FtpServer.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9/* DEBUG: section 33 Transfer protocol servers */
10
11#include "squid.h"
12#include "acl/FilledChecklist.h"
13#include "base/CharacterSet.h"
14#include "base/Raw.h"
15#include "base/RefCount.h"
16#include "base/Subscription.h"
17#include "client_side_reply.h"
18#include "client_side_request.h"
19#include "clientStream.h"
20#include "comm/ConnOpener.h"
21#include "comm/Read.h"
22#include "comm/TcpAcceptor.h"
23#include "comm/Write.h"
24#include "errorpage.h"
25#include "fd.h"
26#include "ftp/Elements.h"
27#include "ftp/Parsing.h"
28#include "globals.h"
30#include "http/Stream.h"
31#include "HttpHdrCc.h"
32#include "ip/tools.h"
33#include "ipc/FdNotes.h"
34#include "parser/Tokenizer.h"
35#include "servers/forward.h"
36#include "servers/FtpServer.h"
37#include "SquidConfig.h"
38#include "StatCounters.h"
39#include "tools.h"
40
41#include <set>
42#include <map>
43
45
46namespace Ftp
47{
48static void PrintReply(MemBuf &mb, const HttpReply *reply, const char *const prefix = "");
49static bool SupportedCommand(const SBuf &name);
50static bool CommandHasPathParameter(const SBuf &cmd);
51};
52
54 AsyncJob("Ftp::Server"),
55 ConnStateData(xact),
56 master(new MasterState),
57 uri(),
58 host(),
59 gotEpsvAll(false),
60 onDataAcceptCall(),
61 dataListenConn(),
62 dataConn(),
63 uploadAvailSize(0),
64 listener(),
65 dataConnWait(),
66 reader(),
67 waitingForOrigin(false),
68 originDataDownloadAbortedOnError(false)
69{
70 flags.readMore = false; // we need to announce ourselves first
71 *uploadBuf = 0;
72}
73
75{
76 closeDataConnection();
77}
78
79int
81{
82 return 0; // no support for concurrent FTP requests
83}
84
85time_t
87{
89}
90
91void
93{
95
96 if (transparent()) {
97 char buf[MAX_IPSTRLEN];
98 clientConnection->local.toUrl(buf, MAX_IPSTRLEN);
99 host = buf;
100 calcUri(nullptr);
101 debugs(33, 5, "FTP transparent URL: " << uri);
102 }
103
104 writeEarlyReply(220, "Service ready");
105}
106
108void
110{
111 if (reader != nullptr)
112 return;
113
114 const size_t availSpace = sizeof(uploadBuf) - uploadAvailSize;
115 if (availSpace <= 0)
116 return;
117
118 debugs(33, 4, dataConn << ": reading FTP data...");
119
121 reader = JobCallback(33, 5, Dialer, this, Ftp::Server::readUploadData);
122 comm_read(dataConn, uploadBuf + uploadAvailSize, availSpace,
123 reader);
124}
125
127void
129{
130 // zero pipelinePrefetchMax() ensures that there is only parsed request
131 Must(pipeline.count() == 1);
132 Http::StreamPointer context = pipeline.front();
133 Must(context != nullptr);
134
135 ClientHttpRequest *const http = context->http;
136 assert(http != nullptr);
137
138 HttpRequest *const request = http->request;
139 Must(http->storeEntry() || request);
140 const bool mayForward = !http->storeEntry() && handleRequest(request);
141
142 if (http->storeEntry() != nullptr) {
143 debugs(33, 4, "got an immediate response");
145 context->pullData();
146 } else if (mayForward) {
147 debugs(33, 4, "forwarding request to server side");
148 assert(http->storeEntry() == nullptr);
150 } else {
151 debugs(33, 4, "will resume processing later");
152 }
153}
154
155void
157{
158 Must(pipeline.count() == 1);
159
160 // Process FTP request asynchronously to make sure FTP
161 // data connection accept callback is fired first.
162 CallJobHere(33, 4, CbcPointer<Server>(this),
163 Ftp::Server, doProcessRequest);
164}
165
167void
169{
170 debugs(33, 5, io.conn << " size " << io.size);
171 Must(reader != nullptr);
172 reader = nullptr;
173
174 assert(Comm::IsConnOpen(dataConn));
175 assert(io.conn->fd == dataConn->fd);
176
177 if (io.flag == Comm::OK && bodyPipe != nullptr) {
178 if (io.size > 0) {
180
181 char *const current_buf = uploadBuf + uploadAvailSize;
182 if (io.buf != current_buf)
183 memmove(current_buf, io.buf, io.size);
184 uploadAvailSize += io.size;
185 shovelUploadData();
186 } else if (io.size == 0) {
187 debugs(33, 5, io.conn << " closed");
188 closeDataConnection();
189 if (uploadAvailSize <= 0)
190 finishDechunkingRequest(true);
191 }
192 } else { // not Comm::Flags::OK or unexpected read
193 debugs(33, 5, io.conn << " closed");
194 closeDataConnection();
195 finishDechunkingRequest(false);
196 }
197
198}
199
201void
203{
204 assert(bodyPipe != nullptr);
205
206 debugs(33, 5, "handling FTP request data for " << clientConnection);
207 const size_t putSize = bodyPipe->putMoreData(uploadBuf,
208 uploadAvailSize);
209 if (putSize > 0) {
210 uploadAvailSize -= putSize;
211 if (uploadAvailSize > 0)
212 memmove(uploadBuf, uploadBuf + putSize, uploadAvailSize);
213 }
214
215 if (Comm::IsConnOpen(dataConn))
216 maybeReadUploadData();
217 else if (uploadAvailSize <= 0)
218 finishDechunkingRequest(true);
219}
220
221void
223{
224 if (!isOpen()) // if we are closing, nothing to do
225 return;
226
227 shovelUploadData();
228}
229
230void
232{
233 if (!isOpen()) // if we are closing, nothing to do
234 return;
235
237 closeDataConnection();
238}
239
241void
243{
244 Assure(params.port);
245
246 // NP: it is possible the port was reconfigured when the call or accept() was queued.
247
248 if (params.flag != Comm::OK) {
249 // Its possible the call was still queued when the client disconnected
250 debugs(33, 2, params.port->listenConn << ": FTP accept failure: " << xstrerr(params.xerrno));
251 return;
252 }
253
254 debugs(33, 4, params.conn << ": accepted");
255 fd_note(params.conn->fd, "client ftp connect");
256
257 const auto xact = MasterXaction::MakePortful(params.port);
258 xact->tcpClient = params.conn;
259
260 AsyncJob::Start(new Server(xact));
261 // XXX: do not abandon the MasterXaction object
262}
263
264void
266{
267 const auto savedContext = CodeContext::Current();
268 for (AnyP::PortCfgPointer s = FtpPortList; s != nullptr; s = s->next) {
271 debugs(1, DBG_IMPORTANT, "Ignoring ftp_port lines exceeding the" <<
272 " limit of " << MAXTCPLISTENPORTS << " ports.");
273 break;
274 }
275
276 // direct new connections accepted by listenConn to Accept()
277 typedef CommCbFunPtrCallT<CommAcceptCbPtrFun> AcceptCall;
278 RefCount<AcceptCall> subCall = commCbCall(5, 5, "Ftp::Server::AcceptCtrlConnection",
280 CommAcceptCbParams(nullptr)));
282 }
283 CodeContext::Reset(savedContext);
284}
285
286void
288{
289 const auto savedContext = CodeContext::Current();
290 for (AnyP::PortCfgPointer s = FtpPortList; s != nullptr; s = s->next) {
292 if (s->listenConn != nullptr) {
293 debugs(1, DBG_IMPORTANT, "Closing FTP port " << s->listenConn->local);
294 s->listenConn->close();
295 s->listenConn = nullptr;
296 }
297 }
298 CodeContext::Reset(savedContext);
299}
300
301void
303{
304 // find request
305 Http::StreamPointer context = pipeline.front();
306 Must(context != nullptr);
307 ClientHttpRequest *const http = context->http;
308 Must(http != nullptr);
309 HttpRequest *const request = http->request;
310 Must(request != nullptr);
311 // make FTP peer connection exclusive to our request
312 pinBusyConnection(conn, request);
313}
314
315void
317{
319
320 // TODO: Keep the control connection open after fixing the reset
321 // problem below
322 if (Comm::IsConnOpen(clientConnection))
323 clientConnection->close();
324
325 // TODO: If the server control connection is gone, reset state to login
326 // again. Resetting login alone is not enough: FtpRelay::sendCommand() will
327 // not re-login because FtpRelay::serverState() is not going to be
328 // fssConnected. Calling resetLogin() alone is also harmful because
329 // it does not reset correctly the client-to-squid control connection (eg
330 // respond if required with an error code, in all cases)
331 // resetLogin("control connection closure");
332}
333
335void
336Ftp::Server::resetLogin(const char *reason)
337{
338 debugs(33, 5, "will need to re-login due to " << reason);
339 master->clientReadGreeting = false;
340 changeState(fssBegin, reason);
341}
342
344void
346{
347 // TODO: fill a class AnyP::Uri instead of string
348 uri = "ftp://";
349 uri.append(host);
350 if (port->ftp_track_dirs && master->workingDir.length()) {
351 if (master->workingDir[0] != '/')
352 uri.append("/", 1);
353 uri.append(master->workingDir);
354 }
355
356 if (uri[uri.length() - 1] != '/')
357 uri.append("/", 1);
358
359 if (port->ftp_track_dirs && file) {
360 static const CharacterSet Slash("/", "/");
361 Parser::Tokenizer tok(*file);
362 tok.skipAll(Slash);
363 uri.append(tok.remaining());
364 }
365}
366
369unsigned int
371{
372 closeDataConnection();
373
375 conn->flags = COMM_NONBLOCKING;
376 conn->local = transparent() ? port->s : clientConnection->local;
377 conn->local.port(0);
378 const char *const note = uri.c_str();
379 comm_open_listener(SOCK_STREAM, IPPROTO_TCP, conn, note);
380 if (!Comm::IsConnOpen(conn)) {
381 debugs(5, DBG_CRITICAL, "ERROR: comm_open_listener failed for FTP data: " <<
382 conn->local << " error: " << errno);
383 writeCustomReply(451, "Internal error");
384 return 0;
385 }
386
388 typedef AsyncCallT<AcceptDialer> AcceptCall;
389 RefCount<AcceptCall> call = static_cast<AcceptCall*>(JobCallback(5, 5, AcceptDialer, this, Ftp::Server::acceptDataConnection));
391 listener = call.getRaw();
392 dataListenConn = conn;
393 AsyncJob::Start(new Comm::TcpAcceptor(conn, note, sub));
394
395 const unsigned int listeningPort = comm_local_port(conn->fd);
396 conn->local.port(listeningPort);
397 return listeningPort;
398}
399
400void
402{
403 if (params.flag != Comm::OK) {
404 // Its possible the call was still queued when the client disconnected
405 debugs(33, 2, dataListenConn << ": accept "
406 "failure: " << xstrerr(params.xerrno));
407 return;
408 }
409
410 debugs(33, 4, "accepted " << params.conn);
411 fd_note(params.conn->fd, "passive client ftp data");
412
413 if (!clientConnection) {
414 debugs(33, 5, "late data connection?");
415 closeDataConnection(); // in case we are still listening
416 params.conn->close();
417 } else if (params.conn->remote != clientConnection->remote) {
418 debugs(33, 2, "rogue data conn? ctrl: " << clientConnection->remote);
419 params.conn->close();
420 // Some FTP servers close control connection here, but it may make
421 // things worse from DoS p.o.v. and no better from data stealing p.o.v.
