Article delegate-en/4559 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4558@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FTP extended passive mode issues
09 Sep 2009 20:50:06 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A4558@delegate-en.ML_> on 09/10/09(04:48:23) I wrote:
 |In message <_A4557@delegate-en.ML_> on 09/09/09(22:37:17)
 |you Sebastien Barbereau <pzaiqbdyi-e6yeroaerylr.ml@ml.delegate.org> wrote:
 | |Hi,
 | |I've tried the patch but this doesnt do the job. While it recognizes the
 | |"noepsv:cl" command it doesnt do anything about it. Using your code for
 | |"nopasvcl" i've added a few lines of code:
 |...
 | |This does the trick (at least for me). If the client attempts some EPSV
 | |he gets rejected, then he tries on PASV and gets through.
 |...
 | |Let me know if i'm completely wrong.
 |
 |You are right.  I'll apply the modification to the next release (9.9.5-pre8).

The modification will be as the enclosed patch.
Since "nopasv" has been used to disable any passive data-connection
including PASV and EPSV, I added "doepsv" to indicate enabling EPSV. 

  FTPCONF=nopasv     ... disable PASV and EPSV both with client and server
  FTPCONF=nopasv:cl            ... disable PASV and EPSV from client
  FTPCONF=noepsv:cl            ... disable EPSV from client
  FTPCONF=nopasv:cl,doepsv:cl  ... disable PASV from client

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

*** dist/src/delegate9.9.5-pre7/src/ftp.c	Tue Sep  8 17:02:20 2009
--- ./src/ftp.c	Thu Sep 10 05:25:23 2009
***************
*** 71,76 ****
--- 71,77 ----
  	int	fc_chokedata;
  	int	fc_noxdcSV;	/* don't use XDC with server */
  	int	fc_noxdcCL;
+ 	int	fc_doepsvCL;
  	int	fc_noepsvCL;
  	int	fc_nopasvSV;	/* don't use PASV with server */
  	int	fc_nopasvCL;
***************
*** 379,384 ****
--- 380,388 ----
  	if( strcaseeq(what,"CHOKEDATA") ){
  		FCF.fc_chokedata = atoi(val);
  	}else
+ 	if( strcaseeq(what,"DOEPSV") ){
+ 		if( *val == 0 || strcaseeq(val,"cl") ) FCF.fc_doepsvCL = 1;
+ 	}else
  	if( strcaseeq(what,"NOEPSV") ){
  		if( *val == 0 || strcaseeq(val,"cl") ) FCF.fc_noepsvCL = 1;
  	}else
***************
*** 2185,2191 ****
  		fprintf(tc," MLST %s\r\n",FEAT_MLS);
  	}
  	fprintf(tc," SIZE\r\n");
! 	if( !FCF.fc_nopasvCL )
  	if( !FCF.fc_noepsvCL )
  		fprintf(tc," EPSV\r\n");
  	if( !FCF.fc_noportCL )
--- 2189,2195 ----
  		fprintf(tc," MLST %s\r\n",FEAT_MLS);
  	}
  	fprintf(tc," SIZE\r\n");
! 	if( !FCF.fc_nopasvCL || FCF.fc_doepsvCL )
  	if( !FCF.fc_noepsvCL )
  		fprintf(tc," EPSV\r\n");
  	if( !FCF.fc_noportCL )
***************
*** 5542,5551 ****
--- 5546,5561 ----
  		put_get(ts,fs,AVStr(resp),sizeof(resp),"PASV\r\n");
  		goto EXIT;
  	}
+ 	if( FCF.fc_doepsvCL && strcaseeq(FS->fs_curcom,"EPSV") ){
+ 	}else
  	if( FCF.fc_nopasvCL ){
  		sprintf(resp,"500 PASV is disabled.\r\n");
  		goto EXIT;
  	}
+ 	if( FCF.fc_noepsvCL && strcaseeq(FS->fs_curcom,"EPSV") ){
+ 		sprintf(resp,"500 EPSV is disabled.\r\n");
+ 		goto EXIT;
+ 	}
  
  	/* cannot accept multiple times via SOCKS */
  	if( tc != NULL )

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V