head	1.22;
access;
symbols
	RELEASE_7_4_0:1.21
	RELEASE_8_2_0:1.21
	RELEASE_6_EOL:1.21
	RELEASE_8_1_0:1.21
	RELEASE_7_3_0:1.18
	RELEASE_8_0_0:1.18
	RELEASE_7_2_0:1.18
	RELEASE_7_1_0:1.18
	RELEASE_6_4_0:1.18
	RELEASE_5_EOL:1.18
	RELEASE_7_0_0:1.18
	RELEASE_6_3_0:1.18
	PRE_XORG_7:1.18
	RELEASE_4_EOL:1.18
	RELEASE_6_2_0:1.18
	RELEASE_6_1_0:1.18
	RELEASE_5_5_0:1.18
	RELEASE_6_0_0:1.18
	RELEASE_5_4_0:1.18
	RELEASE_4_11_0:1.17
	RELEASE_5_3_0:1.17
	RELEASE_4_10_0:1.17
	RELEASE_5_2_1:1.16
	RELEASE_5_2_0:1.16
	RELEASE_4_9_0:1.16
	RELEASE_5_1_0:1.16
	RELEASE_4_8_0:1.16
	RELEASE_5_0_0:1.16
	RELEASE_4_7_0:1.16
	RELEASE_4_6_2:1.16
	RELEASE_4_6_1:1.16
	RELEASE_4_6_0:1.16
	RELEASE_5_0_DP1:1.16
	RELEASE_4_5_0:1.16
	RELEASE_4_4_0:1.13
	RELEASE_4_3_0:1.12
	RELEASE_4_2_0:1.12
	RELEASE_4_1_1:1.12
	RELEASE_4_1_0:1.12
	RELEASE_3_5_0:1.10
	RELEASE_4_0_0:1.9
	RELEASE_3_3_0:1.7
	RELEASE_3_2_0:1.7
	RELEASE_3_1_0:1.7
	RELEASE_2_2_8:1.7
	RELEASE_3_0_0:1.7
	RELEASE_2_2_7:1.7
	RELEASE_2_2_6:1.7
	wu-ftpd:1.1.1.1;
locks; strict;
comment	@# @;


1.22
date	2011.05.02.09.11.33;	author bapt;	state dead;
branches;
next	1.21;

1.21
date	2010.06.29.12.28.54;	author ache;	state Exp;
branches;
next	1.20;

1.20
date	2010.06.29.12.20.30;	author ache;	state Exp;
branches;
next	1.19;

1.19
date	2010.05.26.21.40.02;	author ache;	state Exp;
branches;
next	1.18;

1.18
date	2005.04.05.00.25.01;	author ache;	state Exp;
branches;
next	1.17;

1.17
date	2004.03.08.13.39.20;	author ache;	state Exp;
branches;
next	1.16;

1.16
date	2001.10.02.19.13.35;	author ache;	state Exp;
branches;
next	1.15;

1.15
date	2001.09.29.19.03.03;	author ache;	state Exp;
branches;
next	1.14;

1.14
date	2001.09.28.02.57.35;	author ache;	state Exp;
branches;
next	1.13;

1.13
date	2001.09.04.18.06.03;	author dwcjr;	state Exp;
branches;
next	1.12;

1.12
date	2000.07.09.02.07.07;	author will;	state Exp;
branches;
next	1.11;

1.11
date	2000.06.24.11.23.51;	author ache;	state Exp;
branches;
next	1.10;

1.10
date	2000.06.14.15.37.56;	author ache;	state Exp;
branches;
next	1.9;

1.9
date	2000.01.24.22.33.20;	author ache;	state Exp;
branches;
next	1.8;

1.8
date	99.10.24.01.57.35;	author ache;	state dead;
branches;
next	1.7;

1.7
date	97.12.24.17.45.43;	author ache;	state Exp;
branches;
next	1.6;

1.6
date	97.01.30.17.00.44;	author ache;	state dead;
branches;
next	1.5;

1.5
date	95.01.25.22.41.48;	author gpalmer;	state Exp;
branches;
next	1.4;

1.4
date	95.01.14.00.03.24;	author gpalmer;	state Exp;
branches;
next	1.3;

1.3
date	95.01.13.01.24.37;	author gpalmer;	state Exp;
branches;
next	1.2;

