8 files changed, 78 insertions, 15 deletions

diff --git a/usr.bin/ncftp/Makefile b/usr.bin/ncftp/Makefile
index 5d13f0403aac..9aa9e68fb8ad 100644
--- a/usr.bin/ncftp/Makefile
+++ b/usr.bin/ncftp/Makefile
@@ -7,7 +7,8 @@ DPADD= $(LIBREADLINE) $(LIBTERMCAP)
 LDADD= -lreadline -ltermcap
 
 CFLAGS+= -DGZCAT=\"/usr/bin/gzcat\" -DREADLINE -DCURSES -DNO_CURSES_H \
-	 -DSYSLOG -DTRY_ABOR -DGATEWAY
+	 -DSYSLOG -DTRY_ABOR -DGATEWAY \
+	 -DFTP_DATA_BOTTOM=40000 -DFTP_DATA_TOP=44999
 
 MK= $(CC) $(CFLAGS) $(LDADD)
 
diff --git a/usr.bin/ncftp/cmds.c b/usr.bin/ncftp/cmds.c
index 564c79910ea1..99dc5b94cc57 100644
--- a/usr.bin/ncftp/cmds.c
+++ b/usr.bin/ncftp/cmds.c
@@ -42,6 +42,7 @@ str32				curtypename;		/* name of file transfer type */
 int					verbose; 			/* verbosity level of output */
 int					mprompt;			/* interactively prompt on m* cmds */
 int					passivemode;		/* no reverse FTP connections */
+int					restricted_data_ports;		/* high port range */
 int					debug;				/* debugging level */
 int					options;			/* used during socket creation */
 int					macnum;				/* number of defined macros */
@@ -2215,9 +2216,16 @@ int unimpl(int argc, char **argv)
 int setpassive(int argc, char **argv)
 {
 	passivemode = !passivemode;
-	printf( "Passive mode %s.\n", (passivemode ? "ON" : "OFF") );
+	printf("Passive mode %s.\n", (passivemode ? "ON" : "OFF"));
 	return NOERR;
 }
 
+int setrestrict(int argc, char **argv)
+{
+	restricted_data_ports = !restricted_data_ports;
+	printf("Data port range restrictions %s.\n",
+	       (restricted_data_ports ? "ON" : "OFF"));
+	return NOERR;
+}
 
 /* eof cmds.c */
diff --git a/usr.bin/ncftp/cmds.h b/usr.bin/ncftp/cmds.h
index 0f8bce0b65fe..f36303c6171b 100644
--- a/usr.bin/ncftp/cmds.h
+++ b/usr.bin/ncftp/cmds.h
@@ -122,6 +122,7 @@ long GetDateSizeFromLSLine(char *fName, unsigned long *mod_time);
 long GetDateAndSize(char *fName, unsigned long *mod_time);
 int SetTypeByNumber(int i);
 int setpassive(int argc, char **argv);
+int setrestrict(int argc, char **argv);
 
 
 /* In util.c: */
diff --git a/usr.bin/ncftp/cmdtab.c b/usr.bin/ncftp/cmdtab.c
index 86d4a5fce9b7..f2be8795fb37 100644
--- a/usr.bin/ncftp/cmdtab.c
+++ b/usr.bin/ncftp/cmdtab.c
@@ -100,6 +100,8 @@ Examples:\n\
 #define QUITHELP "quits the program"
 #define QUITUSAGE EMPTYSTR
 
+#define	RESTRICTHELP "toggle restriction of data port range"
+
 #define RHELPHELP "asks the remote-server for help"
 #define RHELPUSAGE " [help-topic (i.e. FTP command)]"
 
