1 /* $NetBSD: conf.c,v 1.57 2006/02/01 14:20:12 christos Exp $ */
4 * Copyright (c) 1997-2005 The NetBSD Foundation, Inc.
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Simon Burge and Luke Mewburn.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the NetBSD
21 * Foundation, Inc. and its contributors.
22 * 4. Neither the name of The NetBSD Foundation nor the names of its
23 * contributors may be used to endorse or promote products derived
24 * from this software without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 * POSSIBILITY OF SUCH DAMAGE.
39 #include <sys/cdefs.h>
41 __RCSID("$NetBSD: conf.c,v 1.57 2006/02/01 14:20:12 christos Exp $");
44 #include <sys/types.h>
45 #include <sys/param.h>
46 #include <sys/socket.h>
58 #include <stringlist.h>
65 #include <krb5/krb5.h>
69 #include "pathnames.h"
71 static char *strend(const char *, char *);
72 static int filetypematch(char *, int);
76 #define DEFAULT_LIMIT -1 /* unlimited connections */
77 #define DEFAULT_MAXFILESIZE -1 /* unlimited file size */
78 #define DEFAULT_MAXTIMEOUT 7200 /* 2 hours */
79 #define DEFAULT_TIMEOUT 900 /* 15 minutes */
80 #define DEFAULT_UMASK 027 /* rw-r----- */
83 * Initialise curclass to an `empty' state
88 struct ftpconv *conv, *cnext;
90 for (conv = curclass.conversions; conv != NULL; conv = cnext) {
91 REASSIGN(conv->suffix, NULL);
92 REASSIGN(conv->types, NULL);
93 REASSIGN(conv->disable, NULL);
94 REASSIGN(conv->command, NULL);
99 memset((char *)&curclass.advertise, 0, sizeof(curclass.advertise));
100 curclass.advertise.su_len = 0; /* `not used' */
101 REASSIGN(curclass.chroot, NULL);
102 REASSIGN(curclass.classname, NULL);
103 curclass.conversions = NULL;
104 REASSIGN(curclass.display, NULL);
105 REASSIGN(curclass.homedir, NULL);
106 curclass.limit = DEFAULT_LIMIT;
107 REASSIGN(curclass.limitfile, NULL);
108 curclass.maxfilesize = DEFAULT_MAXFILESIZE;
109 curclass.maxrateget = 0;
110 curclass.maxrateput = 0;
111 curclass.maxtimeout = DEFAULT_MAXTIMEOUT;
112 REASSIGN(curclass.motd, ftpd_strdup(_NAME_FTPLOGINMESG));
113 REASSIGN(curclass.notify, NULL);
114 curclass.portmin = 0;
115 curclass.portmax = 0;
116 curclass.rateget = 0;
117 curclass.rateput = 0;
118 curclass.timeout = DEFAULT_TIMEOUT;
119 /* curclass.type is set elsewhere */
120 curclass.umask = DEFAULT_UMASK;
121 curclass.mmapsize = 0;
122 curclass.readsize = 0;
123 curclass.writesize = 0;
124 curclass.sendbufsize = 0;
125 curclass.sendlowat = 0;
127 CURCLASS_FLAGS_SET(checkportcmd);
128 CURCLASS_FLAGS_CLR(denyquick);
129 CURCLASS_FLAGS_CLR(hidesymlinks);
130 CURCLASS_FLAGS_SET(modify);
131 CURCLASS_FLAGS_SET(passive);
132 CURCLASS_FLAGS_CLR(private);
133 CURCLASS_FLAGS_CLR(sanenames);
134 CURCLASS_FLAGS_SET(upload);
138 * Parse the configuration file, looking for the named class, and
139 * define curclass to contain the appropriate settings.
