pw->pw_name, sizeof(utmp.ut_name));
(void)strncpy(utmp.ut_host, remotehost, sizeof(utmp.ut_host));
(void)strncpy(utmp.ut_line, ttyline, sizeof(utmp.ut_line));
login(&utmp);
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
logged_in = 1;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
/* check user in /etc/ftpchroot */
if (checkuser(_PATH_FTPCHROOT, pw->pw_name, 0, 0, NULL)) {
if (curclass.type == CLASS_GUEST) {
syslog(LOG_NOTICE,
"Can't change guest user to chroot class; remove entry in %s",
_PATH_FTPCHROOT);
exit(1);
}
curclass.type = CLASS_CHROOT;
}
if (class == NULL) {
switch (curclass.type) {
case CLASS_GUEST:
class = xstrdup("guest");
break;
case CLASS_CHROOT:
class = xstrdup("chroot");
break;
case CLASS_REAL:
class = xstrdup("real");
break;
default:
abort();
}
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* parse ftpd.conf, setting up various parameters */
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
parse_conf(class);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
count_users();
if (curclass.limit != -1 && connections > curclass.limit) {
if (! EMPTYSTR(curclass.limitfile))
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
(void)display_file(conffilename(curclass.limitfile),
530);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
reply(530,
missing "." on reply
2000-01-08 14:14:36 +03:00
"User %s access denied, connection limit of %d reached.",
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
pw->pw_name, curclass.limit);
syslog(LOG_NOTICE,
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
"Maximum connection limit of %d for class %s reached, login refused for %s",
curclass.limit, curclass.classname, pw->pw_name);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
goto bad;
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
homedir[0] = '/';
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
switch (curclass.type) {
case CLASS_GUEST:
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/*
* We MUST do a chdir() after the chroot. Otherwise
* the old current directory will be accessible as "."
* outside the new root!
*/
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
format_path(root,
curclass.chroot ? curclass.chroot :
anondir ? anondir :
pw->pw_dir);
format_path(homedir,
curclass.homedir ? curclass.homedir :
"/");
if (EMPTYSTR(homedir))
homedir[0] = '/';
if (EMPTYSTR(root) || chroot(root) < 0) {
syslog(LOG_NOTICE,
"GUEST user %s: can't chroot to %s: %m",
pw->pw_name, root);
goto bad_guest;
}
if (chdir(homedir) < 0) {
syslog(LOG_NOTICE,
"GUEST user %s: can't chdir to %s: %m",
pw->pw_name, homedir);
bad_guest:
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(550, "Can't set guest privileges.");
goto bad;
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
case CLASS_CHROOT:
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
format_path(root,
curclass.chroot ? curclass.chroot :
pw->pw_dir);
format_path(homedir,
curclass.homedir ? curclass.homedir :
"/");
if (EMPTYSTR(homedir))
homedir[0] = '/';
if (EMPTYSTR(root) || chroot(root) < 0) {
syslog(LOG_NOTICE,
"CHROOT user %s: can't chroot to %s: %m",
pw->pw_name, root);
goto bad_chroot;
}
if (chdir(homedir) < 0) {
syslog(LOG_NOTICE,
"CHROOT user %s: can't chdir to %s: %m",
pw->pw_name, homedir);
bad_chroot:
Jarle.F.Greipsland@idt.unit.no's changes to allow for password-protected chrooted ftp logins.
1994-04-07 00:49:52 +04:00
reply(550, "Can't change root.");
goto bad;
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
case CLASS_REAL:
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
format_path(homedir,
curclass.homedir ? curclass.homedir :
pw->pw_dir);
if (EMPTYSTR(homedir) || chdir(homedir) < 0) {
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (chdir("/") < 0) {
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
syslog(LOG_NOTICE,
"REAL user %s: can't chdir to %s: %m",
pw->pw_name,
!EMPTYSTR(homedir) ? homedir : "/");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
reply(530,
"User %s: can't change directory to %s.",
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
pw->pw_name,
!EMPTYSTR(homedir) ? homedir : "/");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
goto bad;
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
} else {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-230,
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
"No directory! Logging in with home=/");
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
homedir[0] = '/';
}
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
break;
}
call setlogin() before dropping root privileges, so that process would have correct p_login value
2000-09-28 21:49:06 +04:00
setlogin(pw->pw_name);
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (dropprivs ||
(curclass.type != CLASS_REAL &&
ntohs(ctrl_addr.su_port) > IPPORT_RESERVED + 1)) {
dropprivs++;
if (setgid((gid_t)pw->pw_gid) < 0) {
reply(550, "Can't set gid.");
goto bad;
}
if (setuid((uid_t)pw->pw_uid) < 0) {
reply(550, "Can't set uid.");
goto bad;
}
} else {
if (seteuid((uid_t)pw->pw_uid) < 0) {
reply(550, "Can't set uid.");
goto bad;
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
setenv("HOME", homedir, 1);
set $HOME to "/" for guest or chroot users, pw->pw_dir otherwise. fixes expansion of `~/...' pathnames.
1997-12-28 07:28:17 +03:00
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
if (curclass.type == CLASS_GUEST && passwd[0] == '-')
quietmessages = 1;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/*
* Display a login message, if it exists.
* N.B. reply(230,) must follow the message.
*/
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
(void)display_file(conffilename(curclass.motd), 230);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
show_chdir_messages(230);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.type == CLASS_GUEST) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(230, "Guest login ok, access restrictions apply.");
use setproctitle
1994-04-14 07:15:37 +04:00
#ifdef HASSETPROCTITLE
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
snprintf(proctitle, sizeof(proctitle),
"%s: anonymous/%.*s", remotehost,
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
(int) (sizeof(proctitle) - sizeof(remotehost) -
sizeof(": anonymous/")), passwd);
setproctitle(), and for any other printf variants, it is not a good idea to pass variable directly like foo(x). use foo("%s", x) to avoid misuse. from: openbsd
2000-07-06 02:15:04 +04:00
setproctitle("%s", proctitle);
use setproctitle
1994-04-14 07:15:37 +04:00
#endif /* HASSETPROCTITLE */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (logging)
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
syslog(LOG_INFO,
"ANONYMOUS FTP LOGIN FROM %s, %s (class: %s, type: %s)",
remotehost, passwd,
curclass.classname, CURCLASSTYPE);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
} else {
reply(230, "User %s logged in.", pw->pw_name);
use setproctitle
1994-04-14 07:15:37 +04:00
#ifdef HASSETPROCTITLE
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
snprintf(proctitle, sizeof(proctitle),
"%s: %s", remotehost, pw->pw_name);
setproctitle(), and for any other printf variants, it is not a good idea to pass variable directly like foo(x). use foo("%s", x) to avoid misuse. from: openbsd
2000-07-06 02:15:04 +04:00
setproctitle("%s", proctitle);
use setproctitle
1994-04-14 07:15:37 +04:00
#endif /* HASSETPROCTITLE */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (logging)
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
syslog(LOG_INFO,
"FTP LOGIN FROM %s as %s (class: %s, type: %s)",
remotehost, pw->pw_name,
curclass.classname, CURCLASSTYPE);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
(void) umask(curclass.umask);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
goto cleanuppass;
bad:
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* Forget all about it... */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
end_login();
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
cleanuppass:
if (class)
free(class);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
retrieve(char *argv[], const char *name)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
FILE *fin, *dout;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
struct stat st;
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
int (*closefunc)(FILE *) = NULL;
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
int log, sendrv, closerv, stderrfd, isconversion, isdata, isls;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
struct timeval start, finish, td, *tdp;
const char *dispname;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
sendrv = closerv = stderrfd = -1;
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
isconversion = isdata = isls = log = 0;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
tdp = NULL;
dispname = name;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
fin = dout = NULL;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (argv == NULL) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
log = 1;
isdata = 1;
fin = fopen(name, "r");
closefunc = fclose;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (fin == NULL)
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
argv = do_conversion(name);
if (argv != NULL) {
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
isconversion++;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
syslog(LOG_INFO, "get command: '%s' on '%s'",
argv[0], name);
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
}
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (argv != NULL) {
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
char temp[MAXPATHLEN];
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (strcmp(argv[0], INTERNAL_LS) == 0) {
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
isls = 1;
stderrfd = -1;
} else {
(void)snprintf(temp, sizeof(temp), "%s", TMPFILE);
stderrfd = mkstemp(temp);
if (stderrfd != -1)
(void)unlink(temp);
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
dispname = argv[0];
fin = ftpd_popen(argv, "r", stderrfd);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
closefunc = ftpd_pclose;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
st.st_size = -1;
st.st_blksize = BUFSIZ;
}
if (fin == NULL) {
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (errno != 0) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
perror_reply(550, dispname);
if (log)
logcmd("get", -1, name, NULL, NULL,
strerror(errno));
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
goto cleanupretrieve;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
byte_count = -1;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (argv == NULL
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
&& (fstat(fileno(fin), &st) < 0 || !S_ISREG(st.st_mode))) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
reply(550, "%s: not a plain file.", dispname);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto done;
}
if (restart_point) {
if (type == TYPE_A) {
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
off_t i;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
int c;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
for (i = 0; i < restart_point; i++) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if ((c=getc(fin)) == EOF) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
perror_reply(550, dispname);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto done;
}
if (c == '\n')
i++;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
Lseek(2) usage cleanup: the use of L_SET/L_INCR/L_XTND is deprecated, use SEEK_SET/SEEK_CUR/SEEK_END instead.
