search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vsftpd ver. 2.2.0 (08/13/2009)
[tomato.git] / release / src / router / vsftpd / ftpdataio.c
blob6fe4a151e185c6e01b40def742bc4c5e90a5b261
1 /*
2 * Part of Very Secure FTPd
3 * Licence: GPL v2
4 * Author: Chris Evans
5 * ftpdataio.c
6 *
7 * Code to handle FTP data connections. This includes both PORT (server
8 * connects) and PASV (client connects) modes of data transfer. This
9 * includes sends and receives, files and directories.
10 */
11
12 #include "ftpdataio.h"
13 #include "session.h"
14 #include "ftpcmdio.h"
15 #include "ftpcodes.h"
16 #include "utility.h"
17 #include "tunables.h"
18 #include "defs.h"
19 #include "str.h"
20 #include "strlist.h"
21 #include "sysutil.h"
22 #include "logging.h"
23 #include "secbuf.h"
24 #include "sysstr.h"
25 #include "sysdeputil.h"
26 #include "ascii.h"
27 #include "oneprocess.h"
28 #include "twoprocess.h"
29 #include "ls.h"
30 #include "ssl.h"
31 #include "readwrite.h"
32 #include "privsock.h"
33
34 static void init_data_sock_params(struct vsf_session* p_sess, int sock_fd);
35 static filesize_t calc_num_send(int file_fd, filesize_t init_offset);
36 static struct vsf_transfer_ret do_file_send_sendfile(
37 struct vsf_session* p_sess, int net_fd, int file_fd,
38 filesize_t curr_file_offset, filesize_t bytes_to_send);
39 static struct vsf_transfer_ret do_file_send_rwloop(
40 struct vsf_session* p_sess, int file_fd, int is_ascii);
41 static struct vsf_transfer_ret do_file_recv(
42 struct vsf_session* p_sess, int file_fd, int is_ascii);
43 static void handle_sigalrm(void* p_private);
44 static void start_data_alarm(struct vsf_session* p_sess);
45 static void handle_io(int retval, int fd, void* p_private);
46 static int transfer_dir_internal(
47 struct vsf_session* p_sess, int is_control, struct vsf_sysutil_dir* p_dir,
48 const struct mystr* p_base_dir_str, const struct mystr* p_option_str,
49 const struct mystr* p_filter_str, int is_verbose);
50 static int write_dir_list(struct vsf_session* p_sess,
51 struct mystr_list* p_dir_list,
52 enum EVSFRWTarget target);
53 static unsigned int get_chunk_size();
54
55 int
56 vsf_ftpdataio_dispose_transfer_fd(struct vsf_session* p_sess)
57 {
58 int dispose_ret = 1;
59 int retval;
60 if (p_sess->data_fd == -1)
61 {
62 bug("no data descriptor in vsf_ftpdataio_dispose_transfer_fd");
63 }
64 /* Reset the data connection alarm so it runs anew with the blocking close */
65 start_data_alarm(p_sess);
66 vsf_sysutil_uninstall_io_handler();
67 if (p_sess->data_use_ssl && p_sess->ssl_slave_active)
68 {
69 char result;
70 priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_CLOSE);
71 result = priv_sock_get_result(p_sess->ssl_consumer_fd);
72 if (result != PRIV_SOCK_RESULT_OK)
73 {
74 dispose_ret = 0;
75 }
76 }
77 else if (p_sess->p_data_ssl)
78 {
79 dispose_ret = ssl_data_close(p_sess);
80 }
81 /* This close() blocks because we set SO_LINGER */
82 retval = vsf_sysutil_close_failok(p_sess->data_fd);
83 if (vsf_sysutil_retval_is_error(retval))
84 {
85 /* Do it again without blocking. */
86 vsf_sysutil_deactivate_linger_failok(p_sess->data_fd);
87 (void) vsf_sysutil_close_failok(p_sess->data_fd);
88 }
89 if (tunable_data_connection_timeout > 0)
90 {
91 vsf_sysutil_clear_alarm();
92 }
93 p_sess->data_fd = -1;
94 return dispose_ret;
95 }
96
97 int
98 vsf_ftpdataio_get_pasv_fd(struct vsf_session* p_sess)
