/* $NetBSD: conf.c,v 1.28 2000/01/12 22:39:27 lukem Exp $ */ /*- * Copyright (c) 1997-2000 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation * by Simon Burge and Luke Mewburn. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the NetBSD * Foundation, Inc. and its contributors. * 4. Neither the name of The NetBSD Foundation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include #ifndef lint __RCSID("$NetBSD: conf.c,v 1.28 2000/01/12 22:39:27 lukem Exp $"); #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef KERBEROS5 #include #endif #include "extern.h" #include "pathnames.h" static char *strend __P((const char *, char *)); static int filetypematch __P((char *, int)); /* * Initialise curclass to an `empty' state */ void init_curclass() { struct ftpconv *conv, *cnext; for (conv = curclass.conversions; conv != NULL; conv = cnext) { REASSIGN(conv->suffix, NULL); REASSIGN(conv->types, NULL); REASSIGN(conv->disable, NULL); REASSIGN(conv->command, NULL); cnext = conv->next; free(conv); } curclass.checkportcmd = 0; REASSIGN(curclass.classname, NULL); curclass.conversions = NULL; REASSIGN(curclass.display, NULL); curclass.limit = -1; /* unlimited connections */ REASSIGN(curclass.limitfile, NULL); curclass.maxrateget = 0; curclass.maxrateput = 0; curclass.maxtimeout = 7200; /* 2 hours */ curclass.modify = 1; REASSIGN(curclass.motd, xstrdup(_PATH_FTPLOGINMESG)); REASSIGN(curclass.notify, NULL); curclass.passive = 1; curclass.portmin = 0; curclass.portmax = 0; curclass.rateget = 0; curclass.rateput = 0; curclass.timeout = 900; /* 15 minutes */ curclass.umask = 027; curclass.upload = 1; } /* * Parse the configuration file, looking for the named class, and * define curclass to contain the appropriate settings. */ void parse_conf(findclass) char *findclass; { FILE *f; char *buf, *p; size_t len; int none, match, rate; char *endp; char *class, *word, *arg, *template; const char *infile; size_t line; unsigned int timeout; struct ftpconv *conv, *cnext; init_curclass(); REASSIGN(curclass.classname, xstrdup(findclass)); if (strcasecmp(findclass, "guest") == 0) { curclass.modify = 0; curclass.umask = 0707; } infile = conffilename(_PATH_FTPDCONF); if ((f = fopen(infile, "r")) == NULL) return; line = 0; template = NULL; for (; (buf = fparseln(f, &len, &line, NULL, FPARSELN_UNESCCOMM | FPARSELN_UNESCCONT | FPARSELN_UNESCESC)) != NULL; free(buf)) { none = match = 0; p = buf; if (len < 1) continue; if (p[len - 1] == '\n') p[--len] = '\0'; if (EMPTYSTR(p)) continue; NEXTWORD(p, word); NEXTWORD(p, class); NEXTWORD(p, arg); if (EMPTYSTR(word) || EMPTYSTR(class)) continue; if (strcasecmp(class, "none") == 0) none = 1; if (! (strcasecmp(class, findclass) == 0 || (template != NULL && strcasecmp(class, template) == 0) || none || strcasecmp(class, "all") == 0) ) continue; if (strcasecmp(word, "checkportcmd") == 0) { if (none || (!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) curclass.checkportcmd = 0; else curclass.checkportcmd = 1; } else if (strcasecmp(word, "classtype") == 0) { if (!none && !EMPTYSTR(arg)) { if (strcasecmp(arg, "GUEST") == 0) curclass.type = CLASS_GUEST; else if (strcasecmp(arg, "CHROOT") == 0) curclass.type = CLASS_CHROOT; else if (strcasecmp(arg, "REAL") == 0) curclass.type = CLASS_REAL; else { syslog(LOG_WARNING, "%s line %d: unknown class type `%s'", infile, (int)line, arg); continue; } } } else if (strcasecmp(word, "conversion") == 0) { char *suffix, *types, *disable, *convcmd; if (EMPTYSTR(arg)) { syslog(LOG_WARNING, "%s line %d: %s requires a suffix", infile, (int)line, word); continue; /* need a suffix */ } NEXTWORD(p, types); NEXTWORD(p, disable); convcmd = p; if (convcmd) convcmd += strspn(convcmd, " \t"); suffix = xstrdup(arg); if (none || EMPTYSTR(types) || EMPTYSTR(disable) || EMPTYSTR(convcmd)) { types = NULL; disable = NULL; convcmd = NULL; } else { types = xstrdup(types); disable = xstrdup(disable); convcmd = xstrdup(convcmd); } for (conv = curclass.conversions; conv != NULL; conv = conv->next) { if (strcmp(conv->suffix, suffix) == 