int get_transfer_fd(session_t *pses) { int iret = 0; //可能是主动模式,或者被动模式 //检测是否收到PORT命令或者PASV命令 if((port_active(pses) < 0) && (pasv_active(pses) < 0)) { ftp_reply(pses->ctrl_fd, FTP_BADSENDCONN, "Use PORT or PASV first."); iret = -1; return iret; } //主动模式 if(port_active(pses) == 0) { //向nobody进程发送命令 priv_sock_send_cmd(pses->child_fd, PRIV_SOCK_GET_DATA_SOCK); unsigned short port = ntohs(pses->port_addr->sin_port); char *ip = inet_ntoa(pses->port_addr->sin_addr); //发送port priv_sock_send_int(pses->child_fd, (int)port); //发送ip priv_sock_send_buf(pses->child_fd, ip, strlen(ip)); //接收应答 char res = priv_sock_get_result(pses->child_fd); if(res == PRIV_SOCK_RESULT_BAD) { iret = -1; } else if(res == PRIV_SOCK_RESULT_OK) { //接收文件描述符 pses->data_fd = priv_sock_recv_fd(pses->child_fd); } } else if(pasv_active(pses) == 0)//被动模式 { //发送命令给nobody进程,完成客户端和服务端的连接 priv_sock_send_cmd(pses->child_fd, PRIV_SOCK_PASV_ACCEPT); //接收nobody进程的应答 char res = priv_sock_get_result(pses->child_fd); if(res == PRIV_SOCK_RESULT_BAD) { iret = -1; } else if(res == PRIV_SOCK_RESULT_OK) { pses->data_fd = priv_sock_recv_fd(pses->child_fd); } } //连接成功后,该内存空间就不需要了 if(pses->port_addr != NULL) { free(pses->port_addr); pses->port_addr = NULL; } return iret; }
int vsf_ftpdataio_post_mark_connect(struct vsf_session* p_sess) { int ret = 0; if (!p_sess->data_use_ssl) { return 1; } if (!p_sess->ssl_slave_active) { ret = ssl_accept(p_sess, p_sess->data_fd); } else { int sock_ret; priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_HANDSHAKE); priv_sock_send_fd(p_sess->ssl_consumer_fd, p_sess->data_fd); sock_ret = priv_sock_get_result(p_sess->ssl_consumer_fd); if (sock_ret == PRIV_SOCK_RESULT_OK) { ret = 1; } } if (ret != 1) { if (tunable_require_ssl_reuse) { vsf_cmdio_write_exit(p_sess, FTP_DATATLSBAD, "SSL connection failed: session reuse required", 1); } else { vsf_cmdio_write(p_sess, FTP_DATATLSBAD, "SSL connection failed"); } } return ret; }
void vsf_two_process_login(struct vsf_session* p_sess, const struct mystr* p_pass_str) { char result; priv_sock_send_cmd(p_sess, PRIV_SOCK_LOGIN); priv_sock_send_str(p_sess, &p_sess->user_str); priv_sock_send_str(p_sess, p_pass_str); result = priv_sock_get_result(p_sess); if (result == PRIV_SOCK_RESULT_OK) { /* Miracle. We don't emit the success message here. That is left to * process_post_login(). * Exit normally, parent will wait for this and launch new child */ vsf_sysutil_exit(0); } else if (result == PRIV_SOCK_RESULT_BAD) { /* Continue the processing loop.. */ return; } else { die("priv_sock_get_result"); } }
void vsf_two_process_pasv_cleanup(struct vsf_session* p_sess) { char res; priv_sock_send_cmd(p_sess->child_fd, PRIV_SOCK_PASV_CLEANUP); res = priv_sock_get_result(p_sess->child_fd); if (res != PRIV_SOCK_RESULT_OK) { die("could not clean up socket"); } }
