static void privop_pasv_get_data_sock(session_t *sess) { unsigned short port = (unsigned short)priv_sock_get_int(sess->parent_fd); char ip[16] = {0}; priv_sock_recv_buf(sess->parent_fd, ip, sizeof(ip)); printf("privop_pasv_get_data_sock port=%u and ip=%s\n", port, ip); struct sockaddr_in addr; memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(ip); int fd = tcp_client(20); if(fd == -1) { printf("aaaaaaaaaaaaaaaaaaa\n"); priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } socklen_t len = sizeof(struct sockaddr_in);; if(connect(fd, (struct sockaddr*)&addr, len) < 0) { printf("bbbbbbbbbbbbbbbbb\n"); ERR_EXIT("ccccconect"); close(fd); priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); ERR_EXIT("connect"); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->parent_fd, fd); close(fd); }
static void privop_pasv_active(session_t *sess) { if (sess->pasv_listen_fd != -1) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); }
static void privop_pasv_listen(session_t *sess) { sess->pasv_listen_fd = tcp_server(tunable_listen_address, 0); struct sockaddr_in addr; socklen_t addrlen = sizeof(addr); if (getsockname(sess->pasv_listen_fd, (struct sockaddr *)&addr, &addrlen) < 0) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); ERR_EXIT("getsockname"); } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_int(sess->parent_fd, (int)addr.sin_port); }
static void privop_pasv_accept(session_t *sess) { int fd = accept_timeout(sess->pasv_listen_fd, NULL, tunable_accept_timeout); close(sess->pasv_listen_fd); sess->pasv_listen_fd = -1; if (fd == -1) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->parent_fd, fd); close(fd); }
void PrivPar::privop_pasv_accept(session_t *sess) { int fd = sysutil::accept_timeout(sess->pasv_listen_fd, NULL, parseconfig->get_accept_timeout()); close(sess->pasv_listen_fd); sess->pasv_listen_fd = -1; if (fd == -1) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->parent_fd, fd); close(fd); }
static void privop_pasv_accept(session_t *sess) { // 因为服务器端给出的端口是随机的,accept 返回数据套接字关联的端口是进程独立的 int fd = accept_timeout(sess->pasv_listen_fd, NULL, tunable_accept_timeout); close(sess->pasv_listen_fd); sess->pasv_listen_fd = -1; if (fd < 0) { priv_sock_send_result(sess->nobody_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->nobody_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->nobody_fd, fd); close(fd); }
static void cmd_process_chown(struct vsf_session* p_sess) { int the_fd = priv_sock_recv_fd(p_sess->parent_fd); vsf_privop_do_file_chown(p_sess, the_fd); vsf_sysutil_close(the_fd); priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); }
static void cmd_process_get_data_sock(struct vsf_session* p_sess) { int sock_fd = vsf_privop_get_ftp_port_sock(p_sess); priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(p_sess->parent_fd, sock_fd); vsf_sysutil_close(sock_fd); }
static void common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str, int do_chroot, int anon) { int was_anon = anon; int newpid; vsf_sysutil_default_sig(kVSFSysUtilSigCHLD); /* Asks the pre-login child to go away (by exiting) */ priv_sock_send_result(p_sess, PRIV_SOCK_RESULT_OK); (void) vsf_sysutil_wait(); /* Handle loading per-user config options */ handle_per_user_config(p_user_str); vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, handle_sigchld); newpid = vsf_sysutil_fork(); if (newpid == 0) { struct mystr guest_user_str = INIT_MYSTR; struct mystr chdir_str = INIT_MYSTR; unsigned int secutil_option = VSF_SECUTIL_OPTION_USE_GROUPS; calculate_chdir_dir(anon, &chdir_str, p_user_str); if (do_chroot) { secutil_option |= VSF_SECUTIL_OPTION_CHROOT; } /* Child - drop privs and start proper FTP! */ if (tunable_guest_enable && !anon) { /* Remap to the guest user */ str_alloc_text(&guest_user_str, tunable_guest_username); p_user_str = &guest_user_str; /* SECURITY: For now, apply the anonymous restrictions to * guest users */ anon = 1; } if (!anon) { secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID; } vsf_secutil_change_credentials(p_user_str, 0, &chdir_str, 0, secutil_option); str_free(&guest_user_str); str_free(&chdir_str); /* Guard against the config error of having the anonymous ftp tree owned * by the user we are running as */ if (was_anon && vsf_sysutil_write_access("/")) { die("vsftpd: refusing to run with writable anonymous root"); } p_sess->is_anonymous = anon; process_post_login(p_sess); bug("should not get here: common_do_login"); } /* Parent */ vsf_priv_parent_postlogin(p_sess); bug("should not get here in common_do_login"); }
/** * 创建数据连接通道 * @param sess [description] */ void PrivPar::privop_pasv_get_data_sock(session_t *sess) { /* nobody进程接收PRIV_SOCK_GET_DATA_SOCK命令 进一步接收一个整数,也就是port 接收一个字符串,也就是ip fd = socket bind(20) connect(ip, port); OK send_fd BAD */ unsigned short port = (unsigned short)priv_sock_get_int(sess->parent_fd); char ip[16] = {0}; priv_sock_recv_buf(sess->parent_fd, ip, sizeof(ip)); //从ftp服务进程获取IP地址 struct sockaddr_in addr; memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(ip); int fd = sysutil::tcp_client(20); if (fd == -1) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } if (sysutil::connect_timeout(fd, &addr, parseconfig->get_accept_timeout()) < 0) { close(fd); priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->parent_fd, fd); close(fd); }
static void privop_pasv_get_data_sock(session_t *sess) { /* socket bind 20 connect */ // tcp_client(20); /* */ char ip[16] = {0}; unsigned short port = (unsigned short)priv_sock_get_int(sess->parent_fd); priv_sock_recv_buf(sess->parent_fd, ip, sizeof(ip)); struct sockaddr_in addr; memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(ip); int fd = tcp_client(20); if (fd == -1) { priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } if (connect_timeout(fd, &addr, tunable_connect_timeout) < 0) { close(fd); priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->parent_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->parent_fd, fd); close(fd); }
static void privop_port_get_data_sock(session_t *sess) { unsigned short port = (unsigned short)priv_sock_get_int(sess->nobody_fd); char ip[20] = {0}; priv_sock_recv_buf(sess->nobody_fd, ip, sizeof(ip)); struct sockaddr_in addr; memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(ip); // 当多个客户端连接服务器时,可以同时有多个nobody进程bind 20端口+ip,因为此时客户端给出的端口是随机的,故 // 四元组还是能识别一个数据连接 // 当客户端位于NAT服务器之后使用PORT模式时,需要在NAT服务器上配置映射才能让服务器主动连接到客户端 // 所以采用的是标准固定的20端口,这样NAT服务器就不用维护很多的表目 int fd = tcp_client(20); if (fd == -1) { priv_sock_send_result(sess->nobody_fd, PRIV_SOCK_RESULT_BAD); return; } if (connect_timeout(fd, &addr, tunable_connect_timeout) < 0) { close(fd); priv_sock_send_result(sess->nobody_fd, PRIV_SOCK_RESULT_BAD); return; } priv_sock_send_result(sess->nobody_fd, PRIV_SOCK_RESULT_OK); priv_sock_send_fd(sess->nobody_fd, fd); close(fd); //父进程必须close(fd),否则子进程关闭close(data_fd)的时候也不会发送FIN段。 //因为通过unix域协议传递套接字等于是对方也打开套接字,而直接简单的赋值是没有这样的效果的。 }
