From 24713697ffd3cdb3a82b8185ae675fa46acc1355 Mon Sep 17 00:00:00 2001 From: bitblt Date: Thu, 19 Sep 1996 01:21:25 +0000 Subject: [PATCH] reduced the number of command availibe to users who are not logged in, fixed a memory leak in RNFR --- libexec/ftpd/ftpcmd.y | 194 ++++++++++++++++++++++++------------------ 1 file changed, 110 insertions(+), 84 deletions(-) diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index 276fb93eff3..4237278973d 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -155,85 +155,96 @@ cmd memset($3, 0, strlen($3)); free($3); } - | PORT SP host_port CRLF + | PORT check_login SP host_port CRLF { - usedefault = 0; - if (pdata >= 0) { - (void) close(pdata); - pdata = -1; + if ($2) { + usedefault = 0; + if (pdata >= 0) { + (void) close(pdata); + pdata = -1; + } + reply(200, "PORT command successful."); } - reply(200, "PORT command successful."); } - | PASV CRLF + | PASV check_login CRLF { - passive(); + if ($2) { + passive(); + } } - | TYPE SP type_code CRLF + | TYPE check_login SP type_code CRLF { - switch (cmd_type) { + if ($2) { + switch (cmd_type) { - case TYPE_A: - if (cmd_form == FORM_N) { - reply(200, "Type set to A."); - type = cmd_type; - form = cmd_form; - } else - reply(504, "Form must be N."); - break; + case TYPE_A: + if (cmd_form == FORM_N) { + reply(200, "Type set to A."); + type = cmd_type; + form = cmd_form; + } else + reply(504, "Form must be N."); + break; - case TYPE_E: - reply(504, "Type E not implemented."); - break; + case TYPE_E: + reply(504, "Type E not implemented."); + break; + + case TYPE_I: + reply(200, "Type set to I."); + type = cmd_type; + break; - case TYPE_I: - reply(200, "Type set to I."); - type = cmd_type; - break; + case TYPE_L: + if (cmd_bytesz == 8) { + reply(200, + "Type set to L (byte size 8)."); + type = cmd_type; + } else + reply(504, "Byte size must be 8."); - case TYPE_L: -#if NBBY == 8 - if (cmd_bytesz == 8) { - reply(200, - "Type set to L (byte size 8)."); - type = cmd_type; - } else - reply(504, "Byte size must be 8."); -#else /* NBBY == 8 */ - UNIMPLEMENTED for NBBY != 8 -#endif /* NBBY == 8 */ + } } } - | STRU SP struct_code CRLF + | STRU check_login SP struct_code CRLF { - switch ($3) { + if ($2) { + switch ($4) { - case STRU_F: - reply(200, "STRU F ok."); - break; + case STRU_F: + reply(200, "STRU F ok."); + break; - default: - reply(504, "Unimplemented STRU type."); + default: + reply(504, "Unimplemented STRU type."); + } } } - | MODE SP mode_code CRLF + | MODE check_login SP mode_code CRLF { - switch ($3) { + if ($2) { + switch ($4) { - case MODE_S: - reply(200, "MODE S ok."); - break; + case MODE_S: + reply(200, "MODE S ok."); + break; - default: - reply(502, "Unimplemented MODE type."); + default: + reply(502, "Unimplemented MODE type."); + } } } - | ALLO SP NUMBER CRLF + | ALLO check_login SP NUMBER CRLF { - reply(202, "ALLO command ignored."); + if ($2) { + reply(202, "ALLO command ignored."); + } } - | ALLO SP NUMBER SP R SP NUMBER CRLF + | ALLO check_login SP NUMBER SP R SP NUMBER CRLF { - reply(202, "ALLO command ignored."); + if ($2) { + reply(202, "ALLO command ignored."); + } } | RETR check_login SP pathname CRLF { @@ -287,9 +298,10 @@ cmd if ($4 != NULL) free($4); } - | STAT CRLF + | STAT check_login CRLF { - statcmd(); + if ($2) + statcmd(); } | DELE check_login SP pathname CRLF { @@ -298,20 +310,24 @@ cmd if ($4 != NULL) free($4); } - | RNTO SP pathname CRLF + | RNTO check_login SP pathname CRLF { - if (fromname) { - renamecmd(fromname, $3); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); + if ($2) { + if (fromname) { + renamecmd(fromname, $4); + free(fromname); + fromname = (char *) 0; + } else { + reply(503, + "Bad sequence of commands."); + } } - free($3); + free($4); } - | ABOR CRLF + | ABOR check_login CRLF { - reply(225, "ABOR command successful."); + if ($2) + reply(225, "ABOR command successful."); } | CWD check_login CRLF { @@ -419,24 +435,27 @@ cmd if ($8 != NULL) free($8); } - | SITE SP IDLE CRLF + | SITE SP check_login IDLE CRLF { - reply(200, - "Current IDLE time limit is %d seconds; max %d", + if ($3) + reply(200, + "Current IDLE time limit is %d seconds; max %d", timeout, maxtimeout); } - | SITE SP IDLE SP NUMBER CRLF + | SITE SP IDLE check_login SP NUMBER CRLF { - if ($5 < 30 || $5 > maxtimeout) { + if ($4) { + if ($6 < 30 || $6 > maxtimeout) { reply(501, - "Maximum IDLE time must be between 30 and %d seconds", + "Maximum IDLE time must be between 30 and %d seconds", maxtimeout); - } else { - timeout = $5; - (void) alarm((unsigned) timeout); - reply(200, - "Maximum IDLE time set to %d seconds", - timeout); + } else { + timeout = $6; + (void) alarm((unsigned) timeout); + reply(200, + "Maximum IDLE time set to %d seconds", + timeout); + } } } | STOU check_login SP pathname CRLF @@ -446,8 +465,9 @@ cmd if ($4 != NULL) free($4); } - | SYST CRLF + | SYST check_login CRLF { + if ($2) #ifdef unix #ifdef BSD reply(215, "UNIX Type: L%d Version: BSD-%d", @@ -527,14 +547,20 @@ rcmd if (fromname == (char *) 0 && $4) { free($4); } + } else { + if ($4) + free ($4); } } - | REST SP byte_size CRLF + + | REST check_login SP byte_size CRLF { - fromname = (char *) 0; - restart_point = $3; /* XXX $3 is only "int" */ - reply(350, "Restarting at %qd. %s", restart_point, - "Send STORE or RETRIEVE to initiate transfer."); + if ($2) { + fromname = (char *) 0; + restart_point = $4; /* XXX $4 is only "int" */ + reply(350, "Restarting at %qd. %s", restart_point, + "Send STORE or RETRIEVE to initiate transfer."); + } } ; -- 2.20.1