Attachment #3323 for bug #6898

View | Details | Raw Unified | Return to bug 6898
Collapse All | Expand All

Lines 58-67 Link Here

(-)proftpd-1.2.6rc1.orig/Make.rules.in (-2 / +2 lines)
58	#CFLAGS=-g -pedantic -DUSESHADOW -DDEBUG_NOFORK	58	#CFLAGS=-g -pedantic -DUSESHADOW -DDEBUG_NOFORK
59		59
60	OBJS=main.o timers.o sets.o pool.o dirtree.o support.o inet.o log.o \	60	OBJS=main.o timers.o sets.o pool.o dirtree.o support.o inet.o log.o \
61	io.o ident.o data.o modules.o auth.o fs.o	61	io.o ident.o data.o modules.o auth.o fs.o @TLS_OBJS@
62	BUILD_OBJS=src/main.o src/timers.o src/sets.o src/pool.o src/dirtree.o \	62	BUILD_OBJS=src/main.o src/timers.o src/sets.o src/pool.o src/dirtree.o \
63	src/support.o src/inet.o src/log.o src/io.o src/ident.o \	63	src/support.o src/inet.o src/log.o src/io.o src/ident.o \
64	src/data.o src/modules.o src/auth.o src/fs.o	64	src/data.o src/modules.o src/auth.o src/fs.o @TLS_BUILD_OBJS@
65		65
66	LIB_OBJS=getopt.o getopt1.o pr_fnmatch.o strsep.o vsnprintf.o glibc-glob.o \	66	LIB_OBJS=getopt.o getopt1.o pr_fnmatch.o strsep.o vsnprintf.o glibc-glob.o \
67	glibc-mkstemp.o pwgrent.o	67	glibc-mkstemp.o pwgrent.o




TLS patch for proftpd-1.2.5 together with OpenSSL >= 0.9.4, based on the
"draft-murray-auth-ftp-ssl-09.txt" IETF draft.
Copyright (c) 2000 Peter 'Luna' Runestig <peter@runestig.com>
The verify_crl() function by Ralf S. Engelschall <rse@engelschall.com>
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit. (http://www.openssl.org/)
This product includes cryptographic software written by
Eric Young (eay@cryptsoft.com)

Patching:
	$ tar xzf proftpd-1.2.5.tar.gz
	$ cd proftpd-1.2.5
	$ patch -p1 < ../proftpd-tls.current.patch

	Or just use the prepatched tarball.

Configuring:
	$ ./configure [--with-openssl-dir=DIR]
	
Building:
	$ make

Installation:
	$ make install

By default, proftpd looks for a single configuration file at
/usr/local/etc/proftpd.conf.  Copy sample-configurations/basic.conf to
/usr/local/etc/proftpd.conf and modify to suit your needs.  More advanced
configuration examples are also included.

The proftpd server tries to use these TLS related files by default:
ftpd-rsa.pem		RSA certificate, may include private key
ftpd-rsa-key.pem	RSA private key
ftpd-dsa.pem		DSA certificate, may include private key
ftpd-dsa-key.pem	DSA private key
ftpd-crl.pem		Certificate Revokation List
ftpd-dhparam.pem	DH Parameters (a set of DH params is compiled in)

These files is searched for in the following directorys (in this order):
* Current working directory of the process.
* Specified by the `X509_get_default_cert_dir_env()` environment variable
  (usually $SSL_CERT_DIR).
* `X509_get_default_cert_dir()`, usually (openssl-dir)/certs.
* `X509_get_default_private_dir()`, usually (openssl-dir/private.

Default CRL directory for the proftpd server is (openssl-dir)/crl.

If you don't have any "proper" certificate files (signed by some CA), you might
create a self-signed one using the ``openssl'' command:
$ openssl req -new -x509 -days 365 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem
This creates a cert which is valid 365 days, you might want to adjust that.

X509 client authentication
--------------------------
Support for user authentication is possible through the custom function
int x509_to_user(X509 *peer_cert, char *userid, int len) in the file
src/x509_to_user.c, and by a .tlslogin file in the user's home directory.

o  tls_userid_from_client_cert() is called and returns a user id or NULL.
   tls_userid_from_client_cert() calls the site specific function
   x509_to_user().

o  If the user name, set by the USER command, equals the user id mapped from the
   client cert, the user is logged right in.

o  If "USER" differ from the user id mapped from the client cert the function
   tls_is_user_valid() is called to check "USER"'s ~/.tlslogin file.
   That file, if it exist, contains one or more X509 certificates in PEM for-
   mat. If the client cert is present in the file, the user is logged right in.

o  If tls_userid_from_client_cert() can't map a user id from the client cert,
   tls_is_user_valid() is called to check "USER"'s  ~/.tlslogin file. If the
   client cert is present in the file, the user is logged right in.

Hash symlinks for certs: ln -s cert.pem `openssl x509 -hash -noout -in cert.pem`.0
Hash symlinks for CRLs:  ln -s crl.pem `openssl crl -hash -noout -in crl.pem`.r0

Default cipher list is "ALL:!EXP".

How to put together a  'cipher list string':
  Key Exchange Algorithms:
    "kRSA"      RSA key exchange
    "kDHr"      Diffie-Hellman key exchange (key from RSA cert)
    "kDHd"      Diffie-Hellman key exchange (key from DSA cert)
    "kEDH'      Ephemeral Diffie-Hellman key exchange (temporary key)

  Authentication Algorithm:
    "aNULL"     No authentication
    "aRSA"      RSA authentication
    "aDSS"      DSS authentication
    "aDH"       Diffie-Hellman authentication

  Cipher Encoding Algorithm:
    "eNULL"     No encodiing
    "DES"       DES encoding
    "3DES"      Triple DES encoding
    "RC4"       RC4 encoding
    "RC2"       RC2 encoding
    "IDEA"      IDEA encoding

  MAC Digest Algorithm:
    "MD5"       MD5 hash function
    "SHA1"      SHA1 hash function
    "SHA"       SHA hash function (should not be used)

  Aliases:
    "ALL"       all ciphers
    "SSLv2"     all SSL version 2.0 ciphers (should not be used)
    "SSLv3"     all SSL version 3.0 ciphers
    "EXP"       all export ciphers (40-bit)
    "EXPORT56"  all export ciphers (56-bit)
    "LOW"       all low strength ciphers (no export)
    "MEDIUM"    all ciphers with 128-bit encryption
    "HIGH"      all ciphers using greater than 128-bit encryption
    "RSA"       all ciphers using RSA key exchange
    "DH"        all ciphers using Diffie-Hellman key exchange
    "EDH"       all ciphers using Ephemeral Diffie-Hellman key exchange
    "ADH"       all ciphers using Anonymous Diffie-Hellman key exchange
    "DSS"       all ciphers using DSS authentication
    "NULL"      all ciphers using no encryption

Each item in the list may include a prefix modifier:

    "+"         move cipher(s) to the current location in the list
    "-"         remove cipher(s) from the list (may be added again by
                a subsequent list entry)
    "!"         kill cipher from the list (it may not be added again
                by a subsequent list entry)

If no modifier is specified the entry is added to the list at the current 
position.  "+" may also be used to combine tags to specify entries such as 
"RSA+RC4" describes all ciphers that use both RSA and RC4.

For example, all available ciphers not including ADH key exchange:

  ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

All algorithms including ADH and export but excluding patented algorithms: 

  HIGH:MEDIUM:LOW:EXPORT56:EXP:ADH:!kRSA:!aRSA:!RC4:!RC2:!IDEA

The OpenSSL command 

  openssl ciphers -v <list of ciphers> 

may be used to list all of the ciphers and the order described by a specific
<list of ciphers>.

Lines 18-23 Link Here

(-)proftpd-1.2.6rc1.orig/acconfig.h (+6 lines)
18	/* Define if you have BSD sendfile() semantics */	18	/* Define if you have BSD sendfile() semantics */
19	#undef HAVE_BSD_SENDFILE	19	#undef HAVE_BSD_SENDFILE
20		20
		21	/* Define to build with SSL/TLS support */
		22	#undef TLS
		23
		24	/* Define this symbol if support for OpenSSL zlib compression is enabled. */
		25	#undef ZLIB
		26
21	/* Define if you have Linux sendfile() semantics */	27	/* Define if you have Linux sendfile() semantics */
22	#undef HAVE_LINUX_SENDFILE	28	#undef HAVE_LINUX_SENDFILE
23		29

Lines 19-24 Link Here

(-)proftpd-1.2.6rc1.orig/config.h.in (-1 / +7 lines)
19	/* Define if you have BSD sendfile() semantics */	19	/* Define if you have BSD sendfile() semantics */
20	#undef HAVE_BSD_SENDFILE	20	#undef HAVE_BSD_SENDFILE
21		21
		22	/* Define to build with SSL/TLS support */
		23	#undef TLS
		24
		25	/* Define this symbol if support for OpenSSL zlib compression is enabled. */
		26	#undef ZLIB
		27
22	/* Define if you have Linux sendfile() semantics */	28	/* Define if you have Linux sendfile() semantics */
23	#undef HAVE_LINUX_SENDFILE	29	#undef HAVE_LINUX_SENDFILE
24		30
Lines 423-429 Link Here
423	/* Define if you have the <utmpx.h> header file. */	429	/* Define if you have the <utmpx.h> header file. */
424	#undef HAVE_UTMPX_H	430	#undef HAVE_UTMPX_H
425		431
426	/* Define if you have the "vmsdir.h" header file. */	432	/* Define if you have the <vmsdir.h> header file. */
427	#undef HAVE_VMSDIR_H	433	#undef HAVE_VMSDIR_H
428		434
429	/* Define if you have the bind library (-lbind). */	435	/* Define if you have the bind library (-lbind). */

Lines 838-843 Link Here

(-)proftpd-1.2.6rc1.orig/configure (+242 lines)
838		838
839	--enable-shadow force compilation of shadowed password support	839	--enable-shadow force compilation of shadowed password support
840		840
		841	--disable-tls disable TLS security
		842	--enable-tls_zlib enable use of OpenSSL zlib compression (EXPERIMENTAL)
841		843
842	Optional Packages:	844	Optional Packages:
843	--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]	845	--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
Lines 854-859 Link Here
854	LIST is a ':' separated list of modules to add	856	LIST is a ':' separated list of modules to add
855	e.g. --with-modules=mod_pam:mod_readme	857	e.g. --with-modules=mod_pam:mod_readme
856		858
		859	--with-openssl-dir=DIR specify location of the OpenSSL directory
857		860
858	Some influential environment variables:	861	Some influential environment variables:
859	CC C compiler command	862	CC C compiler command
Lines 3495-3500 Link Here
3495	fi	3498	fi
3496		3499
3497		3500
		3501	# Check whether --with-openssl-dir or --without-openssl-dir was given.
		3502	if test "${with_openssl_dir+set}" = set; then
		3503	withval="$with_openssl_dir"
		3504	OPENSSLDIR=$withval
		3505	fi;
		3506	if test -n "$OPENSSLDIR"; then
		3507	LIBS="$LIBS -L$OPENSSLDIR/lib"
		3508	CPPFLAGS="$CPPFLAGS -I$OPENSSLDIR/include"
		3509	fi
		3510
		3511	# Check whether --enable-tls or --disable-tls was given.
		3512	if test "${enable_tls+set}" = set; then
		3513	enableval="$enable_tls"
		3514
		3515	else
		3516	enable_tls=yes
		3517	fi;
		3518	# Check whether --enable-tls_zlib or --disable-tls_zlib was given.
		3519	if test "${enable_tls_zlib+set}" = set; then
		3520	enableval="$enable_tls_zlib"
		3521
		3522	else
		3523	enable_tls_zlib=no
		3524	fi;
		3525
		3526
3498	echo "$as_me:$LINENO: checking for set_auth_parameters in -lsecurity" >&5	3527	echo "$as_me:$LINENO: checking for set_auth_parameters in -lsecurity" >&5
3499	echo $ECHO_N "checking for set_auth_parameters in -lsecurity... $ECHO_C" >&6	3528	echo $ECHO_N "checking for set_auth_parameters in -lsecurity... $ECHO_C" >&6
3500	if test "${ac_cv_lib_security_set_auth_parameters+set}" = set; then	3529	if test "${ac_cv_lib_security_set_auth_parameters+set}" = set; then
Lines 10449-10454 Link Here
10449	esac	10478	esac
10450	fi	10479	fi
10451		10480
		10481	if test "$enable_tls" = yes; then
		10482	# look for OpenSSL libraries
		10483	echo "$as_me:$LINENO: checking for X509_STORE_load_locations in -lcrypto" >&5
		10484	echo $ECHO_N "checking for X509_STORE_load_locations in -lcrypto... $ECHO_C" >&6
		10485	if test "${ac_cv_lib_crypto_X509_STORE_load_locations+set}" = set; then
		10486	echo $ECHO_N "(cached) $ECHO_C" >&6
		10487	else
		10488	ac_check_lib_save_LIBS=$LIBS
		10489	LIBS="-lcrypto $LIBS"
		10490	cat >conftest.$ac_ext <<_ACEOF
		10491	#line $LINENO "configure"
		10492	#include "confdefs.h"
		10493
		10494	/* Override any gcc2 internal prototype to avoid an error. */
		10495	#ifdef __cplusplus
		10496	extern "C"
		10497	#endif
		10498	/* We use char because int might match the return type of a gcc2
		10499	builtin and then its argument prototype would still apply. */
		10500	char X509_STORE_load_locations ();
		10501	#ifdef F77_DUMMY_MAIN
		10502	# ifdef __cplusplus
		10503	extern "C"
		10504	# endif
		10505	int F77_DUMMY_MAIN() { return 1; }
		10506	#endif
		10507	int
		10508	main ()
		10509	{
		10510	X509_STORE_load_locations ();
		10511	;
		10512	return 0;
		10513	}
		10514	_ACEOF
		10515	rm -f conftest.$ac_objext conftest$ac_exeext
		10516	if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
		10517	(eval $ac_link) 2>&5
		10518	ac_status=$?
		10519	echo "$as_me:$LINENO: \$? = $ac_status" >&5
		10520	(exit $ac_status); } &&
		10521	{ ac_try='test -s conftest$ac_exeext'
		10522	{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
		10523	(eval $ac_try) 2>&5
		10524	ac_status=$?
		10525	echo "$as_me:$LINENO: \$? = $ac_status" >&5
		10526	(exit $ac_status); }; }; then
		10527	ac_cv_lib_crypto_X509_STORE_load_locations=yes
		10528	else
		10529	echo "$as_me: failed program was:" >&5
		10530	cat conftest.$ac_ext >&5
		10531	ac_cv_lib_crypto_X509_STORE_load_locations=no
		10532	fi
		10533	rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
		10534	LIBS=$ac_check_lib_save_LIBS
		10535	fi
		10536	echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_X509_STORE_load_locations" >&5
		10537	echo "${ECHO_T}$ac_cv_lib_crypto_X509_STORE_load_locations" >&6
		10538	if test $ac_cv_lib_crypto_X509_STORE_load_locations = yes; then
		10539	LIBTLS=-lcrypto
		10540	else
		10541	{ { echo "$as_me:$LINENO: error: Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR" >&5
		10542	echo "$as_me: error: Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR" >&2;}
		10543	{ (exit 1); exit 1; }; }
		10544	fi
10545
10546	echo "$as_me:$LINENO: checking for SSL_accept in -lssl" >&5
10547	echo $ECHO_N "checking for SSL_accept in -lssl... $ECHO_C" >&6
10548	if test "${ac_cv_lib_ssl_SSL_accept+set}" = set; then
10549	echo $ECHO_N "(cached) $ECHO_C" >&6
10550	else
10551	ac_check_lib_save_LIBS=$LIBS
10552	LIBS="-lssl -lcrypto $LIBS"
10553	cat >conftest.$ac_ext <<_ACEOF
10554	#line $LINENO "configure"
10555	#include "confdefs.h"
10556
10557	/* Override any gcc2 internal prototype to avoid an error. */
10558	#ifdef __cplusplus
10559	extern "C"
10560	#endif
10561	/* We use char because int might match the return type of a gcc2
10562	builtin and then its argument prototype would still apply. */
10563	char SSL_accept ();
10564	#ifdef F77_DUMMY_MAIN
10565	# ifdef __cplusplus
10566	extern "C"
10567	# endif
10568	int F77_DUMMY_MAIN() { return 1; }
10569	#endif
10570	int
10571	main ()
10572	{
10573	SSL_accept ();
10574	;
10575	return 0;
10576	}
10577	_ACEOF
10578	rm -f conftest.$ac_objext conftest$ac_exeext
10579	if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
10580	(eval $ac_link) 2>&5
10581	ac_status=$?
10582	echo "$as_me:$LINENO: \$? = $ac_status" >&5
10583	(exit $ac_status); } &&
10584	{ ac_try='test -s conftest$ac_exeext'
10585	{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
10586	(eval $ac_try) 2>&5
10587	ac_status=$?
10588	echo "$as_me:$LINENO: \$? = $ac_status" >&5
10589	(exit $ac_status); }; }; then
10590	ac_cv_lib_ssl_SSL_accept=yes
10591	else
10592	echo "$as_me: failed program was:" >&5
10593	cat conftest.$ac_ext >&5
10594	ac_cv_lib_ssl_SSL_accept=no
10595	fi
10596	rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
10597	LIBS=$ac_check_lib_save_LIBS
10598	fi
10599	echo "$as_me:$LINENO: result: $ac_cv_lib_ssl_SSL_accept" >&5
10600	echo "${ECHO_T}$ac_cv_lib_ssl_SSL_accept" >&6
10601	if test $ac_cv_lib_ssl_SSL_accept = yes; then
10602	LIBTLS="-lssl $LIBTLS"
10603	else
10604	{ { echo "$as_me:$LINENO: error: Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR" >&5
10605	echo "$as_me: error: Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR" >&2;}
10606	{ (exit 1); exit 1; }; }
10607	fi
10608
10609	ac_core_modules="$ac_core_modules mod_tls.o"
10610	ac_build_core_modules="$ac_build_core_modules modules/mod_tls.o"
10611	TLS_OBJS="tlsutil.o x509_to_user.o"
10612	TLS_BUILD_OBJS="src/tlsutil.o src/x509_to_user.o"
10613
10614
10615	cat >>confdefs.h <<\_ACEOF
10616	#define TLS 1
10617	_ACEOF
10618
10619	if test "$enable_tls_zlib" = yes; then
10620	echo "$as_me:$LINENO: checking for compress in -lz" >&5
10621	echo $ECHO_N "checking for compress in -lz... $ECHO_C" >&6
10622	if test "${ac_cv_lib_z_compress+set}" = set; then
10623	echo $ECHO_N "(cached) $ECHO_C" >&6
10624	else
10625	ac_check_lib_save_LIBS=$LIBS
10626	LIBS="-lz $LIBS"
10627	cat >conftest.$ac_ext <<_ACEOF
10628	#line $LINENO "configure"
10629	#include "confdefs.h"
10630
10631	/* Override any gcc2 internal prototype to avoid an error. */
10632	#ifdef __cplusplus
10633	extern "C"
10634	#endif
10635	/* We use char because int might match the return type of a gcc2
10636	builtin and then its argument prototype would still apply. */
10637	char compress ();
10638	#ifdef F77_DUMMY_MAIN
10639	# ifdef __cplusplus
10640	extern "C"
10641	# endif
10642	int F77_DUMMY_MAIN() { return 1; }
10643	#endif
10644	int
10645	main ()
10646	{
10647	compress ();
10648	;
10649	return 0;
10650	}
10651	_ACEOF
10652	rm -f conftest.$ac_objext conftest$ac_exeext
10653	if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
10654	(eval $ac_link) 2>&5
10655	ac_status=$?
10656	echo "$as_me:$LINENO: \$? = $ac_status" >&5
10657	(exit $ac_status); } &&
10658	{ ac_try='test -s conftest$ac_exeext'
10659	{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
10660	(eval $ac_try) 2>&5
10661	ac_status=$?
10662	echo "$as_me:$LINENO: \$? = $ac_status" >&5
10663	(exit $ac_status); }; }; then
10664	ac_cv_lib_z_compress=yes
10665	else
10666	echo "$as_me: failed program was:" >&5
10667	cat conftest.$ac_ext >&5
10668	ac_cv_lib_z_compress=no
10669	fi
10670	rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
10671	LIBS=$ac_check_lib_save_LIBS
10672	fi
10673	echo "$as_me:$LINENO: result: $ac_cv_lib_z_compress" >&5
10674	echo "${ECHO_T}$ac_cv_lib_z_compress" >&6
10675	if test $ac_cv_lib_z_compress = yes; then
10676	LIBS="$LIBS -lz"
10677	else
10678	{ { echo "$as_me:$LINENO: error: Could not find ZLIB library needed." >&5
10679	echo "$as_me: error: Could not find ZLIB library needed." >&2;}
10680	{ (exit 1); exit 1; }; }
10681	fi
10682
10683	cat >>confdefs.h <<\_ACEOF
10684	#define ZLIB 1
10685	_ACEOF
10686
10687	fi
10688	LIBS="$LIBS $LIBTLS"
10689	fi
10690
10452		10691
10453	for ac_func in setproctitle	10692	for ac_func in setproctitle
10454	do	10693	do
Lines 11740-11749 Link Here
11740	s,@INSTALL_DATA@,$INSTALL_DATA,;t t	11979	s,@INSTALL_DATA@,$INSTALL_DATA,;t t
11741	s,@RANLIB@,$RANLIB,;t t	11980	s,@RANLIB@,$RANLIB,;t t
11742	s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t	11981	s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t
		11982	s,@OPENSSLDIR@,$OPENSSLDIR,;t t
11743	s,@CPP@,$CPP,;t t	11983	s,@CPP@,$CPP,;t t
11744	s,@install_user@,$install_user,;t t	11984	s,@install_user@,$install_user,;t t
11745	s,@install_group@,$install_group,;t t	11985	s,@install_group@,$install_group,;t t
11746	s,@ALLOCA@,$ALLOCA,;t t	11986	s,@ALLOCA@,$ALLOCA,;t t
		11987	s,@TLS_OBJS@,$TLS_OBJS,;t t
		11988	s,@TLS_BUILD_OBJS@,$TLS_BUILD_OBJS,;t t
11747	s,@MODULES@,$MODULES,;t t	11989	s,@MODULES@,$MODULES,;t t
11748	s,@BUILD_MODULES@,$BUILD_MODULES,;t t	11990	s,@BUILD_MODULES@,$BUILD_MODULES,;t t
11749	s,@ADDL_DIRS@,$ADDL_DIRS,;t t	11991	s,@ADDL_DIRS@,$ADDL_DIRS,;t t