422 } else {
423 closeDataConnection();
424 dataConn = params.conn;
425 dataConn->leaveOrphanage();
426 uploadAvailSize = 0;
427 debugs(33, 7, "ready for data");
428 if (onDataAcceptCall != nullptr) {
429 AsyncCall::Pointer call = onDataAcceptCall;
430 onDataAcceptCall = nullptr;
431 // If we got an upload request, start reading data from the client.
432 if (master->serverState == fssHandleUploadRequest)
433 maybeReadUploadData();
434 else
435 Must(master->serverState == fssHandleDataRequest);
436 MemBuf mb;
437 mb.init();
438 mb.appendf("150 Data connection opened.\r\n");
439 Comm::Write(clientConnection, &mb, call);
440 }
441 }
442}
443
444void
446{
447 if (listener != nullptr) {
448 listener->cancel("no longer needed");
449 listener = nullptr;
450 }
451
452 if (Comm::IsConnOpen(dataListenConn)) {
453 debugs(33, 5, "FTP closing client data listen socket: " <<
454 *dataListenConn);
455 dataListenConn->close();
456 }
457 dataListenConn = nullptr;
458
459 if (reader != nullptr) {
460 // Comm::ReadCancel can deal with negative FDs
461 Comm::ReadCancel(dataConn->fd, reader);
462 reader = nullptr;
463 }
464
465 if (Comm::IsConnOpen(dataConn)) {
466 debugs(33, 5, "FTP closing client data connection: " <<
467 *dataConn);
468 dataConn->close();
469 }
470 dataConn = nullptr;
471}
472
475void
476Ftp::Server::writeEarlyReply(const int code, const char *msg)
477{
478 debugs(33, 7, code << ' ' << msg);
479 assert(99 < code && code < 1000);
480
481 MemBuf mb;
482 mb.init();
483 mb.appendf("%i %s\r\n", code, msg);
484
487 Comm::Write(clientConnection, &mb, call);
488
489 flags.readMore = false;
490
491 // TODO: Create master transaction. Log it in wroteEarlyReply().
492}
493
494void
496{
497 debugs(9, 2, "FTP Client " << clientConnection);
498 debugs(9, 2, "FTP Client REPLY:\n---------\n" << mb.buf <<
499 "\n----------");
500
502 AsyncCall::Pointer call = JobCallback(33, 5, Dialer, this, Ftp::Server::wroteReply);
503 Comm::Write(clientConnection, &mb, call);
504}
505
506void
507Ftp::Server::writeCustomReply(const int code, const char *msg, const HttpReply *reply)
508{
509 debugs(33, 7, code << ' ' << msg);
510 assert(99 < code && code < 1000);
511
512 const bool sendDetails = reply != nullptr &&
514
515 MemBuf mb;
516 mb.init();
517 if (sendDetails) {
518 mb.appendf("%i-%s\r\n", code, msg);
519 mb.appendf(" Server reply:\r\n");
520 Ftp::PrintReply(mb, reply, " ");
521 mb.appendf("%i \r\n", code);
522 } else
523 mb.appendf("%i %s\r\n", code, msg);
524
525 writeReply(mb);
526}
527
528void
529Ftp::Server::changeState(const ServerState newState, const char *reason)
530{
531 if (master->serverState == newState) {
532 debugs(33, 3, "client state unchanged at " << master->serverState <<
533 " because " << reason);
534 master->serverState = newState;
535 } else {
536 debugs(33, 3, "client state was " << master->serverState <<
537 ", now " << newState << " because " << reason);
538 master->serverState = newState;
539 }
540}
541
543static bool
545{
546 static std::set<SBuf> PathedCommands;
547 if (!PathedCommands.size()) {
548 PathedCommands.insert(cmdMlst());
549 PathedCommands.insert(cmdMlsd());
550 PathedCommands.insert(cmdStat());
551 PathedCommands.insert(cmdNlst());
552 PathedCommands.insert(cmdList());
553 PathedCommands.insert(cmdMkd());
554 PathedCommands.insert(cmdRmd());
555 PathedCommands.insert(cmdDele());
556 PathedCommands.insert(cmdRnto());
557 PathedCommands.insert(cmdRnfr());
558 PathedCommands.insert(cmdAppe());
559 PathedCommands.insert(cmdStor());
560 PathedCommands.insert(cmdRetr());
561 PathedCommands.insert(cmdSmnt());
562 PathedCommands.insert(cmdCwd());
563 }
564
565 return PathedCommands.find(cmd) != PathedCommands.end();
566}
567
571{
572 /* Default values, to be updated by the switch statement below */
573 int scode = 421;
574 const char *reason = "Internal error";
575 const char *errUri = "error:ftp-internal-early-error";
576
577 switch (eek) {
578 case EarlyErrorKind::HugeRequest:
579 scode = 421;
580 reason = "Huge request";
581 errUri = "error:ftp-huge-request";
582 break;
583
584 case EarlyErrorKind::MissingLogin:
585 scode = 530;
586 reason = "Must login first";
587 errUri = "error:ftp-must-login-first";
588 break;
589
590 case EarlyErrorKind::MissingUsername:
591 scode = 501;
592 reason = "Missing username";
593 errUri = "error:ftp-missing-username";
594 break;
595
596 case EarlyErrorKind::MissingHost:
597 scode = 501;
598 reason = "Missing host";
599 errUri = "error:ftp-missing-host";
600 break;
601
602 case EarlyErrorKind::UnsupportedCommand:
603 scode = 502;
604 reason = "Unknown or unsupported command";
605 errUri = "error:ftp-unsupported-command";
606 break;
607
608 case EarlyErrorKind::InvalidUri:
609 scode = 501;
610 reason = "Invalid URI";
611 errUri = "error:ftp-invalid-uri";
612 break;
613
614 case EarlyErrorKind::MalformedCommand:
615 scode = 421;
616 reason = "Malformed command";
617 errUri = "error:ftp-malformed-command";
618 break;
619
620 // no default so that a compiler can check that we have covered all cases
621 }
622
623 Http::Stream *context = abortRequestParsing(errUri);
625 Must(node);
626 clientReplyContext *repContext = dynamic_cast<clientReplyContext *>(node->data.getRaw());
627 Must(repContext);
628
629 // We cannot relay FTP scode/reason via HTTP-specific ErrorState.
630 // TODO: When/if ErrorState can handle native FTP errors, use it instead.
631 HttpReply *reply = Ftp::HttpReplyWrapper(scode, reason, Http::scBadRequest, -1);
632 repContext->setReplyToReply(reply);
633 return context;
634}
635
641{
642 flags.readMore = false; // common for all but one case below
643
644 // OWS <command> [ RWS <parameter> ] OWS LF
645
646 // InlineSpaceChars are isspace(3) or RFC 959 Section 3.1.1.5.2, except
647 // for the LF character that we must exclude here (but see FullWhiteSpace).
648 static const char * const InlineSpaceChars = " \f\r\t\v";
649 static const CharacterSet InlineSpace = CharacterSet("Ftp::Inline", InlineSpaceChars);
650 static const CharacterSet FullWhiteSpace = (InlineSpace + CharacterSet::LF).rename("Ftp::FWS");
651 static const CharacterSet CommandChars = FullWhiteSpace.complement("Ftp::Command");
652 static const CharacterSet TailChars = CharacterSet::LF.complement("Ftp::Tail");
653
654 // This set is used to ignore empty commands without allowing an attacker
655 // to keep us endlessly busy by feeding us whitespace or empty commands.
656 static const CharacterSet &LeadingSpace = FullWhiteSpace;
657
658 SBuf cmd;
659 SBuf params;
660
661 Parser::Tokenizer tok(inBuf);
662
663 (void)tok.skipAll(LeadingSpace); // leading OWS and empty commands
664 const bool parsed = tok.prefix(cmd, CommandChars); // required command
665
666 // note that the condition below will eat either RWS or trailing OWS
667 if (parsed && tok.skipAll(InlineSpace) && tok.prefix(params, TailChars)) {
668 // now params may include trailing OWS
669 // TODO: Support right-trimming using CharacterSet in Tokenizer instead
670 static const SBuf bufWhiteSpace(InlineSpaceChars);
671 params.trim(bufWhiteSpace, false, true);
672 }
673
674 // Why limit command line and parameters size? Did not we just parse them?
675 // XXX: Our good old String cannot handle very long strings.
676 const SBuf::size_type tokenMax = min(
677 static_cast<SBuf::size_type>(32*1024), // conservative
679 if (cmd.length() > tokenMax || params.length() > tokenMax) {
680 changeState(fssError, "huge req token");
681 quitAfterError(nullptr);
682 return earlyError(EarlyErrorKind::HugeRequest);
683 }
684
685 // technically, we may skip multiple NLs below, but that is OK
686 if (!parsed || !tok.skipAll(CharacterSet::LF)) { // did not find terminating LF yet
687 // we need more data, but can we buffer more?