1.2
date	94.12.18.00.52.53;	author torstenb;	state Exp;
branches;
next	1.1;

1.1
date	94.10.23.01.36.59;	author torstenb;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	94.10.23.01.37.00;	author torstenb;	state Exp;
branches;
next	;


desc
@@


1.22
log
@Remove unmaintained expired ports from ftp

2011-05-01 ftp/axyftp: Upstream disapear and distfile is no more available
2011-05-01 ftp/emacs-wget: Upstream disapear and distfile is no more available
2011-05-01 ftp/llnlxdir: Upstream disapear and distfile is no more available
2011-05-01 ftp/llnlxftp: Upstream disapear and distfile is no more available
2011-05-01 ftp/mirror: Upstream disapear and distfile is no more available
2011-05-01 ftp/moftpd: Upstream disapear and distfile is no more available
2011-05-01 ftp/wu-ftpd: Upstream disapear and distfile is no more available
2011-05-01 ftp/xrmftp: Upstream disapear and distfile is no more available
2011-05-01 ftp/yale-tftpd: Upstream disapear and distfile is no more available
@
text
@--- src/ftpd.c.orig	2010-06-29 16:24:04.000000000 +0400
+++ src/ftpd.c	2010-06-29 16:26:15.000000000 +0400
@@@@ -447,7 +447,6 @@@@
 #ifdef OPIE
 #include <opie.h>
 int pwok = 0;
-int af_pwok = 0;
 struct opie opiestate;
 #endif
 
@@@@ -785,6 +784,12 @@@@
     sigemptyset(&block_sigmask);
 #endif
 #ifndef SIG_DEBUG
+#ifdef SIGTERM
+    (void) signal(SIGTERM, randomsig);
+#ifdef NEED_SIGFIX
+    sigaddset(&block_sigmask, SIGTERM);
+#endif
+#endif
 #ifdef SIGHUP
     (void) signal(SIGHUP, randomsig);
 #ifdef NEED_SIGFIX
@@@@ -1219,10 +1224,6 @@@@
 	exit(0);
     }
 
-#ifdef OPIE
-    af_pwok = opieaccessfile(remotehost);
-#endif
-
 #ifdef HAVE_LIBRESOLV
     /* check permitted access based on remote host DNS information */
     if (!check_reverse_dns()) {
@@@@ -1387,8 +1388,7 @@@@
     chdir("/");
     signal(SIGIOT, SIG_DFL);
     signal(SIGILL, SIG_DFL);
-    exit(1);
-    /* dologout(-1); *//* NOTREACHED */
+    dologout(-1); /* NOTREACHED */
 }
 
 SIGNAL_TYPE lostconn(int sig)
@@@@ -1662,9 +1662,9 @@@@
     /* Display s/key challenge where appropriate. */
 
     if (pwd == NULL || skeychallenge(&skey, pwd->pw_name, sbuf))
-	sprintf(buf, "Password required for %s.", name);
+	snprintf(buf, sizeof(buf)-1, "Password required for %s.", name);
     else
-	sprintf(buf, "%s %s for %s.", sbuf,
+	snprintf(buf, sizeof(buf)-1, "%s %s for %s.", sbuf,
 		pwok ? "allowed" : "required", name);
     return (buf);
 }
@@@@ -2105,16 +2105,17 @@@@
 #ifdef OPIE
 	{
 	    char prompt[OPIE_CHALLENGE_MAX + 1];
-	    opiechallenge(&opiestate, name, prompt);
 
