#
e2097150 |
|
21-May-2024 |
Allan Jude <allanjude@FreeBSD.org> |
ftpd: stop using -g flag for /bin/ls In 3bfbb521 the behaviour of ls was changed such that -g was no longer a noop for compatibility with BSD 4.3, but instead changed the output of long mode to exclude the owner of the file and display only the group. Update how FTPd invokes ls to restore the previous behaviour Reported-by: Andrew Fengler <andrew.fengler@scaleengine.com> Reviewed-by: jrtc27, des, imp MFC after: 3 days Sponsored-by: ScaleEngine Inc. Fixes: 3bfbb521fef5 ("ls: Improve POSIX compatibility for -g and -n.")
|
#
0b8224d1 |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove copyright strings ifdef'd out We've ifdef'd out the copyright strings for some time now. Go ahead and remove the ifdefs. Plus whatever other detritis was left over from other recent removals. These copyright strings are present in the comments and are largely from CSRG's attempt at adding their copyright to every binary file (which modern interpretations of the license doesn't require). Sponsored by: Netflix
|
#
43581d7b |
|
23-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
libexec: Remove ancient SCCS tags. Remove ancient SCCS tags from the tree, automated scripting, with two minor fixup to keep things compiling. All the common forms in the tree were removed with a perl script. Sponsored by: Netflix
|
#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
0aa27001 |
|
01-Oct-2022 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Put OPIE to rest. Differential Revision: https://reviews.freebsd.org/D36592
|
#
674400eb |
|
27-Jul-2021 |
Alan Somers <asomers@FreeBSD.org> |
ftpd: delete dead code Delete code killed by SVN r13139 in 1996. Little chance that it would still compile today. PR: 257317 Reported by: Alan Shearer <sakison@gmail.com> MFC after: 2 weeks Sponsored by: Axcient
|
#
3c0c1e01 |
|
22-Sep-2020 |
Mark Johnston <markj@FreeBSD.org> |
ftpd: Add missing braces around a statfd check This was harmless but looked incorrect. No functional change intended. MFC after: 1 week Sponsored by: The FreeBSD Foundation
|
#
2ac43100 |
|
15-Sep-2020 |
Mark Johnston <markj@FreeBSD.org> |
ftpd: Exit during authentication if an error occurs after chroot(). admbug: 969 Security: CVE-2020-7468
|
#
69097cd8 |
|
05-Dec-2017 |
Xin LI <delphij@FreeBSD.org> |
Use strlcpy(). MFC after: 2 weeks
|
#
8a16b7a1 |
|
20-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
General further adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 3-Clause license. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point.
|
#
de8d85c9 |
|
06-Oct-2017 |
Eugene Grosbein <eugen@FreeBSD.org> |
ftpd(8): fix user context handling. Apply authenticated user context after update of wtmp(5) at start of session, so that ftpd process is not killed by kernel with SIGXFSZ when user has "filesize" limit lower than size of system wtmp file. Same applies to session finalization: revert to super-user context before update of wtmp. If ftpd hits limit while writing a file at user request, do not get killed with SIGXFSZ instantly but apparently ignore the signal, process error and report it to the user, and continue with the session. PR: 143570 Approved by: avg (mentor), mav (mentor) MFC after: 1 week
|
#
959d78b2 |
|
11-Nov-2016 |
Kurt Lidl <lidl@FreeBSD.org> |
Fix build when WITHOUT_BLACKLIST=yes is specified PR: 214409 Submitted by: matthew Reported by: matteo MFC after: 3 days Sponsored by: The FreeBSD Foundation
|
#
e07d11b6 |
|
01-Nov-2016 |
Kurt Lidl <lidl@FreeBSD.org> |
Revisit blacklistd support in ftpd Enhance blacklistd support to not log anything by default, unless blacklistd support is enabled on the command line. Document new flag in man page, cleanup patches to be less intrusive in code. Reported by: Rick Adams Reviewed by: cem, emaste MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D8374
|
#
504422fa |
|
06-Jun-2016 |
Kurt Lidl <lidl@FreeBSD.org> |
Update blacklist support in ftpd to clarify fd usage The ftp daemon dups the control socket to stdin and uses that fd throughout the code. Clarify this usage slightly by changing from explicit use of "0" for the fd to a variable, to make it clear what the zero represents in the non-blacklist code. Make the blacklist_notify routine use STDIN_FILENO so as to have less of a "magic number" feel to the code. Reviewed by: cem Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6716
|
#
3656f229 |
|
03-Jun-2016 |
Kurt Lidl <lidl@FreeBSD.org> |
Add blacklist support to ftpd Reviewed by: rpaulo Approved by: rpaulo Relnotes: YES Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6703
|
#
8877d1db |
|
12-May-2016 |
Don Lewis <truckman@FreeBSD.org> |
Declare line[] in the outermost scope of retrieve() instead of declaring it in an inner scope and then using it via a pointer in the outer scope. Reported by: Coverity CID: 605895
|
#
f03ef840 |
|
10-May-2016 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Rename getline with get_line to avoid collision with getline(3) When getline(3) in 2009 was added a _WITH_GETLINE guard has also been added. This rename is made in preparation for the removal of this guard
|
#
ec489d64 |
|
01-May-2016 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
libexec: minor spelling fixes in comments. No functional change.
|
#
5efaea4c |
|
17-Feb-2014 |
Christian Brueffer <brueffer@FreeBSD.org> |
Remove the 3rd clause ("advertising clause") of the BSD license as permitted by the University of Berkeley on July 22, 1999. Reviewed by: imp MFC after: 1 week
|
#
03d34ccc |
|
13-Feb-2014 |
Christian Brueffer <brueffer@FreeBSD.org> |
In sgetpwnam(), save and free pw_class like all other char members of struct passwd. This fixes spurious "login_getclass: unknown class" errors. PR: 186439 Submitted by: UEMURA Tetsuya <t_uemura at macome.co.jp> MFC after: 1 week
|
#
3e65b9c6 |
|
23-Dec-2011 |
Colin Percival <cperciva@FreeBSD.org> |
Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06] Add an API for alerting internal libc routines to the presence of "unsafe" paths post-chroot, and use it in ftpd. [11:07] Fix a buffer overflow in telnetd. [11:08] Make pam_ssh ignore unpassphrased keys unless the "nullok" option is specified. [11:09] Add sanity checking of service names in pam_start. [11:10] Approved by: so (cperciva) Approved by: re (bz) Security: FreeBSD-SA-11:06.bind Security: FreeBSD-SA-11:07.chroot Security: FreeBSD-SA-11:08.telnetd Security: FreeBSD-SA-11:09.pam_ssh Security: FreeBSD-SA-11:10.pam
|
#
e81b1c71 |
|
22-Jun-2011 |
Edward Tomasz Napierala <trasz@FreeBSD.org> |
Add LOGIN_SETCPUMASK and LOGIN_SETLOGINCLASS to the setusercontext(3) calls in ftpd(8).
