oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

sprinkel check_secure, check if CCC was passed in check_secure

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15609 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-07-09 15:43:54 +00:00
parent 85b3e3de27
commit b2c54991a2
1 changed files with 76 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
appl/ftp/ftpd/ftpcmd.y
View File

@@ -137,30 +137,35 @@ cmd_list
; ;
cmd cmd
: USER SP username CRLF : USER SP username CRLF check_secure
{ {
if ($5)
user($3); user($3);
free($3); free($3);
} }
| PASS SP password CRLF | PASS SP password CRLF check_secure
{ {
if ($5)
pass($3); pass($3);
memset ($3, 0, strlen($3)); memset ($3, 0, strlen($3));
free($3); free($3);
} }
| PORT SP host_port CRLF | PORT SP host_port CRLF check_secure
{ {
if ($5) {
usedefault = 0; usedefault = 0;
if (pdata >= 0) { if (pdata >= 0) {
close(pdata); close(pdata);
pdata = -1; pdata = -1;
} }
reply(200, "PORT command successful."); reply(200, "PORT command successful.");
}
} }
| EPRT SP STRING CRLF | EPRT SP STRING CRLF check_secure
{ {
if ($5)
eprt ($3); eprt ($3);
free ($3); free ($3);
} }
| PASV CRLF check_login | PASV CRLF check_login
{ {
@@ -178,8 +183,9 @@ cmd
epsv ($3); epsv ($3);
free ($3); free ($3);
} }
| TYPE SP type_code CRLF | TYPE SP type_code CRLF check_secure
{ {
if ($5) {
switch (cmd_type) { switch (cmd_type) {
case TYPE_A: case TYPE_A:
@@ -212,9 +218,11 @@ cmd
UNIMPLEMENTED for NBBY != 8 UNIMPLEMENTED for NBBY != 8
#endif /* NBBY == 8 */ #endif /* NBBY == 8 */
} }
}
} }
| STRU SP struct_code CRLF | STRU SP struct_code CRLF check_secure
{ {
if ($5) {
switch ($3) { switch ($3) {
case STRU_F: case STRU_F:
@@ -224,9 +232,11 @@ cmd
default: default:
reply(504, "Unimplemented STRU type."); reply(504, "Unimplemented STRU type.");
} }
}
} }
| MODE SP mode_code CRLF | MODE SP mode_code CRLF check_secure
{ {
if ($5) {
switch ($3) { switch ($3) {
case MODE_S: case MODE_S:
@@ -236,14 +246,19 @@ cmd
default: default:
reply(502, "Unimplemented MODE type."); reply(502, "Unimplemented MODE type.");
} }
}
} }
| ALLO SP NUMBER CRLF | ALLO SP NUMBER CRLF check_secure
{ {
if ($5) {
reply(202, "ALLO command ignored."); reply(202, "ALLO command ignored.");
}
} }
| ALLO SP NUMBER SP R SP NUMBER CRLF | ALLO SP NUMBER SP R SP NUMBER CRLF check_secure
{ {
if ($9) {
reply(202, "ALLO command ignored."); reply(202, "ALLO command ignored.");
}
} }
| RETR SP pathname CRLF check_login | RETR SP pathname CRLF check_login
{ {
@@ -304,10 +319,11 @@ cmd
if ($3 != NULL) if ($3 != NULL)
free($3); free($3);
} }
| sTAT CRLF | sTAT CRLF check_secure
{ {
if ($3)
statcmd(); statcmd();
} }
| DELE SP pathname CRLF check_login_no_guest | DELE SP pathname CRLF check_login_no_guest
{ {
if ($5 && $3 != NULL) if ($5 && $3 != NULL)
@@ -329,8 +345,9 @@ cmd
if ($3 != NULL) if ($3 != NULL)
free($3); free($3);
} }
| ABOR CRLF | ABOR CRLF check_secure
{ {
if ($3)
reply(225, "ABOR command successful."); reply(225, "ABOR command successful.");
} }
| CWD CRLF check_login | CWD CRLF check_login
@@ -345,12 +362,14 @@ cmd
if ($3 != NULL) if ($3 != NULL)
free($3); free($3);
} }
| HELP CRLF | HELP CRLF check_secure
{ {
if ($3)
help(cmdtab, (char *) 0); help(cmdtab, (char *) 0);
} }
| HELP SP STRING CRLF | HELP SP STRING CRLF check_secure
{ {
if ($5) {
char *cp = $3; char *cp = $3;
if (strncasecmp(cp, "SITE", 4) == 0) { if (strncasecmp(cp, "SITE", 4) == 0) {
@@ -363,9 +382,11 @@ cmd
help(sitetab, (char *) 0); help(sitetab, (char *) 0);
} else } else
help(cmdtab, $3); help(cmdtab, $3);
}
} }
| NOOP CRLF | NOOP CRLF check_secure
{ {
if ($3)
reply(200, "NOOP command successful."); reply(200, "NOOP command successful.");
} }
| MKD SP pathname CRLF check_login | MKD SP pathname CRLF check_login
@@ -392,26 +413,31 @@ cmd
if ($3) if ($3)
cwd(".."); cwd("..");
} }
| FEAT CRLF | FEAT CRLF check_secure
