1 /*	$OpenBSD: ftp.c,v 1.67 2007/06/16 08:58:33 espie Exp $	*/
2 /*	$NetBSD: ftp.c,v 1.27 1997/08/18 10:20:23 lukem Exp $	*/
3 
4 /*
5  * Copyright (C) 1997 and 1998 WIDE Project.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the name of the project nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 /*
34  * Copyright (c) 1985, 1989, 1993, 1994
35  *	The Regents of the University of California.  All rights reserved.
36  *
37  * Redistribution and use in source and binary forms, with or without
38  * modification, are permitted provided that the following conditions
39  * are met:
40  * 1. Redistributions of source code must retain the above copyright
41  *    notice, this list of conditions and the following disclaimer.
42  * 2. Redistributions in binary form must reproduce the above copyright
43  *    notice, this list of conditions and the following disclaimer in the
44  *    documentation and/or other materials provided with the distribution.
45  * 3. Neither the name of the University nor the names of its contributors
46  *    may be used to endorse or promote products derived from this software
47  *    without specific prior written permission.
48  *
49  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59  * SUCH DAMAGE.
60  */
61 
62 #include <sys/types.h>
63 #include <sys/stat.h>
64 #include <sys/socket.h>
65 
66 #include <netinet/in.h>
67 #include <netinet/in_systm.h>
68 #include <netinet/ip.h>
69 #include <arpa/inet.h>
70 #include <arpa/ftp.h>
71 #include <arpa/telnet.h>
72 
73 #include <ctype.h>
74 #include <err.h>
75 #include <errno.h>
76 #include <netdb.h>
77 #include <poll.h>
78 #include <stdarg.h>
79 #include <stdio.h>
80 #include <stdlib.h>
81 #include <string.h>
82 #include <unistd.h>
83 #include <utime.h>
84 
85 #include "ftp_var.h"
86 
87 __RCSID("$MirOS: src/usr.bin/ftp/ftp.c,v 1.7 2010/08/12 11:30:46 tg Exp $");
88 
89 union sockunion {
90 	struct sockinet {
91 		u_char si_len;
92 		u_char si_family;
93 		u_short si_port;
94 	} su_si;
95 	struct sockaddr_in  su_sin;
96 	struct sockaddr_in6 su_sin6;
97 };
98 #define su_len		su_si.si_len
99 #define su_family	su_si.si_family
100 #define su_port		su_si.si_port
101 
102 union sockunion myctladdr, hisctladdr, data_addr;
103 
104 int	data = -1;
105 int	abrtflag = 0;
106 jmp_buf	ptabort;
107 int	ptabflg;
108 int	ptflag = 0;
109 off_t	restart_point = 0;
110 
111 
112 FILE	*cin, *cout;
113 
114 char *
hookup(char * host,char * port)115 hookup(char *host, char *port)
116 {
117 	int s, tos, error;
118 	static char hostnamebuf[MAXHOSTNAMELEN];
119 	struct addrinfo hints, *res, *res0;
120 	char hbuf[NI_MAXHOST];
121 	char *cause = "unknown";
122 	socklen_t namelen;
123 
124 	epsv4bad = 0;
125 
126 	memset((char *)&hisctladdr, 0, sizeof (hisctladdr));
127 	memset(&hints, 0, sizeof(hints));
128 	hints.ai_flags = AI_CANONNAME;
129 	hints.ai_family = family;
130 	hints.ai_socktype = SOCK_STREAM;
131 	hints.ai_protocol = 0;
132 	error = getaddrinfo(host, port, &hints, &res0);
133 	if (error == EAI_SERVICE) {
134 		/*
135 		 * If the services file is corrupt/missing, fall back
136 		 * on our hard-coded defines.
137 		 */
138 		char pbuf[NI_MAXSERV];
139 
140 		pbuf[0] = '\0';
141 		if (strcmp(port, "ftp") == 0)
142 			snprintf(pbuf, sizeof(pbuf), "%d", FTP_PORT);
143 		else if (strcmp(port, "ftpgate") == 0)
144 			snprintf(pbuf, sizeof(pbuf), "%d", GATE_PORT);
145 		else if (strcmp(port, "http") == 0)
146 			snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT);
147 #ifndef SMALL
148 		else if (strcmp(port, "https") == 0)
149 			snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT);
150 #endif
151 		if (pbuf[0])
152 			error = getaddrinfo(host, pbuf, &hints, &res0);
153 	}
154 	if (error) {
155 		if (error == EAI_SERVICE)
156 			warnx("%s: bad port number `%s'", host, port);
157 		else
158 			warnx("%s: %s", host, gai_strerror(error));
159 		code = -1;
160 		return (0);
161 	}
162 
163 	if (res0->ai_canonname)
164 		strlcpy(hostnamebuf, res0->ai_canonname, sizeof(hostnamebuf));
165 	else
166 		strlcpy(hostnamebuf, host, sizeof(hostnamebuf));
167 	hostname = hostnamebuf;
168 	strlcpy(hbuf, hostname, sizeof(hbuf));
169 
170 	s = -1;
171 	for (res = res0; res; res = res->ai_next) {
172 #if 0	/*old behavior*/
173 		if (res != res0)	/* not on the first address */
174 #else
175 		if (res0->ai_next)	/* if we have multiple possibilities */
176 #endif
177 		{
178 			if (getnameinfo(res->ai_addr, res->ai_addrlen,
179 			    hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
180 				strlcpy(hbuf, "unknown", sizeof(hbuf));
181 			fprintf(ttyout, "Trying %s...\n", hbuf);
182 		}
183 		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
184 		if (s < 0) {
185 			cause = "socket";
186 			continue;
187 		}
188 		while ((error = connect(s, res->ai_addr, res->ai_addrlen)) < 0
189 				&& errno == EINTR) {
190 			;
191 		}
192 		if (error) {
193 			/* this "if" clause is to prevent print warning twice */
194 			if (res->ai_next) {
195 				if (getnameinfo(res->ai_addr, res->ai_addrlen,
196 				    hbuf, sizeof(hbuf), NULL, 0,
197 				    NI_NUMERICHOST) != 0)
198 					strlcpy(hbuf, "(unknown)",
199 					    sizeof(hbuf));
200 				warn("connect to address %s", hbuf);
201 			}
202 			cause = "connect";
203 			error = errno;
204 			close(s);
205 			errno = error;
206 			s = -1;
207 			continue;
208 		}
209 
210 		/* finally we got one */
211 		break;
212 	}
213 	if (s < 0) {
214 		warn("%s (%s)", cause, hbuf);
215 		code = -1;
216 		freeaddrinfo(res0);
217 		return 0;
218 	}
219 	memcpy(&hisctladdr, res->ai_addr, res->ai_addrlen);
220 	namelen = res->ai_addrlen;
221 	freeaddrinfo(res0);
222 	res0 = res = NULL;
223 	if (getsockname(s, (struct sockaddr *)&myctladdr, &namelen) < 0) {
224 		warn("getsockname");
225 		code = -1;
226 		goto bad;
227 	}
228 #if defined(IPPROTO_IP) && defined(IP_TOS)
229 	if (hisctladdr.su_family == AF_INET) {
230 		tos = IPTOS_LOWDELAY;
231 		if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
232 			warn("setsockopt TOS (ignored)");
233 	}
234 #endif
235 	cin = fdopen(s, "r");
236 	cout = fdopen(s, "w");
237 	if (cin == NULL || cout == NULL) {
238 		warnx("fdopen failed.");
239 		if (cin)
240 			(void)fclose(cin);
241 		if (cout)
242 			(void)fclose(cout);
243 		code = -1;
244 		goto bad;
245 	}
246 	if (verbose)
247 		fprintf(ttyout, "Connected to %s.\n", hostname);
248 	if (getreply(0) > 2) { 	/* read startup message from server */
249 		if (cin)
250 			(void)fclose(cin);
251 		if (cout)
252 			(void)fclose(cout);
253 		code = -1;
254 		goto bad;
255 	}
256 #ifdef SO_OOBINLINE
257 	{
258 	int on = 1;
259 
260 	if (setsockopt(s, SOL_SOCKET, SO_OOBINLINE, (char *)&on, sizeof(on))
261 		< 0 && debug) {
262 			warn("setsockopt");
263 		}
264 	}
265 #endif /* SO_OOBINLINE */
266 
267 	return (hostname);
268 bad:
269 	(void)close(s);
270 	return ((char *)0);
271 }
272 
273 /* ARGSUSED */
274 void
cmdabort(int signo)275 cmdabort(int signo)
276 {
277 
278 	alarmtimer(0);
279 	putc('\n', ttyout);
280 	(void)fflush(ttyout);
281 	abrtflag++;
282 	if (ptflag)
283 		longjmp(ptabort, 1);
284 }
285 
286 /*VARARGS*/
287 int
command(const char * fmt,...)288 command(const char *fmt, ...)