|
#
62f390ec |
|
03-Jan-2011 |
Ed Maste <emaste@FreeBSD.org> |
Make format string a string literal. (Discovered by clang.) MFC After: 1 week
|
#
763e8c96 |
|
03-Jan-2011 |
Ed Maste <emaste@FreeBSD.org> |
Handle failure from ftpd_popen in statfilecmd(). Reviewed by: attilio MFC after: 1 week
|
#
cefb6785 |
|
03-Jan-2011 |
Christian S.J. Peron <csjp@FreeBSD.org> |
expand checkuser() to support the propagation of error codes back to the caller. Currently, checkuser() does not differentiate between the failure to open the file and the absence of a user in the file. Check to see if there was an error opening the file. If there are any errors, terminate the connection. Currently, the only exception to this rule is ENOENT, since there is nothing that says the /etc/ftpuser and /etc/ftpchroot has to exist. MFC after: 3 weeks
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
9f37b1a2 |
|
18-Jan-2010 |
Ed Schouten <ed@FreeBSD.org> |
Really disable wtmp logging when chrooting. Also perform a small cleanup to ftpd_logwtmp(). Just use a NULL parameter for the username to indicate a logout, instead of an empty string. Reported by: Alexey Shuvaev <shuvaev physik uni-wuerzburg de>
|
#
80643af0 |
|
13-Jan-2010 |
Ed Schouten <ed@FreeBSD.org> |
Port ftpd to utmpx. Unfortunately I have to partially wreck its functionality, though. ftpd used to keep a file descriptor to the wtmp, which allowed it to work from within a chroot. The current utmpx implementation doesn't offer a way to do this. Maybe we can address this in the future, if it turns out to be a real issue.
|
#
ec85f7fa |
|
07-Apr-2009 |
David E. O'Brien <obrien@FreeBSD.org> |
Move variable externs into extern.h so they are checked against the definitions.
|
#
f0b40b1c |
|
22-Dec-2008 |
Colin Percival <cperciva@FreeBSD.org> |
Prevent cross-site forgery attacks on ftpd(8) due to splitting long commands into multiple requests. [08:12] Avoid calling uninitialized function pointers in protocol switch code. [08:13] Merry Christmas everybody... Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
2ea42282 |
|
18-Apr-2007 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Add support for RFC 2389 (FEAT) and RFC 2640 (UTF8) to ftpd(8). The support for RFC 2640 (UTF8) is optional and rudimentary. The server just advertises its capability to handle UTF-8 file names and relies on its own 8-bit cleanness, as well as on the backward compatibility of UTF-8 with ASCII. So uploaded files will have UTF-8 names, but the initial server contents should be prepared in UTF-8 by hand, no on-the-fly conversion of file names will be done. PR: bin/111714 Submitted by: Zhang Weiwu <see email in the PR> MFC after: 1 week
|
#
32072720 |
|
09-Feb-2007 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Let automatic TCP send buffer sizing do its job for ftpd(8): stop setting the SO_SNDBUF socket option. Using a hard-coded value for it was a poor idea anyway in the face of diverse network conditions.
|
#
2c9fd5f2 |
|
01-Mar-2006 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
- Reduce needless DNS query by lookup only appropriate address family. [1] - Specify appropriate hints to getaddrinfo(3). [1] - Obtain address family from peername in inet mode. Submitted by: Rostislav Krasny <rosti.bsd__at__gmail.com> [1] Tested by: yar, Rostislav Krasny <rosti.bsd__at__gmail.com> MFC after: 1 week
|
#
a599a64a |
|
21-Jan-2006 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
In the daemon code, check for and report possible errors from accept(2) and fork(2). Also close all unneeded fds in the child process, namely listening sockets for all address families and the fd initially obtained from accept(2). (The main ftpd code operates on stdin/stdout anyway as it has been designed for running from inetd.) MFC after: 5 days
|
#
8eb0508f |
|
20-Jan-2006 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
The daemon's child shouldn't go on with the for loop over ctl_sock's -- it is solely the parent daemon's job. So just break out of the loop in the child. MFC after: 5 days
|
#
125b9635 |
|
20-Jan-2006 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use pidfile(3) provided by libutil to manage the deamon's pid file. By default, create a pid file at the standard location, /var/run/ftpd.pid, in accord with the expected behavior of a stock system daemon. MFC after: 5 days
|
#
f9036ce6 |
|
16-Feb-2005 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Add some consistency checks to the signal-related code. MFC: along with rev. 1.202
|
#
91ae7779 |
|
16-Feb-2005 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
A call to maskurg() makes sense only when a transfer is under way, the function will emit an annoying log message otherwise. Reported by: kris MFC: along with rev. 1.202
|
#
78e3eed0 |
|
14-Feb-2005 |
Stefan Farfeleder <stefanf@FreeBSD.org> |
Fix most cases where the address of an int is passed to a function expecting a socklen_t * argument.
|
#
220223fd |
|
19-Jan-2005 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Respect the `logging' flag. Pointed out by: Nick Leuta MFC after: 3 days
|
#
4cd51076 |
|
19-Jan-2005 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Improve handling SIGURG and OOB commands on the control channel. The major change is to process STAT sent as an OOB command w/o breaking the current data transfer. As a side effect, this gives better error checking in the code performing data transfers. A lesser, but in no way cosmetic, change is using the flag `recvurg' in the only signal-safe way that has been blessed by SUSv3. The other flag, `transflag,' becomes private to the SIGURG machinery, serves debugging purposes only, and may be dropped in the future. The `byte_count' global variable is now accounting bytes actually transferred over the network. This can give status messages looking strange, like "X of Y bytes transferred," where X > Y, but that has more sense than trying to compensate for combinations of data formats on the server and client when transferring ASCII type data. BTW, getting the size of a file in advance is unreliable for a number of reasons in the first place. See question 18.8 of the Infrequently Asked Questions in comp.lang.c for details. PR: bin/52072 Tested by: Nick Leuta (earlier versions), a stress-testing tool (final) MFC after: 1 month
|
#
1850cfa1 |
|
09-Jan-2005 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Replace err(3) calls when in daemon mode by syslog(3), too. A daemon has no stderr to send its complains to. Pointed out by: Nick Leuta MFC after: 1 week
|
#
bcd26184 |
|
16-Dec-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Do a small style(9) fix before I'm hacking the code itself.
|
#
8efc8b18 |
|
16-Dec-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
free(3) is void already.
|
#
6c98f401 |
|
12-Dec-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Never emit a message to stderr: use syslog instead. When in inetd mode, this prevents bogus messages from appearing on the control channel. When running as a daemon, we shouldn't write to the terminal we used to have at all. PR: bin/74823 MFC after: 1 week
|
#
ebd83647 |
|
22-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
When looking for a virtual host to handle the connection, stop the search on the first match for efficiency. Submitted by: Nick Leuta
|
#
4cbc4ad6 |
|
22-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Calling pam_chauthtok() isn't really needed since an FTP user has no chance to change password anyway. Submitted by: Nick Leuta
|
#
e897216f |
|
22-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Don't log the chroot dir on every command since it's constant for a session. Log it once at the beginning of the session instead. OTOH, log wd each time for the sake of better auditing and consistent log format. Proposed by: Nick Leuta <skynick -at- mail.sc.ru>
|
#
7cdd3cb7 |
|
22-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Always log remote IP. PR: bin/59773
|
#
04683b2c |
|
22-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Treat host name buffers consistently.
|
#
215a9f9d |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Make chrootdir global and use it in log messages regarding restricted users. MFC after: 2 weeks
|
#
2b7eb1c0 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Nitpicking on style(9) and whitespace. Tested with: md5(1)
|
#
0c4b401f |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use __FBSDID.