99 {
100 int remote_fd;
101 if (tunable_one_process_model)
102 {
103 remote_fd = vsf_one_process_get_pasv_fd(p_sess);
104 }
105 else
106 {
107 remote_fd = vsf_two_process_get_pasv_fd(p_sess);
108 }
109 /* Yes, yes, hardcoded bad I know. */
110 if (remote_fd == -1)
111 {
112 vsf_cmdio_write(p_sess, FTP_BADSENDCONN,
113 "Failed to establish connection.");
114 return remote_fd;
115 }
116 else if (remote_fd == -2)
117 {
118 vsf_cmdio_write(p_sess, FTP_BADSENDCONN, "Security: Bad IP connecting.");
119 vsf_sysutil_close(remote_fd);
120 return -1;
121 }
122 init_data_sock_params(p_sess, remote_fd);
123 return remote_fd;
124 }
125
126 int
127 vsf_ftpdataio_get_port_fd(struct vsf_session* p_sess)
128 {
129 int remote_fd;
130 if (tunable_one_process_model || tunable_port_promiscuous)
131 {
132 remote_fd = vsf_one_process_get_priv_data_sock(p_sess);
133 }
134 else
135 {
136 remote_fd = vsf_two_process_get_priv_data_sock(p_sess);
137 }
138 if (vsf_sysutil_retval_is_error(remote_fd))
139 {
140 vsf_cmdio_write(p_sess, FTP_BADSENDCONN,
141 "Failed to establish connection.");
142 return -1;
143 }
144 init_data_sock_params(p_sess, remote_fd);
145 return remote_fd;
146 }
147
148 int
149 vsf_ftpdataio_post_mark_connect(struct vsf_session* p_sess)
150 {
151 int ret = 0;
152 if (!p_sess->data_use_ssl)
153 {
154 return 1;
155 }
156 if (!p_sess->ssl_slave_active)
157 {
158 ret = ssl_accept(p_sess, p_sess->data_fd);
159 }
160 else
161 {
162 int sock_ret;
163 priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_DO_SSL_HANDSHAKE);
164 priv_sock_send_fd(p_sess->ssl_consumer_fd, p_sess->data_fd);
165 sock_ret = priv_sock_get_result(p_sess->ssl_consumer_fd);
166 if (sock_ret == PRIV_SOCK_RESULT_OK)
167 {
168 ret = 1;
169 }
170 }
171 if (ret != 1)
172 {
173 static struct mystr s_err_msg;
174 str_alloc_text(&s_err_msg, "SSL connection failed");
175 if (tunable_require_ssl_reuse)
176 {
177 str_append_text(&s_err_msg, "; session reuse required");
178 str_append_text(
179 &s_err_msg, ": see require_ssl_reuse option in vsftpd.conf man page");
180 }
181 vsf_cmdio_write_str(p_sess, FTP_DATATLSBAD, &s_err_msg);
182 }
183 return ret;
184 }
185
186 static void
187 handle_sigalrm(void* p_private)
188 {
189 struct vsf_session* p_sess = (struct vsf_session*) p_private;
190 if (!p_sess->data_progress)
191 {
192 vsf_cmdio_write_exit(p_sess, FTP_DATA_TIMEOUT,
193 "Data timeout. Reconnect. Sorry.");
194 }
195 p_sess->data_progress = 0;
196 start_data_alarm(p_sess);
197 }
198
199 void
200 start_data_alarm(struct vsf_session* p_sess)
201 {
202 if (tunable_data_connection_timeout > 0)
203 {
204 vsf_sysutil_install_sighandler(kVSFSysUtilSigALRM,
205 handle_sigalrm,
206 p_sess,
207 1);
208 vsf_sysutil_set_alarm(tunable_data_connection_timeout);
209 }
210 else if (tunable_idle_session_timeout > 0)
211 {
212 vsf_sysutil_clear_alarm();
213 }
214 }
215
216 static void
217 init_data_sock_params(struct vsf_session* p_sess, int sock_fd)
218 {
219 if (p_sess->data_fd != -1)
220 {
221 bug("data descriptor still present in init_data_sock_params");
222 }
223 p_sess->data_fd = sock_fd;
224 p_sess->data_progress = 0;
225 vsf_sysutil_activate_keepalive(sock_fd);
226 /* And in the vague hope it might help... */
227 vsf_sysutil_set_iptos_throughput(sock_fd);
228 /* Set up lingering, so that we wait for all data to transfer, and report
229 * more accurate transfer rates.
