Module Name: othersrc Committed By: lukem Date: Tue Jan 29 12:14:46 UTC 2019
Modified Files: othersrc/libexec/tnftpd/src: cmds.c extern.h ftpcmd.y ftpd.c logwtmp.c popen.c version.h Log Message: merge from NetBSD-20130321 to NetBSD-20190129 To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 othersrc/libexec/tnftpd/src/cmds.c \ othersrc/libexec/tnftpd/src/extern.h othersrc/libexec/tnftpd/src/popen.c cvs rdiff -u -r1.18 -r1.19 othersrc/libexec/tnftpd/src/ftpcmd.y cvs rdiff -u -r1.34 -r1.35 othersrc/libexec/tnftpd/src/ftpd.c cvs rdiff -u -r1.2 -r1.3 othersrc/libexec/tnftpd/src/logwtmp.c cvs rdiff -u -r1.8 -r1.9 othersrc/libexec/tnftpd/src/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: othersrc/libexec/tnftpd/src/cmds.c diff -u othersrc/libexec/tnftpd/src/cmds.c:1.16 othersrc/libexec/tnftpd/src/cmds.c:1.17 --- othersrc/libexec/tnftpd/src/cmds.c:1.16 Thu Mar 21 01:01:56 2013 +++ othersrc/libexec/tnftpd/src/cmds.c Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: cmds.c,v 1.16 2013/03/21 01:01:56 lukem Exp $ */ -/* from NetBSD: cmds.c,v 1.31 2012/06/19 06:06:34 dholland Exp */ +/* $NetBSD: cmds.c,v 1.17 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: cmds.c,v 1.35 2016/01/17 14:46:07 christos Exp */ /* * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -95,7 +95,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID(" NetBSD: cmds.c,v 1.31 2012/06/19 06:06:34 dholland Exp "); +__RCSID(" NetBSD: cmds.c,v 1.35 2016/01/17 14:46:07 christos Exp "); #endif /* not lint */ #include <sys/param.h> @@ -256,8 +256,10 @@ mlsd(const char *path) goto mlsdperror; dout = dataconn("MLSD", (off_t)-1, "w"); - if (dout == NULL) + if (dout == NULL) { + (void) closedir(dirp); return; + } memset(&f, 0, sizeof(f)); f.stat = &sb; @@ -605,7 +607,7 @@ static void fact_perm(const char *fact, FILE *fd, factelem *fe) { int rok, wok, xok, pdirwok; - struct stat *pdir; + struct stat *pdir, dir; if (fe->stat->st_uid == geteuid()) { rok = ((fe->stat->st_mode & S_IRUSR) != 0); @@ -632,7 +634,6 @@ fact_perm(const char *fact, FILE *fd, fa if (pdir == NULL && CURCLASS_FLAGS_ISSET(modify)) { size_t len; char realdir[MAXPATHLEN], *p; - struct stat dir; len = strlcpy(realdir, fe->path, sizeof(realdir)); if (len < sizeof(realdir) - 4) { @@ -885,7 +886,7 @@ discover_path(char *last_path, const cha cp = tp; nomorelink = 1; - while ((cp = strstr(++cp, "/")) != NULL) { + while ((cp = strstr(cp + 1, "/")) != NULL) { sz1 = (unsigned long)cp - (unsigned long)tp; if (sz1 > MAXPATHLEN) goto bad; @@ -958,8 +959,8 @@ discover_path(char *last_path, const cha tp[strlen(tp) - 1] = '\0'; /* check that the path is correct */ - stat(tp, &st1); - stat(".", &st2); + if (stat(tp, &st1) == -1 || stat(".", &st2) == -1) + goto bad; if ((st1.st_dev != st2.st_dev) || (st1.st_ino != st2.st_ino)) goto bad; Index: othersrc/libexec/tnftpd/src/extern.h diff -u othersrc/libexec/tnftpd/src/extern.h:1.16 othersrc/libexec/tnftpd/src/extern.h:1.17 --- othersrc/libexec/tnftpd/src/extern.h:1.16 Thu Mar 