summaryrefslogtreecommitdiffstats
path: root/libexec/ftpd/ftpcmd.y
Commit message (Collapse)AuthorAgeFilesLines
* Use __FBSDID.yar2004-11-181-2/+3
|
* Use uniform punctuation, capitalization, and language styleyar2004-11-181-20/+19
| | | | | in server messages wherever this doesn't contradict to a particular message format.
* Fix perror_reply() vs. reply() usage.yar2004-11-181-2/+1
|
* Kill more unneeded casts found.yar2004-11-171-1/+1
| | | | Noticed by: Nick Leuta <skynick -at- mail.sc.ru> (some of them)
* Kill ancient casts to integral types left from the K&R era.yar2004-11-131-3/+3
| | | | They're unneeded and sometimes erroneous now.
* Change ``(foo *)0'' to ``NULL'' where it's possibleyar2004-07-311-10/+10
| | | | | | | (and it appears possible throughout ftpd(8) source.) It is not a mere issue of style: Null pointers in C seem to have been mistaken one way or another quite often.
* Kill a small herd of casts to off_t where they were not needed.yar2004-07-311-2/+2
| | | | | | Thank Fortune, the C compiler can figure out by itself the proper conversion for assignments, comparisons, and prototyped function arguments.
* Printf(3) off_t values through conversion to intmax_t sinceyar2004-07-311-4/+5
| | | | we've got <stdint.h> et al now. (This makes ftpd(8) WARNS=2 clean.)
* Convert a couple of bogus null statements to the right form.yar2004-07-311-2/+2
| | | | (Heading to WARNS=2.)
* Pacify gcc warning with a Douglas Adams reference.peter2003-10-261-0/+2
|
* Block SIGURG while reading from the control channel.yar2003-07-091-0/+6
| | | | | | | | | | | | | | | Rationale: SIGURG is configured by ftpd to interrupt system calls, which is useful during data transfers. However, SIGURG could interrupt I/O on the control channel as well, which was mistaken for the end of the session. A practical example could be aborting the download of a tiny file, when the abort sequence reached ftpd after ftpd had passed the file data to the system and returned to its command loop. Reported by: ceri MFC after: 1 week
* Improve error handling in getline():yar2003-07-091-4/+7
| | | | | | | | | - always check the return value from getc(3) for EOF; - if the attempt to read the TELNET command byte has returned EOF, exit from the loop instead of using the EOF value as a normal character. MFC after: 1 week
* Don't declare unneeded extern variables,yar2003-06-211-2/+0
| | | | leave alone specifying a wrong type for one of them.
* If ftpd is run with an -h option (hide host-specific info,)yar2003-06-161-8/+8
| | | | | | | | | | | | | | | don't reveal the info in reply to the SYST command. Get rid of using the "unix" macro at the same time. It was a rather poor way to check if the system was Unix since there were quite a few Unix clones out there whose cc didn't define "unix" (e.g., NetBSD.) It was also sensitive to the C standard used, which caused unnecessary trouble: With -std=c99, it should have been "__unix__", and so on. PR: bin/50690 Submitted by: Alex Semenyaka <alexs _at_ snark.ratmir.ru> MFC after: 1 week
* Allow "~/" in pathnames to work for a chrooted user.yar2003-02-051-2/+4
|
* Let tilde expansion be done even if a file/directory doesn't exist yet.yar2003-02-041-35/+98
| | | | | | | | | | | | This makes such natural commands as "MKD ~user/newdir" or "STOR ~/newfile" do what they are supposed to instead of failing miserably with the "File not found" error. This involves a bit of code reorganization. Namely, the code doing glob(3) expansion has been separated to a function; a new function has been introduced to do tilde expansion; the latter function is invoked on a pathname before the former one. Thus behaviour mimicing that of the Bourne shell has been achieved.
