Newer
Older
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
*curlib=-1;
return;
}
*curlib=lib;
if(tp==NULL) {
*curdir=-1;
return;
}
p=tp+1;
}
tp=strchr(p,'/');
if(tp!=NULL) {
*tp=0;
tp++;
} else
tp=p+strlen(p);
for(dir=0;dir<scfg.total_dirs;dir++) {
if(scfg.dir[dir]->lib!=lib)
continue;
if(dir!=scfg.sysop_dir && dir!=scfg.upload_dir
&& !chk_ar(&scfg,scfg.dir[dir]->ar,user))
continue;
if(!stricmp(scfg.dir[dir]->code,p))
break;
}
if(dir>=scfg.total_dirs) /* not found */
return;
*curdir=dir;
*pp+=tp-path; /* skip "lib/dir/" */
}
static BOOL ftpalias(char* fullalias, char* filename, user_t* user, int* curdir)
{
char* p;
char* tp;
char* fname="";
char line[512];
char alias[512];
char aliasfile[MAX_PATH+1];
int dir=-1;
FILE* fp;
BOOL result=FALSE;
rswindell
committed
sprintf(aliasfile,"%sftpalias.cfg",scfg.ctrl_dir);
if((fp=fopen(aliasfile,"r"))==NULL)
return(result);
sprintf(alias,"%.*s",(int)sizeof(alias)-1,fullalias);
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
p=strrchr(alias+1,'/');
if(p) {
*p=0;
fname=p+1;
}
while(!feof(fp)) {
if(!fgets(line,sizeof(line)-1,fp))
break;
p=line; /* alias */
while(*p && *p<=' ') p++;
if(*p==';') /* comment */
continue;
tp=p; /* terminator */
while(*tp && *tp>' ') tp++;
if(*tp) *tp=0;
if(stricmp(p,alias)) /* Not a match */
continue;
p=tp+1; /* filename */
while(*p && *p<=' ') p++;
tp=p; /* terminator */
while(*tp && *tp>' ') tp++;
if(*tp) *tp=0;
if(!strnicmp(p,BBS_VIRTUAL_PATH,strlen(BBS_VIRTUAL_PATH))) {
if((dir=getdir(p+strlen(BBS_VIRTUAL_PATH),user))<0) {
lprintf("0000 !Invalid virtual path (%s) for %s",p,user->alias);
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
/* invalid or no access */
continue;
}
p=strrchr(p,'/');
if(p!=NULL) p++;
if(p!=NULL && filename!=NULL) {
if(*p)
sprintf(filename,"%s%s",scfg.dir[dir]->path,p);
else
sprintf(filename,"%s%s",scfg.dir[dir]->path,fname);
}
} else if(filename!=NULL)
strcpy(filename,p);
result=TRUE; /* success */
break;
}
fclose(fp);
if(curdir!=NULL)
*curdir=dir;
return(result);
}
char* root_dir(char* path)
{
char* p;
static char root[MAX_PATH+1];
sprintf(root,"%.*s",(int)sizeof(root)-1,path);
if(!strncmp(root,"\\\\",2)) { /* network path */
p=strchr(root+2,'\\');
if(p) p=strchr(p+1,'\\');
if(p) *(p+1)=0; /* truncate at \\computer\sharename\ */
}
else if(!strncmp(root+1,":/",2) || !strncmp(root+1,":\\",2))
root[3]=0;
else if(*root=='/' || *root=='\\')
root[1]=0;
return(root);
}
char* vpath(int lib, int dir, char* str)
{
strcpy(str,"/");
if(lib<0)
return(str);
strcat(str,scfg.lib[lib]->sname);
if(dir<0)
return(str);
strcat(str,scfg.dir[dir]->code);
return(str);
}
static BOOL badlogin(SOCKET sock, ulong* login_attempts)
{
mswait(5000); /* As recommended by RFC2577 */
if(++(*login_attempts)>=3) {
sockprintf(sock,"421 Too many failed login attempts.");
return(TRUE);
}
sockprintf(sock,"530 Invalid login.");
return(FALSE);
}
static void ctrl_thread(void* arg)
{
char buf[512];
char str[128];
char* cmd;
char* p;
char* np;
char* tp;
char password[64];
char fname[MAX_PATH+1];
char qwkfile[MAX_PATH+1];
char aliasfile[MAX_PATH+1];
char aliasline[512];
char desc[501]="";
