Commit Graph

195 Commits

Author SHA1 Message Date
jdolecek ca98463029 call setlogin() before dropping root privileges, so that process
would have correct p_login value
2000-09-28 17:49:06 +00:00
christos 0dec1c64f5 Make this compile again without -DINET6 and without get{addr,name}info(3)
This ftpd now compiles and runs on NetBSD/1.4.2 with:

CPPFLAGS+= \
    '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \
    '-Dstrlcat=strncat' \
    '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 14:55:16 +00:00
martin a140a79b5c Fixed s/key compile bug. 2000-07-29 08:20:02 +00:00
lukem acd8ab456a wtmp is in /var/log not /var/run ... 2000-07-28 12:54:01 +00:00
lukem 8a5b724529 add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp).
inspired by similar option in wuftpd.
2000-07-26 13:53:33 +00:00
lukem 0b392afc69 document /var/run/[uw]tmp, /var/run/ftpd.pids-CLASS 2000-07-26 13:45:52 +00:00
lukem d85f3bb159 * make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
  box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
  if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
  > IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
  file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
  ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
  merge). if root privs have been dropped, and this would be a port <
  IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
  but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
  in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
  for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 14:40:48 +00:00
lukem e3a2c5cc44 * add two new ftpd.conf(5) directives:
chroot	specify dir to chroot to for GUEST and CHROOT users, to
		override -a anondir or the user's homedir.
	homedir	specify dir to change to upon login; also used for ~ expansion
		and $HOME for subprocesses)
  both of these can take % escapes: %u (username), %d (homedir), %c (class).
* fix NLST to take a pathname not a STRING, so that ~ expansion works
* modify CWD to use the homedir parsed from curclass.homedir
* implement format_path(dst, src), to parse src expanding % escapes (see above)
  into dst.
* rename format_file() to display_file()
2000-07-17 02:30:52 +00:00
lukem 4b70eef93f * add -H, which acts like -h `hostname`. (requested by kim@)
* refer to draft-ietf-ftpext-mlst-11 instead of -10
2000-07-15 03:45:19 +00:00
lukem 551a7c78c6 base64_encode(): separate out the special case for the last 2 bytes, and
be a bit safer with signed chars. per discussion with kre.
2000-07-10 22:41:17 +00:00
lukem 9968cfa298 - base64_encode(): fix garbled output due to fencepost error. output now
appears to match that of 'mimencode' (from metamail).
  problem noted by kre@munnari.oz.au.
- fact_unique(): encode a combined dev_t+ino_t chunk rather than separate bits
2000-07-09 14:26:34 +00:00
lukem e2851fe6dc setproctitle(), and for any other printf variants, it is not a good idea
to pass variable directly like foo(x).  use foo("%s", x) to avoid misuse.
from: openbsd
2000-07-09 14:18:08 +00:00
sommerfeld eac5778e83 More -Wformat cleanups. 2000-07-09 02:24:30 +00:00
sommerfeld 6f0015c48f More format paranoia. 2000-07-08 18:24:28 +00:00
itojun d7dc7d22d1 setproctitle(), and for any other printf variants, it is not a good idea
to pass variable directly like foo(x).  use foo("%s", x) to avoid misuse.
from: openbsd
2000-07-05 22:15:04 +00:00
matt 9bf906d2e1 Make things builds with GCC 2.96 2000-07-03 03:34:25 +00:00
lukem 327792f9ed fix problems noted by <dogcow@redback.com> in [bin/10390] and private email:
* fix RATE{GET,PUT} under some situations when the client is slower than
  the server (something i missed when migrating the rate limiting code
  i wrote in ftp(1) to ftpd(8))
* document what units RATE{GET,PUT} use
2000-06-20 07:39:46 +00:00
thorpej e7d6b96938 Merge a bunch of things from crypto-us and crypto-intl into basesrc,
adding support for Heimdal/KTH Kerberos where easy to do so.  Eliminate
bsd.crypto.mk.

There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
lukem 13067569df rewrite method of traversing facttab[]; use size of list to terminate
not NULL terminated entry (since we need to know the size of other
reasons...)
2000-06-19 17:08:05 +00:00
lukem 73f082e2ea various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()

other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
  hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
  code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
  deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
  reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
  lreply(-2, ) or lreply(-1, ).
  now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
  of data connection (my ftp client now supports MLSD :-)
2000-06-19 15:15:03 +00:00
explorer f8eb6433b2 include <krb5/krb5.h> before including extern.h, so krb5_context is defined 2000-06-16 23:17:41 +00:00
itojun 1e949e404d correct LPSV/LPRT display on STAT command.
(did not crank the version since the change is on the same day)
2000-06-14 13:55:15 +00:00
lukem a26448af43 major overhaul (just before netbsd 1.5 :-):
* implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD.
  we already supported SIZE and MDTM. add the appropriate FEAT output lines.

* migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c

* make dataconn(), feat(), lookup(), opts() and sizecmd() public

* modify struct tab so that it has a `flags' instead of `implemented' element,
  and remove the `hasopts' element.  If flags == 1, the command is implemented.
  if flags == 2, the command is implemented and takes options

* add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..")

* modify lreply() so that lreply(-2, ...) just outputs the given info without
  a prefix or trailing \r\n. this saves doing b = printf(); total_* += b;

* enhance statcmd(). still needs work in the LPRT status stuff.

