2 * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include "ftpd_locl.h"
41 RCSID("$Id: ftpd.c 21222 2007-06-20 10:11:14Z lha $");
43 static char version[] = "Version 6.00";
45 extern off_t restart_point;
48 struct sockaddr_storage ctrl_addr_ss;
49 struct sockaddr *ctrl_addr = (struct sockaddr *)&ctrl_addr_ss;
51 struct sockaddr_storage data_source_ss;
52 struct sockaddr *data_source = (struct sockaddr *)&data_source_ss;
54 struct sockaddr_storage data_dest_ss;
55 struct sockaddr *data_dest = (struct sockaddr *)&data_dest_ss;
57 struct sockaddr_storage his_addr_ss;
58 struct sockaddr *his_addr = (struct sockaddr *)&his_addr_ss;
60 struct sockaddr_storage pasv_addr_ss;
61 struct sockaddr *pasv_addr = (struct sockaddr *)&pasv_addr_ss;
67 int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */
68 int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */
69 int restricted_data_ports = 1;
75 int stru; /* avoid C keyword */
77 int usedefault = 1; /* for data transfers */
78 int pdata = -1; /* for passive mode */
79 int allow_insecure_oob = 1;
84 #if !defined(CMASK) || CMASK == 0
88 int defumask = CMASK; /* default umask value */
89 int guest_umask = 0777; /* Paranoia for anonymous users */
91 char hostname[MaxHostNameLen];
92 char remotehost[MaxHostNameLen];
93 static char ttyline[20];
95 #define AUTH_PLAIN (1 << 0) /* allow sending passwords */
96 #define AUTH_OTP (1 << 1) /* passwords are one-time */
97 #define AUTH_FTP (1 << 2) /* allow anonymous login */
99 static int auth_level = 0; /* Only allow kerberos login by default */
102 * Timeout intervals for retrying connections
103 * to hosts that don't accept PORT cmds. This
104 * is a kludge, but given the problems with TCP...
106 #define SWAITMAX 90 /* wait at most 90 seconds */
107 #define SWAITINT 5 /* interval between retries */
109 int swaitmax = SWAITMAX;
110 int swaitint = SWAITINT;
112 #ifdef HAVE_SETPROCTITLE
113 char proctitle[BUFSIZ]; /* initial part of title */
114 #endif /* HAVE_SETPROCTITLE */
116 #define LOGCMD(cmd, file) \
118 syslog(LOG_INFO,"%s %s%s", cmd, \
119 *(file) == '/' ? "" : curdir(), file);
120 #define LOGCMD2(cmd, file1, file2) \
122 syslog(LOG_INFO,"%s %s%s %s%s", cmd, \
123 *(file1) == '/' ? "" : curdir(), file1, \
124 *(file2) == '/' ? "" : curdir(), file2);
125 #define LOGBYTES(cmd, file, cnt) \
127 if (cnt == (off_t)-1) \
128 syslog(LOG_INFO,"%s %s%s", cmd, \
129 *(file) == '/' ? "" : curdir(), file); \
131 syslog(LOG_INFO, "%s %s%s = %ld bytes", \
132 cmd, (*(file) == '/') ? "" : curdir(), file, (long)cnt); \
135 static void ack (char *);
136 static void myoob (int);
137 static int handleoobcmd(void);
138 static int checkuser (char *, char *);
139 static int checkaccess (char *);
140 static FILE *dataconn (const char *, off_t, const char *);
141 static void dolog (struct sockaddr *, int);
142 static void end_login (void);
143 static FILE *getdatasock (const char *, int);
144 static char *gunique (char *);
145 static RETSIGTYPE lostconn (int);
146 static int receive_data (FILE *, FILE *);
147 static void send_data (FILE *, FILE *);
148 static struct passwd * sgetpwnam (char *);
153 static char path[MaxPathLen+1]; /* path + '/' + '\0' */
155 if (getcwd(path, sizeof(path)-1) == NULL)
157 if (path[1] != '\0') /* special case for root dir. */
158 strlcat(path, "/", sizeof(path));
159 /* For guest account, skip / since it's chrooted */
160 return (guest ? path+1 : path);
164 #define LINE_MAX 1024
168 parse_auth_level(char *str)
174 for(p = strtok_r(str, ",", &foo);
176 p = strtok_r(NULL, ",", &foo)) {
177 if(strcmp(p, "user") == 0)
180 else if(strcmp(p, "otp") == 0)
181 ret |= AUTH_PLAIN|AUTH_OTP;
183 else if(strcmp(p, "ftp") == 0 ||
184 strcmp(p, "safe") == 0)
186 else if(strcmp(p, "plain") == 0)
188 else if(strcmp(p, "none") == 0)
189 ret |= AUTH_PLAIN|AUTH_FTP;
191 warnx("bad value for -a: `%s'", p);
197 * Print usage and die.
