summaryrefslogtreecommitdiffstats
path: root/libexec/ftpd
Commit message (Collapse)AuthorAgeFilesLines
* Fix logxfer() by using realpath(3) instead of playing with getwd(3).yar2004-11-031-4/+8
| | | | | | | | Previously logxfer() used to record bogus pathnames to the log in some cases, namely, when cwd was / or "name" was absolute. Noticed by: Nick Leuta MFC after: 2 weeks
* Replace the last occurence of (long long) and %qd withyar2004-11-021-2/+2
| | | | | | | (intmax_t) and %jd, which is the right way to printf an off_t in the presence of <stdint.h>. Submitted by: Nick Leuta
* OpenPAM allows passing a NULL "pamh" to pam_strerror() to indicateyar2004-11-011-2/+5
| | | | | | | | | that the creation of a PAM context has failed. N.B. This does not apply to pam_strerror() in RELENG_4, it will mishandle a NULL "pamh". Discussed with: des
* - Stop shadowing global "pamh" by a local variable in auth_pam().yar2004-10-301-9/+15
| | | | | | | | | - Stop calling pam_strerror() with NULL pamh. - Add a missing call to pam_end(). PR: bin/59776 Submitted by: Nick Leuta <see PR for email> MFC after: 2 weeks
* Describe the semantics of the sgetpwnam() helper functionyar2004-10-301-0/+3
| | | | | in the comment above it so that nobody will save pointers returned inside "struct passwd" across the calls to the function.
* Log the actual number of bytes sent on the wire to /var/log/ftpdyar2004-10-241-2/+2
| | | | | | | | | | instead of the disk size of the file sent. Since the log file is intended to provide data for anonymous ftp traffic accounting, the disk size of the file isn't really informative in this case. PR: bin/72687 Submitted by: Oleg Koreshkov MFC after: 1 week
* We must not fall back to the old way (read-write)yar2004-10-151-1/+1
| | | | | | | | if sendfile() transferred some data before throwing a error condition because sendfile() won't move the file offset for read() to start from. MFC after: 2 weeks
* Clean-up around sendfile(): drop an excessive check for error condition.yar2004-10-151-2/+2
|
* Account for the fact that sendfile(2) may hit the end of fileyar2004-10-151-1/+12
| | | | | | | | prematurely, e.g., if the file has been truncated by someone else. PR: bin/72649 Submitted by: Oleg Koreshkov (portions) MFC after: 2 weeks
* Indent.maxim2004-09-241-7/+7
|
* o Merge rev. 1.5 libexec/ftpd/ftpd.c from DragonflyBSD:maxim2004-09-241-0/+2
| | | | | | | | | | | | Do not unconditionally fork() after accept(). accept() can return -1 due to an interrupted system call (i.e. SIGCHLD). If we fork in that case ftpd can get into an accept()/SIGCHLD/fork/[fail]/repeat loop. Reported-by: fabian <fabian.duelli@bluewin.ch> Obtained from: DragonflyBSD MFC after: 1 month
* ftpd(8) seems to be WARNS=2 clean now.yar2004-07-311-0/+1
| | | | Tested on: i386, ia64, amd64, sparc64, alpha
* Change ``(foo *)0'' to ``NULL'' where it's possibleyar2004-07-312-11/+11
| | | | | | | (and it appears possible throughout ftpd(8) source.) It is not a mere issue of style: Null pointers in C seem to have been mistaken one way or another quite often.
* Kill a small herd of casts to off_t where they were not needed.yar2004-07-312-10/+9
| | | | | | Thank Fortune, the C compiler can figure out by itself the proper conversion for assignments, comparisons, and prototyped function arguments.
* Printf(3) off_t values through conversion to intmax_t sinceyar2004-07-312-10/+15
| | | | we've got <stdint.h> et al now. (This makes ftpd(8) WARNS=2 clean.)
* Kill an unused variable (heading to WARNS=2.)yar2004-07-311-1/+0
|
* Convert a couple of bogus null statements to the right form.yar2004-07-311-2/+2
| | | | (Heading to WARNS=2.)
* Ditto for (gid_t).yar2004-07-301-1/+1
|
* Kill casts to (uid_t) obviously left from the K&R era.yar2004-07-301-14/+14
| | | | | Prototyping library functions in header files has rendered them superfluous.
* Add a comment to explain that the loop around the call to bind(2)yar2004-07-301-0/+9
| | | | is not a hack, but it has a clear purpose.
* Open a socket for a data transfer in active mode using euidyar2004-07-301-1/+1
| | | | | | | | | | | | | | of the current user, not root. This will allow neat things like matching anonymous FTP data traffic with a single ipfw(8) rule: ipfw add ... tcp from any to any uid ftp Note that the control connection socket still belongs to the user ftpd(8) was started from, usually root. PR: bin/65928 Submitted by: Eugene Grosbein <eugen at grosbein.pp.ru> MFC after: 1 month
* Mechanically kill hard sentence breaks.ru2004-07-021-8/+15
|
* Simplify conditional compilation logic some.obrien2004-06-131-11/+15
|
* There's no such beast like AF_INET4, even when powered by whiskey.ru2004-05-161-1/+1
|
* Handle variable argument lists correctly in reply() and lreply().tjr2004-05-131-2/+8
| | | | | | In particular, do not pass the same va_list to both vprintf() and vsyslog() without first reinitializing it. This fixes ftpd -d on amd64.