289 {
290 	va_list ap;
291 	int r;
292 	sig_t oldintr;
293 
294 	abrtflag = 0;
295 	if (debug) {
296 		fputs("---> ", ttyout);
297 		va_start(ap, fmt);
298 		if (strncmp("PASS ", fmt, 5) == 0)
299 			fputs("PASS XXXX", ttyout);
300 		else if (strncmp("ACCT ", fmt, 5) == 0)
301 			fputs("ACCT XXXX", ttyout);
302 		else
303 			vfprintf(ttyout, fmt, ap);
304 		va_end(ap);
305 		putc('\n', ttyout);
306 		(void)fflush(ttyout);
307 	}
308 	if (cout == NULL) {
309 		warnx("No control connection for command.");
310 		code = -1;
311 		return (0);
312 	}
313 	oldintr = signal(SIGINT, cmdabort);
314 	va_start(ap, fmt);
315 	vfprintf(cout, fmt, ap);
316 	va_end(ap);
317 	fputs("\r\n", cout);
318 	(void)fflush(cout);
319 	cpend = 1;
320 	r = getreply(!strcmp(fmt, "QUIT"));
321 	if (abrtflag && oldintr != SIG_IGN)
322 		(*oldintr)(SIGINT);
323 	(void)signal(SIGINT, oldintr);
324 	return (r);
325 }
326 
327 int keep_alive_timeout = 0;		/* 0 -> no timeout */
328 
329 static int full_noops_sent = 0;
330 static time_t last_timestamp = 0;	/* 0 -> no measurement yet */
331 static char noop[] = "NOOP\r\n";
332 #define NOOP_LENGTH (sizeof noop - 1)
333 static int current_nop_pos = 0;		/* 0 -> no noop started */
334 
335 /* to achieve keep alive, we send noop one byte at a time */
336 void
send_noop_char()337 send_noop_char()
338 {
339 	if (debug)
340 		fprintf(ttyout, "---> %c\n", noop[current_nop_pos]);
341 	fputc(noop[current_nop_pos++], cout);
342 	(void)fflush(cout);
343 	if (current_nop_pos >= NOOP_LENGTH) {
344 		full_noops_sent++;
345 		current_nop_pos = 0;
346 	}
347 }
348 
349 void
may_reset_noop_timeout()350 may_reset_noop_timeout()
351 {
352 	if (keep_alive_timeout != 0)
353 		last_timestamp = time(NULL);
354 }
355 
356 void
may_receive_noop_ack()357 may_receive_noop_ack()
358 {
359 	int i;
360 
361 	/* finish sending last incomplete noop */
362 	if (current_nop_pos != 0) {
363 		fputs(&(noop[current_nop_pos]), cout);
364 		if (debug)
365 			fprintf(ttyout, "---> %s\n", &(noop[current_nop_pos]));
366 		(void)fflush(cout);
367 		current_nop_pos = 0;
368 		full_noops_sent++;
369 	}
370 	/* and get the replies */
371 	for (i = 0; i < full_noops_sent; i++)
372 		(void)getreply(0);
373 
374 	full_noops_sent = 0;
375 }
376 
377 void
may_send_noop_char()378 may_send_noop_char()
379 {
380 	if (keep_alive_timeout != 0) {
381 		if (last_timestamp != 0) {
382 			time_t t = time(NULL);
383 
384 			if (t - last_timestamp >= keep_alive_timeout) {
385 				last_timestamp = t;
386 				send_noop_char();
387 			}
388 		} else {
389 			last_timestamp = time(NULL);
390 		}
391 	}
392 }
393 
394 char reply_string[BUFSIZ];		/* first line of previous reply */
395 
396 int
getreply(int expecteof)397 getreply(int expecteof)
398 {
399 	char current_line[BUFSIZ];	/* last line of previous reply */
400 	int c, n, lineno;
401 	int dig;
402 	int originalcode = 0, continuation = 0;
403 	sig_t oldintr;
404 	int pflag = 0;
405 	char *cp, *pt = pasv;
406 
407 	memset(current_line, 0, sizeof(current_line));
408 	oldintr = signal(SIGINT, cmdabort);
409 	for (lineno = 0 ;; lineno++) {
410 		dig = n = code = 0;
411 		cp = current_line;
412 		while ((c = fgetc(cin)) != '\n') {
413 			if (c == IAC) {     /* handle telnet commands */
414 				switch (c = fgetc(cin)) {
415 				case WILL:
416 				case WONT:
417 					c = fgetc(cin);
418 					fprintf(cout, "%c%c%c", IAC, DONT, c);
419 					(void)fflush(cout);
420 					break;
421 				case DO:
422 				case DONT:
423 					c = fgetc(cin);
424 					fprintf(cout, "%c%c%c", IAC, WONT, c);
425 					(void)fflush(cout);
426 					break;
427 				default:
428 					break;
429 				}
430 				continue;
431 			}
432 			dig++;
433 			if (c == EOF) {
434 				if (expecteof) {
435 					(void)signal(SIGINT, oldintr);
436 					code = 221;
437 					return (0);
438 				}
439 				lostpeer();
440 				if (verbose) {
441 					fputs(
442 "421 Service not available, remote server has closed connection.\n", ttyout);
443 					(void)fflush(ttyout);
444 				}
445 				code = 421;
446 				return (4);
447 			}
448 			if ( ((c != '\r') && (verbose > 0)) ||
449 			     (((verbose > -1) && (n == '5') && (dig > 4)) &&
450 			      ((!retry_connect) || (
451 			       (((!n) && (c < '5')) || (n && (n < '5')))) )
452 			     )
453 			   ) {
454 				if (proxflag &&
455 				   (dig == 1 || (dig == 5 && verbose == 0)))
456 					fprintf(ttyout, "%s:", hostname);
457 				(void)putc(c, ttyout);
458 			}
459 			if (dig < 4 && isdigit(c))
460 				code = code * 10 + (c - '0');
461 			if (!pflag && (code == 227 || code == 228))
462 				pflag = 1;
463 			else if (!pflag && code == 229)
464 				pflag = 100;
465 			if (dig > 4 && pflag == 1 && isdigit(c))
466 				pflag = 2;
467 			if (pflag == 2) {
468 				if (c != '\r' && c != ')') {
469 					if (pt < &pasv[sizeof(pasv) - 1])
470 						*pt++ = c;
471 				} else {
472 					*pt = '\0';
473 					pflag = 3;
474 				}
475 			}
476 			if (pflag == 100 && c == '(')
477 				pflag = 2;
478 			if (dig == 4 && c == '-') {
479 				if (continuation)
480 					code = 0;
481 				continuation++;
482 			}
483 			if (n == 0)
484 				n = c;
485 			if (cp < &current_line[sizeof(current_line) - 1])
486 				*cp++ = c;
487 		}
488 		if (verbose > 0 || ((verbose > -1 && n == '5') &&
489 		    (n < '5' || !retry_connect))) {
490 			(void)putc(c, ttyout);
491 			(void)fflush (ttyout);
492 		}
493 		if (lineno == 0) {
494 			size_t len = cp - current_line;
495 
496 			if (len > sizeof(reply_string))
497 				len = sizeof(reply_string);
498 
499 			(void)strlcpy(reply_string, current_line, len);
500 		}
501 		if (continuation && code != originalcode) {
502 			if (originalcode == 0)
503 				originalcode = code;
504 			continue;
505 		}
506 		*cp = '\0';
507 		if (n != '1')
508 			cpend = 0;
509 		(void)signal(SIGINT, oldintr);
510 		if (code == 421 || originalcode == 421)
511 			lostpeer();
512 		if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN)
513 			(*oldintr)(SIGINT);
514 		return (n - '0');
515 	}
516 }
517 
518 jmp_buf	sendabort;
519 
520 /* ARGSUSED */
521 void
abortsend(int signo)522 abortsend(int signo)
523 {
524 
525 	alarmtimer(0);
526 	mflag = 0;
527 	abrtflag = 0;
528 	fputs("\nsend aborted\nwaiting for remote to finish abort.\n", ttyout);
529 	(void)fflush(ttyout);
530 	longjmp(sendabort, 1);
531 }
532 
533 void
sendrequest(const char * cmd,const char * local,const char * remote,int printnames)534 sendrequest(const char *cmd, const char *local, const char *remote,
535     int printnames)
536 {
537 	struct stat st;
538 	int c, d;
539 	FILE * volatile fin, * volatile dout;
540 	int (* volatile closefunc)(FILE *);
541 	volatile sig_t oldinti, oldintr, oldintp;
542 	volatile off_t hashbytes;
