diff options
Diffstat (limited to 'crypto/kerberosIV/appl/ftp')
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ChangeLog | 376 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/Makefile.am | 5 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/common/Makefile.am | 12 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftp/Makefile.am | 44 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftp/gssapi.c | 379 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftp/security.c | 785 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftp/security.h | 131 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftpd/Makefile.am | 54 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h | 170 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c | 69 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/ftp/ftpd/ls.c | 572 |
11 files changed, 0 insertions, 2597 deletions
diff --git a/crypto/kerberosIV/appl/ftp/ChangeLog b/crypto/kerberosIV/appl/ftp/ChangeLog deleted file mode 100644 index e2e1bb5f4dfa5..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ChangeLog +++ /dev/null @@ -1,376 +0,0 @@ -1999-11-30 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (getdatasock): make sure to keep the port-number of - the outgoing connections. It has to be `ftp-data' or some people - might get upset. - - * ftpd/ftpd.c (args): set correct variable when `-l' so that - logging actually works - -1999-11-29 Assar Westerlund <assar@sics.se> - - * ftp/security.c (sec_login): check return value from realloc - (sec_end): set app_data to NULL - -1999-11-25 Assar Westerlund <assar@sics.se> - - * ftp/krb4.c (krb4_auth): obtain the `local' address when doing - NAT. also turn on passive mode. From <thn@stacken.kth.se> - -1999-11-20 Assar Westerlund <assar@sics.se> - - * ftpd/ls.c (make_fileinfo): cast to allow for non-const - prototypes of readlink - -1999-11-12 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (args): use arg_counter for `l' - -1999-11-04 Assar Westerlund <assar@sics.se> - - * ftpd/ls.c (S_ISSOCK, S_ISLNK): fallback definitions for systems - that don't have them (such as ultrix) - -1999-10-29 Assar Westerlund <assar@sics.se> - - * ftpd/ls.c (make_fileinfo): cast uid's and gid's to unsigned in - printf, we don't know what types they might be. - (lstat_file): conditionalize the kafs part on KRB4 - - * ftpd/ftpd_locl.h: <sys/ioccom.h> is needed for kafs.h - -1999-10-28 Assar Westerlund <assar@sics.se> - - * ftpd/ls.c (lstat_file): don't set st_mode, it should already be - correct - - * ftpd/ls.c: don't use warnx to print errors - - * ftpd/ls.c (builtin_ls): fix typo, 'd' shouldn't imply 'f' - - * ftpd/ls.c (lstat_file): new function for avoiding stating AFS - mount points. From Love <lha@s3.kth.se> - (list_files): use `lstat_file' - - * ftpd/ftpd.c: some const-poisoning - - * ftpd/ftpd.c (args): add `-B' as an alias for `--builtin-ls' to - allow for stupid inetds that only support two arguments. From - Love <lha@s3.kth.se> - -1999-10-26 Assar Westerlund <assar@sics.se> - - * ftpd/ftpcmd.y (help): it's unnecessary to interpret help strings - as printf commands - - * ftpd/ftpd.c (show_issue): don't interpret contents of - /etc/issue* as printf commands. From Brian A May - <bmay@dgs.monash.edu.au> - -1999-10-21 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/kauth.c (kauth): complain if protection level isn't - `private' - - * ftp/krb4.c (krb4_decode): syslog failure reason - - * ftp/kauth.c (kauth): set private level earlier - - * ftp/security.c: get_command_prot; (sec_prot): partially match - `command' and `data' - -1999-10-18 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/ftpd.c: change `-l' flag to use arg_collect (this makes - `-ll' work again) - - * ftpd/ftpd.c (list_file): pass filename to ls - -1999-10-04 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/ftpcmd.y: FEAT - -1999-10-03 Assar Westerlund <assar@sics.se> - - * ftpd/ls.c: fall-back definitions for constans and casts for - printfs - -1999-10-03 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/ftpd.c (main): make this use getarg; add `list_file' - - * ftpd/ftpcmd.y (LIST): call list_file - - * ftpd/ls.c: add simple built-in ls - - * ftp/security.c: add `sec_vfprintf2' and `sec_fprintf2' that - prints to the data stream - - * ftp/kauth.c (kauth): make sure we're using private protection - level - - * ftp/security.c (set_command_prot): set command protection level - - * ftp/security.c: make it possible to set the command protection - level with `prot' - -1999-09-30 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd_locl.h: add prototype for fclose to make sunos happy - -1999-08-19 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/ftpd.c (do_login): show issue-file - (send_data): change handling of zero-byte files - -1999-08-18 Assar Westerlund <assar@sics.se> - - * ftp/cmds.c (getit): be more suspicious when parsing the result - of MDTM. Do the comparison of timestamps correctly. - -1999-08-13 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (send_data): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - - * ftp/ftp.c (copy_stream): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - -1999-08-03 Assar Westerlund <assar@sics.se> - - * ftp/ftp.c (active_mode): hide failure of EPRT by setting verbose - - * ftp/gssapi.c (gss_auth): initialize application_data in bindings - -1999-08-02 Assar Westerlund <assar@sics.se> - - * ftpd/ftpcmd.y: save file names when doing commands that might - get aborted (and longjmp:ed out of) to avoid overwriting them also - remove extra closing brace - -1999-08-01 Johan Danielsson <joda@pdc.kth.se> - - * ftpd/ftpcmd.y: change `site find' to `site locate' (to match - what it does, and other implementations) keep find as an alias - -1999-07-28 Assar Westerlund <assar@sics.se> - - * common/socket.c: moved to roken - - * common/socket.c: new file with generic socket functions - - * ftpd/ftpd.c: make it more AF-neutral and v6-capable - - * ftpd/ftpcmd.y: add EPRT and EPSV - - * ftpd/extern.h: update prototypes and variables - - * ftp/krb4.c: update to new types of addresses - - * ftp/gssapi.c: add support for both AF_INET and AF_INET6 - addresses - - * ftp/ftp.c: make it more AF-neutral and v6-capable - - * ftp/extern.h (hookup): change prototype - - * common/common.h: add prototypes for functions in socket.c - - * common/Makefile.am (libcommon_a_SOURCES): add socket.c - - * ftp/gssapi.c (gss_auth): check return value from - `gss_import_name' and print error messages if it fails - -1999-06-15 Assar Westerlund <assar@sics.se> - - * ftp/krb4.c (krb4_auth): type correctness - -1999-06-02 Johan Danielsson <joda@pdc.kth.se> - - * ftp/ftp.c (sendrequest): lmode != rmode - -1999-05-21 Assar Westerlund <assar@sics.se> - - * ftp/extern.h (sendrequest): update prototype - - * ftp/cmds.c: update calls to sendrequest and recvrequest to send - "b" when appropriate - - * ftp/ftp.c (sendrequest): add argument for mode to open file in. - -1999-05-08 Assar Westerlund <assar@sics.se> - - * ftpd/ftpcmd.y: rename getline -> ftpd_getline - - * ftp/main.c (makeargv): fill in unused slots with NULL - -Thu Apr 8 15:06:40 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/ftpd.