char sys_pass[128];
char* host_name;
char host_ip[64];
char path[MAX_PATH+1];
char local_dir[MAX_PATH+1];
char ren_from[MAX_PATH+1]="";
char html_index_ext[MAX_PATH+1];
WORD port;
ulong ip_addr;
int addr_len;
DWORD h1,h2,h3,h4;
u_short p1,p2; /* For PORT command */
int i;
int rd;
int file;
int result;
int lib;
int dir;
int curlib=-1;
int curdir=-1;
int orglib;
int orgdir;
long filepos=0L;
long timeleft;
ulong l;
ulong login_attempts=0;
ulong avail; /* disk space */
BOOL detail;
BOOL success;
BOOL getdate;
BOOL getsize;
rswindell
committed
BOOL delecmd;
BOOL delfile;
BOOL tmpfile;
BOOL credits;
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
BOOL transfer_inprogress;
BOOL transfer_aborted;
BOOL sysop=FALSE;
BOOL local_fsys=FALSE;
BOOL alias_dir;
FILE* fp;
FILE* alias_fp;
SOCKET sock;
SOCKET pasv_sock=INVALID_SOCKET;
SOCKET data_sock=INVALID_SOCKET;
HOSTENT* host;
SOCKADDR_IN addr;
SOCKADDR_IN data_addr;
SOCKADDR_IN pasv_addr;
ftp_t ftp=*(ftp_t*)arg;
user_t user;
time_t t;
time_t now;
time_t logintime;
time_t lastactive;
file_t f;
rswindell
committed
glob_t g;
node_t node;
client_t client;
struct tm tm;
struct tm * tm_p;
struct tm cur_tm;
rswindell
committed
JSRuntime* js_runtime=NULL;
JSObject* js_ftp;
thread_up();
lastactive=time(NULL);
sock=ftp.socket;
data_addr=ftp.client_addr;
/* Default data port is ctrl port-1 */
data_addr.sin_port=ntohs(data_addr.sin_port)-1;
data_addr.sin_port=htons(data_addr.sin_port);
lprintf("%04d CTRL thread started", sock);
free(arg); /* unexplicable assertion here on July 26, 2001 */
if(startup->answer_sound[0] && !(startup->options&FTP_OPT_MUTE))
PlaySound(startup->answer_sound, NULL, SND_ASYNC|SND_FILENAME);
rswindell
committed
transfer_inprogress = FALSE;
transfer_aborted = FALSE;
l=1;
if((i=ioctlsocket(sock, FIONBIO, &l))!=0) {
lprintf("%04d !ERROR %d (%d) disabling socket blocking"
,sock, i, ERROR_VALUE);
sockprintf(sock,"425 Error %d disabling socket blocking"
,ERROR_VALUE);
rswindell
committed
ftp_close_socket(&sock,__LINE__);
thread_down();
return;
}
memset(&user,0,sizeof(user));
strcpy(host_ip,inet_ntoa(ftp.client_addr.sin_addr));
lprintf ("%04d CTRL connection accepted from: %s port %u"
,sock, host_ip, ntohs(ftp.client_addr.sin_port));
if(startup->options&FTP_OPT_NO_HOST_LOOKUP)
host=NULL;
else
host=gethostbyaddr ((char *)&ftp.client_addr.sin_addr
,sizeof(ftp.client_addr.sin_addr),AF_INET);
if(host!=NULL && host->h_name!=NULL)
host_name=host->h_name;
else
host_name="<no name>";
if(!(startup->options&FTP_OPT_NO_HOST_LOOKUP))
lprintf("%04d Hostname: %s", sock, host_name);
if(trashcan(&scfg,host_ip,"ip")) {
lprintf("%04d !CLIENT BLOCKED in ip.can: %s", sock, host_ip);
sockprintf(sock,"550 Access denied.");
rswindell
committed
ftp_close_socket(&sock,__LINE__);
thread_down();
return;
}
if(trashcan(&scfg,host_name,"host")) {
lprintf("%04d !CLIENT BLOCKED in host.can: %s", sock, host_name);
sockprintf(sock,"550 Access denied.");
rswindell
committed
ftp_close_socket(&sock,__LINE__);
thread_down();
return;
}
/* For PASV mode */
addr_len=sizeof(pasv_addr);
if((result=getsockname(sock, (struct sockaddr *)&pasv_addr,&addr_len))!=0) {