|
#
405e2987 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Don't say, "file: permission denied," if the operation is disabled entirely.
|
#
02c97492 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use uniform punctuation, capitalization, and language style in server messages wherever this doesn't contradict to a particular message format.
|
#
eb5b2bb3 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Apply __printflike() to the appendf() prototype so the compiler can detect format errors.
|
#
82c03024 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix perror_reply() vs. reply() usage.
|
#
4a3e5acd |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
'\n' needs not to appear in reply() strings.
|
#
6b2dee6b |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Log pathname arguments to ftp commands as the user specified them; add the working directory pathname to the log message if any of such arguments isn't absolute. This has advantage over the old way of logging that an admin can see what users are actually trying to do, and where. The old code was also not too robust when it came to a chrooted session and an absolute pathname. Pointed out by: Nick Leuta MFC after: 2 weeks
|
#
ac4f2391 |
|
18-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use S_ISDIR() macro instead of a hand-rolled test.
|
#
75933089 |
|
17-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
getcwd() won't leave a error string in the buffer, unlike getwd().
|
#
de9b6c03 |
|
17-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use POSIX functions instead of legacy ones: getwd() -> getcwd() wait3() -> waitpid()
|
#
7e295315 |
|
17-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill more unneeded casts found. Noticed by: Nick Leuta <skynick -at- mail.sc.ru> (some of them)
|
#
3b48b877 |
|
14-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Don't invent ways of capitalization orthogonal to the English grammar.
|
#
41c57b48 |
|
14-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
RFC 959 states that the following codes should be used for status replies on file system objects: 212 Directory status. 213 File status. Reported by: Oleg Koreshkov <okor -at- zone.salut.ru> MFC after: 1 week
|
#
6e4b0a55 |
|
13-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Using off_t to pass a block size is obvious overkill. The size_t type is better suited for that, particularly because the "blksize" argument is to be passed to malloc() and read(). On 64-bit archs it's more to a style issue, but the good style of coding in C is also important.
|
#
e3765043 |
|
13-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill ancient casts to integral types left from the K&R era. They're unneeded and sometimes erroneous now.
|
#
8c1c21f2 |
|
02-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix logxfer() by using realpath(3) instead of playing with getwd(3). Previously logxfer() used to record bogus pathnames to the log in some cases, namely, when cwd was / or "name" was absolute. Noticed by: Nick Leuta MFC after: 2 weeks
|
#
bb4641e2 |
|
02-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Replace the last occurence of (long long) and %qd with (intmax_t) and %jd, which is the right way to printf an off_t in the presence of <stdint.h>. Submitted by: Nick Leuta
|
#
545ea864 |
|
01-Nov-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
OpenPAM allows passing a NULL "pamh" to pam_strerror() to indicate that the creation of a PAM context has failed. N.B. This does not apply to pam_strerror() in RELENG_4, it will mishandle a NULL "pamh". Discussed with: des
|
#
de45162d |
|
30-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
- Stop shadowing global "pamh" by a local variable in auth_pam(). - Stop calling pam_strerror() with NULL pamh. - Add a missing call to pam_end(). PR: bin/59776 Submitted by: Nick Leuta <see PR for email> MFC after: 2 weeks
|
#
c29b9b47 |
|
30-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Describe the semantics of the sgetpwnam() helper function in the comment above it so that nobody will save pointers returned inside "struct passwd" across the calls to the function.
|
#
c999732b |
|
24-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Log the actual number of bytes sent on the wire to /var/log/ftpd instead of the disk size of the file sent. Since the log file is intended to provide data for anonymous ftp traffic accounting, the disk size of the file isn't really informative in this case. PR: bin/72687 Submitted by: Oleg Koreshkov MFC after: 1 week
|
#
b4585cc1 |
|
15-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
We must not fall back to the old way (read-write) if sendfile() transferred some data before throwing a error condition because sendfile() won't move the file offset for read() to start from. MFC after: 2 weeks
|
#
2f492fc8 |
|
15-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Clean-up around sendfile(): drop an excessive check for error condition.
|
#
2e22b914 |
|
15-Oct-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Account for the fact that sendfile(2) may hit the end of file prematurely, e.g., if the file has been truncated by someone else. PR: bin/72649 Submitted by: Oleg Koreshkov (portions) MFC after: 2 weeks
|
#
6d4a0e75 |
|
24-Sep-2004 |
Maxim Konovalov <maxim@FreeBSD.org> |
Indent.
|
#
40e67765 |
|
24-Sep-2004 |
Maxim Konovalov <maxim@FreeBSD.org> |
o Merge rev. 1.5 libexec/ftpd/ftpd.c from DragonflyBSD: Do not unconditionally fork() after accept(). accept() can return -1 due to an interrupted system call (i.e. SIGCHLD). If we fork in that case ftpd can get into an accept()/SIGCHLD/fork/[fail]/repeat loop. Reported-by: fabian <fabian.duelli@bluewin.ch> Obtained from: DragonflyBSD MFC after: 1 month
|
#
aa5a9d3f |
|
31-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Change ``(foo *)0'' to ``NULL'' where it's possible (and it appears possible throughout ftpd(8) source.) It is not a mere issue of style: Null pointers in C seem to have been mistaken one way or another quite often.
|
#
0e519c96 |
|
31-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill a small herd of casts to off_t where they were not needed. Thank Fortune, the C compiler can figure out by itself the proper conversion for assignments, comparisons, and prototyped function arguments.
|
#
a57e1ef0 |
|
31-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Printf(3) off_t values through conversion to intmax_t since we've got <stdint.h> et al now. (This makes ftpd(8) WARNS=2 clean.)
|
#
c16cd94d |
|
31-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill an unused variable (heading to WARNS=2.)
|
#
c4536e21 |
|
30-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Ditto for (gid_t).
|
#
52e7ee74 |
|
30-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill casts to (uid_t) obviously left from the K&R era. Prototyping library functions in header files has rendered them superfluous.
|
#
9ec7612a |
|
30-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Add a comment to explain that the loop around the call to bind(2) is not a hack, but it has a clear purpose.
|
#
6c124a84 |
|
30-Jul-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Open a socket for a data transfer in active mode using euid of the current user, not root. This will allow neat things like matching anonymous FTP data traffic with a single ipfw(8) rule: ipfw add ... tcp from any to any uid ftp Note that the control connection socket still belongs to the user ftpd(8) was started from, usually root. PR: bin/65928 Submitted by: Eugene Grosbein <eugen at grosbein.pp.ru> MFC after: 1 month
|
#
63047c6f |
|
13-Jun-2004 |
David E. O'Brien <obrien@FreeBSD.org> |
Simplify conditional compilation logic some.
|
#
9cbb335c |
|
12-May-2004 |
Tim J. Robbins <tjr@FreeBSD.org> |
Handle variable argument lists correctly in reply() and lreply(). In particular, do not pass the same va_list to both vprintf() and vsyslog() without first reinitializing it. This fixes ftpd -d on amd64.
|
#
385f9bf0 |
|
07-Feb-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
NULL looks better than (char *)0 unless we're passing an unprototyped argument to a function.