200 static int interactive_flag;
201 static char *guest_umask_string;
202 static char *port_string;
203 static char *umask_string;
204 static char *auth_string;
206 int use_builtin_ls = -1;
208 static int help_flag;
209 static int version_flag;
211 static const char *good_chars = "+-=_,.";
213 struct getargs args[] = {
214 { NULL, 'a', arg_string, &auth_string, "required authentication" },
215 { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket" },
216 { NULL, 'p', arg_string, &port_string, "what port to listen to" },
217 { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins" },
218 { NULL, 'l', arg_counter, &logging, "log more stuff", "" },
219 { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" },
220 { NULL, 'T', arg_integer, &maxtimeout, "max timeout" },
221 { NULL, 'u', arg_string, &umask_string, "umask for user logins" },
222 { NULL, 'U', arg_negative_flag, &restricted_data_ports, "don't use high data ports" },
223 { NULL, 'd', arg_flag, &debug, "enable debugging" },
224 { NULL, 'v', arg_flag, &debug, "enable debugging" },
225 { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" },
226 { "good-chars", 0, arg_string, &good_chars, "allowed anonymous upload filename chars" },
227 { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, "don't allow insecure OOB ABOR/STAT" },
229 { "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, "Require GSS-API bindings", NULL},
231 { "version", 0, arg_flag, &version_flag },
232 { "help", 'h', arg_flag, &help_flag }
235 static int num_args = sizeof(args) / sizeof(args[0]);
240 arg_printusage(args, num_args, NULL, "");
244 /* output contents of a file */
246 show_file(const char *file, int code)
251 f = fopen(file, "r");
254 while(fgets(buf, sizeof(buf), f)){
255 buf[strcspn(buf, "\r\n")] = '\0';
256 lreply(code, "%s", buf);
263 main(int argc, char **argv)
265 socklen_t his_addr_len, ctrl_addr_len;
272 setprogname (argv[0]);
274 /* detach from any tickets and tokens */
278 snprintf(tkfile, sizeof(tkfile),
279 "/tmp/ftp_%u", (unsigned)getpid());
280 krb_set_tkt_string(tkfile);
284 if(getarg(args, num_args, argc, argv, &optind))
296 auth_level = parse_auth_level(auth_string);
301 if(guest_umask_string) {
302 val = strtol(guest_umask_string, &p, 8);
303 if (*p != '\0' || val < 0)
304 warnx("bad value for -g");
309 val = strtol(umask_string, &p, 8);
310 if (*p != '\0' || val < 0)
311 warnx("bad value for -u");
316 sp = getservbyname("ftp", "tcp");
322 sp = getservbyname(port_string, "tcp");
326 if(isdigit((unsigned char)port_string[0]))
327 port = htons(atoi(port_string));
329 warnx("bad value for -p");
332 if (maxtimeout < ftpd_timeout)
333 maxtimeout = ftpd_timeout;
336 if (ftpd_timeout > maxtimeout)
337 ftpd_timeout = maxtimeout;
344 * LOG_NDELAY sets up the logging connection immediately,
345 * necessary for anonymous ftp's that chroot and can't do it later.
347 openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
348 his_addr_len = sizeof(his_addr_ss);
349 if (getpeername(STDIN_FILENO, his_addr, &his_addr_len) < 0) {
350 syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
353 ctrl_addr_len = sizeof(ctrl_addr_ss);
354 if (getsockname(STDIN_FILENO, ctrl_addr, &ctrl_addr_len) < 0) {
355 syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
358 #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
360 int tos = IPTOS_LOWDELAY;
362 if (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS,
363 (void *)&tos, sizeof(int)) < 0)
364 syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
367 data_source->sa_family = ctrl_addr->sa_family;
368 socket_set_port (data_source,
369 htons(ntohs(socket_get_port(ctrl_addr)) - 1));
371 /* set this here so it can be put in wtmp */
372 snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
375 /* freopen(_PATH_DEVNULL, "w", stderr); */
376 signal(SIGPIPE, lostconn);
377 signal(SIGCHLD, SIG_IGN);
379 if (signal(SIGURG, myoob) == SIG_ERR)
380 syslog(LOG_ERR, "signal: %m");
383 /* Try to handle urgent data inline */
384 #if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
385 if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
387 syslog(LOG_ERR, "setsockopt: %m");
391 if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
392 syslog(LOG_ERR, "fcntl F_SETOWN: %m");
394 dolog(his_addr, his_addr_len);
396 * Set up default state
405 /* If logins are disabled, print out the message. */
406 if(show_file(_PATH_NOLOGIN, 530) == 0) {
407 reply(530, "System not available.");
410 show_file(_PATH_FTPWELCOME, 220);
411 /* reply(220,) must follow */
412 gethostname(hostname, sizeof(hostname));
414 reply(220, "%s FTP server (%s"
421 ") ready.", hostname, version
440 syslog(LOG_DEBUG, "lost connection");
445 * Helper function for sgetpwnam().
450 char *new = strdup(s);
453 perror_reply(421, "Local resource failure: malloc");
461 * Save the result of a getpwnam. Used for USER command, since
462 * the data returned must not be clobbered by any other command
465 static struct passwd *
466 sgetpwnam(char *name)
468 static struct passwd save;
471 if ((p = k_getpwnam(name)) == NULL)
475 free(save.pw_passwd);
481 save.pw_name = sgetsave(p->pw_name);
482 save.pw_passwd = sgetsave(p->pw_passwd);
483 save.pw_gecos = sgetsave(p->pw_gecos);
484 save.pw_dir = sgetsave(p->pw_dir);
485 save.pw_shell = sgetsave(p->pw_shell);
489 static int login_attempts; /* number of failed login attempts */
490 static int askpasswd; /* had user command, ask for passwd */
491 static char curname[10]; /* current USER name */
498 * Sets global passwd pointer pw if named account exists and is acceptable;
499 * sets askpasswd if a PASS command is expected. If logged in previously,
500 * need to reset state. If name is "ftp" or "anonymous", the name is not in
501 * _PATH_FTPUSERS, and ftp account exists, set guest and pw, then just return.
502 * If account doesn't exist, ask for passwd anyway. Otherwise, check user
503 * requesting login privileges. Disallow anyone who does not have a standard
504 * shell as returned by getusershell(). Disallow anyone mentioned in the file
505 * _PATH_FTPUSERS to allow people such as root and uucp to be avoided.