142 parse_conf(const char *findclass)
149 char *endp, errbuf[100];
150 char *class, *word, *arg, *template;
153 struct ftpconv *conv, *cnext;
156 REASSIGN(curclass.classname, ftpd_strdup(findclass));
157 /* set more guest defaults */
158 if (strcasecmp(findclass, "guest") == 0) {
159 CURCLASS_FLAGS_CLR(modify);
160 curclass.umask = 0707;
163 infile = conffilename(_NAME_FTPDCONF);
164 if ((f = fopen(infile, "r")) == NULL)
170 (buf = fparseln(f, &len, &line, NULL, FPARSELN_UNESCCOMM |
171 FPARSELN_UNESCCONT | FPARSELN_UNESCESC)) != NULL;
177 if (p[len - 1] == '\n')
185 if (EMPTYSTR(word) || EMPTYSTR(class))
187 if (strcasecmp(class, "none") == 0)
189 if (! (strcasecmp(class, findclass) == 0 ||
190 (template != NULL && strcasecmp(class, template) == 0) ||
192 strcasecmp(class, "all") == 0) )
195 #define CONF_FLAG(Field) \
198 (!EMPTYSTR(arg) && strcasecmp(arg, "off") == 0)) \
199 CURCLASS_FLAGS_CLR(Field); \
201 CURCLASS_FLAGS_SET(Field); \
204 #define CONF_STRING(Field) \
206 if (none || EMPTYSTR(arg)) \
209 arg = ftpd_strdup(arg); \
210 REASSIGN(curclass.Field, arg); \
213 #define CONF_LL(Field,Arg,Min,Max) \
215 if (none || EMPTYSTR(Arg)) \
217 llval = strsuftollx(#Field, Arg, Min, Max, \
218 errbuf, sizeof(errbuf)); \
220 syslog(LOG_WARNING, "%s line %d: %s", \
221 infile, (int)line, errbuf); \
224 curclass.Field = llval; \
230 } else if ((strcasecmp(word, "advertise") == 0)
231 || (strcasecmp(word, "advertize") == 0)) {
232 struct addrinfo hints, *res;
235 memset((char *)&curclass.advertise, 0,
236 sizeof(curclass.advertise));
237 curclass.advertise.su_len = 0;
238 if (none || EMPTYSTR(arg))
241 memset(&hints, 0, sizeof(hints));
243 * only get addresses of the family
244 * that we're listening on
246 hints.ai_family = ctrl_addr.su_family;
247 hints.ai_socktype = SOCK_STREAM;
248 error = getaddrinfo(arg, "0", &hints, &res);
250 syslog(LOG_WARNING, "%s line %d: %s",
251 infile, (int)line, gai_strerror(error));
259 "%s line %d: multiple addresses returned for `%s'; please be more specific",
260 infile, (int)line, arg);
261 goto advertiseparsefail;
263 if (sizeof(curclass.advertise) < res->ai_addrlen || (
265 res->ai_family != AF_INET6 &&
267 res->ai_family != AF_INET)) {
269 "%s line %d: unsupported protocol %d for `%s'",
270 infile, (int)line, res->ai_family, arg);
271 goto advertiseparsefail;
273 memcpy(&curclass.advertise, res->ai_addr,
275 curclass.advertise.su_len = res->ai_addrlen;
278 } else if (strcasecmp(word, "checkportcmd") == 0) {
279 CONF_FLAG(checkportcmd);
281 } else if (strcasecmp(word, "chroot") == 0) {
284 } else if (strcasecmp(word, "classtype") == 0) {
285 if (!none && !EMPTYSTR(arg)) {
286 if (strcasecmp(arg, "GUEST") == 0)
287 curclass.type = CLASS_GUEST;
288 else if (strcasecmp(arg, "CHROOT") == 0)
289 curclass.type = CLASS_CHROOT;
290 else if (strcasecmp(arg, "REAL") == 0)
291 curclass.type = CLASS_REAL;
294 "%s line %d: unknown class type `%s'",
295 infile, (int)line, arg);
300 } else if (strcasecmp(word, "conversion") == 0) {
301 char *suffix, *types, *disable, *convcmd;
305 "%s line %d: %s requires a suffix",
306 infile, (int)line, word);
307 continue; /* need a suffix */
310 NEXTWORD(p, disable);
313 convcmd += strspn(convcmd, " \t");
314 suffix = ftpd_strdup(arg);
315 if (none || EMPTYSTR(types) ||
316 EMPTYSTR(disable) || EMPTYSTR(convcmd)) {
321 types = ftpd_strdup(types);
322 disable = ftpd_strdup(disable);
323 convcmd = ftpd_strdup(convcmd);
325 for (conv = curclass.conversions; conv != NULL;
327 if (strcmp(conv->suffix, suffix) == 0)
331 conv = (struct ftpconv *)