|
#
b943b3c4 |
|
07-Feb-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Deny attempts to rename a file from guest users if the policy says they may not modify existing files through FTP. Renaming a file is effectively a way to modify it. For instance, if a malicious party is unable to delete or overwrite a sensitive file, they can nevertheless rename it to a hidden name and then upload a troyan horse under the guise of the old file name.
|
#
3f8b9cfe |
|
07-Feb-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
perror_reply() should not be used where errno isn't meaningful.
|
#
10e89104 |
|
07-Feb-2004 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Work around a bug in some clients by never returning raw directory contents in reply to a RETR command. Such clients consider RETR as a way to tell a file from a directory. Mozilla is an example. PR: bin/62232 Submitted by: Bob Finch <bob+freebsd <at> nas <dot> com> MFC after: 1 week
|
#
c433c9da |
|
18-Jan-2004 |
Philippe Charnier <charnier@FreeBSD.org> |
add missing setusershell() calls. PR: bin/2442 Reviewed by: Friedemann Becker <zxmxy33@mail.uni-tuebingen.de>
|
#
c83098a3 |
|
07-Jan-2004 |
Eric Anholt <anholt@FreeBSD.org> |
man ftpd says that "by default, anonymous users cannot modify existing files." However, the code did allow deletion of files. Make deleting require the -m flag, too. PR: bin/60809 Submitted by: Alexander Melkov <melkov@comptek.ru>
|
#
db1c2da3 |
|
15-Nov-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
If a file to send in ASCII mode already has CRLF as end-of-line, don't add excessive CR on the wire. PR: bin/59285 Submitted by: Andrey Beresovsky <and at rsu.ru> MFC after: 1 week
|
#
206fe568 |
|
14-Sep-2003 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Don't depend on IPv4-mapped IPv6 address to bind to both IPv4 and IPv6. Wrote at: Hakone. Powered by: Warner Losh's scotch whisky. Requested by: nork
|
#
39bce482 |
|
08-Jul-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Make a malloced copy of "chrootdir" even if it points to an absolute pathname inside "residue" so "chrootdir" can be simply freed later. PR: bin/53435 Submitted by: Yutaka Ishihara <yutaka at fandc.co.jp> MFC after: 1 week
|
#
f29288c0 |
|
11-Feb-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Kill unnecessary vertical whitespace.
|
#
b8939f6f |
|
11-Feb-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use LOG_AUTHPRIV to hide the username attempted during an invalid login from everyone but sysadmins. PR: bin/29487 MFC after: 3 days
|
#
50618d61 |
|
03-Feb-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
RFC 959 doesn't list reply code 550 as a valid responce to STOR/STOU, so return reply code 553 to indicate a error from open(2) for consistency, as long as the code is used in the rest of the STOR/STOU handler.
|
#
ea701226 |
|
31-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Let real users access special files through FTP if allowed by their filesystem permissions. This doesn't break anything since using sendfile(2) is triggered later by a separate S_ISREG conditional. PR: bin/20824 MFC after: 1 week
|
#
88b70721 |
|
29-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
When searching for a unique file name in guniquefd(), distinguish between the cases of an existing file and a real system error, such as I/O failure, no access etc. MFC after: 3 days
|
#
c152df28 |
|
29-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Add a new option to ftpd(8), "-h", to disable printing any host-specific information in FTP server messages (so paranoid admins can sleep at night :-) PR: bin/16705 MFC after: 1 week
|
#
ce9287fc |
|
29-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Give the code around chroot(2)/chdir(2) a major overhaul by separating its part around chroot(2) from that around initial chdir(2). This makes the below changes really easy. Move seteuid(to user's uid) to before calling chdir(2). There are two goals to achieve by that. First, NFS mounted home directories with restrictive permissions become accessible (local superuser can't access them if not mapped to uid 0 on the remote side explicitly.) Second, all the permissions to the home directory pathname components become effective; previously a user could be carried to any local directory despite its permissions since the chdir(2) was done with euid 0. This reduces possible impact from FTP server misconfiguration, e.g., assigning a wrong home directory to a user. Implement the "/./" feature. Now a guest or user subject to chrooting may have "/./" in his login directory, which separates his chroot directory from his home directory inside the chrooted environment. This works for ftpchroot(5) as well. PR: bin/17843 bin/23944
|
#
341e476e |
|
27-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Actually extract the second field from a line in ftpchroot(5) instead of just using the rest of the line behind the first field.
|
#
0ba71e24 |
|
27-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Allow more than one separator character between fields in ftpchroot(5).
|
#
8657b576 |
|
26-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Extend the format of /etc/ftpchroot so an alternative chroot directory can be specified for a user or a group. Add the manpage ftpchroot(5) since the file's format has grown complex enough. PR: bin/45327 Portions submitted by: Hideki SAKAMOTO <sakamoto@hlla.is.tsukuba.ac.jp> MFC after: 1 week
|
#
63591ba5 |
|
23-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
- Add a new option, ``-P port'', to specify the port for ftpd(8) to listen at in daemon mode. - Use the port by 1 less than the control port as the default data port instead of always using hard-coded port 20. Submitted by: roam MFC after: 1 week
|
#
e5094456 |
|
20-Jan-2003 |
Crist J. Clark <cjc@FreeBSD.org> |
The FTP daemon was vulnerable to a DoS where an attacker could bind() up port 20 for an extended period of time and thus lock out all other users from establishing PORT data connections. Don't hold on to the bind() while we loop around waiting to see if we can make our connection. Being a DoS, it has security implications, giving it a short MFC time. MFC after: 1 day
|
#
f8a581a0 |
|
16-Jan-2003 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Prepend a space character if a line begins with a digit in the output to the "STAT file" request. This closes one discrepancy with RFC 959 (page 36.) See also http://www.kb.cert.org/vuls/id/328867 Obtained from: OpenBSD
|
#
1f75c13e |
|
11-Nov-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Don't free the current addrinfo list, or else a pointer to a freed memory area would arise. Only an addrinfo list from an earlier call to getaddrinfo() should be freed there because it will be substituted by the current list referenced by "res". Reported by: John Long <fbsd1@pruam.com> MFC after: 5 days
|
#
d9e2c424 |
|
24-Oct-2002 |
Robert Watson <rwatson@FreeBSD.org> |
Have ftpd specify the LOGIN_SETMAC flag to setlogincontext() so that MAC labels are set if MAC is enabled and configured for the user logging in. Note that lukemftpd is not considered a supported application when MAC is enabled, as it does not use the standard system interfaces for managing user contexts; if lukemftpd is used with labeled MAC policies, it will not properly give up privileges when switching to the user account. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
89fdc4e1 |
|
24-Sep-2002 |
Mike Barcroft <mike@FreeBSD.org> |
Use the standardized CHAR_BIT constant instead of NBBY in userland.
|
#
7c20f337 |
|
29-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
The mode can be "r+" as well on PUT, but only "a" on APPE.
|
#
ec009cf0 |
|
27-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Remove variables no longer used.