688 if (inBuf.length() >= Config.maxRequestHeaderSize) {
689 changeState(fssError, "huge req");
690 quitAfterError(nullptr);
691 return earlyError(EarlyErrorKind::HugeRequest);
692 } else {
693 flags.readMore = true;
694 debugs(33, 5, "Waiting for more, up to " <<
695 (Config.maxRequestHeaderSize - inBuf.length()));
696 return nullptr;
697 }
698 }
699
700 Must(parsed && cmd.length());
701 consumeInput(tok.parsedSize()); // TODO: Would delaying optimize copying?
702
703 debugs(33, 2, ">>ftp " << cmd << (params.isEmpty() ? "" : " ") << params);
704
705 cmd.toUpper(); // this should speed up and simplify future comparisons
706
707 // interception cases do not need USER to calculate the uri
708 if (!transparent()) {
709 if (!master->clientReadGreeting) {
710 // the first command must be USER
711 if (!pinning.pinned && cmd != cmdUser())
712 return earlyError(EarlyErrorKind::MissingLogin);
713 }
714
715 // process USER request now because it sets FTP peer host name
716 if (cmd == cmdUser()) {
717 if (Http::Stream *errCtx = handleUserRequest(cmd, params))
718 return errCtx;
719 }
720 }
721
722 if (!Ftp::SupportedCommand(cmd))
723 return earlyError(EarlyErrorKind::UnsupportedCommand);
724
725 const HttpRequestMethod method =
726 cmd == cmdAppe() || cmd == cmdStor() || cmd == cmdStou() ?
728
729 const SBuf *path = (params.length() && CommandHasPathParameter(cmd)) ?
730 &params : nullptr;
731 calcUri(path);
732 const auto mx = MasterXaction::MakePortful(port);
733 mx->tcpClient = clientConnection;
734 auto * const request = HttpRequest::FromUrl(uri, mx, method);
735 if (!request) {
736 debugs(33, 5, "Invalid FTP URL: " << uri);
737 uri.clear();
738 return earlyError(EarlyErrorKind::InvalidUri);
739 }
740 char *newUri = xstrdup(uri.c_str());
741
742 request->flags.ftpNative = true;
744
745 // Our fake Request-URIs are not distinctive enough for caching to work
746 request->flags.cachable = false; // XXX: reset later by maybeCacheable()
747 request->flags.noCache = true;
748
749 request->header.putStr(Http::HdrType::FTP_COMMAND, cmd.c_str());
750 request->header.putStr(Http::HdrType::FTP_ARGUMENTS, params.c_str()); // may be ""
751 if (method == Http::METHOD_PUT) {
752 request->header.putStr(Http::HdrType::EXPECT, "100-continue");
753 request->header.putStr(Http::HdrType::TRANSFER_ENCODING, "chunked");
754 }
755
756 ClientHttpRequest *const http = new ClientHttpRequest(this);
757 http->req_sz = tok.parsedSize();
758 http->uri = newUri;
759 http->initRequest(request);
760
761 Http::Stream *const result =
762 new Http::Stream(clientConnection, http);
763
764 StoreIOBuffer tempBuffer;
765 tempBuffer.data = result->reqbuf;
766 tempBuffer.length = HTTP_REQBUF_SZ;
767
768 ClientStreamData newServer = new clientReplyContext(http);
769 ClientStreamData newClient = result;
772 clientSocketDetach, newClient, tempBuffer);
773
774 result->flags.parsed_ok = 1;
775 return result;
776}
777
778void
780{
781 // the caller guarantees that we are dealing with the current context only
782 Http::StreamPointer context = pipeline.front();
783 assert(context != nullptr);
784
785 static ReplyHandler handlers[] = {
786 nullptr, // fssBegin
787 nullptr, // fssConnected
788 &Ftp::Server::handleFeatReply, // fssHandleFeat
789 &Ftp::Server::handlePasvReply, // fssHandlePasv
790 &Ftp::Server::handlePortReply, // fssHandlePort
791 &Ftp::Server::handleDataReply, // fssHandleDataRequest
792 &Ftp::Server::handleUploadReply, // fssHandleUploadRequest
793 &Ftp::Server::handleEprtReply,// fssHandleEprt
794 &Ftp::Server::handleEpsvReply,// fssHandleEpsv
795 nullptr, // fssHandleCwd
796 nullptr, // fssHandlePass
797 nullptr, // fssHandleCdup
799 };
800 try {
801 const Server &server = dynamic_cast<const Ftp::Server&>(*context->getConn());
802 if (const ReplyHandler handler = handlers[server.master->serverState])
803 (this->*handler)(reply, data);
804 else
805 writeForwardedReply(reply);
806 } catch (const std::exception &e) {
807 callException(e);
808 throw TexcHere(e.what());
809 }
810}
811
812void
814{
815 if (pipeline.front()->http->request->error) {
816 writeCustomReply(502, "Server does not support FEAT", reply);
817 return;
818 }
819
820 Must(reply);
822 HttpHeader const &serverReplyHeader = reply->header;
823
825 bool hasEPRT = false;
826 bool hasEPSV = false;
827 int prependSpaces = 1;
828
829 featReply->header.putStr(Http::HdrType::FTP_PRE, "\"211-Features:\"");
830 const int scode = serverReplyHeader.getInt(Http::HdrType::FTP_STATUS);
831 if (scode == 211) {
832 while (const HttpHeaderEntry *e = serverReplyHeader.getEntry(&pos)) {
833 if (e->id == Http::HdrType::FTP_PRE) {
834 // assume RFC 2389 FEAT response format, quoted by Squid:
835 // <"> SP NAME [SP PARAMS] <">
836 // but accommodate MS servers sending four SPs before NAME
837
838 // command name ends with (SP parameter) or quote
839 static const CharacterSet AfterFeatNameChars("AfterFeatName", " \"");
840 static const CharacterSet FeatNameChars = AfterFeatNameChars.complement("FeatName");
841
842 Parser::Tokenizer tok(SBuf(e->value.termedBuf()));
843 if (!tok.skip('"') || !tok.skip(' '))
844 continue;
845
846 // optional spaces; remember their number to accommodate MS servers
847 prependSpaces = 1 + tok.skipAll(CharacterSet::SP);
848
849 SBuf cmd;
850 if (!tok.prefix(cmd, FeatNameChars))
851 continue;
852 cmd.toUpper();
853
854 if (Ftp::SupportedCommand(cmd)) {
855 featReply->header.addEntry(e->clone());
856 }
857
858 if (cmd == cmdEprt())
859 hasEPRT = true;
860 else if (cmd == cmdEpsv())
861 hasEPSV = true;
862 }
863 }
864 } // else we got a FEAT error and will only report Squid-supported features
865
866 char buf[256];
867 if (!hasEPRT) {
868 snprintf(buf, sizeof(buf), "\"%*s\"", prependSpaces + 4, "EPRT");
869 featReply->header.putStr(Http::HdrType::FTP_PRE, buf);
870 }
871 if (!hasEPSV) {
872 snprintf(buf, sizeof(buf), "\"%*s\"", prependSpaces + 4, "EPSV");
873 featReply->header.putStr(Http::HdrType::FTP_PRE, buf);
874 }
875
876 featReply->header.refreshMask();
877
878 writeForwardedReply(featReply.getRaw());
879}
880
881void
883{
884 const Http::StreamPointer context(pipeline.front());
885 assert(context != nullptr);
886
887 if (context->http->request->error) {
888 writeCustomReply(502, "Server does not support PASV", reply);
889 return;
890 }
891
892 const unsigned short localPort = listenForDataConnection();
893 if (!localPort)
894 return;
895
896 char addr[MAX_IPSTRLEN];
897 // remote server in interception setups and local address otherwise
898 const Ip::Address &server = transparent() ?
899 clientConnection->local : dataListenConn->local;
900 server.toStr(addr, MAX_IPSTRLEN, AF_INET);
901 addr[MAX_IPSTRLEN - 1] = '\0';
902 for (char *c = addr; *c != '\0'; ++c) {
903 if (*c == '.')
904 *c = ',';
905 }
906
907 // In interception setups, we combine remote server address with a
908 // local port number and hope that traffic will be redirected to us.
909 // Do not use "227 =a,b,c,d,p1,p2" format or omit parens: some nf_ct_ftp
910 // versions block responses that use those alternative syntax rules!
911 MemBuf mb;
912 mb.init();
913 mb.appendf("227 Entering Passive Mode (%s,%i,%i).\r\n",
914 addr,
915 static_cast<int>(localPort / 256),
916 static_cast<int>(localPort % 256));
917 debugs(9, 3, Raw("writing", mb.buf, mb.size));
918 writeReply(mb);
919}
920
921void
923{
924 if (pipeline.front()->http->request->error) {
925 writeCustomReply(502, "Server does not support PASV (converted from PORT)", reply);
926 return;
927 }
928
929 writeCustomReply(200, "PORT successfully converted to PASV.");
930
931 // and wait for RETR
932}
933
934void
936{
937 if (!pinning.pinned) // we failed to connect to server
938 uri.clear();
939 // 421: we will close due to fssError
940 writeErrorReply(reply, 421);
941}
942
943void
945{
946 if (reply != nullptr && reply->sline.status() != Http::scOkay) {
947 writeForwardedReply(reply);
948 if (Comm::IsConnOpen(dataConn)) {
949 debugs(33, 3, "closing " << dataConn << " on KO reply");
950 closeDataConnection();
951 }
952 return;
953 }
954
955 if (!dataConn) {
956 // We got STREAM_COMPLETE (or error) and closed the client data conn.
