~ubuntu-branches/ubuntu/trusty/vsftpd/trusty-proposed

Viewing changes to privops.c

Committer: Package Import Robot
Author(s): Lorenzo De Liso
Date: 2012-12-18 19:59:37 UTC
mfrom: (2.3.22 sid)
Revision ID: package-import@ubuntu.com-20121218195937-xiwdrfndhhvv87s0

Tags: 3.0.2-1ubuntu1

https://launchpad.net/bugs/1092076

* Merge from debian unstable (LP: #1092076), remaining changes:
  - Use snakeoil SSL certificates and key.
  - debian/rules, debian/vsftpd.upstart: migrate vsftpd to upstart.
  - Add apport hook:
    + debian/vsftpd.apport: Added.
    + debian/control: Build-depends on dh-apport.
    + debian/rules: Add --with apport.
  - Add debian/watch file.
  - debian/patches/09-disable-anonymous.patch: Disable anonymous login by
    default.

files added:
.pc/.quilt_patches

.pc/.quilt_series

.pc/12-buildflags.patch

.pc/12-buildflags.patch/Makefile

debian/patches/12-buildflags.patch

debian/vsftpd.systemd

seccompsandbox.c

seccompsandbox.h

files removed:
debian/vsftpd.preseed

files modified:
.pc/02-config.patch/tunables.c

.pc/04-link-local.patch/standalone.c

.pc/04-link-local.patch/sysutil.c

.pc/04-link-local.patch/sysutil.h

.pc/05-whitespaces.patch/parseconf.c

.pc/05-whitespaces.patch/str.c

.pc/05-whitespaces.patch/sysutil.c

.pc/05-whitespaces.patch/sysutil.h

.pc/06-greedy.patch/ls.c

.pc/07-utf8.patch/parseconf.c

.pc/07-utf8.patch/tunables.c

.pc/07-utf8.patch/tunables.h

.pc/09-s390.patch/sysdeputil.c

.pc/10-remote-dos.patch/sysdeputil.c

.pc/11-alpha.patch/sysdeputil.c

.pc/applied-patches

BUGS

Changelog

Makefile

README

TODO

banner.c

debian/changelog

debian/control

debian/copyright

debian/patches/series

debian/po/da.po

debian/po/es.po

debian/po/pt_BR.po

debian/rules

debian/source/options

debian/vsftpd.README.Debian

debian/vsftpd.examples

debian/vsftpd.postrm

filestr.c

ftpcmdio.c

ftpcmdio.h

ftpdataio.c

ftppolicy.c

hash.c

logging.c

ls.c

main.c

netstr.c

netstr.h

oneprocess.c

parseconf.c

postlogin.c

postprivparent.c

prelogin.c

privops.c

readwrite.c

secutil.c

secutil.h

session.h

ssl.c

sslslave.c

standalone.c

str.c

strlist.c

strlist.h

sysdeputil.c

sysutil.c

sysutil.h

tunables.c

tunables.h

twoprocess.c

utility.c

vsf_findlibs.sh

vsftpver.h

Show diffs side-by-side

added added

removed removed

privops.c

int retval;

int i;

int s = vsf_sysutil_get_ipsock(p_sess->p_local_addr);

int port = 0;

unsigned short port = 0;

if (p_sess->pasv_listen_fd != -1)

{

die("listed fd is active?");

}

if (vsf_sysutil_is_port_reserved(remote_port))

{

die("Illegal port request");

}

if (tunable_connect_from_port_20)

{

port = tunable_ftp_data_port;

port = (unsigned short) tunable_ftp_data_port;

}

vsf_sysutil_activate_reuseaddr(s);

/* A report of failure here on Solaris, presumably buggy address reuse

117

121

{

118

122

static struct vsf_sysutil_sockaddr* s_p_sockaddr;

119

123

int bind_retries = 10;

120

unsigned short the_port = 0;

124

unsigned short the_port;