1997-08-25 23:31:43 +04:00
} else if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
perror_reply(550, dispname);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto done;
}
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
dout = dataconn(dispname, st.st_size, "w");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (dout == NULL)
goto done;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void)gettimeofday(&start, NULL);
sendrv = send_data(fin, dout, st.st_blksize, isdata);
(void)gettimeofday(&finish, NULL);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
(void) fclose(dout); /* close now to affect timing stats */
dout = NULL;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
timersub(&finish, &start, &td);
tdp = &td;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
done:
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (log)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
logcmd("get", byte_count, name, NULL, tdp, NULL);
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
closerv = (*closefunc)(fin);
if (sendrv == 0) {
FILE *err;
struct stat sb;
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (!isls && argv != NULL && closerv != 0) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-226,
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
"Command returned an exit status of %d",
closerv);
if (isconversion)
syslog(LOG_INFO,
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
"retrieve command: '%s' returned %d",
argv[0], closerv);
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (!isls && argv != NULL && stderrfd != -1 &&
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
(fstat(stderrfd, &sb) == 0) && sb.st_size > 0 &&
((err = fdopen(stderrfd, "r")) != NULL)) {
char *cp, line[LINE_MAX];
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-226, "Command error messages:");
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
rewind(err);
while (fgets(line, sizeof(line), err) != NULL) {
if ((cp = strchr(line, '\n')) != NULL)
*cp = '\0';
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, " %s", line);
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
}
(void) fflush(stdout);
(void) fclose(err);
/* a reply(226,) must follow */
}
reply(226, "Transfer complete.");
}
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
cleanupretrieve:
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
closedataconn(dout);
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
if (stderrfd != -1)
(void)close(stderrfd);
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
if (isconversion)
free(argv);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
store(const char *name, const char *mode, int unique)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
FILE *fout, *din;
struct stat st;
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
int (*closefunc)(FILE *);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
struct timeval start, finish, td, *tdp;
char *desc;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
din = NULL;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
desc = (*mode == 'w') ? "put" : "append";
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (unique && stat(name, &st) == 0 &&
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
(name = gunique(name)) == NULL) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
logcmd(desc, -1, name, NULL, NULL, "cannot create unique file");
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
goto cleanupstore;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (restart_point)
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
mode = "r+";
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
fout = fopen(name, mode);
closefunc = fclose;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
tdp = NULL;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (fout == NULL) {
perror_reply(553, name);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
logcmd(desc, -1, name, NULL, NULL, strerror(errno));
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
goto cleanupstore;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
byte_count = -1;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (restart_point) {
if (type == TYPE_A) {
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
off_t i;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
int c;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
for (i = 0; i < restart_point; i++) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if ((c=getc(fout)) == EOF) {
perror_reply(550, name);
goto done;
}
if (c == '\n')
i++;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* We must do this seek to "current" position
* because we are changing from reading to
* writing.
*/
* fix "cd ~" so that it works (from Simon Burge <simonb@telstra.com.au> * move resetting of CFLAGS on powerpc to before optional CFLAGS settings * minor code & man page cleanups
1997-04-27 07:21:38 +04:00
if (fseek(fout, 0L, SEEK_CUR) < 0) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(550, name);
goto done;
}
Lseek(2) usage cleanup: the use of L_SET/L_INCR/L_XTND is deprecated, use SEEK_SET/SEEK_CUR/SEEK_END instead.
1997-08-25 23:31:43 +04:00
} else if (lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(550, name);
goto done;
}
}
din = dataconn(name, (off_t)-1, "r");
if (din == NULL)
goto done;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void)gettimeofday(&start, NULL);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (receive_data(din, fout) == 0) {
if (unique)
reply(226, "Transfer complete (unique file name:%s).",
name);
else
reply(226, "Transfer complete.");
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void)gettimeofday(&finish, NULL);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
(void) fclose(din); /* close now to affect timing stats */
din = NULL;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
timersub(&finish, &start, &td);
tdp = &td;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
done:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
logcmd(desc, byte_count, name, NULL, tdp, NULL);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(*closefunc)(fout);
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
cleanupstore:
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
closedataconn(din);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static FILE *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
getdatasock(const char *mode)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
int on, s, t, tries;
in_port_t port;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
on = 1;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (data >= 0)
return (fdopen(data, mode));
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (! dropprivs)
(void) seteuid((uid_t)0);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
s = socket(ctrl_addr.su_family, SOCK_STREAM, 0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (s < 0)
goto bad;
if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
(char *) &on, sizeof(on)) < 0)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto bad;
Set keepalives on the sockets to force logouts on connections that have disappeared.
1999-06-05 17:49:53 +04:00
if (setsockopt(s, SOL_SOCKET, SO_KEEPALIVE,
(char *) &on, sizeof(on)) < 0)
goto bad;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* anchor socket to avoid multi-homing problems */
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
data_source = ctrl_addr;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/*
* By default source port for PORT connctions is
* ctrlport-1 (see RFC959 section 5.2).
* However, if privs have been dropped and that
* would be < IPPORT_RESERVED, use a random port
* instead.
*/
port = ntohs(ctrl_addr.su_port) - 1;
if (dropprivs && port < IPPORT_RESERVED)
port = 0; /* use random port */
data_source.su_port = htons(port);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
for (tries = 1; ; tries++) {
if (bind(s, (struct sockaddr *)&data_source,
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
data_source.su_len) >= 0)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
break;
if (errno != EADDRINUSE || tries > 10)
goto bad;
sleep(tries);
}
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (! dropprivs)
(void) seteuid((uid_t)pw->pw_uid);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#ifdef IP_TOS
do not perform setsockopt(IP_TOS) on mapped connections (IPv4 connection toward AF_INET6 socket).
1999-12-13 19:30:37 +03:00
if (!mapped && ctrl_addr.su_family == AF_INET) {
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
on = IPTOS_THROUGHPUT;
if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&on,
sizeof(int)) < 0)
syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#endif
return (fdopen(s, mode));
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
bad:
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
/* Return the real value of errno (close may change it) */
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
t = errno;
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
if (! dropprivs)
(void) seteuid((uid_t)pw->pw_uid);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void) close(s);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
errno = t;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
return (NULL);
}
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
FILE *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
dataconn(const char *name, off_t size, const char *mode)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
char sizebuf[32];
FILE *file;
Set keepalives on the sockets to force logouts on connections that have disappeared.
1999-06-05 17:49:53 +04:00
int retry = 0, tos, keepalive;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
file_size = size;
byte_count = 0;
if (size != (off_t) -1)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void)snprintf(sizebuf, sizeof(sizebuf), " (%qd byte%s)",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)size, PLURAL(size));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
else
be safe with some buffers.
1997-07-21 09:13:10 +04:00
sizebuf[0] = '\0';
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (pdata >= 0) {
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
union sockunion from;
handle IPv4 TCP control connection, toward AF_INET6 socket. this happens when you have the following line in inetd.conf, but not with tcp4 line: >>>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-27 19:41:49 +04:00
int s, fromlen = sizeof(from);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* initialise curclass.timeout to 900 in main(), so that operations that want to timeout using this value that are executed before the conf file is parsed will work. fixes ``stale ftpd stuck in connection phase'' * in PASV mode, wrap accept() in an alarm timeout. fixes ``stale ftpd because of client disappearing in pasv mode (usually browsers)'' * main() doesn't need envp argument
1997-11-29 02:32:30 +03:00
(void) alarm(curclass.timeout);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
s = accept(pdata, (struct sockaddr *)&from, &fromlen);
* initialise curclass.timeout to 900 in main(), so that operations that want to timeout using this value that are executed before the conf file is parsed will work. fixes ``stale ftpd stuck in connection phase'' * in PASV mode, wrap accept() in an alarm timeout. fixes ``stale ftpd because of client disappearing in pasv mode (usually browsers)'' * main() doesn't need envp argument
1997-11-29 02:32:30 +03:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (s < 0) {
reply(425, "Can't open data connection.");
(void) close(pdata);
pdata = -1;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
return (NULL);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
(void) close(pdata);
pdata = s;
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
switch (from.su_family) {
case AF_INET:
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#ifdef IP_TOS
do not perform setsockopt(IP_TOS) on mapped connections (IPv4 connection toward AF_INET6 socket).
