[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: [PATCH] ftpd: NOMMU/chroot fix
From: Morten Kvistgaard <MK () pch-engineering ! dk>
Date: 2014-05-19 6:53:48
Message-ID: 0855BDD4CF82174A8BE362DE9F27C3BF026F643E9B7C () pche-exchange
[Download RAW message or body]
From: Morten Kvistgaard <mk@pch-engineering.dk>
I've been working with walter harms to create some patches for the ftpd. This is the \
first one.
The current code doesn't do (ftp) LIST when using a jailed setup on a NOMMU build. \
Somewhat exotic. I suspect it hasn't been tested for a while. This patch will fix the \
issue.
It's been tested on a i386 Ubuntu, with and without the FORCE_NOMMU and on a cross \
compiled Blackfin (NOMMU). It's been tested with several clients: Windows ftp (cmd), \
FileZilla, WinSCP. And walter approves of it ^^
---
networking/ftpd.c | 44 ++++++++++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 14 deletions(-)
diff --git a/networking/ftpd.c b/networking/ftpd.c index 33db964..960984b 100644
--- a/networking/ftpd.c
+++ b/networking/ftpd.c
@@ -617,21 +617,29 @@ handle_retr(void)
static int
popen_ls(const char *opt)
{
- const char *argv[5];
struct fd_pair outfd;
pid_t pid;
+#if BB_MMU
+ #define FTP_ARG_NO 2
+ const char *argv[4];
- argv[0] = "ftpd";
+ argv[0] = "ls";
argv[1] = opt; /* "-l" or "-1" */
-#if BB_MMU
- argv[2] = "--";
+ argv[2] = G.ftp_arg;
+ argv[3] = NULL;
#else
- /* NOMMU ftpd ls helper chdirs to argv[2],
- * preventing peer from seeing real root. */
- argv[2] = xrealloc_getcwd_or_warn(NULL);
+ #define FTP_ARG_NO 4
+ const char *argv[6];
+
+ argv[0] = "ftpd";
+ argv[1] = opt; /* "-l" or "-1" */
+ /* NOMMU ftpd ls helper chdirs to argv[3],
+ * preventing peer from seeing real root. */
+ argv[2] = G.chroot_dir;
+ argv[3] = xrealloc_getcwd_or_warn(NULL);
+ argv[4] = G.ftp_arg;
+ argv[5] = NULL;
#endif
- argv[3] = G.ftp_arg;
- argv[4] = NULL;
/* Improve compatibility with non-RFC conforming FTP \
clients
* which send e.g. "LIST -l", "LIST -la", "LIST -aL".
@@ -642,7 +650,7 @@ popen_ls(const char *opt)
const char *tmp = \
strchr(G.ftp_arg, ' ');
if (tmp) /* skip the space \
*/
\
tmp++;
- argv[3] = tmp;
+ argv[FTP_ARG_NO] = tmp;
}
xpiped_pair(outfd);
@@ -659,6 +667,7 @@ popen_ls(const char *opt)
* relative to current \
directory */
if (fchdir(G.root_fd) != 0)
\
_exit(127);
+ xchroot("."); /* will break \
out of jail */
/*close(G.root_fd); - \
close_on_exec_on() took care of this */ #endif
/* NB: close _first_, then \
move fd! */ @@ -685,7 +694,7 @@ popen_ls(const char *opt)
/* parent */
close(outfd.wr);
#if !BB_MMU
- free((char*)argv[2]);
+ free((char*)argv[3]);
#endif
return outfd.rd;
}
@@ -1085,6 +1094,7 @@ enum {
const_PASV = mk_const4('P', 'A', 'S', 'V'),
const_PORT = mk_const4('P', 'O', 'R', 'T'),
const_PWD = mk_const3('P', 'W', 'D'),
+ const_XPWD = mk_const4('X', 'P', 'W', 'D'), \
/* Deprecated, but still used by some clients. Eg. Windows ftp (cmd) */
const_QUIT = mk_const4('Q', 'U', 'I', 'T'),
const_REST = mk_const4('R', 'E', 'S', 'T'),
const_RETR = mk_const4('R', 'E', 'T', 'R'), @@ -1135,8 \
+1145,14 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
/* TODO: pass -n? It prevents user/group resolution, which may not work in chroot \
anyway */
/* TODO: pass -A? It shows dot files */
/* TODO: pass --group-directories-first? would be nice, but ls doesn't do that yet */
- xchdir(argv[2]);
- argv[2] = (char*)"--";
+
+ /* set chroot and current dir \
*/
+ xchroot(argv[2]);
+ xchdir(argv[3]);
+ argv[2] = argv[4];
+ argv[3] = NULL;
+ argv[4] = NULL;
+
/* memset(&G, 0, sizeof(G)); \
- ls_main does it */
return ls_main(argc, argv);
}
@@ -1292,7 +1308,7 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv)
\
WRITE_OK(FTP_ALLOOK);
else if (cmdval == \
const_SYST)
\
cmdio_write_raw(STR(FTP_SYSTOK)" UNIX Type: L8\r\n");
- else if (cmdval == \
const_PWD)
+ else if (cmdval == const_PWD \
|| cmdval == const_XPWD)
\
handle_pwd();
else if (cmdval == \
const_CWD)
\
handle_cwd();
--
1.9.3
--
This message has been scanned for viruses and dangerous content by CronLab
(www.cronlab.com), and is believed to be clean.
[Attachment #3 (multipart/related)]
[Attachment #5 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type \
content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 \