lprintf("%04d !ERROR %d (%d) getting address/port", sock, result, ERROR_VALUE);
sockprintf(sock,"425 Error %d getting address/port",ERROR_VALUE);
rswindell
committed
ftp_close_socket(&sock,__LINE__);
thread_down();
return;
}
active_clients++;
update_clients();
/* Initialize client display */
client.size=sizeof(client);
client.time=time(NULL);
sprintf(client.addr,"%.*s",(int)sizeof(client.addr)-1,host_ip);
sprintf(client.host,"%.*s",(int)sizeof(client.host)-1,host_name);
client.port=ntohs(ftp.client_addr.sin_port);
client.protocol="FTP";
client.user="<unknown>";
client_on(sock,&client);
sockprintf(sock,"220-%s (%s)",scfg.sys_name, scfg.sys_inetaddr);
sockprintf(sock," Synchronet FTP Server for %s v%s Ready"
,PLATFORM_DESC,FTP_VERSION);
rswindell
committed
sprintf(str,"%sftplogin.txt",scfg.text_dir);
if((fp=fopen(str,"rb"))!=NULL) {
while(!feof(fp)) {
if(!fgets(buf,sizeof(buf),fp))
break;
truncsp(buf);
sockprintf(sock," %s",buf);
}
fclose(fp);
}
sockprintf(sock,"220 Please enter your user name.");
socket_debug[sock]|=SOCKET_DEBUG_CTRL;
socket_debug[sock]|=SOCKET_DEBUG_READLINE;
rd = sockreadline(sock, buf, sizeof(buf), &lastactive);
socket_debug[sock]&=~SOCKET_DEBUG_READLINE;
if(rd<1) {
if(transfer_inprogress==TRUE)
transfer_aborted=TRUE;
break;
}
truncsp(buf);
lastactive=time(NULL);
cmd=buf;
while(((BYTE)*cmd)==TELNET_IAC) {
cmd++;
lprintf("%04d RX: Telnet cmd: %s",sock,telnet_cmd_desc(*cmd));
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
cmd++;
}
while(*cmd && *cmd<' ') {
lprintf("%04d RX: %d (0x%02X)",sock,(BYTE)*cmd,(BYTE)*cmd);
cmd++;
}
if(!(*cmd))
continue;
if(startup->options&FTP_OPT_DEBUG_RX)
lprintf("%04d RX: %s", sock, cmd);
if(!stricmp(cmd, "NOOP")) {
sockprintf(sock,"200 NOOP command successful.");
continue;
}
if(!stricmp(cmd, "HELP SITE") || !stricmp(cmd, "SITE HELP")) {
sockprintf(sock,"214-The following SITE commands are recognized (* => unimplemented):");
sockprintf(sock," HELP WHO");
sockprintf(sock,"214 Direct comments to sysop@%s.",scfg.sys_inetaddr);
continue;
}
if(!strnicmp(cmd, "HELP",4)) {
sockprintf(sock,"214-The following commands are recognized (* => unimplemented, # => extension):");
sockprintf(sock," USER PASS CWD XCWD CDUP XCUP PWD XPWD");
sockprintf(sock," QUIT REIN PORT PASV LIST NLST NOOP HELP");
sockprintf(sock," SIZE MDTM RETR STOR REST ALLO ABOR SYST");
sockprintf(sock," TYPE STRU MODE SITE RNFR* RNTO* DELE* DESC#");
sockprintf(sock," FEAT# OPTS#");
sockprintf(sock,"214 Direct comments to sysop@%s.",scfg.sys_inetaddr);
continue;
}
if(!stricmp(cmd, "FEAT")) {
sockprintf(sock,"211-The following additional (post-RFC949) features are supported:");
sockprintf(sock," DESC");
sockprintf(sock," MDTM");
sockprintf(sock," SIZE");
sockprintf(sock," REST STREAM");
sockprintf(sock,"211 End");
continue;
}
if(!strnicmp(cmd, "OPTS",4)) {
sockprintf(sock,"501 No options supported.");
continue;
}
if(!stricmp(cmd, "QUIT")) {
rswindell
committed
sprintf(str,"%sftpbye.txt",scfg.text_dir);
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
if((fp=fopen(str,"rb"))!=NULL) {
i=0;
while(!feof(fp)) {
