diff options
author | markm <markm@FreeBSD.org> | 1999-09-19 14:19:32 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 1999-09-19 14:19:32 +0000 |
commit | fe83e8abf357ee11114856a5278bb38431a9517c (patch) | |
tree | 36ce70fe2e8419130e546c38a7790e8ab224a362 /crypto/kerberosIV/appl/ftp/ftp/cmds.c | |
parent | a8a89cfaf983bc64f4b42f7c35209a5a36dd0fe8 (diff) | |
download | FreeBSD-src-fe83e8abf357ee11114856a5278bb38431a9517c.zip FreeBSD-src-fe83e8abf357ee11114856a5278bb38431a9517c.tar.gz |
Clean import of KTH krb4-0.10.1.
Diffstat (limited to 'crypto/kerberosIV/appl/ftp/ftp/cmds.c')
-rw-r--r-- | crypto/kerberosIV/appl/ftp/ftp/cmds.c | 581 |
1 files changed, 312 insertions, 269 deletions
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmds.c b/crypto/kerberosIV/appl/ftp/ftp/cmds.c index 5e1980b..1571fc8 100644 --- a/crypto/kerberosIV/appl/ftp/ftp/cmds.c +++ b/crypto/kerberosIV/appl/ftp/ftp/cmds.c @@ -36,7 +36,7 @@ */ #include "ftp_locl.h" -RCSID("$Id: cmds.c,v 1.23 1997/06/01 22:52:37 assar Exp $"); +RCSID("$Id: cmds.c,v 1.34.2.1 1999/08/18 18:19:44 assar Exp $"); typedef void (*sighand)(int); @@ -119,12 +119,17 @@ setpeer(int argc, char **argv) /* * Set up defaults for FTP. */ - strcpy(typename, "ascii"), type = TYPE_A; + strcpy_truncate(typename, "ascii", sizeof(typename)); + type = TYPE_A; curtype = TYPE_A; - strcpy(formname, "non-print"), form = FORM_N; - strcpy(modename, "stream"), mode = MODE_S; - strcpy(structname, "file"), stru = STRU_F; - strcpy(bytename, "8"), bytesize = 8; + strcpy_truncate(formname, "non-print", sizeof(formname)); + form = FORM_N; + strcpy_truncate(modename, "stream", sizeof(modename)); + mode = MODE_S; + strcpy_truncate(structname, "file", sizeof(structname)); + stru = STRU_F; + strcpy_truncate(bytename, "8", sizeof(bytename)); + bytesize = 8; if (autologin) login(argv[1]); @@ -165,7 +170,7 @@ setpeer(int argc, char **argv) * for text files unless changed by the user. */ type = 0; - strcpy(typename, "binary"); + strcpy_truncate(typename, "binary", sizeof(typename)); if (overbose) printf("Using %s mode to transfer files.\n", typename); @@ -238,7 +243,7 @@ settype(int argc, char **argv) else comret = command("TYPE %s", p->t_mode); if (comret == COMPLETE) { - strcpy(typename, p->t_name); + strcpy_truncate(typename, p->t_name, sizeof(typename)); curtype = type = p->t_type; } } @@ -398,7 +403,8 @@ usage: argv[2] = domap(argv[2]); } sendrequest(cmd, argv[1], argv[2], - argv[1] != oldargv1 || argv[2] != oldargv2); + curtype == TYPE_I ? "rb" : "r", + argv[1] != oldargv1 || argv[2] != oldargv2); } /* ARGSUSED */ @@ -428,133 +434,150 @@ mabort(int signo) void mput(int argc, char **argv) { - int i; - RETSIGTYPE (*oldintr)(); - int ointer; - char *tp; + int i; + RETSIGTYPE (*oldintr)(); + int ointer; + char *tp; - if (argc < 2 && !another(&argc, &argv, "local-files")) { - printf("usage: %s local-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - if (proxy) { - char *cp, *tp2, tmpbuf[MaxPathLen]; + if (argc < 2 && !another(&argc, &argv, "local-files")) { + printf("usage: %s local-files\n", argv[0]); + code = -1; + return; + } + mname = argv[0]; + mflag = 1; + oldintr = signal(SIGINT, mabort); + setjmp(jabort); + if (proxy) { + char *cp, *tp2, tmpbuf[MaxPathLen]; - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == 0) { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - tp = cp; - if (mcase) { - while (*tp && !islower(*tp)) { - tp++; - } - if (!