Lines 239-244 Link Here

(-)proftpd-1.2.6rc1.orig/configure.in (+36 lines)
239	AC_DEFINE(HAVE__PW_STAYOPEN)	239	AC_DEFINE(HAVE__PW_STAYOPEN)
240	fi	240	fi
241		241
		242	dnl TLS options
		243	AC_ARG_WITH(openssl-dir,
		244	[ --with-openssl-dir=DIR specify location of the OpenSSL directory],
		245	OPENSSLDIR=$withval)
		246	if test -n "$OPENSSLDIR"; then
		247	LIBS="$LIBS -L$OPENSSLDIR/lib"
		248	CPPFLAGS="$CPPFLAGS -I$OPENSSLDIR/include"
		249	fi
		250	AC_SUBST(OPENSSLDIR)
		251	AC_ARG_ENABLE(tls, [ --disable-tls disable TLS security],
		252	, enable_tls=yes)
		253	AC_ARG_ENABLE(tls_zlib, [ --enable-tls_zlib enable use of OpenSSL zlib compression (EXPERIMENTAL)],
		254	, enable_tls_zlib=no)
		255
242	AC_CHECK_LIB(security, set_auth_parameters)	256	AC_CHECK_LIB(security, set_auth_parameters)
243	AC_CHECK_HEADERS(sys/security.h)	257	AC_CHECK_HEADERS(sys/security.h)
244	AC_CHECK_HEADERS(krb.h)	258	AC_CHECK_HEADERS(krb.h)
Lines 536-541 Link Here
536	esac	550	esac
537	fi	551	fi
538		552
		553	dnl TLS options
		554	if test "$enable_tls" = yes; then
		555	# look for OpenSSL libraries
		556	AC_CHECK_LIB(crypto, X509_STORE_load_locations, LIBTLS=-lcrypto,
		557	AC_MSG_ERROR(Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR))
		558	AC_CHECK_LIB(ssl, SSL_accept, LIBTLS="-lssl $LIBTLS",
		559	AC_MSG_ERROR(Could not find OpenSSL library needed for SSL/TLS support. Try again using --with-openssl-dir=DIR), -lcrypto)
		560	ac_core_modules="$ac_core_modules mod_tls.o"
		561	ac_build_core_modules="$ac_build_core_modules modules/mod_tls.o"
		562	TLS_OBJS="tlsutil.o x509_to_user.o"
		563	TLS_BUILD_OBJS="src/tlsutil.o src/x509_to_user.o"
		564	AC_SUBST(TLS_OBJS)
		565	AC_SUBST(TLS_BUILD_OBJS)
		566	AC_DEFINE(TLS)
		567	if test "$enable_tls_zlib" = yes; then
		568	AC_CHECK_LIB(z, compress, LIBS="$LIBS -lz",
		569	AC_MSG_ERROR(Could not find ZLIB library needed.))
		570	AC_DEFINE(ZLIB)
		571	fi
		572	LIBS="$LIBS $LIBTLS"
		573	fi
		574
539	dnl Check for various argv[] replacing functions on various OSs	575	dnl Check for various argv[] replacing functions on various OSs
540	AC_CHECK_FUNCS(setproctitle)	576	AC_CHECK_FUNCS(setproctitle)
541	AC_CHECK_HEADERS(libutil.h)	577	AC_CHECK_HEADERS(libutil.h)

Lines 1-21 Link Here

(-)proftpd-1.2.6rc1.orig/contrib/dist/rpm/proftpd.spec.in (-2 / +35 lines)
1	# $Id: proftpd.spec.in,v 1.14 2002/05/19 14:38:42 jwm Exp $	1	# $Id: proftpd.spec.in,v 1.14 2002/05/19 14:38:42 jwm Exp $
2	#	2	#
		3	%define tls 1
		4	%if %{tls}
		5	%define TLSVERSION 20020711
		6	%define TLSVERSIONRELEASE 1
		7	%endif
		8	%if %{tls}
		9	Summary: ProFTPD -- Professional FTP Server (TLS enabled).
		10	%else
3	Summary: ProFTPD -- Professional FTP Server.	11	Summary: ProFTPD -- Professional FTP Server.
		12	%endif
4	Name: proftpd	13	Name: proftpd
5	Version: @VERSION@	14	Version: @VERSION@
		15	%if %{tls}
		16	Release: 1.tls.%{TLSVERSION}.%{TLSVERSIONRELEASE}
		17	%else
6	Release: 1	18	Release: 1
		19	%endif
7	Copyright: GPL	20	Copyright: GPL
8	Group: System Environment/Daemons	21	Group: System Environment/Daemons
9	Packager: Daniel Roesen <droesen@entire-systems.com>	22	Packager: Daniel Roesen <droesen@entire-systems.com> and Dr. Peter Bieringer <pbieringer@aerasec.de> (TLS)
10	Vendor: The ProFTPD Group	23	Vendor: The ProFTPD Group
11	URL: http://www.proftpd.org/	24	URL: http://www.proftpd.org/
12	Source: ftp://ftp.proftpd.org/distrib/%{name}-%{version}.tar.gz	25	Source: ftp://ftp.proftpd.org/distrib/%{name}-%{version}.tar.gz
		26	%if %{tls}
		27	Patch0: ftp://ftp.runestig.com/pub/%{name}-%{version}-tls.%{TLSVERSION}.patch.gz
		28	%endif
13	Prefix: /usr	29	Prefix: /usr
		30	%if %{tls}
		31	BuildRoot: %{_builddir}/%{name}-%{version}-%{TLSVERSION}-root
		32	Requires: pam >= 0.72, openssl
		33	%else
14	BuildRoot: %{_builddir}/%{name}-%{version}-root	34	BuildRoot: %{_builddir}/%{name}-%{version}-root
15	Requires: pam >= 0.72	35	Requires: pam >= 0.72
		36	%endif
16	Provides: ftpserver	37	Provides: ftpserver
17	Prereq: fileutils	38	Prereq: fileutils
18	Obsoletes: proftpd-core	39	Obsoletes: proftpd-core
		40	%if %{tls}
		41	BuildPreReq: openssl-devel
		42	%endif
19		43
20	%description	44	%description
21	ProFTPD is an enhanced FTP server with a focus toward simplicity, security,	45	ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
Lines 26-31 Link Here
26		50
27	There are two other packages you can use to setup for inetd or standalone	51	There are two other packages you can use to setup for inetd or standalone
28	operation.	52	operation.
		53	%if %{tls}
		54	This package is TLS enabled, used TLS patch version is: %{TLSVERSION}
		55	%endif
29		56
30	%package standalone	57	%package standalone
31	Summary: ProFTPD -- Setup for standalone operation.	58	Summary: ProFTPD -- Setup for standalone operation.
Lines 39-45 Link Here
39	%package inetd	66	%package inetd
40	Summary: ProFTPD -- Setup for inetd operation.	67	Summary: ProFTPD -- Setup for inetd operation.
41	Group: System Environment/Daemons	68	Group: System Environment/Daemons
42	Requires: proftpd	69	Requires: proftpd-tls
43	Obsoletes: proftpd-standalone	70	Obsoletes: proftpd-standalone
44		71
45	%description inetd	72	%description inetd
Lines 47-52 Link Here
47		74
48	%prep	75	%prep
49	%setup -q	76	%setup -q
		77	%if %{tls}
		78	%patch0 -p1
		79	%endif
50	CFLAGS="$RPM_OPT_FLAGS" ./configure \	80	CFLAGS="$RPM_OPT_FLAGS" ./configure \
51	--prefix=%{prefix} \	81	--prefix=%{prefix} \
52	--sysconfdir=/etc \	82	--sysconfdir=/etc \
Lines 178-183 Link Here
178	- Added use of %defattr to allow build of RPMs by non-root users	208	- Added use of %defattr to allow build of RPMs by non-root users
179	For details see http://bugs.proftpd.org/show_bug.cgi?id=1580	209	For details see http://bugs.proftpd.org/show_bug.cgi?id=1580
180		210
		211	* Mon May 07 2001 Dr. Peter Bieringer <pbieringer@aerasec.de>
		212	- Make "tls" usage switchable
		213
181	* Mon Mar 05 2001 Daniel Roesen <droesen@entire-systems.com>	214	* Mon Mar 05 2001 Daniel Roesen <droesen@entire-systems.com>
182	- PAM >= 0.72 is now a requirement. Versions before are broken and	215	- PAM >= 0.72 is now a requirement. Versions before are broken and
183	Red Hat provides a PAM update for all RH 6.x releases. See:	216	Red Hat provides a PAM update for all RH 6.x releases. See:










                                                    Paul Ford-Hutchinson
<draft-murray-auth-ftp-ssl-09.txt>                            IBM UK Ltd
                                                        Martin Carpenter
                                                            Verisign Inc
                                                              Tim Hudson
INTERNET-DRAFT (draft)                                 RSA Australia Ltd
                                                             Eric Murray
                                                        Wave Systems Inc
                                                          Volker Wiegand
                                                              SuSE Linux

                                                         2nd April, 2002
This document expires on 2nd October, 2002


                         Securing FTP with TLS


Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html













Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 1]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


Index
      1. .......... Abstract
      2. .......... Introduction
      3. .......... Audience
      4. .......... Session negotiation on the control port
      5. .......... Response to FEAT command
      6. .......... Data Connection Behaviour
      7. .......... Mechanisms for the AUTH Command
      8. .......... Data Connection Security
      9. .......... A discussion of negotiation behaviour
      10. ......... Who negotiates what, where and how
      11. ......... Timing Diagrams
      12. ......... Discussion of the REIN command
      13. ......... Discussion of the STAT and ABOR commands
      14. ......... Security Considerations
      15. ......... IANA Considerations
      16. ......... Other Parameters
      17. ......... Network Management
      18. ......... Internationalization
      19. ......... Scalability & Limits
      20. ......... Applicability
      21. ......... Acknowledgements
      22. ......... References
      23. ......... Authors' Contact Addresses



























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 2]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


1. Abstract

   This document describes a mechanism that can be used by FTP clients
   and servers to implement security and authentication using the TLS
   protocol defined by [RFC-2246] and the extensions to the FTP protocol
   defined by [RFC-2228].  It describes the subset of the extensions
   that are required and the parameters to be used; discusses some of
   the policy issues that clients and servers will need to take;
   considers some of the implications of those policies and discusses
   some expected behaviours of implementations to allow interoperation.
   This document is intended to provide TLS support for FTP in a similar
   way to that provided for SMTP in [RFC-2487] and HTTP in [RFC-2817].

   TLS is not the only mechanism for securing file transfer, however it
   does offer some of the following positive attributes:-

      - Flexible security levels.  TLS can support confidentiality,
      integrity, authentication or some combination of all of these.
      This allows clients and servers to dynamically, during a session,
      decide on the level of security required for a particular data
      transfer,

      - It is possible to use TLS identities to authenticate client
      users and not just client hosts.

      - Formalised public key management.  By use of well established
      client identity mechnisms (supported by TLS) during the
      authentication phase, certificate management may be built into a
      central function.  Whilst this may not be desirable for all uses
      of secured file transfer, it offers advantages in certain
      structured environments.

      - Co-existence and interoperation with authentication mechanisms
      that are already in place for the HTTPS protocol.  This allows web
      browsers to incorporate secure file transfer using the same
      infrastructure that has been set up to allow secure web browsing.

   The TLS protocol is a development of the Netscape Communication
   Corporation's SSL protocol and this document can be used to allow the
   FTP protocol to be used with either SSL or TLS.  The actual protocol
   used will be decided by the negotiation of the protected session by
   the TLS/SSL layer.  This document will only refer to the TLS
   protocol, however, it is understood that the Client and Server MAY
   actually be using SSL if they are so configured.

   Note that this specification is in accordance with the FTP RFC
   [RFC-959] and relies on the TLS protocol [RFC-2246] and the FTP
   security extensions [RFC-2228].



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 3]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


2.  Introduction

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
    "SHALL NOT",  "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and
   "OPTIONAL" that appear in this document are to be interpreted as
   described in [RFC-2119].

   This document is an attempt to describe how three other documents
   should combined to provide a useful, interoperable, secure file
   transfer protocol.  Those documents are:-


      RFC 959 [RFC-959]

         The description of the Internet File Transfer Protocol

      RFC 2246 [RFC-2246]

         The description of the Transport Layer Security protocol
         (developed from the Netscape Secure Sockets Layer (SSL)
         protocol version 3.0).

      RFC 2228 [RFC-2228]

         Extensions to the FTP protocol to allow negotiation of security
         mechanisms to allow authentication, confidentiality and message
         integrity.

   The File Transfer Protocol (FTP) currently defined in [RFC-959] and
   in place on the Internet is an excellent mechanism for exchanging
   files.  The security extensions to FTP in [RFC-2228] offer a
   comprehensive set of commands and responses that can be used to add
   authentication, integrity and confidentiality to the FTP protocol.
   The TLS protocol is a popular (due to its wholesale adoption in the
   HTTP environment) mechanism for generally securing a socket
   connection.
   There are many ways in which these three protocols can be combined
   which would ensure that interoperation is impossible.  This document
   describes one method by which FTP can operate securely in such a way
   as to provide both flexibility and interoperation.  This necessitates
   a brief description of the actual negotiation mechanism ; a much more
   detailed description of the policies and practices that would be
   required and a discussion of the expected behaviours of clients and
   servers to allow either party to impose their security requirements
   on the FTP session.


3.  Audience



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 4]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   This document is aimed at developers who wish to implement TLS as a
   security mechanism to secure FTP clients and/or servers.


4.  Session negotiation on the control port

   The server listens on the normal FTP control port {FTP-PORT} and the
   session initiation is not secured at all.  Once the client wishes to
   secure the session, the AUTH command is sent and the server MAY then
   allow TLS negotiation to take place.

  4.1  Client wants a secured session

     If a client wishes to attempt to secure a session then it SHOULD,
     in accordance with [RFC-2228] send the AUTH command with the
     parameter requesting TLS {TLS-PARM}.


     The client then needs to behave according to its policies depending
     on the response received from the server and also the result of the
     TLS negotiation.  i.e. A client which receives an AUTH rejection
     MAY choose to continue with the session unprotected if it so
     desires.

  4.2  Server wants a secured session

     The FTP protocol does not allow a server to directly dictate client
     behaviour, however the same effect can be achieved by refusing to
     accept certain FTP commands until the session is secured to an
     acceptable level to the server.

   The server response to an 'AUTH TLS' command which it will honour, is
   '234'.

      Note. The '334' response as defined in [RFC-2228] implies that an
      ADAT exchange will folow.  This document does not use the ADAT
      command and so the '334' reply is incorrect.

   Note. The FTP protocol insists that a USER command be used to
   identify the entity attempting to use the ftp server.  Although the
   TLS negotiation may be providing authentication information the USER
   command must still be isssued by the client.  However, it will be a
   server implementation issue to decide which credentials to accept and
   what consistency checks to make between any client cert used and the
   parameter on the USER command.

5.  Response to the FEAT command




Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 5]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   The FEAT command (introduced in [RFC-2389]) allows servers with
   additional features to advertise these to a client by responding to
   the FEAT command.  If a server supports the FEAT command then it MUST
   advertise supported AUTH, PBSZ and PROT commands in the reply as
   described in section 3.2 of [RFC-2389].  Additionally, the AUTH
   command should have a reply that identifies 'TLS' as one of the
   possible parameters to AUTH.  It is not necessary to identify the
   'TLS-C' synonym separately.

   Example reply (in same style is [RFC-2389])
      C> FEAT
      S> 211-Extensions supported
      S>  AUTH TLS
      S>  PBSZ
      S>  PROT
      S> 211 END


6. Data Connection Behaviour

   The Data Connection in the FTP model can be used in one of three
   ways.  (Note: these descriptions are not necessarily placed in exact
   chronological order, but do describe the steps required. - See
   diagrams later for clarification)

         i) Classic FTP client/server data exchange

         - The client obtains a port; sends the port number to the
         server; the server connects to the client.  The client issues a
         send or receive request to the server on the control connection
         and the data transfer commences on the data connection.

         ii) Firewall-Friendly client/server data exchange (as discussed
         in [RFC-1579]) using the PASV command to reverse the direction
         of the data connection.

         - The client requests that the server open a port; the server
         obtains a port and returns the address and port number to the
         client; the client connects to the server on this port.  The
         client issues a send or receive request on the control
         connection and the data transfer commences on the data
         connection.

         iii) Client initiated server/server data exchange (proxy or
         PASV connections)

         - The client requests that server A opens a port; server A
         obtains a port and returns it to the client; the client sends



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 6]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


         this port number to server B.  Server B connects to server A.
         The client sends a send or receive request to server A and the
         complement to server B and the data transfer commences.  In
         this model server A is the proxy or PASV host and is a client
         for the Data Connection to server B.

   For i) and ii) the FTP client MUST be the TLS client and the FTP
   server MUST be the TLS server.

   That is to say, it does not matter which side initiates the
   connection with a connect() call or which side reacts to the
   connection via the accept() call; the FTP client as defined in
   [RFC-959] is always the TLS client as defined in [RFC-2246].

   In scenario iii) there is a problem in that neither server A nor
   server B is the TLS client given the fact that an FTP server must act
   as a TLS server for Firewall-Friendly FTP [RFC-1579].  Thus this is
   explicitly excluded in the security extensions document [RFC-2228],
   and in this document.



7. Mechanisms for the AUTH Command

   The AUTH command takes a single parameter to define the security
   mechanism to be negotiated.  As the SSL/TLS protocols self-negotiate
   their levels there is no need to distinguish SSL vs TLS in the
   application layer.  The proposed mechanism name for negotiating TLS
   will be the character string identified in {TLS-PARM}.  This will
   allow the client and server to negotiate TLS on the control
   connection without altering the protection of the data channel.  To
   protect the data channel as well, the PBSZ:PROT command sequence MUST
   be used.

   Note: The data connection state MAY be modified by the client issuing
   the PROT command with the new desired level of data channel
   protection and the server replying in the affirmative.  This data
   channel protection negotiation can happen at any point in the session
   (even straight after a PORT or PASV command) and as often as is
   required.