1999-12-13 19:30:37 +03:00
if (!mapped) {
tos = IPTOS_THROUGHPUT;
(void) setsockopt(s, IPPROTO_IP, IP_TOS,
(char *)&tos, sizeof(int));
}
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
break;
Set keepalives on the sockets to force logouts on connections that have disappeared.
1999-06-05 17:49:53 +04:00
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
Set keepalives on the sockets to force logouts on connections that have disappeared.
1999-06-05 17:49:53 +04:00
/* Set keepalives on the socket to detect dropped conns. */
#ifdef SO_KEEPALIVE
keepalive = 1;
(void) setsockopt(s, SOL_SOCKET, SO_KEEPALIVE,
(char *)&keepalive, sizeof(int));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#endif
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
reply(150, "Opening %s mode data connection for '%s'%s.",
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
return (fdopen(pdata, mode));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
if (data >= 0) {
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
reply(125, "Using existing data connection for '%s'%s.",
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
name, sizebuf);
usedefault = 1;
return (fdopen(data, mode));
}
if (usedefault)
data_dest = his_addr;
usedefault = 1;
file = getdatasock(mode);
if (file == NULL) {
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
char hbuf[INET6_ADDRSTRLEN];
char pbuf[10];
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef NI_NUMERICHOST
(void)getnameinfo((struct sockaddr *)&data_source,
data_source.su_len, hbuf, sizeof(hbuf),
pbuf, sizeof(pbuf), NI_NUMERICHOST | NI_NUMERICSERV);
#else
struct hostent *hp;
if ((hp = gethostbyaddr((const char *)&data_source,
data_source.su_len, AF_INET)) == NULL)
(void)strcpy(hostname,
inet_ntoa(data_source.su_sin.sin_addr));
else
(void)strlcpy(hostname, hp->h_name, sizeof(hostname));
(void)snprintf(pbuf, sizeof(pbuf), "%d", data_source.su_port);
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
reply(425, "Can't create data socket (%s,%s): %s.",
hbuf, pbuf, strerror(errno));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
return (NULL);
}
data = fileno(file);
while (connect(data, (struct sockaddr *)&data_dest,
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
data_dest.su_len) < 0) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (errno == EADDRINUSE && retry < swaitmax) {
sleep((unsigned) swaitint);
retry += swaitint;
continue;
}
perror_reply(425, "Can't build data connection");
(void) fclose(file);
data = -1;
return (NULL);
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
reply(150, "Opening %s mode data connection for '%s'%s.",
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
return (file);
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
void
closedataconn(FILE *fd)
{
if (fd != NULL)
(void)fclose(fd);
data = -1;
if (pdata >= 0)
(void)close(pdata);
pdata = -1;
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
* Tranfer the contents of "instr" to "outstr" peer using the appropriate
* encapsulation of the data subject * to Mode, Structure, and Type.
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
*
* NB: Form isn't handled.
*/
support displaying the stderr output from a LIST or a conversion to the user at the end of a transfer. this generates a file in /tmp, so anonymous requires a writable ~ftp/tmp, which you may not want to do (because it may allow people to unwanted upload files). XXX: a better method of storing the stderr output would be nice, but is a lot more effort to implement. this feature can at least be used temporarily whilst debugging why an ftp conversion doesn't work.
1998-06-08 11:13:13 +04:00
static int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
send_data(FILE *instr, FILE *outstr, off_t blksize, int isdata)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
int c, filefd, netfd, rval;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
char *buf;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
transflag = 1;
rval = -1;
buf = NULL;
if (setjmp(urgcatch))
goto cleanup_send_data;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
switch (type) {
case TYPE_A:
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
/* XXXX: rate limit ascii send (get) */
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(curclass.timeout);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
while ((c = getc(instr)) != EOF) {
byte_count++;
if (c == '\n') {
if (ferror(outstr))
goto data_err;
(void) putc('\r', outstr);
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
if (isdata) {
total_data_out++;
total_data++;
}
total_bytes_out++;
total_bytes++;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
(void) putc(c, outstr);
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
if (isdata) {
total_data_out++;
total_data++;
}
total_bytes_out++;
total_bytes++;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
if ((byte_count % 4096) == 0)
(void) alarm(curclass.timeout);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
fflush(outstr);
if (ferror(instr))
goto file_err;
if (ferror(outstr))
goto data_err;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
rval = 0;
goto cleanup_send_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case TYPE_I:
case TYPE_L:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
if ((buf = malloc((size_t)blksize)) == NULL) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(451, "Local resource failure: malloc");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_send_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
filefd = fileno(instr);
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
netfd = fileno(outstr);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(curclass.timeout);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.rateget) {
while (1) {
int d;
struct timeval then, now, td;
off_t bufrem;
char *bufp;
(void)gettimeofday(&then, NULL);
errno = c = d = 0;
bufrem = curclass.rateget;
while (bufrem > 0) {
if ((c = read(filefd, buf,
MIN(blksize, bufrem))) <= 0)
goto senddone;
(void) alarm(curclass.timeout);
bufrem -= c;
byte_count += c;
if (isdata) {
total_data_out += c;
total_data += c;
}
total_bytes_out += c;
total_bytes += c;
for (bufp = buf; c > 0;
c -= d, bufp += d)
if ((d =
write(netfd, bufp, c)) <= 0)
break;
if (d < 0)
goto data_err;
}
(void)gettimeofday(&now, NULL);
timersub(&now, &then, &td);
fix problems noted by <dogcow@redback.com> in [bin/10390] and private email: * fix RATE{GET,PUT} under some situations when the client is slower than the server (something i missed when migrating the rate limiting code i wrote in ftp(1) to ftpd(8)) * document what units RATE{GET,PUT} use
2000-06-20 11:39:46 +04:00
if (td.tv_sec == 0)
usleep(1000000 - td.tv_usec);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
}
} else {
while ((c = read(filefd, buf, (size_t)blksize)) > 0) {
if (write(netfd, buf, c) != c)
goto data_err;
(void) alarm(curclass.timeout);
byte_count += c;
if (isdata) {
total_data_out += c;
total_data += c;
}
total_bytes_out += c;
total_bytes += c;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
senddone:
if (c < 0)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto file_err;
rval = 0;
goto cleanup_send_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
default:
reply(550, "Unimplemented TYPE %d in send_data", type);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_send_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
data_err:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(426, "Data connection");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_send_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
file_err:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(551, "Error on input file");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
/* FALLTHROUGH */
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
cleanup_send_data:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
transflag = 0;
if (buf)
free(buf);
if (isdata) {
total_files_out++;
total_files++;
}
total_xfers_out++;
total_xfers++;
return (rval);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
/*
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
* Transfer data from peer to "outstr" using the appropriate encapulation of
* the data subject to Mode, Structure, and Type.