957 debugs(33, 3, "ignoring FTP srv data response after clt data closure");
958 return;
959 }
960
961 if (!checkDataConnPost()) {
962 writeCustomReply(425, "Data connection is not established.");
963 closeDataConnection();
964 return;
965 }
966
967 debugs(33, 7, data.length);
968
969 if (data.length <= 0) {
970 replyDataWritingCheckpoint(); // skip the actual write call
971 return;
972 }
973
974 MemBuf mb;
975 mb.init(data.length + 1, data.length + 1);
976 mb.append(data.data, data.length);
977
980 Comm::Write(dataConn, &mb, call);
981
982 pipeline.front()->noteSentBodyBytes(data.length);
983}
984
986void
988{
989 if (io.flag == Comm::ERR_CLOSING)
990 return;
991
992 if (io.flag != Comm::OK) {
993 debugs(33, 3, "FTP reply data writing failed: " << xstrerr(io.xerrno));
994 userDataCompletionCheckpoint(426);
995 return;
996 }
997
998 assert(pipeline.front()->http);
999 pipeline.front()->http->out.size += io.size;
1000 replyDataWritingCheckpoint();
1001}
1002
1004void
1006{
1007 switch (pipeline.front()->socketState()) {
1008 case STREAM_NONE:
1009 debugs(33, 3, "Keep going");
1010 pipeline.front()->pullData();
1011 return;
1012 case STREAM_COMPLETE:
1013 debugs(33, 3, "FTP reply data transfer successfully complete");
1014 userDataCompletionCheckpoint(226);
1015 break;
1017 debugs(33, 3, "FTP reply data transfer failed: STREAM_UNPLANNED_COMPLETE");
1018 userDataCompletionCheckpoint(451);
1019 break;
1020 case STREAM_FAILED:
1021 userDataCompletionCheckpoint(451);
1022 debugs(33, 3, "FTP reply data transfer failed: STREAM_FAILED");
1023 break;
1024 default:
1025 fatal("unreachable code");
1026 }
1027}
1028
1029void
1031{
1032 writeForwardedReply(reply);
1033 // note that the client data connection may already be closed by now
1034}
1035
1036void
1038{
1039 Must(reply);
1040
1041 if (waitingForOrigin) {
1042 Must(delayedReply == nullptr);
1043 delayedReply = reply;
1044 return;
1045 }
1046
1047 const HttpHeader &header = reply->header;
1048 // adaptation and forwarding errors lack Http::HdrType::FTP_STATUS
1049 if (!header.has(Http::HdrType::FTP_STATUS)) {
1050 writeForwardedForeign(reply); // will get to Ftp::Server::wroteReply
1051 return;
1052 }
1053
1055 AsyncCall::Pointer call = JobCallback(33, 5, Dialer, this, Ftp::Server::wroteReply);
1056 writeForwardedReplyAndCall(reply, call);
1057}
1058
1059void
1061{
1062 if (pipeline.front()->http->request->error) {
1063 writeCustomReply(502, "Server does not support PASV (converted from EPRT)", reply);
1064 return;
1065 }
1066
1067 writeCustomReply(200, "EPRT successfully converted to PASV.");
1068
1069 // and wait for RETR
1070}
1071
1072void
1074{
1075 if (pipeline.front()->http->request->error) {
1076 writeCustomReply(502, "Cannot connect to server", reply);
1077 return;
1078 }
1079
1080 const unsigned short localPort = listenForDataConnection();
1081 if (!localPort)
1082 return;
1083
1084 // In interception setups, we use a local port number and hope that data
1085 // traffic will be redirected to us.
1086 MemBuf mb;
1087 mb.init();
1088 mb.appendf("229 Entering Extended Passive Mode (|||%u|)\r\n", localPort);
1089
1090 debugs(9, 3, Raw("writing", mb.buf, mb.size));
1091 writeReply(mb);
1092}
1093
1095void
1096Ftp::Server::writeErrorReply(const HttpReply *reply, const int scode)
1097{
1098 const HttpRequest *request = pipeline.front()->http->request;
1099 assert(request);
1100
1101 MemBuf mb;
1102 mb.init();
1103
1104 if (request->error)
1105 mb.appendf("%i-%s\r\n", scode, errorPageName(request->error.category));
1106
1107 if (const auto &detail = request->error.detail) {
1108 mb.appendf("%i-Error-Detail-Brief: " SQUIDSBUFPH "\r\n", scode, SQUIDSBUFPRINT(detail->brief()));
1109 mb.appendf("%i-Error-Detail-Verbose: " SQUIDSBUFPH "\r\n", scode, SQUIDSBUFPRINT(detail->verbose(request)));
1110 }
1111
1112#if USE_ADAPTATION
1113 // XXX: Remove hard coded names. Use an error page template instead.
1114 const Adaptation::History::Pointer ah = request->adaptHistory();
1115 if (ah != nullptr) { // XXX: add adapt::<all_h but use lastMeta here
1116 const String info = ah->allMeta.getByName("X-Response-Info");
1117 const String desc = ah->allMeta.getByName("X-Response-Desc");
1118 if (info.size())
1119 mb.appendf("%i-Information: %s\r\n", scode, info.termedBuf());
1120 if (desc.size())
1121 mb.appendf("%i-Description: %s\r\n", scode, desc.termedBuf());
1122 }
1123#endif
1124
1125 const char *reason = "Lost Error";
1126 if (reply) {
1127 reason = reply->header.has(Http::HdrType::FTP_REASON) ?
1129 reply->sline.reason();
1130 }
1131
1132 mb.appendf("%i %s\r\n", scode, reason); // error terminating line
1133
1134 // TODO: errorpage.cc should detect FTP client and use
1135 // configurable FTP-friendly error templates which we should
1136 // write to the client "as is" instead of hiding most of the info
1137
1138 writeReply(mb);
1139}
1140
1143void
1145{
1146 changeState(fssConnected, "foreign reply");
1147 closeDataConnection();
1148 // 451: We intend to keep the control connection open.
1149 writeErrorReply(reply, 451);
1150}
1151
1152bool
1154{
1155 // the caller guarantees that we are dealing with the current context only
1156 // the caller should also make sure reply->header.has(Http::HdrType::FTP_STATUS)
1157 writeForwardedReplyAndCall(reply, call);
1158 return true;
1159}
1160
1161void
1163{
1164 assert(reply != nullptr);
1165 const HttpHeader &header = reply->header;
1166
1167 // without status, the caller must use the writeForwardedForeign() path
1170 const int scode = header.getInt(Http::HdrType::FTP_STATUS);
1171 debugs(33, 7, "scode: " << scode);
1172
1173 // Status 125 or 150 implies upload or data request, but we still check
1174 // the state in case the server is buggy.
1175 if ((scode == 125 || scode == 150) &&
1176 (master->serverState == fssHandleUploadRequest ||
1177 master->serverState == fssHandleDataRequest)) {
1178 if (checkDataConnPost()) {
1179 // If the data connection is ready, start reading data (here)
1180 // and forward the response to client (further below).
1181 debugs(33, 7, "data connection established, start data transfer");
1182 if (master->serverState == fssHandleUploadRequest)
1183 maybeReadUploadData();
1184 } else {
1185 // If we are waiting to accept the data connection, keep waiting.
1186 if (Comm::IsConnOpen(dataListenConn)) {
1187 debugs(33, 7, "wait for the client to establish a data connection");
1188 onDataAcceptCall = call;
1189 // TODO: Add connect timeout for passive connections listener?
1190 // TODO: Remember server response so that we can forward it?
1191 } else {
1192 // Either the connection was establised and closed after the
1193 // data was transferred OR we failed to establish an active
1194 // data connection and already sent the error to the client.
1195 // In either case, there is nothing more to do.
1196 debugs(33, 7, "done with data OR active connection failed");
1197 }
1198 return;
1199 }
1200 }
1201
1202 MemBuf mb;
1203 mb.init();
1204 Ftp::PrintReply(mb, reply);
1205
1206 debugs(9, 2, "FTP Client " << clientConnection);
1207 debugs(9, 2, "FTP Client REPLY:\n---------\n" << mb.buf <<
1208 "\n----------");
1209
1210 Comm::Write(clientConnection, &mb, call);
1211}
1212
1213static void
1214Ftp::PrintReply(MemBuf &mb, const HttpReply *reply, const char *const)
1215{
1216 const HttpHeader &header = reply->header;
1217
1219 while (const HttpHeaderEntry *e = header.getEntry(&pos)) {
1220 if (e->id == Http::HdrType::FTP_PRE) {
1221 String raw;
1222 if (httpHeaderParseQuotedString(e->value.rawBuf(), e->value.size(), &raw))
1223 mb.appendf("%s\r\n", raw.termedBuf());
1224 }
1225 }
1226
1227 if (header.has(Http::HdrType::FTP_STATUS)) {
1228 const char *reason = header.getStr(Http::HdrType::FTP_REASON);
1229 mb.appendf("%i %s\r\n", header.getInt(Http::HdrType::FTP_STATUS),
1230 (reason ? reason : nullptr));
1231 }
1232}
1233
1234void
1236{
1237 if (io.flag == Comm::ERR_CLOSING)
1238 return;
1239
1240 if (io.flag != Comm::OK) {
1241 debugs(33, 3, "FTP reply writing failed: " << xstrerr(io.xerrno));
1242 io.conn->close();
1243 return;
1244 }
1245
1246 Http::StreamPointer context = pipeline.front();
1247 if (context != nullptr && context->http) {
1248 context->http->out.size += io.size;
1249 context->http->out.headers_sz += io.size;
1250 }
1251
1252 flags.readMore = true;
1253 readSomeData();
1254}
1255
1256void
1258{
1259 if (io.flag == Comm::ERR_CLOSING)
1260 return;
1261
1262 if (io.flag != Comm::OK) {
1263 debugs(33, 3, "FTP reply writing failed: " << xstrerr(io.xerrno));
1264 io.conn->close();
1265 return;
1266 }
1267
1268 Http::StreamPointer context = pipeline.front();
1269 assert(context->http);
1270 context->http->out.size += io.size;
1271 context->http->out.headers_sz += io.size;
1272
1273 if (master->serverState == fssError) {
1274 debugs(33, 5, "closing on FTP server error");
1275 io.conn->close();
1276 return;
1277 }
1278
1279 const clientStream_status_t socketState = context->socketState();
1280 debugs(33, 5, "FTP client stream state " << socketState);
1281 switch (socketState) {
1283 case STREAM_FAILED:
1284 io.conn->close();
1285 return;
1286
1287 case STREAM_NONE:
1288 case STREAM_COMPLETE:
1289 flags.readMore = true;
1290 changeState(fssConnected, "Ftp::Server::wroteReply");
1291 if (bodyParser)
1292 finishDechunkingRequest(false);
1293 context->finished();
1294 kick();
1295 return;
1296 }
1297}
1298
1299bool
1301{
1302 debugs(33, 9, request);
1303 Must(request);
1304
1305 HttpHeader &header = request->header;
1310
1311 if (Debug::Enabled(9, 2)) {
1312 MemBuf mb;
1313 mb.init();
1314 request->pack(&mb);
1315
1316 debugs(9, 2, "FTP Client " << clientConnection);
1317 debugs(9, 2, "FTP Client REQUEST:\n---------\n" << mb.buf <<
1318 "\n----------");
1319 }
1320
1321 // TODO: When HttpHeader uses SBuf, change keys to SBuf
1322 typedef std::map<const std::string, RequestHandler> RequestHandlers;
1323 static RequestHandlers handlers;
1324 if (!handlers.size()) {
1325 handlers["LIST"] = &Ftp::Server::handleDataRequest;
1326 handlers["NLST"] = &Ftp::Server::handleDataRequest;
1327 handlers["MLSD"] = &Ftp::Server::handleDataRequest;
1328 handlers["FEAT"] = &Ftp::Server::handleFeatRequest;
1329 handlers["PASV"] = &Ftp::Server::handlePasvRequest;
1330 handlers["PORT"] = &Ftp::Server::handlePortRequest;
1331 handlers["RETR"] = &Ftp::Server::handleDataRequest;
1332 handlers["EPRT"] = &Ftp::Server::handleEprtRequest;
1333 handlers["EPSV"] = &Ftp::Server::handleEpsvRequest;
1334 handlers["CWD"] = &Ftp::Server::handleCwdRequest;
1335 handlers["PASS"] = &Ftp::Server::handlePassRequest;
1336 handlers["CDUP"] = &Ftp::Server::handleCdupRequest;
1337 }
1338
1339 RequestHandler handler = nullptr;
1342 else {
1343 const RequestHandlers::const_iterator hi = handlers.find(cmd.termedBuf());
1344 if (hi != handlers.end())
1345 handler = hi->second;
1346 }
1347
1348 if (!handler) {
1349 debugs(9, 7, "forwarding " << cmd << " as is, no post-processing");
1350 return true;
1351 }
1352
1353 return (this->*handler)(cmd, params);
1354}
1355
1360{
1361 if (params.isEmpty())
1362 return earlyError(EarlyErrorKind::MissingUsername);
1363
1364 // find the [end of] user name
1365 const SBuf::size_type eou = params.rfind('@');
1366 if (eou == SBuf::npos || eou + 1 >= params.length())
1367 return earlyError(EarlyErrorKind::MissingHost);
1368
1369 // Determine the intended destination.
