summaryrefslogtreecommitdiffstats
path: root/libexec/ftpd/ftpcmd.y
diff options
context:
space:
mode:
Diffstat (limited to 'libexec/ftpd/ftpcmd.y')
-rw-r--r--libexec/ftpd/ftpcmd.y72
1 files changed, 47 insertions, 25 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index 6ec3d25..659081b 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -31,6 +31,7 @@
* SUCH DAMAGE.
*
* @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94
+ * $Id: ftpcmd.y,v 1.10 1997/02/22 14:21:27 peter Exp $
*/
/*
@@ -63,13 +64,15 @@ static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94";
#include <syslog.h>
#include <time.h>
#include <unistd.h>
+#include <libutil.h>
#include "extern.h"
-extern struct sockaddr_in data_dest;
+extern struct sockaddr_in data_dest, his_addr;
extern int logged_in;
extern struct passwd *pw;
extern int guest;
+extern int paranoid;
extern int logging;
extern int type;
extern int form;
@@ -77,7 +80,8 @@ extern int debug;
extern int timeout;
extern int maxtimeout;
extern int pdata;
-extern char hostname[], remotehost[];
+extern char *hostname;
+extern char remotehost[];
extern char proctitle[];
extern int usedefault;
extern int transflag;
@@ -148,18 +152,32 @@ cmd
pass($3);
free($3);
}
- | PORT SP host_port CRLF
- {
- usedefault = 0;
- if (pdata >= 0) {
- (void) close(pdata);
- pdata = -1;
+ | PORT check_login SP host_port CRLF
+ {
+ if ($2) {
+ if (paranoid &&
+ ((ntohs(data_dest.sin_port) <
+ IPPORT_RESERVED) ||
+ memcmp(&data_dest.sin_addr,
+ &his_addr.sin_addr,
+ sizeof(data_dest.sin_addr)))) {
+ usedefault = 1;
+ reply(500,
+ "Illegal PORT range rejected.");
+ } else {
+ usedefault = 0;
+ if (pdata >= 0) {
+ (void) close(pdata);
+ pdata = -1;
+ }
+ reply(200, "PORT command successful.");
+ }
}
- reply(200, "PORT command successful.");
}
- | PASV CRLF
+ | PASV check_login CRLF
{
- passive();
+ if ($2)
+ passive();
}
| TYPE SP type_code CRLF
{
@@ -291,16 +309,18 @@ cmd
if ($4 != NULL)
free($4);
}
- | RNTO SP pathname CRLF
+ | RNTO check_login SP pathname CRLF
{
- if (fromname) {
- renamecmd(fromname, $3);
- free(fromname);
- fromname = (char *) 0;
- } else {
- reply(503, "Bad sequence of commands.");
+ if ($2) {
+ if (fromname) {
+ renamecmd(fromname, $4);
+ free(fromname);
+ fromname = (char *) 0;
+ } else {
+ reply(503, "Bad sequence of commands.");
+ }
}
- free($3);
+ free($4);
}
| ABOR CRLF
{
@@ -490,8 +510,9 @@ cmd
struct tm *t;
t = gmtime(&stbuf.st_mtime);
reply(213,
- "19%02d%02d%02d%02d%02d%02d",
- t->tm_year, t->tm_mon+1, t->tm_mday,
+ "%04d%02d%02d%02d%02d%02d",
+ 1900 + t->tm_year,
+ t->tm_mon+1, t->tm_mday,
t->tm_hour, t->tm_min, t->tm_sec);
}
}
@@ -552,11 +573,12 @@ host_port
{
char *a, *p;
- a = (char *)&data_dest.sin_addr;
- a[0] = $1; a[1] = $3; a[2] = $5; a[3] = $7;
+ data_dest.sin_len = sizeof(struct sockaddr_in);
+ data_dest.sin_family = AF_INET;
p = (char *)&data_dest.sin_port;
p[0] = $9; p[1] = $11;
- data_dest.sin_family = AF_INET;
+ a = (char *)&data_dest.sin_addr;
+ a[0] = $1; a[1] = $3; a[2] = $5; a[3] = $7;
}
;
@@ -976,7 +998,7 @@ yylex()
upper(cp);
p = lookup(sitetab, cp);
cbuf[cpos] = c;
- if (p != 0) {
+ if (guest == 0 && p != 0) {
if (p->implemented == 0) {
state = CMD;
nack(p->name);
OpenPOWER on IntegriCloud