Commit Graph

130 Commits

Author SHA1 Message Date
Chris D. Faulhaber
3fca54b652 Limit commands that can be issued when not logged in:
TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST

Reviewed by:	kris, sheldon
2001-01-20 01:34:22 +00:00
Dan Moschuk
f6f0c4b90d In send_data(), use sendfile() instead of the mmap() algorithm. 2000-12-20 03:34:54 +00:00
Ruslan Ermilov
19a05e112f mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
Dmitry Sivachenko
3276496d94 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
Poul-Henning Kamp
a4b77a2aaa Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
David E. O'Brien
2c5569d6ff The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
David E. O'Brien
d548f6db32 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
Daniel O'Callaghan
3fbaa839f9 Prevent leakage of information about anonymous user's homedir
via 'QUOTE CWD'.

Reviewed by:	des
2000-11-26 23:33:36 +00:00
Ruslan Ermilov
760819894e mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
Kris Kennaway
3fb3b78f0f Format string paranoia 2000-11-19 12:46:16 +00:00
Guido van Rooij
ea413ab7ad Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
Garrett Wollman
eb2fc78027 Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
Warner Losh
53410a4824 remove redundant optreset declaration 2000-09-04 05:47:14 +00:00
Sheldon Hearn
90906a46ea Don't set an arbitrary limit on username lengths; use MAXLOGNAME
instead.

PR:		20675
Submitted by:	Vladimir B Grebenschikov <vova@express.ru>
2000-08-17 12:31:17 +00:00
Ruslan Ermilov
2310b8c624 Fix `control socket: Protocol not supported' failure in
standalone -D mode when neither -4 nor -6 is specified.
2000-08-16 09:12:33 +00:00
Sheldon Hearn
028f24cffa Honour skey.access(5) by allowing UNIX passwords when skeyaccess(3)
has set pwok to a non-zero value.

Previously, the fact that skey.access(5) allowed UNIX passwords for
this connection attempt was ignored, even in the NOPAM case.

This only addresses the NOPAM case; when libpam is used, the problem
will persist.

PR:		20333
2000-08-01 13:58:55 +00:00
Dag-Erling Smørgrav
6200918df7 Don't reply "not a plain file" when the requested file doesn't exist. 2000-07-17 22:24:52 +00:00
Ben Smithurst
a611641f01 Explain that the -S option only logs file downloads, not all transfers.
PR:		16934
Submitted by:	Kurt Zeilenga <kurt@OpenLDAP.org>
2000-07-11 11:42:29 +00:00
David Nugent
b535a9bf12 Fix a problem in the virtual host address compare code which caused
duplicated host entries in /etc/ftphosts not to be folded. Make sure
we exit the loop on a match.

PR:		bin/19390
2000-06-26 05:36:09 +00:00
Josef Karthauser
141d77b8cb Switch over to using the new fflagstostr and strtofflags library calls. 2000-06-17 14:19:33 +00:00
Nick Sayer
2db39860cf 1. Add IPv6 portrange restriction code (-U flag) to passive().
2. Add portrange restriction code (for both v4 and v6) to the EPSV
processing stuff.
2000-05-25 19:30:18 +00:00
Ruslan Ermilov
8780fb291e Finally unifdef -DINTERNAL_LS. 2000-03-13 11:20:09 +00:00
Peter Wemm
05c1f99bee Doc fix: remove references to ~ftp/bin/ls as we have FTPD_INTERNAL_LS
unconditionally active already.

Noticed by:	obrien
2000-02-17 02:14:11 +00:00
Yoshinobu Inoue
f38c6cadf9 Add more dual stack consideration.
-ftpd need to know each of AF_INET and AF_INET6 addr for hosts specified in
   /etc/ftphosts.

Approved by: jkh
2000-02-10 19:51:30 +00:00
Josef Karthauser
418d67b0d9 Revert part of the last commit, remove {g|s}etflags from the libc
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.

Additionally there were complications with the build/install-world
process.  It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.

There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).

It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.

Approved:	jkh
2000-02-05 18:42:36 +00:00
Yoshinobu Inoue
9ddb9015ff Remove unnecessary -g for CFLAGS.
-g for CFLAGS which was set at debugging time was mistakenly committed,
 so removed it.

Approved by: jkh
2000-02-03 10:01:11 +00:00
Yoshinobu Inoue
b3ea3170b3 Fix ftpd core dump when hostname is not set.
When hostname is not set, ftpd core dumps, because there is no
  NULL check for freeing name resolving information for its own
  hostname.
  So the check is added.

