Commit Graph

383 Commits

Author SHA1 Message Date
lukem f009f7a2e4 Update version to 20100320 for Christos' commit to popen.c 1.37 for:
PR/43023: Bruce Cran: FTPD bug remote crash
2010-03-21 20:27:26 +00:00
christos 692b0132a0 PR/43023: Bruce Cran: FTPD bug remote crash
Since we specify NOCHECK, in the NOMATCH case gl_pathv can be NULL.
(From FreeBSD)
2010-03-20 18:23:30 +00:00
lukem 11a6d49961 NetBSD-ftpd 20091107:
* Fix WARNS=4 issues (const & sign mismatches, etc)
* Ensure various ftpd.conf values can't exceed their underlying types.
* Fix for 64 bit time_t and dev_t
* Rename internal getline() function to get_line() so it does
  conflict with the getline(3) libc function.
* Log both the hostname and numeric address.
* Improve man page mdoc formatting
2009-11-07 03:10:05 +00:00
roy 7027866a09 Rename internal getline() function to get_line() so it does
conflict with the soon to be added getline(3) libc function.
2009-07-13 19:05:39 +00:00
wiz 93dafb2e39 Drop trailing whitespace. 2009-05-01 10:53:27 +00:00
lukem 24c7ea10da Simplify the example command used to extract a wu-ftpd compatible xferlog. 2009-05-01 09:47:26 +00:00
joerg 3b17d40bfb Don't use .Xo/.Xc or .Oo/.Oc over .It lines to work around the macro
argument limit in ancient groff versions.
2009-04-09 02:25:45 +00:00
lukem fd6e87486b Fix 'vfork clobber' warning on vax.
Problem noted by and fix confirmed by Olaf 'Rhialto' Seibert.
2009-03-18 02:27:41 +00:00
joerg 854ee47087 Declare all columns. 2009-03-15 08:05:22 +00:00
lukem 0053962f9d Fix WARNS=4 issues (const & sign mismatches, etc)
Ensure various ftpd.conf values can't exceed their underlying types.
2009-03-15 07:48:36 +00:00
lukem a341f7315c bump version for remoteloghost & portability changes 2009-03-02 03:48:43 +00:00
lukem 6269ac3894 Use LLF (et al) instead of "%lld" (et al). 2009-03-02 03:47:44 +00:00
christos 313780f726 PR/40339: Ed Ravin: make ftpd log both the hostname and numeric address. 2009-01-08 18:47:49 +00:00
christos 0d7dc435fd fix for 64 bit time_t and dev_t 2008-12-29 00:33:34 +00:00
lukem a69f51a660 Constify.
Rework an expression to make it easier to conditionally compile.
2008-10-28 08:05:26 +00:00
lukem b9b397131e Use passwd(5) instead of /etc/pwd.db as the name of the "password data base". 2008-09-21 06:20:46 +00:00
lukem d451eab1e2 Enhance -C to support an optional @host ('-C user[@host]'):
checks whether user as connecting from host would be granted
access by ftpusers(5).

Support IPv6 in the host directive of ftpusers(5).
(May resolve PR 26555)

Both features from Rudolf Cejka <cejkar@fit.vutbr.cz>
(FreeBSD's tnftpd port maintainer).
2008-09-16 12:30:38 +00:00
lukem de99131c2b Support building with -DNO_INTERNAL_LS 2008-09-16 12:23:28 +00:00
lukem 2332514a42 Don't split large commands into multiple commands; just fail on them.
This prevents CSRF-like attacks, when a web browser is used to access
an ftp server.
Reported by Maksymilian Arciemowicz <cxib@securityreason.com>.
Fix mostly derived from OpenBSD, written by Moritz Jodeit <moritz@OpenBSD.org>
2008-09-13 03:30:35 +00:00
lukem f1d75d00ca Crank copyright dates 2008-09-13 02:41:52 +00:00
lukem 0c4ddb1599 Remove the \n and tabs from the __COPYRIGHT() strings. 2008-07-20 01:09:06 +00:00
lukem 8cc604a385 Add missing RCSID. 2008-06-09 01:00:23 +00:00
lukem ef70558f4f Don't use non-standard "u_<foo>" types.
Strip trailing whitespace (as well as ':'s) off PAM password prompts.
Improve some debug logging related to PAM.
2008-06-09 00:33:39 +00:00
martin cd22f25e6f Move TNF licenses to 2 clause form 2008-05-02 18:11:04 +00:00
martin 11a6dbe728 Convert TNF licenses to new 2 clause variant 2008-04-30 13:10:46 +00:00
martin ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
lukem 4f3847e772 Reorganize USE_PAM support so that the reply(331,) from USER is
performed by the pam_conv (PAM conversation) callback, which then
getline()s the PASS reply internally.  This involves calling
auth_pam() from user() and caching the result to use later in pass().
This allows the PAM modules to present a different password prompt
dialog if necesary.  For example:
  Name (localhost:lukem):
  331 User lukem accepted, provide password [ otp-md4 89 xxxx12345 ].
versus
  Name (localhost:lukem): root
  331 User root accepted, provide password.

