Commit Graph

308 Commits

Author SHA1 Message Date
nathanw
f315107074 Fix compile warning on alpha (%qd and off_t lossage). 1999-01-02 17:54:21 +00:00
lukem
c984c19121 * replace LOG(CMD|BYTES) macros with logcmd(), which is a cleaner
solution with less code replication. use realpath() in logcmd() so
  that all logged filenames are sane.
* support `REST STREAM' in `FEAT' reply (from draft-ietf-ftpext-mlst-05)
* in 'HELP', suffix unimplemented commands with `-' instead of `*'; the
  former is easier to differentiate from `+'.
* deprecate curdir() now that logcmd() doesn't use it.
* ensure all filename buffers are at least MAXPATHLEN+1 in size.
* move jmp_buf errcatch out of extern.h, removing need to #include <setjmp.h>
  in every file.
1998-12-28 04:54:00 +00:00
hubertf
b3ab3ca1cd Fix typo, per PR 6457 by Geoff C. Wing <gcw@pobox.com> 1998-11-18 13:32:17 +00:00
msaitoh
4a3d3570f1 s/a a/a/ 1998-11-17 16:00:28 +00:00
kleink
9e9281f60f Need <signal.h> for sig_atomic_t. 1998-09-12 20:47:33 +00:00
kleink
f3d497d9f4 Make the external declaration of `transflag' match its definition; from R. C.
Dowdeswell <elric@mabelode.imrryr.org> in PR bin/6141.
1998-09-12 20:46:45 +00:00
lukem
b36247790b bump version from 7.03 to 7.1.0 (new commands available) 1998-09-07 08:17:39 +00:00
lukem
701e7ebd99 remove nack() - missed in previous work 1998-09-07 08:15:25 +00:00
lukem
29ed71b169 new features:
* implement FEAT and OPTS from RFC2389. FEAT returns SIZE and MDTM.
  OPTS only works on NOOP (as a test).
* extend format of /etc/ftpchroot similar to /etc/ftpusers; each entry
  can take an optional trailing `yes' or `no' which indicates if
  chroot should be done (defaults to `yes').
  based on patches from Ty Sarna <tsarna@endicor.com> in [bin/4769]

cleanups/bugs:
* reorder and reformat entries in yacc parser to match cmdtab[].
  add a blank line between each rule.
* add short hasopts and char *options to struct tab, to support OPTS.
* deprecate upper(); use strcasecmp() instead of strcmp()
* remove unnecessary for (;;) { } in yylex();
* replace copy() and sgetsave() with xstrdup()
* fix a couple of `hasyyerrored = 1' that were accidently removed.
1998-09-07 08:11:20 +00:00
lukem
0e5bdd5185 * complete fix for `multiple replies returned for single parse error'
problem; move `hasyyerrored' state flag out of yylex() so that
  check_{login,modify} can also set it.
* check result of check_login for PORT command
* set initial timeout before the "setjmp(); for(;;) yyparse()",
  otherwise an invalid command after login incorrectly sets the timeout
  to 5 minutes (rather than what was set in ftpd.conf)
* replace (char *)0 with NULL
* move yyerror() from ftpd.c to ftpcmd.y
* remove need for -Dunix, by using the version string from ftpd.c
  (instead of `BSD-199506')
* move all extern-ed vars into extern.h
1998-09-06 10:39:40 +00:00
lukem
cf3263f735 * implement NOARGS state, for commands which don't take any arguments.
fixes long standing ftpd bug where two replies would be returned
  to the client if a command was flagged as accepting `ARGS' but the
  parser didn't know how to cope. obvious symptom of this would be
  ftp client is always one error message `behind' the server.
* consistently refer to the RFC as `RFC 959' not `RFC959' or `RFC-959',
  and replace refs to RFC 765 with RFC 959.
* change order of commands in cmdtab[] to: RFC 959, BSD extras, and obsolete.
* whitespace police, deprecate register, replace malloc/strcpy with strdup
1998-09-05 17:33:00 +00:00
lukem
873a0c8bea replace malloc/strcpy with strdup 1998-09-05 17:00:01 +00:00
mycroft
a5fbe304ec const poisoning. 1998-07-27 01:55:23 +00:00
mycroft
6de775c2ad const poisoning. 1998-07-27 01:45:09 +00:00
mycroft
0db548a927 const poisoning. 1998-07-26 14:57:56 +00:00
lukem
74b52f1ba3 remove Extraneous .El call which caused formatting problem 1998-07-13 09:18:14 +00:00
mrg
2beab49a06 - use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:45:41 +00:00
tv
e3ab20461f Add the ability to disable passive connects in ftpd.conf (breaks RFC1123,
STD3, but needed in some firewall environments).