512 if(auth_level == 0 && !sec_complete){
513 reply(530, "No login allowed without authorization.");
519 reply(530, "Can't change user from guest login.");
521 } else if (dochroot) {
522 reply(530, "Can't change user from chroot user.");
529 if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) {
530 if ((auth_level & AUTH_FTP) == 0 ||
531 checkaccess("ftp") ||
532 checkaccess("anonymous"))
533 reply(530, "User %s access denied.", name);
534 else if ((pw = sgetpwnam("ftp")) != NULL) {
536 defumask = guest_umask; /* paranoia for incoming */
538 reply(331, "Guest login ok, type your name as password.");
540 reply(530, "User %s unknown.", name);
541 if (!askpasswd && logging) {
544 if (inet_ntop (his_addr->sa_family,
545 socket_get_address(his_addr),
546 data_addr, sizeof(data_addr)) == NULL)
547 strlcpy (data_addr, "unknown address",
551 "ANONYMOUS FTP LOGIN REFUSED FROM %s(%s)",
552 remotehost, data_addr);
556 if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){
557 reply(530, "Only authorized and anonymous login allowed.");
560 if ((pw = sgetpwnam(name))) {
561 if ((shell = pw->pw_shell) == NULL || *shell == 0)
562 shell = _PATH_BSHELL;
563 while ((cp = getusershell()) != NULL)
564 if (strcmp(cp, shell) == 0)
568 if (cp == NULL || checkaccess(name)) {
569 reply(530, "User %s access denied.", name);
573 if (inet_ntop (his_addr->sa_family,
574 socket_get_address(his_addr),
576 sizeof(data_addr)) == NULL)
582 "FTP LOGIN REFUSED FROM %s(%s), %s",
587 pw = (struct passwd *) NULL;
592 strlcpy(curname, name, sizeof(curname));
594 if(sec_userok(name) == 0) {
598 reply(530, "User %s access denied.", name);
603 if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) {
604 reply(331, "Password %s for %s required.",
609 if ((auth_level & AUTH_OTP) == 0) {
610 reply(331, "Password required for %s.", name);
616 if ((s = otp_error (&otp_ctx)) != NULL)
617 lreply(530, "OTP: %s", s);
620 "Only authorized, anonymous"
629 * Delay before reading passwd after first failed
630 * attempt to slow down passwd-guessing programs.
633 sleep(login_attempts);
637 * Check if a user is in the file "fname"
640 checkuser(char *fname, char *name)
644 char *p, line[BUFSIZ];
646 if ((fd = fopen(fname, "r")) != NULL) {
647 while (fgets(line, sizeof(line), fd) != NULL)
648 if ((p = strchr(line, '\n')) != NULL) {
652 if (strcmp(line, name) == 0) {
664 * Determine whether a user has access, based on information in
665 * _PATH_FTPUSERS. The users are listed one per line, with `allow'
666 * or `deny' after the username. If anything other than `allow', or
667 * just nothing, is given after the username, `deny' is assumed.
669 * If the user is not found in the file, but the pseudo-user `*' is,
670 * the permission is taken from that line.
672 * This preserves the old semantics where if a user was listed in the
673 * file he was denied, otherwise he was allowed.
675 * Return 1 if the user is denied, or 0 if he is allowed. */
678 match(const char *pattern, const char *string)
680 return fnmatch(pattern, string, FNM_NOESCAPE);
684 checkaccess(char *name)
687 #define NOT_ALLOWED 1
689 int allowed = ALLOWED;
690 char *user, *perm, line[BUFSIZ];
693 fd = fopen(_PATH_FTPUSERS, "r");
698 while (fgets(line, sizeof(line), fd) != NULL) {
700 user = strtok_r(line, " \t\n", &foo);
701 if (user == NULL || user[0] == '#')
703 perm = strtok_r(NULL, " \t\n", &foo);
704 if (match(user, name) == 0){
705 if(perm && strcmp(perm, "allow") == 0)
708 allowed = NOT_ALLOWED;
719 int do_login(int code, char *passwd)
721 login_attempts = 0; /* this time successful */
722 if (setegid((gid_t)pw->pw_gid) < 0) {
723 reply(550, "Can't set gid.");
726 initgroups(pw->pw_name, pw->pw_gid);
727 #if defined(KRB4) || defined(KRB5)
732 /* open wtmp before chroot */
733 ftpd_logwtmp(ttyline, pw->pw_name, remotehost);
736 dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
739 * We MUST do a chdir() after the chroot. Otherwise
740 * the old current directory will be accessible as "."
741 * outside the new root!
743 if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
744 reply(550, "Can't set guest privileges.");
747 } else if (dochroot) {
748 if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
749 reply(550, "Can't change root.");
752 } else if (chdir(pw->pw_dir) < 0) {
753 if (chdir("/") < 0) {
754 reply(530, "User %s: can't change directory to %s.",
755 pw->pw_name, pw->pw_dir);
758 lreply(code, "No directory! Logging in with home=/");
760 if (seteuid((uid_t)pw->pw_uid) < 0) {
761 reply(550, "Can't set uid.");
765 if(use_builtin_ls == -1) {
767 /* if /bin/ls exist and is a regular file, use it, otherwise
769 if(stat("/bin/ls", &st) == 0 &&
777 * Display a login message, if it exists.
778 * N.B. reply(code,) must follow the message.
