void
vsf_two_process_start(struct vsf_session* p_sess)
{
/* Create the comms channel between privileged parent and no-priv child */
priv_sock_init(p_sess);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, handle_sigchld);
{
int newpid = vsf_sysutil_fork();
if (newpid != 0)
{
/* Parent - go into pre-login parent process mode */
while (1)
{
process_login_req(p_sess);
}
/* NOTREACHED */
bug("should not get here: vsf_two_process_start");
}
}
/* Child process - time to lose as much privilege as possible and do the
* login processing
*/
if (tunable_local_enable && tunable_userlist_enable)
{
int retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file,
VSFTP_CONF_FILE_MAX);
if (vsf_sysutil_retval_is_error(retval))
{
die("cannot open user list file");
}
}
drop_all_privs();
init_connection(p_sess);
/* NOTREACHED */
}
static void
common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str,
int do_chroot, int anon)
{
int was_anon = anon;
int newpid;
vsf_sysutil_default_sig(kVSFSysUtilSigCHLD);
/* Asks the pre-login child to go away (by exiting) */
priv_sock_send_result(p_sess, PRIV_SOCK_RESULT_OK);
(void) vsf_sysutil_wait();
/* Handle loading per-user config options */
handle_per_user_config(p_user_str);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, handle_sigchld);
newpid = vsf_sysutil_fork();
if (newpid == 0)
{
struct mystr guest_user_str = INIT_MYSTR;
struct mystr chdir_str = INIT_MYSTR;
unsigned int secutil_option = VSF_SECUTIL_OPTION_USE_GROUPS;
calculate_chdir_dir(anon, &chdir_str, p_user_str);
if (do_chroot)
{
secutil_option |= VSF_SECUTIL_OPTION_CHROOT;
}
/* Child - drop privs and start proper FTP! */
if (tunable_guest_enable && !anon)
{
/* Remap to the guest user */
str_alloc_text(&guest_user_str, tunable_guest_username);
p_user_str = &guest_user_str;
/* SECURITY: For now, apply the anonymous restrictions to
* guest users
*/
anon = 1;
}
if (!anon)
{
secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID;
}
vsf_secutil_change_credentials(p_user_str, 0, &chdir_str,
0, secutil_option);
str_free(&guest_user_str);
str_free(&chdir_str);
/* Guard against the config error of having the anonymous ftp tree owned
* by the user we are running as
*/
if (was_anon && vsf_sysutil_write_access("/"))
{
die("vsftpd: refusing to run with writable anonymous root");
}
p_sess->is_anonymous = anon;
process_post_login(p_sess);
bug("should not get here: common_do_login");
}
/* Parent */
vsf_priv_parent_postlogin(p_sess);
bug("should not get here in common_do_login");
}
void
vsf_two_process_start(struct vsf_session* p_sess)
{
/* Create the comms channel between privileged parent and no-priv child */
priv_sock_init(p_sess);
if (tunable_ssl_enable)
{
/* Create the comms channel between the no-priv SSL child and the low-priv
* protocol handling child.