if(!fgets(buf,sizeof(buf),fp))
break;
truncsp(buf);
if(!i)
sockprintf(sock,"221-%s",buf);
else
sockprintf(sock," %s",buf);
i++;
}
fclose(fp);
}
sockprintf(sock,"221 Goodbye. Closing control connection.");
break;
}
if(!strnicmp(cmd, "USER ",5)) {
sysop=FALSE;
user.number=0;
p=cmd+5;
while(*p && *p<=' ') p++;
truncsp(p);
sprintf(user.alias,"%.*s",(int)sizeof(user.alias)-1,p);
user.number=matchuser(&scfg,user.alias,FALSE /*sysop_alias*/);
if(!user.number && !stricmp(user.alias,"anonymous"))
user.number=matchuser(&scfg,"guest",FALSE);
if(user.number && getuserdat(&scfg, &user)==0 && user.pass[0]==0)
sockprintf(sock,"331 User name okay, give your full e-mail address as password.");
else
sockprintf(sock,"331 User name okay, need password.");
continue;
}
if(!strnicmp(cmd, "PASS ",5) && user.alias[0]) {
user.number=0;
p=cmd+5;
while(*p && *p<=' ') p++;
sprintf(password,"%.*s",(int)sizeof(password)-1,p);
user.number=matchuser(&scfg,user.alias,FALSE /*sysop_alias*/);
lprintf("%04d !UNKNOWN USER: %s",sock,user.alias);
if(badlogin(sock,&login_attempts))
break;
continue;
}
if((i=getuserdat(&scfg, &user))!=0) {
lprintf("%04d !ERROR %d getting data for user #%d (%s)"
,sock,i,user.number,user.alias);
sockprintf(sock,"530 Database error %d",i);
user.number=0;
continue;
}
if(user.misc&(DELETED|INACTIVE)) {
lprintf("%04d !DELETED or INACTIVE user #%d (%s)"
,sock,user.number,user.alias);
user.number=0;
if(badlogin(sock,&login_attempts))
break;
continue;
}
if(user.rest&FLAG('T')) {
lprintf("%04d !T RESTRICTED user #%d (%s)"
,sock,user.number,user.alias);
user.number=0;
if(badlogin(sock,&login_attempts))
break;
continue;
}
if(user.ltoday>scfg.level_callsperday[user.level]
&& !(user.exempt&FLAG('L'))) {
lprintf("%04d !MAXIMUM LOGONS (%d) reached for %s"
,sock,scfg.level_callsperday[user.level],user.alias);
sockprintf(sock,"530 Maximum logons reached.");
user.number=0;
continue;
}
if(user.rest&FLAG('L') && user.ltoday>1) {
lprintf("%04d !L RESTRICTED user #%d (%s) already on today"
,sock,user.number,user.alias);
sockprintf(sock,"530 Maximum logons reached.");
user.number=0;
continue;
}
sprintf(sys_pass,"%s:%s",user.pass,scfg.sys_pass);
if(!user.pass[0]) { /* Guest/Anonymous */
if(trashcan(&scfg,password,"email")) {
lprintf("%04d !BLOCKED e-mail address: %s",sock,password);
user.number=0;
if(badlogin(sock,&login_attempts))
break;
continue;
}
lprintf("%04d %s: <%s>",sock,user.alias,password);
putuserrec(&scfg,user.number,U_NETMAIL,LEN_NETMAIL,password);
}
else if(user.level>=SYSOP_LEVEL && !stricmp(password,sys_pass)) {
lprintf("%04d Sysop access granted to %s", sock, user.alias);
sysop=TRUE;
}
else if(stricmp(password,user.pass)) {
rswindell
committed
if(scfg.sys_misc&SM_ECHO_PW)
lprintf("%04d !FAILED Password attempt for user %s: '%s' expected '%s'"
rswindell
committed
,sock, user.alias, password, user.pass);
else
lprintf("%04d !FAILED Password attempt for user %s"
rswindell
committed
,sock, user.alias);
if(badlogin(sock,&login_attempts))
break;
continue;
}
/* Update client display */
if(user.pass[0])
client.user=user.alias;
else { /* anonymous */
