ReactOS  0.4.15-dev-5606-gf34e425
preffw.c
Go to the documentation of this file.
1 /* preffw.c
2  *
3  * Copyright (c) 1992-2001 by Mike Gleason.
4  * All rights reserved.
5  *
6  */
7 
8 #include "syshdrs.h"
9 
10 #include "pref.h"
11 #include "util.h"
12 
13 /* How many times they've run this program. */
14 int gNumProgramRuns = 0;
15 
16 /* Firewall/proxy configuration parameters. */
17 int gFirewallType;
18 char gFirewallHost[64];
19 char gFirewallUser[32];
20 char gFirewallPass[32];
21 char gFirewallExceptionList[256];
22 unsigned int gFirewallPort;
23 int gFirewallPrefsLoaded = 0;
24 
25 /* Active or passive FTP? (PORT or PASV?) Or both? */
26 int gDataPortMode;
27 
28 /* Hack so the user/admin can set passive in the firewall
29  * prefs file.
30  */
31 int gFwDataPortMode = -1;
32 
33 extern FTPLibraryInfo gLib;
34 extern char gOurDirectoryPath[], gUser[], gVersion[];
35 
36 
37 /* Save a sample configuration file for the firewall/proxy setup. */
38 void
39 WriteDefaultFirewallPrefs(FILE *fp)
40 {
41  char *cp;
42  time_t now;
43 
44  FTPInitializeOurHostName(&gLib);
45  cp = strchr(gLib.ourHostName, '.');
46 
47  (void) fprintf(fp, "%s", "\
48 # NcFTP firewall preferences\n\
49 # ==========================\n\
50 #\n\
51 ");
52 
53  (void) fprintf(fp, "%s", "\
54 # If you need to use a proxy for FTP, you can configure it below.\n\
55 # If you do not need one, leave the ``firewall-type'' variable set\n\
56 # to 0. Any line that does not begin with the ``#'' character is\n\
57 # considered a configuration command line.\n\
58 ");
59  (void) fprintf(fp, "%s", "\
60 #\n\
61 # NOTE: NcFTP does NOT support HTTP proxies that do FTP, such as \"squid\"\n\
62 # or Netscape Proxy Server. Why? Because you have to communicate with\n\
63 # them using HTTP, and this is a FTP only program.\n\
64 ");
65  (void) fprintf(fp, "%s", "\
66 #\n\
67 # Types of firewalls:\n\
68 # ------------------\n\
69 #\n\
70 # type 1: Connect to firewall host, but send \"USER user@real.host.name\"\n\
71 #\n\
72 ");
73  (void) fprintf(fp, "%s", "\
74 # type 2: Connect to firewall, login with \"USER fwuser\" and\n\
75 # \"PASS fwpassword\", and then \"USER user@real.host.name\"\n\
76 #\n\
77 # type 3: Connect to and login to firewall, and then use\n\
78 # \"SITE real.host.name\", followed by the regular USER and PASS.\n\
79 #\n\
80 ");
81  (void) fprintf(fp, "%s", "\
82 # type 4: Connect to and login to firewall, and then use\n\
83 # \"OPEN real.host.name\", followed by the regular USER and PASS.\n\
84 #\n\
85 # type 5: Connect to firewall host, but send\n\
86 # \"USER user@fwuser@real.host.name\" and\n\
87 # \"PASS pass@fwpass\" to login.\n\
88 #\n\
89 ");
90  (void) fprintf(fp, "%s", "\
91 # type 6: Connect to firewall host, but send\n\
92 # \"USER fwuser@real.host.name\" and\n\
93 # \"PASS fwpass\" followed by a regular\n\
94 # \"USER user\" and\n\
95 # \"PASS pass\" to complete the login.\n\
96 #\n\
97 ");
98  (void) fprintf(fp, "%s", "\
99 # type 7: Connect to firewall host, but send\n\
100 # \"USER user@real.host.name fwuser\" and\n\
101 # \"PASS pass\" followed by\n\
102 # \"ACCT fwpass\" to complete the login.\n\
103 #\n\
104 # type 0: Do NOT use a firewall (most users will choose this).\n\
105 #\n\
106 firewall-type=0\n\
107 #\n\
108 #\n\
109 #\n\
110 ");
111  (void) fprintf(fp, "%s", "\