780 show_file(_PATH_FTPLOGINMESG, code);
781 if(show_file(_PATH_ISSUE_NET, code) != 0)
782 show_file(_PATH_ISSUE, code);
784 reply(code, "Guest login ok, access restrictions apply.");
785 #ifdef HAVE_SETPROCTITLE
786 snprintf (proctitle, sizeof(proctitle),
790 setproctitle("%s", proctitle);
791 #endif /* HAVE_SETPROCTITLE */
795 if (inet_ntop (his_addr->sa_family,
796 socket_get_address(his_addr),
797 data_addr, sizeof(data_addr)) == NULL)
798 strlcpy (data_addr, "unknown address",
801 syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s",
807 reply(code, "User %s logged in.", pw->pw_name);
808 #ifdef HAVE_SETPROCTITLE
809 snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
810 setproctitle("%s", proctitle);
811 #endif /* HAVE_SETPROCTITLE */
815 if (inet_ntop (his_addr->sa_family,
816 socket_get_address(his_addr),
817 data_addr, sizeof(data_addr)) == NULL)
818 strlcpy (data_addr, "unknown address",
821 syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s",
832 * Terminate login as previous user, if any, resetting state;
833 * used when USER command is given or login fails.
839 if (seteuid((uid_t)0) < 0)
840 fatal("Failed to seteuid");
842 ftpd_logwtmp(ttyline, "", "");
851 krb5_verify(struct passwd *pwd, char *passwd)
853 krb5_context context;
855 krb5_principal princ;
858 ret = krb5_init_context(&context);
862 ret = krb5_parse_name(context, pwd->pw_name, &princ);
864 krb5_free_context(context);
867 ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id);
869 krb5_free_principal(context, princ);
870 krb5_free_context(context);
873 ret = krb5_verify_user(context,
879 krb5_free_principal(context, princ);
881 krb5_afslog_uid_home(context, id,NULL, NULL,pwd->pw_uid, pwd->pw_dir);
883 krb5_cc_destroy(context, id);
884 krb5_free_context (context);
896 /* some clients insists on sending a password */
897 if (logged_in && askpasswd == 0){
898 reply(230, "Password not necessary");
902 if (logged_in || askpasswd == 0) {
903 reply(503, "Login with USER first.");
908 if (!guest) { /* "ftp" is only account allowed no password */
910 rval = 1; /* failure below */
912 else if (otp_verify_user (&otp_ctx, passwd) == 0) {
916 else if((auth_level & AUTH_OTP) == 0) {
918 rval = krb5_verify(pw, passwd);
922 char realm[REALM_SZ];
923 if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS)
924 rval = krb_verify_user(pw->pw_name,
927 KRB_VERIFY_SECURE, NULL);
928 if (rval == KSUCCESS ) {
929 chown (tkt_string(), pw->pw_uid, pw->pw_gid);
936 rval = unix_verify_user(pw->pw_name, passwd);
940 if ((s = otp_error(&otp_ctx)) != NULL)
941 lreply(530, "OTP: %s", s);
944 memset (passwd, 0, strlen(passwd));
947 * If rval == 1, the user failed the authentication
948 * check above. If rval == 0, either Kerberos or
949 * local authentication succeeded.
954 if (inet_ntop (his_addr->sa_family,
955 socket_get_address(his_addr),
956 data_addr, sizeof(data_addr)) == NULL)
957 strlcpy (data_addr, "unknown address",
960 reply(530, "Login incorrect.");
963 "FTP LOGIN FAILED FROM %s(%s), %s",
968 if (login_attempts++ >= 5) {
970 "repeated login failures from %s(%s)",
978 if(!do_login(230, passwd))
981 /* Forget all about it... */
986 retrieve(const char *cmd, char *name)
988 FILE *fin = NULL, *dout;
990 int (*closefunc) (FILE *);
995 fin = fopen(name, "r");
999 int save_errno = errno;
1003 const char *rev_cmd;
1005 {".tar", "/bin/gtar cPf - %s", NULL},
1006 {".tar.gz", "/bin/gtar zcPf - %s", NULL},
1007 {".tar.Z", "/bin/gtar ZcPf - %s", NULL},
1008 {".gz", "/bin/gzip -c -- %s", "/bin/gzip -c -d -- %s"},
1009 {".Z", "/bin/compress -c -- %s", "/bin/uncompress -c -- %s"},
1013 for(p = cmds; p->ext; p++){
1014 char *tail = name + strlen(name) - strlen(p->ext);
1017 if(strcmp(tail, p->ext) == 0 &&
1019 access(name, R_OK) == 0){
1020 snprintf (line, sizeof(line), p->cmd, name);
1025 if (p->rev_cmd != NULL) {
1029 ret = asprintf(&ext, "%s%s", name, p->ext);
1031 if (access(ext, R_OK) == 0) {
1032 snprintf (line, sizeof(line),
1043 fin = ftpd_popen(line, "r", 0, 0);
1044 closefunc = ftpd_pclose;
1051 snprintf(line, sizeof(line), cmd, name);
1053 fin = ftpd_popen(line, "r", 1, 0);
1054 closefunc = ftpd_pclose;
1059 perror_reply(550, name);
1061 LOGCMD("get", name);
1068 if(fstat(fileno(fin), &st) < 0 || !S_ISREG(st.st_mode)) {
1069 reply(550, "%s: not a plain file.", name);
1073 if (restart_point) {
1074 if (type == TYPE_A) {
1081 if ((c=getc(fin)) == EOF) {
1082 perror_reply(550, name);
1088 } else if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) {
1089 perror_reply(550, name);
1093 dout = dataconn(name, st.st_size, "w");
1096 set_buffer_size(fileno(dout), 0);
1097 send_data(fin, dout);
1103 LOGBYTES("get", name, byte_count);
1107 /* filename sanity check */
1110 filename_check(char *filename)
1114 p = strrchr(filename, '/');
1120 if(isalnum((unsigned char)*p)){
1122 while(*p && (isalnum((unsigned char)*p) || strchr(good_chars, (unsigned char)*p)))
1127 lreply(553, "\"%s\" is not an acceptable filename.", filename);