*/
ssl_comm_channel_init(p_sess);
}
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, twoproc_handle_sigchld);
{
int newpid = vsf_sysutil_fork();
if (newpid != 0)
{
/* Parent - go into pre-login parent process mode */
while (1)
{
process_login_req(p_sess);
}
}
}
/* Child process - time to lose as much privilege as possible and do the
* login processing
*/
vsf_sysutil_close(p_sess->parent_fd);
if (tunable_ssl_enable)
{
vsf_sysutil_close(p_sess->ssl_consumer_fd);
}
if (tunable_local_enable && tunable_userlist_enable)
{
int retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file,
VSFTP_CONF_FILE_MAX);
if (vsf_sysutil_retval_is_error(retval))
{
die2("cannot open user list file:", tunable_userlist_file);
}
}
drop_all_privs();
init_connection(p_sess);
/* NOTREACHED */
}
void
vsf_priv_parent_postlogin(struct vsf_session* p_sess)
{
/* Kitsune */
if (!kitsune_is_updating()) {
minimize_privilege(p_sess);
} else {
/* Set sigchld function pointer (normally done in twoprocess.c) */
vsf_sysutil_default_sig(kVSFSysUtilSigCHLD);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, twoproc_handle_sigchld);
}
/* End Kitsune */
/* We're still here... */
while (1)
{
kitsune_update("postprivparent.c"); /**DSU updatepoint */
process_post_login_req(p_sess);
}
}
void
process_post_login(struct vsf_session* p_sess)
{
int retval;
if (p_sess->is_anonymous)
{
vsf_sysutil_set_umask(tunable_anon_umask);
p_sess->bw_rate_max = tunable_anon_max_rate;
}
else
{
vsf_sysutil_set_umask(tunable_local_umask);
p_sess->bw_rate_max = tunable_local_max_rate;
}
if (tunable_async_abor_enable)
{
vsf_sysutil_install_sighandler(kVSFSysUtilSigURG, handle_sigurg, p_sess);
vsf_sysutil_activate_sigurg(VSFTP_COMMAND_FD);
}
/* Kitsune */
vsf_sysutil_kitsune_set_update_point("postlogin.c");
if(!kitsune_is_updating()) {
/* Handle any login message */
vsf_banner_dir_changed(p_sess, FTP_LOGINOK);
vsf_cmdio_write(p_sess, FTP_LOGINOK, "Login successful. Have fun.");
} else {
/* Set sigchld function pointer (normally done in twoprocess.c) */
vsf_sysutil_default_sig(kVSFSysUtilSigCHLD);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, twoproc_handle_sigchld);
}
/* End Kitsune */
while(1)
{
if (tunable_setproctitle_enable)
{
vsf_sysutil_setproctitle("IDLE");
}
/* Kitsune update point */
kitsune_update("postlogin.c"); /**DSU updatepoint */
/* Blocks */
vsf_cmdio_get_cmd_and_arg(p_sess, &p_sess->ftp_cmd_str,
&p_sess->ftp_arg_str, 1);
if (tunable_setproctitle_enable)
{
struct mystr proctitle_str = INIT_MYSTR;
str_copy(&proctitle_str, &p_sess->ftp_cmd_str);
if (!str_isempty(&p_sess->ftp_arg_str))
{
str_append_char(&proctitle_str, ' ');
str_append_str(&proctitle_str, &p_sess->ftp_arg_str);
}
/* Suggestion from Solar */
str_replace_unprintable(&proctitle_str, '?');
vsf_sysutil_setproctitle_str(&proctitle_str);
str_free(&proctitle_str);
}
if (str_equal_text(&p_sess->ftp_cmd_str, "QUIT"))
{
vsf_cmdio_write(p_sess, FTP_GOODBYE, "Goodbye.");
vsf_sysutil_exit(0);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "PWD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XPWD"))
{
handle_pwd(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "CWD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XCWD"))
{
handle_cwd(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "CDUP") ||
str_equal_text(&p_sess->ftp_cmd_str, "XCUP"))
{
handle_cdup(p_sess);
}
else if (tunable_pasv_enable &&
str_equal_text(&p_sess->ftp_cmd_str, "PASV"))
{
handle_pasv(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "RETR"))
{
handle_retr(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "NOOP"))
{
vsf_cmdio_write(p_sess, FTP_NOOPOK, "NOOP ok.");
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "SYST"))
{
vsf_cmdio_write(p_sess, FTP_SYSTOK, "UNIX Type: L8");
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "HELP"))
{
vsf_cmdio_write(p_sess, FTP_BADHELP, "Sorry, I don't have help.");
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "LIST"))
{
handle_list(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "TYPE"))
{
handle_type(p_sess);
}
else if (tunable_port_enable &&
str_equal_text(&p_sess->ftp_cmd_str, "PORT"))
{
handle_port(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_upload_enable || !p_sess->is_anonymous) &&
str_equal_text(&p_sess->ftp_cmd_str, "STOR"))
{
handle_stor(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_mkdir_write_enable || !p_sess->is_anonymous) &&
(str_equal_text(&p_sess->ftp_cmd_str, "MKD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XMKD")))
{