sprintf(str,"%s <%.32s>",user.alias,password);
client.user=str;
}
client_on(sock,&client);
lprintf("%04d %s logged in.",sock,user.alias);
logintime=time(NULL);
timeleft=gettimeleft(&scfg,&user,logintime);
rswindell
committed
sprintf(str,"%sftphello.txt",scfg.text_dir);
if((fp=fopen(str,"rb"))!=NULL) {
i=0;
while(!feof(fp)) {
if(!fgets(buf,sizeof(buf),fp))
break;
truncsp(buf);
if(!i)
sockprintf(sock,"230-%s",buf);
else
sockprintf(sock," %s",buf);
i++;
}
fclose(fp);
}
#ifdef JAVASCRIPT
#ifdef JS_CX_PER_SESSION
if(js_CreateUserClass(js_cx, js_glob, &scfg)==NULL)
lprintf("%04d !JavaScript ERROR creating user class",sock);
if(js_CreateUserObject(js_cx, js_glob, &scfg, "user", user.number)==NULL)
lprintf("%04d !JavaScript ERROR creating user object",sock);
if(js_CreateClientObject(js_cx, js_glob, "client", &client, sock)==NULL)
lprintf("%04d !JavaScript ERROR creating client object",sock);
if(js_CreateFileAreaObject(js_cx, js_glob, &scfg, &user
,startup->html_index_file)==NULL)
lprintf("%04d !JavaScript ERROR creating file area object",sock);
#endif
if(sysop)
sockprintf(sock,"230-Sysop access granted.");
sockprintf(sock,"230-%s logged in.",user.alias);
if(!(user.exempt&FLAG('D')) && (user.cdt+user.freecdt)>0)
sockprintf(sock,"230-You have %lu download credits."
,user.cdt+user.freecdt);
sockprintf(sock,"230 You are allowed %lu minutes of use for this session."
rswindell
committed
sprintf(qwkfile,"%sfile/%04d.qwk",scfg.data_dir,user.number);
/* Adjust User Total Logons/Logons Today */
adjustuserrec(&scfg,user.number,U_LOGONS,5,1);
putuserrec(&scfg,user.number,U_LTODAY,5,ultoa(user.ltoday+1,str,10));
putuserrec(&scfg,user.number,U_MODEM,LEN_MODEM,"FTP");
putuserrec(&scfg,user.number,U_COMP,LEN_COMP,host_name);
putuserrec(&scfg,user.number,U_NOTE,LEN_NOTE,host_ip);
getuserdat(&scfg, &user); /* make user current */
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
continue;
}
if(!user.number) {
sockprintf(sock,"530 Please login with USER and PASS.");
continue;
}
if((timeleft=gettimeleft(&scfg,&user,logintime))<1L) {
sockprintf(sock,"421 Sorry, you've run out of time.");
lprintf("%04d Out of time, disconnecting",sock);
break;
}
/********************************/
/* These commands require login */
/********************************/
if(!stricmp(cmd, "REIN")) {
lprintf("%04d %s reinitialized control session",sock,user.alias);
user.number=0;
sysop=FALSE;
filepos=0;
sockprintf(sock,"220 Control session re-initialized. Ready for re-login.");
continue;
}
if(!stricmp(cmd, "SITE WHO")) {
sockprintf(sock,"211-Active users");
for(i=0;i<scfg.sys_nodes && i<scfg.sys_lastnode;i++) {
if((result=getnodedat(&scfg, i+1, &node, 0))!=0) {
sockprintf(sock," Error %d getting data for Telnet Node %d",result,i+1);
continue;
}
if(node.status==NODE_INUSE)
sockprintf(sock," Telnet Node %3d: %s",i+1, username(&scfg,node.useron,str));
}
sockprintf(sock,"211 End");
continue;
}
if(!stricmp(cmd, "SITE DEBUG")) {
sockprintf(sock,"211-Debug");
for(i=0;i<sizeof(socket_debug);i++)
if(socket_debug[i]!=0)
sockprintf(sock,"211-socket %d = %X",i,socket_debug[i]);
sockprintf(sock,"211 End");
continue;
}
