Module Name: othersrc Committed By: lukem Date: Sat Sep 23 05:30:36 UTC 2023
Modified Files: othersrc/libexec/tnftpd/src: extern.h ftpcmd.y ftpd.c pfilter.c version.h Log Message: merge conflicts between NetBSD-20200615 and NetBSD-20230922 To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 othersrc/libexec/tnftpd/src/extern.h \ othersrc/libexec/tnftpd/src/ftpcmd.y cvs rdiff -u -r1.38 -r1.39 othersrc/libexec/tnftpd/src/ftpd.c cvs rdiff -u -r1.3 -r1.4 othersrc/libexec/tnftpd/src/pfilter.c cvs rdiff -u -r1.10 -r1.11 othersrc/libexec/tnftpd/src/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: othersrc/libexec/tnftpd/src/extern.h diff -u othersrc/libexec/tnftpd/src/extern.h:1.19 othersrc/libexec/tnftpd/src/extern.h:1.20 --- othersrc/libexec/tnftpd/src/extern.h:1.19 Sat Jul 4 04:00:53 2020 +++ othersrc/libexec/tnftpd/src/extern.h Sat Sep 23 05:30:36 2023 @@ -1,5 +1,5 @@ -/* $NetBSD: extern.h,v 1.19 2020/07/04 04:00:53 lukem Exp $ */ -/* from NetBSD: extern.h,v 1.65 2019/10/15 18:29:32 christos Exp */ +/* $NetBSD: extern.h,v 1.20 2023/09/23 05:30:36 lukem Exp $ */ +/* from NetBSD: extern.h,v 1.66 2022/04/17 21:24:53 andvar Exp */ /*- * Copyright (c) 1992, 1993 @@ -289,7 +289,7 @@ struct ftpclass { LLT maxtimeout; /* Maximum permitted timeout */ char *motd; /* MotD file to display after login */ char *notify; /* Files to notify about upon chdir */ - LLT portmin; /* Minumum port for passive mode */ + LLT portmin; /* Minimum port for passive mode */ LLT portmax; /* Maximum port for passive mode */ LLT rateget; /* Get (RETR) transfer rate throttle */ LLT rateput; /* Put (STOR) transfer rate throttle */ Index: othersrc/libexec/tnftpd/src/ftpcmd.y diff -u othersrc/libexec/tnftpd/src/ftpcmd.y:1.19 othersrc/libexec/tnftpd/src/ftpcmd.y:1.20 --- othersrc/libexec/tnftpd/src/ftpcmd.y:1.19 Tue Jan 29 12:14:46 2019 +++ othersrc/libexec/tnftpd/src/ftpcmd.y Sat Sep 23 05:30:36 2023 @@ -1,5 +1,5 @@ -/* $NetBSD: ftpcmd.y,v 1.19 2019/01/29 12:14:46 lukem Exp $ */ -/* from NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp */ +/* $NetBSD: ftpcmd.y,v 1.20 2023/09/23 05:30:36 lukem Exp $ */ +/* from NetBSD: ftpcmd.y,v 1.95 2023/09/22 11:23:28 shm Exp */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ #if 0 static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; #else -__RCSID(" NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp "); +__RCSID(" NetBSD: ftpcmd.y,v 1.95 2023/09/22 11:23:28 shm Exp "); #endif #endif /* not lint */ @@ -863,7 +863,8 @@ cmd | MLST check_login CRLF { - mlst(NULL); + if ($2) + mlst(NULL); } | MLSD check_login SP pathname CRLF @@ -876,7 +877,8 @@ cmd | MLSD check_login CRLF { - mlsd(NULL); + if ($2) + mlsd(NULL); } | error CRLF Index: othersrc/libexec/tnftpd/src/ftpd.c diff -u othersrc/libexec/tnftpd/src/ftpd.c:1.38 othersrc/libexec/tnftpd/src/ftpd.c:1.39 --- othersrc/libexec/tnftpd/src/ftpd.c:1.38 Sat Sep 23 04:00:21 2023 +++ othersrc/libexec/tnftpd/src/ftpd.c Sat Sep 23 05:30:36 2023 @@ -1,8 +1,8 @@ -/* $NetBSD: ftpd.c,v 1.38 2023/09/23 04:00:21 lukem Exp $ */ -/* from NetBSD: ftpd.c,v 1.205 2019/10/15 18:29:32 christos Exp */ +/* $NetBSD: ftpd.c,v 1.39 2023/09/23 05:30:36 lukem Exp $ */ +/* from NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp */ /* - * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. + * Copyright (c) 1997-2023 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -108,7 +108,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID(" NetBSD: ftpd.c,v 1.205 2019/10/15 18:29:32 christos Exp "); +__RCSID(" NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp "); #endif #endif /* not lint */ @@ -1408,7 +1408,12 @@ end_login(void) quietmessages = 0; gidcount = 0; curclass.type = CLASS_REAL; - (void) seteuid((uid_t)0); + if (!dropprivs) { + if (seteuid((uid_t)0) < 0) { + syslog(LOG_NOTICE, "end_login: can't seteuid 0: %m"); + fatal("Can't reset privileges."); + } + } #ifdef LOGIN_CAP setusercontext(NULL, getpwuid(0), 0, LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK); @@ -1554,8 +1559,8 @@ do_pass(int pass_checked, int pass_rval, login_attempts = 0; /* this time successful */ if (setegid((gid_t)pw->pw_gid) < 0) { - reply(550, "Can't set gid."); - goto bad; + syslog(LOG_NOTICE, "user %s: can't setegid: %m", pw->pw_name); + fatal("Can't