|
#
f2fe752d |
|
27-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
More inithosts() fixes: o Don't free(3) memory occupied by host structures already in the host list. o Set hrp->hostinfo to NULL if a host record has to stay in the host list, but is to be ignored. Selecthost() knows that. o Reduce the pollution with excessive NULL checks. o Close a couple of memory leaks. MFC after: 1 week
|
#
a23f61bc |
|
27-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix an inconsistency between a printf-like format and its argument list. Submitted by: kris MFC after: 3 days
|
#
5d7e0128 |
|
23-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Add option '-W': don't log FTP sessions to wtmp. Submitted by: maxim MFC after: 1 week
|
#
b1d8d5cd |
|
20-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Clean up hostname and hostinfo handling in inithosts(): o check getaddrinfo(3) return value, not result pointer o getaddrinfo(3) returns int, not pointer o don't leak memory allocated for hostnames and hostinfo structures o initialize pointers that will be checked for NULL somewhere MFC after: 1 week
|
#
f6daca0d |
|
13-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix a wrong comment on (hopefully) right code. MFC after: 3 days
|
#
a117c345 |
|
08-Aug-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Rework storing files thoroughly. This includes: o Remove the race between stat(2) & fopen(3) when creating a unique file. o Improve bound checking when generating a unique name from a given pathname. o Ignore REST marker on APPE. No RFC specifies this case, but the idea of resuming APPE's implies this. o By default, deny upload resumes and appends by anonymous users. Previously these commands were translated to STOU silently, which led to broken files on server without any notification to the user. o Add an option, -m, to allow anonymous users to modify existing files (e.g., to resume uploads) if filesystem permissions permit. Portions obrainded from: OpenBSD MFC after: 3 weeks
|
#
2b748987 |
|
29-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Conform to RFC 959, Appendix II, when replying to a successful MKD command. MFC after: 1 week
|
#
93bd9dc5 |
|
26-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Make the `-v' option a synonym for `-d' (as it was intended initially) and document it in the manpage. MFC after: 2 weeks
|
#
0e063efe |
|
26-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Sort command-line options according to the mostly used style: alphabetical order, lower and upper case of the same letter stick together, lower case first. MFC after: 2 weeks
|
#
8af7c9a3 |
|
24-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Re-use passive data ports with the SO_REUSEADDR socket option to avoid exausting the passive port space by TIME_WAIT'ing connections. PR: bin/36955 Submitted by: Maxim Konovalov <maxim@FreeBSD.org> MFC after: 2 weeks
|
#
57d4ef07 |
|
24-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Remove the outdated casts to "char *" from the setsockopt(2), write(2), and getipnodebyaddr(3) calls. Now all the above functions accept "void *" in that arguments and have prototypes. Thus, the casts are useless under the normal circumstances (and would be harmful if the functions had no prototypes.) MFC after: 2 weeks
|
#
406d1ae9 |
|
24-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Clean up the syslog(3) messages on the setsockopt(2) errors: o Always check a setsockopt(2) return value o Use a consistent message format o Don't abort if the failed setsockopt(2) was actually not vital o Use LOG_WARNING, not LOG_ERR, in non-fatal cases MFC after: 1 week
|
#
fc99a00c |
|
22-Jul-2002 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
use IPV6_V6ONLY instead of non standard IPV6_BINDV6ONLY. MFC after: 1 week
|
#
e4648f05 |
|
22-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix one RFC 959 incompliance: Double double-quotes in a PWD result if they appear in the directory pathname. PR: misc/18365 MFC after: 1 week
|
#
1b0e12d7 |
|
20-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Allow deleting and renaming stale symlinks and deleting symlinks pointing to directories. PR: bin/37250 Submitted by: Nino Dehne <TeCeEm@gmx.de> MFC after: 1 week
|
#
233c0f66 |
|
17-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Avoid passing NULL to freehostent(3). MFC after: 1 week
|
#
4b4cc4c6 |
|
17-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Fix setting parameters for getipnodebyaddr(3): o "struct addrinfo" contains a pointer to "struct sockaddr," not "struct sockaddr" itself o the function takes a pointer to "struct in*_addr", not to "struct sockaddr," so the address length must be corresponding MFC after: 1 week
|
#
12da320b |
|
16-Jul-2002 |
Mike Heffner <mikeh@FreeBSD.org> |
GLOB_QUOTE has been retired.
|
#
5f76ebf3 |
|
16-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use the right indent for the closing brace: it belongs to `if', not to `for'. The previous indent was reather misleading for the code reader. MFC after: 1 week
|
#
55b54aa7 |
|
16-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Replace the awkward hackery about strtok(3) by conventional one-way parsing of ftphosts(5). Don't let NULL hostname pointers into virtual host records as well. PR: bin/18410 MFC after: 1 month
|
#
737d08f3 |
|
12-Jul-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Use fgetln(3) to read lines from configuration files (ftpusers, ftphosts.) Thus lines of any length can be handled, unlike before. Don't assume that each line read from the files ends with a newline. As a side effect in inithosts(), don't use automatic buffer at all, utilize malloc(3) when getting local host name instead. PR: misc/21494 Reviewed by: maxim, mikeh MFC after: 1 month
|
#
0849c184 |
|
02-Jul-2002 |
Dan Moschuk <dan@FreeBSD.org> |
Make sure to reset transflag back to zero upon succesfully using sendfile() to transfer a file. PR: 39362 Submitted by: TANAKA Hiroyuki <kattyo@abk.nu> MFC after: 1 week
|
#
b0f06def |
|
02-Jul-2002 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Cope with 2292bis-01 getaddrinfo (no NI_WITHSCOPEID, always attach scope identifier). MFC after: 3 weeks
|
#
3ded9dcd |
|
01-Jul-2002 |
Maxim Konovalov <maxim@FreeBSD.org> |
Remove trailing whitespaces.
|
#
3af48c42 |
|
01-Jul-2002 |
Maxim Konovalov <maxim@FreeBSD.org> |
Move 'byte_count' calculation just before 'recvurg' check. It is a global variable and used in myoob(). PR: bin/38928 Submitted by: Oliver Fromme <olli@secnetix.de> MFC after: 1 month
|
#
d186bb12 |
|
30-Jun-2002 |
Matthew N. Dodd <mdodd@FreeBSD.org> |
Implement a flag to disable directory creation for anonymous users. PR: misc/38987 Submitted by: Peter da Silva <peter@abbnm.com> MFC after: 1 week
|
#
3613e24c |
|
28-May-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
Assume __STDC__, remove non-__STDC__ code.
|
#
60769b19 |
|
25-Feb-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Rewrite the part of the conversation function that allocates the reply array; it was inelegant and neglected to check the return value from malloc(3). Sponsored by: DARPA, NAI Labs
|
#
492f1d9c |
|
13-Feb-2002 |
Maxim Konovalov <maxim@FreeBSD.org> |
Fix infinite loop around sendfile(2) after sending >4GB file. PR: bin/33770 Submitted by: Vladislav Shabanov <vs@rambler-co.ru> Reviewed by: ru Approved by: ru MFC after: 1 month
|
#
e4bc453c |
|
03-Feb-2002 |
Warner Losh <imp@FreeBSD.org> |
o Eliminate __P o Use new-style function definitions o remove some !__STDC__ code o eliminate register
|
#
4b82fc95 |
|
28-Jan-2002 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Remove the setjmp/longjmp stuff completely. Use signal handlers to set flags only (with exception for sigquit(), which still seems to call some non-reentrant functions on its way to _exit(2).) That must eliminate the possibility of catching SIGSEGV from following non-reentrant paths from signal handlers. PR: bin/32740 bin/33846 Submitted by: Maxim Konovalov <maxim@macomnet.ru> Obtained from: OpenBSD
|
#
46948173 |
|
28-Jan-2002 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Log wtmp according to an address family properly. Reported by: matusita Reviewed by: matusita MFC after: 1 week
|
#
f650a124 |
|
21-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Remove my workaround fallback since PAM now do it properly.