1128 lreply(553, "The filename must start with an alphanumeric "
1129 "character and must only");
1130 reply(553, "consist of alphanumeric characters or any of the following: %s",
1136 do_store(char *name, char *mode, int unique)
1140 int (*closefunc) (FILE *);
1142 if(guest && filename_check(name))
1144 if (unique && stat(name, &st) == 0 &&
1145 (name = gunique(name)) == NULL) {
1146 LOGCMD(*mode == 'w' ? "put" : "append", name);
1152 fout = fopen(name, mode);
1155 perror_reply(553, name);
1156 LOGCMD(*mode == 'w' ? "put" : "append", name);
1160 if (restart_point) {
1161 if (type == TYPE_A) {
1168 if ((c=getc(fout)) == EOF) {
1169 perror_reply(550, name);
1176 * We must do this seek to "current" position
1177 * because we are changing from reading to
1180 if (fseek(fout, 0L, SEEK_CUR) < 0) {
1181 perror_reply(550, name);
1184 } else if (lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
1185 perror_reply(550, name);
1189 din = dataconn(name, (off_t)-1, "r");
1192 set_buffer_size(fileno(din), 1);
1193 if (receive_data(din, fout) == 0) {
1194 if((*closefunc)(fout) < 0)
1195 perror_reply(552, name);
1198 reply(226, "Transfer complete (unique file name:%s).",
1201 reply(226, "Transfer complete.");
1209 LOGBYTES(*mode == 'w' ? "put" : "append", name, byte_count);
1213 getdatasock(const char *mode, int domain)
1218 return (fdopen(data, mode));
1220 fatal("Failed to seteuid");
1221 s = socket(domain, SOCK_STREAM, 0);
1224 socket_set_reuseaddr (s, 1);
1225 /* anchor socket to avoid multi-homing problems */
1226 socket_set_address_and_port (data_source,
1227 socket_get_address (ctrl_addr),
1228 socket_get_port (data_source));
1230 for (tries = 1; ; tries++) {
1231 if (bind(s, data_source,
1232 socket_sockaddr_size (data_source)) >= 0)
1234 if (errno != EADDRINUSE || tries > 10)
1238 if (seteuid(pw->pw_uid) < 0)
1239 fatal("Failed to seteuid");
1240 #ifdef IPTOS_THROUGHPUT
1241 socket_set_tos (s, IPTOS_THROUGHPUT);
1243 return (fdopen(s, mode));
1245 /* Return the real value of errno (close may change it) */
1247 if (seteuid((uid_t)pw->pw_uid) < 0)
1248 fatal("Failed to seteuid");
1255 accept_with_timeout(int socket,
1256 struct sockaddr *address,
1257 socklen_t *address_len,
1258 struct timeval *timeout)
1263 FD_SET(socket, &rfd);
1264 ret = select(socket + 1, &rfd, NULL, NULL, timeout);
1271 return accept(socket, address, address_len);
1275 dataconn(const char *name, off_t size, const char *mode)
1279 int domain, retry = 0;
1284 snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size);
1288 struct sockaddr_storage from_ss;
1289 struct sockaddr *from = (struct sockaddr *)&from_ss;
1290 struct timeval timeout;
1292 socklen_t fromlen = sizeof(from_ss);
1294 timeout.tv_sec = 15;
1295 timeout.tv_usec = 0;
1296 s = accept_with_timeout(pdata, from, &fromlen, &timeout);
1298 reply(425, "Can't open data connection.");
1305 #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
1307 int tos = IPTOS_THROUGHPUT;
1309 setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
1313 reply(150, "Opening %s mode data connection for '%s'%s.",
1314 type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
1315 return (fdopen(pdata, mode));
1318 reply(125, "Using existing data connection for '%s'%s.",
1321 return (fdopen(data, mode));
1324 data_dest = his_addr;
1327 * Default to using the same socket type as the ctrl address,
1328 * unless we know the type of the data address.
1330 domain = data_dest->sa_family;
1331 if (domain == PF_UNSPEC)
1332 domain = ctrl_addr->sa_family;
1334 file = getdatasock(mode, domain);
1336 char data_addr[256];
1338 if (inet_ntop (data_source->sa_family,
1339 socket_get_address(data_source),
1340 data_addr, sizeof(data_addr)) == NULL)
1341 strlcpy (data_addr, "unknown address",
1344 reply(425, "Can't create data socket (%s,%d): %s.",
1346 socket_get_port (data_source),
1350 data = fileno(file);
1351 while (connect(data, data_dest,
1352 socket_sockaddr_size(data_dest)) < 0) {
1353 if (errno == EADDRINUSE && retry < swaitmax) {
1358 perror_reply(425, "Can't build data connection");
1363 reply(150, "Opening %s mode data connection for '%s'%s.",
1364 type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
1369 * Tranfer the contents of "instr" to "outstr" peer using the appropriate
1370 * encapsulation of the data subject * to Mode, Structure, and Type.
1372 * NB: Form isn't handled.
1375 send_data(FILE *instr, FILE *outstr)
1377 int c, cnt, filefd, netfd;
1379 static size_t bufsize;
1385 while ((c = getc(instr)) != EOF) {
1386 if (urgflag && handleoobcmd())
1390 sec_putc('\r', outstr);
1391 sec_putc(c, outstr);
1400 reply(226, "Transfer complete.");
1405 #if 0 /* XXX handle urg flag */
1406 #if defined(HAVE_MMAP) && !defined(NO_MMAP)
1408 #define MAP_FAILED (-1)
1413 int in = fileno(instr);
1414 if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)
1415 && st.st_size > 0) {
1417 * mmap zero bytes has potential of loosing, don't do it.
