From 88786696b837e72aa4cb9e0f8ee87c4342c88b46 Mon Sep 17 00:00:00 2001 From: tomatosoup Date: Sat, 1 Aug 2015 11:44:08 +0200 Subject: [PATCH] vsftpd 2.3.5 --- release/src-rt-6.x.4708/router/rc/services.c | 5 --- release/src-rt-6.x.4708/router/vsftpd/Changelog | 15 +++++++++ release/src-rt-6.x.4708/router/vsftpd/FAQ | 5 +-- release/src-rt-6.x.4708/router/vsftpd/README | 2 +- release/src-rt-6.x.4708/router/vsftpd/builddefs.h | 1 + release/src-rt-6.x.4708/router/vsftpd/features.c | 15 +++++---- release/src-rt-6.x.4708/router/vsftpd/logging.c | 2 ++ release/src-rt-6.x.4708/router/vsftpd/oneprocess.c | 4 +++ release/src-rt-6.x.4708/router/vsftpd/opts.c | 2 +- release/src-rt-6.x.4708/router/vsftpd/parseconf.c | 1 - release/src-rt-6.x.4708/router/vsftpd/postlogin.c | 10 +++++- .../src-rt-6.x.4708/router/vsftpd/ptracesandbox.c | 2 +- release/src-rt-6.x.4708/router/vsftpd/secutil.c | 11 ++++++ release/src-rt-6.x.4708/router/vsftpd/sysdeputil.c | 3 +- release/src-rt-6.x.4708/router/vsftpd/sysstr.c | 2 ++ release/src-rt-6.x.4708/router/vsftpd/sysutil.c | 39 +++++++++++++++++++--- release/src-rt-6.x.4708/router/vsftpd/tunables.c | 2 -- release/src-rt-6.x.4708/router/vsftpd/tunables.h | 1 - release/src-rt-6.x.4708/router/vsftpd/twoprocess.c | 2 ++ release/src-rt-6.x.4708/router/vsftpd/vsftpd.conf | 3 ++ release/src-rt-6.x.4708/router/vsftpd/vsftpver.h | 2 +- 21 files changed, 101 insertions(+), 28 deletions(-) diff --git a/release/src-rt-6.x.4708/router/rc/services.c b/release/src-rt-6.x.4708/router/rc/services.c index 741802b4e6..0d2aea18bd 100644 --- a/release/src-rt-6.x.4708/router/rc/services.c +++ b/release/src-rt-6.x.4708/router/rc/services.c @@ -1671,11 +1671,6 @@ static void start_ftpd(void) } } -#ifdef TCONFIG_SAMBASRV - if (nvram_match("smbd_cset", "utf8")) - fprintf(fp, "utf8=yes\n"); -#endif - if (nvram_invmatch("ftp_anonymous", "0")) { fprintf(fp, diff --git a/release/src-rt-6.x.4708/router/vsftpd/Changelog b/release/src-rt-6.x.4708/router/vsftpd/Changelog index 33cded82e0..514bb7845e 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/Changelog +++ b/release/src-rt-6.x.4708/router/vsftpd/Changelog @@ -1259,3 +1259,18 @@ At this point: v2.3.3 released! At this point: v2.3.4 released! =============================== +- Try and force glibc to cache zoneinfo files in an attempt to work around +glibc parsing vulnerability. Thanks to Kingcope. +- Only report CHMOD in SITE HELP if it's enabled. Thanks to Martin Schwenke +. +- Some simple fixes and cleanups from Thorsten Brehm . +- Only advertise "AUTH SSL" if one of SSLv2, SSLv3 is enabled. Thanks to +steve willing . +- Handle connect() failures properly. Thanks to Takayuki Nagata +. +- Add stronger checks for the configuration error of running with a writeable +root directory inside a chroot(). This may bite people who carelessly turned +on chroot_local_user but such is life. + +At this point: v2.3.5 released! +=============================== diff --git a/release/src-rt-6.x.4708/router/vsftpd/FAQ b/release/src-rt-6.x.4708/router/vsftpd/FAQ index 22443e6bd6..59fe56bf17 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/FAQ +++ b/release/src-rt-6.x.4708/router/vsftpd/FAQ @@ -18,13 +18,14 @@ A2) If you run vsftpd in "standalone" mode with the setting listen=YES, then you can investigate the setting (e.g.): max_clients=10 -Q) Help! I'm getting the error message "refusing to run with writable anonymous -root". +Q) Help! I'm getting the error message "refusing to run with writable root". A) vsftpd is protecting against dangerous configurations. The cause of this message is usually dodgy ownership of the ftp home directory. The home directory should NOT be owned by the ftp user itself. Neither should it be writable by the ftp user. A way to fix this is: chown root ~ftp; chmod -w ~ftp +Another cause might be an attempt to use chroot_local_user without setting up +the directory ownership properly. Q) Help! I'm getting the error message "str_getpwnam". A) The most likely cause of this is that the user that is configured as the diff --git a/release/src-rt-6.x.4708/router/vsftpd/README b/release/src-rt-6.x.4708/router/vsftpd/README index 6e9c693503..054206a497 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/README +++ b/release/src-rt-6.x.4708/router/vsftpd/README @@ -1,4 +1,4 @@ -This is vsftpd, version 2.3.4 +This is vsftpd, version 2.3.5 Author: Chris Evans Contact: scarybeasts@gmail.com Website: http://vsftpd.beasts.org/ diff --git a/release/src-rt-6.x.4708/router/vsftpd/builddefs.h b/release/src-rt-6.x.4708/router/vsftpd/builddefs.h index d301b1b1fc..ca1c4a162a 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/builddefs.h +++ b/release/src-rt-6.x.4708/router/vsftpd/builddefs.h @@ -12,5 +12,6 @@ #undef VSF_BUILD_SSL #endif + #endif /* VSF_BUILDDEFS_H */ diff --git a/release/src-rt-6.x.4708/router/vsftpd/features.c b/release/src-rt-6.x.4708/router/vsftpd/features.c index 96d73e5aa3..121298009b 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/features.c +++ b/release/src-rt-6.x.4708/router/vsftpd/features.c @@ -18,8 +18,14 @@ handle_feat(struct vsf_session* p_sess) vsf_cmdio_write_hyphen(p_sess, FTP_FEAT, "Features:"); if (tunable_ssl_enable) { - vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); - vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); + if (tunable_sslv2 || tunable_sslv3) + { + vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); + } + if (tunable_tlsv1) + { + vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); + } } if (tunable_port_enable) { @@ -42,10 +48,7 @@ handle_feat(struct vsf_session* p_sess) vsf_cmdio_write_raw(p_sess, " REST STREAM\r\n"); vsf_cmdio_write_raw(p_sess, " SIZE\r\n"); vsf_cmdio_write_raw(p_sess, " TVFS\r\n"); - if (tunable_utf8) - { - vsf_cmdio_write_raw(p_sess, " UTF8\r\n"); - } + vsf_cmdio_write_raw(p_sess, " UTF8\r\n"); vsf_cmdio_write(p_sess, FTP_FEAT, "End"); } diff --git a/release/src-rt-6.x.4708/router/vsftpd/logging.c b/release/src-rt-6.x.4708/router/vsftpd/logging.c index 2a1ca4530a..76756576e2 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/logging.c +++ b/release/src-rt-6.x.4708/router/vsftpd/logging.c @@ -324,6 +324,8 @@ vsf_log_do_log_vsftpd_format(struct vsf_session* p_sess, struct mystr* p_str, case kVSFLogEntryDebug: str_append_text(p_str, "DEBUG"); break; + case kVSFLogEntryNull: + /* Fall through */ default: bug("bad entry_type in vsf_log_do_log"); break; diff --git a/release/src-rt-6.x.4708/router/vsftpd/oneprocess.c b/release/src-rt-6.x.4708/router/vsftpd/oneprocess.c index 5dbabeaad4..65e36e085b 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/oneprocess.c +++ b/release/src-rt-6.x.4708/router/vsftpd/oneprocess.c @@ -119,6 +119,10 @@ vsf_one_process_login(struct vsf_session* p_sess, p_sess->is_anonymous = 1; process_post_login(p_sess); break; + case kVSFLoginNull: + /* Fall through. */ + case kVSFLoginReal: + /* Fall through. */ default: bug("bad state in vsf_one_process_login"); break; diff --git a/release/src-rt-6.x.4708/router/vsftpd/opts.c b/release/src-rt-6.x.4708/router/vsftpd/opts.c index b8a09f65e8..ce0d1fbf14 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/opts.c +++ b/release/src-rt-6.x.4708/router/vsftpd/opts.c @@ -16,7 +16,7 @@ void handle_opts(struct vsf_session* p_sess) { str_upper(&p_sess->ftp_arg_str); - if (tunable_utf8 && str_equal_text(&p_sess->ftp_arg_str, "UTF8 ON")) + if (str_equal_text(&p_sess->ftp_arg_str, "UTF8 ON")) { vsf_cmdio_write(p_sess, FTP_OPTSOK, "Always in UTF8 mode."); } diff --git a/release/src-rt-6.x.4708/router/vsftpd/parseconf.c b/release/src-rt-6.x.4708/router/vsftpd/parseconf.c index 69f6496247..faff4c9454 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/parseconf.c +++ b/release/src-rt-6.x.4708/router/vsftpd/parseconf.c @@ -92,7 +92,6 @@ parseconf_bool_array[] = { "mdtm_write", &tunable_mdtm_write }, { "lock_upload_files", &tunable_lock_upload_files }, { "pasv_addr_resolve", &tunable_pasv_addr_resolve }, - { "utf8", &tunable_utf8 }, { "debug_ssl", &tunable_debug_ssl }, { "require_cert", &tunable_require_cert }, { "validate_cert", &tunable_validate_cert }, diff --git a/release/src-rt-6.x.4708/router/vsftpd/postlogin.c b/release/src-rt-6.x.4708/router/vsftpd/postlogin.c index 8df7c0b643..5daee89b6e 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/postlogin.c +++ b/release/src-rt-6.x.4708/router/vsftpd/postlogin.c @@ -1485,7 +1485,15 @@ handle_site(struct vsf_session* p_sess) } else if (str_equal_text(&p_sess->ftp_arg_str, "HELP")) { - vsf_cmdio_write(p_sess, FTP_SITEHELP, "CHMOD UMASK HELP"); + if (tunable_write_enable && + tunable_chmod_enable) + { + vsf_cmdio_write(p_sess, FTP_SITEHELP, "CHMOD UMASK HELP"); + } + else + { + vsf_cmdio_write(p_sess, FTP_SITEHELP, "UMASK HELP"); + } } else { diff --git a/release/src-rt-6.x.4708/router/vsftpd/ptracesandbox.c b/release/src-rt-6.x.4708/router/vsftpd/ptracesandbox.c index 1f2bbccfce..37efd5abc3 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/ptracesandbox.c +++ b/release/src-rt-6.x.4708/router/vsftpd/ptracesandbox.c @@ -652,7 +652,7 @@ get_action(struct pt_sandbox* p_sandbox) } ret = 0; out: - memset(&p_sandbox->regs, '\0', sizeof(&p_sandbox->regs)); + memset(&p_sandbox->regs, '\0', sizeof(p_sandbox->regs)); return ret; } diff --git a/release/src-rt-6.x.4708/router/vsftpd/secutil.c b/release/src-rt-6.x.4708/router/vsftpd/secutil.c index 1cd9d58659..6d00b3514f 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/secutil.c +++ b/release/src-rt-6.x.4708/router/vsftpd/secutil.c @@ -129,5 +129,16 @@ vsf_secutil_change_credentials(const struct mystr* p_user_str, { vsf_sysutil_set_no_procs(); } +// check removed (for now) as tomato lacks of other users then root +// /* Misconfiguration check: don't ever chroot() to a directory writable by +// * the current user. +// */ +// if (options & VSF_SECUTIL_OPTION_CHROOT) +// { +// if (vsf_sysutil_write_access("/")) +// { +// die("vsftpd: refusing to run with writable root inside