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
*
* N.B.: Form isn't handled.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
receive_data(FILE *instr, FILE *outstr)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
int c, bare_lfs, netfd, filefd, rval;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
char buf[BUFSIZ];
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#ifdef __GNUC__
(void) &bare_lfs;
#endif
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
bare_lfs = 0;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
transflag = 1;
rval = -1;
if (setjmp(urgcatch))
goto cleanup_recv_data;
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
switch (type) {
case TYPE_I:
case TYPE_L:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
netfd = fileno(instr);
filefd = fileno(outstr);
(void) alarm(curclass.timeout);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.rateput) {
while (1) {
int d;
struct timeval then, now, td;
off_t bufrem;
(void)gettimeofday(&then, NULL);
errno = c = d = 0;
for (bufrem = curclass.rateput; bufrem > 0; ) {
if ((c = read(netfd, buf,
MIN(sizeof(buf), bufrem))) <= 0)
goto recvdone;
if ((d = write(filefd, buf, c)) != c)
goto recvdone;
(void) alarm(curclass.timeout);
bufrem -= c;
byte_count += c;
total_data_in += c;
total_data += c;
total_bytes_in += c;
total_bytes += c;
}
(void)gettimeofday(&now, NULL);
timersub(&now, &then, &td);
fix problems noted by <dogcow@redback.com> in [bin/10390] and private email: * fix RATE{GET,PUT} under some situations when the client is slower than the server (something i missed when migrating the rate limiting code i wrote in ftp(1) to ftpd(8)) * document what units RATE{GET,PUT} use
2000-06-20 11:39:46 +04:00
if (td.tv_sec == 0)
usleep(1000000 - td.tv_usec);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
}
} else {
while ((c = read(netfd, buf, sizeof(buf))) > 0) {
if (write(filefd, buf, c) != c)
goto file_err;
(void) alarm(curclass.timeout);
byte_count += c;
total_data_in += c;
total_data += c;
total_bytes_in += c;
total_bytes += c;
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
recvdone:
if (c < 0)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto data_err;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
rval = 0;
goto cleanup_recv_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case TYPE_E:
reply(553, "TYPE E not implemented.");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_recv_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
case TYPE_A:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(curclass.timeout);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
/* XXXX: rate limit ascii receive (put) */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
while ((c = getc(instr)) != EOF) {
byte_count++;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
total_data_in++;
total_data++;
total_bytes_in++;
total_bytes++;
if ((byte_count % 4096) == 0)
(void) alarm(curclass.timeout);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (c == '\n')
bare_lfs++;
while (c == '\r') {
if (ferror(outstr))
goto data_err;
if ((c = getc(instr)) != '\n') {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
byte_count++;
total_data_in++;
total_data++;
total_bytes_in++;
total_bytes++;
if ((byte_count % 4096) == 0)
(void) alarm(curclass.timeout);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void) putc ('\r', outstr);
if (c == '\0' || c == EOF)
goto contin2;
}
}
(void) putc(c, outstr);
contin2: ;
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
fflush(outstr);
if (ferror(instr))
goto data_err;
if (ferror(outstr))
goto file_err;
if (bare_lfs) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-226,
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
"WARNING! %d bare linefeeds received in ASCII mode",
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
bare_lfs);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "File may not have transferred correctly.");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
rval = 0;
goto cleanup_recv_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
default:
reply(550, "Unimplemented TYPE %d in receive_data", type);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_recv_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
data_err:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(426, "Data Connection");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_recv_data;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
file_err:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(452, "Error writing file");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
goto cleanup_recv_data;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
cleanup_recv_data:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
(void) alarm(0);
transflag = 0;
total_files_in++;
total_files++;
total_xfers_in++;
total_xfers++;
return (rval);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
statcmd(void)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
union sockunion *su = NULL;
static char ntop_buf[INET6_ADDRSTRLEN];
u_char *a, *p;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
int ispassive, af;
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
off_t otbi, otbo, otb;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
a = p = (u_char *)NULL;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(-211, "%s FTP server status:", hostname);
* make checkportcmd the default. this breaks third-party proxy ftp but prevents the ftp bounce attack, and we should be secure out of the box, not require users to tweak obscure stuff. * allow the version string reported to clients to be changed with '-V vers'. if vers is empty or `-', don't report a version. * if -r is given, permanently drop root privs * if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port > IPPORT_RESERVED+1, permanently drop root privs * don't bother reverting to root privs to logout of wtmp/utmp; since the file descriptor is already open this isn't necessary. * fix the binding of the port for the PORT/LPRT/EPRT connection to be the ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6 merge). if root privs have been dropped, and this would be a port < IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant but it doesn't appear that many clients care). * prevent login of a new user if privs have been dropped and already logged in as a REAL user (existing check already stops GUEST & CHROOT users). * move the port check stuff into a separate port_check() function, and use for PORT, LPRT, and EPRT checks. inspired by freebsd * minor KNF * minor man page cleanup
2000-07-23 18:40:48 +04:00
reply(0, "Version: %s", EMPTYSTR(version) ? "<suppressed>" : version);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
ntop_buf[0] = '\0';
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef NI_NUMERICHOST
(void)getnameinfo((struct sockaddr *)&his_addr, his_addr.su_len,
ntop_buf, sizeof(ntop_buf), NULL, 0, NI_NUMERICHOST);
#else
{
struct hostent *hp;
if ((hp = gethostbyaddr((const char *)&his_addr,
his_addr.su_len, AF_INET)) != NULL)
(void)strlcpy(ntop_buf, hp->h_name, sizeof(ntop_buf));
}
#endif
if (ntop_buf[0] != '\0' && strcmp(remotehost, ntop_buf) != 0)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Connected to %s (%s)", remotehost, ntop_buf);
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Connected to %s", remotehost);
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (logged_in) {
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.type == CLASS_GUEST)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Logged in anonymously");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Logged in as %s%s", pw->pw_name,
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.type == CLASS_CHROOT ? " (chroot)" : "");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
} else if (askpasswd)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Waiting for password");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Waiting for user name");
cprintf(stdout, " TYPE: %s", typenames[type]);
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
if (type == TYPE_A || type == TYPE_E)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, ", FORM: %s", formnames[form]);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
if (type == TYPE_L) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#if NBBY == 8
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, " %d", NBBY);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#else
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
/* XXX: `bytesize' needs to be defined in this case */
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, " %d", bytesize);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#endif
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "; STRUcture: %s; transfer MODE: %s\r\n",
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
strunames[stru], modenames[mode]);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
ispassive = 0;
if (data != -1) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Data connection open");
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
su = NULL;
} else if (pdata != -1) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "in Passive mode");
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
su = (union sockunion *)&pasv_addr;
ispassive = 1;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto printaddr;
} else if (usedefault == 0) {
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
if (epsvall) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "EPSV only mode (EPSV ALL)");
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
goto epsvonly;
}
su = (union sockunion *)&data_dest;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
printaddr:
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
/* PASV/PORT */
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
if (su->su_family == AF_INET) {
a = (u_char *) &su->su_sin.sin_addr;
p = (u_char *) &su->su_sin.sin_port;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#define UC(b) (((int) b) & 0xff)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "%s (%d,%d,%d,%d,%d,%d)",
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
ispassive ? "PASV" : "PORT" ,
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
UC(a[0]), UC(a[1]), UC(a[2]), UC(a[3]),
UC(p[0]), UC(p[1]));
}
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
/* LPSV/LPRT */
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
{
int alen, af, i;
alen = 0;
switch (su->su_family) {
case AF_INET:
a = (u_char *) &su->su_sin.sin_addr;
p = (u_char *) &su->su_sin.sin_port;
alen = sizeof(su->su_sin.sin_addr);
af = 4;
break;
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef INET6
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
case AF_INET6:
a = (u_char *) &su->su_sin6.sin6_addr;
p = (u_char *) &su->su_sin6.sin6_port;
alen = sizeof(su->su_sin6.sin6_addr);
af = 6;
break;
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
default:
af = 0;
break;
}
if (af) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, " %s (%d,%d",
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
ispassive ? "LPSV" : "LPRT", af, alen);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
for (i = 0; i < alen; i++)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, ",%d", UC(a[i]));
cprintf(stdout, ",%d,%d,%d)", 2, UC(p[0]), UC(p[1]));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#undef UC
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
}
/* EPRT/EPSV */
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
epsvonly:
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
switch (su->su_family) {
case AF_INET:
af = 1;
break;
case AF_INET6:
af = 2;
break;
default:
af = 0;
break;
}
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
ntop_buf[0] = '\0';
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
if (af) {
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef NI_NUMERICHOST
(void)getnameinfo((struct sockaddr *)su, su->su_len,
ntop_buf, sizeof(ntop_buf), NULL, 0,
NI_NUMERICHOST);
#else
struct hostent *hp;
if ((hp = gethostbyaddr((const char *)su,
su->su_len, AF_INET)) != NULL)
(void)strlcpy(ntop_buf, hp->h_name,
sizeof(ntop_buf));
#endif
if (ntop_buf[0] != '\0')
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "%s (|%d|%s|%d|)",
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
ispassive ? "EPSV" : "EPRT",
af, ntop_buf, ntohs(su->su_port));
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
} else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "No data connection");
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
if (logged_in) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Data sent: %qd byte%s in %qd file%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)total_data_out, PLURAL(total_data_out),
(qdfmt_t)total_files_out, PLURAL(total_files_out));
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Data received: %qd byte%s in %qd file%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)total_data_in, PLURAL(total_data_in),
(qdfmt_t)total_files_in, PLURAL(total_files_in));
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Total data: %qd byte%s in %qd file%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)total_data, PLURAL(total_data),
(qdfmt_t)total_files, PLURAL(total_files));
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
}
otbi = total_bytes_in;
otbo = total_bytes_out;
otb = total_bytes;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Traffic sent: %qd byte%s in %qd transfer%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)otbo, PLURAL(otbo),
(qdfmt_t)total_xfers_out, PLURAL(total_xfers_out));
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Traffic received: %qd byte%s in %qd transfer%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)otbi, PLURAL(otbi),
(qdfmt_t)total_xfers_in, PLURAL(total_xfers_in));
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Total traffic: %qd byte%s in %qd transfer%s",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)otb, PLURAL(otb),
(qdfmt_t)total_xfers, PLURAL(total_xfers));
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
if (logged_in) {
struct ftpconv *cp;
More format paranoia.