if(!strnicmp(cmd, "PORT ",5)) {
p=cmd+5;
while(*p && *p<=' ') p++;
sscanf(p,"%ld,%ld,%ld,%ld,%hd,%hd",&h1,&h2,&h3,&h4,&p1,&p2);
data_addr.sin_addr.s_addr=htonl((h1<<24)|(h2<<16)|(h3<<8)|h4);
data_addr.sin_port=(u_short)((p1<<8)|p2);
if(data_addr.sin_port<1024) {
lprintf("%04d !SUSPECTED BOUNCE ATTACK ATTEMPT by %s to %s port %u"
,sock,user.alias
,inet_ntoa(data_addr.sin_addr),data_addr.sin_port);
hacklog(&scfg, "FTP", user.alias, cmd, host_name, &ftp.client_addr);
sockprintf(sock,"504 Bad port number.");
#ifdef _WIN32
if(startup->hack_sound[0] && !(startup->options&FTP_OPT_MUTE))
PlaySound(startup->hack_sound, NULL, SND_ASYNC|SND_FILENAME);
#endif
continue; /* As recommended by RFC2577 */
}
data_addr.sin_port=htons(data_addr.sin_port);
sockprintf(sock,"200 PORT Command successful.");
continue;
}
if(!stricmp(cmd, "PASV")) {
if(pasv_sock!=INVALID_SOCKET)
rswindell
committed
ftp_close_socket(&pasv_sock,__LINE__);
rswindell
committed
if((pasv_sock=ftp_open_socket(SOCK_STREAM))==INVALID_SOCKET) {
lprintf("%04d !PASV ERROR %d opening socket", sock,ERROR_VALUE);
sockprintf(sock,"425 Error %d opening PASV data socket", ERROR_VALUE);
continue;
}
if(startup->options&FTP_OPT_DEBUG_DATA)
lprintf("%04d PASV DATA socket %d opened",sock,pasv_sock);
pasv_addr.sin_port = 0;
if((result=bind(pasv_sock, (struct sockaddr *) &pasv_addr,sizeof(pasv_addr)))!= 0) {
lprintf("%04d !PASV ERROR %d (%d) binding socket", sock, result, ERROR_VALUE);
sockprintf(sock,"425 Error %d binding data socket",ERROR_VALUE);
rswindell
committed
ftp_close_socket(&pasv_sock,__LINE__);
continue;
}
addr_len=sizeof(addr);
if((result=getsockname(pasv_sock, (struct sockaddr *)&addr,&addr_len))!=0) {
lprintf("%04d !PASV ERROR %d (%d) getting address/port", sock, result, ERROR_VALUE);
sockprintf(sock,"425 Error %d getting address/port",ERROR_VALUE);
rswindell
committed
ftp_close_socket(&pasv_sock,__LINE__);
continue;
}
if((result=listen(pasv_sock, 1))!= 0) {
lprintf("%04d !PASV ERROR %d (%d) listening on socket", sock, result, ERROR_VALUE);
sockprintf(sock,"425 Error %d listening on data socket",ERROR_VALUE);
rswindell
committed
ftp_close_socket(&pasv_sock,__LINE__);
ip_addr=ntohl(pasv_addr.sin_addr.s_addr);
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
port=ntohs(addr.sin_port);
sockprintf(sock,"227 Entering Passive Mode (%d,%d,%d,%d,%hd,%hd)"
,(ip_addr>>24)&0xff
,(ip_addr>>16)&0xff
,(ip_addr>>8)&0xff
,ip_addr&0xff
,(port>>8)&0xff
,port&0xff
);
continue;
}
if(!strnicmp(cmd, "TYPE ",5)) {
sockprintf(sock,"200 All files sent in BINARY mode.");
continue;
}
if(!strnicmp(cmd, "ALLO",4)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(*p)
l=atol(p);
else
l=0;
if(local_fsys)
avail=getfreediskspace(local_dir);
else
avail=getfreediskspace(scfg.data_dir); /* Change to temp_dir? */
if(l && l>avail)
sockprintf(sock,"504 Only %lu bytes available.",avail);
sockprintf(sock,"200 %lu bytes available.",avail);
continue;
}
if(!strnicmp(cmd, "REST",4)) {
p=cmd+4;
while(*p && *p<=' ') p++;
if(*p)
filepos=atol(p);
else
filepos=0;
sockprintf(sock,"350 Restarting at %lu. Send STORE or RETRIEVE to initiate transfer."
