Up to [local] / src / usr.sbin / ftp-proxy
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.39 / (download) - annotate - [select for diffs], Sun Oct 24 21:24:18 2021 UTC (2 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
Revision 1.38 / (download) - annotate - [select for diffs], Wed Feb 12 14:46:36 2020 UTC (4 years, 3 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
Standardize argument naming for "sourceaddr" and unify the wording a bit, similar to what deraadt@ recently did in other manual pages.
Revision 1.37 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:47 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.36: +7 -7 lines
Diff to previous 1.36 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.36 / (download) - annotate - [select for diffs], Mon Sep 26 17:15:19 2016 UTC (7 years, 8 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.35: +8 -1 lines
Diff to previous 1.35 (colored)
Exit early from rdaemon() is the passed fd is invalid. fd == -1 check suggested by deraadt@, ok florian@
Revision 1.35 / (download) - annotate - [select for diffs], Thu Sep 15 16:16:03 2016 UTC (7 years, 8 months ago) by jca
Branch: MAIN
Changes since 1.34: +39 -8 lines
Diff to previous 1.34 (colored)
Go in the background later, using rdaemon(). rdaemon() works like daemon(3) but requires its caller to pre-open /dev/null. This makes it possible to go in the background after a chroot(2), allowing for more error checking. The pattern is basically - open /dev/null - chroot - privdrop - rdaemon "design" initialy discussed with semarie@ a while ago, ok dlg@
Revision 1.34 / (download) - annotate - [select for diffs], Fri Feb 12 08:12:48 2016 UTC (8 years, 3 months ago) by ajacoutot
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.33: +4 -1 lines
Diff to previous 1.33 (colored)
Exit early with an error if the "_ftp_proxy" user does not exist. This prevents rc.d waiting up to 30 secs when starting ftp-proxy right after updating from 5.8 because at that point sysmerge(8) would not have had a chance to run yet and the unpriv user would not exist. issue reported by sthen@ ok sthen@ benno@ jca@
Revision 1.33 / (download) - annotate - [select for diffs], Tue Dec 22 08:35:17 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
commiting -> committing
Revision 1.32 / (download) - annotate - [select for diffs], Fri Dec 4 19:05:43 2015 UTC (8 years, 6 months ago) by sebastia
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
Make the NOPRIV_USER match that is actually intended to be used for that. Problem introduced since tftp-proxy and ftp-proxy have separate nonpriv users. OK deraadt@
Revision 1.31 / (download) - annotate - [select for diffs], Tue Dec 1 07:32:37 2015 UTC (8 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
switch to new _ftp_proxy user; ok dlg
Revision 1.30 / (download) - annotate - [select for diffs], Wed Jan 21 21:50:33 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
Revision 1.29 / (download) - annotate - [select for diffs], Sat Sep 13 16:06:37 2014 UTC (9 years, 8 months ago) by doug
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
Replace all queue *_END macro calls except CIRCLEQ_END with NULL. CIRCLEQ_* is deprecated and not called in the tree. The other queue types have *_END macros which were added for symmetry with CIRCLEQ_END. They are defined as NULL. There's no reason to keep the other *_END macro calls. ok millert@
Revision 1.28 / (download) - annotate - [select for diffs], Fri Mar 15 13:31:27 2013 UTC (11 years, 2 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.27: +3 -45 lines
Diff to previous 1.27 (colored)
camield requested backout of rev 1.26, and indeed ftp-proxy does not need it.
Revision 1.27 / (download) - annotate - [select for diffs], Mon Mar 11 17:40:11 2013 UTC (11 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.26: +4 -2 lines
Diff to previous 1.26 (colored)
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
Revision 1.26 / (download) - annotate - [select for diffs], Sun Mar 10 21:28:26 2013 UTC (11 years, 3 months ago) by benno
Branch: MAIN
Changes since 1.25: +45 -3 lines
Diff to previous 1.25 (colored)
reserve a filedescriptor on accept() for subsequent connect() call, as done in relayd. ok sthen, deraadt
Revision 1.25 / (download) - annotate - [select for diffs], Thu Apr 5 19:08:40 2012 UTC (12 years, 2 months ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.24: +25 -6 lines
Diff to previous 1.24 (colored)
Rate-limit accepting of new connections while we are experiencing fd exhaustion. ok deraadt mikeb
Revision 1.24 / (download) - annotate - [select for diffs], Sun Mar 4 04:05:15 2012 UTC (12 years, 3 months ago) by fgsch
Branch: MAIN
Changes since 1.23: +5 -5 lines
Diff to previous 1.23 (colored)
In preparation for getline and getdelim additions to libc, rename getline() occurrences to get_line(). Based on a diff from Jan Klemkow <j-dot-klemkow-at-wemelug-dot-de> to tech.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Jun 21 17:31:07 2011 UTC (12 years, 11 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.22: +3 -4 lines
Diff to previous 1.22 (colored)
Convert SO_RTABLE's protocol level to the SOL_SOCKET; ok claudio
Revision 1.22 / (download) - annotate - [select for diffs], Thu Apr 28 00:17:28 2011 UTC (13 years, 1 month ago) by mikeb
Branch: MAIN
Changes since 1.21: +9 -7 lines
Diff to previous 1.21 (colored)
switch ftp-proxy over to divert-to instead of rdr-to. this avoids an expensive state lookup (via natlook ioctl) and shrinks the code. tested by me and sthen, ok reyk sthen
Revision 1.21 / (download) - annotate - [select for diffs], Fri Mar 25 14:51:31 2011 UTC (13 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.20: +16 -13 lines
Diff to previous 1.20 (colored)
Use the rdomain information returned by DIOCNATLOOK to install the nat-to and rdr-to rules with correct rtable rule attributes. This allows to use ftp-proxy to proxy accross rdomains. Tested and OK phessler@, OK henning@
Revision 1.20 / (download) - annotate - [select for diffs], Tue Sep 1 13:46:14 2009 UTC (14 years, 9 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.19: +8 -28 lines
Diff to previous 1.19 (colored)
Bring ftp-proxy in sync with the massive pf change just commited by Henning. This changes the way the rdr/nat rules are added to pf. Now only a single anchor is needed (the other ones do no longer exist). To convert your ruleset you need something like this at the start of your ruleset: # filter rules and anchors for ftp-proxy(8) anchor "ftp-proxy/*" pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 This was tested by myself, sthen@, dlg@ and I think many more. OK by the same people plus henning.
Revision 1.19 / (download) - annotate - [select for diffs], Fri Jun 13 07:25:26 2008 UTC (15 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.18: +4 -7 lines
Diff to previous 1.18 (colored)
Better error messages. Include the function causing the problem and do not include the program name in logmsg() plus exit_daemon() does not return so make it a void function. OK mpf@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Apr 22 02:22:22 2008 UTC (16 years, 1 month ago) by joel
Branch: MAIN
Changes since 1.17: +7 -1 lines
Diff to previous 1.17 (colored)
Flush output buffers before closing TCP session. Fixes the case where the proxy would eat the 221 response coming from the server towards the client. Patch from camield@. Tested by Camiel and myself. ok camield@
Revision 1.17 / (download) - annotate - [select for diffs], Sun Apr 13 00:22:17 2008 UTC (16 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored)
Use arc4random_buf() when requesting more than a single word of output Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
Revision 1.16 / (download) - annotate - [select for diffs], Tue Feb 26 18:52:53 2008 UTC (16 years, 3 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.15: +3 -2 lines
Diff to previous 1.15 (colored)
Don't pass quick when tagging, so the tag can be used outside the ftp-proxy anchor. Exotic setups with route-to etc. can be implemented this way. from camield, ok reyk beck canacar and manpage polished by jmc
Revision 1.15 / (download) - annotate - [select for diffs], Wed Aug 15 15:18:02 2007 UTC (16 years, 9 months ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.14: +34 -11 lines
Diff to previous 1.14 (colored)
Some servers / proxies out there like to open the data connection immediately after the client sends the PORT command. The "normal" behaviour is to wait for the client to actually request a transfer. Make ftp-proxy add the active mode rules immediately too, so that both scenario's work. ok david pyr Tested by Frank Denis, Stephan A. Rickauer, Ingo Schwarze, Stuart Henderson. Thanks.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Aug 1 09:31:41 2007 UTC (16 years, 10 months ago) by henning
Branch: MAIN
Changes since 1.13: +11 -5 lines
Diff to previous 1.13 (colored)
allow ftp-proxy to add tag statements to teh rules it inserts clever, nice and easy diff from bsd@openbsd.rutgers.edu, ok pyr reyk
Revision 1.13 / (download) - annotate - [select for diffs], Sat Dec 30 13:24:00 2006 UTC (17 years, 5 months ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.12: +5 -19 lines
Diff to previous 1.12 (colored)
Remove stub write callback functions now that libevent allows them to be NULL.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Dec 30 13:01:54 2006 UTC (17 years, 5 months ago) by camield
Branch: MAIN
Changes since 1.11: +12 -10 lines
Diff to previous 1.11 (colored)
Convert three instances of atoi() to strtonum() and apply sane upper bounds. Triggered by Rik/harry Bobbaers on bugs@. ok mbalmer@ ray@
Revision 1.11 / (download) - annotate - [select for diffs], Tue Dec 12 07:28:41 2006 UTC (17 years, 6 months ago) by camield
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)
Ignore sigpipe as libevent does not handle that for us. Confirmed by provos. Fixes race condition where ftp-proxy would silently exit if a write was attempted on a socket that was closed by an RST. Should fix PR 5260. ok claudio@
Revision 1.10 / (download) - annotate - [select for diffs], Sun Oct 15 18:23:44 2006 UTC (17 years, 7 months ago) by camield
Branch: MAIN
Changes since 1.9: +6 -6 lines
Diff to previous 1.9 (colored)
Close file descriptors before cleaning up the events, might cause a race otherwise.
Revision 1.9 / (download) - annotate - [select for diffs], Sat Mar 25 20:21:42 2006 UTC (18 years, 2 months ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
unused variable from Andrey Matveev
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 22 10:16:03 2006 UTC (18 years, 2 months ago) by camield
Branch: MAIN
Changes since 1.7: +25 -20 lines
Diff to previous 1.7 (colored)
Rework signal handling the idiomatic libevent way. From ospfd. ok claudio henning
Revision 1.7 / (download) - annotate - [select for diffs], Fri Nov 18 08:49:32 2005 UTC (18 years, 6 months ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.6: +3 -5 lines
Diff to previous 1.6 (colored)
don't assume that close() can fail, from deraadt ok henning deraadt
Revision 1.6 / (download) - annotate - [select for diffs], Thu Nov 17 13:32:05 2005 UTC (18 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored)
buffer overflow
Revision 1.5 / (download) - annotate - [select for diffs], Tue Jun 7 14:12:07 2005 UTC (19 years ago) by camield
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.4: +2 -0 lines
Diff to previous 1.4 (colored)
add OpenBSD cvs tags, prompted by xsa@
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jun 7 04:37:32 2005 UTC (19 years ago) by camield
Branch: MAIN
Changes since 1.3: +10 -4 lines
Diff to previous 1.3 (colored)
Introduce verbose option to control the logging of the pf rules. ok beck mpf
Revision 1.3 / (download) - annotate - [select for diffs], Mon May 30 16:37:57 2005 UTC (19 years ago) by camield
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Don't call va_start() when we do not log. From Andrey Matveev.
Revision 1.2 / (download) - annotate - [select for diffs], Fri May 27 20:05:17 2005 UTC (19 years ago) by camield
Branch: MAIN
Changes since 1.1: +10 -4 lines
Diff to previous 1.1 (colored)
do not allow nul in the control connection. ok beck
Revision 1.1 / (download) - annotate - [select for diffs], Thu May 26 04:38:35 2005 UTC (19 years ago) by camield
Branch: MAIN
Import new FTP proxy. Handles IPv6 and all FTP modes. It was previously known as pftpx. Not connected to the builds yet. ok beck