1419 chunk = mmap(0, st.st_size, PROT_READ,
1421 if((void *)chunk != (void *)MAP_FAILED) {
1422 cnt = st.st_size - restart_point;
1423 sec_write(fileno(outstr), chunk + restart_point, cnt);
1424 if (munmap(chunk, st.st_size) < 0)
1438 netfd = fileno(outstr);
1439 filefd = fileno(instr);
1440 buf = alloc_buffer (buf, &bufsize,
1441 fstat(filefd, &st) >= 0 ? &st : NULL);
1445 perror_reply(451, "Local resource failure: malloc");
1448 while ((cnt = read(filefd, buf, bufsize)) > 0 &&
1449 sec_write(netfd, buf, cnt) == cnt) {
1451 if (urgflag && handleoobcmd())
1454 sec_fflush(outstr); /* to end an encrypted stream */
1463 reply(226, "Transfer complete.");
1468 reply(550, "Unimplemented TYPE %d in send_data", type);
1475 perror_reply(426, "Data connection");
1481 perror_reply(551, "Error on input file");
1485 * Transfer data from peer to "outstr" using the appropriate encapulation of
1486 * the data subject to Mode, Structure, and Type.
1488 * N.B.: Form isn't handled.
1491 receive_data(FILE *instr, FILE *outstr)
1493 int cnt, bare_lfs = 0;
1495 static size_t bufsize;
1500 buf = alloc_buffer (buf, &bufsize,
1501 fstat(fileno(outstr), &st) >= 0 ? &st : NULL);
1505 perror_reply(451, "Local resource failure: malloc");
1513 while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) {
1514 if (write(fileno(outstr), buf, cnt) != cnt)
1517 if (urgflag && handleoobcmd())
1527 reply(553, "TYPE E not implemented.");
1536 while ((cnt = sec_read(fileno(instr),
1538 bufsize - cr_flag)) > 0){
1539 if (urgflag && handleoobcmd())
1544 for(p = buf, q = buf; p < buf + cnt;) {
1548 if(p == buf + cnt - 1){
1552 }else if(p[1] == '\n'){
1560 fwrite(buf, q - buf, 1, outstr);
1574 lreply(226, "WARNING! %d bare linefeeds received in ASCII mode\r\n"
1575 " File may not have transferred correctly.\r\n",
1581 reply(550, "Unimplemented TYPE %d in receive_data", type);
1590 perror_reply(426, "Data Connection");
1596 perror_reply(452, "Error writing file");
1601 statfilecmd(char *filename)
1605 char line[LINE_MAX];
1607 snprintf(line, sizeof(line), "/bin/ls -la -- %s", filename);
1608 fin = ftpd_popen(line, "r", 1, 0);
1609 lreply(211, "status of %s:", filename);
1610 while ((c = getc(fin)) != EOF) {
1612 if (ferror(stdout)){
1613 perror_reply(421, "control connection");
1619 perror_reply(551, filename);
1628 reply(211, "End of Status");
1635 struct sockaddr_in *sin;
1638 lreply(211, "%s FTP server (%s) status:", hostname, version);
1639 printf(" %s\r\n", version);
1640 printf(" Connected to %s", remotehost);
1641 if (!isdigit((unsigned char)remotehost[0]))
1642 printf(" (%s)", inet_ntoa(his_addr.sin_addr));
1646 printf(" Logged in anonymously\r\n");
1648 printf(" Logged in as %s\r\n", pw->pw_name);
1649 } else if (askpasswd)
1650 printf(" Waiting for password\r\n");
1652 printf(" Waiting for user name\r\n");
1653 printf(" TYPE: %s", typenames[type]);
1654 if (type == TYPE_A || type == TYPE_E)
1655 printf(", FORM: %s", formnames[form]);
1658 printf(" %d", NBBY);
1660 printf(" %d", bytesize); /* need definition! */
1662 printf("; STRUcture: %s; transfer MODE: %s\r\n",
1663 strunames[stru], modenames[mode]);
1665 printf(" Data connection open\r\n");
1666 else if (pdata != -1) {
1667 printf(" in Passive mode");
1670 } else if (usedefault == 0) {
1674 a = (u_char *) &sin->sin_addr;
1675 p = (u_char *) &sin->sin_port;
1676 #define UC(b) (((int) b) & 0xff)
1677 printf(" (%d,%d,%d,%d,%d,%d)\r\n", UC(a[0]),
1678 UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1]));
1681 printf(" No data connection\r\n");
1683 reply(211, "End of status");
1690 reply(451, "Error in server: %s\n", s);
1691 reply(221, "Closing connection due to server error.");
1697 int_reply(int, char *, const char *, va_list)
1699 __attribute__ ((format (printf, 3, 0)))
1704 int_reply(int n, char *c, const char *fmt, va_list ap)
1710 snprintf(p, sizeof(buf), "%d%s", n, c);
1713 vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
1715 snprintf(p, sizeof(buf) - strlen(p), "\r\n");
1717 sec_fprintf(stdout, "%s", buf);
1720 syslog(LOG_DEBUG, "<--- %s- ", buf);
1724 reply(int n, const char *fmt, ...)
1728 int_reply(n, " ", fmt, ap);
1729 delete_ftp_command();
1734 lreply(int n, const char *fmt, ...)
1738 int_reply(n, "-", fmt, ap);
1743 nreply(const char *fmt, ...)