230 */
231 vsf_sysutil_activate_linger(sock_fd);
232 /* Start the timeout monitor */
233 vsf_sysutil_install_io_handler(handle_io, p_sess);
234 start_data_alarm(p_sess);
235 }
236
237 static void
238 handle_io(int retval, int fd, void* p_private)
239 {
240 long curr_sec;
241 long curr_usec;
242 unsigned int bw_rate;
243 double elapsed;
244 double pause_time;
245 double rate_ratio;
246 struct vsf_session* p_sess = (struct vsf_session*) p_private;
247 if (p_sess->data_fd != fd || vsf_sysutil_retval_is_error(retval) ||
248 retval == 0)
249 {
250 return;
251 }
252 /* Note that the session hasn't stalled, i.e. don't time it out */
253 p_sess->data_progress = 1;
254 /* Apply bandwidth quotas via a little pause, if necessary */
255 if (p_sess->bw_rate_max == 0)
256 {
257 return;
258 }
259 /* Calculate bandwidth rate */
260 vsf_sysutil_update_cached_time();
261 curr_sec = vsf_sysutil_get_cached_time_sec();
262 curr_usec = vsf_sysutil_get_cached_time_usec();
263 elapsed = (double) (curr_sec - p_sess->bw_send_start_sec);
264 elapsed += (double) (curr_usec - p_sess->bw_send_start_usec) /
265 (double) 1000000;
266 if (elapsed <= (double) 0)
267 {
268 elapsed = (double) 0.01;
269 }
270 bw_rate = (unsigned int) ((double) retval / elapsed);
271 if (bw_rate <= p_sess->bw_rate_max)
272 {
273 p_sess->bw_send_start_sec = curr_sec;
274 p_sess->bw_send_start_usec = curr_usec;
275 return;
276 }
277 /* Tut! Rate exceeded, calculate a pause to bring things back into line */
278 rate_ratio = (double) bw_rate / (double) p_sess->bw_rate_max;
279 pause_time = (rate_ratio - (double) 1) * elapsed;
280 vsf_sysutil_sleep(pause_time);
281 vsf_sysutil_update_cached_time();
282 p_sess->bw_send_start_sec = vsf_sysutil_get_cached_time_sec();
283 p_sess->bw_send_start_usec = vsf_sysutil_get_cached_time_usec();
284 }
285
286 int
287 vsf_ftpdataio_transfer_dir(struct vsf_session* p_sess, int is_control,
288 struct vsf_sysutil_dir* p_dir,
289 const struct mystr* p_base_dir_str,
290 const struct mystr* p_option_str,
291 const struct mystr* p_filter_str,
292 int is_verbose)
293 {
294 return transfer_dir_internal(p_sess, is_control, p_dir, p_base_dir_str,
295 p_option_str, p_filter_str, is_verbose);
296 }
297
298 static int
299 transfer_dir_internal(struct vsf_session* p_sess, int is_control,
300 struct vsf_sysutil_dir* p_dir,
301 const struct mystr* p_base_dir_str,
302 const struct mystr* p_option_str,
303 const struct mystr* p_filter_str,
304 int is_verbose)
305 {
306 struct mystr_list dir_list = INIT_STRLIST;
307 struct mystr_list subdir_list = INIT_STRLIST;
308 struct mystr dir_prefix_str = INIT_MYSTR;
309 struct mystr_list* p_subdir_list = 0;
310 struct str_locate_result loc_result = str_locate_char(p_option_str, 'R');
311 int failed = 0;
312 enum EVSFRWTarget target = kVSFRWData;
313 if (is_control)
314 {
315 target = kVSFRWControl;
316 }
317 if (loc_result.found && tunable_ls_recurse_enable)
318 {
319 p_subdir_list = &subdir_list;
320 }
321 vsf_ls_populate_dir_list(&dir_list, p_subdir_list, p_dir, p_base_dir_str,
322 p_option_str, p_filter_str, is_verbose);
323 if (p_subdir_list)
324 {
325 int retval;
326 str_copy(&dir_prefix_str, p_base_dir_str);
327 str_append_text(&dir_prefix_str, ":\r\n");
328 retval = ftp_write_str(p_sess, &dir_prefix_str, target);
329 if (retval != 0)
330 {
331 failed = 1;
332 }
333 }
334 if (!failed)
335 {
336 failed = write_dir_list(p_sess, &dir_list, target);
337 }
338 /* Recurse into the subdirectories if required... */
339 if (!failed)
340 {
341 struct mystr sub_str = INIT_MYSTR;
342 unsigned int num_subdirs = str_list_get_length(&subdir_list);
343 unsigned int subdir_index;
344 for (subdir_index = 0; subdir_index < num_subdirs; subdir_index++)
345 {
346 int retval;
347 struct vsf_sysutil_dir* p_subdir;
348 const struct mystr* p_subdir_str =
349 str_list_get_pstr(&subdir_list, subdir_index);
350 if (str_equal_text(p_subdir_str, ".") ||
351 str_equal_text(p_subdir_str, ".."))
352 {
353 continue;
354 }
355 str_copy(&sub_str, p_base_dir_str);
356 str_append_char(&sub_str, '/');
357 str_append_str(&sub_str, p_subdir_str);
358 p_subdir = str_opendir(&sub_str);
359 if (p_subdir == 0)
360 {
361 /* Unreadable, gone missing, etc. - no matter */
362 continue;
363 }
364 str_alloc_text(&dir_prefix_str, "\r\n");
365 retval = ftp_write_str(p_sess, &dir_prefix_str, target);
366 if (retval != 0)
367 {
368 failed = 1;
369 break;
370 }
371 retval = transfer_dir_internal(p_sess, is_control, p_subdir, &sub_str,
372 p_option_str, p_filter_str, is_verbose);
373 vsf_sysutil_closedir(p_subdir);
374 if (retval != 0)
375 {
376 failed = 1;
377 break;
378 }
379 }
380 str_free(&sub_str);
381 }
382 str_list_free(&dir_list);
383 str_list_free(&subdir_list);
384 str_free(&dir_prefix_str);
385 if (!failed)
386 {
387 return 0;
388 }
389 else
390 {
391 return -1;
392 }
393 }
394
395 /* XXX - really, this should be refactored into a "buffered writer" object */
396 static int
397 write_dir_list(struct vsf_session* p_sess, struct mystr_list* p_dir_list,
398 enum EVSFRWTarget target)
399 {
400 /* This function writes out a list of strings to the client, over the
401 * data socket. We now coalesce the strings into fewer write() syscalls,
402 * which saved 33% CPU time writing a large directory.