      See also Section 15, "IANA Considerations".


8. Data Connection Security

   The Data Connection security level is determined by the PROT command




Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 7]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


      The PROT command, as specified in [RFC-2228] allows client/server
      negotiation of the security level of the data connection.  Once a
      PROT command has been issued by the client and accepted by the
      server returning the '200' reply, the security of subsequent data
      connections MUST be at that level until another PROT command is
      issued and accepted; the session ends; a REIN command is issued;
      or the security of the session (via an AUTH command) is re-
      negotiated.

   Data Connection Security Negotiation (the PROT command)

      Note: In line with [RFC-2228], there is no facility for securing
      the Data connection with an insecure Control connection.
      Specifically, the PROT command MUST be preceded by a PBSZ command
      and a PBSZ command MUST be preceded by a successful security data
      exchange (the TLS negotiation in this case)

      The command defined in [RFC-2228] to negotiate data connection
      security is the PROT command.  As defined there are four values
      that the PROT command parameter can take.

          'C' - Clear - neither Integrity nor Privacy

          'S' - Safe - Integrity without Privacy

          'E' - Confidential - Privacy without Integrity

          'P' - Private - Integrity and Privacy

      As TLS negotiation encompasses (and exceeds) the Safe /
      Confidential / Private distinction, only Private (use TLS) and
      Clear (don't use TLS) are used.

      For TLS, the data connection can have one of two security levels.

         1)Clear (requested by 'PROT C')

         2)Private (requested by 'PROT P')

      With 'Clear' protection level, the data connection is made without
      TLS at all.  Thus the connection is unauthenticated and has no
      confidentiality or integrity.  This might be the desired behaviour
      for servers sending file lists, pre-encrypted data or non-
      sensitive data (e.g. for anonymous FTP servers).

      If the data connection security level is 'Private' then a TLS
      negotiation must take place on the data connection, to the
      satisfaction of the Client and Server prior to any data being



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 8]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


      transmitted over the connection.  The TLS layers of the Client and
      Server will be responsible for negotiating the exact TLS Cipher
      Suites that will be used (and thus the eventual security of the
      connection).


      In addition, the PBSZ (protection buffer size) command, as
      detailed in [RFC-2228], is compulsory prior to any PROT command.
      This document also defines a data channel encapsulation mechanism
      for protected data buffers.  For FTP-TLS, which appears to the FTP
      application as a streaming protection mechanism, this is not
      required.  Thus the PBSZ command must still be issued, but must
      have a parameter of '0' to indicate that no buffering is taking
      place and the data connection should not be encapsulated.
       Note that PBSZ 0 is not in the grammar of [RFC-2228], section
      8.1, where it is stated:
         PBSZ <sp> <decimal-integer> <CRLF> <decimal-integer> ::= any
         decimal integer from 1 to (2^32)-1
      However it should be noted that using a value of '0' to mean a
      streaming protocol is a reasonable use of '0' for that parameter
      and is not ambiguous.

   Initial Data Connection Security

      The initial state of the data connection MUST be 'Clear' (this is
      the behaviour as indicated by [RFC-2228].)


9. A Discussion of Negotiation Behaviour

   9.1. The server's view of the control connection

      A server MAY have a policy statement somewhere that might:

         - Deny any command before TLS is negotiated (this might cause
         problems if a SITE or some such command is required prior to
         login)
         - Deny certain commands before TLS is negotiated (such as USER,
         PASS or ACCT)
         - Deny insecure USER commands for certain users (e.g. not
         ftp/anonymous)
         - Deny secure USER commands for certain users (e.g.
         ftp/anonymous)
         - Define the level(s) of TLS to be allowed
         - Define the CipherSuites allowed to be used (perhaps on a per
         host/domain/...  basis)
         - Allow TLS authentication as a substitute for local
         authentication.



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand    FORMFEED[Page 9]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


         - Define data connection policies (see next section)

         It is possible that the TLS negotiation may not be completed
         satisfactorily for the server, in which case it can be one of
         these states.

            The TLS negotiation failed completely

         In this case, the control connection should still be up in
         unprotected mode and the server SHOULD issue an unprotected
         '421' reply to end the session.

            The TLS negotiation completed successfully, but the server
            decides that the session parameters are not acceptable (e.g.
            Distinguished Name in the client certificate is not
            permitted to use the server)

         In this case, the control connection should still be up in a
         protected state, so the server MAY either continue to refuse to
         service commands or issue a protected '421' reply and close the
         connection.

            The TLS negotiation failed during the TLS handshake

         In this case, the control connection is in an unknown state and
         the server SHOULD simply drop the control connection.

      Server code will be responsible for implementing the required
      policies and ensuring that the client is prevented from
      circumventing the chosen security by refusing to service those
      commands that are against policy.

   9.2. The server's view of the data connection

      The server can take one of four basic views of the data connection

         1 - Don't allow encryption at all (in which case the PROT
         command should not allow any value other than 'C' - if it is
         allowed at all)
         2 - Allow the client to choose protection or not
         3 - Insist on data protection (in which case the PROT command
         must be issued prior to the first attempted data transfer)
         4 - Decide on one of the above three for each and every data
         connection

      The server SHOULD only check the status of the data protection
      level (for options 3 and 4 above) on the actual command that will
      initiate the data transfer (and not on the PORT or PASV).  The



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 10]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


      following commands, defined in [RFC-959] cause data connections to
      be opened and thus may be rejected (before any 1xx) message due to
      an incorrect PROT setting.


         STOR
         RETR
         NLST
         LIST
         STOU
         APPE


      The reply to indicate that the PROT setting is incorrect is
       '521 data connection cannot be opened with this PROT setting'
      If the protection level indicates that TLS is required, then it
      should be negotiated once the data connection is made.  Thus, the
      '150' reply only states that the command can be used given the
      current PROT level.  Should the server not like the TLS
      negotiation then it will close the data port immediately and
      follow the '150' command with a '522' reply indicating that the
      TLS negotiation failed or was unacceptable.  (Note: this means
      that the application can pass a standard list of CipherSuites to
      the TLS layer for negotiation and review the one negotiated for
      applicability in each instance).

      It is quite reasonable for the server to insist that the data
      connection uses a TLS cached session.  This might be a cache of a
      previous data connection or of the control connection.  If this is
      the reason for the the refusal to allow the data transfer then the
      '522' reply should indicate this.
      Note: this has an important impact on client design, but allows
      servers to minimise the cycles used during TLS negotiation by
      refusing to perform a full negotiation with a previously
      authenticated client.

      It should be noted that the TLS authentication of the server will
      be authentication of the server host itself and not a user on the
      server host.

   9.3. The client's view of the control connection

      In most cases it is likely that the client will be using TLS
      because the server would refuse to interact insecurely.  To allow
      for this, clients SHOULD be able to be flexible enough to manage
      the securing of a session at the appropriate time and still allow
      the user/server policies to dictate exactly when in the session
      the security is negotiated.



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 11]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


      In the case where it is the client that is insisting on the
      securing of the session, it will need to ensure that the
      negotiations are all completed satisfactorily and will need to be
      able to inform the user sensibly should the server not support, or
      be prepared to use, the required security levels.

      Clients SHOULD be coded in such a manner as to allow the timing of
      the AUTH, PBSZ and PROT commands to be flexible and dictated by
      the server.  It is quite reasonable for a server to refuse certain
      commands prior to these commands, similarly it is quite possible
      that a SITE or quoted command might be needed by a server prior to
      the AUTH.  A client MUST allow a user to override the timing of
      these commands to suit a specific server.
      For example, a client SHOULD NOT insist on sending the AUTH as the
      first command in a session, nor should it insist on issuing a
      PBSZ, PROT pair directly after the AUTH.  This may well be the
      default behaviour, but must be overridable by a user.

      Note: The TLS negotiation may not be completed satisfactorily for
      the client, in which case it will be in one of these states:

            The TLS negotiation failed completely

            In this case, the control connection should still be up in
            unprotected mode and the client should issue an unprotected
            QUIT command to end the session.

            The TLS negotiation completed successfully, but the client
            decides that the session parameters are not acceptable (e.g.
            Distinguished Name in certificate is not the actual server
            expected)

            In this case, the control connection should still be up in a
            protected state, so the client should issue a protected QUIT
            command to end the session.

            The TLS negotiation failed during the TLS handshake

            In this case, the control connection is in an unknown state
            and the client should simply drop the control connection.

   9.4. The client's view of the data connection

   Client security policies

      Clients do not typically have 'policies' as such, instead they
      rely on the user defining their actions and, to a certain extent,
      are reactive to the server policy.  Thus a client will need to



Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 12]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


      have commands that will allow the user to switch the protection
      level of the data connection dynamically, however, there may be a
      general 'policy' that attempts all LIST and NLST commands on a
      Clear connection first (and automatically switches to Private if
      it fails).  In this case there would need to be a user command
      available to ensure that a given data transfer was not attempted
      on an insecure data connection.

      Clients also need to understand that the level of the PROT setting
      is only checked for a particular data transfer after that transfer
      has been requested.  Thus a refusal by the server to accept a
      particular data transfer should not be read by the client as a
      refusal to accept that data protection level in toto, as not only
      may other data transfers be acceptable at that protection level,
      but it is entirely possible that the same transfer may be accepted
      at the same protection level at a later point in the session.

      It should be noted that the TLS authentication of the client
      should be authentication of a user on the client host and not the
      client host itself.































Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 13]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


10. Who negotiates what, where and how

   10.1. Do we protect at all ?

      Client issues 'AUTH TLS', server accepts or rejects.
      If server needs AUTH, then it refuses to accept certain commands
      until it gets a successfully protected session.

   10.2. What level of protection do we use on the Control connection ?

      Decided entirely by the TLS CipherSuite negotiation.

   10.3. Do we protect data connections in general ?

      Client issues PROT command, server accepts or rejects.


   10.4. Is protection required for a particular data transfer ?

      A client would already have issued a PROT command if it required
      the connection to be protected.
      If a server needs to have the connection protected then it will
      reply to the STOR/RETR/NLST/... command with a '522' indicating
      that the current state of the data connection protection level is
      not sufficient for that data transfer at that time.

   10.5. What level of protection is required for a particular data
   transfer ?

      Decided entirely by the TLS CipherSuite negotiation.

   Thus it can be seen that, for flexibility, it is desirable for the
   FTP application to be able to interact with the TLS layer upon which
   it sits to define and discover the exact TLS CipherSuites that are to
   be/have been negotiated and make decisions accordingly.
















Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 14]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


11. Timing Diagrams

   11.1. Establishing a protected session

           Client                                 Server
  control          data                   data               control
====================================================================

                                                             socket()
                                                             bind()
  socket()
  connect()  ----------------------------------------------> accept()
            <----------------------------------------------  220
  AUTH TLS   ---------------------------------------------->
            <----------------------------------------------  234
  TLSneg()  <----------------------------------------------> TLSneg()
  PBSZ 0     ---------------------------------------------->
            <----------------------------------------------  200
  PROT P     ---------------------------------------------->
            <----------------------------------------------  200
  USER fred  ---------------------------------------------->
            <----------------------------------------------  331
  PASS pass  ---------------------------------------------->
            <----------------------------------------------  230

Note 1: the order of the PBSZ/PROT pair and the USER/PASS pair (with
respect to each other) is not important (i.e. the USER/PASS can happen
prior to the PBSZ/PROT - or indeed the server can refuse to allow a
PBSZ/PROT pair until the USER/PASS pair has happened).

Note 2: the PASS command might not be required at all (if the USER
parameter and any client identity presented provide sufficient
authentication).  The server would indicate this by issuing a '232'
reply to the USER command instead of the '331' which requests a PASS
from the client.

Note 3: the AUTH command might not be the first command after the
receipt of the 220 welcome message.













Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 15]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   11.2. A standard data transfer without protection.

           Client                                 Server
  control          data                   data               control
====================================================================

                   socket()
                   bind()
  PORT w,x,y,z,a,b ----------------------------------------->
      <----------------------------------------------------- 200
  STOR file ------------------------------------------------>
                                          socket()
                                          bind()
      <----------------------------------------------------- 150
                   accept() <-----------  connect()
                   write()   -----------> read()
                   close()   -----------> close()
      <----------------------------------------------------- 226

































Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 16]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   11.3. A firewall-friendly data transfer without protection

           Client                                 Server
  control          data                   data               control
====================================================================

  PASV -------------------------------------------------------->
                                          socket()
                                          bind()
      <------------------------------------------ 227 (w,x,y,z,a,b)
                   socket()
  STOR file --------------------------------------------------->
                   connect()  ----------> accept()
      <-------------------------------------------------------- 150
                   write()    ----------> read()
                   close()    ----------> close()
      <-------------------------------------------------------- 226


    Note: Implementors should be aware that then connect()/accept()
    function is performed prior to the receipt of the reply from the
    STOR command. This contrasts with situation when (non-firewall-
    friendly) PORT is used prior to the STOR, and the accept()/connect()
    is performed after the reply from the aforementioned STOR has been
    dealt with.


























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 17]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   11.4. A standard data transfer with protection

           Client                                 Server
  control          data                   data               control
====================================================================

                   socket()
                   bind()
  PORT w,x,y,z,a,b -------------------------------------------->
      <-------------------------------------------------------- 200
  STOR file --------------------------------------------------->
                                          socket()
                                          bind()
      <-------------------------------------------------------- 150
                   accept()  <----------  connect()
                   TLSneg()  <----------> TLSneg()
                   TLSwrite() ----------> TLSread()
                   TLSshutdown() -------> TLSshutdown()
                   close()    ----------> close()
      <-------------------------------------------------------- 226































Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 18]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   11.5. A firewall-friendly data transfer with protection

           Client                                 Server
  control          data                   data               control
====================================================================

  PASV -------------------------------------------------------->
                                          socket()
                                          bind()
      <------------------------------------------ 227 (w,x,y,z,a,b)
                   socket()
  STOR file --------------------------------------------------->
                   connect()  ----------> accept()
      <-------------------------------------------------------- 150
                   TLSneg()   <---------> TLSneg()
                   TLSwrite()  ---------> TLSread()
                   TLSshutdown() -------> TLSshutdown()
                   close()     ---------> close()
      <-------------------------------------------------------- 226
































Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 19]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


12. Discussion of the REIN command

   The REIN command, defined in [RFC-959], allows the user to reset the
   state of the FTP session.  From [RFC-959]:
      REINITIALIZE (REIN)
         This command terminates a USER, flushing all I/O and account
         information, except to allow any transfer in progress to be
         completed.  All parameters are reset to the default settings
         and the control connection is left open.  This is identical to
         the state in which a user finds himself immediately after the
         control connection is opened.  A USER command may be expected
         to follow.
   When this command is processed by the server,  the TLS session(s)
   MUST be cleared and the control and data connections revert to
   unprotected, clear communications.  It MAY be acceptable to use
   cached TLS sessions for subsequent connections, however a server MUST
   not mandate this.


































Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 20]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


13. Discussion of the STAT and ABOR commands

   The ABOR and STAT commands and the use of TCP Urgent Pointers

      [RFC-959] describes the use of Telnet commands (IP and DM) and the
      TCP Urgent pointer to indicate the transmission of commands on the
      control channel during the execution of a data transfer.  FTP uses
      the Telnet Interrupt Process and Data Mark commands in conjunction
      with Urgent data to preface two commands: ABOR (Abort Transfer)
      and STAT (Status request).

      The Urgent Pointer was used because in a Unix implementation the
      receipt of a TCP packet marked as Urgent would result in the the
      execution of the SIGURG interrupt handler.  This reliance on
      interrupt handlers was necessary on systems which did not
      implement select() or did not support multiple threads.  TLS does
      not support the notion of Urgent data.

      When TLS is implemented as a security method in FTP the server
      SHOULD NOT rely on the use of SIGURG to process input on the
      control channel during data transfers.  The client MUST send all
      data including Telnet commands across the TLS session.  The TLS
      session will be corrupted if any data is sent on a socket while
      TLS is active.



























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 21]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


14. Security Considerations

   This entire document deals with security considerations related to
   the File Transfer Protocol.

   14.1. Verification of Authentication tokens

      14.1.1. Server Certificates

         Although it is entirely an implementation decision, it is
         recommended that certificates used for server authentication of
         the TLS session contain the server identification information
         in a similar manner to those used for http servers.  (see
         [RFC-2818])

         Similarly, it is recommended that the certificate used for
         server authentication of Data connections is the same
         certificate as that used for the corresponding Control
         connection.

      14.1.2. Client Certificates

         - Deciding which client certificates to allow and defining
         which fields define what authentication information is entirely
         a server implementation issue.

         - It is also server implementation issue to decide if the
         authentication token presented for the data connection must
         match the one used for the corresponding control connection.

   14.2. Addressing FTP Security Considerations [RFC-2577]

      14.2.1. Bounce Attack

         A bounce attack should be harder in a secured FTP environment
         because:

            - The FTP server that is being used to initiate a false
            connection will always be a 'server' in the TLS context.
            Therefore, only services that act as 'clients' in the TLS
            context could be vulnerable.  This would be a counter-
            intuitive way to implement TLS on a service.

            - The FTP server would detect that the authentication
            credentials for the data connection are not the same as
            those for the control connection, thus the server policies
            COULD be set to drop the data connection.




Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 22]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


            - Genuine users are less likely to initiate such attacks
            when the authentication is strong and malicious users are
            less likely to gain access to the FTP server if the
            authentication is not easily subverted (password guessing,
            network tracing, etc...)

      14.2.2. Restricting Access

         This document presents a strong mechanism for solving the issue
         raised in this section.

      14.2.3. Protecting Passwords

         The twin solutions of strong authentication and data
         confidentiality ensure that this is not an issue when TLS is
         used to protect the control session.

      14.2.4. Privacy

         The TLS protocol ensures data confidentiality by encryption.
         Privacy (e.g. access to download logs, user profile
         information, etc...) is outside the scope of this document (and
         [RFC-2577] presumably)

      14.2.5. Protecting Usernames

         This is not an issue when TLS is used as the primary
         authentication mechanism.

      14.2.6. Port Stealing

         This proposal will do little for the Denial of Service element
         of this section, however, strong authentication on the data
         connection will prevent unauthorised connections retrieving or
         submitting files.

      14.2.7. Software-Base Security Problems

         Nothing in this proposal will affect the discussion in this
         section.


15. IANA Considerations

   {FTP-PORT} - The port assigned to the FTP control connection is 21.

16. Other Parameters




Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 23]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   {TLS-PARM} - The parameter for the AUTH command to indicate that TLS
   is required.  To request the TLS protocol in accordance with this
   document, the client MUST use 'TLS'

      To maintain backward compatability with older versions of this
      document, the server SHOULD accept 'TLS-C' as a synonym for 'TLS'

         Note - [RFC-2228] states that these parameters are case-
         insensitive.


17. Network Management

   NONE


18. Internationalization

   NONE


19. Scalability & Limits

   There are no issues other than those concerned with the ability of
   the server to refuse to have a complete TLS negotiation for each and
   every data connection, which will allow servers to retain throughput
   whilst using cycles only when necessary.
























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 24]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


20. Applicability

   This mechanism is generally applicable as a mechanism for securing
   the FTP protocol.  It is unlikely that anonymous FTP clients or
   servers will require such security (although some might like the
   authentication features without the confidentiality).


21. Acknowledgements

   o Netscape Communications Corporation for the original SSL protocol.

   o Eric Young for the SSLeay libraries.

   o University of California, Berkley for the original implementations
   of FTP and ftpd on which the initial implementation of these
   extensions were layered.

   o IETF CAT working group.

   o IETF TLS working group.

   o IETF FTPEXT working group.

   o Jeff Altman for the ABOR and STAT discussion.


























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 25]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


22. References

   [RFC-959] J. Postel, "File Transfer Protocol"
      RFC 959, October 1985.

   [RFC-1579] S. Bellovin, "Firewall-Friendly FTP"
      RFC 1579, February 1994.

   [RFC-2119] S. Bradner, "Key words for use in RFCs to Indicate
   Requirement Levels"
      RFC 2119, March 1997.

   [RFC-2222] J. Myers, "Simple Authentication and Security Layer"
      RFC 2222, October 1997.

   [RFC-2228] M. Horowitz, S. Lunt, "FTP Security Extensions"
      RFC 2228, October 1997.

   [RFC-2246] T. Dierks, C. Allen, "The TLS Protocol Version 1.0"
      RFC 2246, January 1999.

