summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2002-12-19 18:19:11 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2002-12-19 18:19:11 +0000
commitbd10a01a8be4fc98abd837206d718b9ac8a4a83b (patch)
treee115fc49d6b3e4bb111c5e8a77432e45b3f5ee4e
parent398a6b97facf2f7106e658682d2d30aa6bd6220e (diff)
various tweaks. someone mailed in a huge diff that was so wrong in so
many ways, and i wasted 2 hours finding the gems in it...
-rw-r--r--libexec/ftp-proxy/ftp-proxy.c121
-rw-r--r--libexec/ftp-proxy/getline.c6
-rw-r--r--libexec/ftp-proxy/util.c20
3 files changed, 78 insertions, 69 deletions
diff --git a/libexec/ftp-proxy/ftp-proxy.c b/libexec/ftp-proxy/ftp-proxy.c
index 4bb186f3f7a..9762cf8d8e2 100644
--- a/libexec/ftp-proxy/ftp-proxy.c
+++ b/libexec/ftp-proxy/ftp-proxy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ftp-proxy.c,v 1.26 2002/12/19 01:29:03 deraadt Exp $ */
+/* $OpenBSD: ftp-proxy.c,v 1.27 2002/12/19 18:19:10 deraadt Exp $ */
/*
* Copyright (c) 1996-2001
@@ -201,7 +201,7 @@ drop_privs(void)
if (User != NULL) {
pw = getpwnam(User);
if (pw == NULL) {
- syslog(LOG_ERR, "can't find user %s", User);
+ syslog(LOG_ERR, "cannot find user %s", User);
exit(EX_USAGE);
}
uid = pw->pw_uid;
@@ -211,19 +211,19 @@ drop_privs(void)
if (Group != NULL) {
gr = getgrnam(Group);
if (gr == NULL) {
- syslog(LOG_ERR, "can't find group %s", Group);
+ syslog(LOG_ERR, "cannot find group %s", Group);
exit(EX_USAGE);
}
gid = gr->gr_gid;
}
if (gid != 0 && (setegid(gid) == -1 || setgid(gid) == -1)) {
- syslog(LOG_ERR, "can't drop group privs (%m)");
+ syslog(LOG_ERR, "cannot drop group privs (%m)");
exit(EX_CONFIG);
}
if (uid != 0 && (seteuid(uid) == -1 || setuid(uid) == -1)) {
- syslog(LOG_ERR, "can't drop root privs (%m)");
+ syslog(LOG_ERR, "cannot drop root privs (%m)");
exit(EX_CONFIG);
}
}
@@ -255,13 +255,15 @@ check_host(struct sockaddr_in *client_sin, struct sockaddr_in *server_sin)
i = getnameinfo((struct sockaddr *) &client_sin->sin_addr,
sizeof(&client_sin->sin_addr), cname, sizeof(cname),
NULL, 0, NI_NAMEREQD);
- if (i == -1)
+
+ if (i != 0 && i != EAI_NONAME && i != EAI_AGAIN)
strlcpy(cname, STRING_UNKNOWN, sizeof(cname));
i = getnameinfo((struct sockaddr *)&server_sin->sin_addr,
sizeof(&server_sin->sin_addr), sname, sizeof(sname),
NULL, 0, NI_NAMEREQD);
- if (i == -1)
+
+ if (i != 0 && i != EAI_NONAME && i != EAI_AGAIN)
strlcpy(sname, STRING_UNKNOWN, sizeof(sname));
} else {
/*
@@ -314,7 +316,7 @@ show_xfer_stats(void)
if (client_data_bytes == 0 && server_data_bytes == 0) {
syslog(LOG_INFO,
- "data transfer completed (no bytes transferred)");
+ "data transfer complete (no bytes transferred)");
return;
}
@@ -326,7 +328,7 @@ show_xfer_stats(void)
idelta = delta + 0.5;
if (idelta >= 60*60) {
i = snprintf(tbuf, len,
- "data transfer completed (%dh %dm %ds",
+ "data transfer complete (%dh %dm %ds",
idelta / (60*60), (idelta % (60*60)) / 60,
idelta % 60);
