diff -Nru orig/muddleftpd-1.3.13.1/defaults.h.in muddleftpd-1.3.13.1/defaults.h.in --- orig/muddleftpd-1.3.13.1/defaults.h.in 2002-10-20 05:51:26.000000000 -0600 +++ muddleftpd-1.3.13.1/defaults.h.in 2007-07-24 16:05:52.937570314 -0600 @@ -31,7 +31,7 @@ #define SCRATCHFILE "/etc/muddleftpd/muddleftpd.scratch" #define PROGNAME "muddleftpd" -#define VERSTR "1.3.13" +#define VERSTR "1.3.13-tear5" #undef ACCESSCMD #undef DUMPCMD diff -Nru orig/muddleftpd-1.3.13.1/doc/Makefile.in muddleftpd-1.3.13.1/doc/Makefile.in --- orig/muddleftpd-1.3.13.1/doc/Makefile.in 2003-11-02 09:51:55.000000000 -0700 +++ muddleftpd-1.3.13.1/doc/Makefile.in 2007-07-24 16:05:53.027556634 -0600 @@ -48,11 +48,11 @@ install: all mkdir -p $(MANDIR)/man1 - install man/muddleftpd.1 -m 644 $(MANDIR)/man1/$(MUDOUTPROG).1 - install man/ftpwho.1 -m 644 $(MANDIR)/man1/$(WHOPROG).1 - install man/mudpasswd.1 -m 644 $(MANDIR)/man1/$(MUDPASSWDPROG).1 + install -m 644 man/muddleftpd.1 $(MANDIR)/man1/$(MUDOUTPROG).1 + install -m 644 man/ftpwho.1 $(MANDIR)/man1/$(WHOPROG).1 + install -m 644 man/mudpasswd.1 $(MANDIR)/man1/$(MUDPASSWDPROG).1 mkdir -p $(INFODIR) - install $(DOCOBJ) -m 644 $(INFODIR) + install -m 644 $(DOCOBJ) $(INFODIR) mkdir -p $(DOCDIR)/doc/muddleftpd install -m 644 cookie.txt $(DOCDIR)/doc/muddleftpd/cookie.txt install -m 644 ftpcmds.txt $(DOCDIR)/doc/muddleftpd/ftpcmds.txt diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibexample/Makefile.in muddleftpd-1.3.13.1/modules/auth/authlibexample/Makefile.in --- orig/muddleftpd-1.3.13.1/modules/auth/authlibexample/Makefile.in 2003-11-03 05:19:25.000000000 -0700 +++ muddleftpd-1.3.13.1/modules/auth/authlibexample/Makefile.in 2007-07-24 16:05:53.135540218 -0600 @@ -25,8 +25,8 @@ mkdir -p $(libdir) mkdir -p $(DOCDIR)/doc/muddleftpd - install README -m 644 $(DOCDIR)/doc/muddleftpd/README.authexample - install $(LIBNAME) -m 644 $(libdir) + install -m 644 README $(DOCDIR)/doc/muddleftpd/README.authexample + install -m 644 $(LIBNAME) $(libdir) distclean: clean diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibmsql/Makefile.in muddleftpd-1.3.13.1/modules/auth/authlibmsql/Makefile.in --- orig/muddleftpd-1.3.13.1/modules/auth/authlibmsql/Makefile.in 2003-11-03 05:19:32.000000000 -0700 +++ muddleftpd-1.3.13.1/modules/auth/authlibmsql/Makefile.in 2007-07-24 16:05:53.149538090 -0600 @@ -21,8 +21,8 @@ mkdir -p $(libdir) mkdir -p $(DOCDIR)/doc/muddleftpd - install README -m 644 $(DOCDIR)/doc/muddleftpd/README.authmsql - install $(LIBNAME) -m 644 $(libdir) + install -m 644 README $(DOCDIR)/doc/muddleftpd/README.authmsql + install -m 644 $(LIBNAME) $(libdir) clean: diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibmysql/Makefile.in muddleftpd-1.3.13.1/modules/auth/authlibmysql/Makefile.in --- orig/muddleftpd-1.3.13.1/modules/auth/authlibmysql/Makefile.in 2003-11-03 05:19:51.000000000 -0700 +++ muddleftpd-1.3.13.1/modules/auth/authlibmysql/Makefile.in 2007-07-24 16:05:53.220527298 -0600 @@ -21,8 +21,8 @@ mkdir -p $(libdir) mkdir -p $(DOCDIR)/doc/muddleftpd - install README -m 644 $(DOCDIR)/doc/muddleftpd/README.authmysql - install $(LIBNAME) -m 644 $(libdir) + install -m 644 README $(DOCDIR)/doc/muddleftpd/README.authmysql + install -m 644 $(LIBNAME) $(libdir) clean: diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/Makefile.in