1 /* $NetBSD: ftpcmd.y,v 1.6 1995/06/03 22:46:45 mycroft Exp $ */
4 * Copyright (c) 1985, 1988, 1993, 1994
5 * The Regents of the University of California. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed by the University of
18 * California, Berkeley and its contributors.
19 * 4. Neither the name of the University nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94
39 * Grammar for FTP commands.
45 #include "ftpd_locl.h"
46 RCSID("$Id: ftpcmd.y,v 1.61.10.2 2004/08/20 15:15:46 lha Exp $");
50 static int hasyyerrored;
55 static int cmd_bytesz;
63 short implemented; /* 1 if command is implemented */
67 extern struct tab cmdtab[];
68 extern struct tab sitetab[];
70 static char *copy (char *);
71 static void help (struct tab *, char *);
73 lookup (struct tab *, char *);
74 static void sizecmd (char *);
75 static RETSIGTYPE toolong (int);
76 static int yylex (void);
78 /* This is for bison */
80 #if !defined(alloca) && !defined(HAVE_ALLOCA)
81 #define alloca(x) malloc(x)
97 USER PASS ACCT REIN QUIT PORT
98 PASV TYPE STRU MODE RETR STOR
99 APPE MLFL MAIL MSND MSOM MSAM
100 MRSQ MRCP ALLO REST RNFR RNTO
101 ABOR DELE CWD LIST NLST SITE
102 sTAT HELP NOOP MKD RMD PWD
103 CDUP STOU SMNT SYST SIZE MDTM
108 AUTH ADAT PROT PBSZ CCC MIC
111 KAUTH KLIST KDESTROY KRBTKFILE AFSLOG
121 %type <i> check_login check_login_no_guest check_secure octal_number byte_size
122 %type <i> struct_code mode_code type_code form_code
123 %type <s> pathstring pathname password username
133 fromname = (char *) 0;
134 restart_point = (off_t) 0;
140 : USER SP username CRLF
145 | PASS SP password CRLF
148 memset ($3, 0, strlen($3));
151 | PORT SP host_port CRLF
158 reply(200, "PORT command successful.");
160 | EPRT SP STRING CRLF
165 | PASV CRLF check_login
170 | EPSV CRLF check_login
175 | EPSV SP STRING CRLF check_login
181 | TYPE SP type_code CRLF
186 if (cmd_form == FORM_N) {
187 reply(200, "Type set to A.");
191 reply(504, "Form must be N.");
195 reply(504, "Type E not implemented.");
199 reply(200, "Type set to I.");
205 if (cmd_bytesz == 8) {
207 "Type set to L (byte size 8).");
210 reply(504, "Byte size must be 8.");
211 #else /* NBBY == 8 */
212 UNIMPLEMENTED for NBBY != 8
213 #endif /* NBBY == 8 */
216 | STRU SP struct_code CRLF
221 reply(200, "STRU F ok.");
225 reply(504, "Unimplemented STRU type.");
228 | MODE SP mode_code CRLF
233 reply(200, "MODE S ok.");
237 reply(502, "Unimplemented MODE type.");
240 | ALLO SP NUMBER CRLF
242 reply(202, "ALLO command ignored.");
244 | ALLO SP NUMBER SP R SP NUMBER CRLF
246 reply(202, "ALLO command ignored.");
248 | RETR SP pathname CRLF check_login
252 if ($5 && name != NULL)
257 | STOR SP pathname CRLF check_login
261 if ($5 && name != NULL)
262 do_store(name, "w", 0);
266 | APPE SP pathname CRLF check_login
270 if ($5 && name != NULL)
271 do_store(name, "a", 0);
275 | NLST CRLF check_login
280 | NLST SP STRING CRLF check_login
284 if ($5 && name != NULL)
285 send_file_list(name);
289 | LIST CRLF check_login
294 | LIST SP pathname CRLF check_login
300 | sTAT SP pathname CRLF check_login
302 if ($5 && $3 != NULL)
311 | DELE SP pathname CRLF check_login_no_guest
313 if ($5 && $3 != NULL)