if (i >= len)
@@ -334,14 +336,14 @@ show_xfer_stats(void)
len -= i;
} else {
i = snprintf(tbuf, len,
- "data transfer completed (%dm %ds", idelta / 60,
+ "data transfer complete (%dm %ds", idelta / 60,
idelta % 60);
if (i >= len)
goto logit;
len -= i;
}
} else {
- i = snprintf(tbuf, len, "data transfer completed (%.1fs",
+ i = snprintf(tbuf, len, "data transfer complete (%.1fs",
delta);
if (i >= len)
goto logit;
@@ -350,7 +352,7 @@ show_xfer_stats(void)
if (client_data_bytes > 0) {
i = snprintf(&tbuf[strlen(tbuf)], len,
- ", %d (%.1fKB/s) to server", client_data_bytes,
+ ", %d bytes to server) (%.1fKB/s", client_data_bytes,
(client_data_bytes / delta) / (double)1024);
if (i >= len)
goto logit;
@@ -358,7 +360,7 @@ show_xfer_stats(void)
}
if (server_data_bytes > 0) {
i = snprintf(&tbuf[strlen(tbuf)], len,
- ", %d (%.1fKB/s) to client", server_data_bytes,
+ ", %d bytes to client) (%.1fKB/s", server_data_bytes,
(server_data_bytes / delta) / (double)1024);
if (i >= len)
goto logit;
@@ -392,7 +394,7 @@ log_control_command (char *cmd, int client)
(strncasecmp(cmd, "stor " ,5) == 0))
level = LOG_INFO;
}
- syslog(level, "%s %s", (client?"from client:":"server reply:"),
+ syslog(level, "%s %s", client ? "client:" : " server:",
logstring);
}
@@ -425,11 +427,11 @@ new_dataconn(int server)
min_port, max_port, -1, 1, &server_listen_sa);
if (server_listen_socket == -1) {
- syslog(LOG_INFO, "bind of server socket failed (%m)");
+ syslog(LOG_INFO, "server socket bind() failed (%m)");
exit(EX_OSERR);
}
if (listen(server_listen_socket, 5) != 0) {
- syslog(LOG_INFO, "server socket listen failed (%m)");
+ syslog(LOG_INFO, "server socket listen() failed (%m)");
exit(EX_OSERR);
}
} else {
@@ -439,12 +441,12 @@ new_dataconn(int server)
if (client_listen_socket == -1) {
syslog(LOG_NOTICE,
- "can't get client listen socket (%m)");
+ "cannot get client listen socket (%m)");
exit(EX_OSERR);
}
if (listen(client_listen_socket, 5) != 0) {
syslog(LOG_NOTICE,
- "can't listen on client socket (%m)");
+ "cannot listen on client socket (%m)");
exit(EX_OSERR);
}
}
@@ -471,7 +473,7 @@ connect_pasv_backchannel(void)
(struct sockaddr *)&listen_sa, &salen);
if (client_data_socket < 0) {
- syslog(LOG_NOTICE, "accept failed (%m)");
+ syslog(LOG_NOTICE, "accept() failed (%m)");
exit(EX_OSERR);
}
close(client_listen_socket);
@@ -481,12 +483,12 @@ connect_pasv_backchannel(void)
server_data_socket = get_backchannel_socket(SOCK_STREAM, min_port,
max_port, -1, 1, &listen_sa);
if (server_data_socket < 0) {
- syslog(LOG_NOTICE, "backchannel failed (%m)");
+ syslog(LOG_NOTICE, "get_backchannel_socket() failed (%m)");
exit(EX_OSERR);
}
if (connect(server_data_socket, (struct sockaddr *) &server_listen_sa,
sizeof(server_listen_sa)) != 0) {
- syslog(LOG_NOTICE, "connect failed (%m)");
+ syslog(LOG_NOTICE, "connect() failed (%m)");
exit(EX_NOHOST);
}
client_data_bytes = 0;
@@ -513,7 +515,7 @@ connect_port_backchannel(void)