* Add a new option to ftpd(8), "-h", to disable printing anyyar2003-01-291-1/+5
| | | | | | | | host-specific information in FTP server messages (so paranoid admins can sleep at night :-) PR: bin/16705 MFC after: 1 week
* Give the code around chroot(2)/chdir(2) a major overhaul byyar2003-01-291-4/+2
| | | | | | | | | | | | | | | | | | | | | | | separating its part around chroot(2) from that around initial chdir(2). This makes the below changes really easy. Move seteuid(to user's uid) to before calling chdir(2). There are two goals to achieve by that. First, NFS mounted home directories with restrictive permissions become accessible (local superuser can't access them if not mapped to uid 0 on the remote side explicitly.) Second, all the permissions to the home directory pathname components become effective; previously a user could be carried to any local directory despite its permissions since the chdir(2) was done with euid 0. This reduces possible impact from FTP server misconfiguration, e.g., assigning a wrong home directory to a user. Implement the "/./" feature. Now a guest or user subject to chrooting may have "/./" in his login directory, which separates his chroot directory from his home directory inside the chrooted environment. This works for ftpchroot(5) as well. PR: bin/17843 bin/23944
* GLOB_MAXPATH has been deprecated in favour of GLOB_LIMIT.yar2003-01-251-1/+1
|
* Prevent server-side glob(3) patterns from expandingyar2003-01-221-4/+17
| | | | | | | | to a pathname that contains '\r' or '\n'. Together with the earlier STAT bugfix, this must solve the problem of such pathnames appearing in the FTP control stream.
* Replace the instances of literal "/bin/ls"yar2003-01-161-2/+3
| | | | | with the _PATH_LS macro to be consistent with the rest of the ftpd(8) source.
* Use the standardized CHAR_BIT constant instead of NBBY in userland.mike2002-09-251-8/+8
|
* Fix lexer jam on unimplemented commands.yar2002-08-291-12/+13
| | | | | Submitted by: maxim MFC after: 5 days
* Fix command help lines:yar2002-08-131-2/+2
| | | | | | | | o PORT takes six byte values, not five. o TYPE argument is mandatory. Submitted by: demon (the 1st part) MFC after: 3 days
* 1) Use "pathstring" instead of "STRING" consistently.yar2002-08-051-7/+5
| | | | | | | | 2) Remove unneeded "if not NULL" props from "pathstring", which will never be NULL by the lexer design. Inspired by: OpenBSD MFC after: 1 week
* Since GLOB_NOCHECK is set in the glob(3) call,yar2002-08-051-1/+1
| | | | | | | | glob(3) will return at least one pathname unless a system error has occured. It's not a "not found" error otherwise. MFC after: 3 days
* Spot places where "pathname" hasn't been checkedyar2002-08-051-3/+4
| | | | | | | | for NULL. The "pathname" rule may return NULL on a glob(3) error. Obtained from: OpenBSD MFC after: 1 week
* Disallow invalid numeric mode values for SITE CHMOD.yar2002-08-051-3/+2
| | | | | | | | | Earlier, a decimal number (e.g., 890) could be passed for mode, leading to dangerous permissions set: -1, that is, 07777. Obtained from: OpenBSD MFC after: 1 week
* Deny the SIZE command on large files when in ASCII mode.yar2002-07-311-0/+6
| | | | | | | | This eliminates an opportunity for DoS attack. Pointed out by: maxim Inspired by: lukemftpd, OpenBSD MFC after: 2 weeks
* Use <arpa/ftp.h> stuff cleanly, without introducingyar2002-07-251-1/+3
| | | | | | | non-portable constants (in this case, hidden as offsets to the "?AEIL" string.) MFC after: 1 week
* GLOB_QUOTE has been retired.mikeh2002-07-171-1/+1
|
* Teach REST how to restart a file transfer after 2^31 bytes: now yylex()maxim2002-03-141-25/+33
| | | | | | | | | | | | returns off_t in yylval.u.o. REST is the only user of yylval.u.o at the moment. NB: seems lukemftpd has the same bug. PR: misc/28629 Reviewed by: ru Approved by: ru MFC after: 1 month
* Remove duplicated yacc nonterminals declarations, sort includes.maxim2002-03-111-4/+3
| | | | | | | | No functional changes from rev. 1.31. Reviewed by: ru Approved by: ru MFC after: 1 week
* o Eliminate __Pimp2002-02-031-34/+21
| | | | | | o Use new-style function definitions o remove some !__STDC__ code o eliminate register