1370 host = params.substr(eou + 1, params.length());
1371 // If we can parse it as raw IPv6 address, then surround with "[]".
1372 // Otherwise (domain, IPv4, [bracketed] IPv6, garbage, etc), use as is.
1373 if (host.find(':') != SBuf::npos) {
1374 const Ip::Address ipa(host.c_str());
1375 if (!ipa.isAnyAddr()) {
1376 char ipBuf[MAX_IPSTRLEN];
1377 ipa.toHostStr(ipBuf, MAX_IPSTRLEN);
1378 host = ipBuf;
1379 }
1380 }
1381
1382 // const SBuf login = params.substr(0, eou);
1383 params.chop(0, eou); // leave just the login part for the peer
1384
1385 SBuf oldUri;
1386 if (master->clientReadGreeting)
1387 oldUri = uri;
1388
1389 master->workingDir.clear();
1390 calcUri(nullptr);
1391
1392 if (!master->clientReadGreeting) {
1393 debugs(9, 3, "set URI to " << uri);
1394 } else if (oldUri.caseCmp(uri) == 0) {
1395 debugs(9, 5, "kept URI as " << oldUri);
1396 } else {
1397 debugs(9, 3, "reset URI from " << oldUri << " to " << uri);
1398 closeDataConnection();
1399 unpinConnection(true); // close control connection to peer
1400 resetLogin("URI reset");
1401 }
1402
1403 return nullptr; // no early errors
1404}
1405
1406bool
1408{
1409 changeState(fssHandleFeat, "handleFeatRequest");
1410 return true;
1411}
1412
1413bool
1415{
1416 if (gotEpsvAll) {
1417 setReply(500, "Bad PASV command");
1418 return false;
1419 }
1420
1421 if (params.size() > 0) {
1422 setReply(501, "Unexpected parameter");
1423 return false;
1424 }
1425
1426 changeState(fssHandlePasv, "handlePasvRequest");
1427 // no need to fake PASV request via setDataCommand() in true PASV case
1428 return true;
1429}
1430
1432bool
1434{
1435 assert(clientConnection != nullptr);
1436 assert(!clientConnection->remote.isAnyAddr());
1437
1438 if (cltAddr != clientConnection->remote) {
1439 debugs(33, 2, "rogue PORT " << cltAddr << " request? ctrl: " << clientConnection->remote);
1440 // Closing the control connection would not help with attacks because
1441 // the client is evidently able to connect to us. Besides, closing
1442 // makes retrials easier for the client and more damaging to us.
1443 setReply(501, "Prohibited parameter value");
1444 return false;
1445 }
1446
1447 closeDataConnection();
1448
1450 conn->flags |= COMM_DOBIND;
1451
1452 if (clientConnection->flags & COMM_INTERCEPTION) {
1453 // In the case of NAT interception conn->local value is not set
1454 // because the TCP stack will automatically pick correct source
1455 // address for the data connection. We must only ensure that IP
1456 // version matches client's address.
1457 conn->local.setAnyAddr();
1458
1459 if (cltAddr.isIPv4())
1460 conn->local.setIPv4();
1461
1462 conn->remote = cltAddr;
1463 } else {
1464 // In the case of explicit-proxy the local IP of the control connection
1465 // is the Squid IP the client is knowingly talking to.
1466 //
1467 // In the case of TPROXY the IP address of the control connection is
1468 // server IP the client is connecting to, it can be spoofed by Squid.
1469 //
1470 // In both cases some clients may refuse to accept data connections if
1471 // these control connectin local-IP's are not used.
1472 conn->setAddrs(clientConnection->local, cltAddr);
1473
1474 // Using non-local addresses in TPROXY mode requires appropriate socket option.
1475 if (clientConnection->flags & COMM_TRANSPARENT)
1476 conn->flags |= COMM_TRANSPARENT;
1477 }
1478
1479 // RFC 959 requires active FTP connections to originate from port 20
1480 // but that would preclude us from supporting concurrent transfers! (XXX?)
1481 conn->local.port(0);
1482
1483 debugs(9, 3, "will actively connect from " << conn->local << " to " <<
1484 conn->remote);
1485
1486 dataConn = conn;
1487 uploadAvailSize = 0;
1488 return true;
1489}
1490
1491bool
1493{
1494 // TODO: Should PORT errors trigger closeDataConnection() cleanup?
1495
1496 if (gotEpsvAll) {
1497 setReply(500, "Rejecting PORT after EPSV ALL");
1498 return false;
1499 }
1500
1501 if (!params.size()) {
1502 setReply(501, "Missing parameter");
1503 return false;
1504 }
1505
1506 Ip::Address cltAddr;
1507 if (!Ftp::ParseIpPort(params.termedBuf(), nullptr, cltAddr)) {
1508 setReply(501, "Invalid parameter");
1509 return false;
1510 }
1511
1512 if (!createDataConnection(cltAddr))
1513 return false;
1514
1515 changeState(fssHandlePort, "handlePortRequest");
1516 setDataCommand();
1517 return true; // forward our fake PASV request
1518}
1519
1520bool
1522{
1523 if (!checkDataConnPre())
1524 return false;
1525
1526 master->userDataDone = 0;
1527 originDataDownloadAbortedOnError = false;
1528
1529 changeState(fssHandleDataRequest, "handleDataRequest");
1530
1531 return true;
1532}
1533
1534bool
1536{
1537 if (!checkDataConnPre())
1538 return false;
1539
1541 ClientHttpRequest *http = pipeline.front()->http;
1542 HttpRequest *request = http->request;
1544 bodyContinuationCheck.al = http->al;
1545 bodyContinuationCheck.syncAle(request, http->log_uri);
1546 if (bodyContinuationCheck.fastCheck().allowed()) {
1547 request->forcedBodyContinuation = true;
1548 if (checkDataConnPost()) {
1549 // Write control Msg
1550 writeEarlyReply(150, "Data connection opened");
1551 maybeReadUploadData();
1552 } else {
1553 // wait for acceptDataConnection but tell it to call wroteEarlyReply
1554 // after writing "150 Data connection opened"
1556 AsyncCall::Pointer call = JobCallback(33, 5, Dialer, this, Ftp::Server::wroteEarlyReply);
1557 onDataAcceptCall = call;
1558 }
1559 }
1560 }
1561
1562 changeState(fssHandleUploadRequest, "handleDataRequest");
1563
1564 return true;
1565}
1566
1567bool
1569{
1570 debugs(9, 3, "Process an EPRT " << params);
1571
1572 if (gotEpsvAll) {
1573 setReply(500, "Rejecting EPRT after EPSV ALL");
1574 return false;
1575 }
1576
1577 if (!params.size()) {
1578 setReply(501, "Missing parameter");
1579 return false;
1580 }
1581
1582 Ip::Address cltAddr;
1583 if (!Ftp::ParseProtoIpPort(params.termedBuf(), cltAddr)) {
1584 setReply(501, "Invalid parameter");
1585 return false;
1586 }
1587
1588 if (!createDataConnection(cltAddr))
1589 return false;
1590
1591 changeState(fssHandleEprt, "handleEprtRequest");
1592 setDataCommand();
1593 return true; // forward our fake PASV request
1594}
1595
1596bool
1598{
1599 debugs(9, 3, "Process an EPSV command with params: " << params);
1600 if (params.size() <= 0) {
1601 // treat parameterless EPSV as "use the protocol of the ctrl conn"
1602 } else if (params.caseCmp("ALL") == 0) {
1603 setReply(200, "EPSV ALL ok");
1604 gotEpsvAll = true;
1605 return false;
1606 } else if (params.cmp("2") == 0) {
1607 if (!Ip::EnableIpv6) {
1608 setReply(522, "Network protocol not supported, use (1)");
1609 return false;
1610 }
1611 } else if (params.cmp("1") != 0) {
1612 setReply(501, "Unsupported EPSV parameter");
1613 return false;
1614 }
1615
1616 changeState(fssHandleEpsv, "handleEpsvRequest");
1617 setDataCommand();
1618 return true; // forward our fake PASV request
1619}
1620
1621bool
1623{
1624 changeState(fssHandleCwd, "handleCwdRequest");
1625 return true;
1626}
1627
1628bool
1630{
1631 changeState(fssHandlePass, "handlePassRequest");
1632 return true;
1633}
1634
1635bool
1637{
1638 changeState(fssHandleCdup, "handleCdupRequest");
1639 return true;
1640}
1641
1642// Convert user PORT, EPRT, PASV, or EPSV data command to Squid PASV command.
