diff options
| author | peter <peter@FreeBSD.org> | 1996-05-31 03:10:25 +0000 |
|---|---|---|
| committer | peter <peter@FreeBSD.org> | 1996-05-31 03:10:25 +0000 |
| commit | b4bca346b07ffdf18d4faed43b11851e32641599 (patch) | |
| tree | 3047822c30f73ef956e915a8cc234072eedfa5ea /libexec/ftpd | |
| parent | f9b8078a7acb5b2c084a8b2a84bbd531fab487fe (diff) | |
| download | FreeBSD-src-b4bca346b07ffdf18d4faed43b11851e32641599.zip FreeBSD-src-b4bca346b07ffdf18d4faed43b11851e32641599.tar.gz | |
Use the sysctl settable data port ranges rather than the statically
compiled values. see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE
discussion in <netinet/in.h>
Diffstat (limited to 'libexec/ftpd')
| -rw-r--r-- | libexec/ftpd/Makefile | 1 | ||||
| -rw-r--r-- | libexec/ftpd/ftpd.c | 46 |
2 files changed, 17 insertions, 30 deletions
diff --git a/libexec/ftpd/Makefile b/libexec/ftpd/Makefile index 8503f33..9bee7c2 100644 --- a/libexec/ftpd/Makefile +++ b/libexec/ftpd/Makefile @@ -5,7 +5,6 @@ MAN8= ftpd.8 SRCS= ftpd.c ftpcmd.y logwtmp.c popen.c skey-stuff.c CFLAGS+=-DSETPROCTITLE -DSKEY -DSTATS -CFLAGS+=-DFTP_DATA_BOTTOM=40000 -DFTP_DATA_TOP=44999 LDADD= -lskey -lmd -lcrypt -lutil DPADD= ${LIBSKEY} ${LIBMD} ${LIBCRYPT} ${LIBUTIL} diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 2d7a041..e91c513 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: ftpd.c,v 1.15 1996/03/18 11:09:03 davidg Exp $ + * $Id: ftpd.c,v 1.16 1996/04/11 10:22:16 davidg Exp $ */ #ifndef lint @@ -1606,7 +1606,7 @@ myoob(signo) void passive() { - int len; + int len, on; u_short port; char *p, *a; @@ -1620,35 +1620,23 @@ passive() return; } - if (restricted_data_ports) { - for (port = FTP_DATA_BOTTOM; port <= FTP_DATA_TOP; port++) { - pasv_addr = ctrl_addr; - pasv_addr.sin_port = htons(port); - (void) seteuid((uid_t)0); - if (bind(pdata, (struct sockaddr *)&pasv_addr, - sizeof(pasv_addr)) < 0) { - (void) seteuid((uid_t)pw->pw_uid); - if (errno == EADDRINUSE) - continue; - else - goto pasv_error; - } - (void) seteuid((uid_t)pw->pw_uid); - break; - } - if (port > FTP_DATA_TOP) - goto pasv_error; - } else { - pasv_addr = ctrl_addr; - pasv_addr.sin_port = 0; - (void) seteuid((uid_t)0); - if (bind(pdata, (struct sockaddr *)&pasv_addr, - sizeof(pasv_addr)) < 0) { - (void) seteuid((uid_t)pw->pw_uid); - goto pasv_error; - } + on = restricted_data_ports ? IP_PORTRANGE_HIGH : IP_PORTRANGE_DEFAULT; + (void) seteuid((uid_t)0); + if (setsockopt(pdata, IPPROTO_IP, IP_PORTRANGE, + (char *)&on, sizeof(on)) < 0) { + (void) seteuid((uid_t)pw->pw_uid); + goto pasv_error; + } + + pasv_addr = ctrl_addr; + pasv_addr.sin_port = 0; + (void) seteuid((uid_t)0); + if (bind(pdata, (struct sockaddr *)&pasv_addr, + sizeof(pasv_addr)) < 0) { (void) seteuid((uid_t)pw->pw_uid); + goto pasv_error; } + (void) seteuid((uid_t)pw->pw_uid); len = sizeof(pasv_addr); if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0) |
