void _memory_preallocate( void ) { hash_t tracker; if( !_memory_temporary.storage ) _atomic_allocate_initialize( config_int( HASH_FOUNDATION, HASH_TEMPORARY_MEMORY ) ); tracker = config_string_hash( HASH_FOUNDATION, HASH_MEMORY_TRACKER ); if( tracker == HASH_LOCAL ) memory_set_tracker( memory_tracker_local() ); }
/* * 割込み管理機能の初期化 */ void initialize_interrupt(void) { uint_t i; const INTINIB *p_intinib; for (i = 0; i < tnum_cfg_intno; i++) { p_intinib = &(intinib_table[i]); config_int(p_intinib->intno, p_intinib->intatr, p_intinib->intpri); } }
static const char *config_control(struct control **as) { const char *t = 0; struct control *a, *b; struct simple_list *l; b = *as; while (b && b->locations) b = b->next; MAKE(a, struct control); a->locations = 0; a->alias = 0; a->clients = 0; if (b) { a->index_names = b->index_names; a->accesses = b->accesses; a->mimes = b->mimes; a->symlinksok = b->symlinksok; a->path_args_ok = b->path_args_ok; a->loglevel = b->loglevel; a->admin = b->admin; a->refresh = b->refresh; } else { a->index_names = 0; a->accesses = 0; a->mimes = 0; a->symlinksok = 0; a->path_args_ok = 0; a->loglevel = 0; a->admin = 0; a->refresh = 0; } a->next = *as; *as = a; GETOPEN(); while (NOTCLOSE()) { REQWORD(); if (strceq(tokbuf, c_location)) { MAKE(l, struct simple_list); GETSTRING(); chopslash(tokbuf); COPY(l->name, tokbuf); if (a->locations) { l->next = a->locations->next; a->locations->next = l; } else { l->next = l; a->locations = l; } } else if (strceq(tokbuf, c_alias)) { GETSTRING(); chopslash(tokbuf); COPY(a->alias, tokbuf); } else if (strceq(tokbuf, c_symlinks)) t = config_flag(&a->symlinksok); else if (strceq(tokbuf, c_path_args)) t = config_flag(&a->path_args_ok); else if (strceq(tokbuf, c_loglevel)) t = config_int(&a->loglevel); else if (strceq(tokbuf, c_index_names)) t = config_list(&a->index_names); else if (strceq(tokbuf, c_access)) t = config_access(&a->accesses); else if (strceq(tokbuf, c_clients)) t = config_access(&a->clients); else if (strceq(tokbuf, c_types)) t = config_mime(&a->mimes, M_TYPE); else if (strceq(tokbuf, c_specials)) t = config_mime(&a->mimes, M_SPECIAL); else if (strceq(tokbuf, c_admin)) t = config_string(&a->admin); else if (strceq(tokbuf, c_refresh)) t = config_int(&a->refresh); else t = e_keyword; if (t) return t; } if (a->alias && (a->locations == 0)) return e_bad_alias; return 0; }
static int client_setup_file(CONTEXT *ctx, char *who) { char *p; u_int16_t l, u; /* ** little bit sanity check */ if( !(ctx && who && *who)) { return -1; } /* ** Inform the auditor that we are using the config file */ syslog_write(U_INF, "reading data for '%s' from cfg-file", who); /* ** Evaluate DestinationAddress, except we have magic_addr */ if (INADDR_ANY != ctx->magic_addr) { ctx->srv_addr = ctx->magic_addr; } else { ctx->srv_addr = config_addr(who, "DestinationAddress", INADDR_ANY); #if defined(COMPILE_DEBUG) debug(2, "file DestAddr for %s: '%s'", ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr)); #endif } /* ** Evaluate DestinationPort, except we have magic_port */ if (INPORT_ANY != ctx->magic_port) { ctx->srv_port = ctx->magic_port; } else { ctx->srv_port = config_port(who, "DestinationPort", IPPORT_FTP); #if defined(COMPILE_DEBUG) debug(2, "file DestPort for %s: %d", ctx->cli_ctrl->peer, (int) ctx->srv_port); #endif } /* ** Evaluate the destination transfer mode */ p = config_str(who, "DestinationTransferMode", "client"); if(0 == strcasecmp(p, "active")) { ctx->srv_mode = MOD_ACT_FTP; } else if(0 == strcasecmp(p, "passive")) { ctx->srv_mode = MOD_PAS_FTP; } else if(0 == strcasecmp(p, "client")) { ctx->srv_mode = MOD_CLI_FTP; } else { syslog_error("can't eval DestMode