2000-07-08 22:24:28 +04:00
reply(0, "%s", "");
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Class: %s, type: %s",
* add support for optional groupglob in ftpuser entry. the syntax is now: userglob[:groupglob][@host] [directive [class]] * append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 15:56:15 +03:00
curclass.classname, CURCLASSTYPE);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Check PORT/LPRT commands: %sabled",
* change checkportcmd syntax to `checkportcmd class [off]' (as per `modify') * display current setting of checkportcmd in STAT * ensure that curclass.checkportcmd is initialised to 0 * document default setting of checkportcmd in ftpd(8) * cleanup code a bit, putting code for "checkportcmd" in alphabetical order
1997-11-11 15:42:24 +03:00
curclass.checkportcmd ? "en" : "dis");
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
if (! EMPTYSTR(curclass.display))
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Display file: %s", curclass.display);
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
if (! EMPTYSTR(curclass.notify))
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Notify fileglob: %s", curclass.notify);
reply(0, "Idle timeout: %d, maximum timeout: %d",
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
curclass.timeout, curclass.maxtimeout);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Current connections: %d", connections);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
if (curclass.limit == -1)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Maximum connections: unlimited");
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Maximum connections: %d", curclass.limit);
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
if (curclass.limitfile)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Connection limit exceeded file: %s",
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
curclass.limitfile);
* add two new ftpd.conf(5) directives: chroot specify dir to chroot to for GUEST and CHROOT users, to override -a anondir or the user's homedir. homedir specify dir to change to upon login; also used for ~ expansion and $HOME for subprocesses) both of these can take % escapes: %u (username), %d (homedir), %c (class). * fix NLST to take a pathname not a STRING, so that ~ expansion works * modify CWD to use the homedir parsed from curclass.homedir * implement format_path(dst, src), to parse src expanding % escapes (see above) into dst. * rename format_file() to display_file()
2000-07-17 06:30:52 +04:00
if (! EMPTYSTR(curclass.chroot))
reply(0, "Chroot format: %s", curclass.chroot);
if (! EMPTYSTR(curclass.homedir))
reply(0, "Homedir format: %s", curclass.homedir);
if (! EMPTYSTR(curclass.motd))
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "MotD file: %s", curclass.motd);
reply(0,
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
"Modify commands (CHMOD, DELE, MKD, RMD, RNFR, UMASK): %sabled",
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
curclass.modify ? "en" : "dis");
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Upload commands (APPE, STOR, STOU): %sabled",
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.upload ? "en" : "dis");
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
if (curclass.portmin && curclass.portmax)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "PASV port range: %d - %d",
suppress verbose messages from CWD and post-login if the first character of the anonymous password is `-'.
2000-01-13 03:04:31 +03:00
curclass.portmin, curclass.portmax);
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.rateget)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Rate get limit: %d bytes/sec",
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.rateget);
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Rate get limit: disabled");
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (curclass.rateput)
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Rate put limit: %d bytes/sec",
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
curclass.rateput);
else
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Rate put limit: disabled");
reply(0, "Umask: %.04o", curclass.umask);
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
for (cp = curclass.conversions; cp != NULL; cp=cp->next) {
if (cp->suffix == NULL || cp->types == NULL ||
cp->command == NULL)
continue;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
reply(0, "Conversion: %s [%s] disable: %s, command: %s",
* implement /etc/ftpd.conf, which adds support for the following features, controllable on a per class (which is one of: real, chroot, guest, all or none) basis: * on-the-fly execution of a command to build the file (a ``conversion''), providing support for "get dirname.tar" and the like. * displaying the contents of a file when a directory is entered for the first time. * maximum value for timeout (replaces -T). * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST. * notifying the user of the existance of a files matching a glob pattern when a directory is entered for the first time. * default value for timeout (replaces -t). * default umask (replaces -DGUEST_CMASK and -u). The conversion, display, and notify functionality was based on code by Simon Burge <simonb@telstra.com.au>. * clean up and re-order parts of the man page into subsections. * STAT displays the settings defined for the class of the current user. * bump version from 6.00 to 7.00, because of ftpd.conf. * deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and -t, -T and -u, as ftpd.conf allows finer control of these. * add "nostderr" argument to ftpd_popen(), because you don't want the stderr stream mixing with the stdout stream during a conversion, as this can corrupt the stream.
1997-06-14 12:43:26 +04:00
cp->suffix, cp->types, cp->disable, cp->command);
}
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(211, "End of status");
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
fatal(const char *s)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(451, "Error in server: %s\n", s);
reply(221, "Closing connection due to server error.");
dologout(0);
/* NOTREACHED */
}
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
/*
* reply() --
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
* depending on the value of n, display fmt with a trailing CRLF and
* prefix of:
* n < -1 prefix the message with abs(n) + "-" (initial line)
* n == 0 prefix the message with 4 spaces (middle lines)
* n > 0 prefix the message with n + " " (final line)
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
reply(int n, const char *fmt, ...)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
off_t b;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
va_list ap;
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
va_start(ap, fmt);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
b = 0;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
if (n == 0)
cprintf(stdout, " ");
else if (n < 0)
cprintf(stdout, "%d-", -n);
else
cprintf(stdout, "%d ", n);
b = vprintf(fmt, ap);
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
total_bytes += b;
total_bytes_out += b;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cprintf(stdout, "\r\n");
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void)fflush(stdout);
if (debug) {
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
syslog(LOG_DEBUG, "<--- %d%c", abs(n), (n < 0) ? '-' : ' ');
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
vsyslog(LOG_DEBUG, fmt, ap);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
dolog(struct sockaddr *who)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef NI_MAXHOST
(void)getnameinfo(who, who->sa_len, remotehost, sizeof(remotehost),
NULL, 0, 0);
#else
struct hostent *hp;
if ((hp = gethostbyaddr((const char *)who, who->sa_len,
AF_INET)) == NULL)
strcpy(remotehost,
inet_ntoa(((struct sockaddr_in *)who)->sin_addr));
#endif
use setproctitle
1994-04-14 07:15:37 +04:00
#ifdef HASSETPROCTITLE
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
setproctitle(), and for any other printf variants, it is not a good idea to pass variable directly like foo(x). use foo("%s", x) to avoid misuse. from: openbsd
2000-07-06 02:15:04 +04:00
setproctitle("%s", proctitle);
use setproctitle
1994-04-14 07:15:37 +04:00
#endif /* HASSETPROCTITLE */
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (logging)
deprecate -h hostname in favour of automatic determination of local hostname. this is a much cleaner solution for supporting multihomed virtual servers. from Geoff C. Wing <gcw@pobox.com> in [bin/8137].
1999-12-18 09:33:54 +03:00
syslog(LOG_INFO, "connection from %s to %s",
remotehost, hostname);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
/*
* Record logout in wtmp file
* and exit with supplied status.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
dologout(int status)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
set transflag to 0 in dologout, to prevent a SIGURG taking us back to the main loop.
1997-01-23 08:57:55 +03:00
/*
* Prevent reception of SIGURG from resulting in a resumption
* back to the main program loop.
*/
transflag = 0;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (logged_in) {
add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp). inspired by similar option in wuftpd.
2000-07-26 17:53:33 +04:00
if (dowtmp)
logwtmp(ttyline, "", "");
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
if (doutmp)
logout(utmp.ut_line);
Format police. Also, try s/key before Kerberos.
1997-10-12 17:18:56 +04:00
#ifdef KERBEROS
some changes to make Kerberos a bit easier to use. from Michael Graff <explorer@vorpal.com>, with some work by myself...
1994-03-30 06:49:15 +04:00
if (!notickets && krbtkfile_env)
unlink(krbtkfile_env);
#endif
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
/* beware of flushing buffers after a SIGPIPE */
_exit(status);
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
myoob(int signo)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
char *cp;
/* only process if transfer occurring */
if (!transflag)
return;
cp = tmpline;
if (getline(cp, 7, stdin) == NULL) {
reply(221, "You could at least say goodbye.");
dologout(0);
}
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
if (strcasecmp(cp, "ABOR\r\n") == 0) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
tmpline[0] = '\0';
reply(426, "Transfer aborted. Data connection closed.");
reply(226, "Abort successful");
longjmp(urgcatch, 1);
}
new features: * implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM. OPTS only works on NOOP (as a test). * extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry can take an optional trailing `yes' or `no' which indicates if chroot should be done (defaults to `yes'). based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769] cleanups/bugs: * reorder and reformat entries in yacc parser to match cmdtab[]. add a blank line between each rule. * add short hasopts and char *options to struct tab, to support OPTS. * deprecate upper(); use strcasecmp() instead of strcmp() * remove unnecessary for (;;) { } in yylex(); * replace copy() and sgetsave() with xstrdup() * fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 12:11:20 +04:00
if (strcasecmp(cp, "STAT\r\n") == 0) {
* move version to separate header file * use .Dv and .Tn in the man pages as appropriate * KNF a bit The following were inspired by similar changes in openbsd, but may have additional improvements by me: * add more check_login tests to the parser rules * nuke a few memory leaks in the parser rules * clear passwords before free()ing them, for safety * don't display \r\n in setproctitle() output * add support for -U, which enables managing /var/run/utmp entries for connections. solves [bin/2217] by Jason Downs <downsj@teeny.org> * fix oob handling for STAT command * use SIG_ERR instead of -1
1999-12-18 08:51:34 +03:00
tmpline[0] = '\0';
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (file_size != (off_t) -1)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
reply(213, "Status: %qd of %qd byte%s transferred",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)byte_count, (qdfmt_t)file_size,
PLURAL(byte_count));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
else
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
reply(213, "Status: %qd byte%s transferred",
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
(qdfmt_t)byte_count, PLURAL(byte_count));
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
}
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
static int
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
bind_pasv_addr(void)
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
{
static int passiveport;
int port, len;
len = pasv_addr.su_len;
if (curclass.portmin == 0 && curclass.portmax == 0) {
pasv_addr.su_port = 0;
return (bind(pdata, (struct sockaddr *)&pasv_addr, len));
}
if (passiveport == 0) {
srand(getpid());
passiveport = rand() % (curclass.portmax - curclass.portmin)
+ curclass.portmin;
}
port = passiveport;
while (1) {
port++;
if (port > curclass.portmax)
port = curclass.portmin;
else if (port == passiveport) {
errno = EAGAIN;
return (-1);
}
pasv_addr.su_port = htons(port);
if (bind(pdata, (struct sockaddr *)&pasv_addr, len) == 0)
break;
if (errno != EADDRINUSE)
return (-1);
}
passiveport = port;
return (0);
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* Note: a response of 425 is not mentioned as a possible response to
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
* the PASV command in RFC959. However, it has been blessed as
* a legitimate response by Jon Postel in a telephone conversation
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* with Rick Adams on 25 Jan 89.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
passive(void)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
int len;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
char *p, *a;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
close pdata when it is kept opened till call to {,long_}passive().