543 	char * volatile lmode;
544 	char buf[BUFSIZ], *bufp;
545 	int oprogress;
546 
547 	hashbytes = mark;
548 	direction = "sent";
549 	dout = NULL;
550 	bytes = 0;
551 	filesize = -1;
552 	oprogress = progress;
553 	if (verbose && printnames) {
554 		if (local && *local != '-')
555 			fprintf(ttyout, "local: %s ", local);
556 		if (remote)
557 			fprintf(ttyout, "remote: %s\n", remote);
558 	}
559 	if (proxy) {
560 		proxtrans(cmd, local, remote);
561 		return;
562 	}
563 	if (curtype != type)
564 		changetype(type, 0);
565 	closefunc = NULL;
566 	oldintr = NULL;
567 	oldintp = NULL;
568 	oldinti = NULL;
569 	lmode = "w";
570 	if (setjmp(sendabort)) {
571 		while (cpend) {
572 			(void)getreply(0);
573 		}
574 		if (data >= 0) {
575 			(void)close(data);
576 			data = -1;
577 		}
578 		if (oldintr)
579 			(void)signal(SIGINT, oldintr);
580 		if (oldintp)
581 			(void)signal(SIGPIPE, oldintp);
582 		if (oldinti)
583 			(void)signal(SIGINFO, oldinti);
584 		progress = oprogress;
585 		code = -1;
586 		return;
587 	}
588 	oldintr = signal(SIGINT, abortsend);
589 	oldinti = signal(SIGINFO, psummary);
590 	if (strcmp(local, "-") == 0) {
591 		fin = stdin;
592 		if (progress == 1)
593 			progress = 0;
594 	} else if (*local == '|') {
595 		oldintp = signal(SIGPIPE, SIG_IGN);
596 		fin = popen(local + 1, "r");
597 		if (fin == NULL) {
598 			warn("%s", local + 1);
599 			(void)signal(SIGINT, oldintr);
600 			(void)signal(SIGPIPE, oldintp);
601 			(void)signal(SIGINFO, oldinti);
602 			code = -1;
603 			return;
604 		}
605 		if (progress == 1)
606 			progress = 0;
607 		closefunc = pclose;
608 	} else {
609 		fin = fopen(local, "r");
610 		if (fin == NULL) {
611 			warn("local: %s", local);
612 			(void)signal(SIGINT, oldintr);
613 			(void)signal(SIGINFO, oldinti);
614 			code = -1;
615 			return;
616 		}
617 		closefunc = fclose;
618 		if (fstat(fileno(fin), &st) < 0 ||
619 		    (st.st_mode & S_IFMT) != S_IFREG) {
620 			fprintf(ttyout, "%s: not a plain file.\n", local);
621 			(void)signal(SIGINT, oldintr);
622 			(void)signal(SIGINFO, oldinti);
623 			fclose(fin);
624 			code = -1;
625 			return;
626 		}
627 		filesize = st.st_size;
628 	}
629 	if (initconn()) {
630 		(void)signal(SIGINT, oldintr);
631 		(void)signal(SIGINFO, oldinti);
632 		if (oldintp)
633 			(void)signal(SIGPIPE, oldintp);
634 		code = -1;
635 		progress = oprogress;
636 		if (closefunc != NULL)
637 			(*closefunc)(fin);
638 		return;
639 	}
640 	if (setjmp(sendabort))
641 		goto abort;
642 
643 	if (restart_point &&
644 	    (strcmp(cmd, "STOR") == 0 || strcmp(cmd, "APPE") == 0)) {
645 		int rc = -1;
646 
647 		switch (curtype) {
648 		case TYPE_A:
649 			rc = fseeko(fin, restart_point, SEEK_SET);
650 			break;
651 		case TYPE_I:
652 		case TYPE_L:
653 			if (lseek(fileno(fin), restart_point, SEEK_SET) != -1)
654 				rc = 0;
655 			break;
656 		}
657 		if (rc == -1) {
658 			warn("local: %s", local);
659 			restart_point = 0;
660 			progress = oprogress;
661 			if (closefunc != NULL)
662 				(*closefunc)(fin);
663 			return;
664 		}
665 		if (command("REST %lld", (long long) restart_point)
666 			!= CONTINUE) {
667 			restart_point = 0;
668 			progress = oprogress;
669 			if (closefunc != NULL)
670 				(*closefunc)(fin);
671 			return;
672 		}
673 		restart_point = 0;
674 		lmode = "r+w";
675 	}
676 	if (remote) {
677 		if (command("%s %s", cmd, remote) != PRELIM) {
678 			(void)signal(SIGINT, oldintr);
679 			(void)signal(SIGINFO, oldinti);
680 			progress = oprogress;
681 			if (oldintp)
682 				(void)signal(SIGPIPE, oldintp);
683 			if (closefunc != NULL)
684 				(*closefunc)(fin);
685 			return;
686 		}
687 	} else
688 		if (command("%s", cmd) != PRELIM) {
689 			(void)signal(SIGINT, oldintr);
690 			(void)signal(SIGINFO, oldinti);
691 			progress = oprogress;
692 			if (oldintp)
693 				(void)signal(SIGPIPE, oldintp);
694 			if (closefunc != NULL)
695 				(*closefunc)(fin);
696 			return;
697 		}
698 	dout = dataconn(lmode);
699 	if (dout == NULL)
700 		goto abort;
701 	progressmeter(-1);
702 	may_reset_noop_timeout();
703 	oldintp = signal(SIGPIPE, SIG_IGN);
704 	switch (curtype) {
705 
706 	case TYPE_I:
707 	case TYPE_L:
708 		errno = d = 0;
709 		while ((c = read(fileno(fin), buf, sizeof(buf))) > 0) {
710 			may_send_noop_char();
711 			bytes += c;
712 			for (bufp = buf; c > 0; c -= d, bufp += d)
713 				if ((d = write(fileno(dout), bufp, (size_t)c))
714 				    <= 0)
715 					break;
716 			if (hash && (!progress || filesize < 0) ) {
717 				while (bytes >= hashbytes) {
718 					(void)putc('#', ttyout);
719 					hashbytes += mark;
720 				}
721 				(void)fflush(ttyout);
722 			}
723 		}
724 		if (hash && (!progress || filesize < 0) && bytes > 0) {
725 			if (bytes < mark)
726 				(void)putc('#', ttyout);
727 			(void)putc('\n', ttyout);
728 			(void)fflush(ttyout);
729 		}
730 		if (c < 0)
731 			warn("local: %s", local);
732 		if (d < 0) {
733 			if (errno != EPIPE)
734 				warn("netout");
735 			bytes = -1;
736 		}
737 		break;
738 
739 	case TYPE_A:
740 		while ((c = fgetc(fin)) != EOF) {
741 			may_send_noop_char();
742 			if (c == '\n') {
743 				while (hash && (!progress || filesize < 0) &&
744 				    (bytes >= hashbytes)) {
745 					(void)putc('#', ttyout);
746 					(void)fflush(ttyout);
747 					hashbytes += mark;
748 				}
749 				if (ferror(dout))
750 					break;
751 				(void)putc('\r', dout);
752 				bytes++;
753 			}
754 			(void)putc(c, dout);
755 			bytes++;
756 #if 0	/* this violates RFC */
757 			if (c == '\r') {
758 				(void)putc('\0', dout);
759 				bytes++;
760 			}
761 #endif
762 		}
763 		if (hash && (!progress || filesize < 0)) {
764 			if (bytes < hashbytes)
765 				(void)putc('#', ttyout);
766 			(void)putc('\n', ttyout);
767 			(void)fflush(ttyout);
768 		}
769 		if (ferror(fin))
770 			warn("local: %s", local);
771 		if (ferror(dout)) {
772 			if (errno != EPIPE)
773 				warn("netout");
774 			bytes = -1;
775 		}
776 		break;
777 	}
778 	progressmeter(1);
779 	progress = oprogress;
780 	if (closefunc != NULL)
781 		(*closefunc)(fin);
782 	(void)fclose(dout);
783 	(void)getreply(0);
784 	may_receive_noop_ack();
785 	(void)signal(SIGINT, oldintr);
786 	(void)signal(SIGINFO, oldinti);
787 	if (oldintp)
788 		(void)signal(SIGPIPE, oldintp);
789 	if (bytes > 0)
790 		ptransfer(0);
791 	return;
792 abort:
793 	(void)signal(SIGINT, oldintr);
794 	(void)signal(SIGINFO, oldinti);
795 	progress = oprogress;
796 	if (oldintp)
797 		(void)signal(SIGPIPE, oldintp);
798 	if (!cpend) {
799 		code = -1;
800 		return;
801 	}
802 	if (data >= 0) {
803 		(void)close(data);
804 		data = -1;
805 	}
806 	if (dout)
807 		(void)fclose(dout);
808 	(void)getreply(0);
809 	code = -1;