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - -Wed Apr 7 16:15:21 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftp/gssapi.c (gss_auth): call gss_display_status to get a sane - error message; return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/krb4.c: return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/security.c (sec_login): if mechanism returns AUTH_CONTINUE, - just continue with the next mechanism, this fixes the case of - having GSSAPI fail because of non-existant of expired tickets - - * ftp/security.h: add AUTH_{OK,CONTINUE,ERROR} - -Thu Apr 1 16:59:04 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/Makefile.am: don't run check-local - - * ftp/Makefile.am: don't run check-local - -Mon Mar 22 22:15:18 1999 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (pass): fall-back for KRB_VERIFY_SECURE - - * ftpd/ftpd.c (pass): 1 -> KRB_VERIFY_SECURE - -Thu Mar 18 12:07:09 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/Makefile.am: clean ftpcmd.c - - * ftpd/ftpd_locl.h: remove krb5.h (breaks in ftpcmd.y) - - * ftpd/ftpd.c: move include of krb5.h here - - * ftpd/Makefile.am: include Makefile.am.common - - * Makefile.am: include Makefile.am.common - - * ftp/Makefile.am: include Makefile.am.common - - * common/Makefile.am: include Makefile.am.common - -Tue Mar 16 22:28:37 1999 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd_locl.h: add krb5.h to get heimdal_version - - * ftpd/ftpd.c: krb_verify_user_multiple -> krb_verify_user - -Thu Mar 11 14:54:59 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftp/Makefile.in: WFLAGS - - * ftp/ruserpass.c: add some if-braces - -Wed Mar 10 20:02:55 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/ftpd_locl.h: remove ifdef HAVE_FNMATCH - -Mon Mar 8 21:29:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/ftpd.c: re-add version in greeting message - -Mon Mar 1 10:49:38 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/logwtmp.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - -Mon Feb 22 19:20:51 1999 Johan Danielsson <joda@hella.pdc.kth.se> - - * common/Makefile.in: remove glob - -Sat Feb 13 17:19:35 1999 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (match): remove #ifdef HAVE_FNMATCH. We have a - fnmatch implementation in roken and therefore always have it. - - * ftp/ftp.c (copy_stream): initialize `werr' - -Wed Jan 13 23:52:57 1999 Assar Westerlund <assar@sics.se> - - * ftpd/ftpcmd.y: moved all check_login and check_login_no_guest to - the end of the rules to ensure we don't generate several - (independent) error messages. once again, having a yacc-grammar - for FTP with embedded actions doesn't strike me as the most - optimal way of doing it. - -Tue Dec 1 14:44:29 1998 Johan Danielsson <joda@hella.pdc.kth.se> - - * ftpd/Makefile.am: link with extra libs for aix - -Sun Nov 22 10:28:20 1998 Assar Westerlund <assar@sics.se> - - * ftpd/ftpd.c (retrying): support on-the-fly decompression - - * ftpd/Makefile.in (WFLAGS): set - - * ftp/ruserpass.c (guess_domain): new function - (ruserpass): use it - - * common/Makefile.in (WFLAGS): set - - * Makefile.in (WFLAGS): set - -Sat Nov 21 23:13:03 1998 Assar Westerlund <assar@sics.se> - - * ftp/security.c: some more type correctness. - - * ftp/gssapi.c (gss_adat): more braces to shut up warnings - -Wed Nov 18 21:47:55 1998 Assar Westerlund <assar@sics.se> - - * ftp/main.c (main): new option `-p' for enable passive mode. - -Mon Nov 2 01:57:49 1998 Assar Westerlund <assar@sics.se> - - * ftp/ftp.c (getreply): remove extra `break' - - * ftp/gssapi.c (gss_auth): fixo typo(copyo?) - - * ftp/security.c (sec_login): fix loop and return value - -Tue Sep 1 16:56:42 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * ftp/cmds.c (quote1): fix % quoting bug - -Fri Aug 14 17:10:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * ftp/krb4.c: krb_put_int -> KRB_PUT_INT - -Tue Jun 30 18:07:15 1998 Assar Westerlund <assar@sics.se> - - * ftp/security.c (auth): free `app_data' - (sec_end): only destroy if it was initialized - -Tue Jun 9 21:01:59 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * ftp/krb4.c: pass client address to krb_rd_req - -Sat May 16 00:02:07 1998 Assar Westerlund <assar@sics.se> - - * ftpd/Makefile.am: link with DBLIB - -Tue May 12 14:15:32 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * ftp/gssapi.c: Save client name for userok(). - - * ftpd/gss_userok.c: Userok for gssapi. - -Fri May 1 07:15:01 1998 Assar Westerlund <assar@sics.se> - - * ftp/ftp.c: unifdef -DHAVE_H_ERRNO - -Fri Mar 27 00:46:07 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * Make compile w/o krb4. - -Thu Mar 26 03:49:12 1998 Johan Danielsson <joda@emma.pdc.kth.se> - - * ftp/*, ftpd/*: Changes for new framework. - - * ftp/gssapi.c: GSS-API backend for the new security framework. - - * ftp/krb4.c: Updated for new framework. - - * ftp/security.{c,h}: New unified security framework. diff --git a/crypto/kerberosIV/appl/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/Makefile.am deleted file mode 100644 index f8831a308d037..0000000000000 --- a/crypto/kerberosIV/appl/ftp/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -# $Id: Makefile.am,v 1.5 1999/03/20 13:58:14 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = common ftp ftpd diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.am b/crypto/kerberosIV/appl/ftp/common/Makefile.am deleted file mode 100644 index 4fab07b9a1ae4..0000000000000 --- a/crypto/kerberosIV/appl/ftp/common/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -# $Id: Makefile.am,v 1.9 1999/07/28 21:15:06 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) - -noinst_LIBRARIES = libcommon.a - -libcommon_a_SOURCES = \ - sockbuf.c \ - buffer.c \ - common.h diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/ftp/Makefile.am deleted file mode 100644 index 081465a504169..