1643// Squid FTP client decides what data command to use with peers.
1644void
1646{
1647 ClientHttpRequest *const http = pipeline.front()->http;
1648 assert(http != nullptr);
1649 HttpRequest *const request = http->request;
1650 assert(request != nullptr);
1651 HttpHeader &header = request->header;
1653 header.putStr(Http::HdrType::FTP_COMMAND, "PASV");
1656 debugs(9, 5, "client data command converted to fake PASV");
1657}
1658
1661bool
1663{
1664 if (Comm::IsConnOpen(dataConn))
1665 return true;
1666
1667 if (Comm::IsConnOpen(dataListenConn)) {
1668 // We are still waiting for a client to connect to us after PASV.
1669 // Perhaps client's data conn handshake has not reached us yet.
1670 // After we talk to the server, checkDataConnPost() will recheck.
1671 debugs(33, 3, "expecting clt data conn " << dataListenConn);
1672 return true;
1673 }
1674
1675 if (!dataConn || dataConn->remote.isAnyAddr()) {
1676 debugs(33, 5, "missing " << dataConn);
1677 // TODO: use client address and default port instead.
1678 setReply(425, "Use PORT or PASV first");
1679 return false;
1680 }
1681
1682 // active transfer: open a data connection from Squid to client
1684 AsyncCall::Pointer callback = JobCallback(17, 3, Dialer, this, Ftp::Server::connectedForData);
1685 const auto cs = new Comm::ConnOpener(dataConn->cloneProfile(), callback,
1687 dataConnWait.start(cs, callback);
1688 return false;
1689}
1690
1692bool
1694{
1695 if (!Comm::IsConnOpen(dataConn)) {
1696 debugs(33, 3, "missing client data conn: " << dataConn);
1697 return false;
1698 }
1699 return true;
1700}
1701
1703void
1705{
1706 dataConnWait.finish();
1707
1708 if (params.flag != Comm::OK) {
1709 setReply(425, "Cannot open data connection.");
1710 Http::StreamPointer context = pipeline.front();
1711 Must(context->http);
1712 Must(context->http->storeEntry() != nullptr);
1713 // TODO: call closeDataConnection() to reset data conn processing?
1714 } else {
1715 // Finalize the details and start owning the supplied connection.
1716 assert(params.conn);
1717 assert(dataConn);
1718 assert(!dataConn->isOpen());
1719 dataConn = params.conn;
1720 // XXX: Missing comm_add_close_handler() to track external closures.
1721
1722 Must(Comm::IsConnOpen(params.conn));
1723 fd_note(params.conn->fd, "active client ftp data");
1724 }
1725
1726 doProcessRequest();
1727}
1728
1729void
1730Ftp::Server::setReply(const int code, const char *msg)
1731{
1732 Http::StreamPointer context = pipeline.front();
1733 ClientHttpRequest *const http = context->http;
1734 assert(http != nullptr);
1735 assert(http->storeEntry() == nullptr);
1736
1737 HttpReply *const reply = Ftp::HttpReplyWrapper(code, msg, Http::scNoContent, 0);
1738
1739 clientStreamNode *const node = context->getClientReplyContext();
1740 clientReplyContext *const repContext =
1741 dynamic_cast<clientReplyContext *>(node->data.getRaw());
1742 assert(repContext != nullptr);
1743
1744 RequestFlags reqFlags;
1745 reqFlags.cachable = false; // force releaseRequest() in storeCreateEntry()
1746 reqFlags.noCache = true;
1747 repContext->createStoreEntry(http->request->method, reqFlags);
1748 http->storeEntry()->replaceHttpReply(reply);
1749}
1750
1751void
1752Ftp::Server::callException(const std::exception &e)
1753{
1754 debugs(33, 2, "FTP::Server job caught: " << e.what());
1755 closeDataConnection();
1756 unpinConnection(true);
1757 if (Comm::IsConnOpen(clientConnection))
1758 clientConnection->close();
1760}
1761
1762void
1764{
1765 if (!isOpen()) // if we are closing, nothing to do
1766 return;
1767
1768 debugs(33, 5, "waiting for Ftp::Client data transfer to end");
1769 waitingForOrigin = true;
1770}
1771
1772void
1774{
1775 Must(waitingForOrigin);
1776 waitingForOrigin = false;
1777
1778 if (!isOpen()) // if we are closing, nothing to do
1779 return;
1780
1781 // if we have already decided how to respond, respond now
1782 if (delayedReply) {
1783 HttpReply::Pointer reply = delayedReply;
1784 delayedReply = nullptr;
1785 writeForwardedReply(reply.getRaw());
1786 return; // do not completeDataDownload() after an earlier response
1787 }
1788
1789 if (master->serverState != fssHandleDataRequest)
1790 return;
1791
1792 // completeDataDownload() could be waitingForOrigin in fssHandleDataRequest
1793 // Depending on which side has finished downloading first, either trust
1794 // master->userDataDone status or set originDataDownloadAbortedOnError:
1795 if (master->userDataDone) {
1796 // We finished downloading before Ftp::Client. Most likely, the
1797 // adaptation shortened the origin response or we hit an error.
1798 // Our status (stored in master->userDataDone) is more informative.
1799 // Use master->userDataDone; avoid originDataDownloadAbortedOnError.
1800 completeDataDownload();
1801 } else {
1802 debugs(33, 5, "too early to write the response");
1803 // Ftp::Client naturally finished downloading before us. Set
1804 // originDataDownloadAbortedOnError to overwrite future
1805 // master->userDataDone and relay Ftp::Client error, if there was
1806 // any, to the user.
1807 originDataDownloadAbortedOnError = (originStatus >= 400);
1808 }
1809}
1810
1812{
1813 Must(!master->userDataDone);
1814 master->userDataDone = finalStatusCode;
1815
1816 if (bodyParser)
1817 finishDechunkingRequest(false);
1818
1819 if (waitingForOrigin) {
1820 // The completeDataDownload() is not called here unconditionally
1821 // because we want to signal the FTP user that we are not fully
1822 // done processing its data stream, even though all data bytes
1823 // have been sent or received already.
1824 debugs(33, 5, "Transferring from FTP server is not complete");
1825 return;
1826 }
1827
1828 // Adjust our reply if the server aborted with an error before we are done.
1829 if (master->userDataDone == 226 && originDataDownloadAbortedOnError) {
1830 debugs(33, 5, "Transferring from FTP server terminated with an error, adjust status code");
1831 master->userDataDone = 451;
1832 }
1833 completeDataDownload();
1834}
1835
1837{
1838 writeCustomReply(master->userDataDone, master->userDataDone == 226 ? "Transfer complete" : "Server error; transfer aborted");
1839 closeDataConnection();
1840}
1841
1843static bool
1845{
1846 static std::set<SBuf> BlockList;
1847 if (BlockList.empty()) {
1848 /* Add FTP commands that Squid cannot relay correctly. */
1849
1850 // We probably do not support AUTH TLS.* and AUTH SSL,
1851 // but let's disclaim all AUTH support to KISS, for now.
1852 BlockList.insert(cmdAuth());
1853 }
1854
1855 // we claim support for all commands that we do not know about
1856 return BlockList.find(name) == BlockList.end();
1857}
1858
#define Assure(condition)
Definition: Assure.h:35
#define JobCallback(dbgSection, dbgLevel, Dialer, job, method)
Convenience macro to create a Dialer-based job callback.
Definition: AsyncJobCalls.h:69
#define CallJobHere(debugSection, debugLevel, job, Class, method)
Definition: AsyncJobCalls.h:58
CommCbFunPtrCallT< Dialer > * commCbCall(int debugSection, int debugLevel, const char *callName, const Dialer &dialer)
Definition: CommCalls.h:342
#define COMM_TRANSPARENT
Definition: Connection.h:50
#define COMM_INTERCEPTION
Definition: Connection.h:51
#define COMM_DOBIND
Definition: Connection.h:49
#define COMM_NONBLOCKING
Definition: Connection.h:46
CBDATA_NAMESPACED_CLASS_INIT(Ftp, Server)
#define false
Definition: GnuRegex.c:240
ssize_t HttpHeaderPos
Definition: HttpHeader.h:45
int httpHeaderParseQuotedString(const char *start, const int len, String *val)
#define HttpHeaderInitPos
Definition: HttpHeader.h:48
int NHttpSockets
Definition: PortCfg.cc:25
AnyP::PortCfgPointer FtpPortList
list of Squid ftp_port configured
Definition: PortCfg.cc:23
#define MAXTCPLISTENPORTS
Definition: PortCfg.h:87
void comm_read(const Comm::ConnectionPointer &conn, char *buf, int len, AsyncCall::Pointer &callback)
Definition: Read.h:59
#define SQUIDSBUFPH
Definition: SBuf.h:31
#define SQUIDSBUFPRINT(s)
Definition: SBuf.h:32
class SquidConfig Config
Definition: SquidConfig.cc:12
StatCounters statCounter
Definition: StatCounters.cc:12
#define TexcHere(msg)
legacy convenience macro; it is not difficult to type Here() now
Definition: TextException.h:59
#define Must(condition)
Definition: TextException.h:71
int conn
the current server connection FD
Definition: Transport.cc:26
#define assert(EX)
Definition: assert.h:19
static char server[MAXLINE]
Acl::Answer const & fastCheck()
Definition: Checklist.cc:332
virtual void syncAle(HttpRequest *adaptedRequest, const char *logUri) const
assigns uninitialized adapted_request and url ALE components
AccessLogEntry::Pointer al
info for the future access.log, and external ACL
bool allowed() const
Definition: Acl.h:150
HttpHeader allMeta
All REQMOD and RESPMOD meta headers merged. Last field wins conflicts.