* crank version
2000-06-14 13:44:21 +00:00
explorer 6a07b80d26 make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file... 2000-06-02 14:47:19 +00:00
fredb 5c0f4694d6 Make this build again with crypto-us, after recent changes to k{,5}login.c. 2000-06-02 00:19:04 +00:00
lukem 8f1cd9886e Clarify the meaning of `directive', as requested in [security/10229]
by Klaus Klein <kleink@uni-trier.de>
2000-05-30 23:53:37 +00:00
itojun bcae82da01 add comment on IPv4 mapped address twist 2000-05-30 05:31:31 +00:00
lukem 18be3cd981 - Always close(pdata) if it was a valid filedescriptor before setting it to -1.
Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>,
  (part of which already had been solved by itojun a while ago), and provided
  patch covered most of the fixes needed. (Thanks Takahiro!)
- Consistently indent goto labels by one space.
2000-05-20 23:34:55 +00:00
lukem dcc88422ad convert to ANSI C as per style guide 2000-05-20 02:20:18 +00:00
itojun 6047a12c7b move IPv6 considerations into BUGS section 2000-05-16 00:59:12 +00:00
lukem c8c9e77cbf only define _DEFAULT_CONFDIR if not set. (allows compile-time override) 2000-03-06 21:42:26 +00:00
lukem f318090c60 * don't bother with a version[] string, just use the macro as appropriate
* clean some more of the GLOBAL stuff
* fix unused var if -UHASSETPROCTITLE
2000-03-05 06:12:19 +00:00
aidan 492312b9ed Move include/kerberosIV/com_err.h to include/com_err.h 2000-02-14 03:26:06 +00:00
lukem ab88a15086 suppress verbose messages from CWD and post-login if the first
character of the anonymous password is `-'.
2000-01-13 00:04:31 +00:00
lukem c8493e9499 * add ftpd.conf directive `portrange class min max', which allows specification
of the port range used by passive connections. based on work in [bin/9158]
  from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>
* change the way global variables are defined and extern-ed to be more
  consistent.
2000-01-12 22:39:27 +00:00
lukem 559037c273 fix problem where ftpd.conf lines would match everything if there was
no template defined. noted by Vebjorn Ljosa <ljosa@initio.no>
2000-01-10 08:03:50 +00:00
lukem 7e80378800 * new ftpd.conf directive:
template class [refclass]
  following directives for refclass will apply to class as well.
  this makes setting up a `template' class with many default settings
  easy, whilst allowing for class-specific overrides
* prevent crash when the optional limitfile wasn't given to limit
* document count_users()
* document default setting of limit in ftpd.conf(5)
* crank version
2000-01-09 10:08:45 +00:00
lukem 61ee60248e reference usr/share/examples/ftpd/ftpusers 2000-01-08 13:36:28 +00:00
lukem 584b0757f6 missing "." on reply 2000-01-08 11:14:36 +00:00
lukem 16e886121d features:
* add connection limits (`limit' keyword in ftpd.conf)
* move initialisation of curclass from parse_conf() to new function
  init_curclass()
* implement count_users(), which determines the number of users in a given
  class. a file - /var/run/ftpd.pids-<class> - is used to store a list
  of pids in use (effectively an array of pid_t's), and its size is reduced
  as necessary.
* new % modifiers in format_file:
	%c	class
	%M	maximum connection count
	%N	current connection count
* always end_login()s, even for refused connections

bugs fixed:
* remove \n from %T output
* fix some inconsistencies in the man pages
* ensure that both `ftp' *and* `anonymous' are allowed in ftpusers.
  (this was accidently broken in a recent commit to be ``or'' not ``and'')
* use MAXPATHLEN not MAXPATHLEN+1
* crank copyright date on modified files
* crank version
2000-01-08 11:09:56 +00:00
lukem d56fffdd70 * document all classtype defaults
* xref /usr/share/examples/ftpd/ftpd.conf
1999-12-26 09:42:18 +00:00
lukem 019b95b641 crank version 1999-12-21 12:57:45 +00:00
lukem 5c024702df * add support for optional groupglob in ftpuser entry. the syntax is now:
userglob[:groupglob][@host] [directive [class]]
* append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 12:56:15 +00:00
lukem 80ca00b8cd trivial simplification 1999-12-21 12:52:18 +00:00
lukem 7543b77a8e * add back support for `-h hostname'; it still may be useful to override
the name advertised to the client, even if ftpd can determine it from
  the ip address that ftpd is bound to. requested by mrg.
* remove -4/-6; they were effectively no-ops since itojun's change in 1.75.
* crank version
1999-12-19 00:09:31 +00:00
lukem 6eff1df26e deprecate -h hostname in favour of automatic determination of local hostname.
this is a much cleaner solution for supporting multihomed virtual servers.
from Geoff C. Wing <gcw@pobox.com> in [bin/8137].
1999-12-18 06:33:54 +00:00
lukem 8aad99ce9d * move version to separate header file
* use .Dv and .Tn in the man pages as appropriate
* KNF a bit

The following were inspired by similar changes in openbsd, but may
have additional improvements by me:
* add more check_login tests to the parser rules
* nuke a few memory leaks in the parser rules
* clear passwords before free()ing them, for safety
* don't display \r\n in setproctitle() output
* add support for -U, which enables managing /var/run/utmp entries for
  connections. solves [bin/2217] by Jason Downs <downsj@teeny.org>
* fix oob handling for STAT command
* use SIG_ERR instead of -1
1999-12-18 05:51:34 +00:00
lukem b5972a49fe install ftpusers(5) as ftpchroot(5). more cleanups 1999-12-16 07:05:18 +00:00
lukem 6a0bdfee15 crank version 1999-12-16 07:01:23 +00:00
lukem 4f181f8249 cleanup 1999-12-16 06:56:49 +00:00