- Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
data port instead of always using hard-

- Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
data port instead of always using hard-coded port 20.

Submitted by: roam
MFC after: 1 week

show more ...

The FTP daemon was vulnerable to a DoS where an attacker could bind()
up port 20 for an extended period of time and thus lock out all other
users from establishing PORT data connections. Don't hold o

The FTP daemon was vulnerable to a DoS where an attacker could bind()
up port 20 for an extended period of time and thus lock out all other
users from establishing PORT data connections. Don't hold on to the
bind() while we loop around waiting to see if we can make our
connection.

Being a DoS, it has security implications, giving it a short MFC
time.

MFC after: 1 day

show more ...

Prepend a space character if a line begins with a digit
in the output to the "STAT file" request.

This closes one discrepancy with RFC 959 (page 36.)

See also http://www.kb.cert.org/vuls/id/328867

Prepend a space character if a line begins with a digit
in the output to the "STAT file" request.

This closes one discrepancy with RFC 959 (page 36.)

See also http://www.kb.cert.org/vuls/id/328867

Obtained from: OpenBSD

show more ...

Don't free the current addrinfo list, or else a pointer to a freed
memory area would arise. Only an addrinfo list from an earlier
call to getaddrinfo() should be freed there because it will be
subst

Don't free the current addrinfo list, or else a pointer to a freed
memory area would arise. Only an addrinfo list from an earlier
call to getaddrinfo() should be freed there because it will be
substituted by the current list referenced by "res".

Reported by: John Long <fbsd1@pruam.com>
MFC after: 5 days

show more ...

Have ftpd specify the LOGIN_SETMAC flag to setlogincontext() so that
MAC labels are set if MAC is enabled and configured for the user
logging in.

Note that lukemftpd is not considered a supported ap

Have ftpd specify the LOGIN_SETMAC flag to setlogincontext() so that
MAC labels are set if MAC is enabled and configured for the user
logging in.

Note that lukemftpd is not considered a supported application when
MAC is enabled, as it does not use the standard system interfaces for
managing user contexts; if lukemftpd is used with labeled MAC policies,
it will not properly give up privileges when switching to the user
account.

Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories

show more ...

Use the standardized CHAR_BIT constant instead of NBBY in userland.

The mode can be "r+" as well on PUT, but only "a" on APPE.

Remove variables no longer used.

More inithosts() fixes:
o Don't free(3) memory occupied by host structures
already in the host list.
o Set hrp->hostinfo to NULL if a host record has to stay in
the host list, but is to be ignore

More inithosts() fixes:
o Don't free(3) memory occupied by host structures
already in the host list.
o Set hrp->hostinfo to NULL if a host record has to stay in
the host list, but is to be ignored. Selecthost() knows that.
o Reduce the pollution with excessive NULL checks.
o Close a couple of memory leaks.

MFC after: 1 week

show more ...

Fix an inconsistency between a printf-like format and its argument list.

Submitted by: kris
MFC after: 3 days

Add option '-W': don't log FTP sessions to wtmp.

Submitted by: maxim
MFC after: 1 week

Clean up hostname and hostinfo handling in inithosts():
o check getaddrinfo(3) return value, not result pointer
o getaddrinfo(3) returns int, not pointer
o don't leak memory allocated for hostnames a

Clean up hostname and hostinfo handling in inithosts():
o check getaddrinfo(3) return value, not result pointer
o getaddrinfo(3) returns int, not pointer
o don't leak memory allocated for hostnames and hostinfo structures
o initialize pointers that will be checked for NULL somewhere

MFC after: 1 week

show more ...

Fix a wrong comment on (hopefully) right code.

MFC after: 3 days

Rework storing files thoroughly. This includes:

o Remove the race between stat(2) & fopen(3) when creating
a unique file.

o Improve bound checking when generating a unique name from
a given pat

Rework storing files thoroughly. This includes:

o Remove the race between stat(2) & fopen(3) when creating
a unique file.

o Improve bound checking when generating a unique name from
a given pathname.

o Ignore REST marker on APPE. No RFC specifies this case,
but the idea of resuming APPE's implies this.

o By default, deny upload resumes and appends by anonymous users.
Previously these commands were translated to STOU silently,
which led to broken files on server without any notification
to the user.

o Add an option, -m, to allow anonymous users to modify
existing files (e.g., to resume uploads) if filesystem
permissions permit.

Portions obrainded from: OpenBSD
MFC after: 3 weeks

show more ...

Conform to RFC 959, Appendix II, when replying
to a successful MKD command.

MFC after: 1 week

Make the `-v' option a synonym for `-d'
(as it was intended initially)
and document it in the manpage.

MFC after: 2 weeks

Sort command-line options according to the mostly used style:
alphabetical order, lower and upper case of the same letter
stick together, lower case first.

MFC after: 2 weeks

Re-use passive data ports with the SO_REUSEADDR
socket option to avoid exausting the passive port
space by TIME_WAIT'ing connections.

PR: bin/36955
Submitted by: Maxim Konovalov <maxim@FreeBSD.org>

Re-use passive data ports with the SO_REUSEADDR
socket option to avoid exausting the passive port
space by TIME_WAIT'ing connections.

PR: bin/36955
Submitted by: Maxim Konovalov <maxim@FreeBSD.org>
MFC after: 2 weeks

show more ...

Remove the outdated casts to "char *" from the setsockopt(2),
write(2), and getipnodebyaddr(3) calls. Now all the above functions
accept "void *" in that arguments and have prototypes. Thus, the
ca

Remove the outdated casts to "char *" from the setsockopt(2),
write(2), and getipnodebyaddr(3) calls. Now all the above functions
accept "void *" in that arguments and have prototypes. Thus, the
casts are useless under the normal circumstances (and would be harmful
if the functions had no prototypes.)

MFC after: 2 weeks

show more ...

Clean up the syslog(3) messages on the setsockopt(2) errors:

o Always check a setsockopt(2) return value
o Use a consistent message format
o Don't abort if the failed setsockopt(2) was actually not

Clean up the syslog(3) messages on the setsockopt(2) errors:

o Always check a setsockopt(2) return value
o Use a consistent message format
o Don't abort if the failed setsockopt(2) was actually not vital
o Use LOG_WARNING, not LOG_ERR, in non-fatal cases

MFC after: 1 week

show more ...

use IPV6_V6ONLY instead of non standard IPV6_BINDV6ONLY.

MFC after: 1 week

Fix one RFC 959 incompliance:
Double double-quotes in a PWD result
if they appear in the directory pathname.

PR: misc/18365
MFC after: 1 week

Allow deleting and renaming stale symlinks and
deleting symlinks pointing to directories.

PR: bin/37250
Submitted by: Nino Dehne <TeCeEm@gmx.de>
MFC after: 1 week

Avoid passing NULL to freehostent(3).

MFC after: 1 week

Fix setting parameters for getipnodebyaddr(3):
o "struct addrinfo" contains a pointer to "struct sockaddr,"
not "struct sockaddr" itself
o the function takes a pointer to "struct in*_addr", not to

Fix setting parameters for getipnodebyaddr(3):
o "struct addrinfo" contains a pointer to "struct sockaddr,"
not "struct sockaddr" itself
o the function takes a pointer to "struct in*_addr", not to
"struct sockaddr," so the address length must be corresponding

MFC after: 1 week

show more ...