0) break; } if (conv == NULL) { conv = (struct ftpconv *) calloc(1, sizeof(struct ftpconv)); if (conv == NULL) { syslog(LOG_WARNING, "can't malloc"); continue; } conv->next = NULL; for (cnext = curclass.conversions; cnext != NULL; cnext = cnext->next) if (cnext->next == NULL) break; if (cnext != NULL) cnext->next = conv; else curclass.conversions = conv; } REASSIGN(conv->suffix, suffix); REASSIGN(conv->types, types); REASSIGN(conv->disable, disable); REASSIGN(conv->command, convcmd); } else if (strcasecmp(word, "display") == 0) { if (none || EMPTYSTR(arg)) arg = NULL; else arg = xstrdup(arg); REASSIGN(curclass.display, arg); } else if (strcasecmp(word, "limit") == 0) { int limit; if (none || EMPTYSTR(arg)) continue; limit = (int)strtol(arg, &endp, 10); if (*endp != 0) { syslog(LOG_WARNING, "%s line %d: invalid limit %s", infile, (int)line, arg); continue; } curclass.limit = limit; REASSIGN(curclass.limitfile, EMPTYSTR(p) ? NULL : xstrdup(p)); } else if (strcasecmp(word, "maxtimeout") == 0) { if (none || EMPTYSTR(arg)) continue; timeout = (unsigned int)strtoul(arg, &endp, 10); if (*endp != 0) { syslog(LOG_WARNING, "%s line %d: invalid maxtimeout %s", infile, (int)line, arg); continue; } if (timeout < 30) { syslog(LOG_WARNING, "%s line %d: maxtimeout %d < 30 seconds", infile, (int)line, timeout); continue; } if (timeout < curclass.timeout) { syslog(LOG_WARNING, "%s line %d: maxtimeout %d < timeout (%d)", infile, (int)line, timeout, curclass.timeout); continue; } curclass.maxtimeout = timeout; } else if (strcasecmp(word, "modify") == 0) { if (none || (!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) curclass.modify = 0; else curclass.modify = 1; } else if (strcasecmp(word, "motd") == 0) { if (none || EMPTYSTR(arg)) arg = NULL; else arg = xstrdup(arg); REASSIGN(curclass.motd, arg); } else if (strcasecmp(word, "notify") == 0) { if (none || EMPTYSTR(arg)) arg = NULL; else arg = xstrdup(arg); REASSIGN(curclass.notify, arg); } else if (strcasecmp(word, "passive") == 0) { if (none || (!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) curclass.passive = 0; else curclass.passive = 1; } else if (strcasecmp(word, "portrange") == 0) { int minport, maxport; char *min, *max; if (none) { curclass.portmin = 0; curclass.portmax = 0; continue; } if (EMPTYSTR(arg)) continue; min = arg; NEXTWORD(p, max); if (EMPTYSTR(max)) { syslog(LOG_WARNING, "%s line %d: missing maxport argument", infile, (int)line); continue; } minport = (int)strtol(min, &endp, 10); if (*endp != 0 || minport < IPPORT_RESERVED || minport > IPPORT_ANONMAX) { syslog(LOG_WARNING, "%s line %d: invalid minport %s", infile, (int)line, min); continue; } maxport = (int)strtol(max, &endp, 10); if (*endp != 0 || maxport < IPPORT_RESERVED || maxport > IPPORT_ANONMAX) { syslog(LOG_WARNING, "%s line %d: invalid maxport %s", infile, (int)line, max); continue; } if (minport >= maxport) { syslog(LOG_WARNING, "%s line %d: minport %d >= maxport %d", infile, (int)line, minport, maxport); continue; } curclass.portmin = minport; curclass.portmax = maxport; } else if (strcasecmp(word, "rateget") == 0) { if (none || EMPTYSTR(arg)) continue; rate = strsuftoi(arg); if (rate == -1) { syslog(LOG_WARNING, "%s line %d: invalid rateget %s", infile, (int)line, arg); continue; } curclass.maxrateget = rate; curclass.rateget = rate; } else if (strcasecmp(word, "rateput") == 0) { if (none || EMPTYSTR(arg)) continue; rate = strsuftoi(arg); if (rate == -1) { syslog(LOG_WARNING, "%s line %d: invalid rateput %s", infile, (int)line, arg); continue; } curclass.maxrateput = rate; curclass.rateput = rate; } else if (strcasecmp(word, "timeout") == 0) { if (none || EMPTYSTR(arg)) continue; timeout = (unsigned int)strtoul(arg, &endp, 10); if (*endp != 0) { syslog(LOG_WARNING, "%s line %d: invalid timeout %s", infile, (int)line, arg); continue; } if (timeout < 30) { syslog(LOG_WARNING, "%s line %d: timeout %d < 30 seconds", infile, (int)line, timeout); continue; } if (timeout > curclass.maxtimeout) { syslog(LOG_WARNING, "%s line %d: timeout %d > maxtimeout (%d)", infile, (int)line, timeout, curclass.maxtimeout); continue; } curclass.timeout = timeout; } else if (strcasecmp(word, "template") == 0) { if (none) continue; REASSIGN(template, EMPTYSTR(arg) ? NULL : xstrdup(arg)); } else if (strcasecmp(word, "umask") == 0) { mode_t umask; if (none || EMPTYSTR(arg)) continue; umask = (mode_t)strtoul(arg, &endp, 8); if (*endp != 0 || umask > 0777) { syslog(LOG_WARNING, "%s line %d: invalid umask %s", infile, (int)line, arg); continue; } curclass.umask = umask; } else if (strcasecmp(word, "upload") == 0) { if (none || (!