diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2015-03-31 21:46:26 +0200 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2015-03-31 21:46:26 +0200 |
| commit | 9472e8a86fa1837bccec9e25dd18fd3c88c5e209 (patch) | |
| tree | 77e938c19f0d93d004f35382953ffd9f0432c154 | |
| parent | 379e8e81afed0613271e39e33190c6dfec78b695 (diff) | |
| download | busybox-w32-9472e8a86fa1837bccec9e25dd18fd3c88c5e209.tar.gz busybox-w32-9472e8a86fa1837bccec9e25dd18fd3c88c5e209.tar.bz2 busybox-w32-9472e8a86fa1837bccec9e25dd18fd3c88c5e209.zip | |
ftpd: change_identity() must be after chroot()
Otherwise chroot() doesn't work for non-root
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | networking/ftpd.c | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/networking/ftpd.c b/networking/ftpd.c index 0c10e1f25..2351d6dd3 100644 --- a/networking/ftpd.c +++ b/networking/ftpd.c | |||
| @@ -1116,6 +1116,9 @@ int ftpd_main(int argc, char **argv) | |||
| 1116 | int ftpd_main(int argc UNUSED_PARAM, char **argv) | 1116 | int ftpd_main(int argc UNUSED_PARAM, char **argv) |
| 1117 | #endif | 1117 | #endif |
| 1118 | { | 1118 | { |
| 1119 | #if ENABLE_FEATURE_FTP_AUTHENTICATION | ||
| 1120 | struct passwd *pw = NULL; | ||
| 1121 | #endif | ||
| 1119 | unsigned abs_timeout; | 1122 | unsigned abs_timeout; |
| 1120 | unsigned verbose_S; | 1123 | unsigned verbose_S; |
| 1121 | smallint opts; | 1124 | smallint opts; |
| @@ -1193,29 +1196,23 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 1193 | signal(SIGALRM, timeout_handler); | 1196 | signal(SIGALRM, timeout_handler); |
| 1194 | 1197 | ||
| 1195 | #if ENABLE_FEATURE_FTP_AUTHENTICATION | 1198 | #if ENABLE_FEATURE_FTP_AUTHENTICATION |
| 1196 | { | 1199 | while (1) { |
| 1197 | struct passwd *pw = NULL; | 1200 | uint32_t cmdval = cmdio_get_cmd_and_arg(); |
| 1198 | |||
| 1199 | while (1) { | ||
| 1200 | uint32_t cmdval = cmdio_get_cmd_and_arg(); | ||
| 1201 | |||
| 1202 | if (cmdval == const_USER) { | 1201 | if (cmdval == const_USER) { |
| 1203 | pw = getpwnam(G.ftp_arg); | 1202 | pw = getpwnam(G.ftp_arg); |
| 1204 | cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n"); | 1203 | cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n"); |
| 1205 | } else if (cmdval == const_PASS) { | 1204 | } else if (cmdval == const_PASS) { |
| 1206 | if (check_password(pw, G.ftp_arg) > 0) { | 1205 | if (check_password(pw, G.ftp_arg) > 0) { |
| 1207 | break; /* login success */ | 1206 | break; /* login success */ |
| 1208 | } | ||
| 1209 | cmdio_write_raw(STR(FTP_LOGINERR)" Login failed\r\n"); | ||
| 1210 | pw = NULL; | ||
| 1211 | } else if (cmdval == const_QUIT) { | ||
| 1212 | WRITE_OK(FTP_GOODBYE); | ||
| 1213 | return 0; | ||
| 1214 | } else { | ||
| 1215 | cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); | ||
| 1216 | } | 1207 | } |
| 1208 | cmdio_write_raw(STR(FTP_LOGINERR)" Login failed\r\n"); | ||
| 1209 | pw = NULL; | ||
| 1210 | } else if (cmdval == const_QUIT) { | ||
| 1211 | WRITE_OK(FTP_GOODBYE); | ||
| 1212 | return 0; | ||
| 1213 | } else { | ||
| 1214 | cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); | ||
| 1217 | } | 1215 | } |
| 1218 | change_identity(pw); | ||
| 1219 | } | 1216 | } |
| 1220 | WRITE_OK(FTP_LOGINOK); | 1217 | WRITE_OK(FTP_LOGINOK); |
| 1221 | #endif | 1218 | #endif |
| @@ -1233,6 +1230,10 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 1233 | xchroot(argv[0]); | 1230 | xchroot(argv[0]); |
| 1234 | } | 1231 | } |
| 1235 | 1232 | ||
| 1233 | #if ENABLE_FEATURE_FTP_AUTHENTICATION | ||
| 1234 | change_identity(pw); | ||
| 1235 | #endif | ||
| 1236 | |||
| 1236 | /* RFC-959 Section 5.1 | 1237 | /* RFC-959 Section 5.1 |
| 1237 | * The following commands and options MUST be supported by every | 1238 | * The following commands and options MUST be supported by every |
| 1238 | * server-FTP and user-FTP, except in cases where the underlying | 1239 | * server-FTP and user-FTP, except in cases where the underlying |