(filtered medium)"><style><!-- /* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
mso-fareast-language:EN-US;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:"Calibri","sans-serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:3.0cm 2.0cm 3.0cm 2.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=DA link=blue vlink=purple><div \
class=WordSection1><p class=MsoNormal>From: Morten Kvistgaard \
<mk@pch-engineering.dk><o:p></o:p></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-US>I’ve \
been working with walter harms to create some patches for the ftpd. This is the first \
one. <o:p></o:p></span></p><p class=MsoNormal><span \
lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>The \
current code doesn’t do (ftp) LIST when using a jailed setup on a NOMMU build. \
Somewhat exotic. I suspect it hasn’t been tested for a \
while.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>This patch will fix \
the issue. <o:p></o:p></span></p><p class=MsoNormal><span \
lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>It’s \
been tested on a i386 Ubuntu, with and without the FORCE_NOMMU and on a cross \
compiled Blackfin (NOMMU). It’s been tested with several clients: Windows ftp \
(cmd), FileZilla, WinSCP. And walter approves of it ^^<o:p></o:p></span></p><p \
class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span \
lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span \
lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>---<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
networking/ftpd.c | 44 \
++++++++++++++++++++++++++++++--------------<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> 1 file changed, 30 insertions(+), 14 \
deletions(-)<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US>diff \
--git a/networking/ftpd.c b/networking/ftpd.c index 33db964..960984b \
100644<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>--- \
a/networking/ftpd.c<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>+++ \
b/networking/ftpd.c<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>@@ \
-617,21 +617,29 @@ handle_retr(void)<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> static int<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
popen_ls(const char *opt)<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> {<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; \
const char *argv[5];<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
struct fd_pair outfd;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
pid_t pid;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>+#if \
BB_MMU<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
#define FTP_ARG_NO 2<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
const char *argv[4];<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; \
argv[0] = "ftpd";<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[0] = "ls";<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &n \
bsp; \
argv[1] = opt; /* "-l" or "-1" */<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US>-#if BB_MMU<o:p></o:p></span></p><p \
class=MsoPlainText>- \
\
argv[2] = "--";<o:p></o:p></p><p \
class=MsoPlainText>+ \
\
argv[2] = G.ftp_arg;<o:p></o:p></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[3] = NULL;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
#else<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; /* \
NOMMU ftpd ls helper chdirs to argv[2],<o:p></o:p></span></p><p \
class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; * \
preventing peer from seeing real root. */<o:p></o:p></span></p><p \
class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; \
argv[2] = xrealloc_getcwd_or_warn(NULL);<o:p></o:p></span></p><p \
class=MsoPlainText><span \
lang=EN-US>+ \
#define FTP_ARG_NO 4<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
const char *argv[6];<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[0] = "ftpd";<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[1] = opt; /* "-l" or "-1" */<o:p></o:p></span></p><p \
class=MsoPlainText><span \
lang=EN-US>+ \
/* NOMMU ftpd ls helper chdirs to argv[3],<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US>+ * preventing peer from \
