Commit Graph

203 Commits

Author SHA1 Message Date
shm 31d615acc3 CID 603440: ensure that closing socket exists 2016-07-19 21:25:38 +00:00
shm 92a992f213 Fix directory stream leaks 2015-08-10 07:32:49 +00:00
christos 068e5a5145 blacklist hooks 2015-01-25 15:52:44 +00:00
christos 5a45295fbd fstat returns -1 on error (Maxime Villard)
also while (1) -> for (;;)
2013-07-31 19:50:47 +00:00
christos 304ddee50c remove unneeded initialization. 2013-07-03 14:16:01 +00:00
dholland c5642eeaf7 Pass WARNS=5 2012-06-19 06:06:34 +00:00
plunky 2b8aaed8cd NULL does not need a cast, here 2011-09-16 16:13:16 +00:00
lukem 30781daf0c Reduce priority of syslog message if getpeername returns ENOTCONN.
PR bin/18934 by Greg A. Woods (with supplied fix).
2011-09-04 23:16:41 +00:00
joerg 9eba1e423c Use __dead 2011-08-29 20:41:06 +00:00
roy 7027866a09 Rename internal getline() function to get_line() so it does
conflict with the soon to be added getline(3) libc function.
2009-07-13 19:05:39 +00:00
lukem 0053962f9d Fix WARNS=4 issues (const & sign mismatches, etc)
Ensure various ftpd.conf values can't exceed their underlying types.
2009-03-15 07:48:36 +00:00
lukem 6269ac3894 Use LLF (et al) instead of "%lld" (et al). 2009-03-02 03:47:44 +00:00
christos 313780f726 PR/40339: Ed Ravin: make ftpd log both the hostname and numeric address. 2009-01-08 18:47:49 +00:00
christos 0d7dc435fd fix for 64 bit time_t and dev_t 2008-12-29 00:33:34 +00:00
lukem a69f51a660 Constify.
Rework an expression to make it easier to conditionally compile.
2008-10-28 08:05:26 +00:00
lukem d451eab1e2 Enhance -C to support an optional @host ('-C user[@host]'):
checks whether user as connecting from host would be granted
access by ftpusers(5).

Support IPv6 in the host directive of ftpusers(5).
(May resolve PR 26555)

Both features from Rudolf Cejka <cejkar@fit.vutbr.cz>
(FreeBSD's tnftpd port maintainer).
2008-09-16 12:30:38 +00:00
lukem 2332514a42 Don't split large commands into multiple commands; just fail on them.
This prevents CSRF-like attacks, when a web browser is used to access
an ftp server.
Reported by Maksymilian Arciemowicz <cxib@securityreason.com>.
Fix mostly derived from OpenBSD, written by Moritz Jodeit <moritz@OpenBSD.org>
2008-09-13 03:30:35 +00:00
lukem 0c4ddb1599 Remove the \n and tabs from the __COPYRIGHT() strings. 2008-07-20 01:09:06 +00:00
lukem ef70558f4f Don't use non-standard "u_<foo>" types.
Strip trailing whitespace (as well as ':'s) off PAM password prompts.
Improve some debug logging related to PAM.
2008-06-09 00:33:39 +00:00
martin ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
lukem 4f3847e772 Reorganize USE_PAM support so that the reply(331,) from USER is
performed by the pam_conv (PAM conversation) callback, which then
getline()s the PASS reply internally.  This involves calling
auth_pam() from user() and caching the result to use later in pass().
This allows the PAM modules to present a different password prompt
dialog if necesary.  For example:
  Name (localhost:lukem):
  331 User lukem accepted, provide password [ otp-md4 89 xxxx12345 ].
versus
  Name (localhost:lukem): root
  331 User root accepted, provide password.

This is independent of (and effectively exclusive to) USE_SKEY support.

Previously ftpd with USE_SKEY=yes would provide the skey prompt
if the user had an skey configured, even if /etc/pam.d/ftpd didn't
have pam_skey in use.
I.e., ftpd shouldn't need special support for custom password prompts
(such as skey) if PAM is in use.
2008-03-27 08:12:09 +00:00
lukem f21ab048da Rename cred_t to ftpd_cred_t; the former causes a nameclash on Solaris. 2007-07-23 10:41:05 +00:00
lukem 0def0e3a66 Rename HAVE_SOCKADDR_SA_LEN to HAVE_STRUCT_SOCKADDR_SA_LEN.
Use defined(HAVE_foo) instead of just testing HAVE_foo.
2007-07-22 05:06:45 +00:00
christos b7c1cbea43 PR/36468: Andreas Wrede: ftpd(8) always logs hostnames. Add -n option to display
addresses.
2007-06-10 20:24:31 +00:00
christos 8fdab46bcc PR/35449: Shigeya Suzuki: ftpd does not register socket address into PAM +FIX 2007-01-20 17:26:32 +00:00
christos aca8873558 fix volatile and initialization issues, from Anon Ymous 2006-12-17 20:04:09 +00:00
lukem c7e71f1d87 Fix -ULOGIN_CAP compile. 2006-09-26 06:47:20 +00:00
mrg 0c37c63edc change (mostly) int to socklen_t. GCC 4 doesn't like that int and
socklen_t are different signness.
2006-05-09 20:18:05 +00:00
peter 9665e92dcd Remove unreachable code (res could never be NULL here).
Fixes Coverity CID 712.
Ok by lukem@.
2006-03-17 21:28:21 +00:00
peter ee7f54fae4 Set file to NULL after calling fclose().
Fixes Coverity CID 2669.
Ok by lukem@.
2006-03-17 21:26:55 +00:00
peter 243139ee37 Make sure that "su" is initialized before dereferencing it.
Fixes Coverity CID 1075.
Ok by lukem@.
2006-03-17 21:24:33 +00:00
wiz 5d1e8b2745 Fix some typos. 2006-02-25 02:28:55 +00:00
christos 1edbda9a2e debug -> ftpd_debug
xstrdup -> ftpd_strdup
2006-02-01 14:20:12 +00:00
lukem 03353d54d6 NLST should return 450 instead of 550 upon error, per RFC 959. 2005-11-24 23:47:23 +00:00
lukem d7a2bc3a39 logxfer(): don't use the same buffer to store the results of two separate
concurrent realpath(3)s, otherwise we'll log the wrong information
for a rename.
Noted by Dmitry Sivachenko in private mail.
2005-10-03 00:02:25 +00:00
ginsbach 818f7caa4b * Add recvbufsize configuration option
This allows for setting the passive socket's SO_RCVBUF.  Option works
  similarly to the current sendbufsize configuration option.
* Change how recveive_data() works
  When reading data from the socket for passive transfers to the server,
  receive_data() now works very similar to send_data_with_read().  Reads
  from the network are now done using either the filesystem block size or
  the configuration option readsize chunks.
* Crank version.h
  [Changes discussed with lukem.]
2005-08-24 15:51:41 +00:00
peter 1723484e06 Implement option "-D", for running ftpd in standalone mode (daemon).
ftpd will listen on the default FTP port for incoming connections and fork
a child for each connection.  This is lower overhead than starting ftpd from
inetd(8) and thus might be useful on busy servers to reduce load.

