Updated to v2.2.2pre1

Changelog

@@ -1202,3 +1202,12 @@ a username / password.
 
 At this point: v2.2.1 released!
 ===============================
+
+- Change "File receive OK." to "Transfer complete." to placate some broken
+clients. Thanks Holger Kiehl <Holger.Kiehl@dwd.de>.
+- Fix erroneous "child died" upon FTP client connect, when under load. Awesome
+thanks to Holger Kiehl <Holger.Kiehl@dwd.de> for running diagnostic tests on
+his live server.
+- Boot the session if an overly long line is encountered.
+(vsftpd-2.2.2pre1)
+

README

@@ -1,4 +1,4 @@
-This is vsftpd, version 2.2.1
+This is vsftpd, version 2.2.2
 Author: Chris Evans
 Contact: scarybeasts@gmail.com
 Website: http://vsftpd.beasts.org/

ftpcmdio.c

@@ -210,11 +210,16 @@ vsf_cmdio_get_cmd_and_arg(struct vsf_session* p_sess, struct mystr* p_cmd_str,
 static void
 control_getline(struct mystr* p_str, struct vsf_session* p_sess)
 {
+  int ret;
   if (p_sess->p_control_line_buf == 0)
   {
     vsf_secbuf_alloc(&p_sess->p_control_line_buf, VSFTP_MAX_COMMAND_LINE);
   }
-  ftp_getline(p_sess, p_str, p_sess->p_control_line_buf);
+  ret = ftp_getline(p_sess, p_str, p_sess->p_control_line_buf);
+  if (ret < 0)
+  {
+    vsf_cmdio_write_exit(p_sess, FTP_BADCMD, "Input line too long.");
+  }
   /* As mandated by the FTP specifications.. */
   str_replace_char(p_str, '\0', '\n');
   /* If the last character is a \r, strip it */

netstr.c

@@ -15,7 +15,7 @@
 #include "utility.h"
 #include "sysutil.h"
 
-void
+int
 str_netfd_alloc(struct vsf_session* p_sess,
                 struct mystr* p_str,
                 char term,
@@ -39,7 +39,7 @@ str_netfd_alloc(struct vsf_session* p_sess,
     if (left == 0)
     {
       str_empty(p_str);
-      return;
+      return -1;
     }
     retval = (*p_peekfunc)(p_sess, p_readpos, left);
     if (vsf_sysutil_retval_is_error(retval))
@@ -68,7 +68,7 @@ str_netfd_alloc(struct vsf_session* p_sess,
           die("missing terminator in str_netfd_alloc");
         }
         str_alloc_alt_term(p_str, p_readbuf, term);
-        return;
+        return (int) i;
       }
     }
     /* Not found in this read chunk, so consume the data and re-loop */

netstr.h

@@ -26,14 +26,17 @@ typedef int (*str_netfd_read_t)(struct vsf_session*
  *                an empty string will be returned.
  * p_peekfunc   - a function called to peek data from the network
  * p_readfunc   - a function called to read data from the network
+ * RETURNS
+ * -1 upon reaching max buffer length without seeing terminator, or the number
+ * of bytes read, _excluding_ the terminator.
  */
-void str_netfd_alloc(struct vsf_session* p_sess,
-                     struct mystr* p_str,
-                     char term,
-                     char* p_readbuf,
-                     unsigned int maxlen,
-                     str_netfd_read_t p_peekfunc,
-                     str_netfd_read_t p_readfunc);
+int str_netfd_alloc(struct vsf_session* p_sess,
+                    struct mystr* p_str,
+                    char term,
+                    char* p_readbuf,
+                    unsigned int maxlen,
+                    str_netfd_read_t p_peekfunc,
+                    str_netfd_read_t p_readfunc);
 
 /* str_netfd_read()
  * PURPOSE

postlogin.c

@@ -738,7 +738,7 @@ handle_retr(struct vsf_session* p_sess)
   }
   else
   {
-    vsf_cmdio_write(p_sess, FTP_TRANSFEROK, "File send OK.");
+    vsf_cmdio_write(p_sess, FTP_TRANSFEROK, "Transfer complete.");
   }
   check_abor(p_sess);
 port_pasv_cleanup_out:
@@ -1109,7 +1109,7 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
   }
   else
   {
-    vsf_cmdio_write(p_sess, FTP_TRANSFEROK, "File receive OK.");
+    vsf_cmdio_write(p_sess, FTP_TRANSFEROK, "Transfer complete.");
   }
   check_abor(p_sess);
 port_pasv_cleanup_out:

readwrite.c

@@ -123,13 +123,19 @@ ftp_write_data(const struct vsf_session* p_sess, const char* p_buf,
   }
 }
 