server_data_socket = accept(server_listen_socket,
(struct sockaddr *)&listen_sa, &salen);
if (server_data_socket < 0) {
- syslog(LOG_NOTICE, "accept failed (%m)");
+ syslog(LOG_NOTICE, "accept() failed (%m)");
exit(EX_OSERR);
}
close(server_listen_socket);
@@ -530,7 +532,7 @@ connect_port_backchannel(void)
client_data_socket = get_backchannel_socket(SOCK_STREAM,
min_port, max_port, -1, 1, &listen_sa);
if (client_data_socket < 0) {
- syslog(LOG_NOTICE, "backchannel failed (%m)");
+ syslog(LOG_NOTICE, "get_backchannel_socket() failed (%m)");
exit(EX_OSERR);
}
@@ -549,20 +551,20 @@ connect_port_backchannel(void)
if (setsockopt(client_data_socket, SOL_SOCKET, SO_REUSEADDR,
&salen, sizeof(salen)) == -1) {
- syslog(LOG_NOTICE, "setsockopt failed (%m)");
+ syslog(LOG_NOTICE, "setsockopt() failed (%m)");
exit(EX_OSERR);
}
if (bind(client_data_socket, (struct sockaddr *)&listen_sa,
sizeof(listen_sa)) == - 1) {
- syslog(LOG_NOTICE, "bind to port 20 failed (%m)");
+ syslog(LOG_NOTICE, "data channel bind() failed (%m)");
exit(EX_OSERR);
}
}
if (connect(client_data_socket, (struct sockaddr *) &client_listen_sa,
sizeof(client_listen_sa)) != 0) {
- syslog(LOG_INFO, "can't connect data connection (%m)");
+ syslog(LOG_INFO, "cannot connect data channel (%m)");
exit(EX_NOHOST);
}
@@ -605,7 +607,7 @@ do_client_cmd(struct csiob *client, struct csiob *server)
* error before they send a password
*/
snprintf(tbuf, sizeof(tbuf),
- "500 Only anonymous ftp is allowed\r\n");
+ "500 Only anonymous FTP is allowed\r\n");
j = 0;
i = strlen(tbuf);
do {
@@ -682,12 +684,12 @@ do_client_cmd(struct csiob *client, struct csiob *server)
snprintf(tbuf, sizeof(tbuf), "EPRT |%d|%s|%u|\r\n", 1,
inet_ntoa(server->sa.sin_addr),
ntohs(server_listen_sa.sin_port));
- debuglog(1, "to server(modified): %s", tbuf);
+ debuglog(1, "to server (modified): %s", tbuf);
sendbuf = tbuf;
goto out;
parsefail:
snprintf(tbuf, sizeof(tbuf),
- "500 Invalid argument, rejected\r\n");
+ "500 Invalid argument; rejected\r\n");
sendbuf = NULL;
goto out;
protounsupp:
@@ -705,7 +707,7 @@ out:
if (res)
freeaddrinfo(res);
if (sendbuf == NULL) {
- debuglog(1, "to client(modified): %s", tbuf);
+ debuglog(1, "to client (modified): %s", tbuf);
i = strlen(tbuf);
do {
rv = send(client->fd, tbuf + j, i - j, 0);
@@ -735,7 +737,7 @@ out:
snprintf(tbuf, sizeof(tbuf),
"500 EPSV command not understood\r\n");
- debuglog(1, "to client(modified): %s", tbuf);
+ debuglog(1, "to client (modified): %s", tbuf);
j = 0;
i = strlen(tbuf);
do {
@@ -805,7 +807,7 @@ out:
((u_char *)&server_listen_sa.sin_port)[0],
((u_char *)&server_listen_sa.sin_port)[1]);
- debuglog(1, "to server(modified): %s", tbuf);
+ debuglog(1, "to server (modified): %s", tbuf);
sendbuf = tbuf;
} else
@@ -844,7 +846,7 @@ do_server_reply(struct csiob *server, struct csiob *client)
* exit - we don't pass this on for fear of hurting
* our other end, which might be poorly implemented.