-	    if (askpasswd == -1) {
-		syslog(LOG_WARNING, "Invalid FTP user name %s attempted from %s", name, remotehost);
-		pwok = 0;
+	    if (opiechallenge(&opiestate, name, prompt) == 0) {
+		pwok = (pw != NULL) &&
+		       opieaccessfile(remotehost) &&
+		       opiealways(pw->pw_dir);
+		reply(331, "Response to %s %s for %s.",
+		      prompt, pwok ? "requested" : "required", name);
+	    } else {
+		pwok = 1;
+		reply(331, "Password required for %s.", name);
 	    }
-	    else
-		pwok = af_pwok && opiealways(pw->pw_dir);
-	    reply(331, "Response to %s %s for %s.",
-		  prompt, pwok ? "requested" : "required", name);
 	}
 #else
 	reply(331, "Password required for %s.", name);
@@@@ -2593,8 +2594,8 @@@@
 	    if (pw == NULL)
 		salt = "xx";
 	    else
-#ifndef OPIE
 		salt = pw->pw_passwd;
+#ifndef OPIE
 #ifdef SECUREOSF
 	    if ((pr = getprpwnam(pw->pw_name)) != NULL) {
 		if (pr->uflg.fg_newcrypt)
@@@@ -2627,9 +2628,15 @@@@
 	    xpasswd = crypt(passwd, salt);
 #endif /* SKEY */
 #else /* OPIE */
-	    if (!opieverify(&opiestate, passwd))
-		rval = 0;
-	    xpasswd = crypt(passwd, pw->pw_passwd);
+	    if (pw != NULL) {
+		if (opieverify(&opiestate, passwd) == 0)
+		    xpasswd = pw->pw_passwd;
+		else if (pwok)
+		    xpasswd = crypt(passwd, salt);
+		else
+		    pw = NULL;
+	    }
+	    pwok = 0;
 #endif /* OPIE */
 #ifdef ULTRIX_AUTH
 	    if ((numfails = ultrix_check_pass(passwd, xpasswd)) >= 0) {
@@@@ -3189,7 +3196,7 @@@@
 		  pw->pw_name, pw->pw_dir);
 	    goto bad;
 #else
-	    if (chdir("/") < 0) {
+	    if (restricted_user || chdir("/") < 0) {
 #ifdef VERBOSE_ERROR_LOGING
 		syslog(LOG_NOTICE, "FTP LOGIN FAILED (cannot chdir) for %s, %s",
 		       remoteident, pw->pw_name);
@@@@ -3508,7 +3515,7 @@@@
 {
     char *a;
     a = (char *) malloc(len + 1);
-    memset(a, ' ', len-1);
+    memset(a, ' ', len);
     a[len] = 0;
     if (strlen(s) <= len)
 	memcpy(a, s, strlen(s));
@@@@ -7469,6 +7476,8 @@@@
 	    in++;
 	    if (*in == '/')
 		in++;
+	    else
+		out++;
 	}
 	else if ((in[0] == '.') && (in[1] == '.') && ((in[2] == '/') || (in[2] == '\0'))) {
 	    if (out == path) {
@@@@ -7497,6 +7506,9 @@@@
 	}
 	else {
 	    do
+	      if ((in[0] == '*') && (in[1] == '*'))
+		in++;
+	      else
 		*out++ = *in++;
 	    while ((*in != '\0') && (*in != '/'));
 	    if (*in == '/')
@


1.21
log
@Add SIGTERM to the list, needs wtmp cleanup too

Feature safe:   yes
@
text
@@


1.20
log
@Uncomment dologout(-1) on SIGHUP and the like signals, stale wtmp entries
appears otherwise.

Feature safe:   yes
@
text
@d1 2
a2 2
--- ftpd.c.orig	2010-06-29 15:52:01.000000000 +0400
+++ ftpd.c	2010-06-29 16:11:19.000000000 +0400
d11 14
a24 1
@@@@ -1219,10 +1218,6 @@@@
d35 1
a35 1
@@@@ -1387,8 +1382,7 @@@@
d45 1
a45 1
@@@@ -1662,9 +1656,9 @@@@
d57 1
a57 1
@@@@ -2105,16 +2099,17 @@@@
d83 1
a83 1
@@@@ -2593,8 +2588,8 @@@@
d93 1
a93 1
@@@@ -2627,9 +2622,15 @@@@
d112 1
a112 1
@@@@ -3189,7 +3190,7 @@@@
d121 1
a121 1
@@@@ -3508,7 +3509,7 @@@@
d130 1
a130 1
@@@@ -7469,6 +7470,8 @@@@
d139 1
a139 1
@@@@ -7497,6 +7500,9 @@@@
@


1.19
log
@Fix padding of internal ls

Submitted by:   bug_report@@arcor.de
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	2010-05-27 01:19:29.000000000 +0400
+++ src/ftpd.c	2010-05-27 01:19:56.000000000 +0400
d22 11
a32 1
@@@@ -1662,9 +1657,9 @@@@
d44 1
a44 1
@@@@ -2105,16 +2100,17 @@@@
d70 1
a70 1
@@@@ -2593,8 +2589,8 @@@@
d80 1
a80 1
@@@@ -2627,9 +2623,15 @@@@
d99 1
a99 1
@@@@ -3189,7 +3191,7 @@@@
d108 1
a108 1
@@@@ -3508,7 +3510,7 @@@@
d117 1
a117 1
@@@@ -7469,6 +7471,8 @@@@
d126 1
a126 1
@@@@ -7497,6 +7501,9 @@@@
@