This is independent of (and effectively exclusive to) USE_SKEY support.

Previously ftpd with USE_SKEY=yes would provide the skey prompt
if the user had an skey configured, even if /etc/pam.d/ftpd didn't
have pam_skey in use.
I.e., ftpd shouldn't need special support for custom password prompts
(such as skey) if PAM is in use.
2008-03-27 08:12:09 +00:00
lukem e9810351a7 Switch from lockf() to (more portable) fcntl() locking 2008-03-09 20:11:43 +00:00
lukem d9ce2acdd5 Explicitly note the unsupported requests from RFC 2228.
Improvements from FreeBSD:
* Document `ftp-chroot' from login.conf(5).
* Document that SIZE is prevented for files > 10240 bytes via ASCII transfers.
2008-01-30 02:16:35 +00:00
wiz 04cd5014b6 filetypes -> file types. 2007-12-02 19:15:07 +00:00
lukem f21ab048da Rename cred_t to ftpd_cred_t; the former causes a nameclash on Solaris. 2007-07-23 10:41:05 +00:00
lukem 0def0e3a66 Rename HAVE_SOCKADDR_SA_LEN to HAVE_STRUCT_SOCKADDR_SA_LEN.
Use defined(HAVE_foo) instead of just testing HAVE_foo.
2007-07-22 05:06:45 +00:00
christos b7c1cbea43 PR/36468: Andreas Wrede: ftpd(8) always logs hostnames. Add -n option to display
addresses.
2007-06-10 20:24:31 +00:00
lukem aeb5730de8 Replace references from draft-ietf-ftpext-mlst-NN to RFC 3659. 2007-05-10 05:59:30 +00:00
lukem 0f13d99318 Expand documentation on numeric argument suffix parsing, and convert
to IEC 60027-2 prefixes for 2^n multiples ("KiB" instead of "KB", etc.)
2007-04-13 01:36:10 +00:00
christos 8fdab46bcc PR/35449: Shigeya Suzuki: ftpd does not register socket address into PAM +FIX 2007-01-20 17:26:32 +00:00
christos aca8873558 fix volatile and initialization issues, from Anon Ymous 2006-12-17 20:04:09 +00:00
he 0a97c3f688 Complete the move of string_to_flags() and flags_to_string() from the
bin/ls sources to libutil:
 o Bump libutil minor version number
 o Fix uses to include <util.h> to pick up the function definitions
 o Fix most uses of flags_to_string() to release the now-malloc()ed result
2006-12-14 20:09:35 +00:00
jdolecek 20480d6fc5 allow compilation without SUPPORT_UTMP 2006-12-04 21:13:22 +00:00
lukem c7e71f1d87 Fix -ULOGIN_CAP compile. 2006-09-26 06:47:20 +00:00
lukem 6dd25eb757 Update to 20060923 for the following changes:
20060201
debug -> ftpd_debug
xstrdup -> ftpd_strdup

20060317
* Make sure that "su" is initialized before dereferencing it.
  Fixes Coverity CID 1075.
* Set file to NULL after calling fclose().
  Fixes Coverity CID 2669.
* Remove unreachable code (res could never be NULL here).
  Fixes Coverity CID 712.

20060509
change (mostly) int to socklen_t.  GCC 4 doesn't like that int and
socklen_t are different signness.

20060923
Apply patch from PR bin/33261 sent by FUKAOMI Naoki:
"ftpd does not update wtmpx".
2006-09-25 06:30:55 +00:00
xtraeme 47e7cfa9b7 Apply patch from PR bin/33261 sent by FUKAOMI Naoki:
"ftpd does not update wtmpx".

Thanks.
2006-09-23 16:03:50 +00:00
mrg 0c37c63edc change (mostly) int to socklen_t. GCC 4 doesn't like that int and
socklen_t are different signness.
2006-05-09 20:18:05 +00:00
wiz 2bb817a755 Remove more references to kerberosIV. 2006-03-23 20:14:16 +00:00
peter 9665e92dcd Remove unreachable code (res could never be NULL here).
Fixes Coverity CID 712.
Ok by lukem@.
2006-03-17 21:28:21 +00:00
peter ee7f54fae4 Set file to NULL after calling fclose().
Fixes Coverity CID 2669.
Ok by lukem@.
2006-03-17 21:26:55 +00:00
peter 243139ee37 Make sure that "su" is initialized before dereferencing it.
Fixes Coverity CID 1075.
Ok by lukem@.
2006-03-17 21:24:33 +00:00
wiz 5d1e8b2745 Fix some typos. 2006-02-25 02:28:55 +00:00
christos 1edbda9a2e debug -> ftpd_debug
xstrdup -> ftpd_strdup
2006-02-01 14:20:12 +00:00
lukem 03353d54d6 NLST should return 450 instead of 550 upon error, per RFC 959. 2005-11-24 23:47:23 +00:00