Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src Merge in changes between 0.6.2 and 0.6.3
details: https://anonhg.NetBSD.org/src/rev/116f3b5b5996
branches: trunk
changeset: 569945:116f3b5b5996
user: lha <lha%NetBSD.org@localhost>
date: Tue Sep 14 08:08:19 2004 +0000
description:
Merge in changes between 0.6.2 and 0.6.3
diffstat:
crypto/dist/heimdal/appl/ftp/ftp/ftp.c | 9 +-
crypto/dist/heimdal/appl/ftp/ftpd/extern.h | 4 -
crypto/dist/heimdal/appl/ftp/ftpd/ftpcmd.y | 75 +-
crypto/dist/heimdal/appl/ftp/ftpd/ftpd.8 | 10 +-
crypto/dist/heimdal/appl/ftp/ftpd/ftpd.c | 368 +++++++++--------
crypto/dist/heimdal/appl/telnet/libtelnet/kerberos5.c | 28 +-
crypto/dist/heimdal/appl/telnet/telnet/network.c | 18 +-
crypto/dist/heimdal/appl/telnet/telnetd/state.c | 7 +-
crypto/dist/heimdal/configure.in | 4 +-
crypto/dist/heimdal/heimdal2netbsd | 11 +-
crypto/dist/heimdal/kdc/kerberos5.c | 12 +-
crypto/dist/heimdal/kuser/kinit.c | 9 +-
crypto/dist/heimdal/lib/asn1/k5.asn1 | 11 +-
crypto/dist/heimdal/lib/krb5/changepw.c | 6 +-
crypto/dist/heimdal/lib/krb5/context.c | 6 +-
crypto/dist/heimdal/lib/krb5/krb5-protos.h | 2 +-
crypto/dist/heimdal/lib/krb5/krb5.h | 4 +-
include/heimdal/config.h | 12 +-
18 files changed, 333 insertions(+), 263 deletions(-)
diffs (truncated from 1267 to 300 lines):
diff -r e5a725f29a0f -r 116f3b5b5996 crypto/dist/heimdal/appl/ftp/ftp/ftp.c
--- a/crypto/dist/heimdal/appl/ftp/ftp/ftp.c Tue Sep 14 07:50:24 2004 +0000
+++ b/crypto/dist/heimdal/appl/ftp/ftp/ftp.c Tue Sep 14 08:08:19 2004 +0000
@@ -28,7 +28,7 @@
*/
#include "ftp_locl.h"
-RCSID ("$Id: ftp.c,v 1.5 2003/08/07 09:15:18 agc Exp $");
+RCSID ("$Id: ftp.c,v 1.6 2004/09/14 08:08:20 lha Exp $");
struct sockaddr_storage hisctladdr_ss;
struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss;
@@ -1737,8 +1737,11 @@
snprintf (buf, sizeof (buf), "%c%c%c", IAC, IP, IAC);
if (send (fileno (cout), buf, 3, MSG_OOB) != 3)
warn ("abort");
- fprintf (cout, "%cABOR\r\n", DM);
- fflush (cout);
+ fprintf (cout, "%c", DM);
+ sec_fprintf(cout, "ABOR");
+ sec_fflush (cout);
+ fprintf (cout, "\r\n");
+ fflush(cout);
FD_ZERO (&mask);
if (fileno (cin) >= FD_SETSIZE)
errx (1, "fd too large");
diff -r e5a725f29a0f -r 116f3b5b5996 crypto/dist/heimdal/appl/ftp/ftpd/extern.h
--- a/crypto/dist/heimdal/appl/ftp/ftpd/extern.h Tue Sep 14 07:50:24 2004 +0000
+++ b/crypto/dist/heimdal/appl/ftp/ftpd/extern.h Tue Sep 14 08:08:19 2004 +0000
@@ -44,7 +44,6 @@
#include <stdio.h>
#include <stdarg.h>
-#include <setjmp.h>
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
@@ -125,10 +124,8 @@
extern int guest;
extern int logging;
extern int type;
-extern int oobflag;
extern off_t file_size;
extern off_t byte_count;
-extern jmp_buf urgcatch;
extern int form;
extern int debug;
@@ -138,7 +135,6 @@
extern char hostname[], remotehost[];
extern char proctitle[];
extern int usedefault;
-extern int transflag;
extern char tmpline[];
#endif /* _EXTERN_H_ */
diff -r e5a725f29a0f -r 116f3b5b5996 crypto/dist/heimdal/appl/ftp/ftpd/ftpcmd.y