1.18
log
@Integrate official skeychallenge.patch
Fix denial of service in NLST CAN-2005-0256
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Tue Apr  5 03:22:01 2005
+++ src/ftpd.c	Tue Apr  5 04:10:13 2005
d98 9
@


1.17
log
@fix for `restricted-uid'/`restricted-gid' directive may be bypassed

Submitted by:   Matt Zimmerman <mdz@@debian.org>
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Mon Mar  8 07:24:50 2004
+++ src/ftpd.c	Mon Mar  8 07:24:50 2004
d27 1
a27 1
+	snprintf(buf, 128, "Password required for %s.", name);
d30 1
a30 1
+	snprintf(buf, 128, "%s %s for %s.", sbuf,
d98 19
@


1.16
log
@Use official patches set
(fix wrong place of pasv-allow fix as result)
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Tue Oct  2 22:21:17 2001
+++ src/ftpd.c	Tue Oct  2 22:21:17 2001
d89 9
@


1.15
log
@Fix the case when opie keys not used
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Sat Jul  1 22:17:39 2000
+++ src/ftpd.c	Sat Sep 29 22:49:41 2001
a59 9
@@@@ -2572,7 +2568,7 @@@@
 #ifdef BSD_AUTH
 	if (ext_auth) {
 	    if ((salt = check_auth(the_user, passwd))) {
-		reply(530, salt);
+		reply(530, "%s", salt);
 #ifdef LOG_FAILED		/* 27-Apr-93      EHK/BM          */
 		syslog(LOG_INFO, "failed login from %s",
 		       remoteident);
a88 52
@@@@ -6274,7 +6276,7 @@@@
 	if (s) {
 	    int i = ntohs(pasv_addr.sin_port);
 	    sprintf(s, "PASV port %i assigned to %s", i, remoteident);
-	    syslog(LOG_DEBUG, s);
+	    syslog(LOG_DEBUG, "%s", s);
 	    free(s);
 	}
     }
@@@@ -6289,7 +6291,7 @@@@
 	char *s = calloc(128 + strlen(remoteident), sizeof(char));
 	if (s) {
 	    sprintf(s, "PASV port assignment assigned for %s", remoteident);
-	    syslog(LOG_DEBUG, s);
+	    syslog(LOG_DEBUG, "%s", s);
 	    free(s);
 	}
     }
@@@@ -6435,7 +6437,7 @@@@
 	dirlist = ftpglob(whichfiles);
 	sdirlist = dirlist;	/* save to free later */
 	if (globerr != NULL) {
-	    reply(550, globerr);
+	    reply(550, "%s", globerr);
 	    goto globfree;
 	}
 	else if (dirlist == NULL) {
@@@@ -6486,7 +6488,6 @@@@
 	    }
 	    goto globfree;
 	}
-	if ((st.st_mode & S_IFMT) != S_IFDIR) {
 	    if (dout == NULL) {
 		dout = dataconn("file list", (off_t) - 1, "w");
 		if (dout == NULL)
@@@@ -6509,7 +6510,6 @@@@
 		byte_count_out++;
 	    }
 #endif
-	}
     }
 
     if (dout != NULL) {
@@@@ -7274,7 +7274,7 @@@@
     int which;
     struct aclmember *entry = NULL;
     (void) acl_getclass(class);
-    while (getaclentry("port-allow", &entry)) {
+    while (getaclentry("pasv-allow", &entry)) {
 	if ((ARG0 != NULL) && (strcasecmp(class, ARG0) == 0))
 	    for (which = 1; (which < MAXARGS) && (ARG[which] != NULL); which++) {
 		if (hostmatch(ARG[which], remoteaddr, NULL))
@