318 | RNTO SP pathname CRLF check_login_no_guest
322 renamecmd(fromname, $3);
324 fromname = (char *) 0;
326 reply(503, "Bad sequence of commands.");
334 reply(225, "ABOR command successful.");
336 | CWD CRLF check_login
341 | CWD SP pathname CRLF check_login
343 if ($5 && $3 != NULL)
350 help(cmdtab, (char *) 0);
352 | HELP SP STRING CRLF
356 if (strncasecmp(cp, "SITE", 4) == 0) {
363 help(sitetab, (char *) 0);
369 reply(200, "NOOP command successful.");
371 | MKD SP pathname CRLF check_login
373 if ($5 && $3 != NULL)
378 | RMD SP pathname CRLF check_login_no_guest
380 if ($5 && $3 != NULL)
385 | PWD CRLF check_login
390 | CDUP CRLF check_login
397 lreply(211, "Supported features:");
399 lreply(0, " REST STREAM");
403 | OPTS SP STRING CRLF
406 reply(501, "Bad options");
411 help(sitetab, (char *) 0);
413 | SITE SP HELP SP STRING CRLF
417 | SITE SP UMASK CRLF check_login
420 int oldmask = umask(0);
422 reply(200, "Current UMASK is %03o", oldmask);
425 | SITE SP UMASK SP octal_number CRLF check_login_no_guest
428 if (($5 == -1) || ($5 > 0777)) {
429 reply(501, "Bad UMASK value");
431 int oldmask = umask($5);
433 "UMASK set to %03o (was %03o)",
438 | SITE SP CHMOD SP octal_number SP pathname CRLF check_login_no_guest
440 if ($9 && $7 != NULL) {
443 "CHMOD: Mode value must be between 0 and 0777");
444 else if (chmod($7, $5) < 0)
445 perror_reply(550, $7);
447 reply(200, "CHMOD command successful.");
455 "Current IDLE time limit is %d seconds; max %d",
456 ftpd_timeout, maxtimeout);
458 | SITE SP IDLE SP NUMBER CRLF
460 if ($5 < 30 || $5 > maxtimeout) {
462 "Maximum IDLE time must be between 30 and %d seconds",
466 alarm((unsigned) ftpd_timeout);
468 "Maximum IDLE time set to %d seconds",
473 | SITE SP KAUTH SP STRING CRLF check_login
479 reply(500, "Can't be done as guest.");
481 if($7 && $5 != NULL){
482 p = strpbrk($5, " \t");
485 kauth($5, p + strspn(p, " \t"));
493 reply(500, "Command not implemented.");
496 | SITE SP KLIST CRLF check_login
502 reply(500, "Command not implemented.");
505 | SITE SP KDESTROY CRLF check_login
511 reply(500, "Command not implemented.");
514 | SITE SP KRBTKFILE SP STRING CRLF check_login
518 reply(500, "Can't be done as guest.");
524 reply(500, "Command not implemented.");
527 | SITE SP AFSLOG CRLF check_login
531 reply(500, "Can't be done as guest.");
535 reply(500, "Command not implemented.");
538 | SITE SP AFSLOG SP STRING CRLF check_login
542 reply(500, "Can't be done as guest.");
548 reply(500, "Command not implemented.");
551 | SITE SP LOCATE SP STRING CRLF check_login
560 reply(200, "http://www.pdc.kth.se/kth-krb/");
562 | STOU SP pathname CRLF check_login
564 if ($5 && $3 != NULL)
565 do_store($3, "w", 1);
571 #if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
572 reply(215, "UNIX Type: L%d", NBBY);
574 reply(215, "UNKNOWN Type: L%d", NBBY);
579 * SIZE is not in RFC959, but Postel has blessed it and
580 * it will be in the updated RFC.
582 * Return size of file in a format suitable for
583 * using with RESTART (we just count bytes).
585 | SIZE SP pathname CRLF check_login
587 if ($5 && $3 != NULL)
594 * MDTM is not in RFC959, but Postel has blessed it and
595 * it will be in the updated RFC.
