diff options
author | Denys Vlasenko | 2015-03-31 21:46:26 +0200 |
---|---|---|
committer | Denys Vlasenko | 2015-03-31 21:46:26 +0200 |
commit | 9472e8a86fa1837bccec9e25dd18fd3c88c5e209 (patch) | |
tree | 77e938c19f0d93d004f35382953ffd9f0432c154 | |
parent | 379e8e81afed0613271e39e33190c6dfec78b695 (diff) | |
download | busybox-9472e8a86fa1837bccec9e25dd18fd3c88c5e209.zip busybox-9472e8a86fa1837bccec9e25dd18fd3c88c5e209.tar.gz |
ftpd: change_identity() must be after chroot()
Otherwise chroot() doesn't work for non-root
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | networking/ftpd.c | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/networking/ftpd.c b/networking/ftpd.c index 0c10e1f..2351d6d 100644 --- a/networking/ftpd.c +++ b/networking/ftpd.c @@ -1116,6 +1116,9 @@ int ftpd_main(int argc, char **argv) int ftpd_main(int argc UNUSED_PARAM, char **argv) #endif { +#if ENABLE_FEATURE_FTP_AUTHENTICATION + struct passwd *pw = NULL; +#endif unsigned abs_timeout; unsigned verbose_S; smallint opts; @@ -1193,29 +1196,23 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) signal(SIGALRM, timeout_handler); #if ENABLE_FEATURE_FTP_AUTHENTICATION - { - struct passwd *pw = NULL; - - while (1) { - uint32_t cmdval = cmdio_get_cmd_and_arg(); - + while (1) { + uint32_t cmdval = cmdio_get_cmd_and_arg(); if (cmdval == const_USER) { - pw = getpwnam(G.ftp_arg); - cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n"); - } else if (cmdval == const_PASS) { - if (check_password(pw, G.ftp_arg) > 0) { - break; /* login success */ - } - cmdio_write_raw(STR(FTP_LOGINERR)" Login failed\r\n"); - pw = NULL; - } else if (cmdval == const_QUIT) { - WRITE_OK(FTP_GOODBYE); - return 0; - } else { - cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); + pw = getpwnam(G.ftp_arg); + cmdio_write_raw(STR(FTP_GIVEPWORD)" Please specify password\r\n"); + } else if (cmdval == const_PASS) { + if (check_password(pw, G.ftp_arg) > 0) { + break; /* login success */ } + cmdio_write_raw(STR(FTP_LOGINERR)" Login failed\r\n"); + pw = NULL; + } else if (cmdval == const_QUIT) { + WRITE_OK(FTP_GOODBYE); + return 0; + } else { + cmdio_write_raw(STR(FTP_LOGINERR)" Login with USER and PASS\r\n"); } - change_identity(pw); } WRITE_OK(FTP_LOGINOK); #endif @@ -1233,6 +1230,10 @@ int ftpd_main(int argc UNUSED_PARAM, char **argv) xchroot(argv[0]); } +#if ENABLE_FEATURE_FTP_AUTHENTICATION + change_identity(pw); +#endif + /* RFC-959 Section 5.1 * The following commands and options MUST be supported by every * server-FTP and user-FTP, except in cases where the underlying |