1.14
log
@OPIE fixes: bad user reaction, normal password
@
text
@d2 21
a22 2
+++ src/ftpd.c	Fri Sep 28 06:46:35 2001
@@@@ -1662,9 +1662,9 @@@@
d34 3
a36 1
@@@@ -2107,7 +2107,7 @@@@
d38 1
a38 1
 	    opiechallenge(&opiestate, name, prompt);
d41 11
a51 3
+	    if (pw == NULL) {
 		syslog(LOG_WARNING, "Invalid FTP user name %s attempted from %s", name, remotehost);
 		pwok = 0;
d53 8
a60 1
@@@@ -2572,7 +2572,7 @@@@
d69 1
a69 1
@@@@ -2593,8 +2593,8 @@@@
d79 1
a79 1
@@@@ -2627,9 +2627,15 @@@@
d87 1
a87 1
+		if (!opieverify(&opiestate, passwd))
d98 1
a98 1
@@@@ -6274,7 +6280,7 @@@@
d107 1
a107 1
@@@@ -6289,7 +6295,7 @@@@
d116 1
a116 1
@@@@ -6435,7 +6441,7 @@@@
d125 1
a125 1
@@@@ -6486,7 +6492,6 @@@@
d133 1
a133 1
@@@@ -6509,7 +6514,6 @@@@
d141 1
a141 1
@@@@ -7274,7 +7278,7 @@@@
@


1.13
log
@Make wu-ftpd install with correct permissions

PR:		17313
Submitted by:	Dmitry Grigorovic
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Sun Jul  2 01:17:39 2000
+++ src/ftpd.c	Tue Sep  4 10:36:51 2001
d15 9
d33 30
a62 1
@@@@ -6274,7 +6274,7 @@@@
d71 1
a71 1
@@@@ -6289,7 +6289,7 @@@@
d80 1
a80 1
@@@@ -6435,7 +6435,7 @@@@
d89 1
a89 1
@@@@ -6486,7 +6486,6 @@@@
d97 1
a97 1
@@@@ -6509,7 +6508,6 @@@@
d105 1
a105 1
@@@@ -7274,7 +7272,7 @@@@
@


1.12
log
@Update to 2.6.1, which fixes some security issues (actually, we already
had some setproctitle(), etc. fixed through patch-aa), fixes memory leaks
in internal ls, and merges in the virtual passwd/shadow features of
BeroFTPD.  This update should solve SA 00:29.  Add WWW to DESCR.
@
text
@d1 2
a2 2
--- src/ftpd.c	Sat Jul  1 14:17:39 2000
+++ src/ftpd.c.new	Sat Jul  8 21:48:05 2000
d24 18
d67 9
@


1.11
log
@Fix %-hole

Submitted by:	Koga Youichirou <y-koga@@jp.FreeBSD.org>
@
text
@d1 3
a3 3
--- src/ftpd.c.old	Sat Jun 24 15:03:05 2000
+++ src/ftpd.c	Sat Jun 24 15:04:01 2000
@@@@ -1602,9 +1602,9 @@@@
d15 1
a15 13
@@@@ -2008,9 +2008,9 @@@@
 	    s = strsep(&cp, "\n");
 	    if (cp == NULL || *cp == '\0')
 		break;
-	    lreply(331, s);
+	    lreply(331, "%s", s);
 	}
-	reply(331, s);
+	reply(331, "%s", s);
     }
     else {
 #endif
@@@@ -2491,7 +2491,7 @@@@
d24 1
a24 19
@@@@ -3156,7 +3156,7 @@@@
 	reply(230, "User %s logged in.%s", pw->pw_name, guest ?
 	      "  Access restrictions apply." : "");
 	sprintf(proctitle, "%s: %s", remotehost, pw->pw_name);
-	setproctitle(proctitle);
+	setproctitle("%s", proctitle);
 	if (logging)
 	    syslog(LOG_INFO, "FTP LOGIN FROM %s, %s", remoteident, pw->pw_name);
 /* H* mod: if non-anonymous user, copy it to "authuser" so everyone can
@@@@ -5888,7 +5888,7 @@@@
 
     remotehost[sizeof(remotehost) - 1] = '\0';
     sprintf(proctitle, "%s: connected", remotehost);
-    setproctitle(proctitle);
+    setproctitle("%s", proctitle);
 
     wu_authenticate();
 /* Create a composite source identification string, to improve the logging
@@@@ -6298,7 +6298,7 @@@@
d33 1
a33 1
@@@@ -6346,7 +6346,6 @@@@
d41 1
a41 1
@@@@ -6369,7 +6368,6 @@@@
@