int vsf_ftpdataio_dispose_transfer_fd(struct vsf_session* p_sess) { int dispose_ret = 1; int retval; if (p_sess->data_fd == -1) { bug("no data descriptor in vsf_ftpdataio_dispose_transfer_fd"); } vsf_sysutil_uninstall_io_handler(); if (p_sess->data_use_ssl && p_sess->ssl_slave_active) { char result; start_data_alarm(p_sess); priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_CLOSE); result = priv_sock_get_result(p_sess->ssl_consumer_fd); if (result != PRIV_SOCK_RESULT_OK) { dispose_ret = 0; } } else if (p_sess->p_data_ssl) { start_data_alarm(p_sess); dispose_ret = ssl_data_close(p_sess); } if (!p_sess->abor_received && !p_sess->data_timeout && dispose_ret == 1) { /* If we didn't get a failure, linger on the close() in order to get more * accurate transfer times. */ start_data_alarm(p_sess); vsf_sysutil_activate_linger(p_sess->data_fd); } /* This close() blocks because we set SO_LINGER */ retval = vsf_sysutil_close_failok(p_sess->data_fd); if (vsf_sysutil_retval_is_error(retval)) { /* Do it again without blocking. */ vsf_sysutil_deactivate_linger_failok(p_sess->data_fd); (void) vsf_sysutil_close_failok(p_sess->data_fd); } p_sess->data_fd = -1; if (tunable_data_connection_timeout > 0) { vsf_sysutil_clear_alarm(); } if (p_sess->abor_received || p_sess->data_timeout) { dispose_ret = 0; } return dispose_ret; }
void vsf_two_process_chown_upload(struct vsf_session* p_sess, int fd) { char res; priv_sock_send_cmd(p_sess, PRIV_SOCK_CHOWN); priv_sock_child_send_fd(p_sess, fd); res = priv_sock_get_result(p_sess); if (res != PRIV_SOCK_RESULT_OK) { die("unexpected failure in vsf_two_process_chown_upload"); } }
int vsf_two_process_get_priv_data_sock(struct vsf_session* p_sess) { char res; priv_sock_send_cmd(p_sess, PRIV_SOCK_GET_DATA_SOCK); res = priv_sock_get_result(p_sess); if (res != PRIV_SOCK_RESULT_OK) { die("could not get privileged socket"); } return priv_sock_child_recv_fd(p_sess); }
int get_pasv_fd(session_t* sess) { priv_sock_send_cmd(sess->child_fd, PRIV_SOCK_PASV_ACCEPT); char res = priv_sock_get_result(sess->child_fd); if(res == PRIV_SOCK_RESULT_BAD) return 0; else if(res == PRIV_SOCK_RESULT_OK) sess->data_fd = priv_sock_recv_fd(sess->child_fd); return 1; }
int vsf_two_process_get_pasv_fd(struct vsf_session* p_sess) { char res; priv_sock_send_cmd(p_sess->child_fd, PRIV_SOCK_PASV_ACCEPT); res = priv_sock_get_result(p_sess->child_fd); if (res == PRIV_SOCK_RESULT_BAD) { return priv_sock_get_int(p_sess->child_fd); } else if (res != PRIV_SOCK_RESULT_OK) { die("could not accept on listening socket"); } return priv_sock_recv_fd(p_sess->child_fd); }
int get_port_fd(session_t* sess) { priv_sock_send_cmd(sess->child_fd, PRIV_SOCK_GET_DATA_SOCK); unsigned short port = ntohs(sess->port_addr->sin_port); char* ip = inet_ntoa(sess->port_addr->sin_addr); priv_sock_send_int(sess->child_fd, (int)port); priv_sock_send_buf(sess->child_fd, ip, strlen(ip)); char res = priv_sock_get_result(sess->child_fd); if(res == PRIV_SOCK_RESULT_BAD) return 0; else if(res == PRIV_SOCK_RESULT_OK) sess->data_fd = priv_sock_recv_fd(sess->child_fd); return 1; }
int vsf_two_process_get_priv_data_sock(struct vsf_session* p_sess) { char res; unsigned short port = vsf_sysutil_sockaddr_get_port(p_sess->p_port_sockaddr); priv_sock_send_cmd(p_sess->child_fd, PRIV_SOCK_GET_DATA_SOCK); priv_sock_send_int(p_sess->child_fd, port); res = priv_sock_get_result(p_sess->child_fd); if (res == PRIV_SOCK_RESULT_BAD) { return -1; } else if (res != PRIV_SOCK_RESULT_OK) { die("could not get privileged socket"); } return priv_sock_recv_fd(p_sess->child_fd); }