112 # The ``firewall-host'' variable should be the IP address or hostname of\n\
113 # your firewall server machine.\n\
114 #\n\
115 ");
116 
117  if (cp == NULL) {
118  (void) fprintf(fp, "firewall-host=firewall.domain.com\n");
119  } else {
120  (void) fprintf(fp, "firewall-host=firewall%s\n", cp);
121  }
122 
123  (void) fprintf(fp, "%s", "\
124 #\n\
125 #\n\
126 #\n\
127 # The ``firewall-user'' variable tells NcFTP what to use as the user ID\n\
128 # when it logs in to the firewall before connecting to the outside world.\n\
129 #\n\
130 ");
131  (void) fprintf(fp, "firewall-user=%s\n", gUser);
132  (void) fprintf(fp, "%s", "\
133 #\n\
134 #\n\
135 #\n\
136 # The ``firewall-password'' variable is the password associated with\n\
137 # the firewall-user ID. If you set this here, be sure to change the\n\
138 # permissions on this file so that no one (except the superuser) can\n\
139 # see your password. You may also leave this commented out, and then\n\
140 # NcFTP will prompt you each time for the password.\n\
141 ");
142  (void) fprintf(fp, "%s", "\
143 #\n\
144 firewall-password=fwpass\n\
145 #\n\
146 #\n\
147 #\n\
148 # Your firewall may require you to connect to a non-standard port for\n\
149 # outside FTP services, instead of the internet standard port number (21).\n\
150 #\n\
151 firewall-port=21\n\
152 ");
153  (void) fprintf(fp, "%s", "\
154 #\n\
155 #\n\
156 #\n\
157 # You probably do not want to FTP to the firewall for hosts on your own\n\
158 # domain. You can set ``firewall-exception-list'' to a list of domains\n\
159 # or hosts where the firewall should not be used. For example, if your\n\
160 # domain was ``probe.net'' you could set this to ``.probe.net''.\n\
161 #\n\
162 ");
163  (void) fprintf(fp, "%s", "\
164 # If you leave this commented out, the default behavior is to attempt to\n\
165 # lookup the current domain, and exclude hosts for it. Otherwise, set it\n\
166 # to a list of comma-delimited domains or hostnames. The special token\n\
167 # ``localdomain'' is used for unqualified hostnames, so if you want hosts\n\
168 # without explicit domain names to avoid the firewall, be sure to include\n\
169 # that in your list.\n\
170 #\n\
171 ");
172 
173  if (cp != NULL) {
174  (void) fprintf(fp, "firewall-exception-list=%s,localhost,localdomain\n", cp);
175  } else {
176  (void) fprintf(fp, "firewall-exception-list=.probe.net,localhost,foo.bar.com,localdomain\n");
177  }
178 
179  (void) fprintf(fp, "%s", "\
180 #\n\
181 #\n\
182 #\n\
183 # You may also specify passive mode here. Normally this is set in the\n\
184 # regular $HOME/.ncftp/prefs file. This must be set to one of\n\
185 # \"on\", \"off\", or \"optional\", which mean always use PASV,\n\
186 # always use PORT, and try PASV then PORT, respectively.\n\
187 #\n\
188 #passive=on\n");
189 
190  time(&now);
191  (void) fprintf(fp, "\
192 #\n\
193 #\n\
194 #\n\
195 # NOTE: This file was created for you on %s\
196 # by NcFTP %.5s. Removing this file will cause the next run of NcFTP\n\
197 # to generate a new one, possibly with more configurable options.\n",
198  ctime(&now),
199  gVersion + 11);
200  (void) fprintf(fp, "\
201 #\n\
202 # ALSO: A %s file, if present, is processed before this file,\n\
203 # and a %s file, if present, is processed after.\n",
204  kGlobalFirewallPrefFileName,
205  kGlobalFixedFirewallPrefFileName
206  );
207 } /* CreateDefaultFirewallPrefs */
