static int forward_handle_user_proxyuserwithproxyauth(cmd_rec *cmd,
struct proxy_session *proxy_sess, int *successful, int *block_responses) {
int flags = 0, res;
if (!(proxy_sess_state & PROXY_SESS_STATE_PROXY_AUTHENTICATED)) {
char *user = NULL;
struct proxy_conn *pconn = NULL;
pr_netaddr_t *remote_addr = NULL;
array_header *other_addrs = NULL;
res = forward_cmd_parse_dst(cmd->pool, cmd->arg, &user, &pconn);
if (res < 0) {
errno = EINVAL;
return -1;
}
remote_addr = proxy_conn_get_addr(pconn, &other_addrs);
proxy_sess->dst_addr = remote_addr;
proxy_sess->other_addrs = other_addrs;
proxy_sess->dst_pconn = pconn;
/* Rewrite the USER command here with the trimmed/truncated name. */
pr_cmd_clear_cache(cmd);
cmd->arg = cmd->argv[1] = pstrdup(cmd->pool, user);
/* By returning zero here, we let the rest of the proftpd internals
* deal with the USER command locally, leading to proxy auth.
*/
*block_responses = FALSE;
return 0;
}
flags = PROXY_FORWARD_USER_PASSTHRU_FL_CONNECT_DSTADDR;
res = forward_handle_user_passthru(cmd, proxy_sess, successful, flags);
return res;
}
END_TEST
START_TEST (cmd_get_displayable_str_test) {
char *ok, *res = NULL;
cmd_rec *cmd = NULL;
size_t len = 0;
res = pr_cmd_get_displayable_str(NULL, NULL);
fail_unless(res == NULL, "Failed to handle null cmd_rec");
fail_unless(errno == EINVAL, "Failed to set errno to EINVAL");
cmd = pr_cmd_alloc(p, 1, "foo");
res = pr_cmd_get_displayable_str(cmd, NULL);
ok = "foo";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
mark_point();
cmd->argc = 0;
res = pr_cmd_get_displayable_str(cmd, NULL);
fail_if(res == NULL, "Expected string, got null");
/* Note: We still expect the PREVIOUS ok value, since
* pr_cmd_get_displayable_str() should cache the constructed string,
* rather than creating it anew.
*/
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
mark_point();
pr_cmd_clear_cache(cmd);
res = pr_cmd_get_displayable_str(cmd, NULL);
ok = "";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
mark_point();
cmd = pr_cmd_alloc(p, 1, "bar");
cmd->arg = NULL;
res = pr_cmd_get_displayable_str(cmd, NULL);
ok = "bar";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
mark_point();
cmd = pr_cmd_alloc(p, 1, "baz");
cmd->argv[0] = NULL;
cmd->arg = pstrdup(p, "baz");
res = pr_cmd_get_displayable_str(cmd, NULL);
/* cmd->argv[0] is the command name; without that, it does not matter
* what cmd->arg is. Hence why if cmd->argv[0] is null, we expect the
* empty string.
*/
ok = "";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
mark_point();
cmd = pr_cmd_alloc(p, 3, "foo", "bar", "baz");
cmd->arg = NULL;
res = pr_cmd_get_displayable_str(cmd, NULL);
/* cmd->argv[0] is the command name; without that, it does not matter
* what cmd->arg is. Hence why if cmd->argv[0] is null, we expect the
* empty string.
*/
ok = "foo bar baz";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
/* Make sure we can handle cases where cmd_rec->argv has been tampered
* with.
*/
mark_point();
cmd = pr_cmd_alloc(p, 3, "foo", "bar", "baz");
cmd->argv[0] = NULL;
res = pr_cmd_get_displayable_str(cmd, NULL);
ok = " bar baz";
fail_if(res == NULL, "Expected string, got null");
fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res);
}
int proxy_ftp_xfer_prepare_active(int policy_id, cmd_rec *cmd,
const char *error_code, struct proxy_session *proxy_sess, int flags) {
int backend_family, bind_family, res, xerrno = 0;
cmd_rec *actv_cmd;
const pr_netaddr_t *bind_addr = NULL;
pr_response_t *resp;
unsigned int resp_nlines = 0;
conn_t *data_conn = NULL;
char *active_cmd;
const char *resp_msg = NULL;
if (cmd == NULL ||
error_code == NULL ||
proxy_sess == NULL ||
proxy_sess->backend_ctrl_conn == NULL) {
errno = EINVAL;
return -1;
}
switch (policy_id) {
case PR_CMD_PORT_ID:
active_cmd = C_PORT;
break;
case PR_CMD_EPRT_ID:
/* If the remote host does not mention EPRT in its features, fall back
* to using PORT.