Definition: History.h:63
static void Start(const Pointer &job)
Definition: AsyncJob.cc:24
virtual void callException(const std::exception &e)
called when the job throws during an async call
Definition: AsyncJob.cc:128
optimized set of C chars, with quick membership test and merge support
Definition: CharacterSet.h:18
CharacterSet complement(const char *complementLabel=nullptr) const
Definition: CharacterSet.cc:74
static const CharacterSet SP
Definition: CharacterSet.h:94
static const CharacterSet LF
Definition: CharacterSet.h:92
HttpRequest *const request
void initRequest(HttpRequest *)
size_t req_sz
raw request size on input, not current request size
StoreEntry * storeEntry() const
const AccessLogEntry::Pointer al
access.log entry
static const Pointer & Current()
Definition: CodeContext.cc:33
static void Reset()
forgets the current context, setting it to nil/unknown
Definition: CodeContext.cc:75
AnyP::PortCfgPointer port
the configuration listening port this call relates to (may be nil)
Definition: CommCalls.h:105
int xerrno
The last errno to occur. non-zero if flag is Comm::COMM_ERROR.
Definition: CommCalls.h:88
Comm::Flag flag
comm layer result status.
Definition: CommCalls.h:87
Comm::ConnectionPointer conn
Definition: CommCalls.h:85
Ip::Address remote
Definition: Connection.h:149
void leaveOrphanage()
resume relying on owner(s) to initiate an explicit connection closure
Definition: Connection.h:92
virtual void noteBodyConsumerAborted(BodyPipe::Pointer)=0
virtual void clientPinnedConnectionClosed(const CommCloseCbParams &io)
Our close handler called by Comm when the pinned connection is closed.
virtual void start()
called by AsyncStart; do not call directly
struct ConnStateData::@41 flags
static bool Enabled(const int section, const int level)
whether debugging the given section and the given level produces output
Definition: Stream.h:79
Transaction information shared among our FTP client and server jobs.
Definition: FtpServer.h:42
Manages a control connection from an FTP client.
Definition: FtpServer.h:58
void writeCustomReply(const int code, const char *msg, const HttpReply *reply=nullptr)
Definition: FtpServer.cc:507
void handleDataReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:944
void calcUri(const SBuf *file)
computes uri member from host and, if tracked, working dir with file name
Definition: FtpServer.cc:345
bool handlePasvRequest(String &cmd, String &params)
Definition: FtpServer.cc:1414
bool handleDataRequest(String &cmd, String &params)
Definition: FtpServer.cc:1521
void setDataCommand()
Definition: FtpServer.cc:1645
bool handleUploadRequest(String &cmd, String &params)
Definition: FtpServer.cc:1535
void writeForwardedReply(const HttpReply *reply)
Definition: FtpServer.cc:1037
void userDataCompletionCheckpoint(int finalStatusCode)
Definition: FtpServer.cc:1811
void connectedForData(const CommConnectCbParams &params)
Done establishing a data connection to the user.
Definition: FtpServer.cc:1704
bool handleCdupRequest(String &cmd, String &params)
Definition: FtpServer.cc:1636
void writeForwardedForeign(const HttpReply *reply)
Definition: FtpServer.cc:1144
static void AcceptCtrlConnection(const CommAcceptCbParams &params)
accept a new FTP control connection and hand it to a dedicated Server
Definition: FtpServer.cc:242
void maybeReadUploadData()
schedules another data connection read if needed
Definition: FtpServer.cc:109
void handleEprtReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:1060
void changeState(const Ftp::ServerState newState, const char *reason)
Definition: FtpServer.cc:529
void wroteReply(const CommIoCbParams &io)
Definition: FtpServer.cc:1257
void handlePasvReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:882
Http::Stream * earlyError(const EarlyErrorKind eek)
creates a context filled with an error message for a given early error
Definition: FtpServer.cc:570
virtual void callException(const std::exception &e) override
called when the job throws during an async call
Definition: FtpServer.cc:1752
void completeDataDownload()
Definition: FtpServer.cc:1836
void handleFeatReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:813
bool handlePortRequest(String &cmd, String &params)
Definition: FtpServer.cc:1492
void acceptDataConnection(const CommAcceptCbParams &params)
Definition: FtpServer.cc:401
bool handleFeatRequest(String &cmd, String &params)
Definition: FtpServer.cc:1407
void writeErrorReply(const HttpReply *reply, const int status)
writes FTP error response with given status and reply-derived error details
Definition: FtpServer.cc:1096
void startWaitingForOrigin()
Definition: FtpServer.cc:1763
bool checkDataConnPre()
Definition: FtpServer.cc:1662
void writeReply(MemBuf &mb)
Definition: FtpServer.cc:495
void resetLogin(const char *reason)
clear client and server login-related state after the old login is gone
Definition: FtpServer.cc:336
virtual void processParsedRequest(Http::StreamPointer &context) override
start processing a freshly parsed request
Definition: FtpServer.cc:156
virtual void noteBodyConsumerAborted(BodyPipe::Pointer ptr) override
Definition: FtpServer.cc:231
void wroteReplyData(const CommIoCbParams &io)
called when we are done writing a chunk of the response data
Definition: FtpServer.cc:987
virtual time_t idleTimeout() const override
timeout to use when waiting for the next request
Definition: FtpServer.cc:86
virtual void clientPinnedConnectionClosed(const CommCloseCbParams &io) override
Our close handler called by Comm when the pinned connection is closed.
Definition: FtpServer.cc:316
Server(const MasterXaction::Pointer &xact)
Definition: FtpServer.cc:53
virtual bool writeControlMsgAndCall(HttpReply *rep, AsyncCall::Pointer &call) override
handle a control message received by context from a peer and call back
Definition: FtpServer.cc:1153
virtual void start() override
called by AsyncStart; do not call directly
Definition: FtpServer.cc:92
void handlePortReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:922
void handleErrorReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:935
virtual void notePeerConnection(Comm::ConnectionPointer conn) override
called just before a FwdState-dispatched job starts using connection
Definition: FtpServer.cc:302
virtual Http::Stream * parseOneRequest() override
Definition: FtpServer.cc:640
char uploadBuf[CLIENT_REQ_BUF_SZ]
data connection input buffer
Definition: FtpServer.h:189
virtual void handleReply(HttpReply *header, StoreIOBuffer receivedData) override
Definition: FtpServer.cc:779
bool createDataConnection(Ip::Address cltAddr)
[Re]initializes dataConn for active data transfers. Does not connect.
Definition: FtpServer.cc:1433
bool handleEpsvRequest(String &cmd, String &params)
Definition: FtpServer.cc:1597
void setReply(const int code, const char *msg)
Definition: FtpServer.cc:1730
void replyDataWritingCheckpoint()
ClientStream checks after (actual or skipped) reply data writing.
Definition: FtpServer.cc:1005
bool handlePassRequest(String &cmd, String &params)
Definition: FtpServer.cc:1629
void handleEpsvReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:1073
void wroteEarlyReply(const CommIoCbParams &io)
Definition: FtpServer.cc:1235
Http::Stream * handleUserRequest(const SBuf &cmd, SBuf &params)
Definition: FtpServer.cc:1359
void handleUploadReply(const HttpReply *header, StoreIOBuffer receivedData)
Definition: FtpServer.cc:1030
bool handleRequest(HttpRequest *)
Definition: FtpServer.cc:1300
virtual void noteMoreBodySpaceAvailable(BodyPipe::Pointer) override
Definition: FtpServer.cc:222
void stopWaitingForOrigin(int status)
Definition: FtpServer.cc:1773
void shovelUploadData()
shovel upload data from the internal buffer to the body pipe if possible
Definition: FtpServer.cc:202
unsigned int listenForDataConnection()
Definition: FtpServer.cc:370
void writeForwardedReplyAndCall(const HttpReply *reply, AsyncCall::Pointer &call)
Definition: FtpServer.cc:1162
virtual int pipelinePrefetchMax() const override
returning N allows a pipeline of 1+N requests (see pipeline_prefetch)
Definition: FtpServer.cc:80
bool checkDataConnPost() const
Check that client data connection is ready for immediate I/O.
Definition: FtpServer.cc:1693
void doProcessRequest()
react to the freshly parsed request
Definition: FtpServer.cc:128
void readUploadData(const CommIoCbParams &io)
imports more upload data from the data connection
Definition: FtpServer.cc:168
bool handleCwdRequest(String &cmd, String &params)
Definition: FtpServer.cc:1622
bool handleEprtRequest(String &cmd, String &params)
Definition: FtpServer.cc:1568
void writeEarlyReply(const int code, const char *msg)
Definition: FtpServer.cc:476
virtual ~Server() override
Definition: FtpServer.cc:74
void closeDataConnection()
Definition: FtpServer.cc:445
void putStr(Http::HdrType id, const char *str)
Definition: HttpHeader.cc:1028
int delById(Http::HdrType id)
Definition: HttpHeader.cc:671
void refreshMask()
Definition: HttpHeader.cc:727
HttpHeaderEntry * getEntry(HttpHeaderPos *pos) const
Definition: HttpHeader.cc:588
const char * getStr(Http::HdrType id) const
Definition: HttpHeader.cc:1160
void addEntry(HttpHeaderEntry *e)
Definition: HttpHeader.cc:741
String getByName(const SBuf &name) const
Definition: HttpHeader.cc:878
int has(Http::HdrType id) const
Definition: HttpHeader.cc:967
int getInt(Http::HdrType id) const
Definition: HttpHeader.cc:1117
HttpHeaderEntry * findEntry(Http::HdrType id) const
Definition: HttpHeader.cc:607
Http::StatusLine sline
Definition: HttpReply.h:56
HttpRequestMethod method
Definition: HttpRequest.h:114
static HttpRequest * FromUrl(const SBuf &url, const MasterXaction::Pointer &, const HttpRequestMethod &method=Http::METHOD_GET)
Definition: HttpRequest.cc:517
HttpHeader header
Definition: Message.h:74
const char * reason() const
retrieve the reason string for this status line
Definition: StatusLine.cc:44
Http::StatusCode status() const
retrieve the status code for this status line
Definition: StatusLine.h:45
unsigned parsed_ok
Was this parsed correctly?
