Date: Sun, 16 Feb 2003 18:27:52 +0100 From: Michael Ranner <mranner@inode.at> To: freebsd-current@freebsd.org Cc: "David O'Brien" <obrien@FreeBSD.org> Subject: login_cap(3) for lukemftpd (resource limit, MAC support ...) Message-ID: <200302161827.52269.mranner@inode.at>
next in thread | raw e-mail | index | archive | help
--Boundary-00=_Yo8T+mE+gknFKJE Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Hello David, hello list! According to a thread about lukemftpd several months ago, there are several points speaking against lukemftpd in the base system, - missing PAM - missing login_cap were the main arguments against lukemftpd, as far I can remember. In the meantime, David has incorporated a patch for supporting PAM. So I started to take some code bits from the original ftpd to add login_cap support and to activate wtmp/utmp support in lukemftpd. You can find the patches (against 5-CURRENT) attached to this mail. Regards, /\/\ichael Ranner mranner@jawa.at - mranner@bitonline.cc - webmaster@mariazell.at ---------------------------------------------------------------------- JAWA Management Software GmbH - http://www.jawa.at/ Liebenauer Hauptstrasse 2oo - A-8041 Graz Tel +43 316 403274 21 - Fax +43 316 403274 10 ---------------------------------------------------------------------- Mariazell Online - http://www.mariazell.at/ ---------------------------------------------------------------------- -----BEGIN GEEK CODE BLOCK----- GIT/CS/AT dx(-) s+:(++:) a- C++ UBLVS++++$ P++>+++$ L-(+)$ E--- W+++$ N+(++) o-- K- w--()$ O-(--) M@ V-(--) PS+>++ PE(-) Y+ PGP(-) t+ 5+ X+++(++++) R* tv++ b+(++) DI++ D-(--) G- e h--(*) r++ y? ------END GEEK CODE BLOCK------ --Boundary-00=_Yo8T+mE+gknFKJE Content-Type: text/x-diff; charset="us-ascii"; name="patch-Makefile" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="patch-Makefile" --- Makefile.orig Sun Feb 16 15:35:58 2003 +++ Makefile Sun Feb 16 15:29:34 2003 @@ -9,7 +9,7 @@ PROG= lukemftpd MAN= lukemftpd.8 ftpd.conf.5 ftpusers.5 MLINKS= ftpusers.5 ftpchroot.5 -SRCS= cmds.c conf.c ftpd.c ftpcmd.y popen.c +SRCS= cmds.c conf.c ftpd.c ftpcmd.y logutmp.c logwtmp.c popen.c SRCS+= strsuftoll.c WFORMAT= 0 @@ -28,7 +28,7 @@ DPADD+= ${LIBM} LDADD+= -lm -CFLAGS+= -DUSE_OPIE -DUSE_PAM +CFLAGS+= -DUSE_OPIE -DUSE_PAM -DSUPPORT_UTMP -DLOGIN_CAP DPADD+= ${LIBOPIE} ${LIBPAM} LDADD+= -lopie -lpam --Boundary-00=_Yo8T+mE+gknFKJE Content-Type: text/x-csrc; charset="us-ascii"; name="patch-logutmp.c" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="patch-logutmp.c" --- src/logutmp.c.old Sat May 26 16:07:13 2001 +++ src/logutmp.c Sat May 26 16:07:39 2001 @@ -45,7 +45,7 @@ */ void -login(const UTMP *ut) +ftpd_login(const UTMP *ut) { UTMP ubuf; @@ -85,7 +85,7 @@ } int -logout(const char *line) +ftpd_logout(const char *line) { UTMP ut; int rval; --Boundary-00=_Yo8T+mE+gknFKJE Content-Type: text/x-csrc; charset="us-ascii"; name="patch-logwtmp.c" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="patch-logwtmp.c" --- src/logwtmp.c.orig Sun Feb 16 14:56:13 2003 +++ src/logwtmp.c Sun Feb 16 17:24:20 2003 @@ -73,7 +73,7 @@ * after login, but before logout). */ void -logwtmp(const char *line, const char *name, const char *host) +ftpd_logwtmp(const char *line, const char *name, const char *host) { struct utmp ut; struct stat buf; --Boundary-00=_Yo8T+mE+gknFKJE Content-Type: text/x-csrc; charset="us-ascii"; name="patch-ftpd.c" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="patch-ftpd.c" 171a172,174 > #ifdef LOGIN_CAP > #include <login_cap.h> > #endif 979c982 < login(&utmp); --- > ftpd_login(&utmp); 982c985 < logwtmp(line, name, host); --- > ftpd_logwtmp(line, name, host); 996c999 < okwtmp = logout(ttyline) & dowtmp; --- > okwtmp = ftpd_logout(ttyline) & dowtmp; 1004c1007 < logwtmp(ttyline, "", ""); --- > ftpd_logwtmp(ttyline, "", ""); 1031a1035,1039 > #ifdef LOGIN_CAP > setusercontext(NULL, getpwuid(0), (uid_t)0, > LOGIN_SETPRIORITY|LOGIN_SETRESOURCES|LOGIN_SETUMASK| > LOGIN_SETMAC); > #endif 1045a1054,1056 > #ifdef LOGIN_CAP > login_cap_t *lc = NULL; > #endif 1156a1168,1195 > > #ifdef LOGIN_CAP > if ((lc = login_getpwclass(pw)) != NULL) { > char remote_ip[MAXHOSTNAMELEN]; > > getnameinfo((struct sockaddr *)&his_addr, his_addr.su_len, > remote_ip, sizeof(remote_ip) - 1, NULL, 0, > NI_NUMERICHOST); > remote_ip[sizeof(remote_ip) - 1] = 0; > if (!auth_hostok(lc, remotehost, remote_ip)) { > syslog(LOG_INFO|LOG_AUTH, > "FTP LOGIN FAILED (HOST) as %s: permission denied.", > pw->pw_name); > reply(530, "Permission denied.\n"); > pw = NULL; > return; > } > if (!auth_timeok(lc, time(NULL))) { > reply(530, "Login not available right now.\n"); > pw = NULL; > return; > } > } > setusercontext(lc, pw, (uid_t)0, > LOGIN_SETPRIORITY| > LOGIN_SETRESOURCES|LOGIN_SETUMASK|LOGIN_SETMAC); > #endif > 1349a1389,1391 > #ifdef LOGIN_CAP > login_close(lc); > #endif 1353a1396,1398 > #ifdef LOGIN_CAP > login_close(lc); > #endif --Boundary-00=_Yo8T+mE+gknFKJE-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302161827.52269.mranner>