📄 access.c
字号:
* %<gid> A single GID * %<gid>+ All GIDs greater or equal to GID * %<gid>- All GIDs greater or equal to GID * %-<gid> All GIDs less or equal to GID * %<gid>-<gid> All GIDs between the two (inclusive) * * All GIDs */ while (getaclentry("realgroup", &entry)) { for (which = 0; (which < MAXARGS) && ARG[which]; which++) { if (!strcmp(ARG[which], "*")) return (1); if (ARG[which][0] == '%') { char *ptr = strchr(ARG[which] + 1, '-'); if (!ptr) { ptr = strchr(ARG[which] + 1, '+'); if (!ptr) { if (pw->pw_gid == strtoul(ARG[which] + 1, NULL, 0)) return (1); } else { *ptr++ = '\0'; if ((ARG[which][1] == '\0') || (pw->pw_gid >= strtoul(ARG[which] + 1, NULL, 0))) { *--ptr = '+'; return (1); } *--ptr = '+'; } } else { *ptr++ = '\0'; if (((ARG[which][1] == '\0') || (pw->pw_gid >= strtoul(ARG[which] + 1, NULL, 0))) && ((*ptr == '\0') || (pw->pw_gid <= strtoul(ptr, NULL, 0)))) { *--ptr = '-'; return (1); } *--ptr = '-'; } } else { if ((grp = getgrnam(ARG[which]))) { if (grp->gr_gid == pw->pw_gid) return (1); for (member = grp->gr_mem; *member; member++) if (!strcasecmp(*member, pw->pw_name)) return (1); } } } } return (0);}/*************************************************************************//* FUNCTION : acl_autogroup *//* PURPOSE : If the guest user is a member of any of the classes in *//* the autogroup comment, cause a setegid() to the specified *//* group. *//* ARGUMENTS : pw, a pointer to the passwd struct for the user *//*************************************************************************/void acl_autogroup(struct passwd *pw){ char class[1024]; struct aclmember *entry = NULL; struct group *grp; int which; (void) acl_getclass(class); /* autogroup <group> <class> [<class> ...] */ while (getaclentry("autogroup", &entry)) { if (!ARG0 || !ARG1) continue; for (which = 1; (which < MAXARGS) && ARG[which]; which++) { if (!strcasecmp(ARG[which], class)) { if (ARG0[0] == '%') pw->pw_gid = atoi(ARG0 + 1); else { if ((grp = getgrnam(ARG0))) pw->pw_gid = grp->gr_gid; else syslog(LOG_ERR, "autogroup: set group %s not found", ARG0); endgrent(); } return; } } }}/*************************************************************************//* FUNCTION : acl_setfunctions *//* PURPOSE : Scan the ACL buffer and determine what logging to perform *//* for this user, and whether or not user is allowed to use *//* the automatic TAR and COMPRESS functions. Also, set the *//* current process priority of this copy of the ftpd server *//* to a `nice' value value if this user is a member of a *//* group which the ftpaccess file says should be nice'd. *//* ARGUMENTS : pointer to buffer to class name, pointer to ACL buffer *//*************************************************************************/void acl_setfunctions(void){ char class[1024]; extern int log_incoming_xfers, log_outbound_xfers, mangleopts, log_commands, log_security, syslogmsg, lgi_failure_threshold; struct aclmember *entry = NULL; int l_compress, l_tar, inbound = 0, outbound = 0, which, set; log_incoming_xfers = 0; log_outbound_xfers = 0; log_commands = 0; log_security = 0; memset((void *) &class[0], 0, sizeof(class)); (void) acl_getclass(class); entry = (struct aclmember *) NULL; if (getaclentry("loginfails", &entry) && ARG0 != NULL) { lgi_failure_threshold = atoi(ARG0); }#ifndef NO_PRIVATE entry = (struct aclmember *) NULL; if (getaclentry("private", &entry) && !strcasecmp(ARG0, "yes")) priv_setup(_path_private);#endif /* !NO_PRIVATE */ entry = (struct aclmember *) NULL; set = 0; while (!set && getaclentry("compress", &entry)) { l_compress = 0; if (!strcasecmp(ARG0, "yes")) l_compress = 1; for (which = 1; (which < MAXARGS) && ARG[which]; which++) { if (!wu_fnmatch(ARG[which], class, FNM_CASEFOLD)) { mangleopts |= l_compress * (O_COMPRESS | O_UNCOMPRESS); set = 1; } } } entry = (struct aclmember *) NULL; set = 0; while (!set && getaclentry("tar", &entry)) { l_tar = 0; if (!strcasecmp(ARG0, "yes")) l_tar = 1; for (which = 1; (which < MAXARGS) && ARG[which]; which++) { if (!wu_fnmatch(ARG[which], class, FNM_CASEFOLD)) { mangleopts |= l_tar * O_TAR; set = 1; } } } /* plan on expanding command syntax to include classes for each