summaryrefslogtreecommitdiff
path: root/libexec/ftpd/ftpcmd.y
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>1997-12-12 08:55:10 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>1997-12-12 08:55:10 +0000
commitc973b01c6627917331a835c5804ab7a6514999b4 (patch)
tree05cb7a269634292a90e96fba63578ef2d2a59e95 /libexec/ftpd/ftpcmd.y
parent9e30e47ba96305a4e2e363970306ee69df00ef6a (diff)
default to violating the RFC wrt the PORT command. Use -P to conform to the
RFC and possibly open up non-OpenBSD boxes in a trust relationship on your network to possible ftp bounce attacks...
Diffstat (limited to 'libexec/ftpd/ftpcmd.y')
-rw-r--r--libexec/ftpd/ftpcmd.y21
1 files changed, 16 insertions, 5 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index d28d5879e46..87e286645f0 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -88,6 +88,8 @@ extern char proctitle[];
extern int usedefault;
extern int transflag;
extern char tmpline[];
+extern int portcheck;
+extern struct sockaddr_in his_addr;
off_t restart_point;
@@ -158,12 +160,21 @@ cmd
| PORT check_login SP host_port CRLF
{
if ($2) {
- usedefault = 0;
- if (pdata >= 0) {
- (void) close(pdata);
- pdata = -1;
+ if (portcheck && (ntohs(data_dest.sin_port) <
+ IPPORT_RESERVED ||
+ memcmp(&data_dest.sin_addr,
+ &his_addr.sin_addr,
+ sizeof data_dest.sin_addr))) {
+ usedefault = 1;
+ reply(500, "Illegal PORT rejected.");
+ } else {
+ usedefault = 0;
+ if (pdata >= 0) {
+ (void) close(pdata);
+ pdata = -1;
+ }
+ reply(200, "PORT command successful.");
}
- reply(200, "PORT command successful.");
}
}
| PASV check_login CRLF