208 
209 
210 
211 
212 void
213 ProcessFirewallPrefFile(FILE *fp)
214 {
215  char line[256];
216  char *tok1, *tok2;
217  int n;
218 
219  /* Opened the firewall preferences file. */
220  line[sizeof(line) - 1] = '\0';
221  while (fgets(line, sizeof(line) - 1, fp) != NULL) {
222  tok1 = strtok(line, " =\t\r\n");
223  if ((tok1 == NULL) || (tok1[0] == '#'))
224  continue;
225  tok2 = strtok(NULL, "\r\n");
226  if (tok2 == NULL)
227  continue;
228  if (ISTREQ(tok1, "firewall-type")) {
229  n = atoi(tok2);
230  if ((n > 0) && (n <= kFirewallLastType))
231  gFirewallType = n;
232  } else if (ISTREQ(tok1, "firewall-host")) {
233  (void) STRNCPY(gFirewallHost, tok2);
234  } else if (ISTREQ(tok1, "firewall-port")) {
235  n = atoi(tok2);
236  if (n > 0)
237  gFirewallPort = (unsigned int) n;
238  } else if (ISTREQ(tok1, "firewall-user")) {
239  (void) STRNCPY(gFirewallUser, tok2);
240  } else if (ISTREQ(tok1, "firewall-pass")) {
241  (void) STRNCPY(gFirewallPass, tok2);
242  } else if (ISTREQ(tok1, "firewall-password")) {
243  (void) STRNCPY(gFirewallPass, tok2);
244  } else if (ISTREQ(tok1, "firewall-exception-list")) {
245  (void) STRNCPY(gFirewallExceptionList, tok2);
246  } else if (ISTREQ(tok1, "passive")) {
247  if (ISTREQ(tok2, "optional")) {
248  gDataPortMode = gFwDataPortMode = kFallBackToSendPortMode;
249  } else if (ISTREQ(tok2, "on")) {
250  gDataPortMode = gFwDataPortMode = kPassiveMode;
251  } else if (ISTREQ(tok2, "off")) {
252  gDataPortMode = gFwDataPortMode = kSendPortMode;
253  } else if ((int) isdigit(tok2[0])) {
254  gDataPortMode = gFwDataPortMode = atoi(tok2);
255  }
256  }
257  }
258 } /* ProcessFirewallPrefFile */
259 
260 
261 
262 
263 /* Load those options specific to the firewall/proxy settings. These are
264  * kept in a different file so that other programs can read it and not
265  * have to worry about the other junk in the prefs file.
266  */
267 void
268 LoadFirewallPrefs(int forceReload)
269 {
270  FILE *fp, *fp2;
271  char pathName[256];
272  char *cp;
273  int userFile = 0;
274  int sysFile = 0;
275 
276  if ((gFirewallPrefsLoaded != 0) && (forceReload == 0))
277  return;
278  gFirewallPrefsLoaded = 1;
279 
280  if (gOurDirectoryPath[0] == '\0')
281  return; /* Don't create in root directory. */
282  (void) OurDirectoryPath(pathName, sizeof(pathName), kFirewallPrefFileName);
283 
284  /* Set default values. */
285  gFirewallType = kFirewallNotInUse;
286  gFirewallPort = 0;
287  gFirewallHost[0] = '\0';
288  gFirewallUser[0] = '\0';
289  gFirewallPass[0] = '\0';
290  gFirewallExceptionList[0] = '\0';
291 
292  fp2 = fopen(kGlobalFirewallPrefFileName, FOPEN_READ_TEXT);
293  if (fp2 != NULL) {
294  /* Initialize to system-wide defaults. */
295  ProcessFirewallPrefFile(fp2);
296  (void) fclose(fp2);
297  sysFile++;
298  }
299 
300  fp = fopen(pathName, FOPEN_READ_TEXT);
301  if (fp != NULL) {
302  /* Do user's firewall file. */
303  ProcessFirewallPrefFile(fp);
304  (void) fclose(fp);
305  userFile = 1;
306  }
307 
308  fp2 = fopen(kGlobalFixedFirewallPrefFileName, FOPEN_READ_TEXT);
309  if (fp2 != NULL) {
310  /* Override with system-wide settings. */
311  ProcessFirewallPrefFile(fp2);
312  (void) fclose(fp2);
313  sysFile++;
314  }
315 
316  if ((userFile == 0) && (sysFile == 0)) {
317  /* Create a blank one, if
318  * there were no system-wide files.