1999-12-09 14:18:05 +03:00
if (pdata >= 0)
close(pdata);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
pdata = socket(AF_INET, SOCK_STREAM, 0);
* don't log failed usernames to ftp.notice; use authpriv.notice instead. closes [bin/1571] * don't quit if "PASV" is received without the user being logged in. closes [bin/2401], albiet with a modified test.
1997-05-29 14:31:48 +04:00
if (pdata < 0 || !logged_in) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
perror_reply(425, "Can't open passive connection");
return;
}
pasv_addr = ctrl_addr;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
if (bind_pasv_addr() < 0)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
goto pasv_error;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
len = pasv_addr.su_len;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
goto pasv_error;
if (listen(pdata, 1) < 0)
goto pasv_error;
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
a = (char *) &pasv_addr.su_sin.sin_addr;
p = (char *) &pasv_addr.su_port;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
#define UC(b) (((int) b) & 0xff)
reply(227, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", UC(a[0]),
UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1]));
return;
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
pasv_error:
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
(void) close(pdata);
pdata = -1;
perror_reply(425, "Can't open passive connection");
return;
}
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
/*
* convert protocol identifier to/from AF
*/
int
lpsvproto2af(int proto)
{
switch (proto) {
case 4: return AF_INET;
#ifdef INET6
case 6: return AF_INET6;
#endif
default: return -1;
}
}
int
af2lpsvproto(int af)
{
switch (af) {
case AF_INET: return 4;
#ifdef INET6
case AF_INET6: return 6;
#endif
default: return -1;
}
}
int
epsvproto2af(int proto)
{
switch (proto) {
case 1: return AF_INET;
#ifdef INET6
case 2: return AF_INET6;
#endif
default: return -1;
}
}
int
af2epsvproto(int af)
{
switch (af) {
case AF_INET: return 1;
#ifdef INET6
case AF_INET6: return 2;
#endif
default: return -1;
}
}
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
/*
* 228 Entering Long Passive Mode (af, hal, h1, h2, h3,..., pal, p1, p2...)
* 229 Entering Extended Passive Mode (|||port|)
*/
void
long_passive(char *cmd, int pf)
{
int len;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
char *p, *a;
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
if (!logged_in) {
syslog(LOG_NOTICE, "long passive but not logged in");
reply(503, "Login with USER first.");
return;
}
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
if (pf != PF_UNSPEC && ctrl_addr.su_family != pf) {
/*
* XXX
* only EPRT/EPSV ready clients will understand this
*/
if (strcmp(cmd, "EPSV") != 0)
reply(501, "Network protocol mismatch"); /*XXX*/
else
epsv_protounsupp("Network protocol mismatch");
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
return;
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
close pdata when it is kept opened till call to {,long_}passive().
1999-12-09 14:18:05 +03:00
if (pdata >= 0)
close(pdata);
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
pdata = socket(ctrl_addr.su_family, SOCK_STREAM, 0);
if (pdata < 0) {
perror_reply(425, "Can't open passive connection");
return;
}
pasv_addr = ctrl_addr;
* add ftpd.conf directive `portrange class min max', which allows specification of the port range used by passive connections. based on work in [bin/9158] from Takahiro Kambe <taca@sky.yamashina.kyoto.jp> * change the way global variables are defined and extern-ed to be more consistent.
2000-01-13 01:39:27 +03:00
if (bind_pasv_addr() < 0)
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
goto pasv_error;
len = pasv_addr.su_len;
if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
goto pasv_error;
if (listen(pdata, 1) < 0)
goto pasv_error;
p = (char *) &pasv_addr.su_port;
#define UC(b) (((int) b) & 0xff)
if (strcmp(cmd, "LPSV") == 0) {
switch (pasv_addr.su_family) {
case AF_INET:
a = (char *) &pasv_addr.su_sin.sin_addr;
reply(228, "Entering Long Passive Mode (%d,%d,%d,%d,%d,%d,%d,%d,%d)",
4, 4, UC(a[0]), UC(a[1]), UC(a[2]), UC(a[3]),
2, UC(p[0]), UC(p[1]));
return;
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#ifdef INET6
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
case AF_INET6:
a = (char *) &pasv_addr.su_sin6.sin6_addr;
reply(228, "Entering Long Passive Mode (%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d)",
6, 16,
UC(a[0]), UC(a[1]), UC(a[2]), UC(a[3]),
UC(a[4]), UC(a[5]), UC(a[6]), UC(a[7]),
UC(a[8]), UC(a[9]), UC(a[10]), UC(a[11]),
UC(a[12]), UC(a[13]), UC(a[14]), UC(a[15]),
2, UC(p[0]), UC(p[1]));
return;
Make this compile again without -DINET6 and without get{addr,name}info(3) This ftpd now compiles and runs on NetBSD/1.4.2 with: CPPFLAGS+= \ '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \ '-Dstrlcat=strncat' \ '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 18:55:16 +04:00
#endif
dual-stack ftpd. run this from inetd, like: >>ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
1999-07-02 09:52:14 +04:00
}
#undef UC
} else if (strcmp(cmd, "EPSV") == 0) {
switch (pasv_addr.su_family) {
case AF_INET:
case AF_INET6:
reply(229, "Entering Extended Passive Mode (|||%d|)",
ntohs(pasv_addr.su_port));
return;
}
} else {
/* more proper error code? */
}
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
pasv_error:
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
(void) close(pdata);
pdata = -1;
perror_reply(425, "Can't open passive connection");
return;
}
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
int
extended_port(const char *arg)
{
#ifdef INET6 /*not really IPv6-only. just to avoid the use of getaddrinfo*/
char *tmp = NULL;
char *result[3];
char *p, *q;
char delim;
struct addrinfo hints;
struct addrinfo *res = NULL;
int i;
unsigned long proto;
tmp = xstrdup(arg);
p = tmp;
delim = p[0];
p++;
memset(result, 0, sizeof(result));
for (i = 0; i < 3; i++) {
q = strchr(p, delim);
if (!q || *q != delim)
goto parsefail;
*q++ = '\0';
result[i] = p;
p = q;
}
/* some more sanity check */
p = NULL;
(void)strtoul(result[2], &p, 10);
if (!*result[2] || *p)
goto protounsupp;
p = NULL;
proto = strtoul(result[0], &p, 10);
if (!*result[0] || *p)
goto protounsupp;
memset(&hints, 0, sizeof(hints));
hints.ai_family = epsvproto2af((int)proto);
if (hints.ai_family < 0)
goto protounsupp;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_NUMERICHOST;
if (getaddrinfo(result[1], result[2], &hints, &res))
goto parsefail;
if (res->ai_next)
goto parsefail;
if (sizeof(data_dest) < res->ai_addrlen)
goto parsefail;
memcpy(&data_dest, res->ai_addr, res->ai_addrlen);
if (his_addr.su_family == AF_INET6 &&
data_dest.su_family == AF_INET6) {
/* XXX more sanity checks! */
data_dest.su_sin6.sin6_scope_id =
his_addr.su_sin6.sin6_scope_id;
}
if (tmp != NULL)
free(tmp);
if (res)
freeaddrinfo(res);
return 0;
parsefail:
reply(500, "Invalid argument, rejected.");
usedefault = 1;
plug memory leak
2000-11-13 14:52:41 +03:00
if (tmp != NULL)
free(tmp);
if (res)
freeaddrinfo(res);
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
return -1;
protounsupp:
epsv_protounsupp("Protocol not supported");
usedefault = 1;
plug memory leak
2000-11-13 14:52:41 +03:00
if (tmp != NULL)
free(tmp);
if (res)
freeaddrinfo(res);
- improve RFC2428 conformance. return 522 on unknown protocol identifier on EPRT. - clarify EPSV/EPRT/LPSV/LPRT behavior. - repair memory leak and lack of boundary check on EPRT. - make sure we do not resolve DNS on EPRT. sync with kame.