332 calloc(1, sizeof(struct ftpconv));
334 syslog(LOG_WARNING, "can't malloc");
338 for (cnext = curclass.conversions;
339 cnext != NULL; cnext = cnext->next)
340 if (cnext->next == NULL)
345 curclass.conversions = conv;
347 REASSIGN(conv->suffix, suffix);
348 REASSIGN(conv->types, types);
349 REASSIGN(conv->disable, disable);
350 REASSIGN(conv->command, convcmd);
352 } else if (strcasecmp(word, "denyquick") == 0) {
353 CONF_FLAG(denyquick);
355 } else if (strcasecmp(word, "display") == 0) {
356 CONF_STRING(display);
358 } else if (strcasecmp(word, "hidesymlinks") == 0) {
359 CONF_FLAG(hidesymlinks);
361 } else if (strcasecmp(word, "homedir") == 0) {
362 CONF_STRING(homedir);
364 } else if (strcasecmp(word, "limit") == 0) {
365 curclass.limit = DEFAULT_LIMIT;
366 REASSIGN(curclass.limitfile, NULL);
367 CONF_LL(limit, arg, -1, LLTMAX);
368 REASSIGN(curclass.limitfile,
369 EMPTYSTR(p) ? NULL : ftpd_strdup(p));
371 } else if (strcasecmp(word, "maxfilesize") == 0) {
372 curclass.maxfilesize = DEFAULT_MAXFILESIZE;
373 CONF_LL(maxfilesize, arg, -1, LLTMAX);
375 } else if (strcasecmp(word, "maxtimeout") == 0) {
376 curclass.maxtimeout = DEFAULT_MAXTIMEOUT;
377 CONF_LL(maxtimeout, arg,
378 MIN(30, curclass.timeout), LLTMAX);
380 } else if (strcasecmp(word, "mmapsize") == 0) {
381 curclass.mmapsize = 0;
382 CONF_LL(mmapsize, arg, 0, LLTMAX);
384 } else if (strcasecmp(word, "readsize") == 0) {
385 curclass.readsize = 0;
386 CONF_LL(readsize, arg, 0, LLTMAX);
388 } else if (strcasecmp(word, "writesize") == 0) {
389 curclass.writesize = 0;
390 CONF_LL(writesize, arg, 0, LLTMAX);
392 } else if (strcasecmp(word, "recvbufsize") == 0) {
393 curclass.recvbufsize = 0;
394 CONF_LL(recvbufsize, arg, 0, LLTMAX);
396 } else if (strcasecmp(word, "sendbufsize") == 0) {
397 curclass.sendbufsize = 0;
398 CONF_LL(sendbufsize, arg, 0, LLTMAX);
400 } else if (strcasecmp(word, "sendlowat") == 0) {
401 curclass.sendlowat = 0;
402 CONF_LL(sendlowat, arg, 0, LLTMAX);
404 } else if (strcasecmp(word, "modify") == 0) {
407 } else if (strcasecmp(word, "motd") == 0) {
410 } else if (strcasecmp(word, "notify") == 0) {
413 } else if (strcasecmp(word, "passive") == 0) {
416 } else if (strcasecmp(word, "portrange") == 0) {
417 long minport, maxport;
419 curclass.portmin = 0;
420 curclass.portmax = 0;
421 if (none || EMPTYSTR(arg))
425 "%s line %d: missing maxport argument",
429 minport = strsuftollx("minport", arg, IPPORT_RESERVED,
430 IPPORT_ANONMAX, errbuf, sizeof(errbuf));
432 syslog(LOG_WARNING, "%s line %d: %s",
433 infile, (int)line, errbuf);
436 maxport = strsuftollx("maxport", p, IPPORT_RESERVED,
437 IPPORT_ANONMAX, errbuf, sizeof(errbuf));
439 syslog(LOG_WARNING, "%s line %d: %s",
440 infile, (int)line, errbuf);
443 if (minport >= maxport) {
445 "%s line %d: minport %ld >= maxport %ld",
446 infile, (int)line, minport, maxport);
449 curclass.portmin = (int)minport;
450 curclass.portmax = (int)maxport;
452 } else if (strcasecmp(word, "private") == 0) {
455 } else if (strcasecmp(word, "rateget") == 0) {
456 curclass.maxrateget = curclass.rateget = 0;
457 CONF_LL(rateget, arg, 0, LLTMAX);
458 curclass.maxrateget = curclass.rateget;
460 } else if (strcasecmp(word, "rateput") == 0) {
461 curclass.maxrateput = curclass.rateput = 0;
462 CONF_LL(rateput, arg, 0, LLTMAX);
463 curclass.maxrateput = curclass.rateput;
465 } else if (strcasecmp(word, "sanenames") == 0) {
466 CONF_FLAG(sanenames);
468 } else if (strcasecmp(word, "timeout") == 0) {
469 curclass.timeout = DEFAULT_TIMEOUT;
470 CONF_LL(timeout, arg, 30, curclass.maxtimeout);
472 } else if (strcasecmp(word, "template") == 0) {