Approved by: jkh
2000-02-03 09:59:36 +00:00
Yoshinobu Inoue
4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Josef Karthauser
edc2844c9f Moved flags_to_string and string_to_flags into libutil. It's used in
many places nowadays.
1999-12-30 13:15:15 +00:00
Alfred Perlstein
09ef98c6c0 sync with netbsd PR 8534, fix undefined C code.
Pointed out by: David A. Holland
1999-10-07 08:41:55 +00:00
Mark Murray
6c9134c067 Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here. 1999-09-19 22:05:32 +00:00
Michael Haro
9db4bbf32a When a STAT command is sent to ftpd as an out-of-band transmission during
a file transfer, the command was mishandled on every other receipt of the
command.

PR:		13261
Submitted by:	Ian Lepore <ian@plutotech.com>
1999-09-12 01:27:46 +00:00
Mark Murray
9891baa632 Add common error lib for the Kerberos case. 1999-09-06 06:32:02 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Peter Wemm
1713064734 unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone
really dislikes this, we could add a switch to disable it at runtime and
check in popen.c.
1999-08-26 00:45:36 +00:00
Mike Pritchard
a206edcdb7 Update the SYNOPSIS to reflect that the -l option can be specified
more than once.

Pointed-out-by: sheldonh
1999-06-28 10:50:47 +00:00
Guy Helmer
e57c110bba Add missing -A option to SYNOPSIS.
PR:		docs/10771
1999-05-04 19:42:01 +00:00
Warner Losh
859663719d More egcs warning fixes:
o main returns int not void
	o use return 0 at end of main when needed
	o use braces to avoid potentially ambiguous else
	o don't default to type int (and also remove a useless register
	  modifier).

Reviewed by: obrien and chuckr
1999-04-25 22:23:38 +00:00
Brian Somers
9e9a43bdec Ensure that things returned by gethostname() and
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)

Prompted by: bde
1999-04-07 08:27:45 +00:00
Brian Somers
32af26a501 Use realhostname() rather than various combinations of
gethostbyaddr() & gethostbyname().

Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
1999-04-06 23:06:00 +00:00
Satoshi Asami
0e510aed5b Oops, I missed a few more /etc/nologin references yesterday. It appears
my check of the tree was incomplete.  Sorry guys.

Reported by:	Ben Smithurst <ben@scientia.demon.co.uk>
1999-01-12 14:09:23 +00:00
Bill Fumerola
c711c51d19 Update to correctly reflect the default values of
net.inet.ip.portrange.hifirst and net.inet.ip.portrange.hilast

PR:		docs/6745
Submitted by:	Masachika Ishizuka <ishizuka@ish.org>
1998-12-02 22:11:02 +00:00
John Polstra
4700eb95cb Find "klogin.c" in "src/lib/libpam/modules/pam_kerberosIV" instead
of in "src/usr.bin/login".  The latter instance is going away.  As
soon as ftpd is PAMized, it won't need to use klogin.c at all.
1998-11-21 02:11:16 +00:00
Dag-Erling Smørgrav
e6fa0d4308 Set the user context correctly so that cd ~ does the right thing.
PR:		bin/7943 bin/8293
Submitted by:	Bill Fenner <fenner@parc.xerox.com>
Approved by:	jkh
1998-10-13 20:42:01 +00:00
Alexander Langer
29a199dbc5 Added double quotes around CHMOD description to prevent garbled output.
PR:		8094
Submitted by:	Christoph Weber-Fahr <wefa@callcenter.systemhaus.net>
1998-09-29 22:02:06 +00:00
Joseph Koshy
d59b62e37b Document the use of lines beginning with a '#' as comment lines.
PR: 5676
1998-07-09 11:38:21 +00:00
John Birrell
158a00b20e signal() returns SIG_ERR on error, not int.
time() requires a time_t pointer, not a long.
1998-06-03 11:33:44 +00:00
Steve Price
7edcb9366e Make ftpd(8) honor its default group setting in the config files.
PR:		6682
Submitted by:	Max Euston <meuston@jmrodgers.com>
1998-05-25 03:45:35 +00:00
Andrey A. Chernov
23ea9f7e98 Back out "always UTC" fix since some people want visually identical 'ls'
output for local users. FTP protocol RFC also says that 'ls' output is
not machine-readable. "always UTC" still possible with TZ= in ftpd
environment by price of having UTC in log files too.

Fix INTERNAL_LS to sense new /etc/localtime after chroot
1998-05-18 00:06:28 +00:00
Andrey A. Chernov
34d1ba5cd5 Return back initial tzset() must be before first chroot 1998-05-16 21:23:33 +00:00