示例#1
0
int
main(int argc, const char* argv[])
{
    struct vsf_session the_session =
    {
        /* Control connection */
        0, 0, 0,
        /* Data connection */
        -1, 0, -1, 0, 0, 0, 0,
        /* Login */
        1, INIT_MYSTR, INIT_MYSTR,
        /* Protocol state */
        0, 1, INIT_MYSTR, 0, 0,
        /* Session state */
        0,
        /* Userids */
        -1, -1, -1,
        /* Pre-chroot() cache */
        INIT_MYSTR, INIT_MYSTR, INIT_MYSTR, INIT_MYSTR, 1,
        /* Logging */
        -1, -1, INIT_MYSTR, 0, 0, 0, INIT_MYSTR, 0,
        /* Buffers */
        INIT_MYSTR, INIT_MYSTR,
        /* Parent <-> child comms */
        -1, -1,
        /* Number of clients */
        0, 0,
        /* Home directory */
        INIT_MYSTR,
        /* Secure connection state */
        0, 0, 0, 0, 0, 0, -1, -1
    };
    int config_specified = 0;
    const char* p_config_name = VSFTP_DEFAULT_CONFIG;
    /* Zero or one argument supported. If one argument is passed, it is the
     * path to the config file
     */
    if (argc > 2)
    {
        die("vsftpd: too many arguments (I take an optional config file only)");
    }
    else if (argc == 0)
    {
        die("vsftpd: missing argv[0]");
    }
    if (argc == 2)
    {
        if (!vsf_sysutil_strcmp(argv[1], "-v"))
        {
            vsf_exit("vsftpd: version " VSF_VERSION "\n");
        }
        p_config_name = argv[1];
        config_specified = 1;
    }
    /* This might need to open /dev/zero on systems lacking MAP_ANON. Needs
     * to be done early (i.e. before config file parse, which may use
     * anonymous pages
     */
    vsf_sysutil_map_anon_pages_init();
    /* Parse config file if it's there */
    {
        struct vsf_sysutil_statbuf* p_statbuf = 0;
        int retval = vsf_sysutil_stat(p_config_name, &p_statbuf);
        if (!vsf_sysutil_retval_is_error(retval))
        {
            vsf_parseconf_load_file(p_config_name, 1);
        }
        else if (config_specified)
        {
            die2("vsftpd: cannot open config file:", p_config_name);
        }
        vsf_sysutil_free(p_statbuf);
    }
    if (!tunable_run_as_launching_user)
    {
        /* Just get out unless we start with requisite privilege */
        die_unless_privileged();
    }
    if (tunable_setproctitle_enable)
    {
        /* Warning -- warning -- may nuke argv, environ */
        vsf_sysutil_setproctitle_init(argc, argv);
    }
    /* Initialize the SSL system here if needed - saves the overhead of each
     *  child doing this itself.
     */
    if (tunable_ssl_enable)
    {
        ssl_init(&the_session);
    }
    if (tunable_listen || tunable_listen_ipv6)
    {
        /* Standalone mode */
        struct vsf_client_launch ret = vsf_standalone_main();
        the_session.num_clients = ret.num_children;
        the_session.num_this_ip = ret.num_this_ip;
    }
    /* Sanity checks - exit with a graceful error message if our STDIN is not
     * a socket. Also check various config options don't collide.
     */
    do_sanity_checks();
    /* Initializes session globals - e.g. IP addr's etc. */
    session_init(&the_session);
    /* Set up "environment", e.g. process group etc. */
    env_init();
    /* Set up logging - must come after global init because we need the remote
     * address to convert into text
     */
    vsf_log_init(&the_session);
    str_alloc_text(&the_session.remote_ip_str,
                   vsf_sysutil_inet_ntop(the_session.p_remote_addr));
    /* Set up options on the command socket */
    vsf_cmdio_sock_setup();
    if (tunable_setproctitle_enable)
    {
        vsf_sysutil_set_proctitle_prefix(&the_session.remote_ip_str);
        vsf_sysutil_setproctitle("connected");
    }
    /* We might chroot() very soon (one process model), so we need to open
     * any required config files here.