{ {
if ($3) {
lreply(211, "Supported features:"); lreply(211, "Supported features:");
lreply(0, " MDTM"); lreply(0, " MDTM");
lreply(0, " REST STREAM"); lreply(0, " REST STREAM");
lreply(0, " SIZE"); lreply(0, " SIZE");
reply(211, "End"); reply(211, "End");
}
} }
| OPTS SP STRING CRLF | OPTS SP STRING CRLF check_secure
{ {
free ($3); if ($5)
reply(501, "Bad options"); reply(501, "Bad options");
free ($3);
} }
| SITE SP HELP CRLF | SITE SP HELP CRLF check_secure
{ {
if ($5)
help(sitetab, (char *) 0); help(sitetab, (char *) 0);
} }
| SITE SP HELP SP STRING CRLF | SITE SP HELP SP STRING CRLF check_secure
{ {
if ($7)
help(sitetab, $5); help(sitetab, $5);
} }
| SITE SP UMASK CRLF check_login | SITE SP UMASK CRLF check_login
@@ -449,14 +475,16 @@ cmd
if ($7 != NULL) if ($7 != NULL)
free($7); free($7);
} }
| SITE SP IDLE CRLF | SITE SP IDLE CRLF check_secure
{ {
if ($5)
reply(200, reply(200,
"Current IDLE time limit is %d seconds; max %d", "Current IDLE time limit is %d seconds; max %d",
ftpd_timeout, maxtimeout); ftpd_timeout, maxtimeout);
} }
| SITE SP IDLE SP NUMBER CRLF | SITE SP IDLE SP NUMBER CRLF check_secure
{ {
if ($7) {
if ($5 < 30 || $5 > maxtimeout) { if ($5 < 30 || $5 > maxtimeout) {
reply(501, reply(501,
"Maximum IDLE time must be between 30 and %d seconds", "Maximum IDLE time must be between 30 and %d seconds",
@@ -468,6 +496,7 @@ cmd
"Maximum IDLE time set to %d seconds", "Maximum IDLE time set to %d seconds",
ftpd_timeout); ftpd_timeout);
} }
}
} }
| SITE SP KAUTH SP STRING CRLF check_login | SITE SP KAUTH SP STRING CRLF check_login
@@ -555,9 +584,10 @@ cmd
if($5 != NULL) if($5 != NULL)
free($5); free($5);
} }
| SITE SP URL CRLF | SITE SP URL CRLF check_secure
{ {
reply(200, "http://www.pdc.kth.se/kth-krb/"); if ($5)
reply(200, "http://www.pdc.kth.se/heimdal/");
} }
| STOU SP pathname CRLF check_login | STOU SP pathname CRLF check_login
{ {
@@ -566,13 +596,15 @@ cmd
if ($3 != NULL) if ($3 != NULL)
free($3); free($3);
} }
| SYST CRLF | SYST CRLF check_secure
{ {
if ($3) {
#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) #if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
reply(215, "UNIX Type: L%d", NBBY); reply(215, "UNIX Type: L%d", NBBY);
#else #else
reply(215, "UNKNOWN Type: L%d", NBBY); reply(215, "UNKNOWN Type: L%d", NBBY);
#endif #endif
}
} }
/* /*
@@ -627,10 +659,12 @@ cmd
if ($3 != NULL) if ($3 != NULL)
free($3); free($3);
} }
| QUIT CRLF | QUIT CRLF check_secure
{ {
if ($3) {
reply(221, "Goodbye."); reply(221, "Goodbye.");
dologout(0); dologout(0);
}
} }
| error CRLF | error CRLF
{ {
@@ -648,13 +682,15 @@ rcmd
} }
} }
} }
| REST SP byte_size CRLF | REST SP byte_size CRLF check_secure
{ {
if ($5) {
fromname = (char *) 0; fromname = (char *) 0;
restart_point = $3; /* XXX $3 is only "int" */ restart_point = $3; /* XXX $3 is only "int" */
reply(350, "Restarting at %ld. %s", reply(350, "Restarting at %ld. %s",
(long)restart_point, (long)restart_point,
"Send STORE or RETRIEVE to initiate transfer."); "Send STORE or RETRIEVE to initiate transfer.");
}
} }
| AUTH SP STRING CRLF | AUTH SP STRING CRLF
{ {
@@ -666,16 +702,19 @@ rcmd
adat($3); adat($3);
free($3); free($3);
} }
| PBSZ SP NUMBER CRLF | PBSZ SP NUMBER CRLF check_secure
{ {
if ($5)
pbsz($3); pbsz($3);
} }
| PROT SP STRING CRLF | PROT SP STRING CRLF check_secure
{ {
if ($5)
prot($3); prot($3);
} }
| CCC CRLF | CCC CRLF check_secure
{ {
if ($3)
ccc(); ccc();
} }
| MIC SP STRING CRLF | MIC SP STRING CRLF
@@ -892,7 +931,7 @@ check_login : check_secure
check_secure : /* empty */ check_secure : /* empty */
{ {
$$ = 1; $$ = 1;
if(sec_complete && !secure_command()) { if(sec_complete && !ccc_passed && !secure_command()) {
$$ = 0; $$ = 0;
reply(533, "Command protection level denied " reply(533, "Command protection level denied "
"for paranoid reasons."); "for paranoid reasons.");