*/
active_cmd = C_EPRT;
if (pr_table_get(proxy_sess->backend_features, C_EPRT, NULL) == NULL) {
pr_trace_msg(trace_channel, 19,
"EPRT not supported by backend server (via FEAT), using PORT");
if (proxy_sess->dataxfer_policy == PR_CMD_EPRT_ID) {
proxy_sess->dataxfer_policy = PR_CMD_PORT_ID;
}
active_cmd = C_PORT;
policy_id = PR_CMD_PORT_ID;
}
break;
default:
/* In this case, the cmd we were given is the one we should send to
* the backend server -- but only if it is either EPRT or PORT.
*/
if (pr_cmd_cmp(cmd, PR_CMD_EPRT_ID) != 0 &&
pr_cmd_cmp(cmd, PR_CMD_PORT_ID) != 0) {
pr_trace_msg(trace_channel, 9,
"illegal FTP active transfer command '%s'", (char *) cmd->argv[0]);
errno = EINVAL;
return -1;
}
active_cmd = cmd->argv[0];
if (pr_cmd_cmp(cmd, PR_CMD_EPRT_ID) == 0) {
/* If the remote host does not mention EPRT in its features, fall back
* to using PORT.
*/
if (pr_table_get(proxy_sess->backend_features, C_EPRT, NULL) == NULL) {
pr_trace_msg(trace_channel, 19,
"EPRT not supported by backend server (via FEAT), using PORT");
if (proxy_sess->dataxfer_policy == PR_CMD_EPRT_ID) {
proxy_sess->dataxfer_policy = PR_CMD_PORT_ID;
}
active_cmd = C_PORT;
policy_id = PR_CMD_PORT_ID;
}
}
break;
}
bind_addr = proxy_sess->src_addr;
if (bind_addr == NULL) {
bind_addr = session.c->local_addr;
}
if (pr_netaddr_is_loopback(bind_addr) == TRUE &&
pr_netaddr_is_loopback(proxy_sess->backend_ctrl_conn->remote_addr) != TRUE) {
const char *local_name;
const pr_netaddr_t *local_addr;
local_name = pr_netaddr_get_localaddr_str(cmd->pool);
local_addr = pr_netaddr_get_addr(cmd->pool, local_name, NULL);
if (local_addr != NULL) {
pr_trace_msg(trace_channel, 14,
"%s is a loopback address, using %s instead",
pr_netaddr_get_ipstr(bind_addr), pr_netaddr_get_ipstr(local_addr));
bind_addr = local_addr;
}
}
/* Need to check the family of the bind addr against the family of the
* backend server.
*/
backend_family = pr_netaddr_get_family(proxy_sess->backend_ctrl_conn->remote_addr);
bind_family = pr_netaddr_get_family(bind_addr);
if (bind_family == backend_family) {
#ifdef PR_USE_IPV6
if (pr_netaddr_use_ipv6()) {
/* Make sure that the family is NOT IPv6, even though the local and
* remote families match. The PORT command cannot be used for IPv6
* addresses -- but EPRT CAN be used for IPv6 addresses.
*/
if (bind_family == AF_INET6 &&
policy_id == PR_CMD_PORT_ID) {
pr_netaddr_t *mapped_addr;
mapped_addr = pr_netaddr_v6tov4(cmd->pool, bind_addr);
if (mapped_addr != NULL) {
pr_trace_msg(trace_channel, 9,
"converting local IPv6 address '%s' to IPv4 address '%s' for "
"active transfer using PORT", pr_netaddr_get_ipstr(bind_addr),
pr_netaddr_get_ipstr(mapped_addr));
bind_addr = mapped_addr;
}
}
}
#endif /* PR_USE_IPV6 */
} else {
if (backend_family == AF_INET) {
pr_netaddr_t *mapped_addr;
/* In this scenario, the remote peer is an IPv4 (or IPv4-mapped IPv6)
* peer, so make sure we use an IPv4 local address.