21 01:01:56 2013 +++ othersrc/libexec/tnftpd/src/extern.h Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: extern.h,v 1.16 2013/03/21 01:01:56 lukem Exp $ */ -/* from NetBSD: extern.h,v 1.62 2011/08/29 20:41:06 joerg Exp */ +/* $NetBSD: extern.h,v 1.17 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: extern.h,v 1.64 2018/06/23 07:21:00 gson Exp */ /*- * Copyright (c) 1992, 1993 @@ -367,7 +367,7 @@ extern struct tab cmdtab[]; #define CPUTC(c, f) do { \ putc(c, f); total_bytes++; total_bytes_out++; \ - } while (0); + } while (0) #define CURCLASSTYPE curclass.type == CLASS_GUEST ? "GUEST" : \ curclass.type == CLASS_CHROOT ? "CHROOT" : \ Index: othersrc/libexec/tnftpd/src/popen.c diff -u othersrc/libexec/tnftpd/src/popen.c:1.16 othersrc/libexec/tnftpd/src/popen.c:1.17 --- othersrc/libexec/tnftpd/src/popen.c:1.16 Sun Mar 21 11:07:37 2010 +++ othersrc/libexec/tnftpd/src/popen.c Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: popen.c,v 1.16 2010/03/21 11:07:37 lukem Exp $ */ -/* from NetBSD: popen.c,v 1.37 2010/03/20 18:23:30 christos Exp */ +/* $NetBSD: popen.c,v 1.17 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: popen.c,v 1.38 2016/03/17 00:17:58 christos Exp */ /*- * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -72,7 +72,7 @@ #if 0 static char sccsid[] = "@(#)popen.c 8.3 (Berkeley) 4/6/94"; #else -__RCSID(" NetBSD: popen.c,v 1.37 2010/03/20 18:23:30 christos Exp "); +__RCSID(" NetBSD: popen.c,v 1.38 2016/03/17 00:17:58 christos Exp "); #endif #endif /* not lint */ @@ -114,7 +114,7 @@ extern int ls_main(int, char *[]); FILE * ftpd_popen(const char *argv[], const char *ptype, int stderrfd) { - FILE *iop; + FILE * volatile iop; int argc, pdes[2], pid; volatile int isls; char **pop; Index: othersrc/libexec/tnftpd/src/ftpcmd.y diff -u othersrc/libexec/tnftpd/src/ftpcmd.y:1.18 othersrc/libexec/tnftpd/src/ftpcmd.y:1.19 --- othersrc/libexec/tnftpd/src/ftpcmd.y:1.18 Thu Mar 21 01:01:57 2013 +++ othersrc/libexec/tnftpd/src/ftpcmd.y Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: ftpcmd.y,v 1.18 2013/03/21 01:01:57 lukem Exp $ */ -/* from NetBSD: ftpcmd.y,v 1.93 2011/09/16 16:13:17 plunky Exp */ +/* $NetBSD: ftpcmd.y,v 1.19 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ #if 0 static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; #else -__RCSID(" NetBSD: ftpcmd.y,v 1.93 2011/09/16 16:13:17 plunky Exp "); +__RCSID(" NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp "); #endif #endif /* not lint */ @@ -201,7 +201,7 @@ cmd | PASS SP password CRLF { pass($3); - memset($3, 0, strlen($3)); + explicit_memset($3, 0, strlen($3)); free($3); } Index: othersrc/libexec/tnftpd/src/ftpd.c diff -u othersrc/libexec/tnftpd/src/ftpd.c:1.34 othersrc/libexec/tnftpd/src/ftpd.c:1.35 --- othersrc/libexec/tnftpd/src/ftpd.c:1.34 Thu Mar 21 01:01:57 2013 +++ othersrc/libexec/tnftpd/src/ftpd.c Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: ftpd.c,v 1.34 2013/03/21 01:01:57 lukem Exp $ */ -/* from NetBSD: ftpd.c,v 1.198 2012/06/19 