1998-06-30 20:18:52 +00:00
msaitoh
10171df916 add "-s" flag (like telnetd and login) 1998-06-26 18:12:00 +00:00
msaitoh
a5471c1dd8 add "-s" flag (SecureID). 1998-06-26 17:41:38 +00:00
kleink
e62a515e87 GLOB_QUOTE is gone; per POSIX, backslash quoting of special characters being
enabled is the default behaviour.
1998-06-21 12:16:35 +00:00
kleink
fc5d36f8e4 GLOB_QUOTE is dead; per POSIX, backslash quoting of special characters being
enabled is the default behaviour.
1998-06-19 22:58:04 +00:00
lukem
fc90756956 Implement a new manual page category ``SECURITY CONSIDERATIONS''
(suggested by mycroft)
1998-06-08 12:41:41 +00:00
lukem
9c9d43e6b5 support displaying the stderr output from a LIST or a conversion to
the user at the end of a transfer.
this generates a file in /tmp, so anonymous requires a
writable ~ftp/tmp, which you may not want to do (because it may
allow people to unwanted upload files).

XXX:	a better method of storing the stderr output would be nice, but
	is a lot more effort to implement. this feature can at least be
	used temporarily whilst debugging why an ftp conversion doesn't
	work.
1998-06-08 07:13:13 +00:00
mouse
7ccec6ac9f Show/log the strerror(errno) string when getcwd fails 1998-06-03 13:21:42 +00:00
hubertf
dde092b47d Fix some problems with failed getcwd commands, reported in PR bin/5531
by Saitoh Masanobu <msaitoh@spa.is.uec.ac.jp>.
1998-06-03 09:21:45 +00:00
lukem
77c4126096 use TM_YEAR_BASE (not 1900) - not that we expect it to change in any case :) 1998-05-21 00:09:32 +00:00
fair
5ce6614a4f fix bad .Xr references 1998-04-29 08:33:11 +00:00
fair
dc026e0515 Change occurrences of "UNIX" to .Ux or .At as appropriate. 1998-04-28 06:00:51 +00:00
lukem
6c4ddbba34 fix disabling of optimization on powerpc (set COPTS *after* <bsd.prog.mk>...) 1998-04-13 14:24:02 +00:00
tv
482063559a .y.c <sys.mk> rule fixes. Don't create a y.tab.h file unless asked for,
and use smarter creation of the header file.
1998-04-09 00:32:31 +00:00
kleink
cd7d0f550d Need <time.h> for time() prototype. 1998-04-01 14:35:23 +00:00
kleink
223dbe1123 Need <time.h> for time(), localtime() and ctime() prototypes. 1998-04-01 14:31:59 +00:00
cjs
39926e4051 Send back an error message rather than dumping core when an invalid
username is entered. The latter, while effective, does not appear to
me to be an appropriate response.
1998-02-23 23:10:34 +00:00
cjs
0fb549738e Disable RNFR command for guest users so that they can't rename (and thus
also overwrite!) files.
1998-02-13 17:15:53 +00:00
christos
23d3afbb8c - #endif foo -> #endif /* foo */
- #if __STDC__ -> #ifdef __STDC__
- Don't allow expired accounts to login.
1998-02-01 14:10:22 +00:00
mrg
c3d9fda2c3 expand on the checkportcmd option. 1998-01-23 00:56:55 +00:00
lukem
1e03f65c0d clarify /etc/ftpwelcome is shown *before* login 1997-12-31 02:43:54 +00:00
lukem
53f6552a12 set $HOME to "/" for guest or chroot users, pw->pw_dir otherwise.
fixes expansion of `~/...' pathnames.
