diff options
| author | Morten Kvistgaard <MK@pch-engineering.dk> | 2014-08-05 21:57:18 +0200 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2014-08-05 21:57:18 +0200 |
| commit | feac9b607dc68ea63992a46b3b8361f00f663cdc (patch) | |
| tree | ed5bca82370298e195f5b5e3d84d40f9e7470a32 /networking | |
| parent | 09a0e2223f68a266749043bf33c84faeb5cee8a0 (diff) | |
| download | busybox-w32-feac9b607dc68ea63992a46b3b8361f00f663cdc.tar.gz busybox-w32-feac9b607dc68ea63992a46b3b8361f00f663cdc.tar.bz2 busybox-w32-feac9b607dc68ea63992a46b3b8361f00f663cdc.zip | |
ftpd: add optional support for authentication
function old new delta
cmdio_get_cmd_and_arg - 237 +237
get_passwd - 97 +97
check_password - 82 +82
ftpd_main 2297 2178 -119
ask_and_check_password_extended 206 84 -122
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 0/2 up/down: 416/-241) Total: 175 bytes
Signed-off-by: Morten Kvistgaard <MK@pch-engineering.dk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
| -rw-r--r-- | networking/Config.src | 7 | ||||
| -rw-r--r-- | networking/ftpd.c | 47 |
2 files changed, 31 insertions, 23 deletions
diff --git a/networking/Config.src b/networking/Config.src index fbad7ecb2..e56646917 100644 --- a/networking/Config.src +++ b/networking/Config.src | |||
| @@ -134,6 +134,13 @@ config FEATURE_FTPD_ACCEPT_BROKEN_LIST | |||
| 134 | it increases the code size by ~40 bytes. | 134 | it increases the code size by ~40 bytes. |
| 135 | Most other ftp servers seem to behave similar to this. | 135 | Most other ftp servers seem to behave similar to this. |
| 136 | 136 | ||
| 137 | config FEATURE_FTP_AUTHENTICATION | ||
| 138 | bool "Enable authentication" | ||
| 139 | default y | ||
| 140 | depends on FTPD | ||
| 141 | help | ||
| 142 | Enable basic system login as seen in telnet etc. | ||
| 143 | |||
| 137 | config FTPGET | 144 | config FTPGET |
| 138 | bool "ftpget" | 145 | bool "ftpget" |
| 139 | default y | 146 | default y |
diff --git a/networking/ftpd.c b/networking/ftpd.c index 2d2a3a44c..9fcc3e963 100644 --- a/networking/ftpd.c +++ b/networking/ftpd.c | |||
| @@ -1172,18 +1172,6 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 1172 | if (logmode) | 1172 | if (logmode) |
| 1173 | applet_name = xasprintf("%s[%u]", applet_name, (int)getpid()); | 1173 | applet_name = xasprintf("%s[%u]", applet_name, (int)getpid()); |
| 1174 | 1174 | ||
| 1175 | #if !BB_MMU | ||
| 1176 | G.root_fd = -1; | ||
| 1177 | #endif | ||
| 1178 | argv += optind; | ||
| 1179 | if (argv[0]) { | ||
| 1180 | #if !BB_MMU | ||
| 1181 | G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY); | ||
| 1182 | close_on_exec_on(G.root_fd); | ||
| 1183 | #endif | ||
| 1184 | xchroot(argv[0]); | ||
| 1185 | } | ||
| 1186 | |||
| 1187 | //umask(077); - admin can set umask before starting us | 1175 | //umask(077); - admin can set umask before starting us |
| 1188 | 1176 | ||
| 1189 | /* Signals. We'll always take -EPIPE rather than a rude signal, thanks */ | 1177 | /* Signals. We'll always take -EPIPE rather than a rude signal, thanks */ |
| @@ -1199,23 +1187,22 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 1199 | WRITE_OK(FTP_GREET); | 1187 | WRITE_OK(FTP_GREET); |
| 1200 | signal(SIGALRM, timeout_handler); | 1188 | signal(SIGALRM, timeout_handler); |
| 1201 | 1189 | ||
| 1202 | #ifdef IF_WE_WANT_TO_REQUIRE_LOGIN | 1190 | #if ENABLE_FEATURE_FTP_AUTHENTICATION |
| 1203 | { | 1191 | { |
| 1204 | smallint user_was_specified = 0; | 1192 | struct passwd *pw = NULL; |
| 1193 | |||
| 1205 | while (1) { | 1194 | while (1) { |
| 1206 | uint32_t cmdval = cmdio_get_cmd_and_arg(); | 1195 | uint32_t cmdval = cmdio_get_cmd_and_arg(); |
| 1207 | 1196 | ||
| 1208 | if (cmdval == const_USER) { | 1197 | if (cmdval == const_USER) { |
| 1209 | if (G.ftp_arg == NULL || strcasecmp(G.ftp_arg, "anonymous") != 0) | 1198 | pw = getpwnam(G.ftp_arg); |
| 1210 | cmdio_write_raw(STR(FTP_LOGINERR)" Server is anonymous only\r\n"); | 1199 | cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n"); |
| 1211 | else { | ||
| 1212 | user_was_specified = 1; | ||
| 1213 | cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify the password\r\n"); | ||
| 1214 | } | ||
| 1215 | } else if (cmdval == const_PASS) { | 1200 | } else if (cmdval == const_PASS) { |
| 1216 | if (user_was_specified) | 1201 | if (check_password(pw, G.ftp_arg) > 0) { |
| 1217 | break; | 1202 | break; /* login success */ |
| 1218 | cmdio_write_raw(STR(FTP_NEEDUSER)" Login with USER\r\n"); | 1203 | } |
| 1204 | cmdio_write_raw(STR(FTP_LOGINERR)" Login failed\r\n"); | ||
| 1205 | pw = NULL; | ||
| 1219 | } else if (cmdval == const_QUIT) { | 1206 | } else if (cmdval == const_QUIT) { |
| 1220 | WRITE_OK(FTP_GOODBYE); | 1207 | WRITE_OK(FTP_GOODBYE); |
| 1221 | return 0; | 1208 | return 0; |
| @@ -1223,10 +1210,24 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 1223 | cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); | 1210 | cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); |
| 1224 | } | 1211 | } |
| 1225 | } | 1212 | } |
| 1213 | change_identity(pw); | ||
| 1226 | } | 1214 | } |
| 1227 | WRITE_OK(FTP_LOGINOK); | 1215 | WRITE_OK(FTP_LOGINOK); |
| 1228 | #endif | 1216 | #endif |
| 1229 | 1217 | ||
| 1218 | /* Do this after auth, else /etc/passwd is not accessible */ | ||
| 1219 | #if !BB_MMU | ||
| 1220 | G.root_fd = -1; | ||
| 1221 | #endif | ||
| 1222 | argv += optind; | ||
| 1223 | if (argv[0]) { | ||
| 1224 | #if !BB_MMU | ||
| 1225 | G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY); | ||
| 1226 | close_on_exec_on(G.root_fd); | ||
| 1227 | #endif | ||
| 1228 | xchroot(argv[0]); | ||
| 1229 | } | ||
| 1230 | |||
| 1230 | /* RFC-959 Section 5.1 | 1231 | /* RFC-959 Section 5.1 |
| 1231 | * The following commands and options MUST be supported by every | 1232 | * The following commands and options MUST be supported by every |
| 1232 | * server-FTP and user-FTP, except in cases where the underlying | 1233 | * server-FTP and user-FTP, except in cases where the underlying |