   [RFC-2389] P Hethmon, R.Elz, "Feature Negotiation Mechanism for the
   File Transfer Protocol"
      RFC 2389, August 1998.

   [RFC-2487] P Hoffman, "SMTP Service Extension for Secure SMTP over
   TLS"
      RFC 2487, January 1999.

   [RFC-2577] M Allman, S Ostermann, "FTP Security Considerations"
      RFC 2577, May 1999.

   [RFC-2817] R. Khare, S. Lawrence, "Upgrading to TLS Within HTTP/1.1"
      RFC 2817, May 2000.

   [RFC-2818] E. Rescorla,  "HTTP Over TLS"
      RFC 2818, May 2000.














Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 26]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


23. Authors' Contact Addresses

The FTP-TLS draft information site is at http://www.ford-
hutchinson.com/~fh-1-pfh/ftps-ext.html


Please send comments to Paul Ford-Hutchinson at the address below

        Tim Hudson                  Paul Ford-Hutchinson
           RSA Data Security           IBM UK Ltd
             Australia Pty Ltd         PO Box 31
                                       Birmingham Road
                                       Warwick
                                       United Kingdom
  tel -   +61 7 3227 4444             +44 1926 462005
  fax -   +61 7 3227 4400             +44 1926 496482
email - tjh@rsasecurity.com.au    paulfordh@uk.ibm.com

        Martin Carpenter            Eric Murray
           Verisign Ltd                Wave Systems Inc.
email -  mcarpenter@verisign.com    ericm@lne.com

        Volker Wiegand
           SuSE Linux
email -  wiegand@suse.de


























Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 27]





Internet-Draft            Secure FTP using TLS           2nd April, 2002


   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights.  Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11.  Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard.  Please address the information to the IETF Executive
   Director.

Copyright (C) The Internet Society (2002).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

This document expires on 2nd October, 2002




Ford-Hutchinson, Carpenter, Hudson, Murray & Wiegand   FORMFEED[Page 28]


Lines 33-38 Link Here

(-)proftpd-1.2.6rc1.orig/include/conf.h (+4 lines)
33		33
34	#include "version.h"	34	#include "version.h"
35	#include "config.h"	35	#include "config.h"
		36	#if defined(TLS) && defined(HAVE_SENDFILE)
		37	/* using sendfile() together with TLS breaks things! */
		38	#undef HAVE_SENDFILE
		39	#endif
36		40
37	#include "default_paths.h"	41	#include "default_paths.h"
38		42

Lines 32-37 Link Here

(-)proftpd-1.2.6rc1.orig/include/io.h (+7 lines)
32	#ifndef __IO_H	32	#ifndef __IO_H
33	#define __IO_H	33	#define __IO_H
34		34
		35	#ifdef TLS
		36	#include <openssl/ssl.h>
		37	#endif
		38
35	#define IO_READ 0	39	#define IO_READ 0
36	#define IO_WRITE 1	40	#define IO_WRITE 1
37		41
Lines 81-86 Link Here
81	IOBUF *buf;	85	IOBUF *buf;
82	IOREQ req; / Request buffer */	86	IOREQ req; / Request buffer */
83	int bufsize; /* Default size of request buffer */	87	int bufsize; /* Default size of request buffer */
		88	#ifdef TLS
		89	SSL tls_session; / OpenSSL SSL pointer */
		90	#endif
84	};	91	};
85		92
86	struct IO_Buffer {	93	struct IO_Buffer {




static unsigned char dh512_p[]={
	0xC0,0xC5,0x23,0x8D,0x3A,0xB3,0xA3,0x63,0x57,0xC0,0xD3,0xFE,
	0xD4,0xC2,0x8F,0x17,0x0E,0x7A,0xDB,0x8E,0x3B,0xB6,0xA5,0xC2,
	0x60,0x7D,0xE7,0x03,0xCC,0xA3,0x10,0xCC,0x82,0x39,0x3C,0x68,
	0xA0,0x82,0x9C,0x7A,0x4A,0x96,0x8C,0xB0,0x1A,0xB4,0xB8,0xA0,
	0x9E,0x64,0x9D,0x40,0x77,0x8A,0x9C,0x97,0x96,0x69,0x3D,0xCA,
	0xA8,0x25,0xAE,0xAB,
	};
static unsigned char dh512_g[]={
	0x02,
	};

DH *get_dh512()
	{
	DH *dh;

	if ((dh=DH_new()) == NULL) return(NULL);
	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
	if ((dh->p == NULL) || (dh->g == NULL))
		return(NULL);
	return(dh);
	}
/*	
-----BEGIN DH PARAMETERS-----
MEYCQQDAxSONOrOjY1fA0/7Uwo8XDnrbjju2pcJgfecDzKMQzII5PGiggpx6SpaM
sBq0uKCeZJ1Ad4qcl5ZpPcqoJa6rAgEC
-----END DH PARAMETERS-----
*/
static unsigned char dh768_p[]={
	0xB3,0x95,0x74,0xCE,0x0B,0xFD,0xAB,0xC3,0x53,0x9B,0x0B,0xFD,
	0x6E,0xB2,0x64,0x64,0x02,0xDD,0xFF,0x2E,0x77,0xEB,0x0D,0x6C,
	0xCE,0x04,0x2C,0x8E,0x5A,0xA7,0x96,0x45,0x54,0xA6,0x2F,0xBC,
	0xF9,0x77,0x1C,0x50,0x66,0x8E,0x48,0xA8,0x34,0xF0,0x81,0xDD,
	0x5B,0x5A,0xD4,0xA6,0x13,0x89,0x60,0x46,0x05,0x65,0x57,0x2C,
	0x1E,0x94,0x57,0x3C,0x3E,0x38,0xA6,0xFE,0x7B,0x03,0x7D,0x16,
	0x46,0xF6,0xB3,0x21,0x3C,0x44,0xF1,0xF1,0x90,0xCE,0x40,0x93,
	0x4B,0xE6,0xD6,0x0E,0x20,0x85,0xDA,0x9B,0x3F,0x5C,0x1F,0xDB,
	};
static unsigned char dh768_g[]={
	0x02,
	};

DH *get_dh768()
	{
	DH *dh;

	if ((dh=DH_new()) == NULL) return(NULL);
	dh->p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
	dh->g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
	if ((dh->p == NULL) || (dh->g == NULL))
		return(NULL);
	return(dh);
	}
/*
-----BEGIN DH PARAMETERS-----
MGYCYQCzlXTOC/2rw1ObC/1usmRkAt3/LnfrDWzOBCyOWqeWRVSmL7z5dxxQZo5I
qDTwgd1bWtSmE4lgRgVlVywelFc8Pjim/nsDfRZG9rMhPETx8ZDOQJNL5tYOIIXa
mz9cH9sCAQI=
-----END DH PARAMETERS-----
*/
static unsigned char dh1024_p[]={
	0xC1,0xD8,0x9C,0x90,0xB1,0x58,0x7C,0xE1,0x56,0x70,0xD7,0x61,
	0x6C,0x00,0xE6,0xE7,0x99,0x04,0x9F,0x86,0xD9,0xB4,0x11,0x09,
	0x23,0x18,0xAA,0x19,0xCA,0x49,0x7C,0xA8,0x9D,0xF7,0x43,0x3A,
	0xAF,0xC3,0x1F,0x0E,0xAE,0xBB,0xF2,0xEA,0x5B,0x62,0xA1,0x5F,
	0x7C,0x26,0xA8,0xB4,0x5D,0x2A,0x25,0xAB,0x88,0x70,0x27,0x06,
	0xD0,0xF5,0x01,0xD9,0x6A,0x1F,0x48,0x2D,0x9C,0xEC,0xFE,0xA8,
	0x45,0x97,0x1D,0xC0,0x8A,0xFF,0xE5,0xE1,0x79,0xDF,0x85,0x31,
	0xFC,0x58,0x91,0x35,0xE8,0xC7,0xDA,0x55,0x7B,0xAA,0xDD,0xC2,
	0x0A,0x94,0x34,0xF7,0xB4,0x4A,0x91,0x3B,0x1E,0x16,0x89,0x2A,
	0x04,0x47,0x5D,0xE9,0x42,0x47,0x5E,0x30,0x61,0xE8,0x42,0xC1,
	0x23,0xC7,0x97,0x78,0x63,0x36,0x9D,0x3B,
	};
static unsigned char dh1024_g[]={
	0x02,
	};

DH *get_dh1024()
	{
	DH *dh;

	if ((dh=DH_new()) == NULL) return(NULL);
	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
	if ((dh->p == NULL) || (dh->g == NULL))
		return(NULL);
	return(dh);
	}
/*
-----BEGIN DH PARAMETERS-----
MIGHAoGBAMHYnJCxWHzhVnDXYWwA5ueZBJ+G2bQRCSMYqhnKSXyonfdDOq/DHw6u
u/LqW2KhX3wmqLRdKiWriHAnBtD1AdlqH0gtnOz+qEWXHcCK/+Xhed+FMfxYkTXo
x9pVe6rdwgqUNPe0SpE7HhaJKgRHXelCR14wYehCwSPHl3hjNp07AgEC
-----END DH PARAMETERS-----
*/
static unsigned char dh1536_p[]={
	0xDA,0x68,0x25,0x7F,0x9D,0xB5,0x3F,0x42,0x05,0xBC,0x79,0x65,
	0x6F,0x19,0x6A,0x6F,0x70,0x11,0x91,0xF2,0x08,0x48,0x2B,0xE2,
	0x0C,0x15,0xD9,0x31,0xE7,0x3A,0x50,0x32,0x9F,0xFB,0xD6,0x56,
	0xFA,0xB4,0xA9,0x5F,0x22,0x17,0x52,0x72,0x2C,0xE3,0x5D,0xA1,
	0xA8,0xEF,0x16,0x42,0x35,0xC6,0xD9,0x64,0xC1,0xB3,0xB3,0x4C,
	0x09,0x90,0xF4,0x49,0xEF,0xDE,0x64,0x99,0xFF,0x3C,0x37,0x0A,
	0x91,0xA4,0x9E,0x38,0x27,0xF2,0x96,0x13,0x1E,0x15,0xA2,0x52,
	0xF1,0x54,0x0C,0xED,0x5C,0x38,0xC4,0xEC,0xFF,0xE2,0xFA,0x0A,
	0x41,0xBB,0x48,0x5D,0xD3,0x54,0xA1,0xEB,0xBD,0x1F,0x68,0xED,
	0x2A,0x49,0x7F,0x68,0x52,0xB3,0xA0,0x77,0x3E,0x19,0xFB,0x44,
	0xCD,0x4B,0x21,0x3E,0x3B,0xBA,0xF6,0xA2,0x36,0x37,0xE5,0xFA,
	0x95,0xB0,0x7D,0x7B,0x58,0x96,0xC4,0xC9,0xC0,0xCF,0xD9,0x3F,
	0xA3,0x42,0x0B,0xD7,0xBE,0x1A,0xA8,0xB5,0x57,0x58,0xF4,0x04,
	0x97,0x54,0xB0,0x59,0x23,0x5F,0x98,0x09,0x90,0xC0,0x49,0x85,
	0x40,0x23,0x2D,0x21,0x3E,0xB0,0x07,0x06,0x07,0x32,0xFB,0xB9,
	0x91,0x40,0x92,0x09,0xED,0x07,0x80,0x05,0x14,0x5B,0xC1,0x9B,
	};
static unsigned char dh1536_g[]={
	0x02,
	};

DH *get_dh1536()
	{
	DH *dh;

	if ((dh=DH_new()) == NULL) return(NULL);
	dh->p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
	dh->g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
	if ((dh->p == NULL) || (dh->g == NULL))
		return(NULL);
	return(dh);
	}
/*
-----BEGIN DH PARAMETERS-----
MIHHAoHBANpoJX+dtT9CBbx5ZW8Zam9wEZHyCEgr4gwV2THnOlAyn/vWVvq0qV8i
F1JyLONdoajvFkI1xtlkwbOzTAmQ9Env3mSZ/zw3CpGknjgn8pYTHhWiUvFUDO1c
OMTs/+L6CkG7SF3TVKHrvR9o7SpJf2hSs6B3Phn7RM1LIT47uvaiNjfl+pWwfXtY
lsTJwM/ZP6NCC9e+Gqi1V1j0BJdUsFkjX5gJkMBJhUAjLSE+sAcGBzL7uZFAkgnt
B4AFFFvBmwIBAg==
-----END DH PARAMETERS-----
*/
static unsigned char dh2048_p[]={
	0xD0,0xE6,0xFF,0x1F,0x39,0xE0,0xCC,0x85,0xAC,0xA4,0xE6,0xDD,
	0x06,0xE5,0x2D,0xBF,0xEA,0x64,0x2E,0xC7,0x99,0x8A,0x0F,0xCB,
	0x3C,0x9D,0xEE,0xAC,0x61,0xFF,0x69,0x31,0x71,0xFE,0x2F,0x7B,
	0x65,0x95,0xA0,0xA4,0x59,0xB8,0xE3,0x66,0x5B,0x3F,0xD8,0x42,
	0x99,0x4F,0x09,0x44,0xC5,0x8D,0x8B,0x5D,0x16,0xAA,0x05,0x6E,
	0x8B,0x11,0x59,0x1F,0xD7,0x11,0x84,0x87,0x4D,0xBE,0xBB,0xBA,
	0x9A,0xF0,0xC3,0xE2,0x0E,0xB8,0x0F,0xFD,0x08,0xB1,0x48,0x98,
	0xDE,0x89,0xDA,0x00,0x15,0x04,0xA4,0x51,0xBE,0x5B,0x60,0x0A,
	0x0E,0x20,0xAC,0xC5,0x83,0x5D,0xC4,0x0F,0xA3,0x8E,0x11,0x66,
	0x2C,0xD3,0x61,0x5F,0x16,0x83,0xAA,0xCF,0x52,0x9C,0x7D,0x75,
	0xEA,0xCA,0x67,0xA3,0xAB,0x58,0x9F,0x67,0x17,0xA0,0x54,0x3A,
	0x2B,0xCA,0xB5,0x03,0x7E,0x50,0xBD,0x99,0x1E,0xEF,0xB2,0x8F,
	0xB4,0xFB,0xD2,0x2D,0x6A,0xA9,0xA2,0xC0,0xD4,0xD2,0x68,0x6C,
	0x21,0x71,0x78,0x75,0x82,0x4C,0xD8,0xE8,0x2C,0x0B,0xC9,0x3F,
	0xF6,0xF0,0x64,0xD9,0x6E,0x76,0xCB,0xBB,0x99,0xFB,0xBC,0x15,
	0x54,0x7B,0x7F,0x97,0x36,0x8F,0x0B,0x1C,0xFF,0xDD,0x28,0x99,
	0xE5,0x3A,0xAD,0xCD,0x84,0xAB,0xA1,0xEF,0xB2,0x21,0xEA,0xD6,
	0x49,0x22,0x6A,0x30,0x6A,0x63,0x2E,0x52,0x79,0xCF,0xBC,0xC2,
	0xB6,0x2E,0xA5,0x5D,0xB3,0xDA,0xC2,0xDD,0x02,0xEA,0x26,0x2F,
	0x3B,0x0A,0x12,0xBB,0xA2,0xEF,0x2B,0xFA,0xCC,0x25,0x63,0x1B,
	0xC3,0x00,0x18,0x8F,0x36,0xB7,0x30,0x5A,0x55,0x1A,0xE0,0x12,
	0xA1,0xD2,0x9C,0x93,
	};
static unsigned char dh2048_g[]={
	0x02,
	};

DH *get_dh2048()
	{
	DH *dh;

	if ((dh=DH_new()) == NULL) return(NULL);
	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
	if ((dh->p == NULL) || (dh->g == NULL))
		return(NULL);
	return(dh);
	}
/*
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA0Ob/HzngzIWspObdBuUtv+pkLseZig/LPJ3urGH/aTFx/i97ZZWg
pFm442ZbP9hCmU8JRMWNi10WqgVuixFZH9cRhIdNvru6mvDD4g64D/0IsUiY3ona
ABUEpFG+W2AKDiCsxYNdxA+jjhFmLNNhXxaDqs9SnH116spno6tYn2cXoFQ6K8q1
A35QvZke77KPtPvSLWqposDU0mhsIXF4dYJM2OgsC8k/9vBk2W52y7uZ+7wVVHt/
lzaPCxz/3SiZ5TqtzYSroe+yIerWSSJqMGpjLlJ5z7zCti6lXbPawt0C6iYvOwoS
u6LvK/rMJWMbwwAYjza3MFpVGuASodKckwIBAg==
-----END DH PARAMETERS-----
*/




/*
 * Copyright (c) 1999 - 2002 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *    o Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *    o Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *    o The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef _TLSUTIL_H_
#define _TLSUTIL_H_

extern int	tls_on_data;
extern int	tls_on_ctrl;
extern int 	tls_implicit;
extern int	tls_no_verify;
extern int	tls_dont_request_cert;
extern int	tls_required;
extern int	tls_init_error;
extern char 	*tls_rsa_key_file;
extern char	*tls_rsa_cert_file;
extern char 	*tls_dsa_key_file;
extern char	*tls_dsa_cert_file;
extern char	*tls_crl_file;
extern char	*tls_dhparam_file;
extern char	*tls_cipher_list;

int	tls_init(void);
int	tls_accept(conn_t *conn, int data_connection);
void	tls_cleanup(void);
void	tls_close_session(SSL *ssl);
int	tls_recv(int s, void *buf, size_t len, int flags);
int	tls_send(int s, const void *msg, size_t len, int flags);
ssize_t	tls_read(SSL *ssl, void *buf, size_t count);
ssize_t	tls_write(SSL *ssl, const void *buf, size_t count);
int	tls_pending(SSL *ssl);
void	tls_optarg(char *optarg);
char	*tls_userid_from_client_cert();
int	tls_is_user_valid(char *user);
void	tls_set_file_defaults(void);
int	tls_setup_session_cache(void);