//static Kitsune void process_login_req(struct vsf_session* p_sess) { enum EVSFPrivopLoginResult e_login_result = kVSFLoginNull; char cmd; if (!kitsune_is_updating()) { /* Kitsune */ vsf_sysutil_unblock_sig(kVSFSysUtilSigCHLD); /* Blocks */ cmd = priv_sock_get_cmd(p_sess->parent_fd); vsf_sysutil_block_sig(kVSFSysUtilSigCHLD); if (cmd != PRIV_SOCK_LOGIN) { die("bad request"); } } /* Kitsune, update point */ kitsune_update("twoprocess.c"); /* Kitsune, allow updating from blocking loop */ vsf_sysutil_kitsune_set_update_point("twoprocess.c"); /* Get username and password - we must distrust these */ { struct mystr password_str = INIT_MYSTR; priv_sock_get_str(p_sess->parent_fd, &p_sess->user_str); priv_sock_get_str(p_sess->parent_fd, &password_str); p_sess->control_use_ssl = priv_sock_get_int(p_sess->parent_fd); p_sess->data_use_ssl = priv_sock_get_int(p_sess->parent_fd); if (!tunable_ssl_enable) { p_sess->control_use_ssl = 0; p_sess->data_use_ssl = 0; } e_login_result = vsf_privop_do_login(p_sess, &password_str); str_free(&password_str); } switch (e_login_result) { case kVSFLoginFail: priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_BAD); return; break; case kVSFLoginAnon: str_alloc_text(&p_sess->user_str, tunable_ftp_username); common_do_login(p_sess, &p_sess->user_str, 1, 1); break; case kVSFLoginReal: { int do_chroot = 0; if (tunable_chroot_local_user) { do_chroot = 1; } if (tunable_chroot_list_enable) { struct mystr chroot_list_file = INIT_MYSTR; int retval = str_fileread(&chroot_list_file, tunable_chroot_list_file, VSFTP_CONF_FILE_MAX); if (vsf_sysutil_retval_is_error(retval)) { die2("could not open chroot() list file:", tunable_chroot_list_file); } if (str_contains_line(&chroot_list_file, &p_sess->user_str)) { if (do_chroot) { do_chroot = 0; } else { do_chroot = 1; } } str_free(&chroot_list_file); } common_do_login(p_sess, &p_sess->user_str, do_chroot, 0); } break; default: bug("weird state in process_login_request"); break; } /* NOTREACHED */ }
void ssl_slave(struct vsf_session* p_sess) { struct mystr data_str = INIT_MYSTR; str_reserve(&data_str, VSFTP_DATA_BUFSIZE); /* Before becoming the slave, clear the alarm for the FTP protocol. */ vsf_sysutil_clear_alarm(); /* No need for any further communications with the privileged parent. */ priv_sock_set_parent_context(p_sess); if (tunable_setproctitle_enable) { vsf_sysutil_setproctitle("SSL handler"); } while (1) { char cmd = priv_sock_get_cmd(p_sess->ssl_slave_fd); int ret; if (cmd == PRIV_SOCK_GET_USER_CMD) { ret = ftp_getline(p_sess, &p_sess->ftp_cmd_str, p_sess->p_control_line_buf); priv_sock_send_int(p_sess->ssl_slave_fd, ret); if (ret >= 0) { priv_sock_send_str(p_sess->ssl_slave_fd, &p_sess->ftp_cmd_str); } } else if (cmd == PRIV_SOCK_WRITE_USER_RESP) { priv_sock_get_str(p_sess->ssl_slave_fd, &p_sess->ftp_cmd_str); ret = ftp_write_str(p_sess, &p_sess->ftp_cmd_str, kVSFRWControl); priv_sock_send_int(p_sess->ssl_slave_fd, ret); } else if (cmd == PRIV_SOCK_DO_SSL_HANDSHAKE) { char result = PRIV_SOCK_RESULT_BAD; if (p_sess->data_fd != -1 || p_sess->p_data_ssl != 0) { bug("state not clean"); } p_sess->data_fd = priv_sock_recv_fd(p_sess->ssl_slave_fd); ret = ssl_accept(p_sess, p_sess->data_fd); if (ret == 1) { result = PRIV_SOCK_RESULT_OK; } else { vsf_sysutil_close(p_sess->data_fd); p_sess->data_fd = -1; } priv_sock_send_result(p_sess->ssl_slave_fd, result); } else if (cmd == PRIV_SOCK_DO_SSL_READ) { str_trunc(&data_str, VSFTP_DATA_BUFSIZE); ret = ssl_read_into_str(p_sess, p_sess->p_data_ssl, &data_str); priv_sock_send_int(p_sess->ssl_slave_fd, ret); priv_sock_send_str(p_sess->ssl_slave_fd, &data_str); } else