summaryrefslogtreecommitdiffstats
path: root/libexec/ftpd
AgeCommit message (Collapse)AuthorFilesLines
2020-12-27We know about optreset from unistd.h.florian1-2/+1
From Jan Stary, thanks. OK martijn
2020-03-04Avoid passing a NULL name to retrieve(), use "." instead.millert1-2/+2
Fixes a "vfprintf %s NULL" warning in ftpd. OK deraadt@ tb@
2020-01-15Simplify globbing of ftpd(8)s list and nlst commands.jan3-34/+25
Also avoid command option injection for ls(1). OK martijn@
2019-07-03snprintf/vsnprintf return < 0 on error, rather than -1.deraadt1-2/+2
2019-06-28When system calls indicate an error they return -1, not some arbitraryderaadt6-71/+71
value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
2019-05-08rm dead code and simplify ftpd_popen. this code has only calledtedu5-75/+42
its statically linked ls_main for some time now. from Jan Klemkow ok deraadt
2018-12-11Flip snprintf(3) error check to align it with the man page example.bluhm1-2/+2
No functional change. suggested by tb@; from Jan Klemkow
2018-12-11Convert some variables with non-negative values to unsigned typebluhm1-6/+7
to avoid comparison of integers of different signs. from Jan Klemkow; OK tb@
2017-04-27Don't send multiple error messages in response to a single commandmikeb1-1/+5
While a few commands (such as HELP and NOOP) are allowed in between USER and PASS, most of the others are not. However if such command is issued, ftpd should abort the command evaluation early and reply with "530 Please login with USER and PASS." From form@, with input from deraadt@ and OK millert@
2017-04-17memset() of password field should be explicit_bzero().deraadt1-2/+2
[Not using freezero() in yacc files yet]
2017-04-17freezero() can be used herederaadt1-3/+2
2016-09-03Use a single "opt" variable for all setsockopt calls in getdatasock().jca1-12/+13
on = 65536; if (setsockopt(... &on ...) is slightly misleading.
2016-09-03Set "lowdelay" and "throughput" Traffic Class on command & data IPv6 sockets.jca1-7/+21
2016-08-31Don't attempt to support IPv4-mapped IPv6 addresses.jca1-37/+5
We don't consider support for those addreses as desirable, so let's not give a bad example by keeping application code to handle them. This is dead code on OpenBSD anyway since we do not support IPv4-mapped stuff. But let's keep the check to log and warn the admin if the code gets ported elsewhere. Porters of this code should ensure that IPv6 sockets can't see IPv4-mapped addresses by using the IPV6_V6ONLY sockopt. Discussed with & ok tedu@ For a rationale, see https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02
2016-08-30remove ifdef for all the features we have.tedu1-16/+1
retain disabled ip4in6 code until its future is decided. ok deraadt jca
2016-08-26trim down some NBBY references. 8 bits ought to be enough for anyone.tedu2-9/+5
2016-08-14When upcasting to off_t for multiplication, the cast needs to be *before*guenther1-4/+4
the multiplication to avoid truncation/overflow ok krw@
2016-08-14Convert %q to %ll with long long casts for printf()guenther2-26/+26
Delete pointless casts to off_t, void*, and uid_t ok krw@
2016-07-04Use fstatat() instead of crafting a filename to use with stat()guenther1-14/+16
ok millert@
2016-05-04Kill #ifdef INET6 occurrences in userland.jca2-9/+2
Prompted by and ok millert@ (tcpdump and libpcap left untouched, the #ifdef force is too strong with those)
2016-04-25prefer setres{u,g}id() rather than manipulating both real and effectivederaadt2-12/+8
ids, it clarifies these are full revocation situations. ok millert
2016-04-06compare pointer to NULL instead of 0semarie1-7/+8
from fritjof ! alokat.org ok ratchov@ natano@
2016-03-16More "(<blah> *)0" -> NULL, avoiding any stdarg functions.krw1-2/+2
Feedback millert@ kettenis@
2016-02-29Print ssize_t with %zd; ok deraadt@ mmcc@jca1-4/+4
2016-02-29Kill unused variable.jca1-2/+2
2015-12-12Remove NULL-checks before free(). ok tb@mmcc1-11/+6
2015-12-01needs utf8.c from the ls tree alsoderaadt1-2/+2
2015-11-16don't need to ifdef setproctitletedu4-21/+4
2015-10-25No longer create /var/run/ftpd.pid in daemon mode; OK jung@ jca@millert2-10/+4
2015-10-25unifdef some oldness. (BSD not defined since removal of param.h)tedu1-10/+1
ok jca sthen
2015-10-19Delete the empty example file "ftpchroot"; no example is needed.schwarze1-2/+3
Move the one useful bit of information contained in the file ("one user name per line") to the ftpd(8) manual page where it belongs. OK deraadt@ sthen@
2015-10-04fix custom popen to return pid to caller instead of tracking in a gianttedu3-36/+24
array. this implies we can't use a function pointer for close, but also means we get to repair some abuse of the comma operator. ok miod
2015-09-01test pointers with NULL not '\0'jsg1-4/+4
2015-08-18calloc() is prototyped; do not cast resultderaadt1-2/+2
2015-03-17Eliminate use of TM_YEAR_BASE. OK guenther@ deraadt@ miod@millert1-2/+2
2015-03-15tzfile.h is an internal header that should never have been installed.millert1-2/+1
What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
2015-02-06SIZE_MAX is standard, we should be using it in preference to themillert1-4/+4
obsolete SIZE_T_MAX. OK miod@ beck@
2015-01-19CMASK went out of scope with the recent <sys/param.h> removal. But ohderaadt1-6/+2
golly gee, ftpd can handle that itself due to the glorious old practice of #ifndef #define. Remove that junk. ok guenther
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2-20/+20
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-15remove .Tn; from Jan Stary <hans at stare dot cz>schwarze1-10/+5
2014-10-25Remove unnecessary netinet/in_systm.h include.lteo2-4/+2
ok millert@
2014-08-25Delete secret or secret-derived data with explicit_bzero.doug2-4/+4
concept ok deraadt@ diff looks ok tedu@
2014-03-24remove tcpwrappers support. ok deraadttedu2-56/+2
2014-03-17args! fix argstr. from LEVAI Daniel.sthen1-2/+2
2014-03-17tweak previous;jmc1-9/+9
2014-03-17typo, spotted by okan@sthen1-2/+2
2014-03-17Add an option to disallow ftp access to accounts with uid below a certainsthen2-5/+35
number (idea borrowed from pure-ftpd). Enabled by default with minimum uid 1000 to prevent access to admin accounts. tweak/OK millert@, OK deraadt@, gsoares@ and aja@ like it too.
2014-02-08Fix REST (restart transfer) for offsets large than 2GB. OK okan@millert1-15/+39
2014-01-08If the file size is zero, there's nothing to transmit so avoid spammingjca1-1/+7
syslog with mmap failures. Noticed by and ok henning@, "looks right" deraadt@
2013-11-27unsigned char for ctypederaadt1-8/+8
ok okan kettenis