     */
    if (tunable_tcp_wrappers)
    {
        the_session.tcp_wrapper_ok = vsf_tcp_wrapper_ok(VSFTP_COMMAND_FD);
    }
    {
        const char* p_load_conf = vsf_sysutil_getenv("VSFTPD_LOAD_CONF");
        if (p_load_conf)
        {
            vsf_parseconf_load_file(p_load_conf, 1);
        }
    }
    /* SSL may have been enabled by a per-IP configuration.. */
    if (tunable_ssl_enable)
    {
        ssl_init(&the_session);
    }
    if (tunable_deny_email_enable)
    {
        int retval = str_fileread(&the_session.banned_email_str,
                                  tunable_banned_email_file, VSFTP_CONF_FILE_MAX);
        if (vsf_sysutil_retval_is_error(retval))
        {
            die2("cannot open anon e-mail list file:", tunable_banned_email_file);
        }
    }
    if (tunable_banner_file)
    {
        int retval = str_fileread(&the_session.banner_str, tunable_banner_file,
                                  VSFTP_CONF_FILE_MAX);
        if (vsf_sysutil_retval_is_error(retval))
        {
            die2("cannot open banner file:", tunable_banner_file);
        }
    }
    if (tunable_secure_email_list_enable)
    {
        int retval = str_fileread(&the_session.email_passwords_str,
                                  tunable_email_password_file,
                                  VSFTP_CONF_FILE_MAX);
        if (vsf_sysutil_retval_is_error(retval))
        {
            die2("cannot open email passwords file:", tunable_email_password_file);
        }
    }
    /* Special case - can force one process model if we've got a setup
     * needing _no_ privs
     */
    if (!tunable_local_enable && !tunable_connect_from_port_20 &&
            !tunable_chown_uploads)
    {
        tunable_one_process_model = 1;
    }
    if (tunable_run_as_launching_user)
    {
        tunable_one_process_model = 1;
        if (!vsf_sysutil_running_as_root())
        {
            tunable_connect_from_port_20 = 0;
            tunable_chown_uploads = 0;
        }
    }
    if (tunable_one_process_model)
    {
        vsf_one_process_start(&the_session);
    }
    else
    {
        vsf_two_process_start(&the_session);
    }
    /* NOTREACHED */
    bug("should not get here: main");
    return 1;
}
示例#2
0
int
vsf_sysdep_check_auth(struct mystr* p_user_str,
                      const struct mystr* p_pass_str,
                      const struct mystr* p_remote_host)
{
  /* Padavan */
  (void) p_remote_host;
  return asus_check_auth(p_user_str, p_pass_str);
#if 0
  const char* p_crypted;
  const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str));
  (void) p_remote_host;
  if (p_pwd == NULL)
  {
    return 0;
  }
  #ifdef VSF_SYSDEP_HAVE_USERSHELL
  if (tunable_check_shell)
  {
    const char* p_shell;
    while ((p_shell = getusershell()) != NULL)
    {
      if (!vsf_sysutil_strcmp(p_shell, p_pwd->pw_shell))
      {
        break;
      }
    }
    endusershell();
    if (p_shell == NULL)
    {
      return 0;
    }
  }
  #endif
  #ifdef VSF_SYSDEP_HAVE_SHADOW
  {
    const struct spwd* p_spwd = getspnam(str_getbuf(p_user_str));
    if (p_spwd != NULL)
    {
      long curr_time = vsf_sysutil_get_time_sec();
      int days;
      days = curr_time / (60 * 60 * 24);
      if (p_spwd->sp_expire > 0 && p_spwd->sp_expire < days)
      {
        return 0;
      }
      if (p_spwd->sp_lstchg > 0 && p_spwd->sp_max > 0 &&
          p_spwd->sp_lstchg + p_spwd->sp_max < days)
      {
        return 0;
      }
      p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp);
      if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp))
      {
        return 1;
      }
    }
  }
  #endif /* VSF_SYSDEP_HAVE_SHADOW */
  p_crypted = crypt(str_getbuf(p_pass_str), p_pwd->pw_passwd);
  if (!vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd))
  {
    return 1;
  }
  return 0;
#endif
}