06:06:34 dholland Exp */ +/* $NetBSD: ftpd.c,v 1.35 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: ftpd.c,v 1.204 2018/04/28 13:38:00 riastradh Exp */ /* * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -108,7 +108,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID(" NetBSD: ftpd.c,v 1.198 2012/06/19 06:06:34 dholland Exp "); +__RCSID(" NetBSD: ftpd.c,v 1.204 2018/04/28 13:38:00 riastradh Exp "); #endif #endif /* not lint */ @@ -178,6 +178,8 @@ __RCSID(" NetBSD: ftpd.c,v 1.198 2012/06 #endif /* !defined(HAVE_TNFTPD_H) */ +#include "pfilter.h" + #define GLOBAL #include "extern.h" #include "pathnames.h" @@ -188,6 +190,7 @@ static sig_atomic_t urgflag; int data; int Dflag; +int fflag; int sflag; int stru; /* avoid C keyword */ int mode; @@ -323,6 +326,7 @@ main(int argc, char *argv[]) logging = 0; pdata = -1; Dflag = 0; + fflag = 0; sflag = 0; dataport = 0; dopidfile = 1; /* default: DO use a pid file to count users */ @@ -348,7 +352,7 @@ main(int argc, char *argv[]) openlog("ftpd", LOG_PID | LOG_NDELAY, FTPD_LOGTYPE); while ((ch = getopt(argc, argv, - "46a:c:C:Dde:h:HlL:nP:qQrst:T:uUvV:wWX")) != -1) { + "46a:c:C:Dde:fh:HlL:nP:qQrst:T:uUvV:wWX")) != -1) { switch (ch) { case '4': af = AF_INET; @@ -407,6 +411,10 @@ main(int argc, char *argv[]) emailaddr = optarg; break; + case 'f': + fflag = 1; + break; + case 'h': strlcpy(hostname, optarg, sizeof(hostname)); break; @@ -503,6 +511,8 @@ main(int argc, char *argv[]) if (EMPTYSTR(confdir)) confdir = _DEFAULT_CONFDIR; + pfilter_open(); + if (dowtmp) { #ifdef SUPPORT_UTMPX ftpd_initwtmpx(); @@ -538,7 +548,7 @@ main(int argc, char *argv[]) struct pollfd *fds; struct addrinfo hints, *res, *res0; - if (daemon(1, 0) == -1) { + if (!fflag && daemon(1, 0) == -1) { syslog(LOG_ERR, "failed to daemonize: %m"); exit(1); } @@ -1514,6 +1524,7 @@ do_pass(int pass_checked, int pass_rval, if (rval) { reply(530, "%s", rval == 2 ? "Password expired." : "Login incorrect."); + pfilter_notify(1, rval == 2 ? "exppass" : "badpass"); if (logging) { syslog(LOG_NOTICE, "FTP LOGIN FAILED FROM %s", remoteloghost); @@ -1557,6 +1568,7 @@ do_pass(int pass_checked, int pass_rval, *remote_ip = 0; remote_ip[sizeof(remote_ip) - 1] = 0; if (!auth_hostok(lc, remotehost, remote_ip)) { + pfilter_notify(1, "bannedhost"); syslog(LOG_INFO|LOG_AUTH, "FTP LOGIN FAILED (HOST) as %s: permission denied.", pw->pw_name); @@ -2088,7 +2100,8 @@ getdatasock(const char *fmode) t = errno; if (! dropprivs) (void) seteuid((uid_t)pw->pw_uid); - (void) close(s); + if (s >= 0) + (void) close(s); errno = t; return (NULL); } @@ -2276,7 +2289,7 @@ send_data_with_read(int filefd, int netf (void)gettimeofday(&then, NULL); } else bufrem = readsize; - while (1) { + for (;;) { (void) alarm(curclass.timeout); c = read(filefd, buf, readsize); if (c == 0) @@ -2526,7 +2539,7 @@ receive_data(FILE *instr, FILE *outstr) (void) alarm(curclass.timeout); if (curclass.readsize) readsize = curclass.readsize; - else if (fstat(filefd, &st)) + else if (fstat(filefd, &st) != -1) readsize = (ssize_t)st.st_blksize; else readsize = BUFSIZ; @@ -2964,7 +2977,6 @@ reply(int n, const char *fmt, ...) size_t b; va_list ap; - b = 0; if (n == 0) b = snprintf(msg, sizeof(msg), " "); else if (n < 0) @@ -3611,8 +3623,10 @@ send_file_list(const char *whichf) while ((dir = readdir(dirp)) != NULL) { char nbuf[MAXPATHLEN]; - if (urgflag && handleoobcmd()) + if (urgflag && handleoobcmd()) { + (void) closedir(dirp); goto cleanup_send_file_list; + } if (ISDOTDIR(dir->d_name) || ISDOTDOTDIR(dir->d_name)) continue; @@ -3635,8 +3649,10 @@ send_file_list(const char *whichf) if (dout == NULL) { dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) + if (dout == NULL) { + (void) closedir(dirp); goto cleanup_send_file_list; + } transflag = 1; } p = nbuf; Index: othersrc/libexec/tnftpd/src/logwtmp.c diff -u othersrc/libexec/tnftpd/src/logwtmp.c:1.2 othersrc/libexec/tnftpd/src/logwtmp.c:1.3 --- othersrc/libexec/tnftpd/src/logwtmp.c:1.2 Sun Sep 21 14:44:01 2008 +++ othersrc/libexec/tnftpd/src/logwtmp.c Tue Jan 29 12:14:46 2019 @@ -1,5 +1,5 @@ -/* $NetBSD: logwtmp.c,v 1.2 2008/09/21 14:44:01 lukem Exp $ */ -/* from NetBSD: logwtmp.c,v 1.25 2006/09/23 16:03:50 xtraeme Exp */ +/* $NetBSD: logwtmp.c,v 1.3 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: logwtmp.c,v 1.27 2015/08/09 20:34:24 shm Exp */ /* * Copyright (c) 1988, 1993 @@ -40,7 +40,7 @@ #if 0 static char sccsid[] = "@(#)logwtmp.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID(" NetBSD: logwtmp.c,v 1.25 2006/09/23 16:03:50 xtraeme Exp "); +__RCSID(" NetBSD: logwtmp.c,v 1.27 2015/08/09 20:34:24 shm Exp "); #endif #endif /* not lint */ @@ -130,13 +130,12 @@ ftpd_logwtmpx(const char *line, const ch if (fdx < 0) return; if (fstat(fdx, &buf) == 0) { + (void)memset(&ut, 0, sizeof(ut)); (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); (void)strncpy(ut.ut_name, name, sizeof(ut.ut_name)); (void)strncpy(ut.ut_host, host, sizeof(ut.ut_host)); if (haddr) (void)memcpy(&ut.ut_ss, &haddr->si_su, haddr->su_len); - else - (void)memset(&ut.ut_ss, 0, sizeof(ut.ut_ss)); ut.ut_type = utx_type; if (WIFEXITED(status)) ut.ut_exit.e_exit = (uint16_t)WEXITSTATUS(status); Index: othersrc/libexec/tnftpd/src/version.h diff -u othersrc/libexec/tnftpd/src/version.h:1.8 othersrc/libexec/tnftpd/src/version.h:1.9 --- othersrc/libexec/tnftpd/src/version.h:1.8 Thu Mar 21 01:01:57 2013 +++ othersrc/libexec/tnftpd/src/version.h Tue Jan 29 12:14:46 2019 @@ -1,7 +1,7 @@ -/* $NetBSD: version.h,v 1.8 2013/03/21 01:01:57 lukem Exp $ */ -/* from NetBSD: version.h,v 1.75 2013/03/21 00:17:26 lukem Exp */ +/* $NetBSD: version.h,v 1.9 2019/01/29 12:14:46 lukem Exp $ */ +/* from NetBSD: version.h,v 1.76 2019/01/29 11:51:05 lukem Exp */ /*- - * Copyright (c) 1999-2013 The NetBSD Foundation, Inc. + * Copyright (c) 1999-2019 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -30,5 +30,5 @@ */ #ifndef FTPD_VERSION -#define FTPD_VERSION "NetBSD-ftpd 20110904" +#define FTPD_VERSION "NetBSD-ftpd 20180428" #endif