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
continue;
}
if(!strnicmp(cmd, "MODE ",5)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(toupper(*p)!='S')
sockprintf(sock,"504 Only STREAM mode supported.");
else
sockprintf(sock,"200 STREAM mode.");
continue;
}
if(!strnicmp(cmd, "STRU ",5)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(toupper(*p)!='F')
sockprintf(sock,"504 Only FILE structure supported.");
else
sockprintf(sock,"200 FILE structure.");
continue;
}
if(!stricmp(cmd, "SYST")) {
sockprintf(sock,"215 UNIX Type: L8");
continue;
}
if(!stricmp(cmd, "ABOR")) {
if(!transfer_inprogress)
sockprintf(sock,"226 No tranfer in progress.");
else {
transfer_aborted=TRUE;
mswait(1); /* give send thread time to abort */
sockprintf(sock,"226 Transfer aborted.");
}
continue;
}
if(!strnicmp(cmd,"SMNT ",5) && sysop && !(startup->options&FTP_OPT_NO_LOCAL_FSYS)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(!stricmp(p,BBS_FSYS_DIR))
local_fsys=FALSE;
else {
if(!direxist(p)) {
sockprintf(sock,"550 Directory does not exist.");
lprintf("%04d !%s attempted to mount invalid directory: %s"
,sock, user.alias, p);
continue;
}
local_fsys=TRUE;
sprintf(local_dir,"%.*s",(int)sizeof(local_dir)-1,p);
}
sockprintf(sock,"250 %s file system mounted."
,local_fsys ? "Local" : "BBS");
lprintf("%04d %s mounted %s file system"
,sock, user.alias, local_fsys ? "local" : "BBS");
continue;
}
/****************************/
/* Local File System Access */
/****************************/
if(sysop && local_fsys && !(startup->options&FTP_OPT_NO_LOCAL_FSYS)) {
if(local_dir[0]
&& local_dir[strlen(local_dir)-1]!='\\'
&& local_dir[strlen(local_dir)-1]!='/')
strcat(local_dir,"/");
if(!strnicmp(cmd, "LIST", 4) || !strnicmp(cmd, "NLST", 4)) {
sprintf(fname,"%sftp%d.tx", scfg.data_dir, sock);
if((fp=fopen(fname,"w+b"))==NULL) {
lprintf("%04d !ERROR %d opening %s",sock,errno,fname);
sockprintf(sock, "451 Insufficient system storage");
continue;
}
if(!strnicmp(cmd, "LIST", 4))
detail=TRUE;
else
detail=FALSE;
p=cmd+4;
while(*p && *p<=' ') p++;
rswindell
committed
sprintf(path,"%s%s",local_dir, *p ? p : "*");
lprintf("%04d %s listing: %s", sock, user.alias, path);
sockprintf(sock, "150 Directory of %s%s", local_dir, p);
rswindell
committed
glob(path,0,NULL,&g);
for(i=0;i<(int)g.gl_pathc;i++) {
rswindell
committed
f.size=flength(g.gl_pathv[i]);
t=fdate(g.gl_pathv[i]);
tm_p=localtime(&t);
if(tm_p==NULL)
memset(&tm,0,sizeof(tm));
else
tm=*tm_p;
fprintf(fp,"%crw-r--r-- 1 %-8s local %9ld %s %2d "
rswindell
committed
,isdir(g.gl_pathv[i]) ? 'd':'-'
,scfg.sys_id
,f.size
,mon[tm.tm_mon],tm.tm_mday);
if(tm.tm_year==cur_tm.tm_year)
fprintf(fp,"%02d:%02d %s\r\n"
,tm.tm_hour,tm.tm_min
rswindell
committed
,getfname(g.gl_pathv[i]));
else
fprintf(fp,"%5d %s\r\n"
,1900+tm.tm_year
rswindell
committed
,getfname(g.gl_pathv[i]));
rswindell
committed
fprintf(fp,"%s\r\n",getfname(g.gl_pathv[i]));
rswindell
committed
globfree(&g);
fclose(fp);
filexfer(&data_addr,sock,pasv_sock,&data_sock,fname,0L
,&transfer_inprogress,&transfer_aborted
,TRUE /* delfile */
,TRUE /* tmpfile */
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
,&lastactive,&user,-1,FALSE,FALSE,FALSE,NULL);
continue;
} /* Local LIST/NLST */
if(!strnicmp(cmd, "CWD ", 4) || !strnicmp(cmd,"XCWD ",5)) {