--- a/crypto/dist/heimdal/appl/ftp/ftpd/ftpcmd.y Tue Sep 14 07:50:24 2004 +0000
+++ b/crypto/dist/heimdal/appl/ftp/ftpd/ftpcmd.y Tue Sep 14 08:08:19 2004 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpcmd.y,v 1.2 2003/08/07 09:15:20 agc Exp $ */
+/* $NetBSD: ftpcmd.y,v 1.3 2004/09/14 08:08:20 lha Exp $ */
/*
* Copyright (c) 1985, 1988, 1993, 1994
@@ -39,15 +39,18 @@
%{
#include "ftpd_locl.h"
-__RCSID("$Heimdal: ftpcmd.y,v 1.61 2001/08/05 06:39:29 assar Exp $"
- "$NetBSD: ftpcmd.y,v 1.2 2003/08/07 09:15:20 agc Exp $");
+__RCSID("$Heimdal: ftpcmd.y,v 1.61.10.2 2004/08/20 15:15:46 lha Exp $"
+ "$NetBSD: ftpcmd.y,v 1.3 2004/09/14 08:08:20 lha Exp $");
off_t restart_point;
+static int hasyyerrored;
+
+
static int cmd_type;
static int cmd_form;
static int cmd_bytesz;
-char cbuf[2048];
+char cbuf[64 * 1024];
char *fromname;
struct tab {
@@ -300,15 +303,6 @@
}
| sTAT CRLF
{
- if(oobflag){
- if (file_size != (off_t) -1)
- reply(213, "Status: %lu of %lu bytes transferred",
- (unsigned long)byte_count,
- (unsigned long)file_size);
- else
- reply(213, "Status: %lu bytes transferred",
- (unsigned long)byte_count);
- }else
statcmd();
}
| DELE SP pathname CRLF check_login_no_guest
@@ -334,13 +328,7 @@
}
| ABOR CRLF
{
- if(oobflag){
- reply(426, "Transfer aborted. Data connection closed.");
- reply(226, "Abort successful");
- oobflag = 0;
- longjmp(urgcatch, 1);
- }else
- reply(225, "ABOR command successful.");
+ reply(225, "ABOR command successful.");
}
| CWD CRLF check_login
{
@@ -911,8 +899,6 @@
%%
-extern jmp_buf errcatch;
-
#define CMD 0 /* beginning of command */
#define ARGS 1 /* expect miscellaneous arguments */
#define STR1 2 /* expect SP followed by STRING */
@@ -1031,15 +1017,13 @@
char *cs;
cs = s;
-/* tmpline may contain saved command from urgent mode interruption */
+
+ /* might still be data within the security MIC/CONF/ENC */
if(ftp_command){
- strlcpy(s, ftp_command, n);
- if (debug)
- syslog(LOG_DEBUG, "command: %s", s);
-#ifdef XXX
- fprintf(stderr, "%s\n", s);
-#endif
- return s;
+ strlcpy(s, ftp_command, n);
+ if (debug)
+ syslog(LOG_DEBUG, "command: %s", s);
+ return s;
}
while ((c = getc(stdin)) != EOF) {
c &= 0377;
@@ -1124,6 +1108,8 @@
switch (state) {
case CMD:
+ hasyyerrored = 0;
+
signal(SIGALRM, toolong);
alarm((unsigned) ftpd_timeout);
if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) {
@@ -1132,7 +1118,7 @@
}
alarm(0);
#ifdef HAVE_SETPROCTITLE
- if (strncasecmp(cbuf, "PASS", 4) != NULL)
+ if (strncasecmp(cbuf, "PASS", 4) != 0)
setproctitle("%s: %s", proctitle, cbuf);
#endif /* HAVE_SETPROCTITLE */
if ((cp = strchr(cbuf, '\r'))) {
@@ -1151,8 +1137,8 @@
if (p != 0) {
if (p->implemented == 0) {
nack(p->name);
- longjmp(errcatch,0);
- /* NOTREACHED */
+ hasyyerrored = 1;
+ break;
}
state = p->state;
yylval.s = p->name;
@@ -1177,8 +1163,8 @@
if (p->implemented == 0) {
state = CMD;
nack(p->name);
- longjmp(errcatch,0);
- /* NOTREACHED */
+ hasyyerrored = 1;
+ break;
}
state = p->state;
yylval.s = p->name;
@@ -1326,12 +1312,27 @@
default:
fatal("Unknown state in scanner.");
}