seeing real root. */<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[2] = G.chroot_dir;<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
argv[3] = xrealloc_getcwd_or_warn(NULL);<o:p></o:p></span></p><p \
class=MsoPlainText>+ \
\
argv[4] = G.ftp_arg;<o:p></o:p></p><p \
class=MsoPlainText>+ \
\
argv[5] = NULL;<o:p></o:p></p><p class=MsoPlainText> #endif<o:p></o:p></p><p \
class=MsoPlainText>- \
\
argv[3] = G.ftp_arg;<o:p></o:p></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; \
argv[4] = NULL;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &nb \
sp; \
/* Improve compatibility with non-RFC conforming FTP clients<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
\
* which send e.g. "LIST -l", "LIST -la", "LIST \
-aL".<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>@@ -642,7 \
+650,7 @@ popen_ls(const char *opt)<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &n \
bsp; &nbs \
p; \
\
const char *tmp = strchr(G.ftp_arg, ' ');<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
&n \
bsp; &nbs \
p; \
if (tmp) /* skip the space */<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &n \
bsp; &nbs \
p; \
&n \
bsp; &nbs \
p; \
tmp++;<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; &nbs \
p; \
\
argv[3] = tmp;<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ &n \
bsp; &nbs \
p; \
argv[FTP_ARG_NO] = tmp;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
}<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &nb \
sp; \
xpiped_pair(outfd);<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>@@ \
-659,6 +667,7 @@ popen_ls(const char *opt)<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
&n \
bsp; &nbs \
p; \
* relative to current directory */<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
&n \
bsp; &nbs \
p; \
if (fchdir(G.root_fd) != 0)<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US> &n \
bsp; &nbs \
p; \
&n \
bsp; &nbs \
p; \
_exit(127);<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ &n \
bsp; &nbs \
p; \
xchroot("."); /* will break out of jail \
*/<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
&n \
bsp; &nbs \
p; \
/*close(G.root_fd); - close_on_exec_on() took care of this */ \
#endif<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
&n \
bsp; &nbs \
p; \
/* NB: close _first_, then move fd! */ @@ -685,7 +694,7 @@ popen_ls(const char \
*opt)<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
/* parent */<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
close(outfd.wr);<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> #if \
!BB_MMU<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>- &n \
bsp; \
free((char*)argv[2]);<o:p></o:p></span></p><p class=MsoPlainText><span \
lang=EN-US>+ \
free((char*)argv[3]);<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
#endif<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
return outfd.rd;<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
}<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US>@@ -1085,6 +1094,7 @@ \
enum {<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> \
\
const_PASV = mk_const4('P', 'A', 'S', 'V'),<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
\
const_PORT = mk_const4('P', 'O', 'R', 'T'),<o:p></o:p></span></p><p \
class=MsoPlainText><span lang=EN-US> \
\
const_PWD = mk_const3('P', 'W', 'D'),<o:p></o:p></span></p><p \
<br><br>
<table cellspacing="1" cellpadding="1" width="700" bgcolor="#ffffff">
<col width="100"><col width="600">
<tr style="background: #dddddd;border-color: #dddddd;padding:0px 0px 0px \
0px;height:1px;text-decoration:none;"><td colspan="2"></td></tr> <tr \
style="font-family: Arial,Helvetica,sans-serif;font-size: 8pt;color: #000000;"> \
<td><a href="http://www.cronlab.com"><img alt="MailScanner CronLabAntiSpamAppliance \
Signature" src="cid:cronlab.jpg" width="50" border="0"></a></td> <td><center>
This message has been scanned for viruses and dangerous content by CronLab
(<a href="http://www.cronlab.com">www.cronlab.com</a>) and is believed to be clean.
</center></td></tr></table>
</center>
["cronlab.jpg" (image/jpeg)]
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
--===============6461218686277191509==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic