diff --git a/ChangeLog b/ChangeLog index abe13a2..25df880 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,9 +11,19 @@ Version NEXT simpler help message. server_install: zero length filename cancels upload in progress this change is needed for upcoming gftp/fsplib support. - PROTOCOL: CC_INSTALL: document zero length filename, use request - position for sizing of extra data. - PROTOCOL: CC_SET_PRO: Use request position for sizing of extra data. + PROTOCOL: CC_INSTALL command: + document zero length filename + use request position for sizing of extra data. + PROTOCOL: CC_SET_PRO command: + use request position for sizing of extra data. + fprocmd: do not send \0 terminated ACL change string + use request position for sizing of extra data. + autogen.sh: Prefer automake19 on FreeBSD platform + fprocmd now works without directory name supplied on command line. + directory from environment is used instead + fput: use request position for sizing of extra (timestamp) data. + use new upload cancel feature on user abort/kill. + fspd: default inetd timeout increased to 5 minutes. Version 2.8.1b21 - 1 Nov 2004 check for errors while copying files in fspd. @@ -104,7 +114,7 @@ Version 2.8.1b20 - 26 Oct 2004 lamerz guide added text rotate tool added -Version 2.8.1b19 - 11 jan 2004 +Version 2.8.1b19 - 11 Jan 2004 sven has added fspget URL command to setup.sh. fixed case for mklargefile.py in tests/Makefile.am added --enable-debug switch to configure for enabling extra diff --git a/TODO b/TODO index 3944393..9a83d48 100644 --- a/TODO +++ b/TODO @@ -18,17 +18,17 @@ symlink to FILE can escape from FSP root directory. OLD known problem. symlink support must be reworked before final release. PROTOCOL-RELATED BUGS: -add real,portable error codes support to CC_ERR extended data area. +we should add real,portable error codes support to CC_ERR extended data area. PORTING Sven's Slowaris 8 compile problem Sven's AIX compile problem -not builds on freebsd 4 and FreeBSD 5 - non intel platforms? +still not builds on freebsd 4 and FreeBSD 5 - non intel platforms? NEEDS IMPROVMENT: Client LIBRARY -:high: +:mid: we should retune retry algoritm for better support lines with higher packed loss. On common internet lines current one works okay. add more detailed stats from retry alg. @@ -46,7 +46,6 @@ drop this library and use libfsp instead CLIENTS :high: -fpro without directory name do not works normalize return error codes of all clients write new clients for new commands - fpasswd finfo :low: @@ -69,9 +68,9 @@ report number of clients connected, size of hostable in new command special defence against rapid/double fire clients (burst command in fspclient) Native Supports for symbolic links (needed for mirroring Debian) new LSTAT COMMAND -write FSP_CHANGE_PASSWORD command :midle:may not be in 2.8.2 +write FSP_CHANGE_PASSWORD command improve RENAME FSP command * cross directory renames are unsuported for now * server can send error reply even to denied per directory clients @@ -105,10 +104,10 @@ libraries and support for FSP protocol DONE: FSP library for Java DONE: FSP over HTTP +ALMOST DONE: new small,light fsplib for C. FSP plugin for Netscape/MSIE. Not possible to write protocol plugins with Netscape 3 SDK we have fsproxy now. -WIP: new small,light fsplib for C. FSP backend for APT Transfer HTTP over fsp transport FSP support to lftp,wget,curl,gftp diff --git a/autogen.sh b/autogen.sh index ed886ce..69c0d89 100755 --- a/autogen.sh +++ b/autogen.sh @@ -16,15 +16,17 @@ echo "Generating configure and friends..." if [ `uname -s` = 'FreeBSD' ]; then echo "* FreeBSD detected" echo "* Using autoconf 2.59" - if [ -x /usr/local/bin/automake18 ]; then + if [ -x /usr/local/bin/automake19 ]; then + echo "* Using