|
#
819a1420 |
|
19-Jan-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Really back out ache's commits. These files are now precisely as they were twentyfour hours ago, except for RCS ids.
|
#
07977587 |
|
19-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Back out PAM_CRED_ERR addition
|
#
3e4f7c7f |
|
19-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Add PAM_CRED_ERR as valid failure case
|
#
c0cbe6a9 |
|
18-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Call opieunlock() only if we skip opieverify() part
|
#
50356ef3 |
|
18-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Remove conditional 'pwok' fallback for PAM which now is implemented in pam_opie module For non-PAM variant rewrite empty password checking code to do the right thing and not disallow empty passwords in all cases.
|
#
47499ecd |
|
01-Jan-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Fix OPIE auth
|
#
4cd48bac |
|
19-Nov-2001 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Eliminate another instance of the old and well-known DoS bug that the select(2)/accept(2) pair is called on a socket that is in the blocking I/O mode. The bug is triggered if a selected connection dies before the accept(2) leading to the accept(2) blocking virtually forever. MFC after: 1 week
|
#
7a29d7da |
|
12-Oct-2001 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Don't let a user name in ftpd's proctitle be mistaken for a status message. PR: misc/25217 MFC after: 7 days
|
#
11342ab1 |
|
12-Oct-2001 |
Yaroslav Tykhiy <ytykhiy@gmail.com> |
Be consistent about indent at least within one block of code.
|
#
896bddb5 |
|
29-Sep-2001 |
Andrey A. Chernov <ache@FreeBSD.org> |
1) Use OPIE response only when OPIE keys really used 2) Use commonly used OPIE response form instead of self-made one
|
#
b3a0a7cd |
|
10-Sep-2001 |
Mike Heffner <mikeh@FreeBSD.org> |
Remove a field width specifier that's not doing anything more than what using snprintf() achieves. It was also being used incorrectly.
|
#
1cc9f0bb |
|
02-Sep-2001 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Extend the functionality offered by the -o option into a new option -O, which limits the impact of the write-only restriction to guest users. *) The existing manual page's SYNOPSIS and option listing in the DESCRIPTION are already horribly disordered. No attempt has been made to fix this. *) The existing source's getopt() optstring and option handling switch are already horribly disordered. No attempt has been made to fix this. Discussed with: nik, -audit
|
#
e4a71114 |
|
02-Sep-2001 |
Andrey A. Chernov <ache@FreeBSD.org> |
long -> off_t long -> time_t %ld -> %qd fseek -> fseeko NOTE: that fseek not works for >long offsets per POSIX: [EOVERFLOW] For fseek( ), the resulting file offset would be a value which cannot be represented correctly in an object of type long.
|
#
62513e76 |
|
28-Aug-2001 |
Nik Clayton <nik@FreeBSD.org> |
Add a new option, '-o', for "Write-only". Disables the RETR command, preventing anyone from downloading files. In conjunction with -A, and some appropriate file permissions, this lets you create an anonymous FTP drop box for people to upload files to. The more obvious "-w" flag is already taken by NetBSD's ftpd. "-o" was available as an option letter in all three BSDs.
|
#
75dc5f1a |
|
28-Jul-2001 |
Mike Heffner <mikeh@FreeBSD.org> |
Rename the GLOB_MAXPATH flag of glob(3) to GLOB_LIMIT to be compatible with NetBSD and OpenBSD. glob(3) will now return GLOB_NOSPACE with errno set to 0 instead of GLOB_LIMIT when we match more than `gl_matchc' patterns. GLOB_MAXPATH has been left as an alias of GLOB_LIMIT to maintain backwards compatibility. Reviewed by: sheldonh, assar Obtained from: NetBSD/OpenBSD
|
#
fa1746c9 |
|
09-Jul-2001 |
Mark Murray <markm@FreeBSD.org> |
Remove S/Key. PAM can do its job. Well, not quite - there is an issue with the conversation function and challenges which needs to be revisited, so in the interim a hack is introduced to provide an OPIE challenge (which is random if OPIE does not apply) at all non-anonymnous logins.
|
#
ad442344 |
|
12-Jun-2001 |
Dima Dorfman <dd@FreeBSD.org> |
Move the definition of epsvall out of #ifdef VIRTUAL_HOSTING so that the latter is not required for ftpd to compile.
|
#
618b0bba |
|
28-Apr-2001 |
Mark Murray <markm@FreeBSD.org> |
Change names of functions and variables with global scope that are in conflict with library values of the same name. This allows static linking.
|
#
5bc9d93d |
|
27-Mar-2001 |
Mark Murray <markm@FreeBSD.org> |
Add full PAM support for account management and sessions. The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux package's PAM patches to the BSD login.c Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
|
#
6d10cb2f |
|
19-Mar-2001 |
Jonathan Lemon <jlemon@FreeBSD.org> |
Teach ftpd about the new GLOB_MAXPATH flag.
|
#
1f15c0d6 |
|
11-Mar-2001 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
When the file was transferred using sendfile(2), we forgot to keep track of the transferred byte count. MFC candidate. PR: bin/25699
|
#
f6f0c4b9 |
|
19-Dec-2000 |
Dan Moschuk <dan@FreeBSD.org> |
In send_data(), use sendfile() instead of the mmap() algorithm.
|
#
a4b77a2a |
|
16-Dec-2000 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Add option -E to disable EPSV which throws certain stateful firewalls into confusion. Add option -r to make ftpd support only read-only operations. Submitted by: Flemming (F3) Jacobsen <fj@batmule.dk> Reviewed by: phk
|
#
3fb3b78f |
|
18-Nov-2000 |
Kris Kennaway <kris@FreeBSD.org> |
Format string paranoia
|
#
ea413ab7 |
|
12-Oct-2000 |
Guido van Rooij <guido@FreeBSD.org> |
Fix broken PAM with SKEY behaviour: the skey.access file checks were broken because the code failed to set PAM_RHOST.
|
#
eb2fc780 |
|
09-Oct-2000 |
Garrett Wollman <wollman@FreeBSD.org> |
Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby <time.h>).
|
#
90906a46 |
|
16-Aug-2000 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Don't set an arbitrary limit on username lengths; use MAXLOGNAME instead. PR: 20675 Submitted by: Vladimir B Grebenschikov <vova@express.ru>
|
#
2310b8c6 |
|
16-Aug-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Fix `control socket: Protocol not supported' failure in standalone -D mode when neither -4 nor -6 is specified.
|
#
028f24cf |
|
01-Aug-2000 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Honour skey.access(5) by allowing UNIX passwords when skeyaccess(3) has set pwok to a non-zero value. Previously, the fact that skey.access(5) allowed UNIX passwords for this connection attempt was ignored, even in the NOPAM case. This only addresses the NOPAM case; when libpam is used, the problem will persist. PR: 20333
|
#
b535a9bf |
|
25-Jun-2000 |
David Nugent <davidn@FreeBSD.org> |
Fix a problem in the virtual host address compare code which caused duplicated host entries in /etc/ftphosts not to be folded. Make sure we exit the loop on a match. PR: bin/19390
|
#
2db39860 |
|
25-May-2000 |
Nick Sayer <nsayer@FreeBSD.org> |
1. Add IPv6 portrange restriction code (-U flag) to passive(). 2. Add portrange restriction code (for both v4 and v6) to the EPSV processing stuff.