810 	if (closefunc != NULL && fin != NULL)
811 		(*closefunc)(fin);
812 	if (bytes > 0)
813 		ptransfer(0);
814 }
815 
816 jmp_buf	recvabort;
817 
818 /* ARGSUSED */
819 void
abortrecv(int signo)820 abortrecv(int signo)
821 {
822 
823 	alarmtimer(0);
824 	mflag = 0;
825 	abrtflag = 0;
826 	fputs("\nreceive aborted\nwaiting for remote to finish abort.\n", ttyout);
827 	(void)fflush(ttyout);
828 	longjmp(recvabort, 1);
829 }
830 
831 void
recvrequest(const char * cmd,const char * volatile local,const char * remote,const char * lmode,int printnames,int ignorespecial)832 recvrequest(const char *cmd, const char * volatile local, const char *remote,
833     const char *lmode, int printnames, int ignorespecial)
834 {
835 	FILE * volatile fout, * volatile din;
836 	int (* volatile closefunc)(FILE *);
837 	volatile sig_t oldinti, oldintr, oldintp;
838 	int c, d;
839 	volatile int is_retr, tcrflag, bare_lfs;
840 	static size_t bufsize;
841 	static char *buf;
842 	volatile off_t hashbytes;
843 	struct stat st;
844 	time_t mtime;
845 	int oprogress;
846 	int opreserve;
847 
848 	fout = NULL;
849 	din = NULL;
850 	oldinti = NULL;
851 	hashbytes = mark;
852 	direction = "received";
853 	bytes = 0;
854 	bare_lfs = 0;
855 	filesize = -1;
856 	oprogress = progress;
857 	opreserve = preserve;
858 	is_retr = strcmp(cmd, "RETR") == 0;
859 	if (is_retr && verbose && printnames) {
860 		if (local && (ignorespecial || *local != '-'))
861 			fprintf(ttyout, "local: %s ", local);
862 		if (remote)
863 			fprintf(ttyout, "remote: %s\n", remote);
864 	}
865 	if (proxy && is_retr) {
866 		proxtrans(cmd, local, remote);
867 		return;
868 	}
869 	closefunc = NULL;
870 	oldintr = NULL;
871 	oldintp = NULL;
872 	tcrflag = !crflag && is_retr;
873 	if (setjmp(recvabort)) {
874 		while (cpend) {
875 			(void)getreply(0);
876 		}
877 		if (data >= 0) {
878 			(void)close(data);
879 			data = -1;
880 		}
881 		if (oldintr)
882 			(void)signal(SIGINT, oldintr);
883 		if (oldinti)
884 			(void)signal(SIGINFO, oldinti);
885 		progress = oprogress;
886 		preserve = opreserve;
887 		code = -1;
888 		return;
889 	}
890 	oldintr = signal(SIGINT, abortrecv);
891 	oldinti = signal(SIGINFO, psummary);
892 	if (ignorespecial || (strcmp(local, "-") && *local != '|')) {
893 		if (access(local, W_OK) < 0) {
894 			char *dir = strrchr(local, '/');
895 
896 			if (errno != ENOENT && errno != EACCES) {
897 				warn("local: %s", local);
898 				(void)signal(SIGINT, oldintr);
899 				(void)signal(SIGINFO, oldinti);
900 				code = -1;
901 				return;
902 			}
903 			if (dir != NULL)
904 				*dir = 0;
905 			d = access(dir == local ? "/" : dir ? local : ".", W_OK);
906 			if (dir != NULL)
907 				*dir = '/';
908 			if (d < 0) {
909 				warn("local: %s", local);
910 				(void)signal(SIGINT, oldintr);
911 				(void)signal(SIGINFO, oldinti);
912 				code = -1;
913 				return;
914 			}
915 			if (!runique && errno == EACCES &&
916 			    chmod(local, (S_IRUSR|S_IWUSR)) < 0) {
917 				warn("local: %s", local);
918 				(void)signal(SIGINT, oldintr);
919 				(void)signal(SIGINFO, oldinti);
920 				code = -1;
921 				return;
922 			}
923 			if (runique && errno == EACCES &&
924 			   (local = gunique(local)) == NULL) {
925 				(void)signal(SIGINT, oldintr);
926 				(void)signal(SIGINFO, oldinti);
927 				code = -1;
928 				return;
929 			}
930 		}
931 		else if (runique && (local = gunique(local)) == NULL) {
932 			(void)signal(SIGINT, oldintr);
933 			(void)signal(SIGINFO, oldinti);
934 			code = -1;
935 			return;
936 		}
937 	}
938 	if (!is_retr) {
939 		if (curtype != TYPE_A)
940 			changetype(TYPE_A, 0);
941 	} else {
942 		if (curtype != type)
943 			changetype(type, 0);
944 		filesize = remotesize(remote, 0);
945 	}
946 	if (initconn()) {
947 		(void)signal(SIGINT, oldintr);
948 		(void)signal(SIGINFO, oldinti);
949 		code = -1;
950 		return;
951 	}
952 	if (setjmp(recvabort))
953 		goto abort;
954 	if (is_retr && restart_point &&
955 	    command("REST %lld", (long long) restart_point) != CONTINUE)
956 		return;
957 	if (remote) {
958 		if (command("%s %s", cmd, remote) != PRELIM) {
959 			(void)signal(SIGINT, oldintr);
960 			(void)signal(SIGINFO, oldinti);
961 			return;
962 		}
963 	} else {
964 		if (command("%s", cmd) != PRELIM) {
965 			(void)signal(SIGINT, oldintr);
966 			(void)signal(SIGINFO, oldinti);
967 			return;
968 		}
969 	}
970 	din = dataconn("r");
971 	if (din == NULL)
972 		goto abort;
973 	if (!ignorespecial && strcmp(local, "-") == 0) {
974 		fout = stdout;
975 		preserve = 0;
976 	} else if (!ignorespecial && *local == '|') {
977 		oldintp = signal(SIGPIPE, SIG_IGN);
978 		fout = popen(local + 1, "w");
979 		if (fout == NULL) {
980 			warn("%s", local+1);
981 			goto abort;
982 		}
983 		if (progress == 1)
984 			progress = 0;
985 		preserve = 0;
986 		closefunc = pclose;
987 	} else {
988 		fout = fopen(local, lmode);
989 		if (fout == NULL) {
990 			warn("local: %s", local);
991 			goto abort;
992 		}
993 		closefunc = fclose;
994 	}
995 	if (fstat(fileno(fout), &st) < 0 || st.st_blksize == 0)
996 		st.st_blksize = BUFSIZ;
997 	if (st.st_blksize > bufsize) {
998 		(void)free(buf);
999 		buf = malloc((unsigned)st.st_blksize);
1000 		if (buf == NULL) {
1001 			warn("malloc");
1002 			bufsize = 0;
1003 			goto abort;
1004 		}
1005 		bufsize = st.st_blksize;
1006 	}
1007 	if ((st.st_mode & S_IFMT) != S_IFREG) {
1008 		if (progress == 1)
1009 			progress = 0;
1010 		preserve = 0;
1011 	}
1012 	progressmeter(-1);
1013 	may_reset_noop_timeout();
1014 	switch (curtype) {
1015 
1016 	case TYPE_I:
1017 	case TYPE_L:
1018 		if (restart_point &&
1019 		    lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
1020 			warn("local: %s", local);
1021 			progress = oprogress;
1022 			preserve = opreserve;
1023 			if (closefunc != NULL)
1024 				(*closefunc)(fout);
1025 			return;
1026 		}
1027 		errno = d = 0;
1028 		while ((c = read(fileno(din), buf, bufsize)) > 0) {
1029 			ssize_t	wr;
1030 			size_t	rd = c;
1031 
1032 			may_send_noop_char();
1033 			d = 0;
1034 			do {
1035 				wr = write(fileno(fout), buf + d, rd);
1036 				if (wr == -1 && errno == EPIPE)
1037 					break;
1038 				d += wr;
1039 				rd -= wr;
1040 			} while (d < c);
1041 			if (rd != 0)
1042 				break;
1043 			bytes += c;
1044 			if (hash && (!progress || filesize < 0)) {
1045 				while (bytes >= hashbytes) {
1046 					(void)putc('#', ttyout);
1047 					hashbytes += mark;
1048 				}
1049 				(void)fflush(ttyout);
1050 			}
1051 		}
1052 		if (hash && (!progress || filesize < 0) && bytes > 0) {
1053 			if (bytes < mark)
1054 				(void)putc('#', ttyout);
1055 			(void)putc('\n', ttyout);
1056 			(void)fflush(ttyout);
1057 		}
1058 		if (c < 0) {