handle_mkd(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_other_write_enable || !p_sess->is_anonymous) &&
(str_equal_text(&p_sess->ftp_cmd_str, "RMD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XRMD")))
{
handle_rmd(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_other_write_enable || !p_sess->is_anonymous) &&
str_equal_text(&p_sess->ftp_cmd_str, "DELE"))
{
handle_dele(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "REST"))
{
handle_rest(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_other_write_enable || !p_sess->is_anonymous) &&
str_equal_text(&p_sess->ftp_cmd_str, "RNFR"))
{
handle_rnfr(p_sess);
}
else if (tunable_write_enable &&
(tunable_anon_other_write_enable || !p_sess->is_anonymous) &&
str_equal_text(&p_sess->ftp_cmd_str, "RNTO"))
{
handle_rnto(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "NLST"))
{
handle_nlst(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "SIZE"))
{
handle_size(p_sess);
}
else if (!p_sess->is_anonymous &&
str_equal_text(&p_sess->ftp_cmd_str, "SITE"))
{
handle_site(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "ABOR"))
{
vsf_cmdio_write(p_sess, FTP_ABOR_NOCONN, "No transfer to ABOR.");
}
else if (tunable_write_enable &&
(tunable_anon_other_write_enable || !p_sess->is_anonymous) &&
str_equal_text(&p_sess->ftp_cmd_str, "APPE"))
{
handle_appe(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "MDTM"))
{
handle_mdtm(p_sess);
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "PASV") ||
str_equal_text(&p_sess->ftp_cmd_str, "PORT") ||
str_equal_text(&p_sess->ftp_cmd_str, "STOR") ||
str_equal_text(&p_sess->ftp_cmd_str, "MKD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XMKD") ||
str_equal_text(&p_sess->ftp_cmd_str, "RMD") ||
str_equal_text(&p_sess->ftp_cmd_str, "XRMD") ||
str_equal_text(&p_sess->ftp_cmd_str, "DELE") ||
str_equal_text(&p_sess->ftp_cmd_str, "RNFR") ||
str_equal_text(&p_sess->ftp_cmd_str, "RNTO") ||
str_equal_text(&p_sess->ftp_cmd_str, "SITE") ||
str_equal_text(&p_sess->ftp_cmd_str, "APPE"))
{
vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied.");
}
else
{
vsf_cmdio_write(p_sess, FTP_BADCMD, "Unknown command.");
}
}
}
struct vsf_client_launch
vsf_standalone_main(void)
{
struct vsf_sysutil_sockaddr* p_sockaddr = 0;
struct vsf_sysutil_ipv4addr listen_ipaddr;
int listen_sock = vsf_sysutil_get_ipv4_sock();
int retval;
s_p_ip_count_hash = hash_alloc(256, sizeof(struct vsf_sysutil_ipv4addr),
sizeof(unsigned int), hash_ip);
s_p_pid_ip_hash = hash_alloc(256, sizeof(int),
sizeof(struct vsf_sysutil_ipv4addr), hash_pid);
if (tunable_setproctitle_enable)
{
vsf_sysutil_setproctitle("LISTENER");
}
vsf_sysutil_install_sighandler(kVSFSysUtilSigCHLD, handle_sigchld, 0);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigHUP, handle_sighup);
vsf_sysutil_activate_reuseaddr(listen_sock);
vsf_sysutil_sockaddr_alloc_ipv4(&p_sockaddr);
vsf_sysutil_sockaddr_set_port(
p_sockaddr, vsf_sysutil_ipv4port_from_int(tunable_listen_port));
if (!tunable_listen_address ||
vsf_sysutil_inet_aton(tunable_listen_address, &listen_ipaddr) == 0)
{
listen_ipaddr = vsf_sysutil_sockaddr_get_any();
}
vsf_sysutil_sockaddr_set_ipaddr(p_sockaddr, listen_ipaddr);
retval = vsf_sysutil_bind(listen_sock, p_sockaddr);
vsf_sysutil_free(p_sockaddr);
if (vsf_sysutil_retval_is_error(retval))
{
die("could not bind listening socket");
}
vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
while (1)
{
struct vsf_client_launch child_info;
static struct vsf_sysutil_sockaddr* p_accept_addr;
int new_child;
struct vsf_sysutil_ipv4addr ip_addr;
/* NOTE - wake up every 10 seconds to make sure we notice child exit
* in a timely manner (the sync signal framework race)
*/
int new_client_sock = vsf_sysutil_accept_timeout(
listen_sock, &p_accept_addr, 10);
if (s_reload_needed)
{
s_reload_needed = 0;
do_reload();
}
if (vsf_sysutil_retval_is_error(new_client_sock))
{
continue;
}
ip_addr = vsf_sysutil_sockaddr_get_ipaddr(p_accept_addr);
++s_children;
child_info.num_children = s_children;
child_info.num_this_ip = handle_ip_count(&ip_addr);
new_child = vsf_sysutil_fork_failok();
if (new_child != 0)
{
/* Parent context */
vsf_sysutil_close(new_client_sock);
if (new_child > 0)
{
hash_add_entry(s_p_pid_ip_hash, (void*)&new_child, (void*)&ip_addr);
}
else
{
/* fork() failed, clear up! */
--s_children;
drop_ip_count(&ip_addr);
}
/* Fall through to while() loop and accept() again */
}
else
{
/* Child context */
vsf_sysutil_close(listen_sock);
prepare_child(new_client_sock);
/* By returning here we "launch" the child process with the same
* contract as xinetd would provide.