|
#
f38c6cad |
|
10-Feb-2000 |
Yoshinobu Inoue <shin@FreeBSD.org> |
Add more dual stack consideration. -ftpd need to know each of AF_INET and AF_INET6 addr for hosts specified in /etc/ftphosts. Approved by: jkh
|
#
b3ea3170 |
|
03-Feb-2000 |
Yoshinobu Inoue <shin@FreeBSD.org> |
Fix ftpd core dump when hostname is not set. When hostname is not set, ftpd core dumps, because there is no NULL check for freeing name resolving information for its own hostname. So the check is added. Approved by: jkh
|
#
4dd8b5ab |
|
27-Jan-2000 |
Yoshinobu Inoue <shin@FreeBSD.org> |
another tcp apps IPv6 updates.(should be make world safe) ftp, telnet, ftpd, faithd also telnet related sync with crypto, secure, kerberosIV Obtained from: KAME project
|
#
6c9134c0 |
|
19-Sep-1999 |
Mark Murray <markm@FreeBSD.org> |
Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here.
|
#
9db4bbf3 |
|
11-Sep-1999 |
Michael Haro <mharo@FreeBSD.org> |
When a STAT command is sent to ftpd as an out-of-band transmission during a file transfer, the command was mishandled on every other receipt of the command. PR: 13261 Submitted by: Ian Lepore <ian@plutotech.com>
|
#
7f3dea24 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
17130647 |
|
25-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone really dislikes this, we could add a switch to disable it at runtime and check in popen.c.
|
#
85966371 |
|
25-Apr-1999 |
Warner Losh <imp@FreeBSD.org> |
More egcs warning fixes: o main returns int not void o use return 0 at end of main when needed o use braces to avoid potentially ambiguous else o don't default to type int (and also remove a useless register modifier). Reviewed by: obrien and chuckr
|
#
9e9a43bd |
|
07-Apr-1999 |
Brian Somers <brian@FreeBSD.org> |
Ensure that things returned by gethostname() and friends are terminated and allow for a maximum host name length of MAXHOSTNAMELEN - 1. Put parenthesis around sizeof args. Make some variables static. Fix telnetd -u (broken by my last commit) Prompted by: bde
|
#
32af26a5 |
|
06-Apr-1999 |
Brian Somers <brian@FreeBSD.org> |
Use realhostname() rather than various combinations of gethostbyaddr() & gethostbyname(). Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
|
#
e6fa0d43 |
|
13-Oct-1998 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Set the user context correctly so that cd ~ does the right thing. PR: bin/7943 bin/8293 Submitted by: Bill Fenner <fenner@parc.xerox.com> Approved by: jkh
|
#
158a00b2 |
|
03-Jun-1998 |
John Birrell <jb@FreeBSD.org> |
signal() returns SIG_ERR on error, not int. time() requires a time_t pointer, not a long.
|
#
7edcb936 |
|
24-May-1998 |
Steve Price <steve@FreeBSD.org> |
Make ftpd(8) honor its default group setting in the config files. PR: 6682 Submitted by: Max Euston <meuston@jmrodgers.com>
|
#
34d1ba5c |
|
16-May-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
Return back initial tzset() must be before first chroot
|
#
46589cb6 |
|
15-May-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
Move TZ="" assignment just before exec to not touch other time stuff
|
#
29030694 |
|
15-May-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
Do TZ= as first thing, since FTP protocol is unable to tell zone offset in any case. It makes no difference for anon account (since chroot already makes it GMT), but if you do mirror with special non-anon login, in old variant your mirror will be wholy retransmitted twice in the year due to time zone changes (/etc/localtime plays bad role here)
|
#
dadb9fb3 |
|
27-Apr-1998 |
David Greenman <dg@FreeBSD.org> |
Set TCP_NODELAY on the control channel to improve performance a bit.
|
#
f5c57d05 |
|
24-Feb-1998 |
Eivind Eklund <eivind@FreeBSD.org> |
Make ftpd log IP-addresses in addition to hostnames.
|
#
e760ef2c |
|
24-Dec-1997 |
Warner Losh <imp@FreeBSD.org> |
Various sprintf -> snprintf fixes. Minor style fix (strcpy(foo,"") -> *foo = '\0') Obtained from: OpenBSD(?)
|
#
e02897fa |
|
21-Nov-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Cosmetics in man page. Exit(-1) -> exit(1).
|
#
986a1172 |
|
05-Sep-1997 |
Thomas Gellekum <tg@FreeBSD.org> |
Hopefully better fix for logwtmp(): rename to a private version ftpd_logwtmp().
|
#
9c607750 |
|
02-Aug-1997 |
Bruce Evans <bde@FreeBSD.org> |
Import Lite2's src/libexec, except for makekey (which was spammed by a repository copy from 1.1.5 and patched back to Lite1) and rbootd/bootdir/SYSHPBSD (which is binary). All changed files have already left the vendor branch.
|
#
0512556a |
|
24-Jul-1997 |
David Nugent <davidn@FreeBSD.org> |
Make useage of hostname global variable consistent. PR: 4135 Based on submitted patch by: blank@fox.uni-trier.de
|
#
3401a71f |
|
21-May-1997 |
Daniel O'Callaghan <danny@FreeBSD.org> |
Tell the chroot()ed user that "access restrictions apply".
|
#
5d0bfe39 |
|
10-May-1997 |
David Nugent <davidn@FreeBSD.org> |
login_getclass() -> login_getpwclass().
|
#
ea4e54b9 |
|
28-Apr-1997 |
David Nugent <davidn@FreeBSD.org> |
Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for definition of a system's virtual hosts.
|
#
31fea7b8 |
|
27-Apr-1997 |
David Nugent <davidn@FreeBSD.org> |
YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny and allow chroot access to entire groups.
|
#
af85d782 |
|
25-Apr-1997 |
David Nugent <davidn@FreeBSD.org> |
Adds optional "internal ls" support for ftpd, by collecting modules from src/bin/ls, and handling exec(_PATH_LS,..) as a special case, very useful in an environment where many users are given chroot access. "~/etc/{s}pwd.db" files are still needed if uid/gid->user/group translation is desired. To enable this it must be compiled with the make variable FTP_INTERNAL_LS defined, either in /etc/make.conf or the environment.
|
#
b071c689 |
|
22-Apr-1997 |
David Nugent <davidn@FreeBSD.org> |
Add basic login.conf (sans authentication) support.
|
#
91477cc4 |
|
28-Mar-1997 |
Warner Losh <imp@FreeBSD.org> |
compare return value from getopt against -1 rather than EOF, per the final posix standard on the topic.
|
#
9e522f7a |
|
22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Revert $FreeBSD$ to $Id$
|
#
c65c314e |
|
13-Feb-1997 |
Guido van Rooij <guido@FreeBSD.org> |
Actually allow the -R flag.
|
#
ac7636cb |
|
28-Jan-1997 |
David Greenman <dg@FreeBSD.org> |
Oops, fix white space in last commit.