1059 			if (errno != EPIPE)
1060 				warn("netin");
1061 			bytes = -1;
1062 		}
1063 		if (d < c) {
1064 			if (d < 0)
1065 				warn("local: %s", local);
1066 			else
1067 				warnx("%s: short write", local);
1068 		}
1069 		break;
1070 
1071 	case TYPE_A:
1072 		if (restart_point) {
1073 			int i, n, ch;
1074 
1075 			if (fseek(fout, 0L, SEEK_SET) < 0)
1076 				goto done;
1077 			n = restart_point;
1078 			for (i = 0; i++ < n;) {
1079 				if ((ch = fgetc(fout)) == EOF)
1080 					goto done;
1081 				if (ch == '\n')
1082 					i++;
1083 			}
1084 			if (fseek(fout, 0L, SEEK_CUR) < 0) {
1085 done:
1086 				warn("local: %s", local);
1087 				progress = oprogress;
1088 				preserve = opreserve;
1089 				if (closefunc != NULL)
1090 					(*closefunc)(fout);
1091 				return;
1092 			}
1093 		}
1094 		while ((c = fgetc(din)) != EOF) {
1095 			may_send_noop_char();
1096 			if (c == '\n')
1097 				bare_lfs++;
1098 			while (c == '\r') {
1099 				while (hash && (!progress || filesize < 0) &&
1100 				    (bytes >= hashbytes)) {
1101 					(void)putc('#', ttyout);
1102 					(void)fflush(ttyout);
1103 					hashbytes += mark;
1104 				}
1105 				bytes++;
1106 				if ((c = fgetc(din)) != '\n' || tcrflag) {
1107 					if (ferror(fout))
1108 						goto break2;
1109 					(void)putc('\r', fout);
1110 					if (c == '\0') {
1111 						bytes++;
1112 						goto contin2;
1113 					}
1114 					if (c == EOF)
1115 						goto contin2;
1116 				}
1117 			}
1118 			(void)putc(c, fout);
1119 			bytes++;
1120 	contin2:	;
1121 		}
1122 break2:
1123 		if (bare_lfs) {
1124 			fprintf(ttyout,
1125 "WARNING! %d bare linefeeds received in ASCII mode.\n", bare_lfs);
1126 			fputs("File may not have transferred correctly.\n",
1127 			    ttyout);
1128 		}
1129 		if (hash && (!progress || filesize < 0)) {
1130 			if (bytes < hashbytes)
1131 				(void)putc('#', ttyout);
1132 			(void)putc('\n', ttyout);
1133 			(void)fflush(ttyout);
1134 		}
1135 		if (ferror(din)) {
1136 			if (errno != EPIPE)
1137 				warn("netin");
1138 			bytes = -1;
1139 		}
1140 		if (ferror(fout))
1141 			warn("local: %s", local);
1142 		break;
1143 	}
1144 	progressmeter(1);
1145 	progress = oprogress;
1146 	preserve = opreserve;
1147 	if (closefunc != NULL)
1148 		(*closefunc)(fout);
1149 	(void)signal(SIGINT, oldintr);
1150 	(void)signal(SIGINFO, oldinti);
1151 	if (oldintp)
1152 		(void)signal(SIGPIPE, oldintp);
1153 	(void)fclose(din);
1154 	(void)getreply(0);
1155 	may_receive_noop_ack();
1156 	if (bytes >= 0 && is_retr) {
1157 		if (bytes > 0)
1158 			ptransfer(0);
1159 		if (preserve && (closefunc == fclose)) {
1160 			mtime = remotemodtime(remote, 0);
1161 			if (mtime != -1) {
1162 				struct utimbuf ut;
1163 
1164 				ut.actime = time(NULL);
1165 				ut.modtime = mtime;
1166 				if (utime(local, &ut) == -1)
1167 					fprintf(ttyout,
1168 				"Can't change modification time on %s to %s",
1169 					    local, asctime(localtime(&mtime)));
1170 			}
1171 		}
1172 	}
1173 	return;
1174 
1175 abort:
1176 
1177 /* abort using RFC959 recommended IP,SYNC sequence */
1178 
1179 	progress = oprogress;
1180 	preserve = opreserve;
1181 	if (oldintp)
1182 		(void)signal(SIGPIPE, oldintp);
1183 	(void)signal(SIGINT, SIG_IGN);
1184 	if (!cpend) {
1185 		code = -1;
1186 		(void)signal(SIGINT, oldintr);
1187 		(void)signal(SIGINFO, oldinti);
1188 		return;
1189 	}
1190 
1191 	abort_remote(din);
1192 	code = -1;
1193 	if (data >= 0) {
1194 		(void)close(data);
1195 		data = -1;
1196 	}
1197 	if (closefunc != NULL && fout != NULL)
1198 		(*closefunc)(fout);
1199 	if (din)
1200 		(void)fclose(din);
1201 	if (bytes > 0)
1202 		ptransfer(0);
1203 	(void)signal(SIGINT, oldintr);
1204 	(void)signal(SIGINFO, oldinti);
1205 }
1206 
1207 /*
1208  * Need to start a listen on the data channel before we send the command,
1209  * otherwise the server's connect may fail.
1210  */
1211 int
initconn(void)1212 initconn(void)
1213 {
1214 	char *p, *a;
1215 	int result = ERROR, tmpno = 0;
1216 	int on = 1;
1217 	int error;
1218 	u_int addr[16], port[2];
1219 	u_int af, hal, pal;
1220 	char *pasvcmd = NULL;
1221 	socklen_t namelen;
1222 
1223 	if (myctladdr.su_family == AF_INET6
1224 	 && (IN6_IS_ADDR_LINKLOCAL(&myctladdr.su_sin6.sin6_addr)
1225 	  || IN6_IS_ADDR_SITELOCAL(&myctladdr.su_sin6.sin6_addr))) {
1226 		warnx("use of scoped address can be troublesome");
1227 	}
1228 reinit:
1229 	if (passivemode) {
1230 		data_addr = myctladdr;
1231 		data = socket(data_addr.su_family, SOCK_STREAM, 0);
1232 		if (data < 0) {
1233 			warn("socket");
1234 			return (1);
1235 		}
1236 		if ((options & SO_DEBUG) &&
1237 		    setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on,
1238 			       sizeof(on)) < 0)
1239 			warn("setsockopt (ignored)");
1240 		switch (data_addr.su_family) {
1241 		case AF_INET:
1242 			if (epsv4 && !epsv4bad) {
1243 				int ov;
1244 				/* shut this command up in case it fails */
1245 				ov = verbose;
1246 				verbose = -1;
1247 				result = command(pasvcmd = "EPSV");
1248 				/*
1249 				 * now back to whatever verbosity we had before
1250 				 * and we can try PASV
1251 				 */
1252 				verbose = ov;
1253 				if (code / 10 == 22 && code != 229) {
1254 					fputs(
1255 "wrong server: return code must be 229\n",
1256 						ttyout);
1257 					result = COMPLETE + 1;
1258 				}
1259 				if (result != COMPLETE) {
1260 					epsv4bad = 1;
1261 					if (debug) {
1262 						fputs(
1263 "disabling epsv4 for this connection\n",
1264 						    ttyout);
1265 					}
1266 				}
1267 			}
1268 			if (result != COMPLETE)
1269 				result = command(pasvcmd = "PASV");
1270 			break;
1271 		case AF_INET6:
1272 			result = command(pasvcmd = "EPSV");
1273 			if (code / 10 == 22 && code != 229) {
1274 				fputs(
1275 "wrong server: return code must be 229\n",
1276 					ttyout);
1277 				result = COMPLETE + 1;
1278 			}
1279 			if (result != COMPLETE)
1280 				result = command(pasvcmd = "LPSV");
1281 			break;
1282 		default:
1283 			result = COMPLETE + 1;
1284 			break;
1285 		}
1286 		if (result != COMPLETE) {
1287 			if (activefallback) {
1288 				(void)close(data);
1289 				data = -1;
1290 				passivemode = 0;
1291 				activefallback = 0;
1292 				goto reinit;
1293 			}
1294 			fputs("Passive mode refused.\n", ttyout);
1295 			goto bad;
1296 		}
1297 
1298 #define pack2(var, off) \
1299 	(((var[(off) + 0] & 0xff) << 8) | ((var[(off) + 1] & 0xff) << 0))
1300 #define pack4(var, off) \
1301 	(((var[(off) + 0] & 0xff) << 24) | ((var[(off) + 1] & 0xff) << 16) | \
1302 	 ((var[(off) + 2] & 0xff) << 8) | ((var[(off) + 3] & 0xff) << 0))
1303 
1304 		/*
1305 		 * What we've got at this point is a string of comma separated
1306 		 * one-byte unsigned integer values, separated by commas.
1307 		 */
1308 		if (!pasvcmd)
1309 			goto bad;
1310 		if (strcmp(pasvcmd, "PASV") == 0) {
1311 			if (data_addr.su_family != AF_INET) {
1312 				fputs(
1313 "Passive mode AF mismatch. Shouldn't happen!\n", ttyout);
1314 				error = 1;
1315 				goto bad;
1316 			}
1317 			if (code / 10 == 22 && code != 227) {
1318 				fputs("wrong server: return code must be 227\n",
1319 					ttyout);
1320 				error = 1;
1321 				goto bad;
1322 			}
1323 			error = sscanf(pasv, "%u,%u,%u,%u,%u,%u",
1324 					&addr[0], &addr[1], &addr[2], &addr[3],
1325 					&port[0], &port[1]);
1326 			if (error != 6) {
1327 				fputs(
1328 "Passive mode address scan failure. Shouldn't happen!\n", ttyout);
1329 				error = 1;
1330 				goto bad;
1331 			}
1332 			error = 0;
1333 			memset(&data_addr, 0, sizeof(data_addr));
1334 			data_addr.su_family = AF_INET;
1335 			data_addr.su_len = sizeof(struct sockaddr_in);
1336 			data_addr.su_sin.sin_addr.s_addr =
1337 				htonl(pack4(addr, 0));
1338 			data_addr.su_port = htons(pack2(port, 0));
1339 		} else if (strcmp(pasvcmd, "LPSV") == 0) {
1340 			if (code / 10 == 22 && code != 228) {
1341 				fputs("wrong server: return code must be 228\n",
1342 					ttyout);
1343 				error = 1;
1344 				goto bad;
1345 			}
1346 			switch (data_addr.su_family) {
1347 			case AF_INET:
1348 				error = sscanf(pasv,
1349 "%u,%u,%u,%u,%u,%u,%u,%u,%u",
1350 					&af, &hal,
1351 					&addr[0], &addr[1], &addr[2], &addr[3],
1352 					&pal, &port[0], &port[1]);
1353 				if (error != 9) {
1354 					fputs(
1355 "Passive mode address scan failure. Shouldn't happen!\n", ttyout);
1356 					error = 1;
1357 					goto bad;
1358 				}
1359 				if (af != 4 || hal != 4 || pal != 2) {
1360 					fputs(
1361 "Passive mode AF mismatch. Shouldn't happen!\n", ttyout);
1362 					error = 1;
1363 					goto bad;
1364 				}
1365 
1366 				error = 0;
1367 				memset(&data_addr, 0, sizeof(data_addr));
1368 				data_addr.su_family = AF_INET;
1369 				data_addr.su_len = sizeof(struct sockaddr_in);
1370 				data_addr.su_sin.sin_addr.s_addr =
1371 					htonl(pack4(addr, 0));
1372 				data_addr.su_port = htons(pack2(port, 0));
1373 				break;
1374 			case AF_INET6:
1375 				error = sscanf(pasv,
1376 "%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u",
1377 					&af, &hal,
1378 					&addr[0], &addr[1], &addr[2], &addr[3],
1379 					&addr[4], &addr[5], &addr[6], &addr[7],
1380 					&addr[8], &addr[9], &addr[10],
1381 					&addr[11], &addr[12], &addr[13],
1382 					&addr[14], &addr[15],
1383 					&pal, &port[0], &port[1]);
1384 				if (error != 21) {
1385 					fputs(
1386 "Passive mode address scan failure. Shouldn't happen!\n", ttyout);
1387 					error = 1;
1388 					goto bad;
1389 				}
1390 				if (af != 6 || hal != 16 || pal != 2) {
1391 					fputs(
1392 "Passive mode AF mismatch. Shouldn't happen!\n", ttyout);
1393 					error = 1;
1394 					goto bad;
1395 				}
1396 
1397 				error = 0;
1398 				memset(&data_addr, 0, sizeof(data_addr));
1399 				data_addr.su_family = AF_INET6;
1400 				data_addr.su_len = sizeof(struct sockaddr_in6);
1401 			    {
1402 				u_int32_t *p32;
1403 				p32 = (u_int32_t *)&data_addr.su_sin6.sin6_addr;
1404 				p32[0] = htonl(pack4(addr, 0));
1405 				p32[1] = htonl(pack4(addr, 4));
1406 				p32[2] = htonl(pack4(addr, 8));
1407 				p32[3] = htonl(pack4(addr, 12));
1408 			    }
1409 				data_addr.su_port = htons(pack2(port, 0));
1410 				break;
1411 			default:
1412 				error = 1;
1413 			}
1414 		} else if (strcmp(pasvcmd, "EPSV") == 0) {
1415 			char delim[4];
1416 
1417 			port[0] = 0;
1418 			if (code / 10 == 22 && code != 229) {
1419 				fputs("wrong server: return code must be 229\n",
1420 					ttyout);
1421 				error = 1;
1422 				goto bad;
1423 			}
1424 			if (sscanf(pasv, "%c%c%c%d%c", &delim[0],
1425 					&delim[1], &delim[2], &port[1],
1426 					&delim[3]) != 5) {
1427 				fputs("parse error!\n", ttyout);
1428 				error = 1;
1429 				goto bad;
1430 			}
1431 			if (delim[0] != delim[1] || delim[0] != delim[2]
1432 			 || delim[0] != delim[3]) {
1433 				fputs("parse error!\n", ttyout);
1434 				error = 1;
1435 				goto bad;
1436 			}
1437 			data_addr = hisctladdr;
1438 			data_addr.su_port = htons(port[1]);
1439 		} else
1440 			goto bad;
1441 
1442 		while (connect(data, (struct sockaddr *)&data_addr,
1443 			    data_addr.su_len) < 0) {
1444 			if (errno == EINTR)
1445 				continue;
1446 			if (activefallback) {
1447 				(void)close(data);
1448 				data = -1;
1449 				passivemode = 0;
1450 				activefallback = 0;
1451 				goto reinit;
1452 			}
1453 			warn("connect");
1454 			goto bad;
1455 		}
1456 #if defined(IPPROTO_IP) && defined(IP_TOS)
1457 		if (data_addr.su_family == AF_INET) {
1458 			on = IPTOS_THROUGHPUT;
1459 			if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on,
1460 				       sizeof(int)) < 0)
1461 				warn("setsockopt TOS (ignored)");
1462 		}
1463 #endif
1464 		return (0);
1465 	}
1466 
1467 noport:
1468 	data_addr = myctladdr;
1469 	if (sendport)
1470 		data_addr.su_port = 0;	/* let system pick one */
1471 	if (data != -1)
1472 		(void)close(data);
1473 	data = socket(data_addr.su_family, SOCK_STREAM, 0);
1474 	if (data < 0) {
1475 		warn("socket");
1476 		if (tmpno)
1477 			sendport = 1;
1478 		return (1);
1479 	}
1480 	if (!sendport)
1481 		if (setsockopt(data, SOL_SOCKET, SO_REUSEADDR, (char *)&on,
1482 				sizeof(on)) < 0) {
1483 			warn("setsockopt (reuse address)");
1484 			goto bad;
1485 		}
1486 	switch (data_addr.su_family) {
1487 	case AF_INET:
1488 		on = IP_PORTRANGE_HIGH;
1489 		if (setsockopt(data, IPPROTO_IP, IP_PORTRANGE,
1490 		    (char *)&on, sizeof(on)) < 0)
1491 			warn("setsockopt IP_PORTRANGE (ignored)");
1492 		break;
1493 	case AF_INET6:
1494 		on = IPV6_PORTRANGE_HIGH;
1495 		if (setsockopt(data, IPPROTO_IPV6, IPV6_PORTRANGE,
1496 		    (char *)&on, sizeof(on)) < 0)
1497 			warn("setsockopt IPV6_PORTRANGE (ignored)");
1498 		break;
1499 	}
1500 	if (bind(data, (struct sockaddr *)&data_addr, data_addr.su_len) < 0) {
1501 		warn("bind");
1502 		goto bad;
1503 	}
1504 	if (options & SO_DEBUG &&
1505 	    setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on,
1506 			sizeof(on)) < 0)