475 REASSIGN(template, EMPTYSTR(arg) ? NULL : ftpd_strdup(arg));
477 } else if (strcasecmp(word, "umask") == 0) {
480 curclass.umask = DEFAULT_UMASK;
481 if (none || EMPTYSTR(arg))
485 fumask = strtoul(arg, &endp, 8);
486 if (errno || *arg == '\0' || *endp != '\0' ||
489 "%s line %d: invalid umask %s",
490 infile, (int)line, arg);
493 curclass.umask = (mode_t)fumask;
495 } else if (strcasecmp(word, "upload") == 0) {
497 if (! CURCLASS_FLAGS_ISSET(upload))
498 CURCLASS_FLAGS_CLR(modify);
502 "%s line %d: unknown directive '%s'",
503 infile, (int)line, word);
509 REASSIGN(template, NULL);
514 * Show file listed in curclass.display first time in, and list all the
515 * files named in curclass.notify in the current directory.
516 * Send back responses with the prefix `code' + "-".
517 * If code == -1, flush the internal cache of directory names and return.
520 show_chdir_messages(int code)
522 static StringList *slist = NULL;
529 char curwd[MAXPATHLEN];
542 /* Setup list for directory cache */
546 syslog(LOG_WARNING, "can't allocate memory for stringlist");
550 /* Check if this directory has already been visited */
551 if (getcwd(curwd, sizeof(curwd) - 1) == NULL) {
552 syslog(LOG_WARNING, "can't getcwd: %s", strerror(errno));
555 if (sl_find(slist, curwd) != NULL)
558 cp = ftpd_strdup(curwd);
559 if (sl_add(slist, cp) == -1)
560 syslog(LOG_WARNING, "can't add `%s' to stringlist", cp);
562 /* First check for a display file */
563 (void)display_file(curclass.display, code);
565 /* Now see if there are any notify files */
566 if (EMPTYSTR(curclass.notify))
569 memset(&gl, 0, sizeof(gl));
570 if (glob(curclass.notify, GLOB_BRACE|GLOB_LIMIT, NULL, &gl) != 0
571 || gl.gl_matchc == 0) {
576 for (rlist = gl.gl_pathv; *rlist != NULL; rlist++) {
577 if (stat(*rlist, &st) != 0)
579 if (!S_ISREG(st.st_mode))
583 reply(-code, "%s", "");
586 reply(-code, "Please read the file %s", *rlist);
588 age = 365 * t->tm_year + t->tm_yday;
589 t = localtime(&then);
590 age -= 365 * t->tm_year + t->tm_yday;
591 reply(-code, " it was last modified on %.24s - %d day%s ago",
592 ctime(&then), age, PLURAL(age));
598 display_file(const char *file, int code)
602 char curwd[MAXPATHLEN];
613 if ((f = fopen(file, "r")) == NULL)
615 reply(-code, "%s", "");
618 (buf = fparseln(f, &len, NULL, "\0\0\0", 0)) != NULL; free(buf)) {
620 if (buf[len - 1] == '\n')
622 cprintf(stdout, " ");
624 for (p = buf; *p; p++) {
630 cprintf(stdout, "%s",
632 curclass.classname : "<unknown>");
636 if (getcwd(curwd, sizeof(curwd)-1)
643 cprintf(stdout, "%s", curwd);
647 if (! EMPTYSTR(emailaddr))
648 cprintf(stdout, "%s",
653 cprintf(stdout, "%s", hostname);
657 if (curclass.limit == -1) {
658 cprintf(stdout, "unlimited");
662 (LLT)curclass.limit);
663 lastnum = curclass.limit;
668 cprintf(stdout, "%d", connections);
669 lastnum = connections;
673 cprintf(stdout, "%s", remotehost);
678 cprintf(stdout, "s");
683 cprintf(stdout, "S");
688 cprintf(stdout, "%.24s", ctime(&now));
692 cprintf(stdout, "%s",
693 pw ? pw->pw_name : "<unknown>");
704 cprintf(stdout, "\r\n");
707 (void)fflush(stdout);
713 * Parse src, expanding '%' escapes, into dst (which must be at least
717 format_path(char *dst, const char *src)
726 for (p = src; *p && len < MAXPATHLEN; p++) {
732 len += strlcpy(dst + len, curclass.classname,
737 len += strlcpy(dst + len, pw->pw_dir,
742 len += strlcpy(dst + len, pw->pw_name,
754 if (len < MAXPATHLEN)
756 dst[MAXPATHLEN - 1] = '\0';
760 * Find s2 at the end of s1. If found, return a string up to (but
761 * not including) s2, otherwise returns NULL.