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am,v 1.12 1999/04/09 18:22:08 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) - -bin_PROGRAMS = ftp - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c kauth.c -endif -if KRB5 -krb5_sources = gssapi.c -endif - -ftp_SOURCES = \ - cmds.c \ - cmdtab.c \ - extern.h \ - ftp.c \ - ftp_locl.h \ - ftp_var.h \ - main.c \ - pathnames.h \ - ruserpass.c \ - domacro.c \ - globals.c \ - security.c \ - security.h \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftp_SOURCES = krb4.c kauth.c gssapi.c - -LDADD = \ - ../common/libcommon.a \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) \ - $(LIB_readline) diff --git a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c deleted file mode 100644 index d06b5d62d29d8..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include <gssapi.h> - -RCSID("$Id: gssapi.c,v 1.13 1999/12/02 16:58:29 joda Exp $"); - -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; -}; - -static int -gss_init(void *app_data) -{ - struct gss_data *d = app_data; - d->context_hdl = GSS_C_NO_CONTEXT; - return 0; -} - -static int -gss_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -gss_decode(void *app_data, void *buf, int len, int level) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - gss_qop_t qop_state; - int conf_state; - struct gss_data *d = app_data; - - input.length = len; - input.value = buf; - maj_stat = gss_unwrap (&min_stat, - d->context_hdl, - &input, - &output, - &conf_state, - &qop_state); - if(GSS_ERROR(maj_stat)) - return -1; - memmove(buf, output.value, output.length); - return output.length; -} - -static int -gss_overhead(void *app_data, int level, int len) -{ - return 100; /* dunno? */ -} - - -static int -gss_encode(void *app_data, void *from, int length, int level, void **to) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - int conf_state; - struct gss_data *d = app_data; - - input.length = length; - input.value = from; - maj_stat = gss_wrap (&min_stat, - d->context_hdl, - level == prot_private, - GSS_C_QOP_DEFAULT, - &input, - &conf_state, - &output); - *to = output.value; - return output.length; -} - -static void -sockaddr_to_gss_address (const struct sockaddr *sa, - OM_uint32 *addr_type, - gss_buffer_desc *gss_addr) -{ - switch (sa->sa_family) { -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - gss_addr->length = 16; - gss_addr->value = &sin6->sin6_addr; - *addr_type = GSS_C_AF_INET6; - break; - } -#endif - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - - gss_addr->length = 4; - gss_addr->value = &sin->sin_addr; - *addr_type = GSS_C_AF_INET; - break; - } - default : - errx (1, "unknown address family %d", sa->sa_family); - - } -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -static int -gss_adat(void *app_data, void *buf, size_t len) -{ - char *p = NULL; - gss_buffer_desc input_token, output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - struct gss_data *d = app_data; - - gss_channel_bindings_t bindings = malloc(sizeof(*bindings)); - sockaddr_to_gss_address (his_addr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (ctrl_addr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - - input_token.value = buf; - input_token.length = len; - - maj_stat = gss_accept_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_CREDENTIAL, - &input_token, - bindings, - &client_name, - NULL, - &output_token, - NULL, - NULL, - NULL); - - if(output_token.length) { - if(base64_encode(output_token.value, output_token.length, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - } - if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - maj_stat = gss_export_name(&min_stat, client_name, &export_name); - if(maj_stat != 0) { - reply(500, "Error exporting name"); - goto out; - } - name = realloc(export_name.value, export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - free(export_name.value); - goto out; - } - name[export_name.length] = '\0'; - d->client_name = name; - if(p) - reply(235, "ADAT=%s", p); - else - reply(235, "ADAT Complete"); - sec_complete = 1; - - } else if(maj_stat == GSS_S_CONTINUE_NEEDED) { - if(p) - reply(335, "ADAT=%s", p); - else - reply(335, "OK, need more data"); - } else - reply(535, "foo?"); -out: - free(p); - return 0; -} - -int gss_userok(void*, char*); - -struct sec_server_mech gss_server_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, /* init */ - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, - /* */ - NULL, - gss_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - gss_userok -}; - -#else /* FTP_SERVER */ - -extern struct sockaddr *hisctladdr, *myctladdr; - -static int -gss_auth(void *app_data, char *host) -{ - - OM_uint32 maj_stat, min_stat; - gss_buffer_desc name; - gss_name_t target_name; - gss_buffer_desc input, output_token; - int context_established = 0; - char *p; - int n; - gss_channel_bindings_t bindings; - struct gss_data *d = app_data; - - name.length = asprintf((char**)&name.value, "ftp@%s", host); - maj_stat = gss_import_name(&min_stat, - &name, - GSS_C_NT_HOSTBASED_SERVICE, - &target_name); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error importing name %s: %s\n", - (char *)name.value, - (char *)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_ERROR; - } - free(name.value); - - - input.length = 0; - input.value = NULL; - - bindings = malloc(sizeof(*bindings)); - - sockaddr_to_gss_address (myctladdr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (hisctladdr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - - while(!context_established) { - maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &d->context_hdl, - target_name, - GSS_C_NO_OID, - GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG, - 0, - bindings, - &input, - NULL, - &output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error initializing security context: %s\n", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_CONTINUE; - } - - gss_release_buffer(&min_stat, &input); - if (output_token.length != 0) { - base64_encode(output_token.value, output_token.length, &p); - gss_release_buffer(&min_stat, &output_token); - n = command("ADAT %s", p); - free(p); - } - if (GSS_ERROR(maj_stat)) { - if (d->context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - p = strstr(reply_string, "ADAT="); - if(p == NULL){ - printf("Error: expected ADAT in reply.