* Remove the setjmp/longjmp stuff completely. Use signalyar2002-01-281-12/+9
| | | | | | | | | | | | handlers to set flags only (with exception for sigquit(), which still seems to call some non-reentrant functions on its way to _exit(2).) That must eliminate the possibility of catching SIGSEGV from following non-reentrant paths from signal handlers. PR: bin/32740 bin/33846 Submitted by: Maxim Konovalov <maxim@macomnet.ru> Obtained from: OpenBSD
* Be more careful about freeing memory after parsing commands.dwmalone2002-01-051-7/+19
| | | | | | | | Hiroyuki YAMAMORI gave a patch for the EPRT command in the PR below. Problems with the rest of the patch are my fault. PR: 33268 Reviewed by: iedowse, sheldonh
* Extend the functionality offered by the -o option into a new optionsheldonh2001-09-021-1/+2
| | | | | | | | | | | | | | | -O, which limits the impact of the write-only restriction to guest users. *) The existing manual page's SYNOPSIS and option listing in the DESCRIPTION are already horribly disordered. No attempt has been made to fix this. *) The existing source's getopt() optstring and option handling switch are already horribly disordered. No attempt has been made to fix this. Discussed with: nik, -audit
* Add a new option, '-o', for "Write-only". Disables the RETR command,nik2001-08-281-1/+5
| | | | | | | | | preventing anyone from downloading files. In conjunction with -A, and some appropriate file permissions, this lets you create an anonymous FTP drop box for people to upload files to. The more obvious "-w" flag is already taken by NetBSD's ftpd. "-o" was available as an option letter in all three BSDs.
* Change names of functions and variables with global scope that aremarkm2001-04-281-8/+8
| | | | | in conflict with library values of the same name. This allows static linking.
* Previous clobbered a work-in-progress. Here is the merged result:peter2001-04-171-3/+6
| | | | | | | | | | | | | | | | Limit the "pathname" glob to one item, as that is what all users of it are expecting, except for LIST. Always glob, instead of when the first character is a ~. For example, if you had directories ~/x1, and ~/x2, then "cwd x[1]" would fail, but "cwd ~/x[1]" would work since it was globbed due to the ~ character. Also, "cwd ~/x[12]" used to arbitarily work as it used the first expansion (ie: x1) without an error. Make it return '550 ambiguous' instead of '550 not found' so that the user can see the difference. For LIST, just use the user supplied string as the popen does the glob. Problem noticed by: Ajay Mittal <amittal@iprg.nokia.com>
* Limit number of paths returned via glob() for authorized usersjedgar2001-04-171-0/+4
| | | | using tilde expansion.
* Support the empty "PASS\r\n" command.green2001-04-161-3/+7
|
* Add the "SITE MD5 filename" facility.phk2001-04-151-1/+15
| | | | | | | | | This allows you to determine if the file on the other side is the same as the one you have without transferring the entire file to compare. Needless to say, if the server end lies to you this check doesn't work, but on the other hand, if it lies to you about the files checksum, what can you trust from it ?
* Change the read-only reply to "550 Permission denied.".des2001-02-191-1/+1
|
* Limit commands that can be issued when not logged in:jedgar2001-01-201-70/+90
| | | | | | TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST Reviewed by: kris, sheldon
* Add option -E to disable EPSV which throws certain stateful firewallsphk2000-12-161-18/+52
| | | | | | | | | into confusion. Add option -r to make ftpd support only read-only operations. Submitted by: Flemming (F3) Jacobsen <fj@batmule.dk> Reviewed by: phk
* Prevent leakage of information about anonymous user's homedirdanny2000-11-261-2/+6
| | | | | | via 'QUOTE CWD'. Reviewed by: des
* Don't reply "not a plain file" when the requested file doesn't exist.des2000-07-171-2/+8
|
* another tcp apps IPv6 updates.(should be make world safe)shin2000-01-271-23/+341
| | | | | | | ftp, telnet, ftpd, faithd also telnet related sync with crypto, secure, kerberosIV Obtained from: KAME project
* sync with netbsd PR 8534, fix undefined C code.alfred1999-10-071-1/+1
| | | | Pointed out by: David A. Holland
OpenPOWER on IntegriCloud