PSARC 2011/088 Replace WU-ftpd with modern FTP server proftpd
6938409 Solaris needs new ftpd replacing dead WU-ftpd
5084971 FTP needs TLS security
6319934 ftp server should support file transfer auditing
6630488 FTP manifest for SMF is incomplete and not arc compliant
--- proftpd-1.3.3e/modules/mod_core.c Sun Feb 20 18:36:38 2011
+++ proftpd-1.3.3e/modules/mod_core.c Tue Jun 7 02:34:09 2011
@@ -3974,11 +3974,13 @@
dir = dir_canonical_path(cmd->tmp_pool, dir);
if (!dir) {
+ cmd->error_code = EINVAL;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(EINVAL));
return PR_ERROR(cmd);
}
if (!dir_check_canon(cmd->tmp_pool, cmd, cmd->group, dir, NULL)) {
+ cmd->error_code = EACCES;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(EACCES));
return PR_ERROR(cmd);
}
@@ -3985,6 +3987,7 @@
if (pr_fsio_rmdir(dir) < 0) {
int xerrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error removing directory '%s': %s", cmd->argv[0], session.user,
@@ -4033,11 +4036,13 @@
dir = dir_canonical_path(cmd->tmp_pool, dir);
if (!dir) {
+ cmd->error_code = EINVAL;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(EINVAL));
return PR_ERROR(cmd);
}
if (!dir_check_canon(cmd->tmp_pool, cmd, cmd->group, dir, NULL)) {
+ cmd->error_code = EACCES;
pr_log_debug(DEBUG8, "%s command denied by <Limit> config", cmd->argv[0]);
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(EACCES));
return PR_ERROR(cmd);
@@ -4045,6 +4050,7 @@
if (pr_fsio_mkdir(dir, 0777) < 0) {
int xerrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error making directory '%s': %s", cmd->argv[0], session.user,
@@ -4067,6 +4073,7 @@
if (pr_fsio_chown(dir, session.fsuid, session.fsgid) == -1) {
iserr++;
err = errno;
+ cmd->error_code = errno;
}
PRIVS_RELINQUISH
@@ -4111,6 +4118,7 @@
}
if (res == -1) {
+ cmd->error_code = errno;
pr_log_pri(PR_LOG_WARNING, "%schown() failed: %s",
use_root_privs ? "root " : "", strerror(errno));
@@ -4153,6 +4161,7 @@
if (!path ||
!dir_check(cmd->tmp_pool, cmd, cmd->group, path, NULL) ||
pr_fsio_stat(path, &st) == -1) {
+ cmd->error_code = errno;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
@@ -4251,11 +4260,13 @@
/* If told to delete a symlink, don't delete the file it points to! */
path = dir_canonical_path(cmd->tmp_pool, path);
if (!path) {
+ cmd->error_code = ENOENT;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(ENOENT));
return PR_ERROR(cmd);
}
if (!dir_check_canon(cmd->tmp_pool, cmd, cmd->group, path, NULL)) {
+ cmd->error_code = errno;
pr_log_debug(DEBUG7, "deleting '%s' denied by <Limit> configuration", path);
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
@@ -4268,6 +4279,7 @@
memset(&st, 0, sizeof(st));
pr_fs_clear_cache();
if (pr_fsio_lstat(path, &st) < 0) {
+ cmd->error_code = errno;
pr_log_debug(DEBUG3, "unable to lstat '%s': %s", path, strerror(errno));
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
@@ -4278,6 +4290,7 @@
* EISDIR).
*/
if (S_ISDIR(st.st_mode)) {
+ cmd->error_code = EISDIR;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error deleting '%s': %s", cmd->argv[0], session.user,
(unsigned long) session.uid, (unsigned long) session.gid, path,
@@ -4291,6 +4304,7 @@
if (pr_fsio_unlink(path) < 0) {
int xerrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error deleting '%s': %s", cmd->argv[0], session.user,
@@ -4375,6 +4389,7 @@
!dir_check_canon(cmd->tmp_pool, cmd, cmd->group, path, NULL) ||
pr_fsio_rename(session.xfer.path, path) == -1) {
int xerrno = errno;
+ cmd->error_code = errno;
if (xerrno != EXDEV) {
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
@@ -4391,6 +4406,7 @@
*/
if (pr_fs_copy_file(session.xfer.path, path) < 0) {
xerrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error copying '%s' to '%s': %s", cmd->argv[0], session.user,
@@ -4404,6 +4420,8 @@
/* Once copied, unlink the original file. */
if (pr_fsio_unlink(session.xfer.path) < 0) {
+ cmd->error_code = errno;
+
pr_log_debug(DEBUG0, "error unlinking '%s': %s", session.xfer.path,
strerror(errno));
}
@@ -4458,6 +4476,7 @@
if (!path ||
!dir_check_canon(cmd->tmp_pool, cmd, cmd->group, path, NULL) ||
!exists(path)) {
+ cmd->error_code = errno;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
}
--- proftpd-1.3.3e/modules/mod_xfer.c Fri Feb 25 18:46:45 2011
+++ x/proftpd-1.3.3e/modules/mod_xfer.c Tue Jun 7 03:45:03 2011
@@ -1180,6 +1180,7 @@
if (cmd->argc < 2) {
pr_response_add_err(R_500, _("'%s' not understood"), get_full_cmd(cmd));
+ cmd->error_code = EINVAL;
errno = EINVAL;
return PR_ERROR(cmd);
}
@@ -1190,6 +1191,7 @@
if (!path ||
!dir_check(cmd->tmp_pool, cmd, cmd->group, path, NULL)) {
int xerrno = errno;
+ cmd->error_code = errno;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(xerrno));
@@ -1200,6 +1202,7 @@
if (xfer_check_limit(cmd) < 0) {
pr_response_add_err(R_451, _("%s: Too many transfers"), cmd->arg);
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
@@ -1212,6 +1215,7 @@
pr_log_debug(DEBUG6, "AllowOverwrite denied permission for %s", cmd->arg);
pr_response_add_err(R_550, _("%s: Overwrite permission denied"), cmd->arg);
errno = EACCES;
+ cmd->error_code = EACCES;
return PR_ERROR(cmd);
}
@@ -1233,6 +1237,7 @@
) {
pr_response_add_err(R_550, _("%s: Not a regular file"), cmd->arg);
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
}
@@ -1250,6 +1255,7 @@
cmd->arg);
session.restart_pos = 0L;
session.xfer.xfer_type = STOR_DEFAULT;
+ cmd->error_code = EPERM;
errno = EPERM;
return PR_ERROR(cmd);
}
@@ -1256,9 +1262,11 @@
/* Otherwise everthing is good */
if (pr_table_add(cmd->notes, "mod_xfer.store-path",
- pstrdup(cmd->pool, path), 0) < 0)
+ pstrdup(cmd->pool, path), 0) < 0) {
+ cmd->error_code = errno;
pr_log_pri(PR_LOG_NOTICE, "notice: error adding 'mod_xfer.store-path': %s",
strerror(errno));
+ }
c = find_config(CURRENT_CONF, CONF_PARAM, "HiddenStores", FALSE);
if (c &&
@@ -1269,6 +1277,7 @@
if (session.restart_pos) {
pr_response_add_err(R_501,
_("REST not compatible with server configuration"));
+ cmd->error_code = EINVAL;
errno = EINVAL;
return PR_ERROR(cmd);
}
@@ -1333,6 +1342,7 @@
tmpfd = mkstemp(filename);
if (tmpfd < 0) {
+ cmd->error_code = errno;
pr_log_pri(PR_LOG_ERR, "error: unable to use mkstemp(): %s",
strerror(errno));
@@ -1357,6 +1367,7 @@
if (!filename ||
!dir_check(cmd->tmp_pool, cmd, cmd->group, filename, NULL)) {
+ cmd->error_code = errno;
int xerrno = errno;
/* Do not forget to delete the file created by mkstemp(3) if there is
@@ -1434,6 +1445,7 @@
if (xfer_check_limit(cmd) < 0) {
pr_response_add_err(R_451, _("%s: Too many transfers"), cmd->arg);
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
@@ -1487,6 +1499,7 @@
O_WRONLY|(session.restart_pos ? 0 : O_CREAT|O_EXCL));
if (stor_fh == NULL) {
ferrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error opening '%s': %s", cmd->argv[0], session.user,
@@ -1499,6 +1512,7 @@
if (stor_fh) {
if (pr_fsio_lseek(stor_fh, 0, SEEK_END) == (off_t) -1) {
+ cmd->error_code = errno;
pr_log_debug(DEBUG4, "unable to seek to end of '%s' for appending: %s",
cmd->arg, strerror(errno));
(void) pr_fsio_close(stor_fh);
@@ -1507,6 +1521,7 @@
} else {
ferrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error opening '%s': %s", cmd->argv[0], session.user,
@@ -1520,6 +1535,7 @@
O_WRONLY|(session.restart_pos ? 0 : O_TRUNC|O_CREAT));
if (stor_fh == NULL) {
ferrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error opening '%s': %s", cmd->argv[0], session.user,
@@ -1533,11 +1549,13 @@
int xerrno = 0;
if (pr_fsio_lseek(stor_fh, session.restart_pos, SEEK_SET) == -1) {
+ cmd->error_code = errno;
pr_log_debug(DEBUG4, "unable to seek to position %" PR_LU " of '%s': %s",
(pr_off_t) session.restart_pos, cmd->arg, strerror(errno));
xerrno = errno;
} else if (pr_fsio_stat(path, &st) == -1) {
+ cmd->error_code = errno;
pr_log_debug(DEBUG4, "unable to stat '%s': %s", cmd->arg,
strerror(errno));
xerrno = errno;
@@ -1665,6 +1683,7 @@
res = pr_fsio_write(stor_fh, lbuf, len);
if (res != len) {
int xerrno = EIO;
+ cmd->error_code = errno;
if (res < 0)
xerrno = errno;
@@ -1716,16 +1735,19 @@
*/
#if defined(EDQUOT)
if (errno == EDQUOT) {
+ cmd->error_code = EDQUOT;
pr_response_add_err(R_552, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
}
#elif defined(EFBIG)
if (errno == EFBIG) {
+ cmd->error_code = EFBIG;
pr_response_add_err(R_552, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
}
#endif
+ cmd->error_code = errno;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(errno));
return PR_ERROR(cmd);
}
@@ -1733,6 +1755,7 @@
if (session.xfer.path &&
session.xfer.path_hidden) {
if (pr_fsio_rename(session.xfer.path_hidden, session.xfer.path) != 0) {
+ cmd->error_code = errno;
/* This should only fail on a race condition with a chmod/chown
* or if STOR_APPEND is on and the permissions are squirrely.
@@ -1830,6 +1853,7 @@
if (cmd->argc < 2) {
pr_response_add_err(R_500, _("'%s' not understood"), get_full_cmd(cmd));
errno = EINVAL;
+ cmd->error_code = EINVAL;
return PR_ERROR(cmd);
}
@@ -1839,6 +1863,7 @@
if (!dir ||
!dir_check(cmd->tmp_pool, cmd, cmd->group, dir, NULL)) {
int xerrno = errno;
+ cmd->error_code = errno;
pr_response_add_err(R_550, "%s: %s", cmd->arg, strerror(xerrno));
@@ -1849,6 +1874,7 @@
if (xfer_check_limit(cmd) < 0) {
pr_response_add_err(R_451, _("%s: Too many transfers"), cmd->arg);
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
@@ -1865,6 +1891,7 @@
) {
pr_response_add_err(R_550, _("%s: Not a regular file"), cmd->arg);
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
@@ -1879,6 +1906,7 @@
cmd->arg);
session.restart_pos = 0L;
errno = EPERM;
+ cmd->error_code = EPERM;
return PR_ERROR(cmd);
}
@@ -1908,6 +1936,7 @@
retr_fh = pr_fsio_open(dir, O_RDONLY);
if (retr_fh == NULL) {
int xerrno = errno;
+ cmd->error_code = errno;
(void) pr_trace_msg("fileperms", 1, "%s, user '%s' (UID %lu, GID %lu): "
"error opening '%s': %s", cmd->argv[0], session.user,
@@ -1921,6 +1950,7 @@
if (pr_fsio_stat(dir, &st) < 0) {
/* Error stat'ing the file. */
int xerrno = errno;
+ cmd->error_code = errno;
pr_fsio_close(retr_fh);
errno = xerrno;
@@ -1945,6 +1975,7 @@
if (pr_fsio_lseek(retr_fh, session.restart_pos,
SEEK_SET) == (off_t) -1) {
int xerrno = errno;
+ cmd->error_code = errno;
pr_fsio_close(retr_fh);
errno = xerrno;
retr_fh = NULL;
@@ -2003,6 +2034,7 @@
retr_abort();
/* Set errno to EPERM ("Operation not permitted") */
+ cmd->error_code = EPERM;
pr_data_abort(EPERM, FALSE);
return PR_ERROR(cmd);
}
@@ -2034,6 +2066,7 @@
* is preserved; errno itself might be overwritten in retr_abort().
*/
int xerrno = errno;
+ cmd->error_code = errno;
retr_abort();
--- proftpd-1.3.3e/include/dirtree.h Fri Mar 25 17:49:04 2011
+++ x/proftpd-1.3.3e/include/dirtree.h Tue Jun 7 02:07:51 2011
@@ -113,6 +113,8 @@
int class; /* The command class */
int stash_index; /* hack to speed up symbol hashing in modules.c */
pr_table_t *notes; /* Private data for passing/retaining between handlers */
+
+ int error_code; /* stores errno of failed file transfer commands*/
} cmd_rec;
struct config_struc {