automake 1.9" + ACLOCAL=aclocal19; export ACLOCAL + AUTOMAKE=automake19; export AUTOMAKE + elif [ -x /usr/local/bin/automake18 ]; then echo "* Using automake 1.8" ACLOCAL=aclocal18; export ACLOCAL AUTOMAKE=automake18; export AUTOMAKE else - echo "* Using automake 1.9" - ACLOCAL=aclocal19; export ACLOCAL - AUTOMAKE=automake19; export AUTOMAKE - fi + echo "* Using system default automake" + fi #Use autoconf 2.59 + automake 1.X pair AUTOHEADER=autoheader259; export AUTOHEADER AUTOCONF=autoconf259; export AUTOCONF diff --git a/client/util.c b/client/util.c index 75163e9..b1b5b97 100644 --- a/client/util.c +++ b/client/util.c @@ -405,7 +405,7 @@ int util_upload (char * path, FILE * fp, time_t stamp) else { BB_WRITE4(buf,stamp); - ub = client_interact(CC_INSTALL,pos,strlen(fpath), + ub = client_interact(CC_INSTALL,stamp==0?0:4,strlen(fpath), (unsigned char *)fpath+1, stamp==0?0:4, (unsigned char *)buf); } diff --git a/clients/fprocmd.c b/clients/fprocmd.c index 264f688..97f1744 100644 --- a/clients/fprocmd.c +++ b/clients/fprocmd.c @@ -47,8 +47,8 @@ static int set_pro (char * p, char * key) op = util_abs_path(p); - ub = client_interact(CC_SET_PRO,0L, strlen(op), (unsigned char *)op+1, - strlen(key)+1, (unsigned char *)key); + ub = client_interact(CC_SET_PRO,strlen(key), strlen(op), (unsigned char *)op+1, + strlen(key), (unsigned char *)key); if(ub->cmd == CC_ERR) { fprintf(stderr, "ERR: %s\n",ub->buf); return(1); @@ -66,17 +66,22 @@ int main (int argc, char ** argv) env_client(); if(argv[1] && (argv[1][0] == '+' || argv[1][0] == '-') && !argv[1][2]) { - /* set pro command */ - key = *++argv; - while(*++argv) { - if(!(av = glob(*argv))) { - av = av2; - av2[0] = *argv; - av2[1] = 0; - } - while(*av) set_pro(*av++,key); + /* set pro command */ + if (argc > 2) + { + key = *++argv; + while(*++argv) { + if(!(av = glob(*argv))) { + av = av2; + av2[0] = *argv; + av2[1] = 0; + } + while(*av) set_pro(*av++,key); + } } + else set_pro(env_dir,key); } else { + /* get pro command */ if(argv[1]) while(*++argv) { if(!(av = glob(*argv))) { av = av2; diff --git a/clients/fput.c b/clients/fput.c index 4ac0324..65a8468 100644 --- a/clients/fput.c +++ b/clients/fput.c @@ -48,13 +48,25 @@ static int put_file (char * path) if(*t2 == '/') name = t2 + 1; if( (fp = fopen(path,"rb"))) { - util_upload(name,fp,timestamps==1?sb.st_mtime:0); + util_upload(name,fp,timestamps==1?sb.st_mtime:0L); fclose(fp); } else fprintf(stderr,"Cannot read %s\n",path); return(0); } +static RETSIGTYPE upload_cleanup (int signum) +{ + UBUF *ub; + + env_timeout = 10; + ub=client_interact(CC_INSTALL,0L, 1, "", 0, (unsigned char *)NULLP); + if(ub->cmd==CC_UP_LOAD) + ub=client_interact(CC_INSTALL,0L, 1, "", 0, (unsigned char *)NULLP); + client_done(); + exit(1); +} + int main (int argc, char ** argv) { char n[1024]; @@ -66,7 +78,23 @@ int main (int argc, char ** argv) exit(1); } + signal(SIGHUP,upload_cleanup); + signal(SIGINT,upload_cleanup); + signal(SIGQUIT,upload_cleanup); + signal(SIGILL,upload_cleanup); + signal(SIGTRAP,upload_cleanup); + signal(SIGFPE,upload_cleanup); + signal(SIGSEGV,upload_cleanup); +#ifndef __linux__ + signal(SIGEMT,upload_cleanup); + signal(SIGBUS,upload_cleanup); + signal(SIGSYS,upload_cleanup); +#endif + signal(SIGPIPE,upload_cleanup); + signal(SIGTERM,upload_cleanup); + while ((optletter=getopt(argc, argv,"ph?")) != EOF) + { switch (optletter) { case 'h': case '?': @@ -75,8 +103,12 @@ int main (int argc, char ** argv) case 'p': timestamps=1; } + } if(argc > optind) - while(*++argv) put_file(*argv); + { + while(argc > optind) + put_file(argv[optind++]); + } else { prompt = isatty(0); while(1) { diff --git a/doc/PROTOCOL b/doc/PROTOCOL index 89f01c2..7de7335 100644 --- a/doc/PROTOCOL +++ b/doc/PROTOCOL @@ -53,6 +53,11 @@ Transport packets with this, underlying transport must make size of received packet available to FSP protocol stack at server side. Without this information, full support for extra data area is not possible. + Partial support for extra data is still possible: Some + commands are carrying size of extra data in file position field and + client side checksums contains total packet size. Using checksums + for decoding of length of extra data is last resort, because + checksums are only one byte in size. Servers can still send extra data in reply to CC_VERSION and CC_GET_PRO because length of extra data is recorded in position @@ -85,7 +90,7 @@ Security many people wants it and there were hacked version of FSP with password support floating around. Passwords are transmitted in clear text over network which makes them a weak protection for determined - intruder. + intruder when transfered over unsecured network. FSP Packet format: HEADER - size = Fixed size 12 bytes. Always present. @@ -125,7 +130,11 @@ protocols, which are using at least CRC16 checksum types. FSP server fed by random data can resist for hours without falsely accepting random data as valid FSP packet. This demonstration shows, that these checksums when very easy to compute, are sufficient for guarding -against line noise. +against line noise. + +Note: +IP/UDP packet has its own crc16 checksum, but FSP protocol checksum is +used as protection against received non FSPv2 UDP packets. KEY Client's message to server contain a KEY value that is the same as the KEY diff --git a/doc/fsp-faq.sgml b/doc/fsp-faq.sgml index 051afa6..4c77f71 100644 --- a/doc/fsp-faq.sgml +++ b/doc/fsp-faq.sgml @@ -334,7 +334,7 @@ in March 1996. This version is used on some servers today because Debian Woody has it, but 2.7.1 is still used on some forgotten machines in universities. It has also - known security issues (fspd follows symlinks), but at this + known security issues (fspd follows all symlinks), but at this time there were viewed as feature, not a bug. diff --git a/man/fprocmd.1 b/man/fprocmd.1 index 3d5d808..b46e558 100644 --- a/man/fprocmd.1 +++ b/man/fprocmd.1 @@ -6,14 +6,14 @@ fprocmd, fpro \- get or set permissions for directories in the FSP database [ .B +c|-c|+d|-d|+g|-g|+m|-m|+l|-l|+r|-r ] -.I directory +.I [ directory ] \&.\|.\|. .LP .B fpro [ .B +c|-c|+d|-d|+g|-g|+m|-m|+l|-l|+r|-r ] -.I directory +.I [ directory ] \&.\|.\|. .SH DESCRIPTION .LP diff --git a/server/file.c b/server/file.c index 29f247f..fbc49e2 100644 --- a/server/file.c +++ b/server/file.c @@ -892,7 +892,7 @@ const char *server_install (PPATH * pp, unsigned long inet_num, if (dbug) fprintf(stderr,"server_install: tname: %s, pp->fullp: %s\n",tname, pp->fullp); /* zero length filename */ - if( pp->f_len + pp->d_len == 0 ) + if( strcmp(pp->fullp,".") == 0 ) { if (dbug) fprintf(stderr,"server_install: zero length name. aborting upload.\n"); diff --git a/server/main.c b/server/main.c index 5ee0d85..d996dbc 100644 --- a/server/main.c +++ b/server/main.c @@ -301,7 +301,9 @@ int main (int argc, char ** argv) /* set timeouts */ if(inetd_mode) { - if(inetd_timeout==0) inetd_timeout=120*1000L; /* 2. minutes */ + if(inetd_timeout==0) + /* 5. minutes is maximum resend timeout required by protocol */ + inetd_timeout=300*1000L; }else { if(inetd_timeout==0 || !dbug) diff --git a/server/server.c b/server/server.c index 0b7b3b0..af89b0a 100644 --- a/server/server.c +++ b/server/server.c @@ -687,7 +687,9 @@ static void server_process_packet (unsigned bytes, UBUF * ub, int old, send_error(from, ub, pe) ; return; } - CHECK_ACCESS_RIGHTS(DIR_ADD,L_INSTALL); + if(l1>1) { + CHECK_ACCESS_RIGHTS(DIR_ADD,L_INSTALL); + } pe = server_install(&pp,inet_num,port_num,pe,di,l2,s2); if(pe) {