\n"); - return AUTH_ERROR; - } else { - p+=5; - input.value = malloc(strlen(p)); - input.length = base64_decode(p, input.value); - } - } else { - if(code != 235) { - printf("Unrecognized response code: %d\n", code); - return AUTH_ERROR; - } - context_established = 1; - } - } - return AUTH_OK; -} - -struct sec_client_mech gss_client_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, - gss_auth, - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.c b/crypto/kerberosIV/appl/ftp/ftp/security.c deleted file mode 100644 index ca7eb0036a538..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/security.c +++ /dev/null @@ -1,785 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif - -RCSID("$Id: security.c,v 1.15 1999/12/02 16:58:30 joda Exp $"); - -static enum protection_level command_prot; -static enum protection_level data_prot; -static size_t buffer_size; - -struct buffer { - void *data; - size_t size; - size_t index; - int eof_flag; -}; - -static struct buffer in_buffer, out_buffer; -int sec_complete; - -static struct { - enum protection_level level; - const char *name; -} level_names[] = { - { prot_clear, "clear" }, - { prot_safe, "safe" }, - { prot_confidential, "confidential" }, - { prot_private, "private" } -}; - -static const char * -level_to_name(enum protection_level level) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(level_names[i].level == level) - return level_names[i].name; - return "unknown"; -} - -#ifndef FTP_SERVER /* not used in server */ -static enum protection_level -name_to_level(const char *name) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(!strncasecmp(level_names[i].name, name, strlen(name))) - return level_names[i].level; - return (enum protection_level)-1; -} -#endif - -#ifdef FTP_SERVER - -static struct sec_server_mech *mechs[] = { -#ifdef KRB5 - &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, -#endif - NULL -}; - -static struct sec_server_mech *mech; - -#else - -static struct sec_client_mech *mechs[] = { -#ifdef KRB5 - &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, -#endif - NULL -}; - -static struct sec_client_mech *mech; - -#endif - -static void *app_data; - -int -sec_getc(FILE *F) -{ - if(sec_complete && data_prot) { - char c; - if(sec_read(fileno(F), &c, 1) <= 0) - return EOF; - return c; - } else - return getc(F); -} - -static int -block_read(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = read(fd, p, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -block_write(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = write(fd, p, len); - if(b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -sec_get_data(int fd, struct buffer *buf, int level) -{ - int len; - int b; - - b = block_read(fd, &len, sizeof(len)); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len = ntohl(len); - buf->data = realloc(buf->data, len); - b = block_read(fd, buf->data, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - buf->size = (*mech->decode)(app_data, buf->data, len, data_prot); - buf->index = 0; - return 0; -} - -static size_t -buffer_read(struct buffer *buf, void *data, size_t len) -{ - len = min(len, buf->size - buf->index); - memcpy(data, (char*)buf->data + buf->index, len); - buf->index += len; - return len; -} - -static size_t -buffer_write(struct buffer *buf, void *data, size_t len) -{ - if(buf->index + len > buf->size) { - void *tmp; - if(buf->data == NULL) - tmp = malloc(1024); - else - tmp = realloc(buf->data, buf->index + len); - if(tmp == NULL) - return -1; - buf->data = tmp; - buf->size = buf->index + len; - } - memcpy((char*)buf->data + buf->index, data, len); - buf->index += len; - return len; -} - -int -sec_read(int fd, void *data, int length) -{ - size_t len; - int rx = 0; - - if(sec_complete == 0 || data_prot == 0) - return read(fd, data, length); - - if(in_buffer.eof_flag){ - in_buffer.eof_flag = 0; - return 0; - } - - len = buffer_read(&in_buffer, data, length); - length -= len; - rx += len; - data = (char*)data + len; - - while(length){ - if(sec_get_data(fd, &in_buffer, data_prot) < 0) - return -1; - if(in_buffer.size == 0) { - if(rx) - in_buffer.eof_flag = 1; - return rx; - } - len = buffer_read(&in_buffer, data, length); - length -= len; - rx += len; - data = (char*)data + len; - } - return rx; -} - -static int -sec_send(int fd, char *from, int length) -{ - int bytes; - void *buf; - bytes = (*mech->encode)(app_data, from, length, data_prot, &buf); - bytes = htonl(bytes); - block_write(fd, &bytes, sizeof(bytes)); - block_write(fd, buf, ntohl(bytes)); - free(buf); - return length; -} - -int -sec_fflush(FILE *F) -{ - if(data_prot != prot_clear) { - if(out_buffer.index > 0){ - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - sec_send(fileno(F), NULL, 0); - } - fflush(F); - return 0; -} - -int -sec_write(int fd, char *data, int length) -{ - int len = buffer_size; - int tx = 0; - - if(data_prot == prot_clear) - return write(fd, data, length); - - len -= (*mech->overhead)(app_data, data_prot, len); - while(length){ - if(length < len) - len = length; - sec_send(fd, data, len); - length -= len; - data += len; - tx += len; - } - return tx; -} - -int -sec_vfprintf2(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - int ret; - if(data_prot == prot_clear) - return vfprintf(f, fmt, ap); - else { - vasprintf(&buf, fmt, ap); - ret = buffer_write(&out_buffer, buf, strlen(buf)); - free(buf); - return ret; - } -} - -int -sec_fprintf2(FILE *f, const char *fmt, ...) -{ - int ret; - va_list ap; - va_start(ap, fmt); - ret = sec_vfprintf2(f, fmt, ap); - va_end(ap); - return ret; -} - -int -sec_putc(int c, FILE *F) -{ - char ch = c; - if(data_prot == prot_clear) - return putc(c, F); - - buffer_write(&out_buffer, &ch, 1); - if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - return c; -} - -int -sec_read_msg(char *s, int level) -{ - int len; - char *buf; - int code; - - buf = malloc(strlen(s)); - len = base64_decode(s + 4, buf); /* XXX */ - - len = (*mech->decode)(app_data, buf, len, level); - if(len < 0) - return -1; - - buf[len] = '\0'; - - if(buf[3] == '-') - code = 0; - else - sscanf(buf, "%d", &code); - if(buf[len-1] == '\n') - buf[len-1] = '\0'; - strcpy(s, buf); - free(buf); - return code; -} - -int -sec_vfprintf(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - void *enc; - int len; - if(!sec_complete) - return vfprintf(f, fmt, ap); - - vasprintf(&buf, fmt, ap); - len = (*mech->encode)(app_data, buf, strlen(buf), command_prot, &enc); - free(buf); - if(len < 0) { - printf("Failed to encode command.\n"); - return -1; - } - if(base64_encode(enc, len, &buf) < 0){ - printf("Out of memory base64-encoding.