*/
- syslog(LOG_NOTICE, "Long (> 512 bytes) ftp control reply");
+ syslog(LOG_NOTICE, "long FTP control reply");
exit(EX_DATAERR);
}
@@ -927,7 +929,7 @@ do_server_reply(struct csiob *server, struct csiob *client)
((u_char *)iap)[2], ((u_char *)iap)[3],
((u_char *)&client_listen_sa.sin_port)[0],
((u_char *)&client_listen_sa.sin_port)[1]);
- debuglog(1, "to client(modified): %s", tbuf);
+ debuglog(1, "to client (modified): %s", tbuf);
sendbuf = tbuf;
} else {
sendit:
@@ -1047,16 +1049,16 @@ main(int argc, char *argv[])
* for ftp.
*/
if (Use_Rdns)
- flags = NI_NUMERICHOST | NI_NUMERICSERV;
- else
flags = 0;
+ else
+ flags = NI_NUMERICHOST | NI_NUMERICSERV;
i = getnameinfo((struct sockaddr *)&client_iob.sa,
sizeof(client_iob.sa), ClientName, sizeof(ClientName), NULL, 0,
flags);
- if (i == -1) {
- syslog (LOG_ERR, "getnameinfo failed (%m)");
+ if (i != 0 && i != EAI_NONAME && i != EAI_AGAIN) {
+ debuglog(2, "name resolution failure (client)");
exit(EX_OSERR);
}
@@ -1064,8 +1066,8 @@ main(int argc, char *argv[])
sizeof(real_server_sa), RealServerName, sizeof(RealServerName),
NULL, 0, flags);
- if (i == -1) {
- syslog (LOG_ERR, "getnameinfo failed (%m)");
+ if (i != 0 && i != EAI_NONAME && i != EAI_AGAIN) {
+ debuglog(2, "name resolution failure (server)");
exit(EX_OSERR);
}
@@ -1074,18 +1076,16 @@ main(int argc, char *argv[])
client_iob.fd = 0;
- debuglog(1, "client is %s:%u", ClientName,
- ntohs(client_iob.sa.sin_port));
-
- debuglog(1, "target server is %s:%u", RealServerName,
- ntohs(real_server_sa.sin_port));
+ syslog(LOG_INFO, "accepted connection from %s:%u to %s:%u", ClientName,
+ ntohs(client_iob.sa.sin_port), RealServerName,
+ ntohs(real_server_sa.sin_port));
server_iob.fd = get_backchannel_socket(SOCK_STREAM, min_port, max_port,
-1, 1, &server_iob.sa);
if (connect(server_iob.fd, (struct sockaddr *)&real_server_sa,
sizeof(real_server_sa)) != 0) {
- syslog(LOG_INFO, "Can't connect to %s:%u (%m)", RealServerName,
+ syslog(LOG_INFO, "cannot connect to %s:%u (%m)", RealServerName,
ntohs(real_server_sa.sin_port));
exit(EX_NOHOST);
}
@@ -1101,7 +1101,12 @@ main(int argc, char *argv[])
i = getnameinfo((struct sockaddr *)&server_iob.sa,
sizeof(server_iob.sa), OurName, sizeof(OurName), NULL, 0, flags);
- debuglog(1, "our end of socket to server is %s:%u", OurName,
+ if (i != 0 && i != EAI_NONAME && i != EAI_AGAIN) {
+ debuglog(2, "name resolution failure (local)");
+ exit(EX_OSERR);
+ }
+
+ debuglog(1, "local socket is %s:%u", OurName,
ntohs(server_iob.sa.sin_port));
/* ignore SIGPIPE */
@@ -1110,13 +1115,13 @@ main(int argc, char *argv[])
(void)sigemptyset(&new_sa.sa_mask);
new_sa.sa_flags = SA_RESTART;