1747 int_reply(0, NULL, fmt, ap);
1755 reply(250, "%s command successful.", s);
1762 reply(502, "%s command not implemented.", s);
1766 do_delete(char *name)
1770 LOGCMD("delete", name);
1771 if (stat(name, &st) < 0) {
1772 perror_reply(550, name);
1775 if ((st.st_mode&S_IFMT) == S_IFDIR) {
1776 if (rmdir(name) < 0) {
1777 perror_reply(550, name);
1782 if (unlink(name) < 0) {
1783 perror_reply(550, name);
1794 if (chdir(path) < 0)
1795 perror_reply(550, path);
1804 LOGCMD("mkdir", name);
1805 if(guest && filename_check(name))
1807 if (mkdir(name, 0777) < 0)
1808 perror_reply(550, name);
1811 chmod(name, 0700); /* guest has umask 777 */
1812 reply(257, "MKD command successful.");
1817 removedir(char *name)
1820 LOGCMD("rmdir", name);
1821 if (rmdir(name) < 0)
1822 perror_reply(550, name);
1830 char path[MaxPathLen];
1833 /* SunOS has a broken getcwd that does popen(pwd) (!!!), this
1834 * failes miserably when running chroot
1836 ret = getcwd(path, sizeof(path));
1838 reply(550, "%s.", strerror(errno));
1840 reply(257, "\"%s\" is current directory.", path);
1844 renamefrom(char *name)
1848 if (stat(name, &st) < 0) {
1849 perror_reply(550, name);
1852 reply(350, "File exists, ready for destination name");
1857 renamecmd(char *from, char *to)
1860 LOGCMD2("rename", from, to);
1861 if(guest && filename_check(to))
1863 if (rename(from, to) < 0)
1864 perror_reply(550, "rename");
1870 dolog(struct sockaddr *sa, int len)
1872 getnameinfo_verified (sa, len, remotehost, sizeof(remotehost),
1874 #ifdef HAVE_SETPROCTITLE
1875 snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
1876 setproctitle("%s", proctitle);
1877 #endif /* HAVE_SETPROCTITLE */
1880 char data_addr[256];
1882 if (inet_ntop (his_addr->sa_family,
1883 socket_get_address(his_addr),
1884 data_addr, sizeof(data_addr)) == NULL)
1885 strlcpy (data_addr, "unknown address",
1889 syslog(LOG_INFO, "connection from %s(%s)",
1896 * Record logout in wtmp file
1897 * and exit with supplied status.
1900 dologout(int status)
1908 seteuid((uid_t)0); /* No need to check, we call exit() below */
1909 ftpd_logwtmp(ttyline, "", "");
1911 /* beware of flushing buffers after a SIGPIPE */
1923 reply(426, "Transfer aborted. Data connection closed.");
1924 reply(226, "Abort successful");
1937 while(isspace(*(unsigned char *)p))
1947 /* only process if transfer occurring */
1954 if (ftpd_getline(cp, sizeof(tmpline)) == NULL) {
1955 reply(221, "You could at least say goodbye.");
1959 if (strncasecmp("MIC", cp, 3) == 0) {
1960 mec(mec_space(cp + 3), prot_safe);
1961 } else if (strncasecmp("CONF", cp, 4) == 0) {
1962 mec(mec_space(cp + 4), prot_confidential);
1963 } else if (strncasecmp("ENC", cp, 3) == 0) {
1964 mec(mec_space(cp + 3), prot_private);
1965 } else if (!allow_insecure_oob) {
1966 reply(533, "Command protection level denied "
1967 "for paranoid reasons.");
1971 if (secure_command())
1974 if (strcasecmp(cp, "ABOR\r\n") == 0) {
1976 } else if (strcasecmp(cp, "STAT\r\n") == 0) {
1977 if (file_size != (off_t) -1)
1978 reply(213, "Status: %ld of %ld bytes transferred",
1982 reply(213, "Status: %ld bytes transferred",
1986 return (transflag == 0);
1990 * Note: a response of 425 is not mentioned as a possible response to
1991 * the PASV command in RFC959. However, it has been blessed as
1992 * a legitimate response by Jon Postel in a telephone conversation
1993 * with Rick Adams on 25 Jan 89.
2000 struct sockaddr_in *sin;
2002 if (ctrl_addr->sa_family != AF_INET) {
2004 "You cannot do PASV with something that's not IPv4");
2011 pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
2013 perror_reply(425, "Can't open passive connection");
2016 pasv_addr->sa_family = ctrl_addr->sa_family;
2017 socket_set_address_and_port (pasv_addr,
2018 socket_get_address (ctrl_addr),
2020 socket_set_portrange(pdata, restricted_data_ports,
2021 pasv_addr->sa_family);
2023 fatal("Failed to seteuid");
2024 if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
2025 if (seteuid(pw->pw_uid) < 0)
2026 fatal("Failed to seteuid");
2029 if (seteuid(pw->pw_uid) < 0)
2030 fatal("Failed to seteuid");
2031 len = sizeof(pasv_addr_ss);
2032 if (getsockname(pdata, pasv_addr, &len) < 0)
2034 if (listen(pdata, 1) < 0)
2036 sin = (struct sockaddr_in *)pasv_addr;
2037 a = (char *) &sin->sin_addr;
2038 p = (char *) &sin->sin_port;
2040 #define UC(b) (((int) b) & 0xff)
2042 reply(227, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", UC(a[0]),
2043 UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1]));
2049 perror_reply(425, "Can't open passive connection");
2058 pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0);
2060 perror_reply(425, "Can't open passive connection");
2063 pasv_addr->sa_family = ctrl_addr->sa_family;
2064 socket_set_address_and_port (pasv_addr,
2065 socket_get_address (ctrl_addr),
2067 socket_set_portrange(pdata, restricted_data_ports,
2068 pasv_addr->sa_family);
2070 fatal("Failed to seteuid");
2071 if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) {
2072 if (seteuid(pw->pw_uid))
2073 fatal("Failed to seteuid");
2076 if (seteuid(pw->pw_uid) < 0)
2077 fatal("Failed to seteuid");
2078 len = sizeof(pasv_addr_ss);
2079 if (getsockname(pdata, pasv_addr, &len) < 0)
2081 if (listen(pdata, 1) < 0)
2084 reply(229, "Entering Extended Passive Mode (|||%d|)",
2085 ntohs(socket_get_port (pasv_addr)));
2091 perror_reply(425, "Can't open passive connection");
2112 reply(500, "Bad syntax in EPRT");
2115 af = strtol (str, &end, 0);
2116 if (af == 0 || *end != sep) {
2117 reply(500, "Bad syntax in EPRT");
2124 data_dest->sa_family = AF_INET6;
2128 data_dest->sa_family = AF_INET;
2131 reply(522, "Network protocol %d not supported, use (1"
2138 end = strchr (str, sep);
2140 reply(500, "Bad syntax in EPRT");
2144 ret = inet_pton (data_dest->sa_family, str,
2145 socket_get_address (data_dest));
2148 reply(500, "Bad address syntax in EPRT");
2152 port = strtol (str, &end, 0);
2153 if (port == 0 || *end != sep) {
2154 reply(500, "Bad port syntax in EPRT");
2157 socket_set_port (data_dest, htons(port));
2158 reply(200, "EPRT command successful.");
2162 * Generate unique name for file with basename "local".