2000-11-13 14:50:46 +03:00
return -1;
#else
reply(500, "Invalid argument, rejected.");
return -1;
#endif
}
/*
* 522 Protocol not supported (proto,...)
* as we assume address family for control and data connections are the same,
* we do not return the list of address families we support - instead, we
* return the address family of the control connection.
*/
void
epsv_protounsupp(const char *message)
{
int proto;
proto = af2epsvproto(ctrl_addr.su_family);
if (proto < 0)
reply(501, "%s", message); /*XXX*/
else
reply(522, "%s, use (%d)", message, proto);
}
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* Generate unique name for file with basename "local".
* The file named "local" is already known to exist.
* Generates failure reply on error.
be safe with some buffers.
1997-07-21 09:13:10 +04:00
*
* XXX this function should under go changes similar to
* the mktemp(3)/mkstemp(3) changes.
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
static char *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
gunique(const char *local)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
static char new[MAXPATHLEN];
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
struct stat st;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
char *cp;
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
int count;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
cp = strrchr(local, '/');
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (cp)
*cp = '\0';
if (stat(cp ? local : ".", &st) < 0) {
perror_reply(553, cp ? local : ".");
* complete fix for `multiple replies returned for single parse error' problem; move `hasyyerrored' state flag out of yylex() so that check_{login,modify} can also set it. * check result of check_login for PORT command * set initial timeout before the "setjmp(); for(;;) yyparse()", otherwise an invalid command after login incorrectly sets the timeout to 5 minutes (rather than what was set in ftpd.conf) * replace (char *)0 with NULL * move yyerror() from ftpd.c to ftpcmd.y * remove need for -Dunix, by using the version string from ftpd.c (instead of `BSD-199506') * move all extern-ed vars into extern.h
1998-09-06 14:39:40 +04:00
return (NULL);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
if (cp)
*cp = '/';
for (count = 1; count < 100; count++) {
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
(void)snprintf(new, sizeof(new) - 1, "%s.%d", local, count);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (stat(new, &st) < 0)
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
return (new);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
reply(452, "Unique file name cannot be created.");
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
return (NULL);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
/*
* Format and send reply containing system error number.
*/
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
perror_reply(int code, const char *string)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
int save_errno;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
save_errno = errno;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
reply(code, "%s: %s.", string, strerror(errno));
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
errno = save_errno;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
static char *onefile[] = {
"",
0
};
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
send_file_list(const char *whichf)
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
{
struct stat st;
DIR *dirp = NULL;
struct dirent *dir;
FILE *dout = NULL;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
char **dirlist, *dirname, *p;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
int simple = 0;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
int freeglob = 0;
glob_t gl;
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
off_t b;
- Pass gcc -Wall - Fix incorrect const poisoning - Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 23:05:46 +04:00
#ifdef __GNUC__
(void) &dout;
(void) &dirlist;
(void) &simple;
(void) &freeglob;
#endif
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
p = NULL;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (strpbrk(whichf, "~{[*?") != NULL) {
GLOB_QUOTE is dead; per POSIX, backslash quoting of special characters being enabled is the default behaviour.
1998-06-20 02:58:04 +04:00
int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_TILDE;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
memset(&gl, 0, sizeof(gl));
freeglob = 1;
if (glob(whichf, flags, 0, &gl)) {
reply(550, "not found");
goto out;
} else if (gl.gl_pathc == 0) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
errno = ENOENT;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
perror_reply(550, whichf);
goto out;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
dirlist = gl.gl_pathv;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
} else {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
p = xstrdup(whichf);
onefile[0] = p;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
dirlist = onefile;
simple = 1;
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
/* XXX: } for vi sm */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (setjmp(urgcatch)) {
transflag = 0;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
goto out;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
* fix "cd ~" so that it works (from Simon Burge <simonb@telstra.com.au> * move resetting of CFLAGS on powerpc to before optional CFLAGS settings * minor code & man page cleanups
1997-04-27 07:21:38 +04:00
while ((dirname = *dirlist++) != NULL) {
- ensure 257 reply codes from PWD and MKD are RFC959 compliant: 257 "dirname" some message (any "s in dirname should be doubled, per the RFC) - don't put an extra / in the output of NLST if the last char in the directory is a / - bump the version to 7.01 because of these fixes
1997-09-18 11:27:35 +04:00
int trailingslash = 0;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (stat(dirname, &st) < 0) {
/*
* If user typed "ls -l", etc, and the client
* used NLST, do what the user meant.
*/
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
/* XXX: nuke this support? */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (dirname[0] == '-' && *dirlist == NULL &&
transflag == 0) {
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
char *argv[] = { INTERNAL_LS, "", NULL };
argv[1] = dirname;
retrieve(argv, dirname);
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
goto out;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
perror_reply(550, whichf);
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
goto cleanup_send_file_list;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
if (S_ISREG(st.st_mode)) {
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (dout == NULL) {
dout = dataconn("file list", (off_t)-1, "w");
if (dout == NULL)
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
goto out;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
transflag++;
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
b = fprintf(dout, "%s%s\n", dirname,
type == TYPE_A ? "\r" : "");
total_bytes += b;
total_bytes_out += b;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
byte_count += strlen(dirname) + 1;
continue;
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
} else if (!S_ISDIR(st.st_mode))
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
continue;
- ensure 257 reply codes from PWD and MKD are RFC959 compliant: 257 "dirname" some message (any "s in dirname should be doubled, per the RFC) - don't put an extra / in the output of NLST if the last char in the directory is a / - bump the version to 7.01 because of these fixes
1997-09-18 11:27:35 +04:00
if (dirname[strlen(dirname) - 1] == '/')
trailingslash++;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if ((dirp = opendir(dirname)) == NULL)
continue;
while ((dir = readdir(dirp)) != NULL) {
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
char nbuf[MAXPATHLEN];
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
major overhaul (just before netbsd 1.5 :-): * implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD. we already supported SIZE and MDTM. add the appropriate FEAT output lines. * migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c * make dataconn(), feat(), lookup(), opts() and sizecmd() public * modify struct tab so that it has a `flags' instead of `implemented' element, and remove the `hasopts' element. If flags == 1, the command is implemented. if flags == 2, the command is implemented and takes options * add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..") * modify lreply() so that lreply(-2, ...) just outputs the given info without a prefix or trailing \r\n. this saves doing b = printf(); total_* += b; * enhance statcmd(). still needs work in the LPRT status stuff. * crank version
2000-06-14 17:44:21 +04:00
if (ISDOTDIR(dir->d_name) || ISDOTDOTDIR(dir->d_name))
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
continue;
- ensure 257 reply codes from PWD and MKD are RFC959 compliant: 257 "dirname" some message (any "s in dirname should be doubled, per the RFC) - don't put an extra / in the output of NLST if the last char in the directory is a / - bump the version to 7.01 because of these fixes
1997-09-18 11:27:35 +04:00
(void)snprintf(nbuf, sizeof(nbuf), "%s%s%s", dirname,
trailingslash ? "" : "/", dir->d_name);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
/*
* don't depend upon buffer returned by fgetln() to remain. fix mainly from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967] * fgetln() doesn't \0 terminate its string. look for the \n and replace it with \0 (if no \n, ignore the line - it's most likely corrupt) * more intensive checks on strdup() returns (not a current mem leak, but depended upon code elsewhere to cleanup - not good) * cleanup some syslog error messages
1997-08-14 06:06:15 +04:00
* We have to do a stat to ensure it's
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
* not a directory or special file.
*/
* change ftpd_popen() to take char *argv[] instead of char *cmd. the string tokenisation must be performed by the caller (which is generally easy because it's almost always a static command). * change do_conversion() to return a char *argv[] instead of char *cmd. tokenisation of the command is done internally. * change retrieve() to take char *argv[] instead of char *cmd. (to take advantage of the above changes). fixes [bin/8173] * use fparseln() instead of fgetln() * store conversions in listed order (rather than reverse order) * use stringlists instead of handrolling code to manage an argv.
1999-12-07 08:30:53 +03:00
/* XXX: follow RFC959 and filter out non files ? */
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (simple || (stat(nbuf, &st) == 0 &&
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
S_ISREG(st.st_mode))) {
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
char *p;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (dout == NULL) {
dout = dataconn("file list", (off_t)-1,
"w");
if (dout == NULL)
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
goto out;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
transflag++;
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
p = nbuf;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
if (nbuf[0] == '.' && nbuf[1] == '/')
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
p = &nbuf[2];
b = fprintf(dout, "%s%s\n", p,
type == TYPE_A ? "\r" : "");
total_bytes += b;
total_bytes_out += b;
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
byte_count += strlen(nbuf) + 1;
}
}
(void) closedir(dirp);
}
if (dout == NULL)
reply(550, "No files found.");
else if (ferror(dout) != 0)
perror_reply(550, "Data connection");
else
reply(226, "Transfer complete.");
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
cleanup_send_file_list:
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
transflag = 0;
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
closedataconn(dout);
- Always close(pdata) if it was a valid filedescriptor before setting it to -1. Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>, (part of which already had been solved by itojun a while ago), and provided patch covered most of the fixes needed. (Thanks Takahiro!) - Consistently indent goto labels by one space.
