summaryrefslogtreecommitdiff
path: root/libexec/ftpd
AgeCommit message (Collapse)Author
2017-04-27Don't send multiple error messages in response to a single commandMike Belopuhov
While a few commands (such as HELP and NOOP) are allowed in between USER and PASS, most of the others are not. However if such command is issued, ftpd should abort the command evaluation early and reply with "530 Please login with USER and PASS." From form@, with input from deraadt@ and OK millert@
2017-04-17memset() of password field should be explicit_bzero().Theo de Raadt
[Not using freezero() in yacc files yet]
2017-04-17freezero() can be used hereTheo de Raadt
2016-09-03Use a single "opt" variable for all setsockopt calls in getdatasock().Jeremie Courreges-Anglas
on = 65536; if (setsockopt(... &on ...) is slightly misleading.
2016-09-03Set "lowdelay" and "throughput" Traffic Class on command & data IPv6 sockets.Jeremie Courreges-Anglas
2016-08-31Don't attempt to support IPv4-mapped IPv6 addresses.Jeremie Courreges-Anglas
We don't consider support for those addreses as desirable, so let's not give a bad example by keeping application code to handle them. This is dead code on OpenBSD anyway since we do not support IPv4-mapped stuff. But let's keep the check to log and warn the admin if the code gets ported elsewhere. Porters of this code should ensure that IPv6 sockets can't see IPv4-mapped addresses by using the IPV6_V6ONLY sockopt. Discussed with & ok tedu@ For a rationale, see https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02
2016-08-30remove ifdef for all the features we have.Ted Unangst
retain disabled ip4in6 code until its future is decided. ok deraadt jca
2016-08-26trim down some NBBY references. 8 bits ought to be enough for anyone.Ted Unangst
2016-08-14When upcasting to off_t for multiplication, the cast needs to be *before*Philip Guenther
the multiplication to avoid truncation/overflow ok krw@
2016-08-14Convert %q to %ll with long long casts for printf()Philip Guenther
Delete pointless casts to off_t, void*, and uid_t ok krw@
2016-07-04Use fstatat() instead of crafting a filename to use with stat()Philip Guenther
ok millert@
2016-05-04Kill #ifdef INET6 occurrences in userland.Jeremie Courreges-Anglas
Prompted by and ok millert@ (tcpdump and libpcap left untouched, the #ifdef force is too strong with those)
2016-04-25prefer setres{u,g}id() rather than manipulating both real and effectiveTheo de Raadt
ids, it clarifies these are full revocation situations. ok millert
2016-04-06compare pointer to NULL instead of 0Sebastien Marie
from fritjof ! alokat.org ok ratchov@ natano@
2016-03-16More "(<blah> *)0" -> NULL, avoiding any stdarg functions.Kenneth R Westerback
Feedback millert@ kettenis@
2016-02-29Print ssize_t with %zd; ok deraadt@ mmcc@Jeremie Courreges-Anglas
2016-02-29Kill unused variable.Jeremie Courreges-Anglas
2015-12-12Remove NULL-checks before free(). ok tb@mmcc
2015-12-01needs utf8.c from the ls tree alsoTheo de Raadt
2015-11-16don't need to ifdef setproctitleTed Unangst
2015-10-25No longer create /var/run/ftpd.pid in daemon mode; OK jung@ jca@Todd C. Miller
2015-10-25unifdef some oldness. (BSD not defined since removal of param.h)Ted Unangst
ok jca sthen
2015-10-19Delete the empty example file "ftpchroot"; no example is needed.Ingo Schwarze
Move the one useful bit of information contained in the file ("one user name per line") to the ftpd(8) manual page where it belongs. OK deraadt@ sthen@
2015-10-04fix custom popen to return pid to caller instead of tracking in a giantTed Unangst
array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod
2015-09-01test pointers with NULL not '\0'Jonathan Gray
2015-08-18calloc() is prototyped; do not cast resultTheo de Raadt
2015-03-17Eliminate use of TM_YEAR_BASE. OK guenther@ deraadt@ miod@Todd C. Miller
2015-03-15tzfile.h is an internal header that should never have been installed.Todd C. Miller
What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
2015-02-06SIZE_MAX is standard, we should be using it in preference to theTodd C. Miller
obsolete SIZE_T_MAX. OK miod@ beck@
2015-01-19CMASK went out of scope with the recent <sys/param.h> removal. But ohTheo de Raadt
golly gee, ftpd can handle that itself due to the glorious old practice of #ifndef #define. Remove that junk. ok guenther
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-15remove .Tn; from Jan Stary <hans at stare dot cz>Ingo Schwarze
2014-10-25Remove unnecessary netinet/in_systm.h include.Lawrence Teo
ok millert@
2014-08-25Delete secret or secret-derived data with explicit_bzero.Doug Hogan
concept ok deraadt@ diff looks ok tedu@
2014-03-24remove tcpwrappers support. ok deraadtTed Unangst
2014-03-17args! fix argstr. from LEVAI Daniel.Stuart Henderson
2014-03-17tweak previous;Jason McIntyre
2014-03-17typo, spotted by okan@Stuart Henderson
2014-03-17Add an option to disallow ftp access to accounts with uid below a certainStuart Henderson
number (idea borrowed from pure-ftpd). Enabled by default with minimum uid 1000 to prevent access to admin accounts. tweak/OK millert@, OK deraadt@, gsoares@ and aja@ like it too.
2014-02-08Fix REST (restart transfer) for offsets large than 2GB. OK okan@Todd C. Miller
2014-01-08If the file size is zero, there's nothing to transmit so avoid spammingJeremie Courreges-Anglas
syslog with mmap failures. Noticed by and ok henning@, "looks right" deraadt@
2013-11-27unsigned char for ctypeTheo de Raadt
ok okan kettenis
2013-11-12repair the last prototype by bringing in monitor.hTheo de Raadt
2013-08-22Correct format string mismatches turned up by -Wformat=2Philip Guenther
suggestions and ok millert@
2013-07-26Make sure tmpline[] is always NUL terminated, to avoid possiblePhilip Guenther
read-beyond-end in get_line(). Analysis and patch by Maxime Villard (rustyBSD (at) gmx.fr) ok millert@ deraadt@
2012-12-04remove some unnecessary sys/param.h inclusionsTheo de Raadt
2012-09-27last stage of rfc changes, using consistent Rs/Re blocks, and moving theJason McIntyre
references into a STANDARDS section;
2012-08-04MDTM and SIZE have been in RFC 3659 for over five years. Also, mention bothPascal Stumpf
RFCs in "SEE ALSO". ok jmc@
2012-04-04Return an error much earlier if recvmsg failsTheo de Raadt
2012-03-04In preparation for getline and getdelim additions to libc, rename getline()Federico G. Schwindt
occurrences to get_line(). Based on a diff from Jan Klemkow <j-dot-klemkow-at-wemelug-dot-de> to tech.