\n"); - return -1; - } -#ifdef FTP_SERVER - if(command_prot == prot_safe) - fprintf(f, "631 %s\r\n", buf); - else if(command_prot == prot_private) - fprintf(f, "632 %s\r\n", buf); - else if(command_prot == prot_confidential) - fprintf(f, "633 %s\r\n", buf); -#else - if(command_prot == prot_safe) - fprintf(f, "MIC %s", buf); - else if(command_prot == prot_private) - fprintf(f, "ENC %s", buf); - else if(command_prot == prot_confidential) - fprintf(f, "CONF %s", buf); -#endif - free(buf); - return 0; -} - -int -sec_fprintf(FILE *f, const char *fmt, ...) -{ - va_list ap; - int ret; - va_start(ap, fmt); - ret = sec_vfprintf(f, fmt, ap); - va_end(ap); - return ret; -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -void -auth(char *auth_name) -{ - int i; - for(i = 0; (mech = mechs[i]) != NULL; i++){ - if(!strcasecmp(auth_name, mech->name)){ - app_data = realloc(app_data, mech->size); - if(mech->init && (*mech->init)(app_data) != 0) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - if(mech->auth) { - (*mech->auth)(app_data); - return; - } - if(mech->adat) - reply(334, "Send authorization data."); - else - reply(234, "Authorization complete."); - return; - } - } - free (app_data); - reply(504, "%s is unknown to me", auth_name); -} - -void -adat(char *auth_data) -{ - if(mech && !sec_complete) { - void *buf = malloc(strlen(auth_data)); - size_t len; - len = base64_decode(auth_data, buf); - (*mech->adat)(app_data, buf, len); - free(buf); - } else - reply(503, "You must %sissue an AUTH first.", mech ? "re-" : ""); -} - -void pbsz(int size) -{ - size_t new = size; - if(!sec_complete) - reply(503, "Incomplete security data exchange."); - if(mech->pbsz) - new = (*mech->pbsz)(app_data, size); - if(buffer_size != new){ - buffer_size = size; - } - if(new != size) - reply(200, "PBSZ=%lu", (unsigned long)new); - else - reply(200, "OK"); -} - -void -prot(char *pl) -{ - int p = -1; - - if(buffer_size == 0){ - reply(503, "No protection buffer size negotiated."); - return; - } - - if(!strcasecmp(pl, "C")) - p = prot_clear; - else if(!strcasecmp(pl, "S")) - p = prot_safe; - else if(!strcasecmp(pl, "E")) - p = prot_confidential; - else if(!strcasecmp(pl, "P")) - p = prot_private; - else { - reply(504, "Unrecognized protection level."); - return; - } - - if(sec_complete){ - if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", - mech->name, level_to_name(p)); - }else{ - data_prot = (enum protection_level)p; - reply(200, "Data protection is %s.", level_to_name(p)); - } - }else{ - reply(503, "Incomplete security data exchange."); - } -} - -void ccc(void) -{ - if(sec_complete){ - if(mech->ccc && (*mech->ccc)(app_data) == 0) - command_prot = data_prot = prot_clear; - else - reply(534, "You must be joking."); - }else - reply(503, "Incomplete security data exchange."); -} - -void mec(char *msg, enum protection_level level) -{ - void *buf; - size_t len; - if(!sec_complete) { - reply(503, "Incomplete security data exchange."); - return; - } - buf = malloc(strlen(msg) + 2); /* XXX go figure out where that 2 - comes from :-) */ - len = base64_decode(msg, buf); - command_prot = level; - if(len == (size_t)-1) { - reply(501, "Failed to base64-decode command"); - return; - } - len = (*mech->decode)(app_data, buf, len, level); - if(len == (size_t)-1) { - reply(535, "Failed to decode command"); - return; - } - ((char*)buf)[len] = '\0'; - if(strstr((char*)buf, "\r\n") == NULL) - strcat((char*)buf, "\r\n"); - new_ftp_command(buf); -} - -/* ------------------------------------------------------------ */ - -int -sec_userok(char *user) -{ - if(sec_complete) - return (*mech->userok)(app_data, user); - return 0; -} - -char *ftp_command; - -void -new_ftp_command(char *command) -{ - ftp_command = command; -} - -void -delete_ftp_command(void) -{ - free(ftp_command); - ftp_command = NULL; -} - -int -secure_command(void) -{ - return ftp_command != NULL; -} - -enum protection_level -get_command_prot(void) -{ - return command_prot; -} - -#else /* FTP_SERVER */ - -void -sec_status(void) -{ - if(sec_complete){ - printf("Using %s for authentication.\n", mech->name); - printf("Using %s command channel.\n", level_to_name(command_prot)); - printf("Using %s data channel.\n", level_to_name(data_prot)); - if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", - (unsigned long)buffer_size); - }else{ - printf("Not using any security mechanism.\n"); - } -} - -static int -sec_prot_internal(int level) -{ - int ret; - char *p; - unsigned int s = 1048576; - - int old_verbose = verbose; - verbose = 0; - - if(!sec_complete){ - printf("No security data exchange has taken place.\n"); - return -1; - } - - if(level){ - ret = command("PBSZ %u", s); - if(ret != COMPLETE){ - printf("Failed to set protection buffer size.\n"); - return -1; - } - buffer_size = s; - p = strstr(reply_string, "PBSZ="); - if(p) - sscanf(p, "PBSZ=%u", &s); - if(s < buffer_size) - buffer_size = s; - } - verbose = old_verbose; - ret = command("PROT %c", level["CSEP"]); /* XXX :-) */ - if(ret != COMPLETE){ - printf("Failed to set protection level.\n"); - return -1; - } - - data_prot = (enum protection_level)level; - return 0; -} - -enum protection_level -set_command_prot(enum protection_level level) -{ - enum protection_level old = command_prot; - command_prot = level; - return old; -} - -void -sec_prot(int argc, char **argv) -{ - int level = -1; - - if(argc < 2 || argc > 3) - goto usage; - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - level = name_to_level(argv[argc - 1]); - - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - - if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { - if(sec_prot_internal(level) < 0){ - code = -1; - return; - } - } else if(strncasecmp(argv[1], "command", strlen(argv[1])) == 0) - set_command_prot(level); - else - goto usage; - code = 0; - return; - usage: - printf("usage: %s [command|data] [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -static enum protection_level request_data_prot; - -void -sec_set_protection_level(void) -{ - if(sec_complete && data_prot != request_data_prot) - sec_prot_internal(request_data_prot); -} - - -int -sec_request_prot(char *level) -{ - int l = name_to_level(level); - if(l == -1) - return -1; - request_data_prot = (enum protection_level)l; - return 0; -} - -int -sec_login(char *host) -{ - int ret; - struct sec_client_mech **m; - int old_verbose = verbose; - - verbose = -1; /* shut up all messages this will produce (they - are usually not very user friendly) */ - - for(m = mechs; *m && (*m)->name; m++) { - void *tmp; - - tmp = realloc(app_data, (*m)->size); - if (tmp == NULL) { - warnx ("realloc %u failed", (*m)->size); - return -1; - } - app_data = tmp; - - if((*m)->init && (*(*m)->init)(app_data) != 0) { - printf("Skipping %s...