if (sigaction(SIGPIPE, &new_sa, &old_sa) != 0) {
- syslog(LOG_ERR, "sigaction failed (%m)");
+ syslog(LOG_ERR, "sigaction() failed (%m)");
exit(EX_OSERR);
}
if (setsockopt(client_iob.fd, SOL_SOCKET, SO_OOBINLINE, (char *)&one,
sizeof(one)) == -1) {
- syslog(LOG_NOTICE, "Can't set SO_OOBINLINE (%m) - exiting");
+ syslog(LOG_NOTICE, "cannot set SO_OOBINLINE (%m)");
exit(EX_OSERR);
}
@@ -1144,7 +1149,7 @@ main(int argc, char *argv[])
if (client_iob.line_buffer == NULL || client_iob.io_buffer == NULL ||
server_iob.line_buffer == NULL || server_iob.io_buffer == NULL) {
- syslog (LOG_NOTICE, "Insufficient memory (malloc failed)");
+ syslog (LOG_NOTICE, "insufficient memory");
exit(EX_UNAVAILABLE);
}
@@ -1165,14 +1170,14 @@ main(int argc, char *argv[])
if (server_data_socket > maxfd)
maxfd = server_data_socket;
- debuglog(3, "client is %s, server is %s",
+ debuglog(3, "client is %s; server is %s",
client_iob.alive ? "alive" : "dead",
server_iob.alive ? "alive" : "dead");
fdsp = (fd_set *)calloc(howmany(maxfd + 1, NFDBITS),
sizeof(fd_mask));
if (fdsp == NULL) {
- syslog(LOG_NOTICE, "Insufficient memory");
+ syslog(LOG_NOTICE, "insufficient memory");
exit(EX_UNAVAILABLE);
}
@@ -1216,7 +1221,7 @@ main(int argc, char *argv[])
* for any passing mourners.
*/
syslog(LOG_INFO,
- "timeout, no data for %ld seconds",
+ "timeout: no data for %ld seconds",
timeout_seconds);
exit(EX_OK);
}
@@ -1224,14 +1229,14 @@ main(int argc, char *argv[])
if (errno == EINTR || errno == EAGAIN)
goto doselect;
syslog(LOG_NOTICE,
- "select failed (%m) - exiting");
+ "select() failed (%m)");
exit(EX_OSERR);
}
if (client_data_socket >= 0 &&
FD_ISSET(client_data_socket, fdsp)) {
int rval;
- debuglog(3, "xfer client to server");
+ debuglog(3, "transfer: client to server");
rval = xfer_data("client to server",
client_data_socket,
server_data_socket,
@@ -1248,7 +1253,7 @@ main(int argc, char *argv[])
FD_ISSET(server_data_socket, fdsp)) {
int rval;
- debuglog(3, "xfer server to client");
+ debuglog(3, "transfer: server to client");
rval = xfer_data("server to client",
server_data_socket,
client_data_socket,
@@ -1292,5 +1297,9 @@ main(int argc, char *argv[])
server_iob.alive = 0;
}
}
+
+ if (Verbose)
+ syslog(LOG_INFO, "session ended");
+
exit(EX_OK);
}
diff --git a/libexec/ftp-proxy/getline.c b/libexec/ftp-proxy/getline.c
index fe2d6ce99a1..6050b2d5e0e 100644
--- a/libexec/ftp-proxy/getline.c
+++ b/libexec/ftp-proxy/getline.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getline.c,v 1.11 2002/12/19 01:29:03 deraadt Exp $ */
+/* $OpenBSD: getline.c,v 1.12 2002/12/19 18:19:10 deraadt Exp $ */
/*
* Copyright (c) 1985, 1988 Regents of the University of California.
