diff options
| author | pst <pst@FreeBSD.org> | 1996-08-04 22:40:35 +0000 |
|---|---|---|
| committer | pst <pst@FreeBSD.org> | 1996-08-04 22:40:35 +0000 |
| commit | 3782e8c3140bc2d6c5eda6eb914031cc34a10aac (patch) | |
| tree | bde4d9e34ad3fdece4e0e3d55f3c74a42b3711fa /libexec/ftpd/ftpcmd.y | |
| parent | 41c12ade3ba2741d066abbbff26fc6a274335b21 (diff) | |
| download | FreeBSD-src-3782e8c3140bc2d6c5eda6eb914031cc34a10aac.zip FreeBSD-src-3782e8c3140bc2d6c5eda6eb914031cc34a10aac.tar.gz | |
If PARANOID is set, do not allow PORT commands to remote ports less than 1024
or addresses other than the requestor's address. This violates the FTP
protocol (hmm...as I write this, I'm going to change this to a run-time var.)
Require login before PASV and RNTO commands.
Close unused PASV ports so they don't hang around forever.
Do not allow file overwrites via rename or STOR when anonymous
(suspenders).
Clean up buffer utilization.
My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out
by Mike Prettejohn and Kit Knox.
Diffstat (limited to 'libexec/ftpd/ftpcmd.y')
| -rw-r--r-- | libexec/ftpd/ftpcmd.y | 55 |
1 files changed, 37 insertions, 18 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index 4473b15..aa0a67d 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -67,7 +67,7 @@ static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; #include "extern.h" -extern struct sockaddr_in data_dest; +extern struct sockaddr_in data_dest, his_addr; extern int logged_in; extern struct passwd *pw; extern int guest; @@ -149,18 +149,35 @@ cmd pass($3); free($3); } - | PORT SP host_port CRLF - { - usedefault = 0; - if (pdata >= 0) { - (void) close(pdata); - pdata = -1; + | PORT check_login SP host_port CRLF + { + if ($2) { +#ifdef PARANOID + if ((ntohs(data_dest.sin_port) < + IPPORT_RESERVED) || + memcmp(&data_dest.sin_addr, + &his_addr.sin_addr, + sizeof(data_dest.sin_addr))) + { + usedefault = 1; + reply(500, + "Illegal PORT range rejected."); + } else +#endif + { + usedefault = 0; + if (pdata >= 0) { + (void) close(pdata); + pdata = -1; + } + reply(200, "PORT command successful."); + } } - reply(200, "PORT command successful."); } - | PASV CRLF + | PASV check_login CRLF { - passive(); + if ($2) + passive(); } | TYPE SP type_code CRLF { @@ -292,16 +309,18 @@ cmd if ($4 != NULL) free($4); } - | RNTO SP pathname CRLF + | RNTO check_login SP pathname CRLF { - if (fromname) { - renamecmd(fromname, $3); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); + if ($2) { + if (fromname) { + renamecmd(fromname, $4); + free(fromname); + fromname = (char *) 0; + } else { + reply(503, "Bad sequence of commands."); + } } - free($3); + free($4); } | ABOR CRLF { |