1997-12-28 04:28:17 +00:00
lukem
9f8ad690b4 use 300 seconds (as per login(1)) for initial timeout, rather than 900 secs 1997-11-28 23:42:36 +00:00
lukem
0e2d417ded * initialise curclass.timeout to 900 in main(), so that operations that
want to timeout using this value that are executed before the conf file
  is parsed will work. fixes ``stale ftpd stuck in connection phase''
* in PASV mode, wrap accept() in an alarm timeout. fixes ``stale ftpd because
  of client disappearing in pasv mode (usually browsers)''
* main() doesn't need envp argument
1997-11-28 23:32:30 +00:00
lukem
b181ccb476 log debug stuff using LOG_DEBUG not LOG_INFO 1997-11-16 12:04:21 +00:00
lukem
83955f6abd * change checkportcmd syntax to checkportcmd class [off]' (as per modify')
* display current setting of checkportcmd in STAT
* ensure that curclass.checkportcmd is initialised to 0
* document default setting of checkportcmd in ftpd(8)
* cleanup code a bit, putting code for "checkportcmd" in alphabetical order
1997-11-11 12:42:24 +00:00
mrg
c8fbce69fd increment version. 1997-11-11 06:32:17 +00:00
mrg
6666673d8e oops, missed this bit in previous change. 1997-11-11 06:17:22 +00:00
mrg
8e2c08b183 add a "checkportcmd <class>" option that stops ftp bounce attacks. 1997-11-11 05:48:03 +00:00
mycroft
1336137028 Use remove(3) rather than stat(2)ing the file, yadda yadda.
Simpler, and DTRT for symlinks.
1997-10-19 18:16:19 +00:00
mycroft
3ff72472fe Use S_IS*(), not S_IF*. 1997-10-19 18:15:23 +00:00
mycroft
30c6e0cebf SRCS must be defined *before* bsd.prog.mk is included... 1997-10-12 14:06:21 +00:00
mycroft
307211b0f5 Add some krb5 hooks, though it probably doesn't work yet. 1997-10-12 14:04:36 +00:00
mycroft
76a39e6e7c Actually, do Kerberos first, since we want to get a TGT if possible.
Also, clean up some minor cruft.
1997-10-12 13:52:51 +00:00
mycroft
4bf23f1a50 Format police.
Also, try s/key before Kerberos.
1997-10-12 13:18:56 +00:00
mycroft
085fe346f1 Oops; fix typo. 1997-10-12 13:09:11 +00:00
mycroft
5566d4c1f1 Conditionalize s/key support. 1997-10-12 13:08:41 +00:00
mrg
2268d2dfb3 merge lite-2 Makefiles (rcsids), and turn on WARNS for all of libexec. 1997-10-08 09:07:11 +00:00
lukem
96ad830ee2 - add '-C user', which runs checkaccess(user) and exits with the result
(0 == user allowed in /etc/ftpusers, 1 == user denied in /etc/ftpusers).
  from Jim Bernard <jbernard@tater.mines.edu> in [security/4061] with mods
- getopt returns -1 not EOF
- in lostcon(), call dologout(1) not dologout(-1);
1997-09-23 14:25:30 +00:00
lukem
550665a814 implement '-c confdir', which allows the specification of an alternate
directory to look for the various configuration files, overriding /etc.
From Matthias Scheler <tron@lyssa.owl.de> in [bin/4133]
1997-09-23 13:56:39 +00:00
cjs
74762c9036 Mention that if the user's shell is null, it's assumed to be /bin/sh.
(Pointed out by Jim Bernard <jbernard@tater.mines.edu>.)
1997-09-21 22:59:03 +00:00
lukem
67d65f4970 - ensure 257 reply codes from PWD and MKD are RFC959 compliant:
257 "dirname" some message
  (any "s in dirname should be doubled, per the RFC)
- don't put an extra / in the output of NLST if the last char in the
  directory is a /
- bump the version to 7.01 because of these fixes
1997-09-18 07:27:35 +00:00
lukem
05efcc80e4 fix grammo 1997-08-26 13:10:39 +00:00
kleink
66105c37fc Lseek(2) usage cleanup: the use of L_SET/L_INCR/L_XTND is deprecated,
use SEEK_SET/SEEK_CUR/SEEK_END instead.