if(!strnicmp(cmd,"CWD ",4))
p=cmd+4;
else
p=cmd+5;
while(*p && *p<=' ') p++;
tp=p;
if(*tp=='/' || *tp=='\\') /* /local: and /bbs: are valid */
tp++;
if(!strnicmp(tp,BBS_FSYS_DIR,strlen(BBS_FSYS_DIR))) {
local_fsys=FALSE;
sockprintf(sock,"250 CWD command successful (BBS file system mounted).");
lprintf("%04d %s mounted BBS file system", sock, user.alias);
continue;
}
if(!strnicmp(tp,LOCAL_FSYS_DIR,strlen(LOCAL_FSYS_DIR))) {
tp+=strlen(LOCAL_FSYS_DIR); /* already mounted */
p=tp;
}
if(p[1]==':' || !strncmp(p,"\\\\",2))
strcpy(path,p);
else if(*p=='/' || *p=='\\')
sprintf(path,"%s%s",root_dir(local_dir),p);
else {
sprintf(fname,"%s%s",local_dir,p);
_fullpath(path,fname,sizeof(path));
}
if(!direxist(path)) {
sockprintf(sock,"550 Directory does not exist (%s).",path);
lprintf("%04d !%s attempted to change to an invalid directory: %s"
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
,sock, user.alias, path);
} else {
strcpy(local_dir,path);
sockprintf(sock,"250 CWD command successful (%s).", local_dir);
}
continue;
} /* Local CWD */
if(!stricmp(cmd,"CDUP") || !stricmp(cmd,"XCUP")) {
sprintf(path,"%s..",local_dir);
if(_fullpath(local_dir,path,sizeof(local_dir))==NULL)
sockprintf(sock,"550 Directory does not exist.");
else
sockprintf(sock,"200 CDUP command successful.");
continue;
}
if(!stricmp(cmd, "PWD") || !stricmp(cmd,"XPWD")) {
if(strlen(local_dir)>3)
local_dir[strlen(local_dir)-1]=0; /* truncate '/' */
sockprintf(sock,"257 \"%s\" is current directory."
,local_dir);
continue;
} /* Local PWD */
if(!strnicmp(cmd, "MKD ", 4) || !strnicmp(cmd,"XMKD",4)) {
p=cmd+4;
while(*p && *p<=' ') p++;
if(*p=='/') /* absolute */
sprintf(fname,"%s%s",root_dir(local_dir),p+1);
else /* relative */
sprintf(fname,"%s%s",local_dir,p);
if((i=_mkdir(fname))==0) {
sockprintf(sock,"257 \"%s\" directory created",fname);
lprintf("%04d %s created directory: %s",sock,user.alias,fname);
} else {
sockprintf(sock,"521 Error %d creating directory: %s",i,fname);
lprintf("%04d !%s attempted to create directory: %s (Error %d)"
,sock,user.alias,fname,i);
}
continue;
}
if(!strnicmp(cmd, "RMD ", 4) || !strnicmp(cmd,"XRMD",4)) {
p=cmd+4;
while(*p && *p<=' ') p++;
if(*p=='/') /* absolute */
sprintf(fname,"%s%s",root_dir(local_dir),p+1);
else /* relative */
sprintf(fname,"%s%s",local_dir,p);
if((i=_rmdir(fname))==0) {
sockprintf(sock,"250 \"%s\" directory removed",fname);
lprintf("%04d %s removed directory: %s",sock,user.alias,fname);
} else {
sockprintf(sock,"450 Error %d removing directory: %s",i,fname);
lprintf("%04d !%s attempted to remove directory: %s (Error %d)"
,sock,user.alias,fname,i);
}
continue;
}
if(!strnicmp(cmd, "RNFR ",5)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(*p=='/') /* absolute */
sprintf(ren_from,"%s%s",root_dir(local_dir),p+1);
else /* relative */
sprintf(ren_from,"%s%s",local_dir,p);
if(!fexist(ren_from)) {
sockprintf(sock,"550 File not found: %s",ren_from);
lprintf("%04d !%s attempted to rename %s (not found)"
,sock,user.alias,ren_from);
} else
sockprintf(sock,"350 File exists, ready for destination name");
continue;
}
if(!strnicmp(cmd, "RNTO ",5)) {
p=cmd+5;
while(*p && *p<=' ') p++;
if(*p=='/') /* absolute */
sprintf(fname,"%s%s",root_dir(local_dir),p+1);
else /* relative */
sprintf(fname,"%s%s",local_dir,p);