if (cmd == PRIV_SOCK_DO_SSL_WRITE) { priv_sock_get_str(p_sess->ssl_slave_fd, &data_str); ret = ssl_write(p_sess->p_data_ssl, str_getbuf(&data_str), str_getlen(&data_str)); priv_sock_send_int(p_sess->ssl_slave_fd, ret); } else if (cmd == PRIV_SOCK_DO_SSL_CLOSE) { char result = PRIV_SOCK_RESULT_BAD; if (p_sess->data_fd == -1 && p_sess->p_data_ssl == 0) { result = PRIV_SOCK_RESULT_OK; } else { ret = ssl_data_close(p_sess); if (ret == 1) { result = PRIV_SOCK_RESULT_OK; } vsf_sysutil_close(p_sess->data_fd); p_sess->data_fd = -1; } priv_sock_send_result(p_sess->ssl_slave_fd, result); } else { die("bad request in process_ssl_slave_req"); } } }
static void common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str, int do_chroot, int anon) { int was_anon = anon; const struct mystr* p_orig_user_str = p_user_str; int newpid; vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD); /* Tells the pre-login child all is OK (it may exit in response) */ priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); if (!p_sess->control_use_ssl) { (void) vsf_sysutil_wait(); } else { p_sess->ssl_slave_active = 1; } /* Absorb the SIGCHLD */ vsf_sysutil_unblock_sig(kVSFSysUtilSigCHLD); /* Handle loading per-user config options */ handle_per_user_config(p_user_str); /* Set this before we fork */ p_sess->is_anonymous = anon; vsf_sysutil_install_async_sighandler(kVSFSysUtilSigCHLD, twoproc_handle_sigchld); newpid = vsf_sysutil_fork(); if (newpid == 0) { struct mystr guest_user_str = INIT_MYSTR; struct mystr chroot_str = INIT_MYSTR; struct mystr chdir_str = INIT_MYSTR; struct mystr userdir_str = INIT_MYSTR; unsigned int secutil_option = VSF_SECUTIL_OPTION_USE_GROUPS; /* Child - drop privs and start proper FTP! */ vsf_sysutil_close(p_sess->parent_fd); if (tunable_ssl_enable) { vsf_sysutil_close(p_sess->ssl_slave_fd); } if (tunable_guest_enable && !anon) { /* Remap to the guest user */ str_alloc_text(&guest_user_str, tunable_guest_username); p_user_str = &guest_user_str; if (!tunable_virtual_use_local_privs) { anon = 1; do_chroot = 1; } } if (do_chroot) { secutil_option |= VSF_SECUTIL_OPTION_CHROOT; } if (!anon) { secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID; } calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str, p_user_str, p_orig_user_str); vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str, 0, secutil_option); if (!str_isempty(&chdir_str)) { (void) str_chdir(&chdir_str); } str_free(&guest_user_str); str_free(&chroot_str); str_free(&chdir_str); str_free(&userdir_str); /* Guard against the config error of having the anonymous ftp tree owned * by the user we are running as */ if (was_anon && vsf_sysutil_write_access("/")) { die("vsftpd: refusing to run with writable anonymous root"); } p_sess->is_anonymous = anon; process_post_login(p_sess); bug("should not get here: common_do_login"); } /* Parent */ if (tunable_ssl_enable) { vsf_sysutil_close(p_sess->ssl_consumer_fd); /* Keep the SSL slave fd around so we can shutdown() upon exit */ } vsf_priv_parent_postlogin(p_sess); bug("should not get here in common_do_login"); }