of these */ entry = (struct aclmember *) NULL; while (getaclentry("log", &entry)) { if (!strcasecmp(ARG0, "commands")) { if (anonymous && strcasestr(ARG1, "anonymous")) log_commands = 1; if (guest && strcasestr(ARG1, "guest")) log_commands = 1; if (!guest && !anonymous && strcasestr(ARG1, "real")) log_commands = 1; } if (!strcasecmp(ARG0, "transfers")) { set = 0; if (strcasestr(ARG1, "anonymous") && anonymous) set = 1; if (strcasestr(ARG1, "guest") && guest) set = 1; if (strcasestr(ARG1, "real") && !guest && !anonymous) set = 1; if (strcasestr(ARG2, "inbound")) inbound = 1; if (strcasestr(ARG2, "outbound")) outbound = 1; if (set) log_incoming_xfers = inbound; if (set) log_outbound_xfers = outbound; } if (!strcasecmp(ARG0, "security")) { if (strcasestr(ARG1, "anonymous") && anonymous) log_security = 1; if (strcasestr(ARG1, "guest") && guest) log_security = 1; if (strcasestr(ARG1, "real") && !guest && !anonymous) log_security = 1; } if (!strcasecmp(ARG0, "syslog")) syslogmsg = 1; if (!strcasecmp(ARG0, "xferlog")) syslogmsg = 0; if (!strcasecmp(ARG0, "syslog+xferlog") || !strcasecmp(ARG0, "xferlog+syslog")) syslogmsg = 2; }}/*************************************************************************//* FUNCTION : acl_getclass *//* PURPOSE : Scan the ACL buffer and determine what class user is in *//* ARGUMENTS : pointer to buffer to class name, pointer to ACL buffer *//*************************************************************************/int acl_getclass(char *classbuf){ int which; struct aclmember *entry = NULL; while (getaclentry("class", &entry)) { if (ARG0) strcpy(classbuf, ARG0); for (which = 2; (which < MAXARGS) && ARG[which]; which++) { if (anonymous && strcasestr(ARG1, "anonymous") && hostmatch(ARG[which], remoteaddr, remotehost)) return (1); if (guest && strcasestr(ARG1, "guest") && hostmatch(ARG[which], remoteaddr, remotehost)) return (1); if (!guest && !anonymous && strcasestr(ARG1, "real") && hostmatch(ARG[which], remoteaddr, remotehost)) return (1); } } *classbuf = (char) NULL; return (0);}/*************************************************************************//* FUNCTION : acl_getlimit *//* PURPOSE : Scan the ACL buffer and determine what limit applies to *//* the user *//* ARGUMENTS : pointer class name, pointer to ACL buffer *//*************************************************************************/int acl_getlimit(char *class, char *msgpathbuf){ int limit; struct aclmember *entry = NULL; if (msgpathbuf) *msgpathbuf = '\0'; /* limit <class> <n> <times> [<message_file>] */ while (getaclentry("limit", &entry)) { if (!ARG0 || !ARG1 || !ARG2) continue; if (!strcasecmp(class, ARG0)) { limit = atoi(ARG1); if (validtime(ARG2)) { if (ARG3 && msgpathbuf) strcpy(msgpathbuf, ARG3); return (limit); } } } return (-1);}/*************************************************************************//* FUNCTION : acl_getnice *//* PURPOSE : Scan the ACL buffer and determine what nice value applies *//* to the user *//* ARGUMENTS : pointer class name *//*************************************************************************/int acl_getnice(char *class){ int nice_delta_for_class_found = 0; int nice_delta = 0; int default_nice_delta = 0; struct aclmember *entry = NULL; /* nice <nice_delta> [<class>] */ while (getaclentry("nice", &entry)) { if (!ARG0) continue; if (!ARG1) default_nice_delta = atoi(ARG0); else if (!strcasecmp(class, ARG1)) { nice_delta_for_class_found = 1; nice_delta = atoi(ARG0); } } if (!nice_delta_for_class_found) nice_delta = default_nice_delta; return nice_delta;}/*************************************************************************//* FUNCTION : acl_getdefumask *//* PURPOSE : Scan the ACL buffer to determine what umask value applies *//* to the user *//* ARGUMENTS : pointer to class name *//*************************************************************************/void acl_getdefumask(char *class){ struct aclmember *entry = NULL; /* defumask <umask> [<class>] */ while (getaclentry("defumask", &entry)) { if (!ARG0) continue; if (!ARG1) defumask = strtoul(ARG0, NULL, 0); else if (!strcasecmp(class, ARG1)) { defumask = strtoul(ARG0, NULL, 