1507 		warn("setsockopt (ignored)");
1508 	namelen = sizeof(data_addr);
1509 	if (getsockname(data, (struct sockaddr *)&data_addr, &namelen) < 0) {
1510 		warn("getsockname");
1511 		goto bad;
1512 	}
1513 	if (listen(data, 1) < 0)
1514 		warn("listen");
1515 
1516 #define	UC(b)	(((int)b)&0xff)
1517 
1518 	if (sendport) {
1519 		char hname[NI_MAXHOST], pbuf[NI_MAXSERV];
1520 		int af_tmp;
1521 		union sockunion tmp;
1522 
1523 		tmp = data_addr;
1524 		switch (tmp.su_family) {
1525 		case AF_INET:
1526 			if (!epsv4 || epsv4bad) {
1527 				result = COMPLETE +1;
1528 				break;
1529 			}
1530 			/*FALLTHROUGH*/
1531 		case AF_INET6:
1532 			if (tmp.su_family == AF_INET6)
1533 				tmp.su_sin6.sin6_scope_id = 0;
1534 			af_tmp = (tmp.su_family == AF_INET) ? 1 : 2;
1535 			if (getnameinfo((struct sockaddr *)&tmp,
1536 			    tmp.su_len, hname, sizeof(hname),
1537 			    pbuf, sizeof(pbuf), NI_NUMERICHOST | NI_NUMERICSERV)) {
1538 				result = ERROR;
1539 			} else {
1540 				result = command("EPRT |%d|%s|%s|",
1541 				    af_tmp, hname, pbuf);
1542 				if (result != COMPLETE) {
1543 					epsv4bad = 1;
1544 					if (debug) {
1545 						fputs(
1546 "disabling epsv4 for this connection\n",
1547 						    ttyout);
1548 					}
1549 				}
1550 			}
1551 			break;
1552 		default:
1553 			result = COMPLETE + 1;
1554 			break;
1555 		}
1556 		if (result == COMPLETE)
1557 			goto skip_port;
1558 
1559 		switch (data_addr.su_family) {
1560 		case AF_INET:
1561 			a = (char *)&data_addr.su_sin.sin_addr;
1562 			p = (char *)&data_addr.su_port;
1563 			result = command("PORT %d,%d,%d,%d,%d,%d",
1564 				 UC(a[0]), UC(a[1]), UC(a[2]), UC(a[3]),
1565 				 UC(p[0]), UC(p[1]));
1566 			break;
1567 		case AF_INET6:
1568 			a = (char *)&data_addr.su_sin6.sin6_addr;
1569 			p = (char *)&data_addr.su_port;
1570 			result = command(
1571 "LPRT %d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d",
1572 				 6, 16,
1573 				 UC(a[0]),UC(a[1]),UC(a[2]),UC(a[3]),
1574 				 UC(a[4]),UC(a[5]),UC(a[6]),UC(a[7]),
1575 				 UC(a[8]),UC(a[9]),UC(a[10]),UC(a[11]),
1576 				 UC(a[12]),UC(a[13]),UC(a[14]),UC(a[15]),
1577 				 2, UC(p[0]), UC(p[1]));
1578 			break;
1579 		default:
1580 			result = COMPLETE + 1; /* xxx */
1581 		}
1582 	skip_port:
1583 
1584 		if (result == ERROR && sendport == -1) {
1585 			sendport = 0;
1586 			tmpno = 1;
1587 			goto noport;
1588 		}
1589 		return (result != COMPLETE);
1590 	}
1591 	if (tmpno)
1592 		sendport = 1;
1593 #if defined(IPPROTO_IP) && defined(IP_TOS)
1594 	if (data_addr.su_family == AF_INET) {
1595 		on = IPTOS_THROUGHPUT;
1596 		if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on,
1597 			       sizeof(int)) < 0)
1598 			warn("setsockopt TOS (ignored)");
1599 	}
1600 #endif
1601 	return (0);
1602 bad:
1603 	(void)close(data), data = -1;
1604 	if (tmpno)
1605 		sendport = 1;
1606 	return (1);
1607 }
1608 
1609 FILE *
dataconn(const char * lmode)1610 dataconn(const char *lmode)
1611 {
1612 	union sockunion from;
1613 	socklen_t fromlen = myctladdr.su_len;
1614 	int s;
1615 
1616 	if (passivemode)
1617 		return (fdopen(data, lmode));
1618 
1619 	s = accept(data, (struct sockaddr *) &from, &fromlen);
1620 	if (s < 0) {
1621 		warn("accept");
1622 		(void)close(data), data = -1;
1623 		return (NULL);
1624 	}
1625 	(void)close(data);
1626 	data = s;
1627 #if defined(IPPROTO_IP) && defined(IP_TOS)
1628 	if (from.su_family == AF_INET) {
1629 		int tos = IPTOS_THROUGHPUT;
1630 		if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos,
1631 				sizeof(int)) < 0) {
1632 			warn("setsockopt TOS (ignored)");
1633 		}
1634 	}
1635 #endif
1636 	return (fdopen(data, lmode));
1637 }
1638 
1639 /* ARGSUSED */
1640 void
psummary(int signo)1641 psummary(int signo)
1642 {
1643 	int save_errno = errno;
1644 
1645 	if (bytes > 0)
1646 		ptransfer(1);
1647 	errno = save_errno;
1648 }
1649 
1650 /* ARGSUSED */
1651 void
psabort(int signo)1652 psabort(int signo)
1653 {
1654 
1655 	alarmtimer(0);
1656 	abrtflag++;
1657 }
1658 
1659 void
pswitch(int flag)1660 pswitch(int flag)
1661 {
1662 	sig_t oldintr;
1663 	static struct comvars {
1664 		int connect;
1665 		char name[MAXHOSTNAMELEN];
1666 		union sockunion mctl;
1667 		union sockunion hctl;
1668 		FILE *in;
1669 		FILE *out;
1670 		int tpe;
1671 		int curtpe;
1672 		int cpnd;
1673 		int sunqe;
1674 		int runqe;
1675 		int mcse;
1676 		int ntflg;
1677 		char nti[17];
1678 		char nto[17];
1679 		int mapflg;
1680 		char mi[MAXPATHLEN];
1681 		char mo[MAXPATHLEN];
1682 	} proxstruct, tmpstruct;
1683 	struct comvars *ip, *op;
1684 
1685 	abrtflag = 0;
1686 	oldintr = signal(SIGINT, psabort);
1687 	if (flag) {
1688 		if (proxy)
1689 			return;
1690 		ip = &tmpstruct;
1691 		op = &proxstruct;
1692 		proxy++;
1693 	} else {
1694 		if (!proxy)
1695 			return;
1696 		ip = &proxstruct;
1697 		op = &tmpstruct;
1698 		proxy = 0;
1699 	}
1700 	ip->connect = connected;
1701 	connected = op->connect;
1702 	if (hostname) {
1703 		(void)strlcpy(ip->name, hostname, sizeof(ip->name));
1704 	} else
1705 		ip->name[0] = '\0';
1706 	hostname = op->name;
1707 	ip->hctl = hisctladdr;
1708 	hisctladdr = op->hctl;
1709 	ip->mctl = myctladdr;
1710 	myctladdr = op->mctl;
1711 	ip->in = cin;
1712 	cin = op->in;
1713 	ip->out = cout;
1714 	cout = op->out;
1715 	ip->tpe = type;
1716 	type = op->tpe;
1717 	ip->curtpe = curtype;
1718 	curtype = op->curtpe;
1719 	ip->cpnd = cpend;
1720 	cpend = op->cpnd;
1721 	ip->sunqe = sunique;
1722 	sunique = op->sunqe;
1723 	ip->runqe = runique;
1724 	runique = op->runqe;
1725 	ip->mcse = mcase;
1726 	mcase = op->mcse;
1727 	ip->ntflg = ntflag;
1728 	ntflag = op->ntflg;
1729 	(void)strlcpy(ip->nti, ntin, sizeof(ip->nti));
1730 	(void)strlcpy(ntin, op->nti, sizeof ntin);
1731 	(void)strlcpy(ip->nto, ntout, sizeof(ip->nto));
1732 	(void)strlcpy(ntout, op->nto, sizeof ntout);
1733 	ip->mapflg = mapflag;
1734 	mapflag = op->mapflg;
1735 	(void)strlcpy(ip->mi, mapin, sizeof(ip->mi));
1736 	(void)strlcpy(mapin, op->mi, sizeof mapin);
1737 	(void)strlcpy(ip->mo, mapout, sizeof(ip->mo));
1738 	(void)strlcpy(mapout, op->mo, sizeof mapout);
1739 	(void)signal(SIGINT, oldintr);
1740 	if (abrtflag) {
1741 		abrtflag = 0;
1742 		(*oldintr)(SIGINT);