muddleftpd-1.3.13.1/modules/auth/authlibsmb/Makefile.in --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/Makefile.in 2003-11-03 05:20:04.000000000 -0700 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/Makefile.in 2007-07-24 16:05:53.354506930 -0600 @@ -24,8 +24,8 @@ mkdir -p $(libdir) mkdir -p $(DOCDIR)/doc/muddleftpd - install README -m 644 $(DOCDIR)/doc/muddleftpd/README.authsmb - install $(LIBNAME) -m 644 $(libdir) + install -m 644 README $(DOCDIR)/doc/muddleftpd/README.authsmb + install -m 644 $(LIBNAME) $(libdir) clean: diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/rfcnb-util.c muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/rfcnb-util.c --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/rfcnb-util.c 2002-10-20 06:00:41.000000000 -0600 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/rfcnb-util.c 2007-07-24 16:05:53.371504346 -0600 @@ -23,8 +23,16 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#include "../config.h" #include + +#ifdef HAVE_STDLIB_H +#include +#endif + +#ifndef __FreeBSD__ #include +#endif #include "std-includes.h" #include "rfcnb-priv.h" diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/session.c muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/session.c --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/session.c 2002-10-20 06:00:41.000000000 -0600 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/session.c 2007-07-24 16:05:53.391501306 -0600 @@ -23,9 +23,17 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include +#include "../config.h" #include +#ifdef HAVE_STDLIB_H +#include +#endif + +#ifndef __FreeBSD__ +#include +#endif + int RFCNB_errno = 0; int RFCNB_saved_errno = 0; #define RFCNB_ERRNO diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smbencrypt.c muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smbencrypt.c --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smbencrypt.c 2002-10-20 06:00:41.000000000 -0600 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smbencrypt.c 2007-07-24 16:05:53.546477746 -0600 @@ -21,10 +21,14 @@ */ #include +#include +#include #include #include #include +#ifndef __FreeBSD__ #include +#endif #include #include "smblib-priv.h" diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib.c muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib.c --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib.c 2002-10-20 06:00:41.000000000 -0600 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib.c 2007-07-24 16:05:53.645462698 -0600 @@ -24,7 +24,14 @@ */ #include "../config.h" + +#ifdef HAVE_STDLIB_H +#include +#endif + +#ifndef __FreeBSD__ #include +#endif int SMBlib_errno; int SMBlib_SMB_Error; diff -Nru orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib-util.c muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib-util.c --- orig/muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib-util.c 2002-10-20 06:00:41.000000000 -0600 +++ muddleftpd-1.3.13.1/modules/auth/authlibsmb/smbval/smblib-util.c 2007-07-24 16:05:53.628465282 -0600 @@ -23,8 +23,16 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#include "../config.h" #include "smblib-priv.h" + +#ifdef HAVE_STDLIB_H +#include +#endif + +#ifndef __FreeBSD__ #include +#endif #include "rfcnb.h" diff -Nru orig/muddleftpd-1.3.13.1/src/authanon.c muddleftpd-1.3.13.1/src/authanon.c --- orig/muddleftpd-1.3.13.1/src/authanon.