403 */
404 int retval = 0;
405 unsigned int dir_index_max = str_list_get_length(p_dir_list);
406 unsigned int dir_index;
407 struct mystr buf_str = INIT_MYSTR;
408 str_reserve(&buf_str, VSFTP_DIR_BUFSIZE);
409 for (dir_index = 0; dir_index < dir_index_max; dir_index++)
410 {
411 str_append_str(&buf_str, str_list_get_pstr(p_dir_list, dir_index));
412 if (dir_index == dir_index_max - 1 ||
413 str_getlen(&buf_str) +
414 str_getlen(str_list_get_pstr(p_dir_list, dir_index + 1)) >
415 VSFTP_DIR_BUFSIZE)
416 {
417 /* Writeout needed - we're either at the end, or we filled the buffer */
418 int writeret = ftp_write_str(p_sess, &buf_str, target);
419 if (writeret != 0)
420 {
421 retval = 1;
422 break;
423 }
424 str_empty(&buf_str);
425 }
426 }
427 str_free(&buf_str);
428 return retval;
429 }
430
431 struct vsf_transfer_ret
432 vsf_ftpdataio_transfer_file(struct vsf_session* p_sess, int remote_fd,
433 int file_fd, int is_recv, int is_ascii)
434 {
435 if (!is_recv)
436 {
437 if (is_ascii || p_sess->data_use_ssl)
438 {
439 return do_file_send_rwloop(p_sess, file_fd, is_ascii);
440 }
441 else
442 {
443 filesize_t curr_offset = vsf_sysutil_get_file_offset(file_fd);
444 filesize_t num_send = calc_num_send(file_fd, curr_offset);
445 return do_file_send_sendfile(
446 p_sess, remote_fd, file_fd, curr_offset, num_send);
447 }
448 }
449 else
450 {
451 return do_file_recv(p_sess, file_fd, is_ascii);
452 }
453 }
454
455 static struct vsf_transfer_ret
456 do_file_send_rwloop(struct vsf_session* p_sess, int file_fd, int is_ascii)
457 {
458 static char* p_readbuf;
459 static char* p_asciibuf;
460 struct vsf_transfer_ret ret_struct = { 0, 0 };
461 unsigned int chunk_size = get_chunk_size();
462 char* p_writefrom_buf;
463 int prev_cr = 0;
464 if (p_readbuf == 0)
465 {
466 vsf_secbuf_alloc(&p_readbuf, VSFTP_DATA_BUFSIZE);
467 }
468 if (is_ascii)
469 {
470 if (p_asciibuf == 0)
471 {
472 /* NOTE!! * 2 factor because we can double the data by doing our ASCII
473 * linefeed mangling
474 */
475 vsf_secbuf_alloc(&p_asciibuf, VSFTP_DATA_BUFSIZE * 2);
476 }
477 p_writefrom_buf = p_asciibuf;
478 }
479 else
480 {
481 p_writefrom_buf = p_readbuf;
482 }
483 while (1)
484 {
485 unsigned int num_to_write;
486 int retval = vsf_sysutil_read(file_fd, p_readbuf, chunk_size);
487 if (vsf_sysutil_retval_is_error(retval))
488 {
489 ret_struct.retval = -1;
490 return ret_struct;
491 }
492 else if (retval == 0)
493 {
494 /* Success - cool */
495 return ret_struct;
496 }
497 if (is_ascii)
498 {
499 struct bin_to_ascii_ret ret =
500 vsf_ascii_bin_to_ascii(p_readbuf,
501 p_asciibuf,
502 (unsigned int) retval,
503 prev_cr);
504 num_to_write = ret.stored;
505 prev_cr = ret.last_was_cr;
506 }
507 else
508 {
509 num_to_write = (unsigned int) retval;
510 }
511 retval = ftp_write_data(p_sess, p_writefrom_buf, num_to_write);
512 if (!vsf_sysutil_retval_is_error(retval))
513 {
514 ret_struct.transferred += (unsigned int) retval;
515 }
516 if (vsf_sysutil_retval_is_error(retval) ||
517 (unsigned int) retval != num_to_write)
518 {
519 ret_struct.retval = -2;
520 return ret_struct;
521 }
522 }
523 }
524
525 static struct vsf_transfer_ret
526 do_file_send_sendfile(struct vsf_session* p_sess, int net_fd, int file_fd,
527 filesize_t curr_file_offset, filesize_t bytes_to_send)
528 {
529 int retval;
530 unsigned int chunk_size = 0;
531 struct vsf_transfer_ret ret_struct = { 0, 0 };
532 filesize_t init_file_offset = curr_file_offset;