1.10
log
@Use snprintf to prevent non-exploitable in real life overflow

Submitted by:	Jun Kuriyama <kuriyama@@FreeBSD.org>
@
text
@d1 2
a2 2
--- src/ftpd.c.orig	Thu Oct 14 23:41:47 1999
+++ src/ftpd.c	Wed Jun 14 14:48:27 2000
d15 48
@


1.9
log
@restore historical NLIST behaviour

PR:		16183
Submitted by:	Dag-Erling Smrgrav <des@@yes.no>
@
text
@d1 14
a14 2
--- src/ftpd.c.orig	Tue Jan 18 19:35:30 2000
+++ src/ftpd.c	Tue Jan 18 19:38:50 2000
a30 2


@


1.8
log
@upgrade to 2.6.0

Submitted by:	Makoto MATSUSHITA <matusita@@jp.FreeBSD.org>
@
text
@d1 20
a20 19
*** src/config/config.fbs.bak	Fri Dec 12 18:17:19 1997
--- src/config/config.fbs	Wed Dec 24 20:39:50 1997
***************
*** 29,35 ****
  #define VIRTUAL
  # if defined(__FreeBSD__)
  #  undef SPT_TYPE
! #  if __FreeBSD__ == 2
  #   include <osreldate.h>               /* and this works */
  #   if __FreeBSD_version >= 199512      /* 2.2-current right now */
  #    define SPT_TYPE    SPT_BUILTIN
--- 29,35 ----
  #define VIRTUAL
  # if defined(__FreeBSD__)
  #  undef SPT_TYPE
! #  if __FreeBSD__ >= 2
  #   include <osreldate.h>               /* and this works */
  #   if __FreeBSD_version >= 199512      /* 2.2-current right now */
  #    define SPT_TYPE    SPT_BUILTIN
@


1.7
log
@Upgrade to beta-16
@
text
@@


1.6
log
@Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security
advisory.

P.S. this version is much improved comparing to what we have previously,
f.e. it already contains most of our fixes.
@
text
@d1 2
a2 2
*** src/realpath.c.orig	Wed Jan 18 22:39:04 1995
--- src/realpath.c	Wed Jan 18 22:38:48 1995
d4 16
a19 16
*** 42,48 ****
  #endif
  
  char *
! realpath(char *pathname, char *result)
  {
      struct stat sbuf;
      char curpath[MAXPATHLEN],
--- 42,48 ----
  #endif
  
  char *
! realpath(const char *pathname, char *result)
  {
      struct stat sbuf;
      char curpath[MAXPATHLEN],
@


1.5
log
@Finally get most of wu-ftpd working.

Changes:

- Use internal functions rather than libc versions in a couple of places
  This allows writing to dirs without read perms and the
  ftpconversions file to work.
- Fix up skey support to use correct parameters
- using compress in the ftpconversions file doesn't seem to work,
  so alter example ftpconversions file to use gzip -d rather than compress -dc
- Install manpages compressed

Still broken :

- using /bin/compress to compress/uncompress files on the fly
@
text
@@


1.4
log
@<Sigh> Even more off_t fixes for wu-ftpd. Now you should be able to upload
data without crashing the server also.
@
text
@d1 2
a2 2
*** src/ftpd.c.orig	Wed Apr 13 22:17:18 1994
--- src/ftpd.c	Fri Jan 13 20:22:05 1995
d4 2
a5 25
*** 139,146 ****
   *freopen(const char *, const char *, FILE *);
  extern int ftpd_pclose(FILE *iop),
    fclose(FILE *);
! extern char *getline(),
!  *realpath(char *pathname, char *result);
  extern char cbuf[];
  extern off_t restart_point;
  
--- 139,148 ----
   *freopen(const char *, const char *, FILE *);
  extern int ftpd_pclose(FILE *iop),
    fclose(FILE *);
! extern char *getline();
! #ifndef HAVE_REALPATH
! extern char *realpath(char *pathname, char *result);
! #endif
  extern char cbuf[];
  extern off_t restart_point;
  
***************
*** 237,242 ****
--- 239,250 ----
  
  #endif /* SETPROCTITLE */
d7 6
a12 35
+ #ifdef SKEY
+ int	pwok = 0;
+ char	*skey_challenge();
+ char	*skey_crypt();
+ #endif
+ 
  #ifdef KERBEROS
  void init_krb();
  void end_krb();
***************
*** 878,884 ****
--- 886,897 ----
      } else
          acl_setfunctions();
  
