Hello Bernhard,

The first patch for ftpd authentication is a bug fix for NOMMU platforms. 

You need a working jail in order for the authentication to make sense. (And 
I've got a NOMMU platform.) The patch has been tested on both NOMMU and normal 
platforms. 

The patches are in collaboration with walter harms. 

Btw, the vsftpd might be nice (and rather big!), but it takes very little code 
to add basic authentication to the busybox ftpd. (Many other busybox apps has 
the same.)

Regards,
Morten Kvistgaard

---
networking/ftpd.c | 44 ++++++++++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 14 deletions(-)

diff --git a/networking/ftpd.c b/networking/ftpd.c index 33db964..960984b 100644
--- a/networking/ftpd.c
+++ b/networking/ftpd.c
@@ -617,21 +617,29 @@ handle_retr(void)
static int
popen_ls(const char *opt)
{
-                           const char *argv[5];
                            struct fd_pair outfd;
                            pid_t pid;
+#if BB_MMU
+                          #define FTP_ARG_NO 2
+                          const char *argv[4];

-                           argv[0] = "ftpd";
+                          argv[0] = "ls";
                            argv[1] = opt; /* "-l" or "-1" */
-#if BB_MMU
-                           argv[2] = "--";
+                          argv[2] = G.ftp_arg;
+                          argv[3] = NULL;
#else
-                           /* NOMMU ftpd ls helper chdirs to argv[2],
-                           * preventing peer from seeing real root. */
-                           argv[2] = xrealloc_getcwd_or_warn(NULL);
+                          #define FTP_ARG_NO 4
+                          const char *argv[6];
+
+                          argv[0] = "ftpd";
+                          argv[1] = opt; /* "-l" or "-1" */
+                          /* NOMMU ftpd ls helper chdirs to argv[3],
+     * preventing peer from seeing real root. */
+                          argv[2] = G.chroot_dir;
+                          argv[3] = xrealloc_getcwd_or_warn(NULL);
+                          argv[4] = G.ftp_arg;
+                          argv[5] = NULL;
#endif
-                           argv[3] = G.ftp_arg;
-                           argv[4] = NULL;

                             /* Improve compatibility with non-RFC conforming 
FTP clients
                             * which send e.g. "LIST -l", "LIST -la", "LIST 
-aL".
@@ -642,7 +650,7 @@ popen_ls(const char *opt)
                                                         const char *tmp = 
strchr(G.ftp_arg, ' ');
                                                         if (tmp) /* skip the 
space */
                                                                                
      tmp++;
-                                                        argv[3] = tmp;
+                                                       argv[FTP_ARG_NO] = tmp;
                            }

                             xpiped_pair(outfd);
@@ -659,6 +667,7 @@ popen_ls(const char *opt)
                                                          * relative to current 
directory */
                                                         if (fchdir(G.root_fd) 
!= 0)
                                                                                
      _exit(127);
+                                                       xchroot(".");   /* will 
break out of jail */
                                                         /*close(G.root_fd); - 
close_on_exec_on() took care of this */  #endif
                                                         /* NB: close _first_, 
then move fd! */ @@ -685,7 +694,7 @@ popen_ls(const char *opt)
                            /* parent */
                            close(outfd.wr);
#if !BB_MMU
-                           free((char*)argv[2]);
+                          free((char*)argv[3]);
#endif
                            return outfd.rd;
}
@@ -1085,6 +1094,7 @@ enum {
                            const_PASV = mk_const4('P', 'A', 'S', 'V'),
                            const_PORT = mk_const4('P', 'O', 'R', 'T'),
                            const_PWD  = mk_const3('P', 'W', 'D'),
+                          const_XPWD = mk_const4('X', 'P', 'W', 'D'),          
                    /* Deprecated, but still used by some clients. Eg. Windows 
ftp (cmd) */
                            const_QUIT = mk_const4('Q', 'U', 'I', 'T'),
                            const_REST = mk_const4('R', 'E', 'S', 'T'),
                            const_RETR = mk_const4('R', 'E', 'T', 'R'), @@ 
-1135,8 +1145,14 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
/* TODO: pass -n? It prevents user/group resolution, which may not work in 
chroot anyway */
/* TODO: pass -A? It shows dot files */
/* TODO: pass --group-directories-first? would be nice, but ls doesn't do that 
yet */
-                                                        xchdir(argv[2]);
-                                                        argv[2] = (char*)"--";
+
+                                                       /* set chroot and 
current dir */
+                                                       xchroot(argv[2]);
+                                                       xchdir(argv[3]);
+                                                       argv[2] = argv[4];
+                                                       argv[3] = NULL;
+                                                       argv[4] = NULL;
+
                                                         /* memset(&G, 0, 
sizeof(G)); - ls_main does it */
                                                         return ls_main(argc, 
argv);
                            }
@@ -1292,7 +1308,7 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
                                                                                
      WRITE_OK(FTP_ALLOOK);
                                                         else if (cmdval == 
const_SYST)
                                                                                
      cmdio_write_raw(STR(FTP_SYSTOK)" UNIX Type: L8\r\n");
-                                                        else if (cmdval == 
const_PWD)
+                                                       else if (cmdval == 
const_PWD || cmdval == const_XPWD)
                                                                                
      handle_pwd();
                                                         else if (cmdval == 
const_CWD)
                                                                                
      handle_cwd();
--
1.9.3


 
 
--
This message has been scanned for viruses and dangerous content by CronLab
(www.cronlab.com), and is believed to be clean.

_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox

Reply via email to