*tp) { - tp = cp; - tp2 = tmpbuf; - while ((*tp2 = *tp) != '\0') { - if (isupper(*tp2)) { - *tp2 = 'a' + *tp2 - 'A'; - } - tp++; - tp2++; - } - } - tp = tmpbuf; - } - if (ntflag) { - tp = dotrans(tp); - } - if (mapflag) { - tp = domap(tp); - } - sendrequest((sunique) ? "STOU" : "STOR", - cp, tp, cp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT, oldintr); + while ((cp = remglob(argv,0)) != NULL) { + if (*cp == 0) { mflag = 0; - return; - } - for (i = 1; i < argc; i++) { - char **cpp; - glob_t gl; - int flags; - - if (!doglob) { - if (mflag && confirm(argv[0], argv[i])) { - tp = (ntflag) ? dotrans(argv[i]) : argv[i]; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - argv[i], tp, tp != argv[i] || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } + continue; + } + if (mflag && confirm(argv[0], cp)) { + tp = cp; + if (mcase) { + while (*tp && !islower(*tp)) { + tp++; + } + if (!*tp) { + tp = cp; + tp2 = tmpbuf; + while ((*tp2 = *tp) != '\0') { + if (isupper(*tp2)) { + *tp2 = 'a' + *tp2 - 'A'; + } + tp++; + tp2++; } - continue; + } + tp = tmpbuf; } - - memset(&gl, 0, sizeof(gl)); - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { - warnx("%s: not found", argv[i]); - globfree(&gl); - continue; + if (ntflag) { + tp = dotrans(tp); } - for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) { - if (mflag && confirm(argv[0], *cpp)) { - tp = (ntflag) ? dotrans(*cpp) : *cpp; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - *cpp, tp, *cpp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } + if (mapflag) { + tp = domap(tp); } - globfree(&gl); + sendrequest((sunique) ? "STOU" : "STOR", + cp, tp, + curtype == TYPE_I ? "rb" : "r", + cp != tp || !interactive); + if (!mflag && fromatty) { + ointer = interactive; + interactive = 1; + if (confirm("Continue with","mput")) { + mflag++; + } + interactive = ointer; + } + } } signal(SIGINT, oldintr); mflag = 0; + return; + } + for (i = 1; i < argc; i++) { + char **cpp; + glob_t gl; + int flags; + + if (!doglob) { + if (mflag && confirm(argv[0], argv[i])) { + tp = (ntflag) ? dotrans(argv[i]) : argv[i]; + tp = (mapflag) ? domap(tp) : tp; + sendrequest((sunique) ? "STOU" : "STOR", + argv[i], + curtype == TYPE_I ? "rb" : "r", + tp, tp != argv[i] || !interactive); + if (!mflag && fromatty) { + ointer = interactive; + interactive = 1; + if (confirm("Continue with","mput")) { + mflag++; + } + interactive = ointer; + } + } + continue; + } + + memset(&gl, 0, sizeof(gl)); + flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; + if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { + warnx("%s: not found", argv[i]); + globfree(&gl); + continue; + } + for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) { + if (mflag && confirm(argv[0], *cpp)) { + tp = (ntflag) ? dotrans(*cpp) : *cpp; + tp = (mapflag) ? domap(tp) : tp; + sendrequest((sunique) ? "STOU" : "STOR", + *cpp, tp, + curtype == TYPE_I ? "rb" : "r", + *cpp != tp || !interactive); + if (!mflag && fromatty) { + ointer = interactive; + interactive = 1; + if (confirm("Continue with","mput")) { + mflag++; + } + interactive = ointer; + } + } + } + globfree(&gl); + } + signal(SIGINT, oldintr); + mflag = 0; } void reget(int argc, char **argv) { - - getit(argc, argv, 1, "r+w"); + getit(argc, argv, 1, curtype == TYPE_I ? "r+wb" : "r+w"); } void get(int argc, char **argv) { + char *mode; - getit(argc, argv, 0, restart_point ? "r+w" : "w" ); + if (restart_point) + if (curtype == TYPE_I) + mode = "r+wb"; + else + mode = "r+w"; + else + if (curtype == TYPE_I) + mode = "wb"; + else + mode = "w"; + + getit(argc, argv, 0, mode); } /* @@ -564,17 +587,17 @@ int getit(int argc, char **argv, int restartit, char *mode) { int loc = 0; + int local_given = 1; char *oldargv1, *oldargv2; if (argc == 2) { argc++; + local_given = 0; argv[2] = argv[1]; loc++; } - if (argc < 2 && !another(&argc, &argv, "remote-file")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "local-file")) { -usage: + if ((argc < 2 && !another(&argc, &argv, "remote-file")) || + (argc < 3 && !another(&argc, &argv, "local-file"))) { printf("usage: %s remote-file [ local-file ]\n", argv[0]); code = -1; return (0); @@ -619,50 +642,60 @@ usage: return (0); } restart_point = stbuf.st_size; - } else { - if (ret == 0) { - int overbose; - - overbose = verbose; - if (debug == 0) - verbose = -1; - if (command("MDTM %s", argv[1]) == COMPLETE) { - int yy, mo, day, hour, min, sec; - struct tm *tm; - verbose = overbose; - sscanf(reply_string, - "%*s %04d%02d%02d%02d%02d%02d", - &yy, &mo, &day, &hour, &min, &sec); - tm = gmtime(&stbuf.st_mtime); - tm->tm_mon++; - if (tm->tm_year > yy%100) - return (1); - if ((tm->tm_year == yy%100 && - tm->tm_mon > mo) || - (tm->tm_mon == mo && - tm->tm_mday > day) || - (tm->tm_mday == day && - tm->tm_hour > hour) || - (tm->tm_hour == hour && - tm->tm_min > min) || - (tm->tm_min == min && - tm->tm_sec > sec)) - return (1); - } else { - printf("%s\n", reply_string); - verbose = overbose; - return (0); - } + } else if (ret == 0) { + int overbose; + int cmdret; + int yy, mo, day, hour, min, sec; + struct tm *tm; + + overbose = verbose; + if (debug == 0) + verbose = -1; + cmdret = command("MDTM %s", argv[1]); + verbose = overbose; + if (cmdret != COMPLETE) { + printf("%s\n", reply_string); + return (0); + } + if (sscanf(reply_string, + "%*s %04d%02d%02d%02d%02d%02d", + &yy, &mo, &day, &hour, &min, &sec) + != 6) { + printf ("bad MDTM result\n"); + return (0); } + + tm = gmtime(&stbuf.st_mtime); + tm->tm_mon++; + tm->tm_year += 1900; + + if ((tm->tm_year > yy) || + (tm->tm_year == yy && + tm->tm_mon > mo) || + (tm->tm_mon == mo && + tm->tm_mday > day) || + (tm->tm_mday == day && + tm->tm_hour > hour) || + (tm->tm_hour == hour && + tm->tm_min > min) || + (tm->tm_min == min && + tm->tm_sec > sec)) + return (1); } } recvrequest("RETR", argv[2], argv[1], mode, - argv[1] != oldargv1 || argv[2] != oldargv2); + argv[1] != oldargv1 || argv[2] != oldargv2, local_given); restart_point = 0; return (0); } +static int +suspicious_filename(const char *fn) +{ + return strstr(fn, "../") != NULL || *fn == '/'; +} + /* * Get multiple files. */ @@ -687,6 +720,8 @@ mget(int argc, char **argv) mflag = 0; continue; } + if (mflag && suspicious_filename(cp)) + printf("*** Suspicious filename: %s\n", cp); if (mflag && confirm(argv[0], cp)) { tp = cp; if (mcase) { @@ -701,8 +736,9 @@ mget(int argc, char **argv) if (mapflag) { tp = domap(tp); } - recvrequest("RETR", tp, cp, "w", - tp != cp || !interactive); + recvrequest("RETR", tp, cp, + curtype == TYPE_I ? "wb" : "w", + tp != cp || !interactive, 0); if (!mflag && fromatty) { ointer = interactive; interactive = 1; @@ -720,61 +756,71 @@ mget(int argc, char **argv) char * remglob(char **argv, int doswitch) { - char temp[16]; - static char buf[MaxPathLen]; - static FILE *ftemp = NULL; - static char **args; - int oldverbose, oldhash; - char *cp, *mode; + char temp[16]; + static char