for %s", ctx->cli_ctrl->peer); return -1; } #if defined(COMPILE_DEBUG) debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p); #endif /* ** Evaluate min/max destination port range */ l = config_port(who, "DestinationMinPort", INPORT_ANY); u = config_port(who, "DestinationMaxPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->srv_lrng = l; ctx->srv_urng = u; } else { ctx->srv_lrng = INPORT_ANY; ctx->srv_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->srv_lrng, ctx->srv_urng); #endif /* ** Evaluate min/max active port range */ l = config_port(who, "ActiveMinDataPort", INPORT_ANY); u = config_port(who, "ActiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->act_lrng = l; ctx->act_urng = u; } else { /* do not try to bind a port < 1024 if running as UID != 0 */ if(0 == getuid()) { ctx->act_lrng = (IPPORT_FTP - 1); ctx->act_urng = (IPPORT_FTP - 1); } else { ctx->act_lrng = INPORT_ANY; ctx->act_urng = INPORT_ANY; } } #if defined(COMPILE_DEBUG) debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->act_lrng, ctx->act_urng); #endif /* ** Evaluate min/max passive port range */ l = config_port(who, "PassiveMinDataPort", INPORT_ANY); u = config_port(who, "PassiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->pas_lrng = l; ctx->pas_urng = u; } else { ctx->pas_lrng = INPORT_ANY; ctx->pas_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->pas_lrng, ctx->pas_urng); #endif /* ** Setup other configuration options */ ctx->same_adr = config_bool(who, "SameAddress", 1); ctx->timeout = config_int (who, "TimeOut", 900); #if defined(COMPILE_DEBUG) debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer, ctx->same_adr ? "yes" : "no"); debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout); #endif /* ** Adjust the allow/deny flags for the commands */ p = config_str(who, "ValidCommands", NULL); cmds_set_allow(p); return 0; }
void client_run(void) { int sock, need, diff; char str[MAX_PATH_SIZE * 2]; char *p, *q; FILE *fp; BUF *buf; /* ** Setup client signal handling (mostly graceful exit) */ signal(SIGINT, client_signal); signal(SIGTERM, client_signal); signal(SIGQUIT, client_signal); signal(SIGHUP, client_signal); signal(SIGCHLD, SIG_IGN); signal(SIGUSR1, SIG_IGN); /* ** Prepare our general client context */ memset(&ctx, 0, sizeof(ctx)); ctx.sess_beg = time(NULL); ctx.cli_mode = MOD_ACT_FTP; ctx.expect = EXP_IDLE; ctx.timeout = config_int(NULL, "TimeOut", 900); sock = fileno(stdin); /* "recover" our socket */ /* ** Check whether a DenyMessage file exists. This ** indicates that we are currently not willing ** to serve any clients. */ p = config_str(NULL, "DenyMessage", NULL); if (p != NULL && (fp = fopen(p, "r")) != NULL) { while (fgets(str, sizeof(str) - 4, fp) != NULL) { p = socket_msgline(str); if ((q = strchr(p, '\n')) != NULL) strcpy(q, "\r\n"); else strcat(p, "\r\n"); send(sock, "421-", 4, 0); send(sock, p, strlen(p), 0); } fclose(fp); if ((p = config_str(NULL, "DenyString", NULL)) != NULL) p = socket_msgline(p); else p = "Service not available"; send(sock, "421 ", 4, 0); send(sock, p, strlen(p), 0); send(sock, ".\r\n", 3, 0); p = socket_addr2str(socket_sck2addr(sock, REM_END, NULL)); close(sock); syslog_write(U_ERR, "reject: '%s' (DenyMessage)", p); exit(EXIT_SUCCESS); } /* ** Create a High Level Socket for the client's User-PI */ if ((ctx.cli_ctrl = socket_init(sock)) == NULL) misc_die(FL, "client_run: ?cli_ctrl?"); ctx.cli_ctrl->ctyp = "Cli-Ctrl"; /* ** Announce the connection request */ syslog_write(U_INF, "connect from %s", ctx.cli_ctrl->peer); /* ** Display the welcome message (invite the user to login) */ if ((p = config_str(NULL, "WelcomeString", NULL)) == NULL) p = "%h FTP