764 strend(const char *s1, char *s2)
766 static char buf[MAXPATHLEN];
774 if (l2 >= l1 || l1 >= sizeof(buf))
777 strlcpy(buf, s1, sizeof(buf));
778 start = buf + (l1 - l2);
780 if (strcmp(start, s2) == 0) {
788 filetypematch(char *types, int mode)
790 for ( ; types[0] != '\0'; types++)
805 * Look for a conversion. If we succeed, return a pointer to the
806 * command to execute for the conversion.
808 * The command is stored in a static array so there's no memory
809 * leak problems, and not too much to change in ftpd.c. This
810 * routine doesn't need to be re-entrant unless we start using a
811 * multi-threaded ftpd, and that's not likely for a while...
814 do_conversion(const char *fname)
820 char *cmd, *p, *lp, **argv;
826 for (cp = curclass.conversions; cp != NULL; cp = cp->next) {
827 if (cp->suffix == NULL) {
829 "cp->suffix==NULL in conv list; SHOULDN'T HAPPEN!");
832 if ((base = strend(fname, cp->suffix)) == NULL)
834 if (cp->types == NULL || cp->disable == NULL ||
838 if (strcmp(cp->disable, ".") != 0 &&
839 stat(cp->disable, &st) == 0)
841 /* Does the base exist? */
842 if (stat(base, &st) < 0)
844 /* Is the file type ok */
845 if (!filetypematch(cp->types, st.st_mode))
847 break; /* "We have a winner!" */
850 /* If we got through the list, no conversion */
852 goto cleanup_do_conv;
854 /* Split up command into an argv */
855 if ((sl = sl_init()) == NULL)
856 goto cleanup_do_conv;
857 cmd = ftpd_strdup(cp->command);
861 if (strcmp(lp, "%s") == 0)
863 if (sl_add(sl, ftpd_strdup(lp)) == -1)
864 goto cleanup_do_conv;
867 if (sl_add(sl, NULL) == -1)
868 goto cleanup_do_conv;
883 * Count the number of current connections, reading from
884 * /var/run/ftpd.pids-<class>
885 * Does a kill -0 on each pid in that file, and only counts
886 * processes that exist (or frees the slot if it doesn't).
887 * Adds getpid() to the first free slot. Truncates the file
899 (void)strlcpy(fn, _PATH_CLASSPIDS, sizeof(fn));
900 (void)strlcat(fn, curclass.classname, sizeof(fn));
904 if ((fd = open(fn, O_RDWR | O_CREAT, 0600)) == -1)
906 if (lockf(fd, F_TLOCK, 0) == -1)
908 if (fstat(fd, &sb) == -1)
910 if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL)
912 count = read(fd, pids, sb.st_size);
913 if (count < 0 || count != sb.st_size)
915 count /= sizeof(pid_t);
918 for (i = 0; i < count; i++) {
921 if (kill(pids[i], 0) == -1 && errno != EPERM) {
937 count = (last + 1) * sizeof(pid_t);
938 if (lseek(fd, 0, SEEK_SET) == -1)
940 if (write(fd, pids, count) == -1)
942 (void)ftruncate(fd, count);
945 if (lseek(fd, 0, SEEK_SET) != -1)
946 (void)lockf(fd, F_ULOCK, 0);
948 REASSIGN(pids, NULL);