buf[MaxPathLen]; + static FILE *ftemp = NULL; + static char **args; + int oldverbose, oldhash; + char *cp, *mode; - if (!mflag) { - if (!doglob) { - args = NULL; - } - else { - if (ftemp) { - fclose(ftemp); - ftemp = NULL; - } - } - return (NULL); - } + if (!mflag) { if (!doglob) { - if (args == NULL) - args = argv; - if ((cp = *++args) == NULL) - args = NULL; - return (cp); + args = NULL; } - if (ftemp == NULL) { - strcpy(temp, _PATH_TMP_XXX); - mktemp(temp); - oldverbose = verbose, verbose = 0; - oldhash = hash, hash = 0; - if (doswitch) { - pswitch(!proxy); - } - for (mode = "w"; *++argv != NULL; mode = "a") - recvrequest ("NLST", temp, *argv, mode, 0); - if (doswitch) { - pswitch(!proxy); - } - verbose = oldverbose; hash = oldhash; - ftemp = fopen(temp, "r"); - unlink(temp); - if (ftemp == NULL) { - printf("can't find list of remote files, oops\n"); - return (NULL); - } - } - if (fgets(buf, sizeof (buf), ftemp) == NULL) { + else { + if (ftemp) { fclose(ftemp); ftemp = NULL; - return (NULL); + } } + return (NULL); + } + if (!doglob) { + if (args == NULL) + args = argv; + if ((cp = *++args) == NULL) + args = NULL; + return (cp); + } + if (ftemp == NULL) { + int fd; + strcpy_truncate(temp, _PATH_TMP_XXX, sizeof(temp)); + fd = mkstemp(temp); + if(fd < 0){ + warn("unable to create temporary file %s", temp); + return NULL; + } + close(fd); + oldverbose = verbose, verbose = 0; + oldhash = hash, hash = 0; + if (doswitch) { + pswitch(!proxy); + } + for (mode = "w"; *++argv != NULL; mode = "a") + recvrequest ("NLST", temp, *argv, mode, 0, 0); + if (doswitch) { + pswitch(!proxy); + } + verbose = oldverbose; hash = oldhash; + ftemp = fopen(temp, "r"); + unlink(temp); + if (ftemp == NULL) { + printf("can't find list of remote files, oops\n"); + return (NULL); + } + } + while(fgets(buf, sizeof (buf), ftemp)) { if ((cp = strchr(buf, '\n')) != NULL) - *cp = '\0'; - return (buf); + *cp = '\0'; + if(!interactive && suspicious_filename(buf)){ + printf("Ignoring remote globbed file `%s'\n", buf); + continue; + } + return buf; + } + fclose(ftemp); + ftemp = NULL; + return (NULL); } char * @@ -1036,38 +1082,38 @@ delete(int argc, char **argv) void mdelete(int argc, char **argv) { - sighand oldintr; - int ointer; - char *cp; + sighand oldintr; + int ointer; + char *cp; - if (argc < 2 && !another(&argc, &argv, "remote-files")) { - printf("usage: %s remote-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == '\0') { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - command("DELE %s", cp); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", "mdelete")) { - mflag++; - } - interactive = ointer; - } + if (argc < 2 && !another(&argc, &argv, "remote-files")) { + printf("usage: %s remote-files\n", argv[0]); + code = -1; + return; + } + mname = argv[0]; + mflag = 1; + oldintr = signal(SIGINT, mabort); + setjmp(jabort); + while ((cp = remglob(argv,0)) != NULL) { + if (*cp == '\0') { + mflag = 0; + continue; + } + if (mflag && confirm(argv[0], cp)) { + command("DELE %s", cp); + if (!mflag && fromatty) { + ointer = interactive; + interactive = 1; + if (confirm("Continue with", "mdelete")) { + mflag++; } + interactive = ointer; + } } - signal(SIGINT, oldintr); - mflag = 0; + } + signal(SIGINT, oldintr); + mflag = 0; } /* @@ -1113,11 +1159,12 @@ ls(int argc, char **argv) return; } if (strcmp(argv[2], "-") && *argv[2] != '|') - if (!globulize(&argv[2]) || !confirm("output to local-file:", argv[2])) { - code = -1; - return; - } - recvrequest(cmd, argv[2], argv[1], "w", 0); + if (!globulize(&argv[2]) || !confirm("output to local-file:", + argv[2])) { + code = -1; + return; + } + recvrequest(cmd, argv[2], argv[1], "w", 0, 1); } /* @@ -1154,7 +1201,7 @@ usage: setjmp(jabort); for (i = 1; mflag && i < argc-1; ++i) { *mode = (i == 1) ? 