]> git.sesse.net Git - betaftpd/blobdiff - cmds.c
projects / betaftpd / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Made xferlog support slightly more standards-compliant and useful.
[betaftpd] / cmds.c
diff --git a/cmds.c b/cmds.c
index 500d6c28e4d20e900fc5afafbcfd3ec34b90d29d..5bc5bc2e2d6e1475f605ecee6445e4ae84b2d027 100644 (file)
--- a/cmds.c
+++ b/cmds.c
@@ -25,6 +25,10 @@
 #include <stropts.h>
 #endif
 
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
 #if HAVE_SYS_CONF_H
 #include <sys/conf.h>
 #endif
@@ -305,6 +309,7 @@ int cmd_pass(struct conn * const c)
                c->auth = 0;
        } else {
                c->uid = p->pw_uid;
+               c->gid = p->pw_gid;
                strncpy(c->curr_dir, p->pw_dir, 254);
                c->curr_dir[254] = 0;
        }
@@ -324,7 +329,7 @@ int cmd_pass(struct conn * const c)
                ) {
                        c->auth = 0;
                } else {
-                       c->auth = 3;
+                       c->auth = 4;
                }
        }
 #endif /* !WANT_NONROOT */
@@ -340,6 +345,7 @@ int cmd_pass(struct conn * const c)
                chdir(c->curr_dir);
                dump_file(c, 230, "welcome.msg");
 #endif
+               /* Have a different message for anonymous users? */
                numeric(c, 230, "User logged in.");
        }
        return 1;
@@ -406,10 +412,12 @@ int cmd_port(struct conn * const c)
 #if !WANT_NONROOT
                /* need root privilegies for a short while */
                seteuid(getuid());
+               setegid(getgid());
 #endif
                bind(sock, (struct sockaddr *)&sin, sizeof(sin));
 #if !WANT_NONROOT
                seteuid(c->uid);
+               setegid(c->gid);
 #endif
 
                f->sin.sin_family = AF_INET;
@@ -901,7 +909,7 @@ char conn_state[5][27] = {
        "Waiting for e-mail address",
        "Waiting for password",
        "Logged in",
-       "Waiting for password",         /* actually non-existant user */
+       "Logged in",            /* non-anonymous */
 };
 
 char ftran_state[6][42] = {
@@ -1551,7 +1559,7 @@ int cmd_rein(struct conn * const c)
  *             down without clearing any sockets etc. In other words:
  *             Don't use it on a production site.
  */
-void cmd_exit(struct conn * const c)
+int cmd_exit(struct conn * const c)
 {
        while (first_conn->next_conn)
                destroy_conn(first_conn->next_conn);
@@ -1602,8 +1610,10 @@ void parse_command(struct conn *c)
 #if !WANT_NONROOT
                                if (h->do_setuid) {
                                        seteuid(c->uid);
+                                       setegid(c->gid);
                                } else {
-                                       seteuid(0);
+                                       seteuid(getuid());
+                                       setegid(getgid());
                                }
 #endif
 
@@ -1621,7 +1631,10 @@ void parse_command(struct conn *c)
                                if (h->callback(c)) {
                                        c->recv_buf[cmlen] = schar;
 #if !WANT_NONROOT
-                                       if (h->do_setuid) seteuid(getuid());
+                                       if (h->do_setuid) {
+                                               seteuid(getuid());
+                                               setegid(getgid());
+                                       }
 #endif
                                        remove_bytes(c, cmlen);
                                }
Unnamed repository; edit this file 'description' to name the repository.