@@ -218,6 +220,7 @@ struct cmd cmdtab[] = {
 	{ "remotehelp",	   1,  0,  rmthelp, RHELPHELP, RHELPUSAGE },
 	{ "reset",         0,  1,  unimpl, UNIMPLHELP, UNIMPLUSAGE },
 	{ "restart",       0,  1,  unimpl, UNIMPLHELP, UNIMPLUSAGE },
+	{ "restrict",	   0,  0,  setrestrict, RESTRICTHELP, EMPTYSTR },
 	{ "rm",			   1,  1,  do_delete, DELETEHELP, DELETEUSAGE },
 	{ "rstatus",   	   1,  0,  rmtstatus,
 		"asks the remote-server for it's status",
diff --git a/usr.bin/ncftp/defaults.h b/usr.bin/ncftp/defaults.h
index 18331eafe728..dffec8ebbd9a 100644
--- a/usr.bin/ncftp/defaults.h
+++ b/usr.bin/ncftp/defaults.h
@@ -52,6 +52,10 @@
 #define	dPASSIVE 0				/* Use PORT for more portability... */
 #endif
 
+#ifndef	dRESTRICT
+#define	dRESTRICT 1				/* should be safe to be 1 */
+#endif
+
 #ifndef dVERBOSE				/* V_QUIET, V_ERRS, V_TERSE, V_VERBOSE */
 #define dVERBOSE V_TERSE
 #endif
diff --git a/usr.bin/ncftp/ftp.c b/usr.bin/ncftp/ftp.c
index c90aafeb69b8..5afe3e3464b0 100644
--- a/usr.bin/ncftp/ftp.c
+++ b/usr.bin/ncftp/ftp.c
@@ -105,6 +105,7 @@ extern struct macel			macros[];
 extern struct lslist		*lshead, *lstail;
 extern int					is_ls;
 extern int					passivemode;
+extern int					restricted_data_ports;
 
 #ifdef GATEWAY
 extern string				gateway;
@@ -1702,6 +1703,8 @@ int initconn(void)
 	char				*cp;
 	int					a1, a2, a3, a4, p1, p2;
 	unsigned char		n[6];
+	int			count;
+	static u_short		last_port = FTP_DATA_BOTTOM;
   
   	oldintr = Signal(SIGINT, SIG_IGN);
 
@@ -1791,9 +1794,6 @@ TryPort:
 	rval = 0;
 
 noport:
-	data_addr = myctladdr;
-	if (sendport)
-		data_addr.sin_port = 0;	/* let system pick one */ 
 	if (data != -1)
 		(void) close (data);
 	data = socket(AF_INET, SOCK_STREAM, 0);
@@ -1804,20 +1804,57 @@ noport:
 		rval = 1;  goto Return;
 	}
 
-	if (!sendport)
-		if (setsockopt(data, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof (on)) < 0) {
-			PERROR("initconn", "setsockopt (reuse address)");
-			goto bad;
-		}
+	data_addr = myctladdr;
+	if (sendport) {
+		if (restricted_data_ports) {
+			for (count = 0;
+			     count < FTP_DATA_TOP - FTP_DATA_BOTTOM;
+			     count++) {
+				last_port++;
+				if (last_port < FTP_DATA_BOTTOM ||
+				    last_port > FTP_DATA_TOP)
+					last_port = FTP_DATA_BOTTOM;
 