2163 * The file named "local" is already known to exist.
2164 * Generates failure reply on error.
2167 gunique(char *local)
2169 static char new[MaxPathLen];
2174 cp = strrchr(local, '/');
2177 if (stat(cp ? local : ".", &st) < 0) {
2178 perror_reply(553, cp ? local : ".");
2183 for (count = 1; count < 100; count++) {
2184 snprintf (new, sizeof(new), "%s.%d", local, count);
2185 if (stat(new, &st) < 0)
2188 reply(452, "Unique file name cannot be created.");
2193 * Format and send reply containing system error number.
2196 perror_reply(int code, const char *string)
2198 reply(code, "%s: %s.", string, strerror(errno));
2201 static char *onefile[] = {
2207 list_file(char *file)
2209 if(use_builtin_ls) {
2211 dout = dataconn(file, -1, "w");
2214 set_buffer_size(fileno(dout), 0);
2215 if(builtin_ls(dout, file) == 0)
2216 reply(226, "Transfer complete.");
2218 reply(451, "Requested action aborted. Local error in processing.");
2224 const char *cmd = "/bin/ls -lA %s";
2226 const char *cmd = "/bin/ls -la %s";
2228 retrieve(cmd, file);
2233 send_file_list(char *whichf)
2239 char **dirlist, *dirname;
2243 char buf[MaxPathLen];
2245 if (strpbrk(whichf, "~{[*?") != NULL) {
2246 int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE|
2254 memset(&gl, 0, sizeof(gl));
2256 if (glob(whichf, flags, 0, &gl)) {
2257 reply(550, "not found");
2259 } else if (gl.gl_pathc == 0) {
2261 perror_reply(550, whichf);
2264 dirlist = gl.gl_pathv;
2266 onefile[0] = whichf;
2271 while ((dirname = *dirlist++)) {
2273 if (urgflag && handleoobcmd())
2276 if (stat(dirname, &st) < 0) {
2278 * If user typed "ls -l", etc, and the client
2279 * used NLST, do what the user meant.
2281 if (dirname[0] == '-' && *dirlist == NULL &&
2286 perror_reply(550, whichf);
2290 if (S_ISREG(st.st_mode)) {
2292 dout = dataconn("file list", (off_t)-1, "w");
2297 snprintf(buf, sizeof(buf), "%s%s\n", dirname,
2298 type == TYPE_A ? "\r" : "");
2299 sec_write(fileno(dout), buf, strlen(buf));
2300 byte_count += strlen(dirname) + 1;
2302 } else if (!S_ISDIR(st.st_mode))
2305 if ((dirp = opendir(dirname)) == NULL)
2308 while ((dir = readdir(dirp)) != NULL) {
2309 char nbuf[MaxPathLen];
2311 if (urgflag && handleoobcmd())
2314 if (!strcmp(dir->d_name, "."))
2316 if (!strcmp(dir->d_name, ".."))
2319 snprintf(nbuf, sizeof(nbuf), "%s/%s", dirname, dir->d_name);
2322 * We have to do a stat to insure it's
2323 * not a directory or special file.
2325 if (simple || (stat(nbuf, &st) == 0 &&
2326 S_ISREG(st.st_mode))) {
2328 dout = dataconn("file list", (off_t)-1, "w");
2333 if(strncmp(nbuf, "./", 2) == 0)
2334 snprintf(buf, sizeof(buf), "%s%s\n", nbuf +2,
2335 type == TYPE_A ? "\r" : "");
2337 snprintf(buf, sizeof(buf), "%s%s\n", nbuf,
2338 type == TYPE_A ? "\r" : "");
2339 sec_write(fileno(dout), buf, strlen(buf));
2340 byte_count += strlen(nbuf) + 1;
2346 reply(550, "No files found.");
2347 else if (ferror(dout) != 0)
2348 perror_reply(550, "Data connection");
2350 reply(226, "Transfer complete.");
2355 sec_write(fileno(dout), buf, 0); /* XXX flush */
2374 snprintf(line, sizeof(line),
2375 "/bin/locate -d %s -- %s",
2376 ftp_rooted("/etc/locatedb"),
2378 f = ftpd_popen(line, "r", 1, 1);
2380 perror_reply(550, "/bin/locate");
2383 lreply(200, "Output from find.");
2384 while(fgets(line, sizeof(line), f)){
2385 if(line[strlen(line)-1] == '\n')
2386 line[strlen(line)-1] = 0;