* NULL looks better than (char *)0 unless we're passingyar2004-02-071-1/+1
| | | | an unprototyped argument to a function.
* Deny attempts to rename a file from guest users if the policyyar2004-02-071-0/+4
| | | | | | | | | says they may not modify existing files through FTP. Renaming a file is effectively a way to modify it. For instance, if a malicious party is unable to delete or overwrite a sensitive file, they can nevertheless rename it to a hidden name and then upload a troyan horse under the guise of the old file name.
* perror_reply() should not be used where errno isn't meaningful.yar2004-02-071-1/+5
|
* Work around a bug in some clients by never returning raw directoryyar2004-02-071-1/+8
| | | | | | | | | contents in reply to a RETR command. Such clients consider RETR as a way to tell a file from a directory. Mozilla is an example. PR: bin/62232 Submitted by: Bob Finch <bob+freebsd <at> nas <dot> com> MFC after: 1 week
* Reorder dependencies to fix static NOPAM build.ru2004-02-021-4/+4
| | | | Submitted by: lorder(1)
* add missing setusershell() calls.charnier2004-01-181-0/+1
| | | | | PR: bin/2442 Reviewed by: Friedemann Becker <zxmxy33@mail.uni-tuebingen.de>
* man ftpd says that "by default, anonymous users cannot modify existing files."anholt2004-01-071-1/+1
| | | | | | | | However, the code did allow deletion of files. Make deleting require the -m flag, too. PR: bin/60809 Submitted by: Alexander Melkov <melkov@comptek.ru>
* If a file to send in ASCII mode already has CRLF as end-of-line,yar2003-11-151-2/+4
| | | | | | | | don't add excessive CR on the wire. PR: bin/59285 Submitted by: Andrey Beresovsky <and at rsu.ru> MFC after: 1 week
* Pacify gcc warning with a Douglas Adams reference.peter2003-10-261-0/+2
|
* Don't depend on IPv4-mapped IPv6 address to bind to both IPv4ume2003-09-142-76/+116
| | | | | | | | and IPv6. Wrote at: Hakone. Powered by: Warner Losh's scotch whisky. Requested by: nork
* Eliminate last three uses of varargs.h in the tree. These three fileskan2003-09-011-1/+0
| | | | | were including varargs.h file but did not use any of its macros, so they escaped the clean-up before.
* Add a note that the -u option can be overridden by settings in login.conf(5).ceri2003-08-311-0/+2
| | | | | PR: docs/56017 Submitted by: Josef El-Rayes <j.el-rayes@daemon.li>
* Block SIGURG while reading from the control channel.yar2003-07-091-0/+6
| | | | | | | | | | | | | | | Rationale: SIGURG is configured by ftpd to interrupt system calls, which is useful during data transfers. However, SIGURG could interrupt I/O on the control channel as well, which was mistaken for the end of the session. A practical example could be aborting the download of a tiny file, when the abort sequence reached ftpd after ftpd had passed the file data to the system and returned to its command loop. Reported by: ceri MFC after: 1 week
* Improve error handling in getline():yar2003-07-091-4/+7
| | | | | | | | | - always check the return value from getc(3) for EOF; - if the attempt to read the TELNET command byte has returned EOF, exit from the loop instead of using the EOF value as a normal character. MFC after: 1 week
* Make a malloced copy of "chrootdir" even if it points to an absoluteyar2003-07-091-3/+5
| | | | | | | | pathname inside "residue" so "chrootdir" can be simply freed later. PR: bin/53435 Submitted by: Yutaka Ishihara <yutaka at fandc.co.jp> MFC after: 1 week
* Don't declare unneeded extern variables,yar2003-06-211-2/+0
| | | | leave alone specifying a wrong type for one of them.
* If ftpd is run with an -h option (hide host-specific info,)yar2003-06-161-8/+8
| | | | | | | | | | | | | | | don't reveal the info in reply to the SYST command. Get rid of using the "unix" macro at the same time. It was a rather poor way to check if the system was Unix since there were quite a few Unix clones out there whose cc didn't define "unix" (e.g., NetBSD.) It was also sensitive to the C standard used, which caused unnecessary trouble: With -std=c99, it should have been "__unix__", and so on. PR: bin/50690 Submitted by: Alex Semenyaka <alexs _at_ snark.ratmir.ru> MFC after: 1 week
* Add section number to .Xrcharnier2003-06-081-1/+1
|
* Assorted mdoc(7) fixes.ru2003-06-011-19/+18
|
* mdoc(7) police: Properly markup the previous revision.ru2003-05-161-2/+6
| | | | Approved by: re (blanket)
* Update the description of the -u option to mention that IP_PORTRANGE_HIGHsilby2003-03-251-6/+9
| | | | | | and _DEFAULT are the same for 5.x. Committed under threat of action from: The mdoc police
* mdoc(7) police: Scheduled sweep.ru2003-02-241-1/+1
|
* Kill unnecessary vertical whitespace.yar2003-02-111-1/+0
|
* Use LOG_AUTHPRIV to hide the username attempted during an invalid loginyar2003-02-111-1/+5
| | | | | | | from everyone but sysadmins. PR: bin/29487 MFC after: 3 days
* Allow "~/" in pathnames to work for a chrooted user.yar2003-02-051-2/+4
|
OpenPOWER on IntegriCloud