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/authanon.c 2007-07-24 16:05:53.916421506 -0600 @@ -35,9 +35,9 @@ anonuser = mktokconfstr(tset, auth_getcursectionid(peer), "anonymous_user", "ftp"); newhandle->passent = getpwnam(anonuser); + if (newhandle->passent == NULL) newhandle->passent = getpwuid(getuid()); if (newhandle->passent == NULL) goto error; - newhandle->peer = peer; *err = AUTH_OK; freewrapper(anonuser); @@ -93,4 +93,6 @@ anonauth_gethandle, anonauth_freehandle, NULL, + NULL, + NULL, }; diff -Nru orig/muddleftpd-1.3.13.1/src/auth.c muddleftpd-1.3.13.1/src/auth.c --- orig/muddleftpd-1.3.13.1/src/auth.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/auth.c 2007-07-24 16:05:53.781442026 -0600 @@ -27,6 +27,7 @@ { "anonymous", &anonauth_commands }, { "internal", &internalauth_commands }, { "disabled", &disableauth_commands }, + { "user", &userauth_commands }, #ifdef HAVE_PAM_START { "pam", &pamauth_commands }, #endif @@ -266,6 +267,12 @@ tokenset_settoken(tset, 'G', makegidliststr(list)); freewrapper(list); } +#if 1 + if (s->getbaseuser) + tokenset_settoken(tset, 'S', strdupwrapper(s->getbaseuser(a))); + if (s->getsubuser) + tokenset_settoken(tset, 's', strdupwrapper(s->getsubuser(a))); +#endif } void setupacls(FTPSTATE *peer, TOKENSET *tset, int section, char *funcname, int aclfunc) @@ -524,6 +531,7 @@ char **grouplist = peer->vserver->grouplist; PERMSTRUCT *am = NULL; void *handle = NULL; + char *baseuser; while(grouplist[count] != NULL) { @@ -552,10 +560,12 @@ } else return(NULL); +#if 0 if (am) /* Check username */ if (!checknamelist(config->configfile, sectionid, peer->username)) am = NULL; +#endif if (am) { /* now see if valid user */ @@ -569,6 +579,19 @@ } } + if (handle) { + if (am->getbaseuser) { + baseuser = am->getbaseuser(handle); + } else { + baseuser = peer->username; + } + if (!checknamelist(config->configfile, sectionid, baseuser)) { + am->freehandle(handle); + am = NULL; + handle = NULL; + } + } + if (handle) { *section = sectionid; diff -Nru orig/muddleftpd-1.3.13.1/src/authdisable.c muddleftpd-1.3.13.1/src/authdisable.c --- orig/muddleftpd-1.3.13.1/src/authdisable.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/authdisable.c 2007-07-24 16:05:53.984411170 -0600 @@ -21,12 +21,13 @@ void *disableauth_gethandle(FTPSTATE *peer, TOKENSET *tset, char *username, int *err) { - *err = AUTH_ERROR; + *err = AUTH_OK; return(NULL); } void disableauth_freehandle(void *handle) { + return; } int disableauth_checkpasswd(void *h, char *password, char **errmsg) @@ -45,4 +46,6 @@ disableauth_gethandle, disableauth_freehandle, NULL, + NULL, + NULL, }; diff -Nru orig/muddleftpd-1.3.13.1/src/auth.h muddleftpd-1.3.13.1/src/auth.h --- orig/muddleftpd-1.3.13.1/src/auth.h 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/auth.h 2007-07-24 16:05:53.849431690 -0600 @@ -10,6 +10,8 @@ gid_t *(* getusersupgid)(void *); void *(* gethandle)(FTPSTATE *peer, TOKENSET *tset, char *username, int *err); void (* freehandle)(void *); + char *(* getbaseuser)(void *); + char *(* getsubuser)(void *); void *handle; } PERMSTRUCT; @@ -17,6 +19,7 @@ extern PERMSTRUCT anonauth_commands; extern PERMSTRUCT internalauth_commands; extern PERMSTRUCT disableauth_commands; +extern PERMSTRUCT userauth_commands; #ifdef HAVE_PAM_START extern PERMSTRUCT pamauth_commands; diff -Nru orig/muddleftpd-1.3.13.1/src/authint.c muddleftpd-1.3.13.1/src/authint.c --- orig/muddleftpd-1.3.13.1/src/authint.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/authint.c 2007-07-24 16:05:54.053400682 -0600 @@ -142,4 +142,6 @@ internalauth_gethandle, internalauth_freehandle, NULL, + NULL, + NULL, }; diff -Nru orig/muddleftpd-1.3.13.1/src/authpam.c muddleftpd-1.3.13.1/src/authpam.c --- orig/muddleftpd-1.3.13.1/src/authpam.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/authpam.c 2007-07-24 16:05:54.140387458 -0600 @@ -234,6 +234,8 @@ pamauth_gethandle, pamauth_freehandle, NULL, + NULL, + NULL, }; #endif diff -Nru orig/muddleftpd-1.3.13.1/src/authunix.c muddleftpd-1.3.13.1/src/authunix.c --- orig/muddleftpd-1.3.13.1/src/authunix.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/authunix.c 2007-07-24 16:05:54.208377122 -0600 @@ -166,4 +166,6 @@ unixauth_gethandle, unixauth_freehandle, NULL, + NULL, + NULL, }; diff -Nru orig/muddleftpd-1.3.13.1/src/authuser.c muddleftpd-1.3.13.1/src/authuser.c --- orig/muddleftpd-1.3.13.1/src/authuser.c 1969-12-31 17:00:00.000000000 -0700 +++ muddleftpd-1.3.13.1/src/authuser.c 2007-07-24 23:21:07.388604806 -0600 @@ -0,0 +1,352 @@ +/* Copyright (C) 1999 Beau Kuiper + Copyright (C) 2004-2007 Krzysztof Rusocki + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +#include "ftpd.h" +#include "auth.h" + +#define GOT_USER 1 +#define NOT_GOT_USER 0 + +typedef struct +{ + struct passwd *passent; /* baseuser */ + char *username; /* subuser */ + + char *udata; + + char *password; + char *rootdir; + char *homedir; +} PASSWDSTRUCT; + +int userauth_config(char *username, char *data, int line, void *h) +{ + PASSWDSTRUCT *handle = (PASSWDSTRUCT *)h; + + if (strcmp(username, handle->username) == 0) + { + handle->udata = strdupwrapper(data); + return(GOT_USER); + } + return(NOT_GOT_USER); +} + +/* + * assumption: fmt != NULL and writable + * ret 0 == success + * ruser, and suser may be altered on failure + */ +static int parseusers(char *fmt, char *user, char **ruser, char **suser) +{ + char *fr, *fs; + char *pre, *sub, *post; + char *upre, *usub, *upost; + + + *ruser = NULL; + *suser = NULL; + + if (!(fs = strstr(fmt, "%s"))) { + return -1; + } + if (!(fr = strstr(fmt, "%S"))) { + return -2; + } + *fs = '\0'; + *(fs + 1) = '\0'; + *fr = '\0'; + *(fr + 1) = '\0'; + pre = fmt; + if (fr > fs) { + sub = fs + 2; + post = fr + 2; + } else { + sub = fr + 2; + post = fs + 2; + } + //printf("parseuser: pre: '%s' sub: '%s' post: '%s'\n", pre, sub, post); + if (!sub[0]) { /* no sub, no fun */ + return -10; + } + upre = user; + usub = upre; + //printf("pre in '%s'\n", upre); + upre = strstr(upre, pre); + if (upre) { + usub = upre + strlen(pre); + } + upost = usub; + //printf("sub in '%s'\n", usub); + + if (fs > fr) + *ruser = usub; + else + *suser = usub; + + usub = strstr(usub, sub); + if (usub) { + upost = usub + strlen(sub); + } + + if (fs > fr) + *suser = upost; + else + *ruser = upost; + + //printf("post in '%s'\n", upost); + upost = strstr(upost, post); + + if (pre[0] && !upre) + return -3; + if (!usub) + return -4; + if (post[0] && !upost) + return -5; + + + if (post[0]) { + if (upost + strlen(post) != user + strlen(user)) { + return -11; + } + *upost = '\0'; + } + + *usub = '\0'; + + if (pre[0]) { + if (sub[0]) { + if (upre >= usub) + return -6; + if (post[0]) { + if (usub >= upost) + return -7; + } + } else { + if (post[0]) { + if (upre >= upost) + return -8; + } + } + } else if (sub[0]) { + if (post[0]) { + if (usub >= upost) + return -9; + } + } + //printf("parseuser: looking good...; moving on\n"); + return 0; +} + +void *userauth_gethandle(FTPSTATE *peer, TOKENSET *tset, char *username, int *err) +{ + PASSWDSTRUCT *newhandle; + int result, error, line; + + char *rusername; /* real user name */ + char *susername; /* sub-user name */ + int slen; + int tmplen; + + char *passpath; /* passfile path, relative to user's pw_dir */ + char *fullpasspath; + char *plainpasswords; + int plainpass = 0; + char *userformat; + char *xusername; + + //printf("Initializing.\n"); + + newhandle = mallocwrapper(sizeof(PASSWDSTRUCT)); + + newhandle->passent = getpwnam(username); + if (newhandle->passent != NULL) + goto error; + + userformat = mktokconfstr(tset, auth_getcursectionid(peer), "userauth_format", "%S.%s"); + //printf("userformat: %s\n", userformat); + if (userformat == NULL) + goto error; + xusername = strdupwrapper(username); + result = parseusers(userformat, xusername, &rusername, &susername); + freewrapper(userformat); + //printf("Parse done with ret %d\n", result); + if (result != 0) { + freewrapper(xusername); + goto error; + } + rusername = strdupwrapper(rusername); + susername = strdupwrapper(susername); + freewrapper(xusername); + + /* now we have real user and sub-user names ready */ + newhandle->passent = getpwnam(rusername); + if (newhandle->passent == NULL) { + freewrapper(rusername); + freewrapper(susername); + goto error; + } + + passpath = mktokconfstr(tset, auth_getcursectionid(peer), "userauth_passfile", "ftp/passwd"); + if (passpath == NULL) { + freewrapper(rusername); + freewrapper(susername); + goto error; + } + plainpasswords = mktokconfstr(tset, auth_getcursectionid(peer), "userauth_plaintext_passfile", "0"); + if (plainpasswords) { + if (!strcmp(plainpasswords, "1")) + plainpass = 1; + freewrapper(plainpasswords); + } + + slen = strlen(passpath); + tmplen = strlen(newhandle->passent->pw_dir); + fullpasspath = mallocwrapper(slen + tmplen + 2); + memcpy(fullpasspath, newhandle->passent->pw_dir, tmplen); + fullpasspath[tmplen] = '/'; + memcpy(fullpasspath + tmplen + 1, passpath, slen); + fullpasspath[slen + tmplen + 1] = '\0'; + freewrapper(passpath); + + /* make sure that the password file is secure */ + newhandle->username = susername; + result = loadconfigfile(fullpasspath, userauth_config, newhandle, FALSE, &error, &line); + + switch (result) + { + case CONFIG_OK: + newhandle->username = NULL; /* not really neccessary but... */ + freewrapper(fullpasspath); + freewrapper(rusername); + freewrapper(susername); + goto error; + case CONFIG_HANDLER_ERROR: + break; /* found the user */ + default: + newhandle->username = NULL; + freewrapper(fullpasspath); + freewrapper(rusername); + freewrapper(susername); + goto error; + } + + if (plainpass == 0) { + if (strchrcount(newhandle->udata, ':') != 2) + { + freewrapper(fullpasspath); + freewrapper(rusername); + freewrapper(susername); + freewrapper(newhandle->udata); + goto error; + } + + newhandle->password = newhandle->udata; + newhandle->homedir = strchr(newhandle->udata, ':') + 1; + + /* lets hope this doesn't cause heart attacks. It may not + work with flakey C compilers */ + newhandle->homedir[-1] = 0; + newhandle->rootdir = strchr(newhandle->homedir, ':') + 1; + newhandle->rootdir[-1] = 0; + } else { + newhandle->password = newhandle->udata; + newhandle->homedir = NULL; + newhandle->rootdir = NULL; + } + freewrapper(fullpasspath); + freewrapper(rusername); + //freewrapper(susername); /* that has been put in handle->username */ + + *err = AUTH_OK; + //printf("I'm hunger for battle!\n"); + return(newhandle); + +error: + *err = AUTH_USERNKNOW; + freewrapper(newhandle); + return(NULL); +} + +void userauth_freehandle(void *h) +{ + PASSWDSTRUCT *handle = (PASSWDSTRUCT *)h; + + freewrapper(handle->udata); + freewrapper(handle->username); + freewrapper(handle); +} + +int userauth_checkpasswd(void *h, char *password, char **errmsg) +{ + PASSWDSTRUCT *handle = (PASSWDSTRUCT *)h; + + if (handle->rootdir) + return(chkpassword(handle->password, password)); + return !strcmp(handle->password, password); +} + +char *userauth_gethomedir(void *h) +{ + return("/"); +} + +char *userauth_getrootdir(void *h) +{ + return("/"); +} + +uid_t userauth_getuseruid(void *h) +{ + return(((PASSWDSTRUCT *)h)->passent->pw_uid); +} + +gid_t userauth_getusergid(void *h) +{ + return(((PASSWDSTRUCT *)h)->passent->pw_gid); +} + +gid_t *userauth_getusersupgid(void *h) +{ + return(getusergrouplist(((PASSWDSTRUCT *)h)->passent->pw_name)); +} + +char *userauth_getbaseuser(void *h) +{ + PASSWDSTRUCT *handle = (PASSWDSTRUCT *)h; + return(handle->passent->pw_name); +} + +char *userauth_getsubuser(void *h) +{ + PASSWDSTRUCT *handle = (PASSWDSTRUCT *)h; + return(handle->username); +} + +PERMSTRUCT userauth_commands = +{ + userauth_checkpasswd, + userauth_gethomedir, + userauth_getrootdir, + userauth_getuseruid, + userauth_getusergid, + userauth_getusersupgid, + userauth_gethandle, + userauth_freehandle, + userauth_getbaseuser, + userauth_getsubuser, + NULL, +}; diff -Nru orig/muddleftpd-1.3.13.1/src/cfloader.c muddleftpd-1.3.13.1/src/cfloader.c --- orig/muddleftpd-1.3.13.1/src/cfloader.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/cfloader.c 2007-07-24 16:05:54.343356602 -0600 @@ -34,9 +34,22 @@ NULL, NULL, NULL, - NULL + NULL, + NULL, + 0, + 0 }; +int decodeportsstr(char *xstr, int *pl, int *ph) +{ + char * portsstr; + portsstr=strdupwrapper(xstr); + if (portsstr == NULL) + return(FALSE); + strtrimspace(portsstr); + return(sscanf(portsstr, "%d,%d", pl, ph) == 2); +} + char *gethostname2(void) { char *hostname; @@ -163,6 +176,15 @@ &(newvs->authwait), dvs->authwait / 1000); newvs->authwait *= 1000; + loadstrfromconfig(cf->configfile, section, "masquerade_address", + &(newvs->masquerade_address), dvs->masquerade_address); + + loadstrfromconfig(cf->configfile, section, "passive_ports", + &(setting), "0,0"); + if (!decodeportsstr(setting, &(newvs->passive_port_low), &(newvs->passive_port_high))) { + newvs->passive_port_low=0; + newvs->passive_port_high=0; + } loadstrfromconfig(cf->configfile, section, "logfile", &(newvs->logfile), dvs->logfile); loadstrfromconfig(cf->configfile, section, "busydumpdata", diff -Nru orig/muddleftpd-1.3.13.1/src/ftp.c muddleftpd-1.3.13.1/src/ftp.c --- orig/muddleftpd-1.3.13.1/src/ftp.c 2003-10-02 13:38:21.000000000 -0600 +++ muddleftpd-1.3.13.1/src/ftp.c 2007-07-24 16:05:54.410346418 -0600 @@ -818,8 +818,9 @@ peer->remoteport = 0; - peer->passiveport = listenparrelelport(peer->remotefd, &(peer->remoteport), &a1, 5); - + for (peer->remoteport = peer->vserver->passive_port_low;(peer->remoteport <= peer->vserver->passive_port_high) && + (peer->passiveport = listenparrelelport(peer->remotefd, &(peer->remoteport), &a1, 5)) == -1; peer->remoteport++); + if (peer->passiveport == -1) { peer->passiveport = 0; @@ -827,6 +828,10 @@ return(FALSE); } select_addfd(peer->sel, peer->passiveport); + if (peer->vserver->masquerade_address) { + inet_aton(peer->vserver->masquerade_address, &a1); + a1 = htonl(a1); + } a2 = ((a1 >> 8) & 255); a3 = ((a1 >> 16) & 255); a4 = ((a1 >> 24) & 255); diff -Nru orig/muddleftpd-1.3.13.1/src/ftpd.h muddleftpd-1.3.13.1/src/ftpd.h --- orig/muddleftpd-1.3.13.1/src/ftpd.h 2003-11-02 09:03:27.000000000 -0700 +++ muddleftpd-1.3.13.1/src/ftpd.h 2007-07-24 16:05:54.480335778 -0600 @@ -57,7 +57,9 @@ #include #include #include +#ifndef __FreeBSD__ #include +#endif #include #include @@ -273,6 +275,9 @@ char *greetline; char *toobusy; struct vserver *next; + char *masquerade_address; + int passive_port_low; + int passive_port_high; } VSERVER; typedef struct vserverconn diff -Nru orig/muddleftpd-1.3.13.1/src/Makefile.in muddleftpd-1.3.13.1/src/Makefile.in --- orig/muddleftpd-1.3.13.1/src/Makefile.in 2003-11-02 09:38:07.000000000 -0700 +++ muddleftpd-1.3.13.1/src/Makefile.in 2007-07-24 16:05:53.715452058 -0600 @@ -30,7 +30,8 @@ ftp.c ftplist.c ftpout.c ftpsite.c ftpstat.c ftpstate.c ftptrans.c \ init.c logger.c main.c myglob.c newfile.c procnum.c proxy.c ratio.c \ select.c shmem.c socket.c string.c utils.c version.c \ - util/pwgrent.c util/snprintf.c util/strerror.c + util/pwgrent.c util/snprintf.c util/strerror.c \ + authuser.c WHOSRC = ftpwho.c util/strerror.c utils.c string.c config.c newfile.c \ version.c util/snprintf.c util/pwgrent.c @@ -41,7 +42,7 @@ util/pwgrent.c MUDLOGDSRC = mudlogd.c util/strerror.c util/snprintf.c config.c utils.c \ - newfile.c version.c string.c + newfile.c version.c string.c util/pwgrent.c ifdef NEWMALLOC SRC += malloc.c @@ -104,10 +105,10 @@ install: all mkdir -p $(BINDIR) - install $(MUDOUTPROG) -m 755 $(BINDIR) - install $(WHOPROG) -m 755 $(BINDIR) - install $(MUDPASSWDPROG) -m 755 $(BINDIR) - install $(MUDLOGD) -m 755 $(BINDIR) + install -m 755 $(MUDOUTPROG) $(BINDIR) + install -m 755 $(WHOPROG) $(BINDIR) + install -m 755 $(MUDPASSWDPROG) $(BINDIR) + install -m 755 $(MUDLOGD) $(BINDIR) clean: rm -f $(MUDOUTPROG) $(WHOPROG) *.o *~ core DEADJOE util/*.o diff -Nru orig/muddleftpd-1.3.13.1/src/string.c muddleftpd-1.3.13.1/src/string.c --- orig/muddleftpd-1.3.13.1/src/string.c 2003-11-02 09:03:29.000000000 -0700 +++ muddleftpd-1.3.13.1/src/string.c 2007-07-24 16:05:54.788288962 -0600 @@ -91,7 +91,7 @@ while(count < slen) { /* be very aggressive. Only printable charaters! */ - if ((*pos1 >= 32) && (*pos1 <= 126)) + if ((*pos1 >= 32) && (*pos1 <= 255)) { *pos2 = *pos1; pos2++;