-void
+int
 ftp_getline(struct vsf_session* p_sess, struct mystr* p_str, char* p_buf)
 {
   if (p_sess->control_use_ssl && p_sess->ssl_slave_active)
   {
+    int ret;
     priv_sock_send_cmd(p_sess->ssl_consumer_fd, PRIV_SOCK_GET_USER_CMD);
-    priv_sock_get_str(p_sess->ssl_consumer_fd, p_str);
+    ret = priv_sock_get_int(p_sess->ssl_consumer_fd);
+    if (ret >= 0)
+    {
+      priv_sock_get_str(p_sess->ssl_consumer_fd, p_str);
+    }
+    return ret;
   }
   else
   {
@@ -140,13 +146,13 @@ ftp_getline(struct vsf_session* p_sess, struct mystr* p_str, char* p_buf)
       p_peek = ssl_peek_adapter;
       p_read = ssl_read_adapter;
     }
-    str_netfd_alloc(p_sess,
-                    p_str,
-                    '\n',
-                    p_buf,
-                    VSFTP_MAX_COMMAND_LINE,
-                    p_peek,
-                    p_read);
+    return str_netfd_alloc(p_sess,
+                           p_str,
+                           '\n',
+                           p_buf,
+                           VSFTP_MAX_COMMAND_LINE,
+                           p_peek,
+                           p_read);
   }
 }
 

readwrite.h

@@ -15,7 +15,7 @@ int ftp_write_str(const struct vsf_session* p_sess, const struct mystr* p_str,
 int ftp_read_data(struct vsf_session* p_sess, char* p_buf, unsigned int len);
 int ftp_write_data(const struct vsf_session* p_sess, const char* p_buf,
                    unsigned int len);
-void ftp_getline(struct vsf_session* p_sess, struct mystr* p_str, char* p_buf);
+int ftp_getline(struct vsf_session* p_sess, struct mystr* p_str, char* p_buf);
 
 #endif /* VSF_READWRITE_H */
 

sslslave.c

@@ -32,21 +32,25 @@ ssl_slave(struct vsf_session* p_sess)
   while (1)
   {
     char cmd = priv_sock_get_cmd(p_sess->ssl_slave_fd);
-    int retval;
+    int ret;
     if (cmd == PRIV_SOCK_GET_USER_CMD)
     {
-      ftp_getline(p_sess, &p_sess->ftp_cmd_str, p_sess->p_control_line_buf);
-      priv_sock_send_str(p_sess->ssl_slave_fd, &p_sess->ftp_cmd_str);
+      ret = ftp_getline(p_sess, &p_sess->ftp_cmd_str,
+                        p_sess->p_control_line_buf);
+      priv_sock_send_int(p_sess->ssl_slave_fd, ret);
+      if (ret >= 0)
+      {
+        priv_sock_send_str(p_sess->ssl_slave_fd, &p_sess->ftp_cmd_str);
+      }
     }
     else if (cmd == PRIV_SOCK_WRITE_USER_RESP)
     {
       priv_sock_get_str(p_sess->ssl_slave_fd, &p_sess->ftp_cmd_str);
-      retval = ftp_write_str(p_sess, &p_sess->ftp_cmd_str, kVSFRWControl);
-      priv_sock_send_int(p_sess->ssl_slave_fd, retval);
+      ret = ftp_write_str(p_sess, &p_sess->ftp_cmd_str, kVSFRWControl);
+      priv_sock_send_int(p_sess->ssl_slave_fd, ret);
     }
     else if (cmd == PRIV_SOCK_DO_SSL_HANDSHAKE)
     {
-      int ret;
       char result = PRIV_SOCK_RESULT_BAD;
       if (p_sess->data_fd != -1 || p_sess->p_data_ssl != 0)
       {
@@ -67,7 +71,6 @@ ssl_slave(struct vsf_session* p_sess)
     }
     else if (cmd == PRIV_SOCK_DO_SSL_READ)
     {
-      int ret;
       str_trunc(&data_str, VSFTP_DATA_BUFSIZE);
       ret = ssl_read_into_str(p_sess, p_sess->p_data_ssl, &data_str);
       priv_sock_send_int(p_sess->ssl_slave_fd, ret);
@@ -75,7 +78,6 @@ ssl_slave(struct vsf_session* p_sess)
     }
     else if (cmd == PRIV_SOCK_DO_SSL_WRITE)
     {
-      int ret;
       priv_sock_get_str(p_sess->ssl_slave_fd, &data_str);
       ret = ssl_write(p_sess->p_data_ssl,
                       str_getbuf(&data_str),
@@ -84,7 +86,6 @@ ssl_slave(struct vsf_session* p_sess)
     }
     else if (cmd == PRIV_SOCK_DO_SSL_CLOSE)
     {
-      int ret;
       char result = PRIV_SOCK_RESULT_BAD;
       if (p_sess->data_fd == -1 && p_sess->p_data_ssl == 0)
       {

sysdeputil.c

@@ -1269,7 +1269,10 @@ vsf_sysutil_fork_isolate_failok()
     int ret = syscall(__NR_clone, CLONE_NEWPID | CLONE_NEWIPC | SIGCHLD, NULL);
     if (ret != -1 || (errno != EINVAL && errno != EPERM))
     {
-      vsf_sysutil_clear_pid_cache();
+      if (ret == 0)
+      {
+        vsf_sysutil_post_fork();
+      }
       return ret;
     }
     cloneflags_work = 0;
@@ -1288,7 +1291,10 @@ vsf_sysutil_fork_newnet()
     int ret = syscall(__NR_clone, CLONE_NEWNET | SIGCHLD, NULL);
     if (ret != -1 || (errno != EINVAL && errno != EPERM))
     {
-      vsf_sysutil_clear_pid_cache();
+      if (ret == 0)
+      {
+        vsf_sysutil_post_fork();
+      }
       return ret;
     }
     cloneflags_work = 0;

sysutil.c

@@ -552,18 +552,11 @@ vsf_sysutil_fork(void)
 int
 vsf_sysutil_fork_failok(void)
 {
-  /* Child does NOT inherit exit function */
-  exitfunc_t curr_func = s_exit_func;
   int retval;
-  s_exit_func = 0;
   retval = fork();
-  if (retval != 0)
-  {
-    s_exit_func = curr_func;
-  }
   if (retval == 0)
   {
-    vsf_sysutil_clear_pid_cache();
+    vsf_sysutil_post_fork();
   }
   return retval;
 }
@@ -2809,7 +2802,21 @@ vsf_sysutil_set_no_procs()
 }
 
 void
-vsf_sysutil_clear_pid_cache()
+vsf_sysutil_post_fork()
 {
+  int i;
+  /* Don't inherit any exit function. */
+  s_exit_func = NULL;
+  /* Uncached the current PID. */ 
   s_current_pid = -1;
+  /* Don't inherit anything relating to the synchronous signal system */
+  s_io_handler = NULL;
+  for (i=0; i < NSIG; ++i)
+  {
+    s_sig_details[i].sync_sig_handler = NULL;
+  }
+  for (i=0; i < NSIG; ++i)
+  {
+    s_sig_details[i].pending = 0;
+  }
 }

sysutil.h

@@ -165,7 +165,7 @@ void vsf_sysutil_free(void* p_ptr);
 
 /* Process creation/exit/process handling */
 unsigned int vsf_sysutil_getpid(void);
-void vsf_sysutil_clear_pid_cache(void);
+void vsf_sysutil_post_fork(void);
 int vsf_sysutil_fork(void);
 int vsf_sysutil_fork_failok(void);
 void vsf_sysutil_exit(int exit_code);

vsftpver.h

@@ -1,7 +1,7 @@
 #ifndef VSF_VERSION_H
 #define VSF_VERSION_H
 
-#define VSF_VERSION "2.2.1"
+#define VSF_VERSION "2.2.2"
 
 #endif /* VSF_VERSION_H */