\n", (*m)->name); - continue; - } - printf("Trying %s...\n", (*m)->name); - ret = command("AUTH %s", (*m)->name); - if(ret != CONTINUE){ - if(code == 504){ - printf("%s is not supported by the server.\n", (*m)->name); - }else if(code == 534){ - printf("%s rejected as security mechanism.\n", (*m)->name); - }else if(ret == ERROR) { - printf("The server doesn't support the FTP " - "security extensions.\n"); - verbose = old_verbose; - return -1; - } - continue; - } - - ret = (*(*m)->auth)(app_data, host); - - if(ret == AUTH_CONTINUE) - continue; - else if(ret != AUTH_OK){ - /* mechanism is supposed to output error string */ - verbose = old_verbose; - return -1; - } - mech = *m; - sec_complete = 1; - command_prot = prot_safe; - break; - } - - verbose = old_verbose; - return *m == NULL; -} - -void -sec_end(void) -{ - if (mech != NULL) { - if(mech->end) - (*mech->end)(app_data); - memset(app_data, 0, mech->size); - free(app_data); - app_data = NULL; - } - sec_complete = 0; - data_prot = (enum protection_level)0; -} - -#endif /* FTP_SERVER */ - diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.h b/crypto/kerberosIV/appl/ftp/ftp/security.h deleted file mode 100644 index 6fe06946c570b..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/security.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: security.h,v 1.7 1999/12/02 16:58:30 joda Exp $ */ - -#ifndef __security_h__ -#define __security_h__ - -enum protection_level { - prot_clear, - prot_safe, - prot_confidential, - prot_private -}; - -struct sec_client_mech { - char *name; - size_t size; - int (*init)(void *); - int (*auth)(void *, char*); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); -}; - -struct sec_server_mech { - char *name; - size_t size; - int (*init)(void *); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); - - int (*auth)(void *); - int (*adat)(void *, void*, size_t); - size_t (*pbsz)(void *, size_t); - int (*ccc)(void*); - int (*userok)(void*, char*); -}; - -#define AUTH_OK 0 -#define AUTH_CONTINUE 1 -#define AUTH_ERROR 2 - -#ifdef FTP_SERVER -extern struct sec_server_mech krb4_server_mech, gss_server_mech; -#else -extern struct sec_client_mech krb4_client_mech, gss_client_mech; -#endif - -extern int sec_complete; - -#ifdef FTP_SERVER -extern char *ftp_command; -void new_ftp_command(char*); -void delete_ftp_command(void); -#endif - -/* ---- */ - - -int sec_fflush (FILE *); -int sec_fprintf (FILE *, const char *, ...); -int sec_getc (FILE *); -int sec_putc (int, FILE *); -int sec_read (int, void *, int); -int sec_read_msg (char *, int); -int sec_vfprintf (FILE *, const char *, va_list); -int sec_fprintf2(FILE *f, const char *fmt, ...); -int sec_vfprintf2(FILE *, const char *, va_list); -int sec_write (int, char *, int); - -#ifdef FTP_SERVER -void adat (char *); -void auth (char *); -void ccc (void); -void mec (char *, enum protection_level); -void pbsz (int); -void prot (char *); -void delete_ftp_command (void); -void new_ftp_command (char *); -int sec_userok (char *); -int secure_command (void); -enum protection_level get_command_prot(void); -#else -void sec_end (void); -int sec_login (char *); -void sec_prot (int, char **); -int sec_request_prot (char *); -void sec_set_protection_level (void); -void sec_status (void); - -enum protection_level set_command_prot(enum protection_level); - -#endif - -#endif /* __security_h__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am deleted file mode 100644 index 282cb3a43c422..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am +++ /dev/null @@ -1,54 +0,0 @@ -# $Id: Makefile.am,v 1.20 1999/10/03 16:38:53 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER - -libexec_PROGRAMS = ftpd - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c kauth.c -endif -if KRB5 -krb5_sources = gssapi.c gss_userok.c -endif - -ftpd_SOURCES = \ - extern.h \ - ftpcmd.y \ - ftpd.c \ - ftpd_locl.h \ - logwtmp.c \ - ls.c \ - pathnames.h \ - popen.c \ - security.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c - -$(ftpd_OBJECTS): security.h - -security.c: - @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . -security.h: - @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . -gssapi.c: - @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . - -CLEANFILES = security.c security.h krb4.c gssapi.c ftpcmd.c - -LDADD = ../common/libcommon.a \ - $(LIB_kafs) \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_otp) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) \ - $(DBLIB) diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h deleted file mode 100644 index 5cb49046b52ac..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h +++ /dev/null @@ -1,170 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ftpd_locl.h,v 1.9 1999/12/02 16:58:30 joda Exp $ */ - -#ifndef __ftpd_locl_h__ -#define __ftpd_locl_h__ - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -/* - * FTP server. - */ -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_PARAM_H -#include <sys/param.h> -#endif -#ifdef HAVE_SYS_STAT_H -#include <sys/stat.h> -#endif -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include <sys/ioctl.h> -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include <sys/ioccom.h> -#endif -#ifdef TIME_WITH_SYS_TIME -#include <sys/time.h> -#include <time.h> -#elif defined(HAVE_SYS_TIME_H) -#include <sys/time.h> -#else -#include <time.h> -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include <sys/resource.h> -#endif -#ifdef HAVE_SYS_WAIT_H -#include <sys/wait.h> -#endif - -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include <netinet/in_systm.h> -#endif -#ifdef HAVE_NETINET_IP_H -#include <netinet/ip.h> -#endif - -#ifdef HAVE_SYS_MMAN_H -#include <sys/mman.h> -#endif - -#include <arpa/ftp.h> -#ifdef HAVE_ARPA_INET_H -#include <arpa/inet.h> -#endif -#ifdef HAVE_ARPA_TELNET_H -#include <arpa/telnet.h> -#endif - -#include <ctype.h> -#ifdef HAVE_DIRENT_H -#include <dirent.h> -#endif -#include <errno.h> -#ifdef HAVE_FCNTL_H -#include <fcntl.h> -#endif -#include <glob.h> -#include <limits.h> -#ifdef HAVE_PWD_H -#include <pwd.h> -#endif -#include <setjmp.h> -#include <signal.h> -#include <stdio.h> -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> -#ifdef HAVE_SYSLOG_H -#include <syslog.h> -#endif -#include <time.