- yyerror((char *) 0);
+ yyerror(NULL);
state = CMD;
- longjmp(errcatch,0);
+ return (0);
}
}
+/* ARGSUSED */
+void
+yyerror(char *s)
+{
+ char *cp;
+
+ if (hasyyerrored)
+ return;
+
+ if ((cp = strchr(cbuf,'\n')))
+ *cp = '\0';
+ reply(500, "'%s': command not understood.", cbuf);
+ hasyyerrored = 1;
+}
+
static char *
copy(char *s)
{
diff -r e5a725f29a0f -r 116f3b5b5996 crypto/dist/heimdal/appl/ftp/ftpd/ftpd.8
--- a/crypto/dist/heimdal/appl/ftp/ftpd/ftpd.8 Tue Sep 14 07:50:24 2004 +0000
+++ b/crypto/dist/heimdal/appl/ftp/ftpd/ftpd.8 Tue Sep 14 08:08:19 2004 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: ftpd.8,v 1.5 2004/04/02 14:59:46 lha Exp $
+.\" $NetBSD: ftpd.8,v 1.6 2004/09/14 08:08:20 lha Exp $
.\"
.\" Copyright (c) 1985, 1988, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -44,6 +44,7 @@
.Op Fl T Ar maxtimeout
.Op Fl t Ar timeout
.Op Fl -gss-bindings
+.Op Fl I | Fl -no-insecure-oob
.Op Fl u Ar default umask
.Op Fl B | Fl -builtin-ls
.Op Fl -good-chars= Ns Ar string
@@ -146,6 +147,13 @@
.Fl -good-chars= Ns Ar string
.Xc
allowed anonymous upload filename chars
+.It Xo
+.Fl I
+.Fl -no-insecure-oob
+.Xc
+don't allow insecure out of band.
+Heimdal ftp client before 0.7 doesn't support secure oob, so turning
+on this options makes them no longer work.
.El
.Pp
The file
diff -r e5a725f29a0f -r 116f3b5b5996 crypto/dist/heimdal/appl/ftp/ftpd/ftpd.c
--- a/crypto/dist/heimdal/appl/ftp/ftpd/ftpd.c Tue Sep 14 07:50:24 2004 +0000
+++ b/crypto/dist/heimdal/appl/ftp/ftpd/ftpd.c Tue Sep 14 08:08:19 2004 +0000
@@ -34,8 +34,8 @@
#endif
#include "getarg.h"
-__RCSID("$Heimdal: ftpd.c,v 1.166.2.2 2004/03/14 17:16:39 lha Exp $"
- "$NetBSD: ftpd.c,v 1.3 2004/04/02 14:59:46 lha Exp $");
+__RCSID("$Heimdal: ftpd.c,v 1.166.2.3 2004/08/20 15:16:37 lha Exp $"
+ "$NetBSD: ftpd.c,v 1.4 2004/09/14 08:08:20 lha Exp $");
static char version[] = "Version 6.00";
@@ -58,8 +58,6 @@
struct sockaddr *pasv_addr = (struct sockaddr *)&pasv_addr_ss;
int data;
-jmp_buf errcatch, urgcatch;
-int oobflag;
int logged_in;
struct passwd *pw;
int debug = 0;
@@ -75,7 +73,9 @@
int mode;
int usedefault = 1; /* for data transfers */
int pdata = -1; /* for passive mode */
-int transflag;
+int allow_insecure_oob = 1;
+static int transflag;
+static int urgflag;
off_t file_size;
off_t byte_count;
#if !defined(CMASK) || CMASK == 0
@@ -131,6 +131,7 @@
static void ack (char *);
static void myoob (int);
+static int handleoobcmd(void);
static int checkuser (char *, char *);
static int checkaccess (char *);
static FILE *dataconn (const char *, off_t, const char *);
@@ -220,6 +221,7 @@
{ NULL, 'v', arg_flag, &debug, "enable debugging" },
{ "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" },
{ "good-chars", 0, arg_string, &good_chars, "allowed anonymous upload filename chars" },
+ { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, "don't allow insecure OOB ABOR/STAT" },
#ifdef KRB5
{ "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, "Require GSS-API bindings", NULL},
#endif
Home |
Main Index |
Thread Index |
Old Index