drop privileges."); } #ifdef LOGIN_CAP if ((lc = login_getpwclass(pw)) != NULL) { @@ -1660,8 +1665,7 @@ do_pass(int pass_checked, int pass_rval, "GUEST user %s: can't chdir to %s: %m", pw->pw_name, homedir); bad_guest: - reply(550, "Can't set guest privileges."); - goto bad; + fatal("Can't set guest privileges."); } break; case CLASS_CHROOT: @@ -1684,8 +1688,7 @@ do_pass(int pass_checked, int pass_rval, "CHROOT user %s: can't chdir to %s: %m", pw->pw_name, homedir); bad_chroot: - reply(550, "Can't change root."); - goto bad; + fatal("Can't change root."); } break; case CLASS_REAL: @@ -1732,17 +1735,17 @@ do_pass(int pass_checked, int pass_rval, ntohs(ctrl_addr.su_port) > IPPORT_RESERVED + 1)) { dropprivs++; if (setgid((gid_t)pw->pw_gid) < 0) { - reply(550, "Can't set gid."); - goto bad; + syslog(LOG_NOTICE, "user %s: can't setgid: %m", pw->pw_name); + fatal("Can't drop privileges."); } if (setuid((uid_t)pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + syslog(LOG_NOTICE, "user %s: can't setuid: %m", pw->pw_name); + fatal("Can't drop privileges."); } } else { if (seteuid((uid_t)pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name); + fatal("Can't drop privileges."); } } { /* XXX: replaces use of setenv() */ @@ -2048,8 +2051,12 @@ getdatasock(const char *fmode) on = 1; if (data >= 0) return (fdopen(data, fmode)); - if (! dropprivs) - (void) seteuid((uid_t)0); + if (! dropprivs) { + if (seteuid((uid_t)0) < 0) { + syslog(LOG_NOTICE, "getdatasock: can't seteuid 0: %m"); + fatal("Can't reset privileges."); + } + } s = socket(ctrl_addr.su_family, SOCK_STREAM, 0); if (s < 0) goto bad; @@ -2084,8 +2091,12 @@ getdatasock(const char *fmode) goto bad; sleep(tries); } - if (! dropprivs) - (void) seteuid((uid_t)pw->pw_uid); + if (! dropprivs) { + if (seteuid((uid_t)pw->pw_uid) < 0) { + syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name); + fatal("Can't drop privileges."); + } + } #ifdef IP_TOS if (!mapped && ctrl_addr.su_family == AF_INET) { on = IPTOS_THROUGHPUT; @@ -2098,8 +2109,12 @@ getdatasock(const char *fmode) bad: /* Return the real value of errno (close may change it) */ t = errno; - if (! dropprivs) - (void) seteuid((uid_t)pw->pw_uid); + if (! dropprivs) { + if (seteuid((uid_t)pw->pw_uid) < 0) { + syslog(LOG_NOTICE, "user %s: can't seteuid: %m", pw->pw_name); + fatal("Can't drop privileges."); + } + } if (s >= 0) (void) close(s); errno = t; @@ -2172,13 +2187,13 @@ dataconn(const char *name, off_t size, c if (file == NULL) { char hbuf[NI_MAXHOST]; char pbuf[NI_MAXSERV]; - + conerrno = errno; if (getnameinfo((struct sockaddr *)&data_source.si_su, data_source.su_len, hbuf, sizeof(hbuf), pbuf, sizeof(pbuf), NI_NUMERICHOST | NI_NUMERICSERV)) strlcpy(hbuf, "?", sizeof(hbuf)); reply(425, "Can't create data socket (%s,%s): %s.", - hbuf, pbuf, strerror(errno)); + hbuf, pbuf, strerror(conerrno)); return (NULL); } data = fileno(file); Index: othersrc/libexec/tnftpd/src/pfilter.c diff -u othersrc/libexec/tnftpd/src/pfilter.c:1.3 othersrc/libexec/tnftpd/src/pfilter.c:1.4 --- othersrc/libexec/tnftpd/src/pfilter.c:1.3 Sat Jul 4 04:00:53 2020 +++ othersrc/libexec/tnftpd/src/pfilter.c Sat Sep 23 05:30:36 2023 @@ -1,4 +1,5 @@ -/* $NetBSD: pfilter.c,v 1.3 2020/07/04 04:00:53 lukem Exp $ */ +/* $NetBSD: pfilter.c,v 1.4 2023/09/23 05:30:36 lukem Exp $ */ +/* from NetBSD: pfilter.c,v 1.4 2020/07/04 05:18:37 lukem Exp */ #if defined(HAVE_TNFTPD_H) #include "tnftpd.h" Index: othersrc/libexec/tnftpd/src/version.h diff -u othersrc/libexec/tnftpd/src/version.h:1.10 othersrc/libexec/tnftpd/src/version.h:1.11 --- othersrc/libexec/tnftpd/src/version.h:1.10 Sat Jul 4 04:00:53 2020 +++ othersrc/libexec/tnftpd/src/version.h Sat Sep 23 05:30:36 2023 @@ -1,7 +1,7 @@ -/* $NetBSD: version.h,v 1.10 2020/07/04 04:00:53 lukem Exp $ */ -/* from NetBSD: version.h,v 1.77 2020/07/04 01:20:42 lukem Exp */ +/* $NetBSD: version.h,v 1.11 2023/09/23 05:30:36 lukem Exp $ */ +/* from NetBSD: version.h,v 1.79 2023/09/22 21:57:55 lukem Exp */ /*- - * Copyright (c) 1999-2020 The NetBSD Foundation, Inc. + * Copyright (c) 1999-2023 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -30,5 +30,5 @@ */ #ifndef FTPD_VERSION -#define FTPD_VERSION "NetBSD-ftpd 20200615" +#define FTPD_VERSION "NetBSD-ftpd 20230922" #endif