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) { curclass.modify = 0; curclass.upload = 0; } else curclass.upload = 1; } else { syslog(LOG_WARNING, "%s line %d: unknown directive '%s'", infile, (int)line, word); continue; } } REASSIGN(template, NULL); fclose(f); } /* * Show file listed in curclass.display first time in, and list all the * files named in curclass.notify in the current directory. Send back * responses with the prefix `code' + "-". */ void show_chdir_messages(code) int code; { static StringList *slist = NULL; struct stat st; struct tm *t; glob_t gl; time_t now, then; int age; char cwd[MAXPATHLEN]; char *cp, **rlist; /* Setup list for directory cache */ if (slist == NULL) slist = sl_init(); if (slist == NULL) { syslog(LOG_WARNING, "can't allocate memory for stringlist"); return; } /* Check if this directory has already been visited */ if (getcwd(cwd, sizeof(cwd) - 1) == NULL) { syslog(LOG_WARNING, "can't getcwd: %s", strerror(errno)); return; } if (sl_find(slist, cwd) != NULL) return; cp = xstrdup(cwd); if (sl_add(slist, cp) == -1) syslog(LOG_WARNING, "can't add `%s' to stringlist", cp); /* First check for a display file */ (void)format_file(curclass.display, code); /* Now see if there are any notify files */ if (EMPTYSTR(curclass.notify)) return; if (glob(curclass.notify, 0, NULL, &gl) != 0 || gl.gl_matchc == 0) return; time(&now); for (rlist = gl.gl_pathv; *rlist != NULL; rlist++) { if (stat(*rlist, &st) != 0) continue; if (!S_ISREG(st.st_mode)) continue; then = st.st_mtime; if (code != 0) { lreply(code, ""); code = 0; } lreply(code, "Please read the file %s", *rlist); t = localtime(&now); age = 365 * t->tm_year + t->tm_yday; t = localtime(&then); age -= 365 * t->tm_year + t->tm_yday; lreply(code, " it was last modified on %.24s - %d day%s ago", ctime(&then), age, PLURAL(age)); } globfree(&gl); } int format_file(file, code) const char *file; int code; { FILE *f; char *buf, *p, *cwd; size_t len; off_t b; time_t now; #define PUTC(x) putchar(x), b++ if (EMPTYSTR(file)) return(0); if ((f = fopen(file, "r")) == NULL) return (0); lreply(code, ""); b = 0; for (; (buf = fparseln(f, &len, NULL, "\0\0\0", 0)) != NULL; free(buf)) { if (len > 0) if (buf[len - 1] == '\n') buf[--len] = '\0'; b += printf(" "); for (p = buf; *p; p++) { if (*p == '%') { p++; switch (*p) { case 'c': b += printf("%s", curclass.classname ? curclass.classname : ""); break; case 'C': if (getcwd(cwd, sizeof(cwd)-1) == NULL){ syslog(LOG_WARNING, "can't getcwd: %s", strerror(errno)); continue; } b += printf("%s", cwd); break; case 'E': /* XXXX email address */ break; case 'L': b += printf("%s", hostname); break; case 'M': if (curclass.limit == -1) b += printf("unlimited"); else b += printf("%d", curclass.limit); break; case 'N': if (connections > 0) b += printf("%d", connections); break; case 'R': b += printf("%s", remotehost); break; case 'T': now = time(NULL); b += printf("%.24s", ctime(&now)); break; case 'U': b += printf("%s", pw ? pw->pw_name : ""); break; case '%': PUTC('%'); break; } } else { PUTC(*p); } } PUTC('\r'); PUTC('\n'); } total_bytes += b; total_bytes_out += b; (void)fflush(stdout); (void)fclose(f); return (1); } /* * Find s2 at the end of s1. If found, return a string up to (but * not including) s2, otherwise returns NULL. */ static char * strend(s1, s2) const char *s1; char *s2; { static char buf[MAXPATHLEN]; char *start; size_t l1, l2; l1 = strlen(s1); l2 = strlen(s2); if (l2 >= l1) return(NULL); strlcpy(buf, s1, sizeof(buf)); start = buf + (l1 - l2); if (strcmp(start, s2) == 0) { *start = '\0'; return(buf); } else return(NULL); } static int filetypematch(types, mode) char *types; int mode; { for ( ; types[0] != '\0'; types++) switch (*types) { case 'd': if (S_ISDIR(mode)) return(1); break; case 'f': if (S_ISREG(mode)) return(1); break; } return(0); } /* * Look for a conversion. If we succeed, return a pointer to the * command to execute for the conversion. * * The command is stored in a static array so there's no memory * leak problems, and not too much to change in ftpd.c. This * routine doesn't need to be re-entrant unless we start using a * multi-threaded ftpd, and that's not likely for a while... */ char ** do_conversion(fname) const char *fname; { struct ftpconv *cp; struct stat st; int o_errno; char *base = NULL; char *cmd, *p, *lp, **argv; StringList *sl; o_errno = errno; sl = NULL; cmd = NULL; for (cp = curclass.conversions; cp != NULL; cp = cp->next) { if (cp->suffix == NULL) { syslog(LOG_WARNING, "cp->suffix==NULL in conv list; SHOULDN'T HAPPEN!"); continue; } if ((base = strend(fname, cp->suffix)) == NULL) continue; if (cp->types == NULL || cp->disable == NULL || cp->command == NULL) continue; /* Is it enabled? */ if (strcmp(cp->disable, ".") != 0 && stat(cp->disable, &st) == 0) continue; /* Does the base exist? */ if (stat(base, &st) < 0) continue; /* Is the file type ok */ if (!filetypematch(cp->types, st.st_mode)) continue; break; /* "We have a winner!" */ } /* If we got through the list, no conversion */ if (cp == NULL) goto cleanup_do_conv; /* Split up command into an argv */ if ((sl = sl_init()) == NULL) goto cleanup_do_conv; cmd = xstrdup(cp->command); p = cmd; while (p) { NEXTWORD(p, lp); if (strcmp(lp, "%s") == 0) lp = base; if (sl_add(sl, xstrdup(lp)) == -1) goto cleanup_do_conv; } if (sl_add(sl, NULL) == -1) goto cleanup_do_conv; argv = sl->sl_str; free(cmd); free(sl); return(argv); cleanup_do_conv: if (sl) sl_free(sl, 1); free(cmd); errno = o_errno; return(NULL); } /* * Convert the string `arg' to an int, which may have an optional SI suffix * (`b', `k', `m', `g'). Returns the number for success, -1 otherwise. */ int strsuftoi(arg) const char *arg; { char *cp; long val; if (!isdigit((unsigned char)arg[0])) return (-1); val = strtol(arg, &cp, 10); if (cp != NULL) { if (cp[0] != '\0' && cp[1] != '\0') return (-1); switch (tolower((unsigned char)cp[0])) { case '\0': case 'b': break; case 'k': val <<= 10; break; case 'm': val <<= 20; break; case 'g': val <<= 30; break; default: return (-1); } } if (val < 0 || val > INT_MAX) return (-1); return (val); } /* * Count the number of current connections, reading from * /var/run/ftpd.pids- * Does a kill -0 on each pid in that file, and only counts * processes that exist (or frees the slot if it doesn't). * Adds getpid() to the first free slot. Truncates the file * if possible. */ void count_users() { char fn[MAXPATHLEN]; int fd, i, last; size_t count; pid_t *pids, mypid; struct stat sb; (void)strlcpy(fn, _PATH_CLASSPIDS, sizeof(fn)); (void)strlcat(fn, curclass.classname, sizeof(fn)); pids = NULL; connections = 1; if ((fd = open(fn, O_RDWR | O_CREAT | O_EXLOCK, 0600)) == -1) return; if (fstat(fd, &sb) == -1) goto cleanup_count; if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL) goto cleanup_count; count = read(fd, pids, sb.st_size); if (count < 0 || count != sb.st_size) goto cleanup_count; count /= sizeof(pid_t); mypid = getpid(); last = 0; for (i = 0; i < count; i++) { if (pids[i] == 0) continue; if (kill(pids[i], 0) == -1 && errno != EPERM) { if (mypid != 0) { pids[i] = mypid; mypid = 0; last = i; } } else { connections++; last = i; } } if (mypid != 0) { if (pids[last] != 0) last++; pids[last] = mypid; } count = (last + 1) * sizeof(pid_t); if (lseek(fd, 0, SEEK_SET) == -1) goto cleanup_count; if (write(fd, pids, count) == -1) goto cleanup_count; (void)ftruncate(fd, count); cleanup_count: (void)flock(fd, LOCK_UN); close(fd); REASSIGN(pids, NULL); }