121

125

/* IPPORT_RESERVED */

122

126

unsigned short min_port = 1024;

123

127

unsigned short max_port = 65535;

124

128

int is_ipv6 = vsf_sysutil_sockaddr_is_ipv6(p_sess->p_local_addr);

125

if (is_ipv6)

126

{

127

p_sess->pasv_listen_fd = vsf_sysutil_get_ipv6_sock();

128

}

129

else

130

{

131

p_sess->pasv_listen_fd = vsf_sysutil_get_ipv4_sock();

132

}

133

vsf_sysutil_activate_reuseaddr(p_sess->pasv_listen_fd);

129

if (p_sess->pasv_listen_fd != -1)

130

{

131

die("listed fd already active");

132

}

134

133

135

134

if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port)

136

135

{

137

min_port = tunable_pasv_min_port;

136

min_port = (unsigned short) tunable_pasv_min_port;

138

137

}

139

138

if (tunable_pasv_max_port >= min_port && tunable_pasv_max_port < max_port)

140

139

{

141

max_port = tunable_pasv_max_port;

140

max_port = (unsigned short) tunable_pasv_max_port;

142

141

}

143

142

144

143

while (--bind_retries)

146

145

int retval;

147

146

double scaled_port;

148

147

the_port = vsf_sysutil_get_random_byte();

149

the_port <<= 8;

150

the_port |= vsf_sysutil_get_random_byte();

148

the_port = (unsigned short) (the_port << 8);

149

the_port = (unsigned short) (the_port | vsf_sysutil_get_random_byte());

151

150

scaled_port = (double) min_port;

152

151

scaled_port += ((double) the_port / (double) 65536) *

153

152

((double) max_port - min_port + 1);

154

153

the_port = (unsigned short) scaled_port;

154

if (is_ipv6)

155

{

156

p_sess->pasv_listen_fd = vsf_sysutil_get_ipv6_sock();

157

}

158

else

159

{

160

p_sess->pasv_listen_fd = vsf_sysutil_get_ipv4_sock();

161

}

162

vsf_sysutil_activate_reuseaddr(p_sess->pasv_listen_fd);

155

163

vsf_sysutil_sockaddr_clone(&s_p_sockaddr, p_sess->p_local_addr);

156

164

vsf_sysutil_sockaddr_set_port(s_p_sockaddr, the_port);

157

165

retval = vsf_sysutil_bind(p_sess->pasv_listen_fd, s_p_sockaddr);

167

175

if (vsf_sysutil_get_error() == kVSFSysUtilErrADDRINUSE ||

168

176

vsf_sysutil_get_error() == kVSFSysUtilErrACCES)

169

177

{

178

vsf_sysutil_close(p_sess->pasv_listen_fd);

179

p_sess->pasv_listen_fd = -1;

170

180

continue;

171

181

}

172

182

die("vsf_sysutil_bind / listen");

183

193

{

184

194

struct vsf_sysutil_sockaddr* p_accept_addr = 0;

185

195

int remote_fd;

196

if (p_sess->pasv_listen_fd == -1)

197

{

198

die("listed fd not active");

199

}

186

200

vsf_sysutil_sockaddr_alloc(&p_accept_addr);

187

201

remote_fd = vsf_sysutil_accept_timeout(p_sess->pasv_listen_fd, p_accept_addr,

188

202

tunable_accept_timeout);

353

367

str_replace_char(&p_sess->anon_pass_str, '\n', '?');

354

368

{

355

369

struct mystr ftp_username_str = INIT_MYSTR;

356

str_alloc_text(&ftp_username_str, tunable_ftp_username);

370

if (tunable_ftp_username)

371

{

372

str_alloc_text(&ftp_username_str, tunable_ftp_username);

373

}

357

374

setup_username_globals(p_sess, &ftp_username_str);

358

375

str_free(&ftp_username_str);

359

376

}

Older »