Inspired by FreeBSD.
Reviewed by lukem@.
2005-08-04 17:41:35 +00:00
christos ea7965eb77 cleanup utmp and utmpx support.
- make them symmetric
	- add a function to open the wtmp file explicitly very early in the game
2005-06-23 04:20:41 +00:00
christos 857a611be2 s/getpwnam/sgetpwnam/ Found by John Nemeth. 2005-04-10 08:21:36 +00:00
christos 99fd5044d3 Add PAM and LOGIN_CAP support. Mostly from FreeBSD. If pam is defined,
then we don't fall back to other authentications even if PAM fails due
to a system error (e.g. configuration problem).
2005-02-20 01:45:17 +00:00
christos d465dbd49e change _PATH_FOO to _NAME_FOO where FOO is not a path. I'll discuss with
luke what is the best way to fix this.
2004-12-11 18:37:26 +00:00
ginsbach 93b00943e9 Fix inverted test for expired passwords. Mea culpa. 2004-12-09 20:58:39 +00:00
ginsbach 0211645da7 * Don't allow accounts with age expired passwords to login. Any account
that is required to change their password will not be allowed FTP
  access.  Inspired by similar functionality in other FTP daemons.
  (approved by lukem)

* Crank version to 20041119 per lukem's request.
2004-11-19 16:03:58 +00:00
christos 3b40bfaefe Don't write trash in ut_ss; either initialize it to 0, or put in the proper
information.
2004-11-11 01:14:10 +00:00
dsl 55d39107c6 Add (unsigned char) cast to ctype functions 2004-11-05 21:45:36 +00:00
lukem 635a375704 Fixes from (or inspired by) OpenBSD:
* Fix yacc parser error recovery so that setjmp(3)/longjmp(3) is unnecessary.
* Fix SIGURG handler to set an urgflag that's later tested, rather than
  abusing setjmp(3)/longjmp(3).
* Use "volatile sig_atomic_t" as the type of variables modified by sig handlers.
* Use sigaction(3) instead of signal(3) to set the signal handlers.
* Only set the main SIGALRM handler once.  If we need to change it,
  cache the old handler and restore appropriately...
* Remove a bunch of signal races by improving the signal handlers.
* Fix memory leak with 'ESPV ALL'.

My stuff:
* Clean up the debug message in reply(); use vsnprintf(3) instead of vsyslog(3).
* Rework parsing of OOB commands to _not_ use the yacc parser, since the
  latter isn't reentrant and the hacks to work around that are ugly.
  We now examine urgflag at appropriate locations and call handleoobcmd()
  if it's set.  Since the only OOB commands we currently implement are
  ABOR and STAT, this isn't an issue.  (I also can't find the reference in
  RFC2228 where MIC, CONF & ENC are OOB-only commands.  Go figure.)
  I could clean up the is_oob stuff some more, but the remaining stuff
  in ftpcmd.y is harmless and it's unnecessary churn right this moment.
2004-08-09 12:56:47 +00:00
lukem afca253464 Use sysconf(_SC_LOGIN_NAME_MAX) to determine the length of login
names, rather than assuming LOGIN_NAME_MAX.
Based on patch from Garrett Wollman via David O'Brien (both at FreeBSD.org)
2003-12-10 01:18:56 +00:00
agc 8e6ab8837d Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22284, verified by myself.
2003-08-07 09:46:37 +00:00
tacha 3bab95ce42 Add ftpd_loginx() and ftpd_logwtmpx() and use them to hold wtmpx file
open while a session.

Close bin/21692 by bqt@Krille.Update.UU.SE.
2003-06-30 03:06:06 +00:00
lukem 0263859762 Add '-L xferlogfile', to write xferlog entries there rather than syslog them.
Based on work from Dmitry Sivachenko.
2003-02-26 12:27:04 +00:00