1743 	}
1744 }
1745 
1746 /* ARGSUSED */
1747 void
abortpt(int signo)1748 abortpt(int signo)
1749 {
1750 
1751 	alarmtimer(0);
1752 	putc('\n', ttyout);
1753 	(void)fflush(ttyout);
1754 	ptabflg++;
1755 	mflag = 0;
1756 	abrtflag = 0;
1757 	longjmp(ptabort, 1);
1758 }
1759 
1760 void
proxtrans(const char * cmd,const char * local,const char * remote)1761 proxtrans(const char *cmd, const char *local, const char *remote)
1762 {
1763 	volatile sig_t oldintr;
1764 	int prox_type, nfnd;
1765 	volatile int secndflag;
1766 	char * volatile cmd2;
1767 	struct pollfd pfd[1];
1768 
1769 	oldintr = NULL;
1770 	secndflag = 0;
1771 	if (strcmp(cmd, "RETR"))
1772 		cmd2 = "RETR";
1773 	else
1774 		cmd2 = runique ? "STOU" : "STOR";
1775 	if ((prox_type = type) == 0) {
1776 		if (unix_server && unix_proxy)
1777 			prox_type = TYPE_I;
1778 		else
1779 			prox_type = TYPE_A;
1780 	}
1781 	if (curtype != prox_type)
1782 		changetype(prox_type, 1);
1783 	if (command("PASV") != COMPLETE) {
1784 		fputs("proxy server does not support third party transfers.\n",
1785 		    ttyout);
1786 		return;
1787 	}
1788 	pswitch(0);
1789 	if (!connected) {
1790 		fputs("No primary connection.\n", ttyout);
1791 		pswitch(1);
1792 		code = -1;
1793 		return;
1794 	}
1795 	if (curtype != prox_type)
1796 		changetype(prox_type, 1);
1797 	if (command("PORT %s", pasv) != COMPLETE) {
1798 		pswitch(1);
1799 		return;
1800 	}
1801 	if (setjmp(ptabort))
1802 		goto abort;
1803 	oldintr = signal(SIGINT, abortpt);
1804 	if (command("%s %s", cmd, remote) != PRELIM) {
1805 		(void)signal(SIGINT, oldintr);
1806 		pswitch(1);
1807 		return;
1808 	}
1809 	sleep(2);
1810 	pswitch(1);
1811 	secndflag++;
1812 	if (command("%s %s", cmd2, local) != PRELIM)
1813 		goto abort;
1814 	ptflag++;
1815 	(void)getreply(0);
1816 	pswitch(0);
1817 	(void)getreply(0);
1818 	(void)signal(SIGINT, oldintr);
1819 	pswitch(1);
1820 	ptflag = 0;
1821 	fprintf(ttyout, "local: %s remote: %s\n", local, remote);
1822 	return;
1823 abort:
1824 	(void)signal(SIGINT, SIG_IGN);
1825 	ptflag = 0;
1826 	if (strcmp(cmd, "RETR") && !proxy)
1827 		pswitch(1);
1828 	else if (!strcmp(cmd, "RETR") && proxy)
1829 		pswitch(0);
1830 	if (!cpend && !secndflag) {  /* only here if cmd = "STOR" (proxy=1) */
1831 		if (command("%s %s", cmd2, local) != PRELIM) {
1832 			pswitch(0);
1833 			if (cpend)
1834 				abort_remote(NULL);
1835 		}
1836 		pswitch(1);
1837 		if (ptabflg)
1838 			code = -1;
1839 		(void)signal(SIGINT, oldintr);
1840 		return;
1841 	}
1842 	if (cpend)
1843 		abort_remote(NULL);
1844 	pswitch(!proxy);
1845 	if (!cpend && !secndflag) {  /* only if cmd = "RETR" (proxy=1) */
1846 		if (command("%s %s", cmd2, local) != PRELIM) {
1847 			pswitch(0);
1848 			if (cpend)
1849 				abort_remote(NULL);
1850 			pswitch(1);
1851 			if (ptabflg)
1852 				code = -1;
1853 			(void)signal(SIGINT, oldintr);
1854 			return;
1855 		}
1856 	}
1857 	if (cpend)
1858 		abort_remote(NULL);
1859 	pswitch(!proxy);
1860 	if (cpend) {
1861 		pfd[0].fd = fileno(cin);
1862 		pfd[0].events = POLLIN;
1863 		if ((nfnd = poll(pfd, 1, 10 * 1000)) <= 0) {
1864 			if (nfnd < 0)
1865 				warn("abort");
1866 			if (ptabflg)
1867 				code = -1;
1868 			lostpeer();
1869 		}
1870 		(void)getreply(0);
1871 		(void)getreply(0);
1872 	}
1873 	if (proxy)
1874 		pswitch(0);
1875 	pswitch(1);
1876 	if (ptabflg)
1877 		code = -1;
1878 	(void)signal(SIGINT, oldintr);
1879 }
1880 
1881 /* ARGSUSED */
1882 void
reset(int argc,char * argv[])1883 reset(int argc, char *argv[])
1884 {
1885 	struct pollfd pfd[1];
1886 	int nfnd = 1;
1887 
1888 	pfd[0].fd = fileno(cin);
1889 	pfd[0].events = POLLIN;
1890 	while (nfnd > 0) {
1891 		if ((nfnd = poll(pfd, 1, 0)) < 0) {
1892 			warn("reset");
1893 			code = -1;
1894 			lostpeer();
1895 		} else if (nfnd) {
1896 			(void)getreply(0);
1897 		}
1898 	}
1899 }
1900 
1901 char *
gunique(const char * local)1902 gunique(const char *local)
1903 {
1904 	static char new[MAXPATHLEN];
1905 	char *cp = strrchr(local, '/');
1906 	int d, count=0;
1907 	char ext = '1';
1908 
1909 	if (cp)
1910 		*cp = '\0';
1911 	d = access(cp == local ? "/" : cp ? local : ".", W_OK);
1912 	if (cp)
1913 		*cp = '/';
1914 	if (d < 0) {
1915 		warn("local: %s", local);
1916 		return ((char *) 0);
1917 	}
1918 	(void)strlcpy(new, local, sizeof new);
1919 	cp = new + strlen(new);
1920 	*cp++ = '.';
1921 	while (!d) {
1922 		if (++count == 100) {
1923 			fputs("runique: can't find unique file name.\n", ttyout);
1924 			return ((char *) 0);
1925 		}
1926 		*cp++ = ext;
1927 		*cp = '\0';
1928 		if (ext == '9')
1929 			ext = '0';
1930 		else
1931 			ext++;
1932 		if ((d = access(new, F_OK)) < 0)
1933 			break;
1934 		if (ext != '0')
1935 			cp--;
1936 		else if (*(cp - 2) == '.')
1937 			*(cp - 1) = '1';
1938 		else {
1939 			*(cp - 2) = *(cp - 2) + 1;
1940 			cp--;
1941 		}
1942 	}
1943 	return (new);
1944 }
1945 
1946 void
abort_remote(FILE * din)1947 abort_remote(FILE *din)
1948 {
1949 	char buf[BUFSIZ];
1950 	int nfnd;
1951 	struct pollfd pfd[2];
1952 
1953 	if (cout == NULL) {
1954 		warnx("Lost control connection for abort.");
1955 		if (ptabflg)
1956 			code = -1;
1957 		lostpeer();
1958 		return;
1959 	}
1960 
1961 	/*
1962 	 * send IAC in urgent mode instead of DM because 4.3BSD places oob mark
1963 	 * after urgent byte rather than before as is protocol now
1964 	 */
1965 	snprintf(buf, sizeof buf, "%c%c%c", IAC, IP, IAC);
1966 	if (send(fileno(cout), buf, 3, MSG_OOB) != 3)
1967 		warn("abort");
1968 	fprintf(cout, "%cABOR\r\n", DM);
1969 	(void)fflush(cout);
1970 	pfd[0].fd = fileno(cin);
1971 	pfd[0].events = POLLIN;
1972 	nfnd = 1;
1973 	if (din) {
1974 		pfd[1].fd = fileno(din);
1975 		pfd[1].events = POLLIN;
1976 		nfnd++;
1977 	}
1978 	if ((nfnd = poll(pfd, nfnd, 10 * 1000)) <= 0) {
1979 		if (nfnd < 0)
1980 			warn("abort");
1981 		if (ptabflg)
1982 			code = -1;
1983 		lostpeer();
1984 	}
1985 	if (din && (pfd[1].revents & POLLIN)) {
1986 		while (read(fileno(din), buf, BUFSIZ) > 0)
1987 			/* LOOP */;
1988 	}
1989 	if (getreply(0) == ERROR && code == 552) {
1990 		/* 552 needed for nic style abort */
1991 		(void)getreply(0);
1992 	}
1993 	(void)getreply(0);
1994 }
1995