#endif

Lines 67-72 Link Here

(-)proftpd-1.2.6rc1.orig/modules/mod_auth.c (-4 / +44 lines)
67	return 0;	67	return 0;
68	}	68	}
69		69
		70	#ifdef TLS
		71	static int tls_logged_in = 0;
		72	MODRET cmd_pass(cmd_rec *cmd);
		73	#include "tlsutil.h"
		74	#endif
		75
70	/* check_auth is hooked into the main server's auth_hook function,	76	/* check_auth is hooked into the main server's auth_hook function,
71	* so that we can deny all commands until authentication is complete.	77	* so that we can deny all commands until authentication is complete.
72	*/	78	*/
Lines 173-178 Link Here
173	char *cpw = NULL;	179	char *cpw = NULL;
174	config_rec *c;	180	config_rec *c;
175		181
		182	#ifdef TLS
		183	if (tls_logged_in)
		184	return 0;
		185	#endif
		186
176	if (conf) {	187	if (conf) {
177	c = find_config(conf,CONF_PARAM,"UserPassword",FALSE);	188	c = find_config(conf,CONF_PARAM,"UserPassword",FALSE);
178		189
Lines 1015-1020 Link Here
1015	if(c && c->subset)	1026	if(c && c->subset)
1016	resolve_anonymous_dirs(c->subset);	1027	resolve_anonymous_dirs(c->subset);
1017		1028
		1029	#if TLS
		1030	if (tls_logged_in)
		1031	log_auth(LOG_NOTICE, "USER %s: TLS/X509 authentication login successful.",
		1032	origuser);
		1033	else
		1034	#endif /* TLS */
1018	log_auth(LOG_NOTICE, "%s %s: Login successful.",	1035	log_auth(LOG_NOTICE, "%s %s: Login successful.",
1019	(c != NULL) ? "ANON" : "USER",	1036	(c != NULL) ? "ANON" : "USER",
1020	origuser);	1037	origuser);
Lines 1573-1578 Link Here
1573	config_rec *c;	1590	config_rec *c;
1574	char user, origuser;	1591	char user, origuser;
1575	int failnopwprompt = 0, aclp, i;	1592	int failnopwprompt = 0, aclp, i;
		1593	#ifdef TLS
		1594	char *tls_user = NULL;
		1595	#endif
1576		1596
1577	if(logged_in)	1597	if(logged_in)
1578	return ERROR_MSG(cmd,R_503,"You are already logged in!");	1598	return ERROR_MSG(cmd,R_503,"You are already logged in!");
Lines 1580-1585 Link Here
1580	if(cmd->argc < 2)	1600	if(cmd->argc < 2)
1581	return ERROR_MSG(cmd,R_500,"'USER': command requires a parameter.");	1601	return ERROR_MSG(cmd,R_500,"'USER': command requires a parameter.");
1582		1602
		1603	#ifdef TLS
		1604	if (tls_required && !tls_on_ctrl)
		1605	return ERROR_MSG(cmd, R_534,
		1606	"Server policy denies USER command on insecure connection.");
		1607	#endif
		1608
1583	user = cmd->arg;	1609	user = cmd->arg;
1584		1610
1585	remove_config(cmd->server->conf, C_USER, FALSE);	1611	remove_config(cmd->server->conf, C_USER, FALSE);
Lines 1652-1657 Link Here
1652	if(c && user && get_param_int(c->subset, "AnonRequirePassword", FALSE) != 1)	1678	if(c && user && get_param_int(c->subset, "AnonRequirePassword", FALSE) != 1)
1653	nopass++;	1679	nopass++;
1654		1680
		1681	#ifdef TLS
		1682	tls_user = tls_userid_from_client_cert();
		1683	if ((tls_user && !strcmp(user, tls_user)) \|\| tls_is_user_valid(user)) {
		1684	/* user is X509-authenticated */
		1685	tls_logged_in = 1;
		1686	return cmd_pass(cmd);
		1687	}
		1688	#endif
		1689
1655	if(nopass)	1690	if(nopass)
1656	add_response(R_331, "Anonymous login ok, send your complete email "	1691	add_response(R_331, "Anonymous login ok, send your complete email "
1657	"address as your password.");	1692	"address as your password.");
Lines 1680-1686 Link Here
1680	char *display = NULL;	1715	char *display = NULL;
1681	char user, grantmsg;	1716	char user, grantmsg;
1682	int res = 0;	1717	int res = 0;
1683		1718	char *reply_code = R_230;
		1719
1684	if(logged_in)	1720	if(logged_in)
1685	return ERROR_MSG(cmd, R_503, "You are already logged in!");	1721	return ERROR_MSG(cmd, R_503, "You are already logged in!");
1686		1722
Lines 1695-1700 Link Here
1695		1731
1696	_auth_check_count(cmd, user);	1732	_auth_check_count(cmd, user);
1697		1733
		1734	#ifdef TLS
		1735	if (tls_logged_in)
		1736	reply_code = R_232;
		1737	#endif
1698	if((res = _setup_environment(cmd->tmp_pool,user,cmd->arg)) == 1) {	1738	if((res = _setup_environment(cmd->tmp_pool,user,cmd->arg)) == 1) {
1699	add_config_param_set(&cmd->server->conf,"authenticated",1,(void*)1);	1739	add_config_param_set(&cmd->server->conf,"authenticated",1,(void*)1);
1700	set_auth_check(NULL);	1740	set_auth_check(NULL);
Lines 1713-1733 Link Here
1713	"DisplayLogin", FALSE);	1753	"DisplayLogin", FALSE);
1714		1754
1715	if(display)	1755	if(display)
1716	core_display_file(R_230, display, NULL);	1756	core_display_file(reply_code, display, NULL);
1717		1757
1718	if ((grantmsg = (char *)get_param_ptr((session.anon_config ?	1758	if ((grantmsg = (char *)get_param_ptr((session.anon_config ?
1719	session.anon_config->subset : cmd->server->conf),	1759	session.anon_config->subset : cmd->server->conf),
1720	"AccessGrantMsg",FALSE)) != NULL) {	1760	"AccessGrantMsg",FALSE)) != NULL) {
1721	grantmsg = sreplace(cmd->tmp_pool, grantmsg, "%u", user, NULL);	1761	grantmsg = sreplace(cmd->tmp_pool, grantmsg, "%u", user, NULL);
1722		1762
1723	add_response(R_230, "%s", grantmsg);	1763	add_response(reply_code, "%s", grantmsg);
1724		1764
1725	} else {	1765	} else {
1726		1766
1727	if (session.flags & SF_ANON)	1767	if (session.flags & SF_ANON)
1728	add_response(R_230, "Anonymous access granted, restrictions apply.");	1768	add_response(R_230, "Anonymous access granted, restrictions apply.");
1729	else	1769	else
1730	add_response(R_230, "User %s logged in.", user);	1770	add_response(reply_code, "User %s logged in.", user);
1731	}	1771	}
1732		1772
1733	logged_in = 1;	1773	logged_in = 1;




/*
 * ProFTPD - FTP server daemon
 * Copyright (c) 1997, 1998 Public Flood Software
 *  
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
 */
/*
 * AUTH/TLS module for ProFTPD, based on the mod_sample.c file.
 *
 * Copyright (c) 2000 - 2002 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *    o Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *    o Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *    o The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "conf.h"
#include <privs.h>
#include "tlsutil.h"

extern session_t session;

#define CHECK_TLS_INIT_ERROR()  if (tls_init_error) {			\
    char errmsg[256];            					\
    snprintf(errmsg, sizeof(errmsg),					\
	     "Local error code %d was returned from tls_init()", 	\
	     tls_init_error);						\
    return ERROR_MSG(cmd, R_431, errmsg); }

/* This sample configuration directive handler will get called
 * whenever the "FooBarDirective" directive is encountered in the
 * configuration file.
 */

MODRET set_rsacertfile(cmd_rec *cmd)
{
    config_rec *c;

    /* The CHECK_ARGS macro checks the number of arguments passed to the
     * directive against what we want.  Note that this is *one* less than
     * cmd->argc, because cmd->argc includes cmd->argv[0] (the directive
     * itself).  If CHECK_ARGS fails, a generic error is sent to the user
     */
    CHECK_ARGS(cmd, 1);

    /* The CHECK_CONF macro makes sure that this directive is not being
     * "used" in the wrong context (i.e. if the directive is only available
     * or applicable inside certain contexts).  In this case, we are allowing
     * the directive inside of <Anonymous> and <Limit>, but nowhere else.
     * If this macro fails a generic error is logged and the handler aborts.
     */
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    /* add_config_param adds a configuration paramater to our current
     * configuration context.
     */
    c = add_config_param_str("TlsRsaCertFile", 1, cmd->argv[1]);

    /* By adding the CF_MERGEDOWN flag to the parameter we just created
     * we are telling proftpd that this parameter should be copied and
     * "merged" into all "lower" contexts until it either hits a
     * parameter w/ the same name or bottoms out.
     *
     * Example _without_ CF_MERGEDOWN:
     *
     * <VirtualHost>
     *      |----------\
     *             <Anonymous>
     *                 | - FooBarDirective  <------- Config places it here
     *                 |-----------\
     *                         <Directory>  <------- Doesn't apply here
     *                             |-------------\
     *                                        <Limit> <--- Or here.....
     *
     * Now, if we specify CF_MERGDOWN, the tree ends up looking like:
     *
     * <VirtualHost>
     *      |----------\
     *             <Anonymous>
     *                 | - FooBarDirective  <------- Config places it here
     *                 |-----------\
     *                         <Directory>  <------- Now, it DOES apply here
     *                             | - FooBarDirective
     *                             |-------------\
     *                                        <Limit> <-------- And here ...
     *                                           | - FooBarDirective
     *
     */
    c->flags |= CF_MERGEDOWN;

    /* Tell proftpd that we handled the request w/ no problems.
     */
    return HANDLED(cmd);
}

MODRET set_rsakeyfile(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsRsaKeyFile", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_dsacertfile(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsDsaCertFile", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_dsakeyfile(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsDsaKeyFile", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_crlfile(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsCrlFile", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_dhparamfile(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsDhParamFile", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_cipherlist(cmd_rec *cmd)
{
    config_rec *c;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    c = add_config_param_str("TlsCipherList", 1, cmd->argv[1]);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_no_verify(cmd_rec *cmd)
{
    config_rec *c;
    int b;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    if ((b = get_boolean(cmd, 1)) == -1)
	CONF_ERROR(cmd, "expected boolean argument.");
    c = add_config_param("TlsCertsOk", 1, (void *) b);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_dont_request_cert(cmd_rec *cmd)
{
    config_rec *c;
    int b;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    if ((b = get_boolean(cmd, 1)) == -1)
	CONF_ERROR(cmd, "expected boolean argument.");
    c = add_config_param("TlsDontRequestCert", 1, (void *) b);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_required(cmd_rec *cmd)
{
    config_rec *c;
    int b;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    if ((b = get_boolean(cmd, 1)) == -1)
	CONF_ERROR(cmd, "expected boolean argument.");
    c = add_config_param("TlsRequired", 1, (void *) b);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET set_implicit(cmd_rec *cmd)
{
    config_rec *c;
    int b;

    CHECK_ARGS(cmd, 1);
    CHECK_CONF(cmd, CONF_ROOT | CONF_VIRTUAL | CONF_GLOBAL);

    if ((b = get_boolean(cmd, 1)) == -1)
	CONF_ERROR(cmd, "expected boolean argument.");
    c = add_config_param("TlsImplicit", 1, (void *) b);
    c->flags |= CF_MERGEDOWN;
    return HANDLED(cmd);
}

MODRET cmd_auth(cmd_rec *cmd)
{
    char *cp;
    
    if (tls_implicit)
	return ERROR_MSG(cmd, R_504, "The AUTH command is not supported on an implicit TLS connection");
    if (cmd->argc < 2)
	return ERROR_MSG(cmd, R_504, "The AUTH command needs at least one argument");

    /* convert to upper case */
    cp = cmd->argv[1];
    while (*cp) {
	*cp = toupper(*cp);
	cp++;
    }
    
    if (!strcmp(cmd->argv[1], "TLS") || !strcmp(cmd->argv[1], "TLS-C")) {
	CHECK_TLS_INIT_ERROR();
	send_response("234", "AUTH TLS successful");
	if (tls_accept(session.c, FALSE)) {
	    /* exit if we fail */
	    send_response_async(R_421,
	        "Failed TLS negotiation on control channel, disconnected");
	    main_exit((void*) LOG_ERR,
		"Failed TLS negotiation on control channel, disconnected.",
		(void*) 0, NULL);
	}
    }
    else if (!strcmp(cmd->argv[1], "SSL") || !strcmp(cmd->argv[1], "TLS-P")) {
	CHECK_TLS_INIT_ERROR();
	send_response("234", "AUTH SSL successful");
	if (tls_accept(session.c, FALSE)) {
	    /* exit if we fail */
	    send_response_async(R_421,
		"Failed TLS negotiation on control channel, disconnected");
	    main_exit((void*) LOG_ERR,
		"Failed TLS negotiation on control channel, disconnected.",
		(void*) 0, NULL);
	}
	tls_on_data = 1;
    }
    else {
	char errmsg[255];
	snprintf(errmsg, sizeof(errmsg), "AUTH %s unsupported", cmd->argv[1]);
	return ERROR_MSG(cmd, R_504, errmsg);
    }
    
    return HANDLED(cmd);
}

static int pbsz_ok = 0;

MODRET cmd_pbsz(cmd_rec *cmd)
{
    if (cmd->argc < 2)
	return ERROR_MSG(cmd, R_501, "PBSZ command needs at least one argument");
    if (!tls_on_ctrl)
	return ERROR_MSG(cmd, R_503, "You can't issue PBSZ on an insecure control connection");

    /* we expect "PBSZ 0" */
    CHECK_TLS_INIT_ERROR();
    if (!strcmp(cmd->argv[1], "0"))
	send_response("200", "PBSZ 0 successful");
    else
	send_response("200", "PBSZ=0 successful");
    pbsz_ok = 1;
    
    return HANDLED(cmd);
}

MODRET cmd_prot(cmd_rec *cmd)
{
    if (cmd->argc < 2)
	return ERROR_MSG(cmd, R_504, "PROT command needs at least one argument");
    if (!pbsz_ok)
	return ERROR_MSG(cmd, R_503, "You must issue the PBSZ command prior to PROT");

    /* only PROT C or PROT P is valid in respect to SSL/TLS */
    if (!strcmp(cmd->argv[1], "C")) {
	CHECK_TLS_INIT_ERROR();
	send_response("200", "Protection set to Clear");
	tls_on_data = 0;
    }
    else if (!strcmp(cmd->argv[1], "P")) {
	CHECK_TLS_INIT_ERROR();
	send_response("200", "Protection set to Private");
	tls_on_data = 1;
    }
    else if (!strcmp(cmd->argv[1], "S") || !strcmp(cmd->argv[1], "E")) {
	char errmsg[255];
	snprintf(errmsg, sizeof(errmsg), "PROT %s unsupported", cmd->argv[1]);
	return ERROR_MSG(cmd, R_536, errmsg);
    }
    else {
	char errmsg[255];
	snprintf(errmsg, sizeof(errmsg), "PROT %s unsupported", cmd->argv[1]);
	return ERROR_MSG(cmd, R_504, errmsg);
    }
    
    return HANDLED(cmd);
}

/* There are three tables which act as the "glue" between proftpd and
 * a module.  None of the tables are _required_ (however having none would
 * make the module fairly useless).
 */

/* The first table is the "configuration directive" table.  It specifies
 * handler routines in the module which will be used during configuration
 * file parsing.
 */

static conftable mod_tls_config[] = {
    { "TlsRsaCertFile",		set_rsacertfile,     	NULL },
    { "TlsRsaKeyFile",		set_rsakeyfile,      	NULL },
    { "TlsDsaCertFile",		set_dsacertfile,     	NULL },
    { "TlsDsaKeyFile",		set_dsakeyfile,      	NULL },
    { "TlsCrlFile",		set_crlfile,         	NULL },
    { "TlsDhParamFile",		set_dhparamfile,     	NULL },
    { "TlsCipherList",		set_cipherlist,      	NULL },
    { "TlsCertsOk",		set_no_verify,	     	NULL },
    { "TlsDontRequestCert",	set_dont_request_cert,	NULL },
    { "TlsRequired",		set_required,	     	NULL },
    { "TlsImplicit",		set_implicit,	     	NULL },
    { NULL , NULL, NULL}
};

/* Each module can supply up to two initialization routines (via
 * the module structure at the bottom of this file).  The first
 * init function is called immediately after the module is loaded,
 * while the second is called after proftpd is connected to a client,
 * and the main proftpd server (if not in inetd mode) has forked off.
 * The second init function's purpose is to let the module perform
 * any necessary work once a client is connected and proftpd is ready
 * to service the new client.  In inetd mode, the "child init" function
 * will be called immediately after proftpd is loaded, because proftpd
 * is _always_ in "child mode" when run from inetd.  Note that both
 * of these initialization routines are optional.  If you don't need
 * them (or only need one), simply set the function pointer to NULL
 * in the module structure.
 */

static int mod_tls_init()
{
    return 0;
}

#define PROCESS_PARAM_STR(x, y)	{						\
    char *str = (char *) get_param_ptr(CURRENT_CONF, x, FALSE);			\
    if (str) {									\
	if (y)									\
	    free(y);								\
	y = strdup(str);							\
    }										\
}

#define PROCESS_PARAM_INT(x, y) {						\
    long i = get_param_int(CURRENT_CONF, x, FALSE);				\
    if (i != -1)								\
	y = i;									\
}

static int mod_tls_child_init()
{
    PROCESS_PARAM_STR("TlsRsaCertFile", tls_rsa_cert_file);
    PROCESS_PARAM_STR("TlsRsaKeyFile", tls_rsa_key_file);
    PROCESS_PARAM_STR("TlsDsaCertFile", tls_dsa_cert_file);
    PROCESS_PARAM_STR("TlsDsaKeyFile", tls_dsa_key_file);
    PROCESS_PARAM_STR("TlsCrlFile", tls_crl_file);
    PROCESS_PARAM_STR("TlsDhParamFile", tls_dhparam_file);
    PROCESS_PARAM_STR("TlsCipherList", tls_cipher_list);
    PROCESS_PARAM_INT("TlsCertsOk", tls_no_verify);
    PROCESS_PARAM_INT("TlsDontRequestCert", tls_dont_request_cert);
    PROCESS_PARAM_INT("TlsRequired", tls_required);
    PROCESS_PARAM_INT("TlsImplicit", tls_implicit);
    
    return tls_init_error = tls_init();
}

/* command table ...
 * first  : command "type" (see the doc/API for more info)
 *
 * second : command "name", or the actual null-terminated ascii text
 *          sent by a client (in uppercase) for this command.  see
 *          include/ftp.h for macros which define all rfced FTP protocol
 *          commands.  Can also be the special macro C_ANY, which receives
 *          ALL commands.
 *
 * third  : command "group" (used for access control via Limit directives),
 *          this can be either G_DIRS (for commands related to directory
 *          listing), G_READ (for commands related to reading files), 
 *          G_WRITE (for commands related to file writing), or the
 *          special G_NONE for those commands against which the
 *          special <Limit READ|WRITE|DIRS> will not be applied.
 *
 * fourth : function pointer to your handler
 *
 * fifth  : TRUE if the command cannot be used before authentication
 *          (via USER/PASS), otherwise FALSE.
 *
 * sixth  : TRUE if the command can be sent during a file transfer
 *          (note: as of 1.1.5, this is obsolete)
 *
 */

cmdtable mod_tls_commands[] = {
    { CMD,	"AUTH",	G_NONE,	cmd_auth,	FALSE, FALSE },
    { CMD,	"PBSZ",	G_NONE,	cmd_pbsz,	FALSE, FALSE },
    { CMD,	"PROT",	G_NONE,	cmd_prot,	FALSE, FALSE },
    { 0,		NULL }
};

module tls_module = {
    NULL,NULL,		/* Always NULL */
    0x20,		/* API Version 2.0 */
    "tls",
    mod_tls_config,	/* Configuration handler table */
    mod_tls_commands,	/* Command handler table */
    NULL,		/* No authentication handler table */
    mod_tls_init,	/* Initialization function */
    mod_tls_child_init	/* Post-fork "child mode" init */
};




# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD-TLS Default Installation"
# ServerType is either "standalone" or "inetd"
ServerType			standalone
DefaultServer			on

# If you want .message files to work with browsers, you probably
# want to uncomment the next line
#MultilineRFC2228		on

# These are the TLS related options, default values
#TlsRsaCertFile			ftpd-rsa.pem
#TlsRsaKeyFile			ftpd-rsa-key.pem
#TlsDsaCertFile			ftpd-dsa.pem
#TlsDsaKeyFile			ftpd-dsa-key.pem
#TlsCrlFile			ftpd-crl.pem
#TlsDhParamFile			ftpd-dhparam.pem
#TlsCipherList			ALL:!ADH
#TlsRequired			off
# don't verify any peer certificates
#TlsCertsOk			off
# Some ftp clients (e.g. SmartFTP) uses a broken SSL/TLS implementation that
# aborts the SSL/TLS handshake, if the server sends a "CertificateRequest" and
# the client don't have any certificate. This behaviour violates both the SSLv3
# and TLSv1 spec (it's actually old SSLv2 behaviour). To be able to use those
# clients without client certs, you must set the following option to "on".
#TlsDontRequestCert		off
# Set the following to "on" if you want to use implicit SSL/TLS. It's not the
# recommended way do to SSL/TLS ftp, but some user's want it anyway. Remember
# to make proftpd listen to the proper ``ftps'' port also.
#TlsImplicit			off

# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files

Lines 41-46 Link Here

(-)proftpd-1.2.6rc1.orig/src/data.c (+29 lines)
41	#include <sys/uio.h>	41	#include <sys/uio.h>
42	#endif /* HAVE_SYS_UIO_H */	42	#endif /* HAVE_SYS_UIO_H */
43		43
		44	#ifdef TLS
		45	#include <openssl/ssl.h>
		46	#include "tlsutil.h"
		47	#endif
		48
44	/* local macro */	49	/* local macro */
45		50
46	#define MODE_STRING (session.flags & (SF_ASCII\|SF_ASCII_OVERRIDE) ? \	51	#define MODE_STRING (session.flags & (SF_ASCII\|SF_ASCII_OVERRIDE) ? \
Lines 199-204 Link Here
199	*/	204	*/
200	send_response(R_150, "FILE: %s", reason);	205	send_response(R_150, "FILE: %s", reason);
201	}	206	}
		207	#ifdef TLS
		208	/* start TLS handshake if appropriate */
		209	if (tls_on_data)
		210	if (tls_accept(c, TRUE)) {
		211	/* exit if we fail */
		212	send_response_async(R_421,
		213	"Failed TLS negotiation on data channel, disconnected");
		214	main_exit((void*) LOG_ERR,
		215	"Failed TLS negotiation on data channel, disconnected.", (void*) 0,
		216	NULL);
		217	}
		218	#endif
202		219
203	return 0;	220	return 0;
204	}	221	}
Lines 289-294 Link Here
289	send_response(R_150, "FILE: %s", reason);	306	send_response(R_150, "FILE: %s", reason);
290	}	307	}
291		308
		309	#ifdef TLS
		310	/* start TLS handshake if appropriate */
		311	if (tls_on_data)
		312	if (tls_accept(c, TRUE)) {
		313	/* exit if we fail */
		314	send_response_async(R_421,
		315	"Failed TLS negotiation on data channel, disconnected");
		316	main_exit((void*) LOG_ERR,
		317	"Failed TLS negotiation on data channel, disconnected.", (void*) 0,
		318	NULL);
		319	}
		320	#endif
292	inet_close(session.pool,session.d);	321	inet_close(session.pool,session.d);
293	inet_setnonblock(session.pool,session.d);	322	inet_setnonblock(session.pool,session.d);
294	session.d = c;	323	session.d = c;