0); break; } } umask(defumask);}/*************************************************************************//* FUNCTION : acl_tcpwindow *//* PURPOSE : Scan the ACL buffer and determine what TCP window size to *//* use based upon the class *//* ARGUMENTS : pointer to class name *//*************************************************************************/void acl_tcpwindow(char *class){ struct aclmember *entry = NULL; /* tcpwindow <size> [<class>] */ while (getaclentry("tcpwindow", &entry)) { if (!ARG0) continue; if (!ARG1) TCPwindowsize = strtoul(ARG0, NULL, 0); else if (!strcasecmp(class, ARG1)) { TCPwindowsize = strtoul(ARG0, NULL, 0); break; } }}#ifdef TRANSFER_COUNT#ifdef TRANSFER_LIMIT/*************************************************************************//* FUNCTION : acl_filelimit *//* PURPOSE : Scan the ACL buffer and determine what file limit to use *//* based upon the class *//* ARGUMENTS : pointer to class name *//*************************************************************************/void acl_filelimit(char *class){ struct aclmember *entry = NULL; int raw_in = 0; int raw_out = 0; int raw_total = 0; int data_in = 0; int data_out = 0; int data_total = 0; extern int file_limit_raw_in; extern int file_limit_raw_out; extern int file_limit_raw_total; extern int file_limit_data_in; extern int file_limit_data_out; extern int file_limit_data_total; /* file-limit [<raw>] <in|out|total> <count> [<class>] */ while (getaclentry("file-limit", &entry)) { if (!ARG0 || !ARG1) continue; if (!strcasecmp(ARG0, "raw")) { if (!ARG2) continue; if (!strcasecmp(ARG1, "in")) { if (!ARG3) { if (!raw_in) file_limit_raw_in = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_in = 1; file_limit_raw_in = atoi(ARG2); } } else if (!strcasecmp(ARG1, "out")) { if (!ARG3) { if (!raw_out) file_limit_raw_out = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_out = 1; file_limit_raw_out = atoi(ARG2); } } else if (!strcasecmp(ARG1, "total")) { if (!ARG3) { if (!raw_total) file_limit_raw_total = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_total = 1; file_limit_raw_total = atoi(ARG2); } } } else if (!strcasecmp(ARG0, "in")) { if (!ARG2) { if (!data_in) file_limit_data_in = atoi(ARG1); } else if (!strcasecmp(class, ARG2)) { data_in = 1; file_limit_data_in = atoi(ARG1); } } else if (!strcasecmp(ARG0, "out")) { if (!ARG2) { if (!data_out) file_limit_data_out = atoi(ARG1); } else if (!strcasecmp(class, ARG2)) { data_out = 1; file_limit_data_out = atoi(ARG1); } } else if (!strcasecmp(ARG0, "total")) { if (!ARG2) { if (!data_total) file_limit_data_total = atoi(ARG1); } else if (!strcasecmp(class, ARG2)) { data_total = 1; file_limit_data_total = atoi(ARG1); } } }}/*************************************************************************//* FUNCTION : acl_datalimit *//* PURPOSE : Scan the ACL buffer and determine what data limit to use *//* based upon the class *//* ARGUMENTS : pointer to class name *//*************************************************************************/void acl_datalimit(char *class){ struct aclmember *entry = NULL; int raw_in = 0; int raw_out = 0; int raw_total = 0; int data_in = 0; int data_out = 0; int data_total = 0; extern int data_limit_raw_in; extern int data_limit_raw_out; extern int data_limit_raw_total; extern int data_limit_data_in; extern int data_limit_data_out; extern int data_limit_data_total; /* data-limit [<raw>] <in|out|total> <count> [<class>] */ while (getaclentry("data-limit", &entry)) { if (!ARG0 || !ARG1) continue; if (!strcasecmp(ARG0, "raw")) { if (!ARG2) continue; if (!strcasecmp(ARG1, "in")) { if (!ARG3) { if (!raw_in) data_limit_raw_in = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_in = 1; data_limit_raw_in = atoi(ARG2); } } else if (!strcasecmp(ARG1, "out")) { if (!ARG3) { if (!raw_out) data_limit_raw_out = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_out = 1; data_limit_raw_out = atoi(ARG2); } } else if (!strcasecmp(ARG1, "total")) { if (!ARG3) { if (!raw_total) data_limit_raw_total = atoi(ARG2); } else if (!strcasecmp(class, ARG3)) { raw_total = 1; data_limit_raw_total = atoi(ARG2);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -