1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
--- src/ftpd.c.orig 2010-05-27 01:19:29.000000000 +0400
+++ src/ftpd.c 2010-05-27 01:19:56.000000000 +0400
@@ -447,7 +447,6 @@
#ifdef OPIE
#include <opie.h>
int pwok = 0;
-int af_pwok = 0;
struct opie opiestate;
#endif
@@ -1219,10 +1218,6 @@
exit(0);
}
-#ifdef OPIE
- af_pwok = opieaccessfile(remotehost);
-#endif
-
#ifdef HAVE_LIBRESOLV
/* check permitted access based on remote host DNS information */
if (!check_reverse_dns()) {
@@ -1662,9 +1657,9 @@
/* Display s/key challenge where appropriate. */
if (pwd == NULL || skeychallenge(&skey, pwd->pw_name, sbuf))
- sprintf(buf, "Password required for %s.", name);
+ snprintf(buf, sizeof(buf)-1, "Password required for %s.", name);
else
- sprintf(buf, "%s %s for %s.", sbuf,
+ snprintf(buf, sizeof(buf)-1, "%s %s for %s.", sbuf,
pwok ? "allowed" : "required", name);
return (buf);
}
@@ -2105,16 +2100,17 @@
#ifdef OPIE
{
char prompt[OPIE_CHALLENGE_MAX + 1];
- opiechallenge(&opiestate, name, prompt);
- if (askpasswd == -1) {
- syslog(LOG_WARNING, "Invalid FTP user name %s attempted from %s", name, remotehost);
- pwok = 0;
+ if (opiechallenge(&opiestate, name, prompt) == 0) {
+ pwok = (pw != NULL) &&
+ opieaccessfile(remotehost) &&
+ opiealways(pw->pw_dir);
+ reply(331, "Response to %s %s for %s.",
+ prompt, pwok ? "requested" : "required", name);
+ } else {
+ pwok = 1;
+ reply(331, "Password required for %s.", name);
}
- else
- pwok = af_pwok && opiealways(pw->pw_dir);
- reply(331, "Response to %s %s for %s.",
- prompt, pwok ? "requested" : "required", name);
}
#else
reply(331, "Password required for %s.", name);
@@ -2593,8 +2589,8 @@
if (pw == NULL)
salt = "xx";
else
-#ifndef OPIE
salt = pw->pw_passwd;
+#ifndef OPIE
#ifdef SECUREOSF
if ((pr = getprpwnam(pw->pw_name)) != NULL) {
if (pr->uflg.fg_newcrypt)
@@ -2627,9 +2623,15 @@
xpasswd = crypt(passwd, salt);
#endif /* SKEY */
#else /* OPIE */
- if (!opieverify(&opiestate, passwd))
- rval = 0;
- xpasswd = crypt(passwd, pw->pw_passwd);
+ if (pw != NULL) {
+ if (opieverify(&opiestate, passwd) == 0)
+ xpasswd = pw->pw_passwd;
+ else if (pwok)
+ xpasswd = crypt(passwd, salt);
+ else
+ pw = NULL;
+ }
+ pwok = 0;
#endif /* OPIE */
#ifdef ULTRIX_AUTH
if ((numfails = ultrix_check_pass(passwd, xpasswd)) >= 0) {
@@ -3189,7 +3191,7 @@
pw->pw_name, pw->pw_dir);
goto bad;
#else
- if (chdir("/") < 0) {
+ if (restricted_user || chdir("/") < 0) {
#ifdef VERBOSE_ERROR_LOGING
syslog(LOG_NOTICE, "FTP LOGIN FAILED (cannot chdir) for %s, %s",
remoteident, pw->pw_name);
@@ -3508,7 +3510,7 @@
{
char *a;
a = (char *) malloc(len + 1);
- memset(a, ' ', len-1);
+ memset(a, ' ', len);
a[len] = 0;
if (strlen(s) <= len)
memcpy(a, s, strlen(s));
@@ -7469,6 +7471,8 @@
in++;
if (*in == '/')
in++;
+ else
+ out++;
}
else if ((in[0] == '.') && (in[1] == '.') && ((in[2] == '/') || (in[2] == '\0'))) {
if (out == path) {
@@ -7497,6 +7501,9 @@
}
else {
do
+ if ((in[0] == '*') && (in[1] == '*'))
+ in++;
+ else
*out++ = *in++;
while ((*in != '\0') && (*in != '/'));
if (*in == '/')
|