+ #ifdef SKEY
+     pwok = skeyaccess(name, NULL, remotehost);
+     reply(331, "%s", skey_challenge(name, pw, pwok));
+ #else
      reply(331, "Password required for %s.", name);
+ #endif
      askpasswd = 1;
      /* Delay before reading passwd after first failed attempt to slow down
       * passwd-guessing programs. */
***************
*** 1007,1014 ****
--- 1020,1032 ----
  #ifdef KERBEROS
          xpasswd = crypt16(passwd, salt);
  #else
+ #ifdef SKEY
+ 	xpasswd = skey_crypt(passwd, salt, pw, pwok);
+ 	pwok = 0;
+ #else
          xpasswd = crypt(passwd, salt);
a13 12
+ #endif
  
  #ifdef ULTRIX_AUTH
          if ((numfails = ultrix_check_pass(passwd, xpasswd)) < 0) {
***************
*** 1095,1101 ****
      (void) initgroups(pw->pw_name, pw->pw_gid);
  
      /* open wtmp before chroot */
!     (void) sprintf(ttyline, "ftp%d", getpid());
      logwtmp(ttyline, pw->pw_name, remotehost);
      logged_in = 1;
d15 5
a19 118
--- 1113,1119 ----
      (void) initgroups(pw->pw_name, pw->pw_gid);
  
      /* open wtmp before chroot */
!     (void) sprintf(ttyline, "ftp%ld", getpid());
      logwtmp(ttyline, pw->pw_name, remotehost);
      logged_in = 1;
  
***************
*** 1422,1428 ****
          for (loop = 0; namebuf[loop]; loop++)
              if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
                  namebuf[loop] = '_';
!         sprintf(msg, "%.24s %d %s %d %s %c %s %c %c %s ftp %d %s\n",
                  ctime(&curtime),
                  xfertime,
                  remotehost,
--- 1440,1446 ----
          for (loop = 0; namebuf[loop]; loop++)
              if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
                  namebuf[loop] = '_';
!         sprintf(msg, "%.24s %d %s %qd %s %c %s %c %c %s ftp %d %s\n",
                  ctime(&curtime),
                  xfertime,
                  remotehost,
***************
*** 1610,1616 ****
          for (loop = 0; namebuf[loop]; loop++)
              if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
                  namebuf[loop] = '_';
!         sprintf(msg, "%.24s %d %s %d %s %c %s %c %c %s ftp %d %s\n",
                  ctime(&curtime),
                  xfertime,
                  remotehost,
--- 1628,1634 ----
          for (loop = 0; namebuf[loop]; loop++)
              if (isspace(namebuf[loop]) || iscntrl(namebuf[loop]))
                  namebuf[loop] = '_';
!         sprintf(msg, "%.24s %d %s %qd %s %c %s %c %c %s ftp %d %s\n",
                  ctime(&curtime),
                  xfertime,
                  remotehost,
***************
*** 1699,1705 ****
      file_size = size;
      byte_count = 0;
      if (size != (off_t) - 1)
!         (void) sprintf(sizebuf, " (%ld bytes)", size);
      else
          (void) strcpy(sizebuf, "");
      if (pdata >= 0) {
--- 1717,1723 ----
      file_size = size;
      byte_count = 0;
      if (size != (off_t) - 1)
!         (void) sprintf(sizebuf, " (%qd bytes)", size);
      else
          (void) strcpy(sizebuf, "");
      if (pdata >= 0) {
*** src/realpath.c.orig	Fri Apr  1 20:03:45 1994
--- src/realpath.c	Fri Jan 13 01:09:30 1995
***************
*** 29,36 ****
--- 29,39 ----
   * POSSIBILITY OF SUCH DAMAGE.
   */
  
+ 
  #include "config.h"
  
+ #ifndef HAVE_REALPATH
+ 
  #include <stdio.h>
  #include <sys/types.h>
  #include <sys/stat.h>
***************
*** 159,161 ****
--- 162,165 ----
      strcpy(result, workpath);
      return (result);
  }
+ #endif
*** src/extensions.c.orig	Fri Jan 13 20:26:26 1995
--- src/extensions.c	Fri Jan 13 20:29:39 1995
***************
*** 103,109 ****
      if (st->st_mtime > newer_time) {
          if (show_fullinfo != 0) {
              if (flag == FTW_F || flag == FTW_D) {
!                 fprintf(dout, "%s %d %d %s", flag == FTW_F ? "F" : "D",
                          st->st_size, st->st_mtime, path);
              }
          } else if (flag == FTW_F)
--- 103,109 ----
      if (st->st_mtime > newer_time) {
          if (show_fullinfo != 0) {
              if (flag == FTW_F || flag == FTW_D) {
!                 fprintf(dout, "%s %qd %ld %s", flag == FTW_F ? "F" : "D",
                          st->st_size, st->st_mtime, path);
              }
          } else if (flag == FTW_F)
***************
*** 524,530 ****
          if (fp == NULL)
              return (0);
          fgets(buf, sizeof(buf), fp);
!         if (sscanf(buf, "%d %d %d %d %d %d %d", &tmbuf.tm_year, &tmbuf.tm_mon,
          &tmbuf.tm_mday, &tmbuf.tm_hour, &tmbuf.tm_min, &deny, &disc) != 7) {
              return (0);
          }
--- 524,530 ----
          if (fp == NULL)
              return (0);
          fgets(buf, sizeof(buf), fp);
!         if (sscanf(buf, "%d %d %d %d %d %ld %ld", &tmbuf.tm_year, &tmbuf.tm_mon,
          &tmbuf.tm_mday, &tmbuf.tm_hour, &tmbuf.tm_min, &deny, &disc) != 7) {
              return (0);
          }
@


1.3
log
@Fix for the wu-ftpd coring problem.

Submitted by:	Ollivier Robert <roberto@@blaise.ibp.fr>
@
text
@d1 2
a2 3
----------------------------------------------------------
*** src/ftpd.c.orig	Wed Apr 13 23:17:18 1994
--- src/ftpd.c	Fri Jan 13 01:26:40 1995
d26 1
a26 1
--- 239,254 ----
a30 1
+ #include <skey.h>
a31 2
+ char	addr_string[20];
+ /*
a33 1
+ */
a39 12
*** 279,284 ****
--- 291,299 ----
          exit(1);
  #endif
      }
+ #ifdef SKEY
+     strcpy(addr_string, inet_ntoa(his_addr.sin_addr));
+ #endif
      addrlen = sizeof(ctrl_addr);
      if (getsockname(0, (struct sockaddr *) &ctrl_addr, &addrlen) < 0) {
          syslog(LOG_ERR, "getsockname (%s): %m", argv[0]);
***************
d41 1
a41 1
--- 893,904 ----
d46 1
a46 1
+     pwok = skeyaccess(name, NULL, remotehost, addr_string);
d56 1
a56 1
--- 1027,1039 ----
d71 17
a88 1
--- 1447,1457 ----
d92 26
a117 5
+ #if (defined(BSD) && (BSD >= 199306))
+         sprintf(msg, "%.24s %d %s %qd %s %c %s %c %c %s ftp %d %s\n",
+ #else
          sprintf(msg, "%.24s %d %s %d %s %c %s %c %c %s ftp %d %s\n",
+ #endif
d121 19
a139 3
diff -c -r src/realpath.c.orig src/realpath.c
*** src/realpath.c.orig	Fri Apr  1 21:03:45 1994
--- src/realpath.c	Tue Oct 18 17:48:34 1994
d161 36
@


1.2
log
@change _PATH_PIDNAME to "/var/run/ftp.pids-%s"
@
text
@d1 1
d3 1
a3 1
--- src/ftpd.c	Sat Dec 17 23:48:25 1994
d72 2
a73 2
*** 1007,1013 ****
--- 1027,1038 ----
d82 1
a83 1
  #endif
d86 15
@


1.1
log
@Initial revision
@
text
@a0 1
diff -c -r src/ftpd.c.orig src/ftpd.c
d2 1
a2 1
--- src/ftpd.c	Tue Oct 18 18:04:43 1994
d26 1
a26 1
--- 239,250 ----
d31 1
d33 2
d37 1
d44 12
d57 1
a57 1
--- 886,897 ----
d62 1
a62 1
+     pwok = skeyaccess(name, NULL, remotehost);
d72 1
a72 1
--- 1020,1031 ----
@


1.1.1.1
log
@Reviewed by:	
Submitted by:	
Obtained from:
wuarchive ftpd with skey support
@
text
@@