chroot()"); +// } +// } } diff --git a/release/src-rt-6.x.4708/router/vsftpd/sysdeputil.c b/release/src-rt-6.x.4708/router/vsftpd/sysdeputil.c index e0e9d765db..9dc8a5e7d9 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/sysdeputil.c +++ b/release/src-rt-6.x.4708/router/vsftpd/sysdeputil.c @@ -88,6 +88,7 @@ #include #if defined(LINUX_VERSION_CODE) && defined(KERNEL_VERSION) #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,2,0)) + #define VSF_SYSDEP_HAVE_CAPABILITIES #define VSF_SYSDEP_HAVE_LINUX_SENDFILE #ifdef PR_SET_KEEPCAPS #define VSF_SYSDEP_HAVE_SETKEEPCAPS @@ -242,7 +243,7 @@ vsf_sysdep_check_auth(struct mystr* p_user_str, const struct mystr* p_remote_host) { const char* p_crypted; - const struct passwd* p_pwd = (struct passwd*) vsf_sysutil_getpwnam(str_getbuf(p_user_str)); + const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str)); (void) p_remote_host; if (p_pwd == NULL) { diff --git a/release/src-rt-6.x.4708/router/vsftpd/sysstr.c b/release/src-rt-6.x.4708/router/vsftpd/sysstr.c index 42fd4b4118..d86cdf17c8 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/sysstr.c +++ b/release/src-rt-6.x.4708/router/vsftpd/sysstr.c @@ -80,6 +80,8 @@ str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) case kVSFSysStrOpenReadOnly: open_mode = kVSFSysUtilOpenReadOnly; break; + case kVSFSysStrOpenUnknown: + /* Fall through */ default: bug("unknown mode value in str_open"); break; diff --git a/release/src-rt-6.x.4708/router/vsftpd/sysutil.c b/release/src-rt-6.x.4708/router/vsftpd/sysutil.c index 1162f0b9fc..3392ea9679 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/sysutil.c +++ b/release/src-rt-6.x.4708/router/vsftpd/sysutil.c @@ -1340,6 +1340,7 @@ vsf_sysutil_statbuf_get_perms(const struct vsf_sysutil_statbuf* p_statbuf) case S_IFSOCK: perms[0] = 's'; break; case S_IFCHR: perms[0] = 'c'; break; case S_IFBLK: perms[0] = 'b'; break; + default: break; } if (p_stat->st_mode & S_IRUSR) perms[1] = 'r'; if (p_stat->st_mode & S_IWUSR) perms[2] = 'w'; @@ -1603,6 +1604,8 @@ vsf_sysutil_get_error(void) case ENOENT: retval = kVSFSysUtilErrNOENT; break; + default: + break; } return retval; } @@ -1704,10 +1707,14 @@ vsf_sysutil_accept_timeout(int fd, struct vsf_sysutil_sockaddr* p_sockaddr, retval = select(fd + 1, &accept_fdset, NULL, NULL, &timeout); saved_errno = errno; vsf_sysutil_check_pending_actions(kVSFSysUtilUnknown, 0, 0); - } while (retval < 0 && saved_errno == EINTR); - if (retval == 0) + } + while (retval < 0 && saved_errno == EINTR); + if (retval <= 0) { - errno = EAGAIN; + if (retval == 0) + { + errno = EAGAIN; + } return -1; } } @@ -1785,10 +1792,13 @@ vsf_sysutil_connect_timeout(int fd, const struct vsf_sysutil_sockaddr* p_addr, vsf_sysutil_check_pending_actions(kVSFSysUtilUnknown, 0, 0); } while (retval < 0 && saved_errno == EINTR); - if (retval == 0) + if (retval <= 0) { + if (retval == 0) + { + errno = EAGAIN; + } retval = -1; - errno = EAGAIN; } else { @@ -1798,6 +1808,11 @@ vsf_sysutil_connect_timeout(int fd, const struct vsf_sysutil_sockaddr* p_addr, { die("getsockopt"); } + if (retval != 0) + { + errno = retval; + retval = -1; + } } } if (wait_seconds > 0) @@ -2316,6 +2331,7 @@ struct passwd *getpwnam(const char *name) return NULL; } + struct vsf_sysutil_user* vsf_sysutil_getpwnam(const char* p_user) { @@ -2615,6 +2631,19 @@ vsf_sysutil_tzset(void) s_timezone *= -1; } } + /* Call in to the time subsystem again now that TZ is set, trying to force + * caching of the actual zoneinfo for the timezone. + */ + p_tm = localtime(&the_time); + if (p_tm == NULL) + { + die("localtime #2"); + } + p_tm = gmtime(&the_time); + if (p_tm == NULL) + { + die("gmtime"); + } } const char* diff --git a/release/src-rt-6.x.4708/router/vsftpd/tunables.c b/release/src-rt-6.x.4708/router/vsftpd/tunables.c index fb687c2f1d..968eb86ce1 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/tunables.c +++ b/release/src-rt-6.x.4708/router/vsftpd/tunables.c @@ -73,7 +73,6 @@ int tunable_force_anon_data_ssl; int tunable_mdtm_write; int tunable_lock_upload_files; int tunable_pasv_addr_resolve; -int tunable_utf8; int tunable_debug_ssl; int tunable_require_cert; int tunable_validate_cert; @@ -214,7 +213,6 @@ tunables_load_defaults() tunable_mdtm_write = 1; tunable_lock_upload_files = 1; tunable_pasv_addr_resolve = 0; - tunable_utf8 = 0; tunable_debug_ssl = 0; tunable_require_cert = 0; tunable_validate_cert = 0; diff --git a/release/src-rt-6.x.4708/router/vsftpd/tunables.h b/release/src-rt-6.x.4708/router/vsftpd/tunables.h index b8ed882e35..2cdc2ce5ce 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/tunables.h +++ b/release/src-rt-6.x.4708/router/vsftpd/tunables.h @@ -74,7 +74,6 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */ extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */ extern int tunable_lock_upload_files; /* Lock uploading files */ extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */ -extern int tunable_utf8; /* Report UTF8 support */ extern int tunable_debug_ssl; /* Verbose SSL logging */ extern int tunable_require_cert; /* SSL client cert required */ extern int tunable_validate_cert; /* SSL certs must be valid */ diff --git a/release/src-rt-6.x.4708/router/vsftpd/twoprocess.c b/release/src-rt-6.x.4708/router/vsftpd/twoprocess.c index 26ab477c9f..394d90929b 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/twoprocess.c +++ b/release/src-rt-6.x.4708/router/vsftpd/twoprocess.c @@ -349,6 +349,8 @@ process_login_req(struct vsf_session* p_sess) common_do_login(p_sess, &p_sess->user_str, do_chroot, 0); } break; + case kVSFLoginNull: + /* Fall through */ default: bug("weird state in process_login_request"); break; diff --git a/release/src-rt-6.x.4708/router/vsftpd/vsftpd.conf b/release/src-rt-6.x.4708/router/vsftpd/vsftpd.conf index 1a72daa2c5..cc1c607e3d 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/vsftpd.conf +++ b/release/src-rt-6.x.4708/router/vsftpd/vsftpd.conf @@ -92,6 +92,9 @@ connect_from_port_20=YES # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). +# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that +# the user does not have write access to the top level directory within the +# chroot) #chroot_local_user=YES #chroot_list_enable=YES # (default follows) diff --git a/release/src-rt-6.x.4708/router/vsftpd/vsftpver.h b/release/src-rt-6.x.4708/router/vsftpd/vsftpver.h index 0e465ce0f0..e7ce230157 100644 --- a/release/src-rt-6.x.4708/router/vsftpd/vsftpver.h +++ b/release/src-rt-6.x.4708/router/vsftpd/vsftpver.h @@ -1,7 +1,7 @@ #ifndef VSF_VERSION_H #define VSF_VERSION_H -#define VSF_VERSION "2.3.4" +#define VSF_VERSION "2.3.5" #endif /* VSF_VERSION_H */ -- 2.11.4.GIT