533 filesize_t bytes_sent;
534 if (p_sess->bw_rate_max)
535 {
536 chunk_size = get_chunk_size();
537 }
538 /* Just because I can ;-) */
539 retval = vsf_sysutil_sendfile(net_fd, file_fd, &curr_file_offset,
540 bytes_to_send, chunk_size);
541 bytes_sent = curr_file_offset - init_file_offset;
542 ret_struct.transferred = bytes_sent;
543 if (vsf_sysutil_retval_is_error(retval))
544 {
545 ret_struct.retval = -2;
546 return ret_struct;
547 }
548 else if (bytes_sent != bytes_to_send)
549 {
550 ret_struct.retval = -2;
551 return ret_struct;
552 }
553 return ret_struct;
554 }
555
556 static filesize_t
557 calc_num_send(int file_fd, filesize_t init_offset)
558 {
559 static struct vsf_sysutil_statbuf* s_p_statbuf;
560 filesize_t bytes_to_send;
561 /* Work out how many bytes to send based on file size minus current offset */
562 vsf_sysutil_fstat(file_fd, &s_p_statbuf);
563 bytes_to_send = vsf_sysutil_statbuf_get_size(s_p_statbuf);
564 if (init_offset < 0 || bytes_to_send < 0)
565 {
566 die("calc_num_send: negative file offset or send count");
567 }
568 /* Don't underflow if some bonehead sets a REST greater than the file size */
569 if (init_offset > bytes_to_send)
570 {
571 bytes_to_send = 0;
572 }
573 else
574 {
575 bytes_to_send -= init_offset;
576 }
577 return bytes_to_send;
578 }
579
580 static struct vsf_transfer_ret
581 do_file_recv(struct vsf_session* p_sess, int file_fd, int is_ascii)
582 {
583 static char* p_recvbuf;
584 unsigned int num_to_write;
585 struct vsf_transfer_ret ret_struct = { 0, 0 };
586 unsigned int chunk_size = get_chunk_size();
587 int prev_cr = 0;
588 if (p_recvbuf == 0)
589 {
590 /* Now that we do ASCII conversion properly, the plus one is to cater for
591 * the fact we may need to stick a '\r' at the front of the buffer if the
592 * last buffer fragment eneded in a '\r' and the current buffer fragment
593 * does not start with a '\n'.
594 */
595 vsf_secbuf_alloc(&p_recvbuf, VSFTP_DATA_BUFSIZE + 1);
596 }
597 while (1)
598 {
599 const char* p_writebuf = p_recvbuf + 1;
600 int retval = ftp_read_data(p_sess, p_recvbuf + 1, chunk_size);
601 if (vsf_sysutil_retval_is_error(retval))
602 {
603 ret_struct.retval = -2;
604 return ret_struct;
605 }
606 else if (retval == 0 && !prev_cr)
607 {
608 /* Transfer done, nifty */
609 return ret_struct;
610 }
611 num_to_write = (unsigned int) retval;
612 ret_struct.transferred += num_to_write;
613 if (is_ascii)
614 {
615 /* Handle ASCII conversion if we have to. Note that using the same
616 * buffer for source and destination is safe, because the ASCII ->
617 * binary transform only ever results in a smaller file.
618 */
619 struct ascii_to_bin_ret ret =
620 vsf_ascii_ascii_to_bin(p_recvbuf, num_to_write, prev_cr);
621 num_to_write = ret.stored;
622 prev_cr = ret.last_was_cr;
623 p_writebuf = ret.p_buf;
624 }
625 retval = vsf_sysutil_write_loop(file_fd, p_writebuf, num_to_write);
626 if (vsf_sysutil_retval_is_error(retval) ||
627 (unsigned int) retval != num_to_write)
628 {
629 ret_struct.retval = -1;
630 return ret_struct;
631 }
632 }
633 }
634
635 static unsigned int
636 get_chunk_size()
637 {
638 unsigned int ret = VSFTP_DATA_BUFSIZE;
639 if (tunable_trans_chunk_size < VSFTP_DATA_BUFSIZE &&
640 tunable_trans_chunk_size > 0)
641 {
642 ret = tunable_trans_chunk_size;
643 if (ret < 4096)
644 {
645 ret = 4096;
646 }
647 }
648 return ret;
649 }
650
Tomato firmware and modifications.