'w' : 'a'; - recvrequest(cmd, dest, argv[i], mode, 0); + recvrequest(cmd, dest, argv[i], mode, 0, 1); if (!mflag && fromatty) { ointer = interactive; interactive = 1; @@ -1193,8 +1240,8 @@ shell(int argc, char **argv) namep = strrchr(shell,'/'); if (namep == NULL) namep = shell; - strcpy(shellnam,"-"); - strcat(shellnam, ++namep); + snprintf (shellnam, sizeof(shellnam), + "-%s", ++namep); if (strcmp(namep, "sh") != 0) shellnam[0] = '+'; if (debug) { @@ -1369,22 +1416,19 @@ site(int argc, char **argv) void quote1(char *initial, int argc, char **argv) { - int i, len; - char buf[BUFSIZ]; /* must be >= sizeof(line) */ + int i; + char buf[BUFSIZ]; /* must be >= sizeof(line) */ - strcpy(buf, initial); - if (argc > 1) { - len = strlen(buf); - len += strlen(strcpy(&buf[len], argv[1])); - for (i = 2; i < argc; i++) { - buf[len++] = ' '; - len += strlen(strcpy(&buf[len], argv[i])); - } - } - if (command(buf) == PRELIM) { - while (getreply(0) == PRELIM) - continue; - } + strcpy_truncate(buf, initial, sizeof(buf)); + for(i = 1; i < argc; i++) { + if(i > 1) + strcat_truncate(buf, " ", sizeof(buf)); + strcat_truncate(buf, argv[i], sizeof(buf)); + } + if (command("%s", buf) == PRELIM) { + while (getreply(0) == PRELIM) + continue; + } } void @@ -1467,7 +1511,7 @@ disconnect(int argc, char **argv) } cout = NULL; connected = 0; - krb4_quit(); + sec_end(); data = -1; if (!proxy) { macnum = 0; @@ -1485,7 +1529,7 @@ confirm(char *cmd, char *file) fflush(stdout); if (fgets(line, sizeof line, stdin) == NULL) return (0); - return (*line != 'n' && *line != 'N'); + return (*line == 'y' || *line == 'Y'); } void @@ -1531,12 +1575,11 @@ account(int argc, char **argv) if (argc > 1) { ++argv; --argc; - strncpy(acct,*argv,49); - acct[49] = '\0'; + strcpy_truncate (acct, *argv, sizeof(acct)); while (argc > 1) { --argc; ++argv; - strncat(acct,*argv, 49-strlen(acct)); + strcat_truncate(acct, *argv, sizeof(acct)); } } else { @@ -1648,14 +1691,12 @@ setntrans(int argc, char **argv) } ntflag++; code = ntflag; - strncpy(ntin, argv[1], 16); - ntin[16] = '\0'; + strcpy_truncate (ntin, argv[1], 17); if (argc == 2) { ntout[0] = '\0'; return; } - strncpy(ntout, argv[2], 16); - ntout[16] = '\0'; + strcpy_truncate (ntout, argv[2], 17); } char * @@ -1712,10 +1753,10 @@ setnmap(int argc, char **argv) cp = strchr(altarg, ' '); } *cp = '\0'; - strncpy(mapin, altarg, MaxPathLen - 1); + strcpy_truncate(mapin, altarg, MaxPathLen); while (*++cp == ' ') continue; - strncpy(mapout, cp, MaxPathLen - 1); + strcpy_truncate(mapout, cp, MaxPathLen); } char * @@ -1967,7 +2008,9 @@ macdef(int argc, char **argv) if (interactive) { printf("Enter macro line by line, terminating it with a null line\n"); } - strncpy(macros[macnum].mac_name, argv[1], 8); + strcpy_truncate(macros[macnum].mac_name, + argv[1], + sizeof(macros[macnum].mac_name)); if (macnum == 0) { macros[macnum].mac_start = macbuf; } @@ -2067,7 +2110,7 @@ void newer(int argc, char **argv) { - if (getit(argc, argv, -1, "w")) + if (getit(argc, argv, -1, curtype == TYPE_I ? "wb" : "w")) printf("Local file \"%s\" is newer than remote file \"%s\"\n", argv[2], argv[1]); } |