server (Version %v - %b) ready"; misc_strncpy(str, socket_msgline(p), sizeof(str)); client_respond(220, config_str(NULL, "WelcomeMessage", NULL), str); /* ** Enter the client mainloop */ while (close_flag == 0) { /* ** We need to go into select() only ** if all input has been processed ** or ** we wait for more data to get a line ** complete (partially sent, no EOL). ** ** (data buffers are never splited) */ need = 1; if (ctx.cli_ctrl && ctx.cli_ctrl->rbuf) need = 0; if (ctx.srv_ctrl && ctx.srv_ctrl->rbuf) need = 0; if((ctx.cli_ctrl && ctx.cli_ctrl->more>0) || (ctx.srv_ctrl && ctx.srv_ctrl->more>0)) need = 1; /* ** use higher priority to writes; ** read only if nothing to write... */ if(ctx.srv_data && ctx.cli_data) { if(ctx.srv_data->wbuf) { ctx.cli_data->more = -1; } else { ctx.cli_data->more = 0; } if(ctx.cli_data->wbuf) { ctx.srv_data->more = -1; } else { ctx.srv_data->more = 0; } } if (need != 0) { if (socket_exec(ctx.timeout, &close_flag) <= 0) break; /* Timed out or worse */ } #if defined(COMPILE_DEBUG) debug(4, "client-loop ..."); #endif /* ** Check if any zombie sockets can be removed */ if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->sock == -1) close_flag = 1; /* Oops, forget it ... */ if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Srv-Ctrl"); #endif /* ** If we have any open data connections, ** make really sure they don't survive. */ if (ctx.cli_data != NULL) ctx.cli_data->kill = 1; if (ctx.srv_data != NULL) ctx.srv_data->kill = 1; /* ** Our client should be informed */ if (ctx.cli_ctrl->kill == 0) { client_respond(421, NULL, "Service not available, " "closing control connection"); } /* ** Don't forget to remove the dead socket */ socket_kill(ctx.srv_ctrl); ctx.srv_ctrl = NULL; } if (ctx.cli_data != NULL && ctx.cli_data->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Cli-Data"); #endif /* ** If we have an outstanding server reply ** (e.g. 226 Transfer complete), send it. */ if (ctx.xfer_rep[0] != '\0') { socket_printf(ctx.cli_ctrl, "%s\r\n", ctx.xfer_rep); memset(ctx.xfer_rep, 0, sizeof(ctx.xfer_rep)); } else { if(ctx.expect == EXP_XFER) ctx.expect = EXP_PTHR; } /* ** Good time for statistics and data reset */ if (ctx.xfer_beg == 0) ctx.xfer_beg = time(NULL); diff = (int) (time(NULL) - ctx.xfer_beg); if (diff < 1) diff = 1; /* ** print our current statistic */ syslog_write(U_INF, "Transfer for %s %s: %s '%s' %s %u/%d byte/sec", ctx.cli_ctrl->peer, ctx.cli_data->ernr ? "failed" : "completed", ctx.xfer_cmd, ctx.xfer_arg, ctx.cli_data->rcnt ? "sent" : "read", ctx.cli_data->rcnt ? ctx.cli_data->rcnt : ctx.cli_data->wcnt, diff); /* ** update session statistics data */ if(ctx.cli_data->rcnt) ctx.xfer_rsec += diff; ctx.xfer_rcnt += ctx.cli_data->rcnt; if(ctx.cli_data->wcnt) ctx.xfer_wsec += diff; ctx.xfer_wcnt += ctx.cli_data->wcnt; /* ** reset data transfer state */ client_data_reset(MOD_RESET); /* ** Doom the corresponding server socket */ if (ctx.srv_data != NULL) ctx.srv_data->kill = 1; /* ** Don't forget to remove the dead socket */ socket_kill(ctx.cli_data); ctx.cli_data = NULL; } if (ctx.srv_data != NULL && ctx.srv_data->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Srv-Data"); #endif /* ** Doom the corresponding client socket if an ** error occured, FailResetsPasv=yes or we ** expect other response than PASV (Netscape!) */ if(ctx.cli_data != NULL) { if(0 != ctx.srv_data->ernr) { ctx.cli_data->ernr = -1; ctx.cli_data->kill = 1; } if(config_bool(NULL,"FailResetsPasv", 0)) { ctx.cli_data->kill = 1; } else if(ctx.expect != EXP_PASV) { ctx.cli_data->kill = 1; } } /* ** Don't forget to remove the dead socket */ socket_kill(ctx.srv_data); ctx.srv_data = NULL; } /* ** Serve