@@ -126,7 +126,7 @@ refill_buffer(struct csiob *iobp)
if (errno == EAGAIN || errno == EINTR)
goto doread;
if (errno != ECONNRESET) {
- syslog(LOG_INFO, "read failed on socket from %s (%m)",
+ syslog(LOG_INFO, "read() failed on socket from %s (%m)",
iobp->who);
exit(EX_DATAERR);
}
@@ -213,7 +213,7 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough)
break;
if (iobp->io_buffer[ix] == '\0') {
syslog(LOG_INFO,
- "got null byte from %s - bye!",
+ "got NUL byte from %s - bye!",
iobp->who);
exit(EX_DATAERR);
}
diff --git a/libexec/ftp-proxy/util.c b/libexec/ftp-proxy/util.c
index 6e858e221e4..594ca063bac 100644
--- a/libexec/ftp-proxy/util.c
+++ b/libexec/ftp-proxy/util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.12 2002/12/19 01:29:03 deraadt Exp $ */
+/* $OpenBSD: util.c,v 1.13 2002/12/19 18:19:10 deraadt Exp $ */
/*
* Copyright (c) 1996-2001
@@ -82,13 +82,13 @@ get_proxy_env(int connected_fd, struct sockaddr_in *real_server_sa_ptr,
slen = sizeof(*real_server_sa_ptr);
if (getsockname(connected_fd, (struct sockaddr *)real_server_sa_ptr,
&slen) != 0) {
- syslog(LOG_ERR, "getsockname failed (%m)");
+ syslog(LOG_ERR, "getsockname() failed (%m)");
return(-1);
}
slen = sizeof(*client_sa_ptr);
if (getpeername(connected_fd, (struct sockaddr *)client_sa_ptr,
&slen) != 0) {
- syslog(LOG_ERR, "getpeername failed (%m)");
+ syslog(LOG_ERR, "getpeername() failed (%m)");
return(-1);
}
@@ -111,13 +111,13 @@ get_proxy_env(int connected_fd, struct sockaddr_in *real_server_sa_ptr,
*/
fd = open("/dev/pf", O_RDWR);
if (fd == -1) {
- syslog(LOG_ERR, "Can't open /dev/pf (%m)");
+ syslog(LOG_ERR, "cannot open /dev/pf (%m)");
exit(EX_UNAVAILABLE);
}
if (ioctl(fd, DIOCNATLOOK, &natlook) == -1) {
syslog(LOG_INFO,
- "pf nat lookup failed (%m), connection from %s:%hu",
+ "pf nat lookup failed %s:%hu (%m)",
inet_ntoa(client_sa_ptr->sin_addr),
ntohs(client_sa_ptr->sin_port));
close(fd);
@@ -155,7 +155,7 @@ xfer_data(const char *what_read,int from_fd, int to_fd, struct in_addr from,
*/
if (ioctl(from_fd, SIOCATMARK, &mark) < 0) {
xerrno = errno;
- syslog(LOG_ERR,"can't ioctl(SIOCATMARK) socket from %s (%m)",
+ syslog(LOG_ERR, "cannot ioctl(SIOCATMARK) socket from %s (%m)",
what_read);
errno = xerrno;
return(-1);
@@ -171,19 +171,19 @@ snarf:
rlen = recv(from_fd, tbuf, sizeof(tbuf), flags);
}
if (rlen == 0) {
- debuglog(3, "xfer_data - eof on read socket");
+ debuglog(3, "EOF on read socket");
return(0);
} else if (rlen == -1) {
if (errno == EAGAIN || errno == EINTR)
goto snarf;
xerrno = errno;
- syslog(LOG_ERR, "(xfer_data:%s) - failed (%m) with flags 0%o",
+ syslog(LOG_ERR, "xfer_data (%s): failed (%m) with flags 0%o",
what_read, flags);
errno = xerrno;
return(-1);
} else {
offset = 0;
- debuglog(3, "xfer got %d bytes from socket", rlen);
+ debuglog(3, "got %d bytes from socket", rlen);
while (offset < rlen) {
int wlen;
@@ -191,7 +191,7 @@ snarf:
wlen = send(to_fd, &tbuf[offset], rlen - offset,
flags);
if (wlen == 0) {
- debuglog(3, "zero length write");
+ debuglog(3, "zero-length write");
goto fling;
} else if (wlen == -1) {
if (errno == EAGAIN || errno == EINTR)