|
#
0b4df2ee |
|
28-Jan-1997 |
David Greenman <dg@FreeBSD.org> |
Fix signal handler race condition.
|
#
8abdc2eb |
|
16-Jan-1997 |
Alexander Langer <alex@FreeBSD.org> |
Sweep through the tree fixing mmap() usage: - Use MAP_FAILED instead of the constant -1 to indicate failure (required by POSIX). - Removed flag arguments of '0' (required by POSIX). - Fixed code which expected an error return of 0. - Fixed code which thought any address with the high bit set was an error. - Check for failure where no checks were present. Discussed with: bde
|
#
1130b656 |
|
14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
5a392aec |
|
29-Nov-1996 |
Torsten Blum <torstenb@FreeBSD.org> |
add flag to allow only anonymous ftp logins Reviewed by: pst
|
#
dacc9752 |
|
20-Nov-1996 |
Paul Traina <pst@FreeBSD.org> |
Conditionalize setsockopt IP_PORTRANGE to make ftpd portable.
|
#
43658eac |
|
18-Oct-1996 |
Andrey A. Chernov <ache@FreeBSD.org> |
Implement alternative strategy if it is impossible to confirm password: ask for it, but don't tell that S/key password required. It looks like non-s/key system from outside. Additionally tell that s/key required when it is so for normal case
|
#
28ed0fe0 |
|
17-Oct-1996 |
Andrey A. Chernov <ache@FreeBSD.org> |
Don't ever ask for password if it is impossible to confirm it It happens if 1) regular passwords not allowed, 2) skey database not activated for given user. Under some rare circumstanes skey_challenge can return empty diagnostic or even previous buffer, fix it.
|
#
105a3c98 |
|
09-Aug-1996 |
Julian Elischer <julian@FreeBSD.org> |
Reviewed by: various Submitted by: archie@whistle.com allow ftpd to bind to a single address/interface this allows easy split services.
|
#
9aca17cb |
|
09-Aug-1996 |
Mark Murray <markm@FreeBSD.org> |
Tidy up the Kerberised bits. While I'm here, fix some -Wall complaints.
|
#
3cde2031 |
|
06-Aug-1996 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Fix another bogon.
|
#
0bb6e9ed |
|
06-Aug-1996 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Make password checking in ftpd work again.
|
#
a5a4544e |
|
04-Aug-1996 |
Paul Traina <pst@FreeBSD.org> |
Convert STATS and PARANOID to run-time options. Document the new -R (relax paranoia) option. From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks (relax, we're still exportable), and /etc/ftpchroot feature for semi-anonymous accounts
|
#
61f891a6 |
|
04-Aug-1996 |
Paul Traina <pst@FreeBSD.org> |
If PARANOID is set, do not allow PORT commands to remote ports less than 1024 or addresses other than the requestor's address. This violates the FTP protocol (hmm...as I write this, I'm going to change this to a run-time var.) Require login before PASV and RNTO commands. Close unused PASV ports so they don't hang around forever. Do not allow file overwrites via rename or STOR when anonymous (suspenders). Clean up buffer utilization. My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out by Mike Prettejohn and Kit Knox.
|
#
40e9d39e |
|
30-May-1996 |
Peter Wemm <peter@FreeBSD.org> |
Use the sysctl settable data port ranges rather than the statically compiled values. see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE discussion in <netinet/in.h>
|
#
cf09a206 |
|
11-Apr-1996 |
David Greenman <dg@FreeBSD.org> |
Implemented a "-D" option that causes ftpd to detach and become a daemon - accepting connections on the FTP port and forking children processes to handling them. This is lower overhead than spawning ftpd from inetd and can be a significant win on busy FTP servers. Be sure to disable ftpd in inetd.conf if you decide to use this option. These changes are based on similar changes I made to wu-ftpd and have been in use on wcarchive for several months.
|
#
1332892b |
|
18-Mar-1996 |
David Greenman <dg@FreeBSD.org> |
Fix bug that caused a coredump when attempting to enter passive mode when not logged in. Original fix slightly altered by me to return the correct reply code. Submitted by: Vadim Kolontsov <vadim@tversu.ac.ru>
|
#
b63e1fe2 |
|
01-Jan-1996 |
Peter Wemm <peter@FreeBSD.org> |
Make ftpd use setproctitle() from libutil I've left the old code in there under #ifdef OLD_SETPROCTITLE in case somebody wants to try to compile out ftpd on some other machine.
|
#
d6ed3c37 |
|
29-Nov-1995 |
Guido van Rooij <guido@FreeBSD.org> |
Timeout when an expected accept does not happen after all. This gets rids of dozens of hanging ftpd's because some broken pc implementation `forgets' to open a passive connection. Obtained from: Wietse Venema
|
#
ae532ecb |
|
28-Aug-1995 |
Mike Pritchard <mpp@FreeBSD.org> |
Check for expired passwords before allowing access to the system.
|
#
4c450ad7 |
|
05-Aug-1995 |
Paul Traina <pst@FreeBSD.org> |
Use data ports in the range 40000..44999 by default to enhance FTP usability in a firewall environment. Original idea by Mark Tracy (?). Reviewed by: wollman Submitted by: pst
|
#
6c06b4e2 |
|
29-May-1995 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
Remove trailing whitespace.
|
#
95645563 |
|
22-May-1995 |
David Greenman <dg@FreeBSD.org> |
Make last change a little more robust by checking for failure of getcwd().
|
#
82c76939 |
|
22-May-1995 |
David Greenman <dg@FreeBSD.org> |
Set "HOME" so that tilde expands correctly. It previously was always root's directory /root.
|
#
9fc5823a |
|
03-May-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
Speed up ftpd and make it more efficient: - set TCP_NOPUSH to keep from sending short packets at each write(2) boundary - set SO_SNDBUF to 64k so we have a reasonable amount of buffer space - for a regular file in binary mode which is not being restarted and is . smaller than 16 Meg, use mmap(2) and write(2) the whole file in one big gulp In the most common circumstances, this should dramatically reduce the system-call load from ftpd, since the call to write() will not return until the entire file has been written, rather than writing just a few K at a time in a loop.
|
#
3eb568f2 |
|
26-Feb-1995 |
Guido van Rooij <guido@FreeBSD.org> |
Add some functionality to ftpd so it logs all anonymous file transfers. It only does this when -S is set. Reviewed by: Submitted by: Obtained from: logdaemon package
|
#
2c60c54c |
|
27-Oct-1994 |
Paul Traina <pst@FreeBSD.org> |
recommit rev 1.5 of ftpd, I fatfingered a command
|
#
bb56d435 |
|
29-Sep-1994 |
Paul Traina <pst@FreeBSD.org> |
Use new skey access routines
|
#
348c7a12 |
|
20-Sep-1994 |
David Greenman <dg@FreeBSD.org> |
Fixed bug where /etc/ftpusers was ineffective. Caused by the wrong pointer being passed to strcmp(). Bug noticed by Matthew Green.
|
#
726040de |
|
21-Aug-1994 |
Guido van Rooij <guido@FreeBSD.org> |
Put skey support in ftpd. Reviewed by: Submitted by: guido
|
#
ea022d16 |
|
26-May-1994 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
BSD 4.4 Lite Libexec Sources
|