the control connections */ if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->rbuf != NULL) { if (socket_gets(ctx.cli_ctrl, str, sizeof(str)) != NULL) client_cli_ctrl_read(str); } if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->rbuf != NULL) { if (socket_gets(ctx.srv_ctrl, str, sizeof(str)) != NULL) client_srv_ctrl_read(str); } /* ** Serve the data connections. This is a bit tricky, ** since all we do is move the buffer pointers. */ if (ctx.cli_data != NULL && ctx.srv_data != NULL) { if (ctx.cli_data->rbuf != NULL) { #if defined(COMPILE_DEBUG) debug(2, "Cli-Data -> Srv-Data"); #endif if (ctx.srv_data->wbuf == NULL) { ctx.srv_data->wbuf = ctx.cli_data->rbuf; } else { for (buf = ctx.srv_data->wbuf; buf && buf->next; buf = buf->next) ; buf->next = ctx.cli_data->rbuf; } ctx.cli_data->rbuf = NULL; } if (ctx.srv_data->rbuf != NULL) { #if defined(COMPILE_DEBUG) debug(2, "Srv-Data -> Cli-Data"); #endif if (ctx.cli_data->wbuf == NULL) { ctx.cli_data->wbuf = ctx.srv_data->rbuf; } else { for (buf = ctx.cli_data->wbuf; buf && buf->next; buf = buf->next) ; buf->next = ctx.srv_data->rbuf; } ctx.srv_data->rbuf = NULL; } } /* at this point the main loop resumes ... */ } /* ** Display basic session statistics... ** in secs since session begin ** downloads / read (xfer-reads from server) ** uploads / send (xfer-sends from server) */ syslog_write(U_INF, "closing connect from %s after %d secs - " "read %d/%d, sent %d/%d byte/sec", ctx.cli_ctrl ? ctx.cli_ctrl->peer : "unknown peer", time(NULL)-ctx.sess_beg, ctx.xfer_wcnt, ctx.xfer_wsec, ctx.xfer_rcnt, ctx.xfer_rsec); /* ** Free allocated memory */ ctx.magic_auth = NULL; if (ctx.userauth != NULL) { misc_free(FL, ctx.userauth); ctx.userauth = NULL; } if (ctx.username != NULL) { misc_free(FL, ctx.username); ctx.username = NULL; } if(ctx.userpass != NULL) { misc_free(FL, ctx.userpass); ctx.userpass = NULL; } #if defined(COMPILE_DEBUG) debug(1, "}}}}} %s client-exit", misc_getprog()); #endif exit(EXIT_SUCCESS); }
static int client_setup_file(CONTEXT *ctx, char *who) { char *p; u_int16_t l, u; /* ** little bit sanity check */ if( !(ctx && who && *who)) { return -1; } /* ** Inform the auditor that we are using the config file */ syslog_write(U_INF, "[ %s ] reading data for '%s' from cfg-file", ctx->cli_ctrl->peer, who); /* ** Evaluate DestinationAddress, except we have magic_addr */ if (INADDR_ANY != ctx->magic_addr) { ctx->srv_addr = ctx->magic_addr; } else { ctx->srv_addr = config_addr(who, "DestinationAddress", INADDR_ANY); #if defined(COMPILE_DEBUG) debug(2, "[ %s ] file DestAddr for %s: '%s'", ctx->cli_ctrl->peer, ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr)); #endif } /* ** Evaluate DestinationPort, except we have magic_port */ if (INPORT_ANY != ctx->magic_port) { ctx->srv_port = ctx->magic_port; } else { ctx->srv_port = config_port(who, "DestinationPort", IPPORT_FTP); #if defined(COMPILE_DEBUG) debug(2, "[ %s ] file DestPort for %s: %d", ctx->cli_ctrl->peer, ctx->cli_ctrl->peer, (int) ctx->srv_port); #endif } /* ** Evaluate the destination transfer mode */ p = config_str(who, "DestinationTransferMode", "client"); if(0 == strcasecmp(p, "active")) { ctx->srv_mode = MOD_ACT_FTP; } else if(0 == strcasecmp(p, "passive")) { ctx->srv_mode = MOD_PAS_FTP; } else if(0 == strcasecmp(p, "client")) { ctx->srv_mode = MOD_CLI_FTP; } else { syslog_error("can't eval DestMode for %s", ctx->cli_ctrl->peer); return -1; } #if defined(COMPILE_DEBUG) debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p); #endif /* ** Evaluate min/max destination port range */ l = config_port(who, "DestinationMinPort", INPORT_ANY); u = config_port(who, "DestinationMaxPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->srv_lrng = l; ctx->srv_urng = u; } else { ctx->srv_lrng = INPORT_ANY; ctx->srv_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->srv_lrng, ctx->srv_urng); #endif /* ** Evaluate min/max active port range */ l = config_port(who, "ActiveMinDataPort", INPORT_ANY); u = config_port(who, "ActiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->act_lrng = l; ctx->act_urng = u; } else { /* do not try to bind a port < 1024 if running as UID != 0 */ if(0 == getuid()) { ctx->act_lrng = (IPPORT_FTP - 1); ctx->act_urng = (IPPORT_FTP - 1); } else { ctx->act_lrng = INPORT_ANY; ctx->act_urng = INPORT_ANY; } } #if defined(COMPILE_DEBUG) debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->act_lrng, ctx->act_urng); #endif /* ** Evaluate min/max passive port range */ l = config_port(who, "PassiveMinDataPort", INPORT_ANY); u = config_port(who, "PassiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->pas_lrng = l; ctx->pas_urng = u; } else { ctx->pas_lrng = INPORT_ANY; ctx->pas_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->pas_lrng, ctx->pas_urng); #endif /* ** Setup other configuration options */ ctx->same_adr = config_bool(who, "SameAddress", 1); ctx->timeout = config_int (who, "TimeOut", 900); #if defined(COMPILE_DEBUG) debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer, ctx->same_adr ? "yes" : "no"); debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout); #endif /*** Adjust the allow/deny flags for the commands ** Fred patch */ char dest[17]; char ipdest[17]; char ipsrc[17]; strcpy (ipsrc,ctx->cli_ctrl->peer); strcpy (ipdest, socket_addr2str(ctx->srv_addr)); syslog_write(U_INF, "\n"); syslog_write(U_INF, "[ %s ] Fred Patch rules dest: %s src: %s", ipsrc, ipdest, ipsrc); char groupname[]="group"; char commandename[]="ValidCommands"; char *group; FILE *fp; group = "group1"; int ix; int ix2; u_int32_t dnsaddr; for(ix=1; group != NULL; ix++) { sprintf (&groupname[5],"%d",ix); group = config_str(who, groupname, NULL); } syslog_write(U_INF, "[ %s ] Number of groups: %d", ipsrc, ix-2); for (ix2=1; ix2 <= ix-2; ix2++) { sprintf (&groupname[5],"%d",ix2); group = config_str(who, groupname, NULL); syslog_write(U_INF, "[ %s ] Reading: %s",ipsrc, group ); if ((fp = fopen(group, "r")) == NULL) { syslog_write(U_INF, "File not found"); return 0; } else { fseek(fp, 0, SEEK_SET); while (fgets(dest, 17 , fp) != NULL) { // Pour une IP // Correction Bug Ligne sans \n dest[16] = '\n'; char *c = strchr (dest, '\n'); *c = 0; /* Dns resolution */ if (ipdest != dest) { dnsaddr = socket_str2addr(dest, INADDR_ANY); if (dnsaddr != 0) strcpy (dest, socket_addr2str(dnsaddr)); } if (strcmp(dest,ipdest) == 0 || strcmp(dest,ipsrc) == 0) { sprintf (&commandename[13],"%d",ix); p = config_str(who,commandename, NULL); cmds_set_allow(p); syslog_write(U_INF, "[ %s ] Apply rules for: %s dst: %s",ipsrc, ipsrc, ipdest); syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group ); syslog_write(U_INF, "\n"); fclose(fp); return 0; } // Network if (strchr(dest, 'x') != NULL) { char *c = strchr(dest, 'x'); *c = 0; int longueur; longueur = strlen(dest); if (strncmp(dest,ipdest,longueur) == 0 || strncmp(dest,ipsrc,longueur) == 0) { sprintf (&commandename[13],"%d",ix); p = config_str(who,commandename, NULL); cmds_set_allow(p); syslog_write(U_INF, "[ %s ] Apply rules for Network: %s src: %s",ipsrc, ipdest, ipsrc); syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group ); syslog_write(U_INF, "\n"); fclose(fp); return 0; } } } fclose(fp); } } syslog_write(U_INF, "[ %s ] Oh, Oh, no rule found -> defaultrules", ipsrc) ; p = config_str(who, "defaultrules", NULL); cmds_set_allow(p); return 0; }