Definition: Stream.h:137
struct Http::Stream::@79 flags
char reqbuf[HTTP_REQBUF_SZ]
Definition: Stream.h:134
clientStreamNode * getClientReplyContext() const
Definition: Stream.cc:513
unsigned int toHostStr(char *buf, const unsigned int len) const
Definition: Address.cc:842
bool isIPv4() const
Definition: Address.cc:158
bool isAnyAddr() const
Definition: Address.cc:170
static Pointer MakePortful(const AnyP::PortCfgPointer &aPort)
Definition: MasterXaction.h:54
Definition: MemBuf.h:24
virtual void append(const char *c, int sz)
Definition: MemBuf.cc:209
void init(mb_size_t szInit, mb_size_t szMax)
Definition: MemBuf.cc:93
mb_size_t size
Definition: MemBuf.h:135
char * buf
Definition: MemBuf.h:134
void appendf(const char *fmt,...) PRINTF_FORMAT_ARG2
Append operation with printf-style arguments.
Definition: Packable.h:61
Definition: Raw.h:21
C * getRaw() const
Definition: RefCount.h:80
Definition: SBuf.h:94
void toUpper()
converts all characters to upper case;
Definition: SBuf.cc:824
int caseCmp(const SBuf &S, const size_type n) const
shorthand version for case-insensitive compare()
Definition: SBuf.h:283
static const size_type npos
Definition: SBuf.h:99
const char * c_str()
Definition: SBuf.cc:516
SBuf & chop(size_type pos, size_type n=npos)
Definition: SBuf.cc:530
size_type length() const
Returns the number of bytes stored in SBuf.
Definition: SBuf.h:415
size_type rfind(char c, size_type endPos=npos) const
Definition: SBuf.cc:692
SBuf & trim(const SBuf &toRemove, bool atBeginning=true, bool atEnd=true)
Definition: SBuf.cc:551
bool isEmpty() const
Definition: SBuf.h:431
void clear()
Definition: SBuf.cc:175
SBuf substr(size_type pos, size_type n=npos) const
Definition: SBuf.cc:576
MemBlob::size_type size_type
Definition: SBuf.h:96
Definition: Server.h:30
time_t ftpClientIdle
Definition: SquidConfig.h:119
struct SquidConfig::@112 accessList
size_t maxRequestHeaderSize
Definition: SquidConfig.h:132
time_t connect
Definition: SquidConfig.h:113
struct SquidConfig::@98 Timeout
acl_access * forceRequestBodyContinuation
Definition: SquidConfig.h:402
struct StatCounters::@128 client_http
ByteCounter kbytes_in
Definition: StatCounters.h:45
void replaceHttpReply(const HttpReplyPointer &, const bool andStartWriting=true)
Definition: store.cc:1672
int cmp(char const *) const
Definition: String.cc:255
char const * termedBuf() const
Definition: SquidString.h:92
int caseCmp(char const *) const
Definition: String.cc:285
size_type size() const
Definition: SquidString.h:73
void setReplyToReply(HttpReply *reply)
creates a store entry for the reply and appends error reply to it
void createStoreEntry(const HttpRequestMethod &m, RequestFlags flags)
void clientProcessRequest(ConnStateData *conn, const Http1::RequestParserPointer &hp, Http::Stream *context)
void clientSetKeepaliveFlag(ClientHttpRequest *http)
decide whether to expect multiple requests on the corresponding connection
Definition: client_side.cc:687
void clientStartListeningOn(AnyP::PortCfgPointer &port, const RefCount< CommCbFunPtrCallT< CommAcceptCbPtrFun > > &subCall, const Ipc::FdNoteId fdNote)
accept requests to a given port and inform subCall about them
CSD clientSocketDetach
Definition: client_side.h:532
SQUIDCEXTERN CSR clientGetMoreData
Definition: client_side.h:528
CSCB clientSocketRecipient
Definition: client_side.h:531
SQUIDCEXTERN CSS clientReplyStatus
Definition: client_side.h:529
SQUIDCEXTERN CSD clientReplyDetach
Definition: client_side.h:530
unsigned short comm_local_port(int fd)
Definition: comm.cc:163
void comm_open_listener(int sock_type, int proto, Comm::ConnectionPointer &conn, const char *note)
Definition: comm.cc:255
bool isOpen(const int fd)
Definition: comm.cc:87
A const & min(A const &lhs, A const &rhs)
#define DBG_IMPORTANT
Definition: Stream.h:41
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Stream.h:196
#define DBG_CRITICAL
Definition: Stream.h:40
static int port
Definition: ldap_backend.cc:70
clientStream_status_t
Definition: enums.h:125
@ STREAM_COMPLETE
Definition: enums.h:127
@ STREAM_UNPLANNED_COMPLETE
Definition: enums.h:132
@ STREAM_NONE
Definition: enums.h:126
@ STREAM_FAILED
Definition: enums.h:137
void fatal(const char *message)
Definition: fatal.cc:28
void fd_note(int fd, const char *s)
Definition: fd.cc:217
void clientStreamInit(dlink_list *list, CSR *func, CSD *rdetach, CSS *readstatus, ClientStreamData readdata, CSCB *callback, CSD *cdetach, ClientStreamData callbackdata, StoreIOBuffer tailBuffer)
const char * errorPageName(int pageId)
error ID to string
Definition: errorpage.cc:663
unsigned char code
Definition: html_quote.c:20
#define HTTP_REQBUF_SZ
Definition: forward.h:14
#define MAX_IPSTRLEN
Length of buffer that needs to be allocated to old a null-terminated IP-string.
Definition: forward.h:25
void ReadCancel(int fd, AsyncCall::Pointer &callback)
Cancel the read pending on FD. No action if none pending.
Definition: Read.cc:219
bool IsConnOpen(const Comm::ConnectionPointer &conn)
Definition: Connection.cc:27
void Write(const Comm::ConnectionPointer &conn, const char *buf, int size, AsyncCall::Pointer &callback, FREE *free_func)
Definition: Write.cc:33
@ OK
Definition: Flag.h:16
@ ERR_CLOSING
Definition: Flag.h:25
Definition: forward.h:28
static bool SupportedCommand(const SBuf &name)
Whether Squid FTP Relay supports a named feature (e.g., a command).
Definition: FtpServer.cc:1844
const SBuf & cmdAppe()
Definition: Elements.cc:56
AnyP::ProtocolVersion ProtocolVersion()
Protocol version to use in Http::Message structures wrapping FTP messages.
Definition: Elements.cc:24
bool ParseProtoIpPort(const char *buf, Ip::Address &addr)
Definition: Parsing.cc:52
const SBuf & cmdDele()
Definition: Elements.cc:77
const SBuf & cmdEpsv()
Definition: Elements.cc:91
const SBuf & cmdSmnt()
Definition: Elements.cc:161
const SBuf & cmdStou()
Definition: Elements.cc:182
ServerState
Definition: FtpServer.h:22
@ fssError
Definition: FtpServer.h:35
@ fssHandlePort
Definition: FtpServer.h:27
@ fssHandleCdup
Definition: FtpServer.h:34
@ fssHandleFeat
Definition: FtpServer.h:25
@ fssHandlePasv
Definition: FtpServer.h:26
@ fssConnected
Definition: FtpServer.h:24
@ fssHandleEprt
Definition: FtpServer.h:30
@ fssHandleCwd
Definition: FtpServer.h:32
@ fssHandlePass
Definition: FtpServer.h:33
@ fssHandleUploadRequest
Definition: FtpServer.h:29
@ fssBegin
Definition: FtpServer.h:23
@ fssHandleEpsv
Definition: FtpServer.h:31
@ fssHandleDataRequest
Definition: FtpServer.h:28
const SBuf & cmdStor()
Definition: Elements.cc:175
const SBuf & cmdMlsd()
Definition: Elements.cc:112
const SBuf & cmdList()
Definition: Elements.cc:98
const SBuf & cmdRetr()
Definition: Elements.cc:133
const SBuf & cmdNlst()
Definition: Elements.cc:126
const SBuf & cmdMlst()
Definition: Elements.cc:119
const SBuf & cmdStat()
Definition: Elements.cc:168
const SBuf & cmdAuth()
Definition: Elements.cc:63
static bool CommandHasPathParameter(const SBuf &cmd)
whether the given FTP command has a pathname parameter
Definition: FtpServer.cc:544
const SBuf & cmdCwd()
Definition: Elements.cc:70
bool ParseIpPort(const char *buf, const char *forceIp, Ip::Address &addr)
parses and validates "A1,A2,A3,A4,P1,P2" IP,port sequence
Definition: Parsing.cc:18
const SBuf & cmdEprt()
Definition: Elements.cc:84
const SBuf & cmdRnto()
Definition: Elements.cc:154
const SBuf & cmdMkd()
Definition: Elements.cc:105
const SBuf & cmdUser()
Definition: Elements.cc:189
HttpReply * HttpReplyWrapper(const int ftpStatus, const char *ftpReason, const Http::StatusCode httpStatus, const int64_t clen)
Create an internal HttpReply structure to house FTP control response info.
Definition: Elements.cc:30
const SBuf & cmdRnfr()
Definition: Elements.cc:147
void StopListening()
reject new connections to any configured ftp_port
Definition: FtpServer.cc:287
void StartListening()
accept connections on all configured ftp_ports
Definition: FtpServer.cc:265
const SBuf & cmdRmd()
Definition: Elements.cc:140
static void PrintReply(MemBuf &mb, const HttpReply *reply, const char *const prefix="")
Definition: FtpServer.cc:1214
@ scBadRequest
Definition: StatusCode.h:44
@ scOkay
Definition: StatusCode.h:26
@ scNoContent
Definition: StatusCode.h:30
@ METHOD_PUT
Definition: MethodType.h:27
@ METHOD_GET
Definition: MethodType.h:25
@ TRANSFER_ENCODING
AnyP::ProtocolVersion ProtocolVersion(unsigned int aMajor, unsigned int aMinor)
HTTP version label information.
@ fdnFtpSocket
Definition: FdNotes.h:20
SSL Connection
Definition: Session.h:45
#define xstrdup
static void handler(int signo)
Definition: purge.cc:854
int EnableIpv6
Whether IPv6 is supported and type of support.
Definition: tools.h:25
char method[16]
Definition: tcp-banger2.c:115
Definition: parse.c:104
Definition: parse.c:160
struct _request * request(char *urlin)
Definition: tcp-banger2.c:291
const char * xstrerr(int error)
Definition: xstrerror.cc:83

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors