Commit Graph

130 Commits

Author SHA1 Message Date
jedgar
7aee899b93 Limit commands that can be issued when not logged in:
TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST

Reviewed by:	kris, sheldon
2001-01-20 01:34:22 +00:00
dan
c9771e4d86 In send_data(), use sendfile() instead of the mmap() algorithm. 2000-12-20 03:34:54 +00:00
ru
aa8bbee899 mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
demon
cc35668453 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
phk
10d3e9963a Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
obrien
cafb2a0daa The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
obrien
c2462a2bf1 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
danny
229c440944 Prevent leakage of information about anonymous user's homedir
via 'QUOTE CWD'.

Reviewed by:	des
2000-11-26 23:33:36 +00:00
ru
fda4c0a990 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
kris
33514b48b8 Format string paranoia 2000-11-19 12:46:16 +00:00
guido
752f9b3d1c Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
wollman
c5c43ce91f Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
imp
a0b3642056 remove redundant optreset declaration 2000-09-04 05:47:14 +00:00
sheldonh
0160624e09 Don't set an arbitrary limit on username lengths; use MAXLOGNAME
instead.

PR:		20675
Submitted by:	Vladimir B Grebenschikov <vova@express.ru>
2000-08-17 12:31:17 +00:00
ru
9406c3f2a3 Fix `control socket: Protocol not supported' failure in
standalone -D mode when neither -4 nor -6 is specified.
2000-08-16 09:12:33 +00:00
sheldonh
449e2ec6a6 Honour skey.access(5) by allowing UNIX passwords when skeyaccess(3)
has set pwok to a non-zero value.

Previously, the fact that skey.access(5) allowed UNIX passwords for
this connection attempt was ignored, even in the NOPAM case.

This only addresses the NOPAM case; when libpam is used, the problem
will persist.

PR:		20333
2000-08-01 13:58:55 +00:00
des
08cda657c6 Don't reply "not a plain file" when the requested file doesn't exist. 2000-07-17 22:24:52 +00:00
ben
6cecb051f3 Explain that the -S option only logs file downloads, not all transfers.
PR:		16934
Submitted by:	Kurt Zeilenga <kurt@OpenLDAP.org>
2000-07-11 11:42:29 +00:00
davidn
1f6b02c5a3 Fix a problem in the virtual host address compare code which caused
duplicated host entries in /etc/ftphosts not to be folded. Make sure
we exit the loop on a match.

PR:		bin/19390
2000-06-26 05:36:09 +00:00
joe
8de98cc2fa Switch over to using the new fflagstostr and strtofflags library calls. 2000-06-17 14:19:33 +00:00
nsayer
1779ef3d1c 1. Add IPv6 portrange restriction code (-U flag) to passive().
2. Add portrange restriction code (for both v4 and v6) to the EPSV
processing stuff.
2000-05-25 19:30:18 +00:00
ru
05f194203e Finally unifdef -DINTERNAL_LS. 2000-03-13 11:20:09 +00:00
peter
5a4c9a9fe5 Doc fix: remove references to ~ftp/bin/ls as we have FTPD_INTERNAL_LS
unconditionally active already.

Noticed by:	obrien
2000-02-17 02:14:11 +00:00
shin
6c4d71e2a2 Add more dual stack consideration.
-ftpd need to know each of AF_INET and AF_INET6 addr for hosts specified in
   /etc/ftphosts.

Approved by: jkh
2000-02-10 19:51:30 +00:00
joe
b57f9be4b7 Revert part of the last commit, remove {g|s}etflags from the libc
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.

Additionally there were complications with the build/install-world
process.  It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.

There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).

It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.

Approved:	jkh
2000-02-05 18:42:36 +00:00
shin
14318c071f Remove unnecessary -g for CFLAGS.
-g for CFLAGS which was set at debugging time was mistakenly committed,
 so removed it.

Approved by: jkh
2000-02-03 10:01:11 +00:00
shin
f7d03af6d5 Fix ftpd core dump when hostname is not set.
When hostname is not set, ftpd core dumps, because there is no
  NULL check for freeing name resolving information for its own
  hostname.
  So the check is added.

Approved by: jkh
2000-02-03 09:59:36 +00:00
shin
ce15efb7c0 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
joe
a381d987c4 Moved flags_to_string and string_to_flags into libutil. It's used in
many places nowadays.
1999-12-30 13:15:15 +00:00
alfred
b4eb8ad32b sync with netbsd PR 8534, fix undefined C code.
Pointed out by: David A. Holland
1999-10-07 08:41:55 +00:00
markm
0b2fe68756 Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here. 1999-09-19 22:05:32 +00:00
mharo
73f4a09b05 When a STAT command is sent to ftpd as an out-of-band transmission during
a file transfer, the command was mishandled on every other receipt of the
command.

PR:		13261
Submitted by:	Ian Lepore <ian@plutotech.com>
1999-09-12 01:27:46 +00:00
markm
918093dd50 Add common error lib for the Kerberos case. 1999-09-06 06:32:02 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
peter
b658a57c22 unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone
really dislikes this, we could add a switch to disable it at runtime and
check in popen.c.
1999-08-26 00:45:36 +00:00
mpp
f90c97ac2f Update the SYNOPSIS to reflect that the -l option can be specified
more than once.

Pointed-out-by: sheldonh
1999-06-28 10:50:47 +00:00
ghelmer
78f6c49fe5 Add missing -A option to SYNOPSIS.
PR:		docs/10771
1999-05-04 19:42:01 +00:00
imp
8b33b875ef More egcs warning fixes:
o main returns int not void
	o use return 0 at end of main when needed
	o use braces to avoid potentially ambiguous else
	o don't default to type int (and also remove a useless register
	  modifier).

Reviewed by: obrien and chuckr
1999-04-25 22:23:38 +00:00
brian
c6c6c7de65 Ensure that things returned by gethostname() and
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)

Prompted by: bde
1999-04-07 08:27:45 +00:00
brian
a77173a7cd Use realhostname() rather than various combinations of
gethostbyaddr() & gethostbyname().

Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
1999-04-06 23:06:00 +00:00
asami
7df90d6ad0 Oops, I missed a few more /etc/nologin references yesterday. It appears
my check of the tree was incomplete.  Sorry guys.

Reported by:	Ben Smithurst <ben@scientia.demon.co.uk>
1999-01-12 14:09:23 +00:00
billf
a6fb6a2c8e Update to correctly reflect the default values of
net.inet.ip.portrange.hifirst and net.inet.ip.portrange.hilast

PR:		docs/6745
Submitted by:	Masachika Ishizuka <ishizuka@ish.org>
1998-12-02 22:11:02 +00:00
jdp
7e9c3df2e6 Find "klogin.c" in "src/lib/libpam/modules/pam_kerberosIV" instead
of in "src/usr.bin/login".  The latter instance is going away.  As
soon as ftpd is PAMized, it won't need to use klogin.c at all.
1998-11-21 02:11:16 +00:00
des
e1957bff39 Set the user context correctly so that cd ~ does the right thing.
PR:		bin/7943 bin/8293
Submitted by:	Bill Fenner <fenner@parc.xerox.com>
Approved by:	jkh
1998-10-13 20:42:01 +00:00
alex
a04d0a21b8 Added double quotes around CHMOD description to prevent garbled output.
PR:		8094
Submitted by:	Christoph Weber-Fahr <wefa@callcenter.systemhaus.net>
1998-09-29 22:02:06 +00:00
jkoshy
2d02bdedf2 Document the use of lines beginning with a '#' as comment lines.
PR: 5676
1998-07-09 11:38:21 +00:00
jb
cb304595fc signal() returns SIG_ERR on error, not int.
time() requires a time_t pointer, not a long.
1998-06-03 11:33:44 +00:00
steve
247dc5c8d3 Make ftpd(8) honor its default group setting in the config files.
PR:		6682
Submitted by:	Max Euston <meuston@jmrodgers.com>
1998-05-25 03:45:35 +00:00
ache
66c1e653c8 Back out "always UTC" fix since some people want visually identical 'ls'
output for local users. FTP protocol RFC also says that 'ls' output is
not machine-readable. "always UTC" still possible with TZ= in ftpd
environment by price of having UTC in log files too.

Fix INTERNAL_LS to sense new /etc/localtime after chroot
1998-05-18 00:06:28 +00:00
ache
649e775fd2 Return back initial tzset() must be before first chroot 1998-05-16 21:23:33 +00:00