Lines 27-32 Link Here

(-)proftpd-1.2.6rc1.orig/src/io.c (+34 lines)
27		27
28	#include <signal.h>	28	#include <signal.h>
29		29
		30	#ifdef TLS
		31	#include <openssl/ssl.h>
		32	#include "tlsutil.h"
		33	#endif
		34
30	#ifndef IAC	35	#ifndef IAC
31	#define IAC 255	36	#define IAC 255
32	#endif	37	#endif
Lines 102-107 Link Here
102		107
103	f->fd = fd;	108	f->fd = fd;
104	f->mode = mode;	109	f->mode = mode;
		110	#ifdef TLS
		111	f->tls_session = NULL;
		112	#endif
105		113
106	return f;	114	return f;
107	}	115	}
Lines 116-121 Link Here
116		124
117	res = close(f->fd);	125	res = close(f->fd);
118	f->fd = -1;	126	f->fd = -1;
		127	#ifdef TLS
		128	/* only close the READ IOFILE since they come in pairs with the same SSL */
		129	if (f->mode == IO_READ)
		130	tls_close_session(f->tls_session);
		131	#endif
119		132
120	destroy_pool(f->pool);	133	destroy_pool(f->pool);
121	return res;	134	return res;
Lines 248-253 Link Here
248	tv.tv_sec = ((f->flags & IO_INTR) ? f->restart_secs : 60);	261	tv.tv_sec = ((f->flags & IO_INTR) ? f->restart_secs : 60);
249	tv.tv_usec = 0;	262	tv.tv_usec = 0;
250		263
		264	#ifdef TLS
		265	/* check if there some data "hidden" left in the OpenSSL system */
		266	if (tls_pending(f->tls_session))
		267	res = 1;
		268	else
		269	#endif
251	res = select(f->fd + 1,rfds,wfds,NULL,&tv);	270	res = select(f->fd + 1,rfds,wfds,NULL,&tv);
252	switch(res) {	271	switch(res) {
253	case -1:	272	case -1:
Lines 305-310 Link Here
305	do {	324	do {
306	run_schedule();	325	run_schedule();
307	handle_signals();	326	handle_signals();
		327	#ifdef TLS
		328	if (f->tls_session)
		329	written = tls_write(f->tls_session,buf,size);
		330	else
		331	#endif
308	written = write(f->fd,buf,size);	332	written = write(f->fd,buf,size);
309	} while(written == -1 && errno == EINTR);	333	} while(written == -1 && errno == EINTR);
310	break;	334	break;
Lines 361-366 Link Here
361	while(size) {	385	while(size) {
362	do {	386	do {
363	handle_signals();	387	handle_signals();
		388	#ifdef TLS
		389	if (f->tls_session)
		390	written = tls_write(f->tls_session,buf,size);
		391	else
		392	#endif
364	written = write(f->fd, buf, size);	393	written = write(f->fd, buf, size);
365	} while (written == -1 && errno == EINTR);	394	} while (written == -1 && errno == EINTR);
366		395
Lines 414-419 Link Here
414	do {	443	do {
415	run_schedule();	444	run_schedule();
416	handle_signals();	445	handle_signals();
		446	#ifdef TLS
		447	if (f->tls_session)
		448	bread = tls_read(f->tls_session,buf,size);
		449	else
		450	#endif
417	bread = read(f->fd, buf, size);	451	bread = read(f->fd, buf, size);
418	} while(bread == -1 && errno == EINTR);	452	} while(bread == -1 && errno == EINTR);
419	break;	453	break;

Lines 71-76 Link Here

(-)proftpd-1.2.6rc1.orig/src/main.c (+26 lines)
71		71
72	#include "privs.h"	72	#include "privs.h"
73		73
		74	#ifdef TLS
		75	#include <openssl/ssl.h>
		76	#include "tlsutil.h"
		77	#endif
		78
74	/* From mod_core.c	79	/* From mod_core.c
75	*/	80	*/
76	extern int core_display_file(const char numeric, const char fn, const char *fs);	81	extern int core_display_file(const char numeric, const char fn, const char *fs);
Lines 647-652 Link Here
647	void end_login(int exitcode)	652	void end_login(int exitcode)
648	{	653	{
649	end_login_noexit();	654	end_login_noexit();
		655	#ifdef TLS
		656	if (session.c)
		657	tls_close_session(session.c->inf->tls_session);
		658	if (is_master)
		659	tls_cleanup();
		660	#endif
650	_exit(exitcode);	661	_exit(exitcode);
651	}	662	}
652		663
Lines 1593-1598 Link Here
1593	inet_ntoa(*session.c->remote_ipaddr),	1604	inet_ntoa(*session.c->remote_ipaddr),
1594	session.c->remote_port);	1605	session.c->remote_port);
1595		1606
		1607	#ifdef TLS
		1608	/* start TLS handshake if we use implicit TLS */
		1609	if (tls_implicit) {
		1610	if (tls_accept(conn, FALSE)) {
		1611	/* exit if we fail */
		1612	send_response_async(R_421,
		1613	"Failed TLS negotiation on control channel, disconnected");
		1614	main_exit((void*) LOG_ERR,
		1615	"Failed TLS negotiation on control channel, disconnected.",
		1616	(void*) 0, NULL);
		1617	} else
		1618	tls_on_data = 1;
		1619	}
		1620	#endif
		1621
1596	/* xfer_set_data_port(conn->local_ipaddr,conn->local_port-1); */	1622	/* xfer_set_data_port(conn->local_ipaddr,conn->local_port-1); */
1597	cmd_loop(serv,conn);	1623	cmd_loop(serv,conn);
1598	}	1624	}




/*
 * Copyright (c) 1999 - 2002 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *   o  Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *   o  Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *   o  The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef lint
static char copyright[] =
"@(#) Copyright (c) Peter 'Luna' Runestig 1999 - 2002 <peter@runestig.com>.\n";
#endif /* not lint */

/* ProFTPD special includes */
#include "conf.h"
#include <privs.h>

#include <string.h>
#include <errno.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/poll.h>
#include <openssl/ssl.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "tls_dh.h"
#include "io.h"
#include "inet.h"

#if OPENSSL_VERSION_NUMBER < 0x00905100
/* ASN1_BIT_STRING_cmp was renamed in 0.9.5 */
#define M_ASN1_BIT_STRING_cmp ASN1_BIT_STRING_cmp
#endif

#define DEFRSACERTFILE		"ftpd-rsa.pem"
#define DEFRSAKEYFILE		"ftpd-rsa-key.pem" 
#define DEFDSACERTFILE		"ftpd-dsa.pem"
#define DEFDSAKEYFILE		"ftpd-dsa-key.pem" 
#define DEFCRLFILE		"ftpd-crl.pem"
#define DEFDHPARAMFILE		"ftpd-dhparam.pem"
#define DEFAULTCIPHERLIST       "ALL:!ADH"

/* define if you want to check for OpenSSL-related memory leaks */
/*#define DEBUG_OPENSSL_MEM*/

int x509_to_user(X509 *peer_cert, char *userid, int len);
static char *file_fullpath(char *fn);

int	tls_on_ctrl = 0;
int	tls_on_data = 0;
int 	tls_implicit = 0;
int	tls_init_error = 0;
int	tls_no_verify = 0;
int	tls_dont_request_cert = 0;
int	tls_required = 0;
char 	*tls_rsa_key_file = NULL;
char	*tls_rsa_cert_file = NULL;
char 	*tls_dsa_key_file = NULL;
char	*tls_dsa_cert_file = NULL;
char	*tls_crl_file = NULL;
char	*tls_crl_dir = NULL;
char	*tls_dhparam_file = NULL;
char	*tls_rand_file = NULL;
char	*tls_cipher_list = NULL;
static SSL *first_ssl = NULL;
static SSL_CTX	*ssl_ctx = NULL;
static X509_STORE *crl_store = NULL;
static DH *tmp_dh = NULL;
static RSA *tmp_rsa = NULL;

/* we need this so we don't mix static and malloc'ed strings */
void tls_set_file_defaults(void)
{
    if (!tls_rsa_key_file)
    	tls_rsa_key_file = strdup(DEFRSAKEYFILE);
    if (!tls_rsa_cert_file)
    	tls_rsa_cert_file = strdup(DEFRSACERTFILE);
    if (!tls_dsa_key_file)
    	tls_dsa_key_file = strdup(DEFDSAKEYFILE);
    if (!tls_dsa_cert_file)
    	tls_dsa_cert_file = strdup(DEFDSACERTFILE);
    if (!tls_crl_file)
    	tls_crl_file = strdup(DEFCRLFILE);
    if (!tls_crl_dir && (tls_crl_dir = malloc(strlen(X509_get_default_cert_area()) + 5)))
    	sprintf(tls_crl_dir, "%s/crl", X509_get_default_cert_area());
    if (!tls_dhparam_file)
    	tls_dhparam_file = strdup(DEFDHPARAMFILE);
    if (!tls_cipher_list)
    	tls_cipher_list = strdup(DEFAULTCIPHERLIST);
}

/* if we are using OpenSSL 0.9.6 or newer, we want to use X509_NAME_print_ex()
 * instead of X509_NAME_oneline().
 */
static char *x509_name_oneline(X509_NAME *n, char *buf, int len)
{
#if OPENSSL_VERSION_NUMBER < 0x000906000
    return X509_NAME_oneline(n, buf, len);
#else
    BIO *mem = BIO_new(BIO_s_mem());
    char *data = NULL;
    int data_len = 0, ok;
    
    ok = X509_NAME_print_ex(mem, n, 0, XN_FLAG_ONELINE);
    if (ok)
	data_len = BIO_get_mem_data(mem, &data);
    if (data) {
	/* the 'data' returned is not '\0' terminated */
	if (buf) {
	    memcpy(buf, data, data_len < len ? data_len : len);
	    buf[data_len < len ? data_len : len - 1] = 0;
	    BIO_free(mem);
	    return buf;
	} else {
	    char *b = malloc(data_len + 1);
	    if (b) {
		memcpy(b, data, data_len);
		b[data_len] = 0;
	    }
	    BIO_free(mem);
	    return b;
	}
    } else {
	BIO_free(mem);
	return NULL;
    }
#endif /* OPENSSL_VERSION_NUMBER >= 0x000906000 */
}

char *tls_get_subject_name()
{
    static char name[256];
    X509 *cert;

    if ((cert = SSL_get_peer_certificate(first_ssl))) {
	x509_name_oneline(X509_get_subject_name(cert), name, sizeof(name));
	X509_free(cert);
	return name;
    } else
	return NULL;
}

static DH *tmp_dh_cb(SSL *ssl, int is_export, int keylength)
{
    FILE *fp;

    if (!tmp_dh) {
    	/* first try any 'tls_dhparam_file', else use built-in dh params */
    	if (tls_dhparam_file && (fp = fopen(tls_dhparam_file, "r"))) {
	    tmp_dh = PEM_read_DHparams(fp, NULL, NULL, NULL);
	    fclose(fp);
	    if (tmp_dh)
	    	return tmp_dh;
	}
	switch (keylength) {
	    case 512:	return tmp_dh = get_dh512();
	    case 768:	return tmp_dh = get_dh768();
	    case 1024:	return tmp_dh = get_dh1024();
	    case 1536:	return tmp_dh = get_dh1536();
	    case 2048:	return tmp_dh = get_dh2048();
	    default:	return tmp_dh = get_dh1024();
	}
    }
    else
    	return tmp_dh;
}

static RSA *tmp_rsa_cb(SSL *ssl, int is_export, int keylength)
{
    if (!tmp_rsa)
	tmp_rsa = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
    return tmp_rsa;
}

/* check_file() expands 'file' to an existing full path or NULL if not found */
static void check_file(char **file)
{
    char *p;
    
    if (*file) {
    	p = file_fullpath(*file);
	if (p == *file)	/* same pointer returned from file_fullpath() */
	    return;
	free(*file);
	if (p) {
	    *file = malloc(strlen(p) + 1);
	    strcpy(*file, p);
	}
	else
	    *file = NULL;
    }
}

/* this one is (very much!) based on work by Ralf S. Engelschall <rse@engelschall.com>.
 * comments by Ralf.
 */
static int verify_crl(int ok, X509_STORE_CTX *ctx)
{
    X509_OBJECT obj;
    X509_NAME *subject;
    X509_NAME *issuer;
    X509 *xs;
    X509_CRL *crl;
    X509_REVOKED *revoked;
    X509_STORE_CTX store_ctx;
    long serial;
    int i, n, rc;
    char *cp;

    /*
     * Unless a revocation store for CRLs was created we
     * cannot do any CRL-based verification, of course.
     */
    if (!crl_store)
        return ok;

    /*
     * Determine certificate ingredients in advance
     */
    xs      = X509_STORE_CTX_get_current_cert(ctx);
    subject = X509_get_subject_name(xs);
    issuer  = X509_get_issuer_name(xs);

    /*
     * OpenSSL provides the general mechanism to deal with CRLs but does not
     * use them automatically when verifying certificates, so we do it
     * explicitly here. We will check the CRL for the currently checked
     * certificate, if there is such a CRL in the store.
     *
     * We come through this procedure for each certificate in the certificate
     * chain, starting with the root-CA's certificate. At each step we've to
     * both verify the signature on the CRL (to make sure it's a valid CRL)
     * and it's revocation list (to make sure the current certificate isn't
     * revoked).  But because to check the signature on the CRL we need the
     * public key of the issuing CA certificate (which was already processed
     * one round before), we've a little problem. But we can both solve it and
     * at the same time optimize the processing by using the following
     * verification scheme (idea and code snippets borrowed from the GLOBUS
     * project):
     *
     * 1. We'll check the signature of a CRL in each step when we find a CRL
     *    through the _subject_ name of the current certificate. This CRL
     *    itself will be needed the first time in the next round, of course.
     *    But we do the signature processing one round before this where the
     *    public key of the CA is available.
     *
     * 2. We'll check the revocation list of a CRL in each step when
     *    we find a CRL through the _issuer_ name of the current certificate.
     *    This CRLs signature was then already verified one round before.
     *
     * This verification scheme allows a CA to revoke its own certificate as
     * well, of course.
     */

    /*
     * Try to retrieve a CRL corresponding to the _subject_ of
     * the current certificate in order to verify it's integrity.
     */
    memset((char *)&obj, 0, sizeof(obj));
    X509_STORE_CTX_init(&store_ctx, crl_store, NULL, NULL);
    rc = X509_STORE_get_by_subject(&store_ctx, X509_LU_CRL, subject, &obj);
    X509_STORE_CTX_cleanup(&store_ctx);
    crl = obj.data.crl;
    if (rc > 0 && crl != NULL) {
        /*
         * Verify the signature on this CRL
         */
        if (X509_CRL_verify(crl, X509_get_pubkey(xs)) <= 0) {
            log_pri(LOG_ERR, "Invalid signature on CRL!");
            X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE);
            X509_OBJECT_free_contents(&obj);
            return 0;
        }

        /*
         * Check date of CRL to make sure it's not expired
         */
        i = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
        if (i == 0) {
            log_pri(LOG_ERR, "Found CRL has invalid nextUpdate field.");
            X509_STORE_CTX_set_error(ctx, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
            X509_OBJECT_free_contents(&obj);
            return 0;
        }
        if (i < 0) {
            log_pri(LOG_ERR, "Found CRL is expired - revoking all certificates until you get updated CRL.");
            X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_HAS_EXPIRED);
            X509_OBJECT_free_contents(&obj);
            return 0;
        }
        X509_OBJECT_free_contents(&obj);
    }

    /*
     * Try to retrieve a CRL corresponding to the _issuer_ of
     * the current certificate in order to check for revocation.
     */
    memset((char *)&obj, 0, sizeof(obj));
    X509_STORE_CTX_init(&store_ctx, crl_store, NULL, NULL);
    rc = X509_STORE_get_by_subject(&store_ctx, X509_LU_CRL, issuer, &obj);
    X509_STORE_CTX_cleanup(&store_ctx);
    crl = obj.data.crl;
    if (rc > 0 && crl != NULL) {
        /*
         * Check if the current certificate is revoked by this CRL
         */
        n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
        for (i = 0; i < n; i++) {
            revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
            if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(xs)) == 0) {

                serial = ASN1_INTEGER_get(revoked->serialNumber);
                cp = x509_name_oneline(issuer, NULL, 0);
                log_pri(LOG_ERR, "Certificate with serial %ld (0x%lX) revoked per CRL from issuer %s",
                        serial, serial, cp ? cp : "(ERROR)");
                if (cp) free(cp);

                X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
                X509_OBJECT_free_contents(&obj);
                return 0;
            }
        }
        X509_OBJECT_free_contents(&obj);
    }
    return ok;
}

static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
    /* TODO: Make up my mind on what to accept or not.*/
    /* we can configure the server to skip the peer's cert verification */
    if (tls_no_verify)
    	return 1;

    ok = verify_crl(ok, ctx);
    if (!ok) {
    	switch (ctx->error) {
	    case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
	    	log_pri(LOG_ERR, "Error: Client's certificate is self signed.");
		ok = 0;
		break;
	    case X509_V_ERR_CERT_HAS_EXPIRED:
	    	log_pri(LOG_ERR, "Error: Client's certificate has expired.");
		ok = 0;
		break;
	    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
	    	log_pri(LOG_ERR, "Error: Client's certificate issuer's certificate isn't available locally.");
		ok = 0;
		break;
	    case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
	    	log_pri(LOG_ERR, "Error: Unable to verify leaf signature.");
		ok = 0;
		break;
	    case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
		/* XXX this is strange. we get this error for certain clients (ie Jeff's kftp) when
		 * all is ok. I think it's because the client is actually sending the whole CA
		 * cert. this must be figured out, but we let it pass for now. if the CA cert isn't
		 * available locally, we will fail anyway.
		 */
	    	log_pri(LOG_NOTICE, "Warning: Self signed certificate in chain.");
		ok = 1;
		break;
	    case X509_V_ERR_CERT_REVOKED:
	    	log_pri(LOG_ERR, "Error: Certificate revoked.");
		ok = 0;
		break;
	    default:
	    	log_pri(LOG_ERR,
		    "Error %d while verifying the client's certificate.", ctx->error);
		ok = 0;
	    	break;
	}
    }
    return ok;
}

static int seed_PRNG(void)
{
    char stackdata[1024];
    static char rand_file[300];
    FILE *fh;
    
#if OPENSSL_VERSION_NUMBER >= 0x00905100
    if (RAND_status())
	return 0;     /* PRNG already good seeded */
#endif
    /* if the device '/dev/urandom' is present, OpenSSL uses it by default.
     * check if it's present, else we have to make random data ourselfs.
     */
    if ((fh = fopen("/dev/urandom", "r"))) {
	fclose(fh);
	return 0;
    }
    /* the ftpd's rand file is (openssl-dir)/.rnd */
    sprintf(rand_file, "%s/.rnd", X509_get_default_cert_area());
    tls_rand_file = rand_file;
    if (!RAND_load_file(rand_file, 1024)) {
	/* no .rnd file found, create new seed */
	unsigned int c;
	c = time(NULL);
	RAND_seed(&c, sizeof(c));
	c = getpid();
	RAND_seed(&c, sizeof(c));
	RAND_seed(stackdata, sizeof(stackdata));
    }
#if OPENSSL_VERSION_NUMBER >= 0x00905100
    if (!RAND_status())
	return 2;   /* PRNG still badly seeded */
#endif
    return 0;
}

int tls_init(void)
{
    int err;
	
