~ubuntu-branches/ubuntu/trusty/vsftpd/trusty-proposed

Viewing changes to twoprocess.c

Committer: Package Import Robot
Author(s): Lorenzo De Liso
Date: 2012-12-18 19:59:37 UTC
mfrom: (2.3.22 sid)
Revision ID: package-import@ubuntu.com-20121218195937-xiwdrfndhhvv87s0

Tags: 3.0.2-1ubuntu1

https://launchpad.net/bugs/1092076

* Merge from debian unstable (LP: #1092076), remaining changes:
  - Use snakeoil SSL certificates and key.
  - debian/rules, debian/vsftpd.upstart: migrate vsftpd to upstart.
  - Add apport hook:
    + debian/vsftpd.apport: Added.
    + debian/control: Build-depends on dh-apport.
    + debian/rules: Add --with apport.
  - Add debian/watch file.
  - debian/patches/09-disable-anonymous.patch: Disable anonymous login by
    default.

files added:
.pc/.quilt_patches

.pc/.quilt_series

.pc/12-buildflags.patch

.pc/12-buildflags.patch/Makefile

debian/patches/12-buildflags.patch

debian/vsftpd.systemd

seccompsandbox.c

seccompsandbox.h

files removed:
debian/vsftpd.preseed

files modified:
.pc/02-config.patch/tunables.c

.pc/04-link-local.patch/standalone.c

.pc/04-link-local.patch/sysutil.c

.pc/04-link-local.patch/sysutil.h

.pc/05-whitespaces.patch/parseconf.c

.pc/05-whitespaces.patch/str.c

.pc/05-whitespaces.patch/sysutil.c

.pc/05-whitespaces.patch/sysutil.h

.pc/06-greedy.patch/ls.c

.pc/07-utf8.patch/parseconf.c

.pc/07-utf8.patch/tunables.c

.pc/07-utf8.patch/tunables.h

.pc/09-s390.patch/sysdeputil.c

.pc/10-remote-dos.patch/sysdeputil.c

.pc/11-alpha.patch/sysdeputil.c

.pc/applied-patches

BUGS

Changelog

Makefile

README

TODO

banner.c

debian/changelog

debian/control

debian/copyright

debian/patches/series

debian/po/da.po

debian/po/es.po

debian/po/pt_BR.po

debian/rules

debian/source/options

debian/vsftpd.README.Debian

debian/vsftpd.examples

debian/vsftpd.postrm

filestr.c

ftpcmdio.c

ftpcmdio.h

ftpdataio.c

ftppolicy.c

hash.c

logging.c

ls.c

main.c

netstr.c

netstr.h

oneprocess.c

parseconf.c

postlogin.c

postprivparent.c

prelogin.c

privops.c

readwrite.c

secutil.c

secutil.h

session.h

ssl.c

sslslave.c

standalone.c

str.c

strlist.c

strlist.h

sysdeputil.c

sysutil.c

sysutil.h

tunables.c

tunables.h

twoprocess.c

utility.c

vsf_findlibs.sh

vsftpver.h

Show diffs side-by-side

added added

removed removed

twoprocess.c

#include "sysutil.h"

#include "sysdeputil.h"

#include "sslslave.h"

#include "seccompsandbox.h"

static void drop_all_privs(void);

static void handle_sigchld(void* duff);

/* Child died, so we'll do the same! Report it as an error unless the child

* exited normally with zero exit code

if (vsf_sysutil_retval_is_error(vsf_sysutil_wait_get_retval(&wait_retval)) ||

!vsf_sysutil_wait_exited_normally(&wait_retval) ||

vsf_sysutil_wait_get_exitcode(&wait_retval) != 0)

{

if (vsf_sysutil_retval_is_error(vsf_sysutil_wait_get_retval(&wait_retval)))

{

die("waiting for child");

}

else if (!vsf_sysutil_wait_exited_normally(&wait_retval))

{

die("child died");

}

else

{

vsf_sysutil_exit(0);

}

vsf_sysutil_exit(0);

}

static void

124

}

125

if (tunable_local_enable && tunable_userlist_enable)

126

{

127

int retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file,

128

VSFTP_CONF_FILE_MAX);

127

int retval = -1;

128

if (tunable_userlist_file)