void vsf_two_process_login(struct vsf_session* p_sess, const struct mystr* p_pass_str) { char result; priv_sock_send_cmd(p_sess->child_fd, PRIV_SOCK_LOGIN); priv_sock_send_str(p_sess->child_fd, &p_sess->user_str); priv_sock_send_str(p_sess->child_fd, p_pass_str); priv_sock_send_int(p_sess->child_fd, p_sess->control_use_ssl); priv_sock_send_int(p_sess->child_fd, p_sess->data_use_ssl); result = priv_sock_get_result(p_sess->child_fd); if (result == PRIV_SOCK_RESULT_OK) { /* Miracle. We don't emit the success message here. That is left to * process_post_login(). * Exit normally, unless we are remaining as the SSL read / write child. */ if (!p_sess->control_use_ssl) { vsf_sysutil_exit(0); } else { vsf_sysutil_clear_alarm(); vsf_sysutil_close(p_sess->child_fd); if (tunable_setproctitle_enable) { vsf_sysutil_setproctitle("SSL handler"); } process_ssl_slave_req(p_sess); } /* NOTREACHED */ } else if (result == PRIV_SOCK_RESULT_BAD) { /* Continue the processing loop.. */ return; } else { die("priv_sock_get_result"); } }
int vsf_ftpdataio_dispose_transfer_fd(struct vsf_session* p_sess) { int dispose_ret = 1; int retval; if (p_sess->data_fd == -1) { bug("no data descriptor in vsf_ftpdataio_dispose_transfer_fd"); } /* Reset the data connection alarm so it runs anew with the blocking close */ start_data_alarm(p_sess); vsf_sysutil_uninstall_io_handler(); if (p_sess->data_use_ssl && p_sess->ssl_slave_active) { char result; priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_CLOSE); result = priv_sock_get_result(p_sess->ssl_consumer_fd); if (result != PRIV_SOCK_RESULT_OK) { dispose_ret = 0; } } else if (p_sess->p_data_ssl) { dispose_ret = ssl_data_close(p_sess); } /* This close() blocks because we set SO_LINGER */ retval = vsf_sysutil_close_failok(p_sess->data_fd); if (vsf_sysutil_retval_is_error(retval)) { /* Do it again without blocking. */ vsf_sysutil_deactivate_linger_failok(p_sess->data_fd); (void) vsf_sysutil_close_failok(p_sess->data_fd); } if (tunable_data_connection_timeout > 0) { vsf_sysutil_clear_alarm(); } p_sess->data_fd = -1; return dispose_ret; }
int vsf_ftpdataio_post_mark_connect(struct vsf_session* p_sess) { int ret = 0; if (!p_sess->data_use_ssl) { return 1; } if (!p_sess->ssl_slave_active) { ret = ssl_accept(p_sess, p_sess->data_fd); } else { int sock_ret; priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_HANDSHAKE); priv_sock_send_fd(p_sess->ssl_consumer_fd, p_sess->data_fd); sock_ret = priv_sock_get_result(p_sess->ssl_consumer_fd); if (sock_ret == PRIV_SOCK_RESULT_OK) { ret = 1; } } if (ret != 1) { static struct mystr s_err_msg; str_alloc_text(&s_err_msg, "SSL connection failed"); if (tunable_require_ssl_reuse) { str_append_text(&s_err_msg, "; session reuse required"); str_append_text( &s_err_msg, ": see require_ssl_reuse option in vsftpd.conf man page"); } vsf_cmdio_write_str(p_sess, FTP_DATATLSBAD, &s_err_msg); } return ret; }