+				data_addr.sin_port = htons(last_port);
 #ifdef SOCKS
-	if (Rbind(data, (struct sockaddr *)&data_addr, sizeof (data_addr), hisctladdr.sin_addr.s_addr) < 0) {
+				if (Rbind(data,&data_addr,sizeof data_addr,
+					  hisctladdr.sin_addr.s_addr) <0) {
 #else
-	if (Bind(data, &data_addr, sizeof (data_addr)) < 0) {
+				if (Bind(data,&data_addr,sizeof data_addr) <0) {
 #endif
-		PERROR("initconn", "bind");
-		goto bad;
+					if (errno == EADDRINUSE)
+						continue;
+					else {
+						warn("bind");
+						goto bad;
+					}
+				}
+				break;
+			}
+			if (count >= FTP_DATA_TOP-FTP_DATA_BOTTOM) {
+				PERROR("initconn", "bind");
+				goto bad;
+			}
+		} else {
+			data_addr.sin_port = 0;	/* use any port */
+#ifdef	SOCKS
+			if (Rbind(data,&data_addr,sizeof data_addr,
+				  hisctladdr.sin_addr.s_addr) <0) {
+#else
+			if (Bind(data,&data_addr, sizeof data_addr) <0) {
+#endif
+				PERROR("initconn", "bind");
+				goto bad;
+			}
+		}
+	} else {
+		if (setsockopt(data, SOL_SOCKET, SO_REUSEADDR, (char *)&on,
+			       sizeof (on)) < 0) {
+			PERROR("initconn", "setsockopt (reuse address)");
+			goto bad;
+		}
 	}
+
 #ifdef LINGER	/* If puts don't complete, you could try this. */
 	{
 		struct linger li;
diff --git a/usr.bin/ncftp/main.c b/usr.bin/ncftp/main.c
index d385e352d5d0..09d94e081c96 100644
--- a/usr.bin/ncftp/main.c
+++ b/usr.bin/ncftp/main.c
@@ -123,6 +123,7 @@ static char			tcbuf[2048];
 extern int			debug, verbose, mprompt, passivemode;
 extern int			options, cpend, data, connected, logged_in;
 extern int			curtype, macnum, remote_is_unix;
+extern int			restricted_data_ports;
 extern FILE			*cout;
 extern struct cmd	cmdtab[];
 extern str32		curtypename;
@@ -184,6 +185,7 @@ Re-compile, this time with -DZCAT=\\\"/path/to/zcat\\\".\n");
 	debug = dDEBUG;
 	verbose = dVERBOSE;
 	passivemode = dPASSIVE;
+	restricted_data_ports = dRESTRICT;
 	(void) Strncpy(vstr, short_verbose_msgs[verbose+1]);
 
 	(void) Strncpy(curtypename, dTYPESTR);
@@ -243,7 +245,7 @@ Re-compile, this time with -DZCAT=\\\"/path/to/zcat\\\".\n");
 
 	ignore_rc = 0;
 	(void) strcpy(oline, "open ");
-	while ((opt = Getopt(argc, argv, "D:V:INPRHaicmup:rd:g:")) >= 0) {
+	while ((opt = Getopt(argc, argv, "D:V:INPURHaicmup:rd:g:")) >= 0) {
 		switch(opt) {
 			case 'a':
 			case 'c':
@@ -283,6 +285,10 @@ Re-compile, this time with -DZCAT=\\\"/path/to/zcat\\\".\n");
 				passivemode = !passivemode;
 				break;
 
+			case 'U':
+				restricted_data_ports = !restricted_data_ports;
+				break;
+
 			case 'H':
 				(void) show_version(0, NULL);
 				exit (0);
@@ -296,6 +302,7 @@ Program Options:\n\
     -I     : Toggle interactive (mprompt) mode.\n\
     -N     : Toggle reading of the .netrc/.ncftprc.\n\
     -P     : Toggle passive mode ftp (for use behind firewalls).\n\
+    -U     : Toggle restricted data ports (for use behind firewalls).\n\
     -V x   : Set verbosity to level x (-1,0,1,2).\n\
 Open Options:\n\
     -a     : Open anonymously (this is the default).\n\
diff --git a/usr.bin/ncftp/set.c b/usr.bin/ncftp/set.c
index b071df2cacdb..833c7af2ce3b 100644
--- a/usr.bin/ncftp/set.c
+++ b/usr.bin/ncftp/set.c
@@ -48,6 +48,7 @@ extern longstring			rcname, logfname, lcwd;
 extern int					auto_binary, ansi_escapes, debug;
 extern int					mprompt, remote_is_unix, verbose;
 extern int					startup_msg, anon_open, passivemode;
+extern int					restricted_data_ports;
 #ifndef NO_TIPS
 extern int					tips;
 #endif
@@ -83,6 +84,7 @@ struct var vars[] = {
 	VARENTRY("progress-reports",INT,  0, &progress_meter,NULL),
 	VARENTRY("recent-list",		BOOL, 0, &keep_recent,	NULL),
 	VARENTRY("remote-is-unix",	BOOL, 1, &remote_is_unix,NULL),
+	VARENTRY("restricted-data-ports",BOOL, 0, &restricted_data_ports, NULL),
 	VARENTRY("startup-msg",		BOOL, 0, &startup_msg,	NULL),  /* TAR */
 #ifndef NO_TIPS
 	VARENTRY("tips",			BOOL, 0, &tips,			NULL),