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_GRP_H -#include <grp.h> -#endif -#include <fnmatch.h> - -#ifdef HAVE_BSD_BSD_H -#include <bsd/bsd.h> -#endif - -#include <err.h> - -#include "pathnames.h" -#include "extern.h" -#include "common.h" - -#include "security.h" - -#include "roken.h" - -#ifdef KRB4 -#include <krb.h> -#include <kafs.h> -#endif - -#ifdef OTP -#include <otp.h> -#endif - -#ifdef SOCKS -#include <socks.h> -extern int LIBPREFIX(fclose) (FILE *); -#endif - -/* SunOS doesn't have any declaration of fclose */ - -int fclose(FILE *stream); - -int yyparse(); - -#ifndef LOG_FTP -#define LOG_FTP LOG_DAEMON -#endif - -#endif /* __ftpd_locl_h__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c deleted file mode 100644 index 28e35960cc9da..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" -#include <gssapi.h> -#include <krb5.h> - -RCSID("$Id: gss_userok.c,v 1.2 1999/12/02 16:58:31 joda Exp $"); - -/* XXX a bit too much of krb5 dependency here... - What is the correct way to do this? - */ - -extern krb5_context gssapi_krb5_context; - -/* XXX sync with gssapi.c */ -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; -}; - -int gss_userok(void*, char*); /* to keep gcc happy */ - -int -gss_userok(void *app_data, char *username) -{ - struct gss_data *data = app_data; - if(gssapi_krb5_context) { - krb5_principal client; - krb5_error_code ret; - ret = krb5_parse_name(gssapi_krb5_context, data->client_name, &client); - if(ret) - return 1; - ret = krb5_kuserok(gssapi_krb5_context, client, username); - krb5_free_principal(gssapi_krb5_context, client); - return !ret; - } - return 1; -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ls.c b/crypto/kerberosIV/appl/ftp/ftpd/ls.c deleted file mode 100644 index 97eb77ed906d1..0000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ls.c +++ /dev/null @@ -1,572 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "ftpd_locl.h" - -RCSID("$Id: ls.c,v 1.13 1999/11/20 20:49:41 assar Exp $"); - -struct fileinfo { - struct stat st; - int inode; - int bsize; - char mode[11]; - int n_link; - char *user; - char *group; - char *size; - char *major; - char *minor; - char *date; - char *filename; - char *link; -}; - -#define LS_DIRS 1 -#define LS_IGNORE_DOT 2 -#define LS_SORT_MODE 12 -#define SORT_MODE(f) ((f) & LS_SORT_MODE) -#define LS_SORT_NAME 4 -#define LS_SORT_MTIME 8 -#define LS_SORT_SIZE 12 -#define LS_SORT_REVERSE 16 - -#define LS_SIZE 32 -#define LS_INODE 64 - -#ifndef S_ISTXT -#define S_ISTXT S_ISVTX -#endif - -#ifndef S_ISSOCK -#define S_ISSOCK(mode) (((mode) & _S_IFMT) == S_IFSOCK) -#endif - -#ifndef S_ISLNK -#define S_ISLNK(mode) (((mode) & _S_IFMT) == S_IFLNK) -#endif - -static void -make_fileinfo(const char *filename, struct fileinfo *file, int flags) -{ - char buf[128]; - struct stat *st = &file->st; - - file->inode = st->st_ino; -#ifdef S_BLKSIZE - file->bsize = st->st_blocks * S_BLKSIZE / 1024; -#else - file->bsize = st->st_blocks * 512 / 1024; -#endif - - if(S_ISDIR(st->st_mode)) - file->mode[0] = 'd'; - else if(S_ISCHR(st->st_mode)) - file->mode[0] = 'c'; - else if(S_ISBLK(st->st_mode)) - file->mode[0] = 'b'; - else if(S_ISREG(st->st_mode)) - file->mode[0] = '-'; - else if(S_ISFIFO(st->st_mode)) - file->mode[0] = 'p'; - else if(S_ISLNK(st->st_mode)) - file->mode[0] = 'l'; - else if(S_ISSOCK(st->st_mode)) - file->mode[0] = 's'; -#ifdef S_ISWHT - else if(S_ISWHT(st->st_mode)) - file->mode[0] = 'w'; -#endif - else - file->mode[0] = '?'; - { - char *x[] = { "---", "--x", "-w-", "-wx", - "r--", "r-x", "rw-", "rwx" }; - strcpy(file->mode + 1, x[(st->st_mode & S_IRWXU) >> 6]); - strcpy(file->mode + 4, x[(st->st_mode & S_IRWXG) >> 3]); - strcpy(file->mode + 7, x[(st->st_mode & S_IRWXO) >> 0]); - if((st->st_mode & S_ISUID)) { - if((st->st_mode & S_IXUSR)) - file->mode[3] = 's'; - else - file->mode[3] = 'S'; - } - if((st->st_mode & S_ISGID)) { - if((st->st_mode & S_IXGRP)) - file->mode[6] = 's'; - else - file->mode[6] = 'S'; - } - if((st->st_mode & S_ISTXT)) { - if((st->st_mode & S_IXOTH)) - file->mode[9] = 't'; - else - file->mode[9] = 'T'; - } - } - file->n_link = st->st_nlink; - { - struct passwd *pwd; - pwd = getpwuid(st->st_uid); - if(pwd == NULL) - asprintf(&file->user, "%u", (unsigned)st->st_uid); - else - file->user = strdup(pwd->pw_name); - } - { - struct group *grp; - grp = getgrgid(st->st_gid); - if(grp == NULL) - asprintf(&file->group, "%u", (unsigned)st->st_gid); - else - file->group = strdup(grp->gr_name); - } - - if(S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) { -#if defined(major) && defined(minor) - asprintf(&file->major, "%u", (unsigned)major(st->st_rdev)); - asprintf(&file->minor, "%u", (unsigned)minor(st->st_rdev)); -#else - /* Don't want to use the DDI/DKI crap. */ - asprintf(&file->major, "%u", (unsigned)st->st_rdev); - asprintf(&file->minor, "%u", 0); -#endif - } else - asprintf(&file->size, "%lu", (unsigned long)st->st_size); - - { - time_t t = time(NULL); - struct tm *tm = localtime(&st->st_mtime); - if((t - st->st_mtime > 6*30*24*60*60) || - (st->st_mtime - t > 6*30*24*60*60)) - strftime(buf, sizeof(buf), "%b %e %Y", tm); - else - strftime(buf, sizeof(buf), "%b %e %H:%M", tm); - file->date = strdup(buf); - } - { - const char *p = strrchr(filename, '/'); - if(p) - p++; - else - p = filename; - file->filename = strdup(p); - } - if(S_ISLNK(st->st_mode)) { - int n; - n = readlink((char *)filename, buf, sizeof(buf)); - if(n >= 0) { - buf[n] = '\0'; - file->link = strdup(buf); - } else - warn("%s: readlink", filename); - } -} - -static void -print_file(FILE *out, - int flags, - struct fileinfo *f, - int max_inode, - int max_bsize, - int max_n_link, - int max_user, - int max_group, - int max_size, - int max_major, - int max_minor, - int max_date) -{ - if(f->filename == NULL) - return; - - if(flags & LS_INODE) { - sec_fprintf2(out, "%*d", max_inode, f->inode); - sec_fprintf2(out, " "); - } - if(flags & LS_SIZE) { - sec_fprintf2(out, "%*d", max_bsize, f->bsize); - sec_fprintf2(out, " "); - } - sec_fprintf2(out, "%s", f->mode); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*d", max_n_link, f->n_link); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_user, f->user); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_group, f->group); - sec_fprintf2(out, " "); - if(f->major != NULL && f->minor != NULL) - sec_fprintf2(out, "%*s, %*s", max_major, f->major, max_minor, f->minor); - else - sec_fprintf2(out, "%*s", max_size, f->size); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*s", max_date, f->date); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%s", f->filename); - if(f->link) - sec_fprintf2(out, " -> %s", f->link); - sec_fprintf2(out, "\r\n"); -} - -static int -compare_filename(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return strcmp(a->filename, b->filename); -} - -static int -compare_mtime(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return a->st.st_mtime - b->st.st_mtime; -} - -static int -compare_size(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return a->st.st_size - b->st.st_size; -} - -static void -list_dir(FILE *out, const char *directory, int flags); - -static int -log10(int num) -{ - int i = 1; - while(num > 10) { - i++; - num /= 10; - } - return i; -} - -/* - * Operate as lstat but fake up entries for AFS mount points so we don't - * have to fetch them. - */ - -static int -lstat_file (const char *file, struct stat *sb) -{ -#ifdef KRB4 - if (k_hasafs() - && strcmp(file, ".") - && strcmp(file, "..")) - { - struct ViceIoctl a_params; - char *last; - char *path_bkp; - static ino_t ino_counter = 0, ino_last = 0; - int ret; - const int maxsize = 2048; - - path_bkp = strdup (file); - if (path_bkp == NULL) - return -1; - - a_params.out = malloc (maxsize); - if (a_params.out == NULL) { - free (path_bkp); - return -1; - } - - /* If path contains more than the filename alone - split it */ - - last = strrchr (path_bkp, '/'); - if (last != NULL) { - *last = '\0'; - a_params.in = last + 1; - } else - a_params.in = (char *)file; - - a_params.in_size = strlen (a_params.in) + 1; - a_params.out_size = maxsize; - - ret = k_pioctl (last ? path_bkp : "." , - VIOC_AFS_STAT_MT_PT, &a_params, 0); - free (a_params.out); - if (ret < 0) { - free (path_bkp); - - if (errno != EINVAL) - return ret; - else - /* if we get EINVAL this is probably not a mountpoint */ - return lstat (file, sb); - } - - /* - * wow this was a mountpoint, lets cook the struct stat - * use . as a prototype - */ - - ret = lstat (path_bkp, sb); - free (path_bkp); - if (ret < 0) - return ret; - - if (ino_last == sb->st_ino) - ino_counter++; - else { - ino_last = sb->st_ino; - ino_counter = 0; - } - sb->st_ino += ino_counter; - sb->st_nlink = 3; - - return 0; - } -#endif /* KRB4 */ - return lstat (file, sb); -} - -static void -list_files(FILE *out, char **files, int n_files, int flags) -{ - struct fileinfo *fi; - int i; - - fi = calloc(n_files, sizeof(*fi)); - if (fi == NULL) { - sec_fprintf2(out, "ouf of memory\r\n"); - return; - } - for(i = 0; i < n_files; i++) { - if(lstat_file(files[i], &fi[i].st) < 0) { - sec_fprintf2(out, "%s: %s\r\n", files[i], strerror(errno)); - fi[i].filename = NULL; - } else { - if((flags & LS_DIRS) == 0 && S_ISDIR(fi[i].st.st_mode)) { - if(n_files > 1) - sec_fprintf2(out, "%s:\r\n", files[i]); - list_dir(out, files[i], flags); - } else { - make_fileinfo(files[i], &fi[i], flags); - } - } - } - switch(SORT_MODE(flags)) { - case LS_SORT_NAME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_filename); - break; - case LS_SORT_MTIME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_mtime); - break; - case LS_SORT_SIZE: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_size); - break; - } - { - int max_inode = 0; - int max_bsize = 0; - int max_n_link = 0; - int max_user = 0; - int max_group = 0; - int max_size = 0; - int max_major = 0; - int max_minor = 0; - int max_date = 0; - for(i = 0; i < n_files; i++) { - if(fi[i].filename == NULL) - continue; - if(fi[i].inode > max_inode) - max_inode = fi[i].inode; - if(fi[i].bsize > max_bsize) - max_bsize = fi[i].bsize; - if(fi[i].n_link > max_n_link) - max_n_link = fi[i].n_link; - if(strlen(fi[i].user) > max_user) - max_user = strlen(fi[i].user); - if(strlen(fi[i].group) > max_group) - max_group = strlen(fi[i].group); - if(fi[i].major != NULL && strlen(fi[i].major) > max_major) - max_major = strlen(fi[i].major); - if(fi[i].minor != NULL && strlen(fi[i].minor) > max_minor) - max_minor = strlen(fi[i].minor); - if(fi[i].size != NULL && strlen(fi[i].size) > max_size) - max_size = strlen(fi[i].size); - if(strlen(fi[i].date) > max_date) - max_date = strlen(fi[i].date); - } - if(max_size < max_major + max_minor + 2) - max_size = max_major + max_minor + 2; - else if(max_size - max_minor - 2 > max_major) - max_major = max_size - max_minor - 2; - max_inode = log10(max_inode); - max_bsize = log10(max_bsize); - max_n_link = log10(max_n_link); - - if(flags & LS_SORT_REVERSE) - for(i = n_files - 1; i >= 0; i--) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - else - for(i = 0; i < n_files; i++) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - } -} - -static void -free_files (char **files, int n) -{ - int i; - - for (i = 0; i < n; ++i) - free (files[i]); - free (files); -} - -static void -list_dir(FILE *out, const char *directory, int flags) -{ - DIR *d = opendir(directory); - struct dirent *ent; - char **files = NULL; - int n_files = 0; - - if(d == NULL) { - sec_fprintf2(out, "%s: %s\r\n", directory, strerror(errno)); - return; - } - while((ent = readdir(d)) != NULL) { - void *tmp; - - if(ent->d_name[0] == '.') { - if (flags & LS_IGNORE_DOT) - continue; - if (ent->d_name[1] == 0) /* Ignore . */ - continue; - if (ent->d_name[1] == '.' && ent->d_name[2] == 0) /* Ignore .. */ - continue; - } - tmp = realloc(files, (n_files + 1) * sizeof(*files)); - if (tmp == NULL) { - sec_fprintf2(out, "%s: out of memory\r\n", directory); - free_files (files, n_files); - closedir (d); - return; - } - files = tmp; - asprintf(&files[n_files], "%s/%s", directory, ent->d_name); - if (files[n_files] == NULL) { - sec_fprintf2(out, "%s: out of memory\r\n", directory); - free_files (files, n_files); - closedir (d); - return; - } - ++n_files; - } - closedir(d); - list_files(out, files, n_files, flags | LS_DIRS); -} - -void -builtin_ls(FILE *out, const char *file) -{ - int flags = LS_SORT_NAME; - - if(*file == '-') { - const char *p; - for(p = file + 1; *p; p++) { - switch(*p) { - case 'a': - case 'A': - flags &= ~LS_IGNORE_DOT; - break; - case 'C': - break; - case 'd': - flags |= LS_DIRS; - break; - case 'f': - flags = (flags & ~LS_SORT_MODE); - break; - case 'i': - flags |= flags | LS_INODE; - break; - case 'l': - break; - case 't': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_MTIME; - break; - case 's': - flags |= LS_SIZE; - break; - case 'S': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_SIZE; - break; - case 'r': - flags |= LS_SORT_REVERSE; - break; - } - } - file = "."; - } - list_files(out, &file, 1, flags); - sec_fflush(out); -} |