#ifdef DEBUG_OPENSSL_MEM
    CRYPTO_malloc_debug_init();
    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif /* DEBUG_OPENSSL_MEM */
    SSL_load_error_strings();
    SSL_library_init();
#ifdef ZLIB
    {
	COMP_METHOD *cm = COMP_zlib();
	if (cm != NULL && cm->type != NID_undef) {
	    SSL_COMP_add_compression_method(0xe0, cm); /* Eric Young's ZLIB ID */
	}
    }
#endif /* ZLIB */
    ssl_ctx = SSL_CTX_new(SSLv23_method());
    if (!ssl_ctx) {
	log_pri(LOG_ERR, "SSL_CTX_new() %s",
		(char *)ERR_error_string(ERR_get_error(), NULL));
	return 1;
    }
    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
    if (!tls_dont_request_cert)
	SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, verify_callback);
    SSL_CTX_set_default_verify_paths(ssl_ctx);
    /* set up session caching  */
    SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_SERVER);
    SSL_CTX_set_session_id_context(ssl_ctx, "1", 1);

    /* let's find out which files are available */
    tls_set_file_defaults();
#ifdef PRIVS_ROOT
    PRIVS_ROOT	/* ProFTPD must regain root privs here to read the key file(s) */
#endif
    check_file(&tls_rsa_cert_file);
    check_file(&tls_rsa_key_file);
    check_file(&tls_dsa_cert_file);
    check_file(&tls_dsa_key_file);
    check_file(&tls_crl_file);
    check_file(&tls_dhparam_file);
    if (!tls_rsa_cert_file && !tls_dsa_cert_file) {
    	log_pri(LOG_ERR, "No certificate files found!");
	return 2;
    }
    if (!tls_rsa_key_file)
    	tls_rsa_key_file = tls_rsa_cert_file;
    if (!tls_dsa_key_file)
    	tls_dsa_key_file = tls_dsa_cert_file;
    
    if (tls_rsa_cert_file) {
	err = SSL_CTX_use_certificate_file(ssl_ctx, tls_rsa_cert_file, X509_FILETYPE_PEM);
	if (err <= 0) {
	    log_pri(LOG_ERR, "SSL_CTX_use_certificate_file(%s) %s", tls_rsa_cert_file,
		(char *)ERR_error_string(ERR_get_error(), NULL));
	    return 3;
	}
	SSL_CTX_set_tmp_rsa_callback(ssl_ctx, tmp_rsa_cb);
    }
    if (tls_rsa_key_file) {
	err = SSL_CTX_use_PrivateKey_file(ssl_ctx, tls_rsa_key_file, X509_FILETYPE_PEM);
	if (err <= 0) {
	    log_pri(LOG_ERR, "SSL_CTX_use_PrivateKey_file(%s) %s", tls_rsa_key_file,
	    	(char *)ERR_error_string(ERR_get_error(), NULL));
	    return 4;
	}
    }
    if (tls_dsa_cert_file) {
	err = SSL_CTX_use_certificate_file(ssl_ctx, tls_dsa_cert_file, X509_FILETYPE_PEM);
	if (err <= 0) {
	    log_pri(LOG_ERR, "SSL_CTX_use_certificate_file(%s) %s", tls_dsa_cert_file,
		(char *)ERR_error_string(ERR_get_error(), NULL));
	    return 5;
	}
    }
    if (tls_dsa_key_file) {
	err = SSL_CTX_use_PrivateKey_file(ssl_ctx, tls_dsa_key_file, X509_FILETYPE_PEM);
	if (err <= 0) {
	    log_pri(LOG_ERR, "SSL_CTX_use_PrivateKey_file(%s) %s", tls_dsa_key_file,
	    	(char *)ERR_error_string(ERR_get_error(), NULL));
	    return 6;
	}
    }
#ifdef PRIVS_RELINQUISH
    PRIVS_RELINQUISH	/* ProFTPD dropping root privs again */
#endif

    SSL_CTX_set_tmp_dh_callback(ssl_ctx, tmp_dh_cb);

    /* set up the CRL */
    if ((tls_crl_file || tls_crl_dir) && (crl_store = X509_STORE_new()))
	X509_STORE_load_locations(crl_store, tls_crl_file, tls_crl_dir);

    if (tls_cipher_list)
	SSL_CTX_set_cipher_list(ssl_ctx, tls_cipher_list);
    else
	log_pri(LOG_NOTICE, "NULL tls_cipher_list!");
    if (seed_PRNG())
	log_pri(LOG_NOTICE, "Wasn't able to properly seed the PRNG!");
    return 0;
}

char *tls_userid_from_client_cert()
{
    static char cn[256];
    static char *r = cn;
    static int again = 0;
    int err;
    X509 *client_cert;

    if (!tls_on_ctrl || !first_ssl)
    	return NULL;
    if (again)
    	return r;
    again = 1;
    if ((client_cert = SSL_get_peer_certificate(first_ssl))) {
    	/* call the custom function */
	err = x509_to_user(client_cert, cn, sizeof(cn));
	X509_free(client_cert);
	if (err)
	    return r = NULL;
	else
	    return r;
    }
    else
	return r = NULL;
}

int tls_is_user_valid(char *user)
/* check if clients cert is in "user"'s ~/.tlslogin file */
{
    char buf[512];
    int r = 0;
    FILE *fp = NULL;
    X509 *client_cert = NULL, *file_cert;
    struct passwd *pwd;

    if (!tls_on_ctrl || !first_ssl || !user)
	return 0;
#ifdef PRIVS_ROOT
    PRIVS_ROOT	/* ProFTPD must regain root privs here to read the .tlslogin file */
#endif
    if (!(pwd = getpwnam(user)))
    	goto cleanup;
    snprintf(buf, sizeof(buf), "%s/.tlslogin", pwd->pw_dir);
    if (!(fp = fopen(buf, "r")))
    	goto cleanup;
    if (!(client_cert = SSL_get_peer_certificate(first_ssl)))
    	goto cleanup;
    while ((file_cert = PEM_read_X509(fp, NULL, NULL, NULL))) {
	if (!M_ASN1_BIT_STRING_cmp(client_cert->signature, file_cert->signature))
	    r = 1;
	X509_free(file_cert);
	if (r) break;
    }
  cleanup:
    if (client_cert)
	X509_free(client_cert);
    if (fp)
	fclose(fp);
#ifdef PRIVS_RELINQUISH
    PRIVS_RELINQUISH	/* ProFTPD dropping root privs again */
#endif
    return r;
}

void tls_close_session(SSL *ssl)
{
    if (!ssl)
	return;
    SSL_shutdown(ssl);
    SSL_free(ssl);
}

int tls_accept(conn_t *conn, int data_connection)
{
    int err;
    SSL *ssl;
    static int logged_data_connection = 0;

    if (!ssl_ctx) {
	log_pri(LOG_ERR, "tls_accept() called when ssl_ctx == NULL!");
	return 1;
    }
    ssl = SSL_new(ssl_ctx);
    if (!ssl) {
	log_pri(LOG_ERR, "SSL_new() %s", (char *)ERR_error_string(ERR_get_error(), NULL));
	return 2;
    }

    if (!first_ssl)
	first_ssl = ssl;
    SSL_set_fd(ssl, conn->rfd); /* it works with either rfd or wfd (I hope ;-) */
    
  retry:
    err = SSL_accept(ssl);
    if (err < 1) {
	int ssl_err = SSL_get_error(ssl, err);
	if (ssl_err == SSL_ERROR_WANT_READ || ssl_err == SSL_ERROR_WANT_WRITE)
	    goto retry;
	log_pri(LOG_ERR, "SSL_accept(): (%d) %s", ssl_err,
		(char *)ERR_error_string(ERR_get_error(), NULL));
	tls_close_session(ssl);
	return 3;
    }
    conn->inf->tls_session = conn->outf->tls_session = ssl;
    tls_on_ctrl = 1;
    
    if (data_connection) {
	/* only log first TLS data connection, otherwise there might be lots of logging */
	if (!logged_data_connection) {
	    log_pri(LOG_NOTICE, "TLS data connection using cipher %s (%d bits)",
		    SSL_get_cipher(ssl), SSL_get_cipher_bits(ssl, NULL));
	    logged_data_connection = 1;
	}
    } else {
	char *subject = tls_get_subject_name();
	log_pri(LOG_NOTICE, "TLS connection using cipher %s (%d bits)",
		SSL_get_cipher(ssl), SSL_get_cipher_bits(ssl, NULL));
	if (subject)
	    log_pri(LOG_NOTICE, "Client: %s", subject);
    }
    return 0;
}

void tls_cleanup(void)
{
    if (crl_store) {
    	X509_STORE_free(crl_store);
	crl_store = NULL;
    }
    if (ssl_ctx) {
	SSL_CTX_free(ssl_ctx);
	ssl_ctx = NULL;
    }
    if (tmp_dh) {
	DH_free(tmp_dh);
	tmp_dh = NULL;
    }
    if (tmp_rsa) {
	RSA_free(tmp_rsa);
	tmp_rsa = NULL;
    }
    ERR_free_strings();
    ERR_remove_state(0);
    EVP_cleanup();	/* release the stuff allocated by SSL_library_init() */
    if (tls_rsa_key_file) {
    	if (tls_rsa_key_file != tls_rsa_cert_file)
	    free(tls_rsa_key_file);
	tls_rsa_key_file = NULL;
    }
    if (tls_rsa_cert_file) {
    	free(tls_rsa_cert_file);
	tls_rsa_cert_file = NULL;
    }
    if (tls_dsa_key_file) {
    	if (tls_dsa_key_file != tls_dsa_cert_file)
	    free(tls_dsa_key_file);
	tls_dsa_key_file = NULL;
    }
    if (tls_dsa_cert_file) {
    	free(tls_dsa_cert_file);
	tls_dsa_cert_file = NULL;
    }
    if (tls_dhparam_file) {
    	free(tls_dhparam_file);
	tls_dhparam_file = NULL;
    }
    if (tls_crl_file) {
    	free(tls_crl_file);
	tls_crl_file = NULL;
    }
    if (tls_crl_dir) {
    	free(tls_crl_dir);
	tls_crl_dir = NULL;
    }
    if (tls_cipher_list) {
    	free(tls_cipher_list);
	tls_cipher_list = NULL;
    }
    if (tls_rand_file)
	/* tls_rand_file is not malloc()'ed */
	RAND_write_file(tls_rand_file);
#ifdef DEBUG_OPENSSL_MEM
    {
    char fname[] = "/tmp/proftpd_memleak_XXXXXX";
    int fd;
    if ((fd = mkstemp(fname)) != -1) {
    	FILE *f = fdopen(fd, "w");
        if (f) {
	    CRYPTO_mem_leaks_fp(f);
	    fclose(f);
	}
    }
    }
#endif /* DEBUG_OPENSSL_MEM */
}

static void handle_ssl_error(int error, int line)
{
    switch (error) {
    	case SSL_ERROR_NONE:
	    return;
	case SSL_ERROR_SSL:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_SSL on line %d!", line);
	    break;
	case SSL_ERROR_WANT_READ:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_WANT_READ on line %d!", line);
	    break;
	case SSL_ERROR_WANT_WRITE:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_WANT_WRITE on line %d!", line);
	    break;
	case SSL_ERROR_WANT_X509_LOOKUP:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_WANT_X509_LOOKUP on line %d!", line);
	    break;
	case SSL_ERROR_SYSCALL:
	    /* ProFTPD is sloppy in checking the return value/errno status from
	     * read()/write(), so we must double-check here so we don't generate
	     * unnecessary fuzz...
	     */
	    if (errno == ECONNRESET) /* peer hung up */
		return;
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_SYSCALL on line %d!", line);
	    break;
	case SSL_ERROR_ZERO_RETURN:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_ZERO_RETURN on line %d!", line);
	    break;
	case SSL_ERROR_WANT_CONNECT:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR_WANT_CONNECT on line %d!", line);
	    break;
	default:
	    log_pri(LOG_ERR, "Panic: SSL_ERROR %d on line %d!", error, line);
	    break;
    }
    /* if we reply something here, we might just trigger another handle_ssl_error()
     * call and loop endlessly...
     */
    main_exit((void*) LOG_ERR,
	      "Unexpected OpenSSL error, disconnected.", (void*) 0, NULL);
    /* NOTREACHED */
}

static int select_read(int rfd)
/* timeout = 20 seconds */
{
    fd_set rfds;
    struct timeval tv;

    FD_ZERO(&rfds);
    FD_SET(rfd, &rfds);
    tv.tv_sec = 20;
    tv.tv_usec = 0;
    return select(rfd + 1, &rfds, NULL, NULL, &tv);
}

ssize_t tls_read(SSL *ssl, void *buf, size_t count)
{
    ssize_t c;

  retry:
    c = SSL_read(ssl, buf, count);
    if (c < 0) {
	int err = SSL_get_error(ssl, c);
	/* read(2) returns only the generic error number -1 */
	c = -1;
	switch (err) {
	    case SSL_ERROR_WANT_READ:
		/* OpenSSL needs more data from the wire to finish the current block,
		 * so we wait a little while for it. */
		err = select_read(SSL_get_fd(ssl));
		if (err > 0)
		    goto retry;
		else if (err == 0)
		    /* still missing data after timeout. simulate an EINTR and return. */
		    errno = EINTR;
		/* if err < 0, i.e. some error from the select(), everything is already
		 * in place; errno is properly set and this function returns -1. */
		break;
	    default:
		handle_ssl_error(err, __LINE__);
		break;
	}
    }
    return c;
}

ssize_t tls_write(SSL *ssl, const void *buf, size_t count)
{
    ssize_t c;

    c = SSL_write(ssl, buf, count);
    if (c < 0) {
	int err = SSL_get_error(ssl, c);
	/* write(2) returns only the generic error number -1 */
	c = -1;
	switch (err) {
	    case SSL_ERROR_WANT_WRITE:
		/* simulate an EINTR in case OpenSSL wants to write more */
		errno = EINTR;
		break;
	    default:
		handle_ssl_error(err, __LINE__);
		break;
	}
    }
    return c;
}

int tls_pending(SSL *ssl)
{
    if (ssl)
        return SSL_pending(ssl);
    else 
        return 0;
}

char *file_fullpath(char *fn)
{
    static char fp[256];
    FILE *file;
    char *dir;
    
    /* check if it is a full path already */
    if (strchr(fn, '/')) {
	if ((file = fopen(fn, "r"))) {
	    fclose(file);
	    return fn;
	}
	else
	    return NULL;
    }
    /* check if it is in current dir */
    if ((file = fopen(fn, "r"))) {
    	fclose(file);
	return fn;
    }
    if (!(dir = getenv(X509_get_default_cert_dir_env())))	/* $SSL_CERT_DIR */
    	dir = (char *)X509_get_default_cert_dir();
    snprintf(fp, sizeof(fp), "%s/%s", dir, fn);
    if ((file = fopen(fp, "r"))) {
    	fclose(file);
	return fp;
    }
    dir = (char *)X509_get_default_private_dir();
    snprintf(fp, sizeof(fp), "%s/%s", dir, fn);
    if ((file = fopen(fp, "r"))) {
    	fclose(file);
	return fp;
    }
    return NULL;
}




/*
 * Copyright (c) 1999, 2000 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *   o  Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *   o  Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *   o  The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <openssl/ssl.h>

/* x509_to_user() returns 0 if valid userid in 'userid', else 1 */
int x509_to_user(X509 *peer_cert, char *userid, int len)
{

    if (!(peer_cert && userid))
    	return 1;

    /* TODO: insert cert => userid translation code here */
	
    return 1;
}




/*
 * Copyright (c) 1999, 2000 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *   o  Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *   o  Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *   o  The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <openssl/ssl.h>

/* sample that returns a userid in cert's subj UID */
/* x509_to_user() returns 0 if valid userid in 'userid', else 1 */
int x509_to_user(X509 *peer_cert, char *userid, int len)
{
    int err;
    
    if (!(peer_cert && userid))
    	return 1;

    /* userid is in cert subject /UID */
    err = X509_NAME_get_text_by_NID(X509_get_subject_name(peer_cert),
		NID_uniqueIdentifier, userid, len);
    if (err > 0)
    	return 0;
    else
	return 1;
}




/*
 * Copyright (c) 1999, 2000 Peter 'Luna' Runestig <peter@runestig.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modifi-
 * cation, are permitted provided that the following conditions are met:
 *
 *   o  Redistributions of source code must retain the above copyright notice,
 *      this list of conditions and the following disclaimer.
 *
 *   o  Redistributions in binary form must reproduce the above copyright no-
 *      tice, this list of conditions and the following disclaimer in the do-
 *      cumentation and/or other materials provided with the distribution.
 *
 *   o  The names of the contributors may not be used to endorse or promote
 *      products derived from this software without specific prior written
 *      permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
 * ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
 * TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
 * ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
 * LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <openssl/ssl.h>

/* sample that uses SafeGossip's "Certificate Mapping Server"  */

char *trim(char *s)
{
	while (isspace(*s))
		memmove(s, s + 1, strlen(s + 1) + 1);
	while (isspace(s[strlen(s) - 1]))
		s[strlen(s) - 1] = 0;
	return s;
}

/* x509_to_user() returns 0 if valid userid in 'userid', else 1 */
int x509_to_user(X509 *peer_cert, char *userid, int len)
{
    int pin[2], pout[2], err;
    FILE *pfp;
    pid_t pid;
    fd_set rfds;
    struct timeval tv;
    
    if (!(peer_cert && userid))
    	return 1;

    /* '/usr/sbin/authcert' reads a cert from stdin and writes the userid to stdout. */
    if (pipe(pin))
    	return 1;
    if (pipe(pout))
    	return 1;
    pid = fork();
    if (pid == -1)
    	return 1;
    else if (pid == 0) {
    	/* child */
	dup2(pin[0], 0);
	close(pin[0]); close(pin[1]);
	dup2(pout[1], 1);
	execl("/usr/sbin/authcert", "authcert", NULL);
	/* normally not reached */
	exit(2);
    }

    /* write PEM-formatted cert to subprocess' stdin */
    if (!(pfp = fdopen(pin[1], "w")))
    	return 1;
    PEM_write_X509(pfp, peer_cert);
    fclose(pfp);
    close(pin[0]);
    
    /* wait for userid from pout[0] */
    FD_ZERO(&rfds);
    FD_SET(pout[0], &rfds);
    tv.tv_sec = 20;
    tv.tv_usec = 0;
    err = select(FD_SETSIZE, &rfds, NULL, NULL, &tv);
    
    if (err < 1) {
    	close(pout[0]); close(pout[1]);
    	return 1;
    }
    err = read(pout[0], userid, len - 1);
    close(pout[0]); close(pout[1]);
    if (err) {
    	userid[err] = 0;
	trim(userid);
	return 0;
    }
    else
    	return 1;
}