129

{

130

retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file,

131

VSFTP_CONF_FILE_MAX);

132

}

129

133

if (vsf_sysutil_retval_is_error(retval))

130

134

{

131

135

die2("cannot read user list file:", tunable_userlist_file);

132

136

}

133

137

}

134

138

drop_all_privs();

139

seccomp_sandbox_init();

140

seccomp_sandbox_setup_prelogin(p_sess);

141

seccomp_sandbox_lockdown();

135

142

init_connection(p_sess);

136

143

/* NOTREACHED */

137

144

}

141

148

{

142

149

struct mystr user_str = INIT_MYSTR;

143

150

struct mystr dir_str = INIT_MYSTR;

144

int option = VSF_SECUTIL_OPTION_CHROOT | VSF_SECUTIL_OPTION_NO_PROCS;

151

unsigned int option = VSF_SECUTIL_OPTION_CHROOT | VSF_SECUTIL_OPTION_NO_PROCS;

145

152

if (!tunable_ssl_enable)

146

153

{

147

154

/* Unfortunately, can only enable this if we can be sure of not using SSL.

149

156

150

157

option |= VSF_SECUTIL_OPTION_NO_FDS;

151

158

}

152

str_alloc_text(&user_str, tunable_nopriv_user);

153

str_alloc_text(&dir_str, tunable_secure_chroot_dir);

159

if (tunable_nopriv_user)

160

{

161

str_alloc_text(&user_str, tunable_nopriv_user);

162

}

163

if (tunable_secure_chroot_dir)

164

{

165

str_alloc_text(&dir_str, tunable_secure_chroot_dir);

166

}

154

167

/* Be kind: give good error message if the secure dir is missing */

155

168

{

156

169

struct vsf_sysutil_statbuf* p_statbuf = 0;

312

325

return;

313

326

break;

314

327

case kVSFLoginAnon:

315

str_alloc_text(&p_sess->user_str, tunable_ftp_username);

328

str_free(&p_sess->user_str);

329

if (tunable_ftp_username)

330

{

331

str_alloc_text(&p_sess->user_str, tunable_ftp_username);

332

}

316

333

common_do_login(p_sess, &p_sess->user_str, 1, 1);

317

334

break;

318

335

case kVSFLoginReal:

325

342

if (tunable_chroot_list_enable)

326

343

{

327

344

struct mystr chroot_list_file = INIT_MYSTR;

328

int retval = str_fileread(&chroot_list_file,

329

tunable_chroot_list_file,

330

VSFTP_CONF_FILE_MAX);

345

int retval = -1;

346

if (tunable_chroot_list_file)

347

{

348

retval = str_fileread(&chroot_list_file, tunable_chroot_list_file,

349

VSFTP_CONF_FILE_MAX);

350

}

331

351

if (vsf_sysutil_retval_is_error(retval))

332

352

{

333

353

die2("could not read chroot() list file:",

410

430

{

411

431

p_sess->is_guest = 1;

412

432

/* Remap to the guest user */

413

str_alloc_text(&guest_user_str, tunable_guest_username);

433

if (tunable_guest_username)

434

{

435

str_alloc_text(&guest_user_str, tunable_guest_username);

436

}

414

437

p_user_str = &guest_user_str;

415

438

if (!tunable_virtual_use_local_privs)

416

439

{

426

449

{

427

450

secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID;

428

451

}

452

if (!was_anon && tunable_allow_writeable_chroot)

453

{

454

secutil_option |= VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT;

455

}

429

456

calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str,

430

457

p_user_str, p_orig_user_str);

431

458

vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str,

439

466

str_free(&chdir_str);

440

467

str_free(&userdir_str);

441

468

p_sess->is_anonymous = anon;

469

seccomp_sandbox_init();

470

seccomp_sandbox_setup_postlogin(p_sess);

471

seccomp_sandbox_lockdown();

442

472

process_post_login(p_sess);

443

473

bug("should not get here: common_do_login");

444

474

}

448

478

{

449

479

ssl_comm_channel_set_producer_context(p_sess);

450

480

}

481

/* The seccomp sandbox lockdown for the priv parent is done inside here */

451

482

vsf_priv_parent_postlogin(p_sess);

452

483

bug("should not get here in common_do_login");

453

484

}

Older »