2000-05-21 03:34:55 +04:00
out:
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
total_xfers++;
total_xfers_out++;
if (p)
free(p);
if (freeglob)
4.4-lite, plus our local changes
1994-06-29 05:49:37 +04:00
globfree(&gl);
initial import of 386bsd-0.1 sources
1993-03-21 12:45:37 +03:00
}
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
char *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
conffilename(const char *s)
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
{
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
static char filename[MAXPATHLEN];
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
* change format of /etc/ftpusers lines from userglob [allow|deny] to userglob[@host] [allow|deny [classname]] where class is a userdefined classname. - if host is given it may either be a CIDR address (e.g, `1.2.3.0/24') or a hostglob (e.g, `*.foo.com'), and the remote host is matched against that. - if classname is given, use that to match entries in ftpd.conf (defaults to `guest' for `anonymous'/`ftp' logins, `chroot' for users found in /etc/ftpchroot, and `real' for everyone else. * implement new /etc/ftpd.conf directives: classtype classname type set type of classname to GUEST, CHROOT, or REAL motd classname file file to use instead of /etc/motd rateget classname rate set rateget throttle to rate rateput classname rate set rateput throttle to rate upload classname allow/deny uploads (STOU, STOR, APPE). if denied, also acts as `modify deny'. * implement new `SITE' commands: RATEGET as per /etc/ftpd.conf rateget, but cannot exceed that RATEPUT as per /etc/ftpd.conf rateput, but cannot exceed that * implement format_file(), which outputs a file to the user, parsing % escapes. use to print /etc/ftpwelcome, /etc/motd, and the `display' file. * implement strsuftoi() (from ftp(1)), which parses a number and optional suffix (for use with rateget, etc) * don't bother seteuid(0) ; bind(...) ; seteuid(pw->pw_uid), since we don't need reserved ports (at wasn't getting them anyway). * update & reorder copyrights * use strlcpy() as appropriate
1999-12-12 17:05:54 +03:00
if (*s == '/')
strlcpy(filename, s, sizeof(filename));
else
(void)snprintf(filename, sizeof(filename), "%s/%s", confdir ,s);
return (filename);
implement '-c confdir', which allows the specification of an alternate directory to look for the various configuration files, overriding /etc. From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 17:56:39 +04:00
}
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
/*
* logcmd --
* based on the arguments, syslog a message:
* if bytes != -1 "<command> <file1> = <bytes> bytes"
* else if file2 != NULL "<command> <file1> <file2>"
* else "<command> <file1>"
* if elapsed != NULL, append "in xxx.yyy seconds"
* if error != NULL, append ": " + error
*/
void
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
logcmd(const char *command, off_t bytes, const char *file1, const char *file2,
const struct timeval *elapsed, const char *error)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
{
features: * add connection limits (`limit' keyword in ftpd.conf) * move initialisation of curclass from parse_conf() to new function init_curclass() * implement count_users(), which determines the number of users in a given class. a file - /var/run/ftpd.pids-<class> - is used to store a list of pids in use (effectively an array of pid_t's), and its size is reduced as necessary. * new % modifiers in format_file: %c class %M maximum connection count %N current connection count * always end_login()s, even for refused connections bugs fixed: * remove \n from %T output * fix some inconsistencies in the man pages * ensure that both `ftp' *and* `anonymous' are allowed in ftpusers. (this was accidently broken in a recent commit to be ``or'' not ``and'') * use MAXPATHLEN not MAXPATHLEN+1 * crank copyright date on modified files * crank version
2000-01-08 14:09:56 +03:00
char buf[MAXPATHLEN * 2 + 100], realfile[MAXPATHLEN];
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
const char *p;
size_t len;
if (logging <=1)
return;
if ((p = realpath(file1, realfile)) == NULL) {
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
#if 0 /* XXX: too noisy */
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
syslog(LOG_WARNING, "realpath `%s' failed: %s",
realfile, strerror(errno));
#endif
p = file1;
}
len = snprintf(buf, sizeof(buf), "%s %s", command, p);
if (bytes != (off_t)-1) {
len += snprintf(buf + len, sizeof(buf) - len,
* Cast %q[ud] arguments to fix ILP32/LP64 off_t variation. * Fix bug in 213 reply: correct ordering of format string args.
1999-05-25 01:57:19 +04:00
" = %qd byte%s", (qdfmt_t) bytes, PLURAL(bytes));
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
} else if (file2 != NULL) {
if ((p = realpath(file2, realfile)) == NULL) {
* fix a problem in retrieve() where arguments to commands weren't working (this was broken in the last commit). problem noticed by simonb@ * don't display the stderr output of the internal ls. * modify usage of lreply so that generally only one `XXX-' code per `block' is displayed; the rest of the lines have four spaces instead. i find this easier to read. * fix a couple places where byte accounting wasn't correct
1999-05-18 12:14:17 +04:00
#if 0 /* XXX: too noisy */
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
syslog(LOG_WARNING, "realpath `%s' failed: %s",
realfile, strerror(errno));
#endif
p = file2;
}
len += snprintf(buf + len, sizeof(buf) - len, " %s", p);
}
if (elapsed != NULL) {
len += snprintf(buf + len, sizeof(buf) - len,
" in %ld.%.03d seconds", elapsed->tv_sec,
(int)(elapsed->tv_usec / 1000));
}
if (error != NULL)
len += snprintf(buf + len, sizeof(buf) - len, ": %s", error);
syslog(LOG_INFO, "%s", buf);
}
char *
convert to ANSI C as per style guide
2000-05-20 06:20:18 +04:00
xstrdup(const char *s)
features/fixes: * implement xferstats. full stats are displayed for `STAT', and a summary is displayed upon exit (and syslogged). inspired by wu-ftpd. * wrap data xfers in {send,receive}_data with alarm() timeouts. this should remove the majority of the `hanging ftpd' problems that people were still seeing. inspired by wu-ftpd. * link with ../../bin/ls, so that bin/ls is not required under a chroot()ed area for `LIST' to work. based on [bin/4497] from "Soren S. Jorvang" <soren@t.dk> * migrate code from util.c into ftpd.c, so that it doesn't conflict with ls' util.c. * remove man page comment about ~ftp/bin/ls being necessary. * bump version to 7.2.0. * syslog xfer time with xfer stats. * if appropriate, syslog error message with command. internal code stuff: * change arguments of various functions from `char *' to `const char *'. * define PLURAL(x) macro, which returns `' if x == 1, `s' otherwise. use macro appropriately * lreply(): a code of -1 means ``send line as is''. a code of 0 means ``send line with 4 space prefix''. don't print a space after the `-' for any other code. * logcmd(): add `const struct timeval *elapsed' and `const char *error' for more flexible error reporting
1999-05-17 19:14:53 +04:00
{
char *new = strdup(s);
if (new == NULL)
fatal("Local resource failure: malloc");
/* NOTREACHED */
return (new);
}
various fixes suggested by Robert Elz: * implement closedataconn() and use appropriately (including in mlsd()) * only put leading space in front of MLST output (not MLSD output) * MLSD: only output pdir and cdir entries when the type fact is requested. * change error code for giving MLSD a non-directory from 550 to 501 * remove MLSx Type fact support for UNIX.* for now; it's not standardised yet. * do a check_login when MLSD and MLST are given no args * detect & complain about null facts in OPTS MLST * cache getgroups() at login instead of calling each time in fact_perm() other mods: * implement cprintf(); as per fprintf() but increments total_bytes{,_out} * implement CPUTC(); as per putc() but increments total_bytes{,_out} * implement base64_encode() * fact_unique() display base64 encoding of dev_t and ino_t rather than hex output; should scale if size of those changes * change reply() so that a negative code acts as the initial line in a reply, code == 0 prefixes the line with 4 spaces, and code > 0 works as before. deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and reply(0, ) respectively. * use cprintf() and CPUTC() appropriately (often instead of printf(), lreply(-2, ) or lreply(-1, ). now we actually account for the data sent by MLST and MLSD. * remove DEBUG support for sending MLSD output to control connection instead of data connection (my ftp client now supports MLSD :-)
2000-06-19 19:15:03 +04:00
/*
* As per fprintf(), but increment total_bytes and total_bytes_out,
* by the appropriate amount.
*/
void
cprintf(FILE *fd, const char *fmt, ...)
{
off_t b;
va_list ap;
va_start(ap, fmt);
b = vfprintf(fd, fmt, ap);
total_bytes += b;
total_bytes_out += b;
}