1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
$NetBSD: patch-aa,v 1.3 2009/07/12 09:45:02 tron Exp $
Fix problems with anonymous FTP, see here:
http://www.squid-cache.org/bugs/show_bug.cgi?id=2707
--- src/ftp.cc.orig 2009-06-26 11:35:38.000000000 +0100
+++ src/ftp.cc 2009-07-12 10:34:01.000000000 +0100
@@ -93,13 +93,21 @@
/// \ingroup ServerProtocolFTPInternal
struct _ftp_flags {
+
+ /* passive mode */
+ bool pasv_supported; ///< PASV command is allowed
+ bool epsv_all_sent; ///< EPSV ALL has been used. Must abort on failures.
+ bool pasv_only;
+
+ /* authentication */
+ bool authenticated; ///< authentication success
+ bool tried_auth_anonymous; ///< auth has tried to use anonymous credentials already.
+ bool tried_auth_nopass; ///< auth tried username with no password already.
+
+ /* other */
bool isdir;
- bool pasv_supported;
- bool epsv_all_sent;
bool skip_whitespace;
bool rest_supported;
- bool pasv_only;
- bool authenticated;
bool http_header_sent;
bool tried_nlst;
bool need_base_href;
@@ -1432,6 +1440,9 @@
*
* Special Case: A username-only may be provided in the URL and password in the HTTP headers.
*
+ * TODO: we might be able to do something about locating username from other sources:
+ * ie, external ACL user=* tag or ident lookup
+ *
\retval 1 if we have everything needed to complete this request.
\retval 0 if something is missing.
*/
@@ -1464,10 +1475,16 @@
/* Setup default FTP password settings */
/* this has to be done last so that we can have a no-password case above. */
if (!password[0]) {
- if (strcmp(user, "anonymous") == 0)
+ if (strcmp(user, "anonymous") == 0 && !flags.tried_auth_anonymous) {
xstrncpy(password, Config.Ftp.anon_user, MAX_URL);
- else
+ flags.tried_auth_anonymous=1;
+ return 1;
+ }
+ else if (!flags.tried_auth_nopass) {
xstrncpy(password, null_string, MAX_URL);
+ flags.tried_auth_nopass=1;
+ return 1;
+ }
}
return 0; /* different username */
|