597 * Return modification time of file as an ISO 3307
598 * style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx
599 * where xxx is the fractional second (of any precision,
600 * not necessarily 3 digits)
602 | MDTM SP pathname CRLF check_login
604 if ($5 && $3 != NULL) {
606 if (stat($3, &stbuf) < 0)
608 $3, strerror(errno));
609 else if (!S_ISREG(stbuf.st_mode)) {
611 "%s: not a plain file.", $3);
614 time_t mtime = stbuf.st_mtime;
618 "%04d%02d%02d%02d%02d%02d",
632 reply(221, "Goodbye.");
641 : RNFR SP pathname CRLF check_login_no_guest
643 restart_point = (off_t) 0;
645 fromname = renamefrom($3);
646 if (fromname == (char *) 0 && $3) {
651 | REST SP byte_size CRLF
653 fromname = (char *) 0;
654 restart_point = $3; /* XXX $3 is only "int" */
655 reply(350, "Restarting at %ld. %s",
657 "Send STORE or RETRIEVE to initiate transfer.");
659 | AUTH SP STRING CRLF
664 | ADAT SP STRING CRLF
669 | PBSZ SP NUMBER CRLF
673 | PROT SP STRING CRLF
686 | CONF SP STRING CRLF
688 mec($3, prot_confidential);
693 mec($3, prot_private);
705 $$ = (char *)calloc(1, sizeof(char));
715 : NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
718 struct sockaddr_in *sin = (struct sockaddr_in *)data_dest;
720 sin->sin_family = AF_INET;
721 sin->sin_port = htons($9 * 256 + $11);
722 sin->sin_addr.s_addr =
723 htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7);
777 /* this is for a bug in the BBN ftp */
819 * Problem: this production is used for all pathname
820 * processing, but only gives a 550 error reply.
821 * This is a valid reply in some cases but not in others.
823 if (logged_in && $1 && *$1 == '~') {
826 GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
828 memset(&gl, 0, sizeof(gl));
829 if (glob($1, flags, NULL, &gl) ||
831 reply(550, "not found");
834 $$ = strdup(gl.gl_pathv[0]);
850 int ret, dec, multby, digit;
853 * Convert a number that was read as decimal number
854 * to what it would be if it had been read as octal.
865 ret += digit * multby;
874 check_login_no_guest : check_login
878 reply(550, "Permission denied");
882 check_login : check_secure
885 if(($$ = logged_in) == 0)
886 reply(530, "Please login with USER and PASS.");
892 check_secure : /* empty */
895 if(sec_complete && !secure_command()) {
897 reply(533, "Command protection level denied "
898 "for paranoid reasons.");
905 #define CMD 0 /* beginning of command */
906 #define ARGS 1 /* expect miscellaneous arguments */
907 #define STR1 2 /* expect SP followed by STRING */
908 #define STR2 3 /* expect STRING */
909 #define OSTR 4 /* optional SP then STRING */
910 #define ZSTR1 5 /* SP then optional STRING */
911 #define ZSTR2 6 /* optional STRING after SP */
912 #define SITECMD 7 /* SITE command */
913 #define NSTR 8 /* Number followed by a string */
915 struct tab cmdtab[] = { /* In order defined in RFC 765 */
916 { "USER", USER, STR1, 1, "<sp> username" },
917 { "PASS", PASS, ZSTR1, 1, "<sp> password" },
918 { "ACCT", ACCT, STR1, 0, "(specify account)" },
919 { "SMNT", SMNT, ARGS, 0, "(structure mount)" },
920 { "REIN", REIN, ARGS, 0, "(reinitialize server state)" },
921 { "QUIT", QUIT, ARGS, 1, "(terminate service)", },
922 { "PORT", PORT, ARGS, 1, "<sp> b0, b1, b2, b3, b4" },
923 { "EPRT", EPRT, STR1, 1, "<sp> string" },
924 { "PASV", PASV, ARGS, 1, "(set server in passive mode)" },
925 { "EPSV", EPSV, OSTR, 1, "[<sp> foo]" },
926 { "TYPE", TYPE, ARGS, 1, "<sp> [ A | E | I | L ]" },
927 { "STRU", STRU, ARGS, 1, "(specify file structure)" },