*/
return child_info;
}
}
}
struct vsf_client_launch
vsf_standalone_main(void)
{
struct vsf_sysutil_sockaddr* p_accept_addr = 0;
int listen_sock = -1;
int retval;
s_ipaddr_size = vsf_sysutil_get_ipaddr_size();
if (tunable_listen && tunable_listen_ipv6)
{
die("run two copies of vsftpd for IPv4 and IPv6");
}
if (tunable_background)
{
int forkret = vsf_sysutil_fork();
if (forkret > 0)
{
/* Parent, just exit */
vsf_sysutil_exit(0);
}
vsf_sysutil_make_session_leader();
}
if (tunable_listen)
{
listen_sock = vsf_sysutil_get_ipv4_sock();
}
else
{
listen_sock = vsf_sysutil_get_ipv6_sock();
}
vsf_sysutil_activate_reuseaddr(listen_sock);
s_p_ip_count_hash = hash_alloc(256, s_ipaddr_size,
sizeof(unsigned int), hash_ip);
s_p_pid_ip_hash = hash_alloc(256, sizeof(int),
s_ipaddr_size, hash_pid);
if (tunable_setproctitle_enable)
{
vsf_sysutil_setproctitle("LISTENER");
}
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, handle_sigchld);
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigHUP, handle_sighup);
if (tunable_listen)
{
struct vsf_sysutil_sockaddr* p_sockaddr = 0;
vsf_sysutil_sockaddr_alloc_ipv4(&p_sockaddr);
vsf_sysutil_sockaddr_set_port(p_sockaddr, tunable_listen_port);
if (!tunable_listen_address)
{
vsf_sysutil_sockaddr_set_any(p_sockaddr);
}
else
{
if (!vsf_sysutil_inet_aton(tunable_listen_address, p_sockaddr))
{
die2("bad listen_address: ", tunable_listen_address);
}
}
retval = vsf_sysutil_bind(listen_sock, p_sockaddr);
vsf_sysutil_free(p_sockaddr);
if (vsf_sysutil_retval_is_error(retval))
{
die("could not bind listening IPv4 socket");
}
}
else
{
struct vsf_sysutil_sockaddr* p_sockaddr = 0;
vsf_sysutil_sockaddr_alloc_ipv6(&p_sockaddr);
vsf_sysutil_sockaddr_set_port(p_sockaddr, tunable_listen_port);
if (!tunable_listen_address6)
{
vsf_sysutil_sockaddr_set_any(p_sockaddr);
}
else
{
struct mystr addr_str = INIT_MYSTR;
const unsigned char* p_raw_addr;
str_alloc_text(&addr_str, tunable_listen_address6);
p_raw_addr = vsf_sysutil_parse_ipv6(&addr_str);
str_free(&addr_str);
if (!p_raw_addr)
{
die2("bad listen_address6: ", tunable_listen_address6);
}
vsf_sysutil_sockaddr_set_ipv6addr(p_sockaddr, p_raw_addr);
}
retval = vsf_sysutil_bind(listen_sock, p_sockaddr);
vsf_sysutil_free(p_sockaddr);
if (vsf_sysutil_retval_is_error(retval))
{
die("could not bind listening IPv6 socket");
}
}
vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
vsf_sysutil_sockaddr_alloc(&p_accept_addr);
while (1)
{
struct vsf_client_launch child_info;
void* p_raw_addr;
int new_child;
int new_client_sock;
vsf_sysutil_unblock_sig(kVSFSysUtilSigCHLD);
vsf_sysutil_unblock_sig(kVSFSysUtilSigHUP);
new_client_sock = vsf_sysutil_accept_timeout(
listen_sock, p_accept_addr, 0);
vsf_sysutil_block_sig(kVSFSysUtilSigCHLD);
vsf_sysutil_block_sig(kVSFSysUtilSigHUP);
if (vsf_sysutil_retval_is_error(new_client_sock))
{
continue;
}
++s_children;
child_info.num_children = s_children;
child_info.num_this_ip = 0;
p_raw_addr = vsf_sysutil_sockaddr_get_raw_addr(p_accept_addr);
child_info.num_this_ip = handle_ip_count(p_raw_addr);