319  */
320  fp = fopen(pathName, FOPEN_WRITE_TEXT);
321  if (fp != NULL) {
322  WriteDefaultFirewallPrefs(fp);
323  (void) fclose(fp);
324  (void) _chmod(pathName, 00600);
325  gNumProgramRuns = 1;
326  }
327  }
328 
329  if (gFirewallExceptionList[0] == '\0') {
330  FTPInitializeOurHostName(&gLib);
331  cp = strchr(gLib.ourHostName, '.');
332 
333  if (cp != NULL) {
334  (void) STRNCPY(gFirewallExceptionList, cp);
335  (void) STRNCAT(gFirewallExceptionList, ",localdomain");
336  }
337  }
338 } /* LoadFirewallPrefs */
gUser
char gUser[]
Definition: util.c:14
kFirewallLastType
#define kFirewallLastType
Definition: ncftp.h:396
gFirewallType
int gFirewallType
Definition: preffw.c:17
void
struct png_info_def **typedef void(__cdecl typeof(png_destroy_read_struct))(struct png_struct_def **
Definition: typeof.h:49
gFirewallUser
char gFirewallUser[32]
Definition: preffw.c:19
gFirewallPrefsLoaded
int gFirewallPrefsLoaded
Definition: preffw.c:23
WriteDefaultFirewallPrefs
void WriteDefaultFirewallPrefs(FILE *fp)
Definition: preffw.c:39
FTPLibraryInfo::ourHostName
char ourHostName[64]
Definition: ncftp.h:118
n
GLdouble n
Definition: glext.h:7729
OurDirectoryPath
char * OurDirectoryPath(char *const dst, const size_t siz, const char *const fname)
Definition: util.c:486
STRNCPY
#define STRNCPY(dst, src, n)
Definition: rdesktop.h:168
FOPEN_WRITE_TEXT
#define FOPEN_WRITE_TEXT
Definition: syshdrs.h:83
kPassiveMode
#define kPassiveMode
Definition: ncftp.h:296
time
__u16 time
Definition: mkdosfs.c:366
kFirewallNotInUse
#define kFirewallNotInUse
Definition: ncftp.h:388
ISTREQ
#define ISTREQ(a, b)
Definition: util.h:33
FTPInitializeOurHostName
void FTPInitializeOurHostName(const FTPLIPtr)
Definition: open.c:63
gFirewallHost
char gFirewallHost[64]
Definition: preffw.c:18
fprintf
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
kSendPortMode
#define kSendPortMode
Definition: ncftp.h:295
gDataPortMode
int gDataPortMode
Definition: preffw.c:26
now
time_t now
Definition: finger.c:65
gOurDirectoryPath
char gOurDirectoryPath[]
Definition: util.c:17
line
Definition: parser.c:48
kFallBackToSendPortMode
#define kFallBackToSendPortMode
Definition: ncftp.h:297
isdigit
#define isdigit(c)
Definition: acclib.h:68
_chmod
_Check_return_ _CRTIMP int __cdecl _chmod(_In_z_ const char *_Filename, _In_ int _Mode)
kFirewallPrefFileName
#define kFirewallPrefFileName
Definition: pref.h:18
FOPEN_READ_TEXT
#define FOPEN_READ_TEXT
Definition: syshdrs.h:82
STRNCAT
#define STRNCAT(d, s)
Definition: Strn.h:48
gVersion
char gVersion[]
Definition: init.c:22
ctime
__u16 ctime
Definition: mkdosfs.c:362
LoadFirewallPrefs
void LoadFirewallPrefs(int forceReload)
Definition: preffw.c:268
_iobuf
Definition: mbstring.h:19
gFirewallPass
char gFirewallPass[32]
Definition: preffw.c:20
fclose
_Check_return_opt_ _CRTIMP int __cdecl fclose(_Inout_ FILE *_File)
fopen
_Check_return_ _CRTIMP FILE *__cdecl fopen(_In_z_ const char *_Filename, _In_z_ const char *_Mode)
line
IN PCTCH line
Definition: pager.h:36
gNumProgramRuns
int gNumProgramRuns
Definition: preffw.c:14
gLib
FTPLibraryInfo gLib
Definition: main.c:36
fgets
_Check_return_opt_ _CRTIMP char *__cdecl fgets(_Out_writes_z_(_MaxCount) char *_Buf, _In_ int _MaxCount, _Inout_ FILE *_File)
ProcessFirewallPrefFile
void ProcessFirewallPrefFile(FILE *fp)
Definition: preffw.c:213
time_t
__kernel_time_t time_t
Definition: linux.h:252
gFirewallExceptionList
char gFirewallExceptionList[256]
Definition: preffw.c:21
NULL
#define NULL
Definition: types.h:112
strtok
char * strtok(char *String, const char *Delimiters)
Definition: utclib.c:338
strchr
char * strchr(const char *String, int ch)
Definition: utclib.c:501
atoi
_Check_return_ int __cdecl atoi(_In_z_ const char *_Str)
kGlobalFirewallPrefFileName
#define kGlobalFirewallPrefFileName
Definition: pref.h:19
cp
POINT cp
Definition: magnifier.c:59
kGlobalFixedFirewallPrefFileName
#define kGlobalFixedFirewallPrefFileName
Definition: pref.h:20
gFirewallPort
unsigned int gFirewallPort
Definition: preffw.c:22
int
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31
gFwDataPortMode
int gFwDataPortMode
Definition: preffw.c:31