928 { "MODE", MODE, ARGS, 1, "(specify transfer mode)" },
929 { "RETR", RETR, STR1, 1, "<sp> file-name" },
930 { "STOR", STOR, STR1, 1, "<sp> file-name" },
931 { "APPE", APPE, STR1, 1, "<sp> file-name" },
932 { "MLFL", MLFL, OSTR, 0, "(mail file)" },
933 { "MAIL", MAIL, OSTR, 0, "(mail to user)" },
934 { "MSND", MSND, OSTR, 0, "(mail send to terminal)" },
935 { "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)" },
936 { "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)" },
937 { "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)" },
938 { "MRCP", MRCP, STR1, 0, "(mail recipient)" },
939 { "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)" },
940 { "REST", REST, ARGS, 1, "<sp> offset (restart command)" },
941 { "RNFR", RNFR, STR1, 1, "<sp> file-name" },
942 { "RNTO", RNTO, STR1, 1, "<sp> file-name" },
943 { "ABOR", ABOR, ARGS, 1, "(abort operation)" },
944 { "DELE", DELE, STR1, 1, "<sp> file-name" },
945 { "CWD", CWD, OSTR, 1, "[ <sp> directory-name ]" },
946 { "XCWD", CWD, OSTR, 1, "[ <sp> directory-name ]" },
947 { "LIST", LIST, OSTR, 1, "[ <sp> path-name ]" },
948 { "NLST", NLST, OSTR, 1, "[ <sp> path-name ]" },
949 { "SITE", SITE, SITECMD, 1, "site-cmd [ <sp> arguments ]" },
950 { "SYST", SYST, ARGS, 1, "(get type of operating system)" },
951 { "STAT", sTAT, OSTR, 1, "[ <sp> path-name ]" },
952 { "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" },
953 { "NOOP", NOOP, ARGS, 1, "" },
954 { "MKD", MKD, STR1, 1, "<sp> path-name" },
955 { "XMKD", MKD, STR1, 1, "<sp> path-name" },
956 { "RMD", RMD, STR1, 1, "<sp> path-name" },
957 { "XRMD", RMD, STR1, 1, "<sp> path-name" },
958 { "PWD", PWD, ARGS, 1, "(return current directory)" },
959 { "XPWD", PWD, ARGS, 1, "(return current directory)" },
960 { "CDUP", CDUP, ARGS, 1, "(change to parent directory)" },
961 { "XCUP", CDUP, ARGS, 1, "(change to parent directory)" },
962 { "STOU", STOU, STR1, 1, "<sp> file-name" },
963 { "SIZE", SIZE, OSTR, 1, "<sp> path-name" },
964 { "MDTM", MDTM, OSTR, 1, "<sp> path-name" },
966 /* extensions from RFC2228 */
967 { "AUTH", AUTH, STR1, 1, "<sp> auth-type" },
968 { "ADAT", ADAT, STR1, 1, "<sp> auth-data" },
969 { "PBSZ", PBSZ, ARGS, 1, "<sp> buffer-size" },
970 { "PROT", PROT, STR1, 1, "<sp> prot-level" },
971 { "CCC", CCC, ARGS, 1, "" },
972 { "MIC", MIC, STR1, 1, "<sp> integrity command" },
973 { "CONF", CONF, STR1, 1, "<sp> confidentiality command" },
974 { "ENC", ENC, STR1, 1, "<sp> privacy command" },
977 { "FEAT", FEAT, ARGS, 1, "" },
978 { "OPTS", OPTS, ARGS, 1, "<sp> command [<sp> options]" },
983 struct tab sitetab[] = {
984 { "UMASK", UMASK, ARGS, 1, "[ <sp> umask ]" },
985 { "IDLE", IDLE, ARGS, 1, "[ <sp> maximum-idle-time ]" },
986 { "CHMOD", CHMOD, NSTR, 1, "<sp> mode <sp> file-name" },
987 { "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" },
989 { "KAUTH", KAUTH, STR1, 1, "<sp> principal [ <sp> ticket ]" },
990 { "KLIST", KLIST, ARGS, 1, "(show ticket file)" },
991 { "KDESTROY", KDESTROY, ARGS, 1, "(destroy tickets)" },
992 { "KRBTKFILE", KRBTKFILE, STR1, 1, "<sp> ticket-file" },
993 { "AFSLOG", AFSLOG, OSTR, 1, "[<sp> cell]" },
995 { "LOCATE", LOCATE, STR1, 1, "<sp> globexpr" },
996 { "FIND", LOCATE, STR1, 1, "<sp> globexpr" },
998 { "URL", URL, ARGS, 1, "?" },
1000 { NULL, 0, 0, 0, 0 }
1004 lookup(struct tab *p, char *cmd)
1007 for (; p->name != NULL; p++)
1008 if (strcmp(cmd, p->name) == 0)
1014 * ftpd_getline - a hacked up version of fgets to ignore TELNET escape codes.
1017 ftpd_getline(char *s, int n)
1024 /* might still be data within the security MIC/CONF/ENC */
1026 strlcpy(s, ftp_command, n);
1028 syslog(LOG_DEBUG, "command: %s", s);
1031 while ((c = getc(stdin)) != EOF) {
1034 if ((c = getc(stdin)) != EOF) {
1040 printf("%c%c%c", IAC, DONT, 0377&c);
1046 printf("%c%c%c", IAC, WONT, 0377&c);
1052 continue; /* ignore command */
1057 if (--n <= 0 || c == '\n')
1060 if (c == EOF && cs == s)
1064 if (!guest && strncasecmp("pass ", s, 5) == 0) {
1065 /* Don't syslog passwords */
1066 syslog(LOG_DEBUG, "command: %.5s ???", s);
1071 /* Don't syslog trailing CR-LF */
1074 while (cp >= s && (*cp == '\n' || *cp == '\r')) {
1078 syslog(LOG_DEBUG, "command: %.*s", len, s);
1082 fprintf(stderr, "%s\n", s);
1092 "Timeout (%d seconds): closing control connection.",
1095 syslog(LOG_INFO, "User %s timed out after %d seconds",
1096 (pw ? pw -> pw_name : "unknown"), ftpd_timeout);
1104 static int cpos, state;
1116 signal(SIGALRM, toolong);
1117 alarm((unsigned) ftpd_timeout);
1118 if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) {
1119 reply(221, "You could at least say goodbye.");
1123 #ifdef HAVE_SETPROCTITLE
1124 if (strncasecmp(cbuf, "PASS", 4) != 0)
1125 setproctitle("%s: %s", proctitle, cbuf);
1126 #endif /* HAVE_SETPROCTITLE */
1127 if ((cp = strchr(cbuf, '\r'))) {
1131 if ((cp = strpbrk(cbuf, " \n")))
1138 p = lookup(cmdtab, cbuf);
1141 if (p->implemented == 0) {
1153 if (cbuf[cpos] == ' ') {
1158 if ((cp2 = strpbrk(cp, " \n")))
1163 p = lookup(sitetab, cp);
1166 if (p->implemented == 0) {
1180 if (cbuf[cpos] == '\n') {
1189 if (cbuf[cpos] == ' ') {
1200 if (cbuf[cpos] == '\n') {
1211 * Make sure the string is nonempty and \n terminated.
1213 if (n > 1 && cbuf[cpos] == '\n') {
1215 yylval.s = copy(cp);
1223 if (cbuf[cpos] == ' ') {
1227 if (isdigit((unsigned char)cbuf[cpos])) {
1229 while (isdigit((unsigned char)cbuf[++cpos]))
1233 yylval.i = atoi(cp);
1242 if (isdigit((unsigned char)cbuf[cpos])) {
1244 while (isdigit((unsigned char)cbuf[++cpos]))
1248 yylval.i = atoi(cp);
1252 switch (cbuf[cpos++]) {
1316 fatal("Unknown state in scanner.");
1333 if ((cp = strchr(cbuf,'\n')))
1335 reply(500, "'%s': command not understood.", cbuf);
1346 fatal("Ran out of memory.");
1351 help(struct tab *ctab, char *s)
1358 if (ctab == sitetab)
1362 width = 0, NCMDS = 0;
1363 for (c = ctab; c->name != NULL; c++) {
1364 int len = strlen(c->name);
1370 width = (width + 8) &~ 7;
1375 lreply(214, "The following %scommands are recognized %s.",
1376 type, "(* =>'s unimplemented)");
1377 columns = 76 / width;
1380 lines = (NCMDS + columns - 1) / columns;
1381 for (i = 0; i < lines; i++) {
1382 strlcpy (buf, " ", sizeof(buf));
1383 for (j = 0; j < columns; j++) {
1384 c = ctab + j * lines + i;
1385 snprintf (buf + strlen(buf),
1386 sizeof(buf) - strlen(buf),
1389 c->implemented ? ' ' : '*');
1390 if (c + lines >= &ctab[NCMDS])
1392 w = strlen(c->name) + 1;
1400 lreply(214, "%s", buf);
1402 reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se");
1406 c = lookup(ctab, s);
1407 if (c == (struct tab *)0) {
1408 reply(502, "Unknown command %s.", s);
1412 reply(214, "Syntax: %s%s %s", type, c->name, c->help);
1414 reply(214, "%s%-*s\t%s; unimplemented.", type, width,
1419 sizecmd(char *filename)
1425 if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode))
1426 reply(550, "%s: not a plain file.", filename);
1428 reply(213, "%lu", (unsigned long)stbuf.st_size);
1436 fin = fopen(filename, "r");
1438 perror_reply(550, filename);
1441 if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) {
1442 reply(550, "%s: not a plain file.", filename);
1448 while((c=getc(fin)) != EOF) {
1449 if (c == '\n') /* will get expanded to \r\n */
1455 reply(213, "%lu", (unsigned long)count);
1459 reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]);