new_child = vsf_sysutil_fork_failok();
if (new_child != 0)
{
/* Parent context */
vsf_sysutil_close(new_client_sock);
if (new_child > 0)
{
hash_add_entry(s_p_pid_ip_hash, (void*)&new_child, p_raw_addr);
}
else
{
/* fork() failed, clear up! */
--s_children;
drop_ip_count(p_raw_addr);
}
/* Fall through to while() loop and accept() again */
}
else
{
/* Child context */
vsf_sysutil_close(listen_sock);
prepare_child(new_client_sock);
/* By returning here we "launch" the child process with the same
* contract as xinetd would provide.
*/
return child_info;
}
}
}
static void
common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str,
int do_chroot, int anon)
{
int was_anon = anon;
const struct mystr* p_orig_user_str = p_user_str;
int newpid;
vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD);
/* Tells the pre-login child all is OK (it may exit in response) */
priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK);
if (!p_sess->control_use_ssl)
{
(void) vsf_sysutil_wait();
}
else
{
p_sess->ssl_slave_active = 1;
}
/* Absorb the SIGCHLD */
vsf_sysutil_unblock_sig(kVSFSysUtilSigCHLD);
/* Handle loading per-user config options */
handle_per_user_config(p_user_str);
/* Set this before we fork */
p_sess->is_anonymous = anon;
vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, twoproc_handle_sigchld);
newpid = vsf_sysutil_fork();
if (newpid == 0)
{
struct mystr guest_user_str = INIT_MYSTR;
struct mystr chroot_str = INIT_MYSTR;
struct mystr chdir_str = INIT_MYSTR;
struct mystr userdir_str = INIT_MYSTR;
unsigned int secutil_option = VSF_SECUTIL_OPTION_USE_GROUPS;
/* Child - drop privs and start proper FTP! */
vsf_sysutil_close(p_sess->parent_fd);
if (tunable_ssl_enable)
{
vsf_sysutil_close(p_sess->ssl_slave_fd);
}
if (tunable_guest_enable && !anon)
{
/* Remap to the guest user */
str_alloc_text(&guest_user_str, tunable_guest_username);
p_user_str = &guest_user_str;
if (!tunable_virtual_use_local_privs)
{
anon = 1;
do_chroot = 1;
}
}
if (do_chroot)
{
secutil_option |= VSF_SECUTIL_OPTION_CHROOT;
}
if (!anon)
{
secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID;
}
calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str,
p_user_str, p_orig_user_str);
vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str,
0, secutil_option);
if (!str_isempty(&chdir_str))
{
(void) str_chdir(&chdir_str);
}
str_free(&guest_user_str);
str_free(&chroot_str);
str_free(&chdir_str);
str_free(&userdir_str);
/* Guard against the config error of having the anonymous ftp tree owned
* by the user we are running as
*/
if (was_anon && vsf_sysutil_write_access("/"))
{
die("vsftpd: refusing to run with writable anonymous root");
}
p_sess->is_anonymous = anon;
process_post_login(p_sess);
bug("should not get here: common_do_login");
}
/* Parent */
if (tunable_ssl_enable)
{
vsf_sysutil_close(p_sess->ssl_consumer_fd);
/* Keep the SSL slave fd around so we can shutdown() upon exit */
}
vsf_priv_parent_postlogin(p_sess);
bug("should not get here in common_do_login");
}
