remove prototypes with no matching function and externs with no var
partly checked by millert@

remove setproctitle() prototype that matches the one in stdlib.h

Constify function parameters.

OK martijn@

Removes the useless FILE* parameter of get_line().
While here fix minor whitespace mistake.

"looks fine to me" chris@

Simplify globbing of ftpd(8)s list and nlst commands.
Also avoid command option injection for ls(1).

OK martijn@

rm dead code and simplify ftpd_popen. this code has only called
its statically linked ls_main for some time now.
from Jan Klemkow
ok deraadt

fix custom popen to return pid to caller instead of tracking in a giant
array. this implies we can't use a function pointer for close, but also
means we get to repair some abuse of the comma operator

fix custom popen to return pid to caller instead of tracking in a giant
array. this implies we can't use a function pointer for close, but also
means we get to repair some abuse of the comma operator.
ok miod

show more ...

In preparation for getline and getdelim additions to libc, rename getline()
occurrences to get_line().
Based on a diff from Jan Klemkow <j-dot-klemkow-at-wemelug-dot-de> to tech.

Don't split large commands into multiple commands on a 512-byte
boundary but just fail on them. This prevents CSRF-like attacks,
when a web browser is used to access an ftp server.

Reported by Maksy

Don't split large commands into multiple commands on a 512-byte
boundary but just fail on them. This prevents CSRF-like attacks,
when a web browser is used to access an ftp server.

Reported by Maksymilian Arciemowicz <cxib@securityreason.com>.

ok millert@ martynas@

show more ...

lint cleanup; ok ray moritz dhill

some -Wimplicit-function-declaration cleaning; ok millert@

privilege seperate ftpd
handle the pre-authentication phase (minus a tiny tiny tiny amount
of code after accept()) in an unprivileged process, asking the
privileged monitor for help where needed.
wor

privilege seperate ftpd
handle the pre-authentication phase (minus a tiny tiny tiny amount
of code after accept()) in an unprivileged process, asking the
privileged monitor for help where needed.
work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me
tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com

show more ...

spacing

make this match protos; millert ok

Remove the advertising clause in the UCB license which Berkeley
rescinded 22 July 1999. Proofed by myself and Theo.

si_len should be u_int8_t, not socklen_t; form@form.openbsd.ru

i heard in the bar that this breaks things

u_char -> {socklen_t, sa_family_t, in_port_t}. From form@.

millert@ ok

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be don

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

show more ...

$OpenBSD$

cleanup EPSV/EPRT error handling. avoid possible memory leak (getaddrinfo).
correct error code on unsupported protocol parameter against EPRT (522).

IPv6 support from KAME.
XXX kerberos and tcp_wrapper needs checking

partial Wall

ftpd now eventually times out if a ftp client does:
pasv
list
and then crashes.
The timeout should only apply the the accept(), so that transfers can
take as long as necessary to complete.
Thanks to

ftpd now eventually times out if a ftp client does:
pasv
list
and then crashes.
The timeout should only apply the the accept(), so that transfers can
take as long as necessary to complete.
Thanks to Theo for moving toolong() to extern.h so that it can be used
in ftpd.c as well as in ftpcmd.y.

show more ...

initial import of NetBSD tree