1997-08-25 19:31:43 +00:00
lukem
0bba8ce38d * don't depend upon buffer returned by fgetln() to remain. fix mainly
from Tatoku Ogaito <tacha@tera.fukui-med.ac.jp> in [bin/3967]
* fgetln() doesn't \0 terminate its string. look for the \n and replace
  it with \0 (if no \n, ignore the line - it's most likely corrupt)
* more intensive checks on strdup() returns (not a current mem leak,
  but depended upon code elsewhere to cleanup - not good)
* cleanup some syslog error messages
1997-08-14 02:06:15 +00:00
jtc
a158249541 Fix files using old TNF copyright notice 1997-07-31 00:08:03 +00:00
mrg
04b009a915 be safe with some buffers. 1997-07-21 05:13:10 +00:00
christos
a838817b21 Add WARNS=1 1997-07-01 20:49:59 +00:00
hannken
c9ccc894a4 Add missing braces. `check_modify' returns 0 without a reply. See PR #3779. 1997-06-24 08:49:27 +00:00
christos
c22375d4d3 missed some warnings. 1997-06-22 22:33:12 +00:00
cjs
fedfe5c4d3 %qd wants long long. Thus, if you're going to turn on warnings for
printf format strings, you've got to make sure you cast quantities
passed to %qd to long long because on 64-bit machines they're often
just long, which is not the same, even when it's the same size.
1997-06-21 18:01:35 +00:00
mellon
973a248f85 Need prototype for klogin() - probably ought to go in a header file, but klogin probably ought to go in a library first 1997-06-21 04:38:54 +00:00
christos
2424c4f970 - Pass gcc -Wall
- Fix incorrect const poisoning
- Fix ftpd_popen to dynamically allocate strings to avoid buffer overruns.
1997-06-18 19:05:46 +00:00
lukem
31547ec641 * implement /etc/ftpd.conf, which adds support for the following features,
controllable on a per class (which is one of: real, chroot, guest,
  all or none) basis:
    * on-the-fly execution of a command to build the file (a ``conversion''),
      providing support for "get dirname.tar" and the like.
    * displaying the contents of a file when a directory is entered
      for the first time.
    * maximum value for timeout (replaces -T).
    * control usage of CHMOD, DELE, MKD, RMD, UMASK; replacing -DINSECURE_GUEST.
    * notifying the user of the existance of a files matching a glob
      pattern when a directory is entered for the first time.
    * default value for timeout (replaces -t).
    * default umask (replaces -DGUEST_CMASK and -u).
  The conversion, display, and notify functionality was based on code by
  Simon Burge <simonb@telstra.com.au>.
* clean up and re-order parts of the man page into subsections.
* STAT displays the settings defined for the class of the current user.
* bump version from 6.00 to 7.00, because of ftpd.conf.
* deprecate -DGUEST_CMASK and -DINSECURE_GUEST in the Makefile, and
  -t, -T and -u, as ftpd.conf allows finer control of these.
* add "nostderr" argument to ftpd_popen(), because you don't want the
  stderr stream mixing with the stdout stream during a conversion,
  as this can corrupt the stream.
1997-06-14 08:43:26 +00:00
lukem
dfb524fa46 * don't log failed usernames to ftp.notice; use authpriv.notice instead.
closes [bin/1571]
* don't quit if "PASV" is received without the user being logged in.
  closes [bin/2401], albiet with a modified test.
1997-05-29 10:31:48 +00:00
cjs
93b985ed90 Allow setting the directory to which anonymous users chdir from
the command line. Document -u option. A couple of minor cleanups.
1997-05-23 22:09:48 +00:00
pk
58efb9d20c NULL => 0 (Arne Juul; PR#3629) 1997-05-17 19:24:44 +00:00
cjs
6ed41b9085 /etc/ftpusers now matches globs against the username. mycroft suggested this. 1997-04-29 04:00:39 +00:00
lukem
66783f1f43 * fix "cd ~" so that it works (from Simon Burge <simonb@telstra.com.au>
* move resetting of CFLAGS on powerpc to before optional CFLAGS settings
* minor code & man page cleanups
1997-04-27 03:21:38 +00:00
thorpej
85ea5d090f Don't compile this with -O on the PowerPC - cc1 cores. 1997-04-19 05:13:26 +00:00
cjs
a5d6da371a Change the syntax of /etc/ftpusers to have both allow and deny
information in the same file by following the username with `allow'
or `deny'. Also, the user `*' can be used to set the default for
users not listed in the file. This is entirely backward compatable
with old /etc/ftpusers files.
  Also, do the /etc/ftpusers and the valid login shell checks after
the password is verified, rather than before, so as not to give away
whether or not a particular user ID is present on the system.
1997-04-06 07:53:10 +00:00
cjs
ff88177058 Changes to make anonymous uploads more secure. For anonymous users:
* Set umask to 707;
* Disable UMASK, CHMOD, DELE, RMD and MKD commands.
Compile-time options let you change that umask and go back to the
old, insecure way if you like.
1997-03-30 22:53:36 +00:00
cjs
76d4734615 4.4lite2 update. (The one minor bugfix between 4.4lite and 4.4lite2
was already in our sources, thus just the sccsid line is changed.)
1997-03-28 21:55:41 +00:00
mrg
3771fb912e set transflag to 0 in dologout, to prevent a SIGURG taking us back to the main loop. 1997-01-23 05:57:55 +00:00
jtc
93153c7796 Changed to use 1900 + tm_year instead of hardcoding "19" as the century.
From PR #2308 by Stephen J. Roznowski <sjr@zombie.ncsc.mil>.
1996-04-08 19:03:11 +00:00
cgd
02172229ba add -Dunix to CFLAGS 1996-02-16 02:07:41 +00:00
thorpej
08f474ecc4 Correct the instructions regarding the password database in
~ftp/etc, from Rob Windsor <windsor@ksu.ksu.edu> in PR #544.
1996-01-14 20:55:23 +00:00
mycroft
5860921eda Fill in sin_len. 1995-06-03 22:37:19 +00:00
cgd
8954551479 typo. 1995-04-11 02:58:40 +00:00
cgd
6a9917621c clean up RCS Id's and a couple of stype nits.
Also, fix bug 947 (reported by Luke Mewburn, extraneous vers.c)
1995-04-11 02:44:45 +00:00
mycroft
dad7a18390 Use IPTOS_THROUGHPUT for passive mode data connection. 1995-03-22 16:55:35 +00:00
mycroft
ebeae88da2 Use POSIX signals. 1995-03-21 21:47:04 +00:00
brezak
4036a63b78 Fill in ttyname for cred file uniquifier under KERBEROS (From Michael Graff) 1995-03-08 19:50:54 +00:00
jtc
490ec0010d Change mention of /etc/passwd to /etc/pwd.db, as reported by PR #556. 1995-02-17 09:19:45 +00:00
cgd
b54e75897f be a bit more careful with types, casts, and and function declarations. 1994-12-23 14:29:31 +00:00
cgd
ae9172d6cd specify man pages the new way. 1994-12-22 09:57:51 +00:00
jtc
a5f771b355 Fix PR #491, what could have been a big security hole 1994-09-20 23:09:14 +00:00
brezak
ad6e6fe7ab As long as KERBEROS is here at least let it compile cleanly... 1994-07-25 18:48:40 +00:00
mycroft
ec9f6d82c2 Clean up deleted files. 1994-06-29 01:49:53 +00:00
deraadt
d6743f02e5 4.4-lite, plus our local changes 1994-06-29 01:49:37 +00:00
deraadt
1a3b9af761 add skey support 1994-05-24 06:52:17 +00:00
cgd
d7e56d367a use setproctitle 1994-04-14 03:15:37 +00:00
cgd
8940935dd1 Jarle.F.Greipsland@idt.unit.no's changes to allow for password-protected
chrooted ftp logins.
1994-04-06 20:49:52 +00:00
cgd
2ab4a0ae5c some changes to make Kerberos a bit easier to use. from
Michael Graff <explorer@vorpal.com>, with some work by myself...
1994-03-30 02:49:15 +00:00
cgd
4b30c543a0 always use libcrypt 1993-10-07 02:16:39 +00:00
mycroft
e9d867ef50 Add RCS identifiers. 1993-08-01 17:54:45 +00:00
mycroft
dfb9caab49 Add RCS indentifiers. 1993-08-01 07:32:48 +00:00
mycroft
cda4f8f6ee Add RCS identifiers. 1993-08-01 05:37:30 +00:00
cgd
811e6386f8 changed to use new libcrypt scheme. 1993-04-26 14:33:28 +00:00
cgd
649bd7ccc5 added support for using real crypt 1993-03-22 23:27:33 +00:00
cgd
61f282557f initial import of 386bsd-0.1 sources 1993-03-21 09:45:37 +00:00