static void common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str, int do_chroot, int anon) { int was_anon = anon; const struct mystr* p_orig_user_str = p_user_str; int newpid; vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD); /* Tells the pre-login child all is OK (it may exit in response) */ priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); if (!p_sess->control_use_ssl) { (void) vsf_sysutil_wait(); } else { p_sess->ssl_slave_active = 1; } /* Handle loading per-user config options */ handle_per_user_config(p_user_str); /* Set this before we fork */ p_sess->is_anonymous = anon; priv_sock_close(p_sess); priv_sock_init(p_sess); vsf_sysutil_install_sighandler(kVSFSysUtilSigCHLD, handle_sigchld, 0, 1); if (tunable_isolate_network && !tunable_port_promiscuous) { newpid = vsf_sysutil_fork_newnet(); } else { newpid = vsf_sysutil_fork(); } if (newpid == 0) { struct mystr guest_user_str = INIT_MYSTR; struct mystr chroot_str = INIT_MYSTR; struct mystr chdir_str = INIT_MYSTR; struct mystr userdir_str = INIT_MYSTR; unsigned int secutil_option = VSF_SECUTIL_OPTION_USE_GROUPS | VSF_SECUTIL_OPTION_NO_PROCS; /* Child - drop privs and start proper FTP! */ /* This PR_SET_PDEATHSIG doesn't work for all possible process tree setups. * The other cases are taken care of by a shutdown() of the command * connection in our SIGTERM handler. */ vsf_set_die_if_parent_dies(); priv_sock_set_child_context(p_sess); if (tunable_guest_enable && !anon) { p_sess->is_guest = 1; /* Remap to the guest user */ str_alloc_text(&guest_user_str, tunable_guest_username); p_user_str = &guest_user_str; if (!tunable_virtual_use_local_privs) { anon = 1; do_chroot = 1; } } if (do_chroot) { secutil_option |= VSF_SECUTIL_OPTION_CHROOT; } if (!anon) { secutil_option |= VSF_SECUTIL_OPTION_CHANGE_EUID; } calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str, p_user_str, p_orig_user_str); vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str, 0, secutil_option); if (!str_isempty(&chdir_str)) { (void) str_chdir(&chdir_str); } str_free(&guest_user_str); str_free(&chroot_str); str_free(&chdir_str); str_free(&userdir_str); p_sess->is_anonymous = anon; process_post_login(p_sess); bug("should not get here: common_do_login"); } /* Parent */ priv_sock_set_parent_context(p_sess); if (tunable_ssl_enable) { ssl_comm_channel_set_producer_context(p_sess); } vsf_priv_parent_postlogin(p_sess); bug("should not get here in common_do_login"); }
static void process_login_req(struct vsf_session* p_sess) { enum EVSFPrivopLoginResult e_login_result = kVSFLoginNull; /* Blocks */ if (priv_sock_get_cmd(p_sess) != PRIV_SOCK_LOGIN) { die("bad request"); } /* Get username and password - we must distrust these */ { struct mystr password_str = INIT_MYSTR; priv_sock_get_str(p_sess, &p_sess->user_str); priv_sock_get_str(p_sess, &password_str); e_login_result = vsf_privop_do_login(p_sess, &password_str); str_free(&password_str); } switch (e_login_result) { case kVSFLoginFail: priv_sock_send_result(p_sess, PRIV_SOCK_RESULT_BAD); return; break; case kVSFLoginAnon: str_alloc_text(&p_sess->user_str, tunable_ftp_username); common_do_login(p_sess, &p_sess->user_str, 1, 1); break; case kVSFLoginReal: { int do_chroot = 0; if (tunable_chroot_local_user) { do_chroot = 1; } if (tunable_chroot_list_enable) { struct mystr chroot_list_file = INIT_MYSTR; int retval = str_fileread(&chroot_list_file, tunable_chroot_list_file, VSFTP_CONF_FILE_MAX); if (vsf_sysutil_retval_is_error(retval)) { die("cannot open chroot() user list file"); } if (str_contains_line(&chroot_list_file, &p_sess->user_str)) { if (do_chroot) { do_chroot = 0; } else { do_chroot = 1; } } str_free(&chroot_list_file); } common_do_login(p_sess, &p_sess->user_str, do_chroot, 0); } break; default: bug("weird state in process_login_request"); break; } /* NOTREACHED */ }