*/
mapped_addr = pr_netaddr_v6tov4(cmd->pool, bind_addr);
if (mapped_addr != NULL) {
pr_trace_msg(trace_channel, 9,
"converting local IPv6 address '%s' to IPv4 address '%s' for "
"active transfer with IPv4 peer", pr_netaddr_get_ipstr(bind_addr),
pr_netaddr_get_ipstr(mapped_addr));
bind_addr = mapped_addr;
}
}
}
if (proxy_sess->backend_data_conn != NULL) {
/* Make sure that we only have one backend data connection. */
proxy_inet_close(session.pool, proxy_sess->backend_data_conn);
proxy_sess->backend_data_conn = NULL;
}
data_conn = proxy_ftp_conn_listen(cmd->tmp_pool, bind_addr, FALSE);
if (data_conn == NULL) {
xerrno = errno;
pr_response_add_err(error_code,
_("Unable to build data connection: Internal error"));
pr_response_flush(&resp_err_list);
errno = xerrno;
return -1;
}
proxy_sess->backend_data_conn = data_conn;
switch (pr_cmd_get_id(active_cmd)) {
case PR_CMD_PORT_ID:
resp_msg = proxy_ftp_msg_fmt_addr(cmd->tmp_pool, data_conn->local_addr,
data_conn->local_port, FALSE);
break;
case PR_CMD_EPRT_ID:
resp_msg = proxy_ftp_msg_fmt_ext_addr(cmd->tmp_pool,
data_conn->local_addr, data_conn->local_port, PR_CMD_EPRT_ID, FALSE);
break;
}
actv_cmd = pr_cmd_alloc(cmd->tmp_pool, 2, active_cmd, resp_msg);
actv_cmd->arg = (char *) resp_msg;
pr_cmd_clear_cache(actv_cmd);
res = proxy_ftp_ctrl_send_cmd(cmd->tmp_pool, proxy_sess->backend_ctrl_conn,
actv_cmd);
if (res < 0) {
xerrno = errno;
(void) pr_log_writefile(proxy_logfd, MOD_PROXY_VERSION,
"error sending %s to backend: %s", (char *) actv_cmd->argv[0],
strerror(xerrno));
proxy_inet_close(session.pool, proxy_sess->backend_data_conn);
proxy_sess->backend_data_conn = NULL;
pr_response_add_err(error_code, "%s: %s", (char *) cmd->argv[0],
strerror(xerrno));
pr_response_flush(&resp_err_list);
errno = xerrno;
return -1;
}
resp = proxy_ftp_ctrl_recv_resp(cmd->tmp_pool, proxy_sess->backend_ctrl_conn,
&resp_nlines, flags);
if (resp == NULL) {
xerrno = errno;
(void) pr_log_writefile(proxy_logfd, MOD_PROXY_VERSION,
"error receiving %s response from backend: %s",
(char *) actv_cmd->argv[0], strerror(xerrno));
proxy_inet_close(session.pool, proxy_sess->backend_data_conn);
proxy_sess->backend_data_conn = NULL;
pr_response_add_err(error_code, "%s: %s", (char *) cmd->argv[0],
strerror(xerrno));
pr_response_flush(&resp_err_list);
errno = xerrno;
return -1;
}
if (resp->num[0] != '2') {
(void) pr_log_writefile(proxy_logfd, MOD_PROXY_VERSION,
"received non-2xx response from backend for %s: %s %s",
(char *) actv_cmd->argv[0], resp->num, resp->msg);
proxy_inet_close(session.pool, proxy_sess->backend_data_conn);
proxy_sess->backend_data_conn = NULL;
if (policy_id == PR_CMD_EPRT_ID) {
/* If using EPRT failed, try again using PORT, and switch the
* DataTransferPolicy (if EPRT) to be PORT, for future attempts.
*/
if (proxy_sess->dataxfer_policy == PR_CMD_EPRT_ID) {
pr_trace_msg(trace_channel, 15,
"falling back from EPRT to PORT DataTransferPolicy");
proxy_sess->dataxfer_policy = PR_CMD_PORT_ID;
}
return proxy_ftp_xfer_prepare_active(PR_CMD_PORT_ID, cmd,
error_code, proxy_sess, flags);
}
pr_response_add_err(error_code, "%s", resp->msg);
pr_response_flush(&resp_err_list);
errno = EINVAL;
return -1;
}
return 0;
}