Return to bug 6898

Line 0 Link Here

(-)proftpd-1.2.6rc1.orig/README.TLS (+147 lines)
		1	TLS patch for proftpd-1.2.5 together with OpenSSL >= 0.9.4, based on the
		2	"draft-murray-auth-ftp-ssl-09.txt" IETF draft.
		3	Copyright (c) 2000 Peter 'Luna' Runestig <peter@runestig.com>
		4	The verify_crl() function by Ralf S. Engelschall <rse@engelschall.com>
		5	This product includes software developed by the OpenSSL Project
		6	for use in the OpenSSL Toolkit. (http://www.openssl.org/)
		7	This product includes cryptographic software written by
		8	Eric Young (eay@cryptsoft.com)
		9
		10	Patching:
		11	$ tar xzf proftpd-1.2.5.tar.gz
		12	$ cd proftpd-1.2.5
		13	$ patch -p1 < ../proftpd-tls.current.patch
		14
		15	Or just use the prepatched tarball.
		16
		17	Configuring:
		18	$ ./configure [--with-openssl-dir=DIR]
		19
		20	Building:
		21	$ make
		22
		23	Installation:
		24	$ make install
		25
		26	By default, proftpd looks for a single configuration file at
		27	/usr/local/etc/proftpd.conf. Copy sample-configurations/basic.conf to
		28	/usr/local/etc/proftpd.conf and modify to suit your needs. More advanced
		29	configuration examples are also included.
		30
		31	The proftpd server tries to use these TLS related files by default:
		32	ftpd-rsa.pem RSA certificate, may include private key
		33	ftpd-rsa-key.pem RSA private key
		34	ftpd-dsa.pem DSA certificate, may include private key
		35	ftpd-dsa-key.pem DSA private key
		36	ftpd-crl.pem Certificate Revokation List
		37	ftpd-dhparam.pem DH Parameters (a set of DH params is compiled in)
		38
		39	These files is searched for in the following directorys (in this order):
		40	* Current working directory of the process.
		41	* Specified by the `X509_get_default_cert_dir_env()` environment variable
		42	(usually $SSL_CERT_DIR).
		43	* `X509_get_default_cert_dir()`, usually (openssl-dir)/certs.
		44	* `X509_get_default_private_dir()`, usually (openssl-dir/private.
		45
		46	Default CRL directory for the proftpd server is (openssl-dir)/crl.
		47
		48	If you don't have any "proper" certificate files (signed by some CA), you might
		49	create a self-signed one using the ``openssl'' command:
		50	$ openssl req -new -x509 -days 365 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem
		51	This creates a cert which is valid 365 days, you might want to adjust that.
		52
		53	X509 client authentication
		54	--------------------------
		55	Support for user authentication is possible through the custom function
		56	int x509_to_user(X509 peer_cert, char userid, int len) in the file
		57	src/x509_to_user.c, and by a .tlslogin file in the user's home directory.
		58
		59	o tls_userid_from_client_cert() is called and returns a user id or NULL.
		60	tls_userid_from_client_cert() calls the site specific function
		61	x509_to_user().
		62
		63	o If the user name, set by the USER command, equals the user id mapped from the
		64	client cert, the user is logged right in.
65
66	o If "USER" differ from the user id mapped from the client cert the function
67	tls_is_user_valid() is called to check "USER"'s ~/.tlslogin file.
68	That file, if it exist, contains one or more X509 certificates in PEM for-
69	mat. If the client cert is present in the file, the user is logged right in.
70
71	o If tls_userid_from_client_cert() can't map a user id from the client cert,
72	tls_is_user_valid() is called to check "USER"'s ~/.tlslogin file. If the
73	client cert is present in the file, the user is logged right in.
74
75	Hash symlinks for certs: ln -s cert.pem `openssl x509 -hash -noout -in cert.pem`.0
76	Hash symlinks for CRLs: ln -s crl.pem `openssl crl -hash -noout -in crl.pem`.r0
77
78	Default cipher list is "ALL:!EXP".
79
80	How to put together a 'cipher list string':
81	Key Exchange Algorithms:
82	"kRSA" RSA key exchange
83	"kDHr" Diffie-Hellman key exchange (key from RSA cert)
84	"kDHd" Diffie-Hellman key exchange (key from DSA cert)
85	"kEDH' Ephemeral Diffie-Hellman key exchange (temporary key)
86
87	Authentication Algorithm:
88	"aNULL" No authentication
89	"aRSA" RSA authentication
90	"aDSS" DSS authentication
91	"aDH" Diffie-Hellman authentication
92
93	Cipher Encoding Algorithm:
94	"eNULL" No encodiing
95	"DES" DES encoding
96	"3DES" Triple DES encoding
97	"RC4" RC4 encoding
98	"RC2" RC2 encoding
99	"IDEA" IDEA encoding
100
101	MAC Digest Algorithm:
102	"MD5" MD5 hash function
103	"SHA1" SHA1 hash function
104	"SHA" SHA hash function (should not be used)
105
106	Aliases:
107	"ALL" all ciphers
108	"SSLv2" all SSL version 2.0 ciphers (should not be used)
109	"SSLv3" all SSL version 3.0 ciphers
110	"EXP" all export ciphers (40-bit)
111	"EXPORT56" all export ciphers (56-bit)
112	"LOW" all low strength ciphers (no export)
113	"MEDIUM" all ciphers with 128-bit encryption
114	"HIGH" all ciphers using greater than 128-bit encryption
115	"RSA" all ciphers using RSA key exchange
116	"DH" all ciphers using Diffie-Hellman key exchange
117	"EDH" all ciphers using Ephemeral Diffie-Hellman key exchange
118	"ADH" all ciphers using Anonymous Diffie-Hellman key exchange
119	"DSS" all ciphers using DSS authentication
120	"NULL" all ciphers using no encryption
121
122	Each item in the list may include a prefix modifier:
123
124	"+" move cipher(s) to the current location in the list
125	"-" remove cipher(s) from the list (may be added again by
126	a subsequent list entry)
127	"!" kill cipher from the list (it may not be added again
128	by a subsequent list entry)
129
130	If no modifier is specified the entry is added to the list at the current
131	position. "+" may also be used to combine tags to specify entries such as
132	"RSA+RC4" describes all ciphers that use both RSA and RC4.
133
134	For example, all available ciphers not including ADH key exchange:
135
136	ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
137
138	All algorithms including ADH and export but excluding patented algorithms:
139
140	HIGH:MEDIUM:LOW:EXPORT56:EXP:ADH:!kRSA:!aRSA:!RC4:!RC2:!IDEA
141
142	The OpenSSL command
143
144	openssl ciphers -v <list of ciphers>
145
146	may be used to list all of the ciphers and the order described by a specific
147	<list of ciphers>.

Lines 102-107 Link Here

(-)proftpd-1.2.6rc1.orig/include/ftp.h (+4 lines)
102	#define R_226 "226" /* Closing data connection. File transfer/abort successful */	102	#define R_226 "226" /* Closing data connection. File transfer/abort successful */
103	#define R_227 "227" /* Entering passive mode (h1,h2,h3,h4,p1,p2) */	103	#define R_227 "227" /* Entering passive mode (h1,h2,h3,h4,p1,p2) */
104	#define R_230 "230" /* User logged in, proceed */	104	#define R_230 "230" /* User logged in, proceed */
		105	#define R_232 "232" /* User logged in, authorized by security data exchange */
105	#define R_250 "250" /* Requested file action okay, completed. */	106	#define R_250 "250" /* Requested file action okay, completed. */
106	#define R_257 "257" /* "PATHNAME" created. */	107	#define R_257 "257" /* "PATHNAME" created. */
107	#define R_331 "331" /* User name okay, need password. */	108	#define R_331 "331" /* User name okay, need password. */
Lines 110-115 Link Here
110	#define R_421 "421" /* Service not available, closing control connection (service is about to be shutdown) */	111	#define R_421 "421" /* Service not available, closing control connection (service is about to be shutdown) */
111	#define R_425 "425" /* Can't open data connection */	112	#define R_425 "425" /* Can't open data connection */
112	#define R_426 "426" /* Connection closed; transfer aborted */	113	#define R_426 "426" /* Connection closed; transfer aborted */
		114	#define R_431 "431" /* Can't accept specified protection level, maybe some resource unavailable */
113	#define R_450 "450" /* Requested file action not taken (file unavailable; busy) */	115	#define R_450 "450" /* Requested file action not taken (file unavailable; busy) */
114	#define R_451 "451" /* Requested action aborted; local error in processing */	116	#define R_451 "451" /* Requested action aborted; local error in processing */
115	#define R_452 "452" /* Requested action not taken; insufficient storage space */	117	#define R_452 "452" /* Requested action not taken; insufficient storage space */
Lines 120-125 Link Here
120	#define R_504 "504" /* Command not implemented for that parameter */	122	#define R_504 "504" /* Command not implemented for that parameter */
121	#define R_530 "530" /* Not logged in */	123	#define R_530 "530" /* Not logged in */
122	#define R_532 "532" /* Need account for storing files */	124	#define R_532 "532" /* Need account for storing files */
		125	#define R_534 "534" /* Request denied for policy reasons */
		126	#define R_536 "536" /* Current security mechanism doesn't support the specified protection level */
123	#define R_550 "550" /* Requested action not taken. No access, etc */	127	#define R_550 "550" /* Requested action not taken. No access, etc */
124	#define R_551 "551" /* Requested action not taken, page type unknown */	128	#define R_551 "551" /* Requested action not taken, page type unknown */
125	#define R_552 "552" /* Requested file action aborted, exceeding storage allocation */	129	#define R_552 "552" /* Requested file action aborted, exceeding storage allocation */

Line 0 Link Here

(-)proftpd-1.2.6rc1.orig/include/tls_dh.h (+187 lines)
		1	static unsigned char dh512_p[]={
		2	0xC0,0xC5,0x23,0x8D,0x3A,0xB3,0xA3,0x63,0x57,0xC0,0xD3,0xFE,
		3	0xD4,0xC2,0x8F,0x17,0x0E,0x7A,0xDB,0x8E,0x3B,0xB6,0xA5,0xC2,
		4	0x60,0x7D,0xE7,0x03,0xCC,0xA3,0x10,0xCC,0x82,0x39,0x3C,0x68,
		5	0xA0,0x82,0x9C,0x7A,0x4A,0x96,0x8C,0xB0,0x1A,0xB4,0xB8,0xA0,
		6	0x9E,0x64,0x9D,0x40,0x77,0x8A,0x9C,0x97,0x96,0x69,0x3D,0xCA,
		7	0xA8,0x25,0xAE,0xAB,
		8	};
		9	static unsigned char dh512_g[]={
		10	0x02,
		11	};
		12
		13	DH *get_dh512()
		14	{
		15	DH *dh;
		16
		17	if ((dh=DH_new()) == NULL) return(NULL);
		18	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
		19	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
		20	if ((dh->p == NULL) \|\| (dh->g == NULL))
		21	return(NULL);
		22	return(dh);
		23	}
		24	/*
		25	-----BEGIN DH PARAMETERS-----
		26	MEYCQQDAxSONOrOjY1fA0/7Uwo8XDnrbjju2pcJgfecDzKMQzII5PGiggpx6SpaM
		27	sBq0uKCeZJ1Ad4qcl5ZpPcqoJa6rAgEC
		28	-----END DH PARAMETERS-----
		29	*/
		30	static unsigned char dh768_p[]={
		31	0xB3,0x95,0x74,0xCE,0x0B,0xFD,0xAB,0xC3,0x53,0x9B,0x0B,0xFD,
		32	0x6E,0xB2,0x64,0x64,0x02,0xDD,0xFF,0x2E,0x77,0xEB,0x0D,0x6C,
		33	0xCE,0x04,0x2C,0x8E,0x5A,0xA7,0x96,0x45,0x54,0xA6,0x2F,0xBC,
		34	0xF9,0x77,0x1C,0x50,0x66,0x8E,0x48,0xA8,0x34,0xF0,0x81,0xDD,
		35	0x5B,0x5A,0xD4,0xA6,0x13,0x89,0x60,0x46,0x05,0x65,0x57,0x2C,
		36	0x1E,0x94,0x57,0x3C,0x3E,0x38,0xA6,0xFE,0x7B,0x03,0x7D,0x16,
		37	0x46,0xF6,0xB3,0x21,0x3C,0x44,0xF1,0xF1,0x90,0xCE,0x40,0x93,
		38	0x4B,0xE6,0xD6,0x0E,0x20,0x85,0xDA,0x9B,0x3F,0x5C,0x1F,0xDB,
		39	};
		40	static unsigned char dh768_g[]={
		41	0x02,
		42	};
		43
		44	DH *get_dh768()
		45	{
		46	DH *dh;
		47
		48	if ((dh=DH_new()) == NULL) return(NULL);
		49	dh->p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
		50	dh->g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
		51	if ((dh->p == NULL) \|\| (dh->g == NULL))
		52	return(NULL);
		53	return(dh);
		54	}
		55	/*
		56	-----BEGIN DH PARAMETERS-----
		57	MGYCYQCzlXTOC/2rw1ObC/1usmRkAt3/LnfrDWzOBCyOWqeWRVSmL7z5dxxQZo5I
		58	qDTwgd1bWtSmE4lgRgVlVywelFc8Pjim/nsDfRZG9rMhPETx8ZDOQJNL5tYOIIXa
		59	mz9cH9sCAQI=
		60	-----END DH PARAMETERS-----
		61	*/
		62	static unsigned char dh1024_p[]={
		63	0xC1,0xD8,0x9C,0x90,0xB1,0x58,0x7C,0xE1,0x56,0x70,0xD7,0x61,
		64	0x6C,0x00,0xE6,0xE7,0x99,0x04,0x9F,0x86,0xD9,0xB4,0x11,0x09,
65	0x23,0x18,0xAA,0x19,0xCA,0x49,0x7C,0xA8,0x9D,0xF7,0x43,0x3A,
66	0xAF,0xC3,0x1F,0x0E,0xAE,0xBB,0xF2,0xEA,0x5B,0x62,0xA1,0x5F,
67	0x7C,0x26,0xA8,0xB4,0x5D,0x2A,0x25,0xAB,0x88,0x70,0x27,0x06,
68	0xD0,0xF5,0x01,0xD9,0x6A,0x1F,0x48,0x2D,0x9C,0xEC,0xFE,0xA8,
69	0x45,0x97,0x1D,0xC0,0x8A,0xFF,0xE5,0xE1,0x79,0xDF,0x85,0x31,
70	0xFC,0x58,0x91,0x35,0xE8,0xC7,0xDA,0x55,0x7B,0xAA,0xDD,0xC2,
71	0x0A,0x94,0x34,0xF7,0xB4,0x4A,0x91,0x3B,0x1E,0x16,0x89,0x2A,
72	0x04,0x47,0x5D,0xE9,0x42,0x47,0x5E,0x30,0x61,0xE8,0x42,0xC1,
73	0x23,0xC7,0x97,0x78,0x63,0x36,0x9D,0x3B,
74	};
75	static unsigned char dh1024_g[]={
76	0x02,
77	};
78
79	DH *get_dh1024()
80	{
81	DH *dh;
82
83	if ((dh=DH_new()) == NULL) return(NULL);
84	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
85	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
86	if ((dh->p == NULL) \|\| (dh->g == NULL))
87	return(NULL);
88	return(dh);
89	}
90	/*
91	-----BEGIN DH PARAMETERS-----
92	MIGHAoGBAMHYnJCxWHzhVnDXYWwA5ueZBJ+G2bQRCSMYqhnKSXyonfdDOq/DHw6u
93	u/LqW2KhX3wmqLRdKiWriHAnBtD1AdlqH0gtnOz+qEWXHcCK/+Xhed+FMfxYkTXo
94	x9pVe6rdwgqUNPe0SpE7HhaJKgRHXelCR14wYehCwSPHl3hjNp07AgEC
95	-----END DH PARAMETERS-----
96	*/
97	static unsigned char dh1536_p[]={
98	0xDA,0x68,0x25,0x7F,0x9D,0xB5,0x3F,0x42,0x05,0xBC,0x79,0x65,
99	0x6F,0x19,0x6A,0x6F,0x70,0x11,0x91,0xF2,0x08,0x48,0x2B,0xE2,
100	0x0C,0x15,0xD9,0x31,0xE7,0x3A,0x50,0x32,0x9F,0xFB,0xD6,0x56,
101	0xFA,0xB4,0xA9,0x5F,0x22,0x17,0x52,0x72,0x2C,0xE3,0x5D,0xA1,
102	0xA8,0xEF,0x16,0x42,0x35,0xC6,0xD9,0x64,0xC1,0xB3,0xB3,0x4C,
103	0x09,0x90,0xF4,0x49,0xEF,0xDE,0x64,0x99,0xFF,0x3C,0x37,0x0A,
104	0x91,0xA4,0x9E,0x38,0x27,0xF2,0x96,0x13,0x1E,0x15,0xA2,0x52,
105	0xF1,0x54,0x0C,0xED,0x5C,0x38,0xC4,0xEC,0xFF,0xE2,0xFA,0x0A,
106	0x41,0xBB,0x48,0x5D,0xD3,0x54,0xA1,0xEB,0xBD,0x1F,0x68,0xED,
107	0x2A,0x49,0x7F,0x68,0x52,0xB3,0xA0,0x77,0x3E,0x19,0xFB,0x44,
108	0xCD,0x4B,0x21,0x3E,0x3B,0xBA,0xF6,0xA2,0x36,0x37,0xE5,0xFA,
109	0x95,0xB0,0x7D,0x7B,0x58,0x96,0xC4,0xC9,0xC0,0xCF,0xD9,0x3F,
110	0xA3,0x42,0x0B,0xD7,0xBE,0x1A,0xA8,0xB5,0x57,0x58,0xF4,0x04,
111	0x97,0x54,0xB0,0x59,0x23,0x5F,0x98,0x09,0x90,0xC0,0x49,0x85,
112	0x40,0x23,0x2D,0x21,0x3E,0xB0,0x07,0x06,0x07,0x32,0xFB,0xB9,
113	0x91,0x40,0x92,0x09,0xED,0x07,0x80,0x05,0x14,0x5B,0xC1,0x9B,
114	};
115	static unsigned char dh1536_g[]={
116	0x02,
117	};
118
119	DH *get_dh1536()
120	{
121	DH *dh;
122
123	if ((dh=DH_new()) == NULL) return(NULL);
124	dh->p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
125	dh->g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
126	if ((dh->p == NULL) \|\| (dh->g == NULL))
127	return(NULL);
128	return(dh);
129	}
130	/*
131	-----BEGIN DH PARAMETERS-----
132	MIHHAoHBANpoJX+dtT9CBbx5ZW8Zam9wEZHyCEgr4gwV2THnOlAyn/vWVvq0qV8i
133	F1JyLONdoajvFkI1xtlkwbOzTAmQ9Env3mSZ/zw3CpGknjgn8pYTHhWiUvFUDO1c
134	OMTs/+L6CkG7SF3TVKHrvR9o7SpJf2hSs6B3Phn7RM1LIT47uvaiNjfl+pWwfXtY
135	lsTJwM/ZP6NCC9e+Gqi1V1j0BJdUsFkjX5gJkMBJhUAjLSE+sAcGBzL7uZFAkgnt
136	B4AFFFvBmwIBAg==
137	-----END DH PARAMETERS-----
138	*/
139	static unsigned char dh2048_p[]={
140	0xD0,0xE6,0xFF,0x1F,0x39,0xE0,0xCC,0x85,0xAC,0xA4,0xE6,0xDD,
141	0x06,0xE5,0x2D,0xBF,0xEA,0x64,0x2E,0xC7,0x99,0x8A,0x0F,0xCB,
142	0x3C,0x9D,0xEE,0xAC,0x61,0xFF,0x69,0x31,0x71,0xFE,0x2F,0x7B,
143	0x65,0x95,0xA0,0xA4,0x59,0xB8,0xE3,0x66,0x5B,0x3F,0xD8,0x42,
144	0x99,0x4F,0x09,0x44,0xC5,0x8D,0x8B,0x5D,0x16,0xAA,0x05,0x6E,
145	0x8B,0x11,0x59,0x1F,0xD7,0x11,0x84,0x87,0x4D,0xBE,0xBB,0xBA,
146	0x9A,0xF0,0xC3,0xE2,0x0E,0xB8,0x0F,0xFD,0x08,0xB1,0x48,0x98,
147	0xDE,0x89,0xDA,0x00,0x15,0x04,0xA4,0x51,0xBE,0x5B,0x60,0x0A,
148	0x0E,0x20,0xAC,0xC5,0x83,0x5D,0xC4,0x0F,0xA3,0x8E,0x11,0x66,
149	0x2C,0xD3,0x61,0x5F,0x16,0x83,0xAA,0xCF,0x52,0x9C,0x7D,0x75,
150	0xEA,0xCA,0x67,0xA3,0xAB,0x58,0x9F,0x67,0x17,0xA0,0x54,0x3A,
151	0x2B,0xCA,0xB5,0x03,0x7E,0x50,0xBD,0x99,0x1E,0xEF,0xB2,0x8F,
152	0xB4,0xFB,0xD2,0x2D,0x6A,0xA9,0xA2,0xC0,0xD4,0xD2,0x68,0x6C,
153	0x21,0x71,0x78,0x75,0x82,0x4C,0xD8,0xE8,0x2C,0x0B,0xC9,0x3F,
154	0xF6,0xF0,0x64,0xD9,0x6E,0x76,0xCB,0xBB,0x99,0xFB,0xBC,0x15,
155	0x54,0x7B,0x7F,0x97,0x36,0x8F,0x0B,0x1C,0xFF,0xDD,0x28,0x99,
156	0xE5,0x3A,0xAD,0xCD,0x84,0xAB,0xA1,0xEF,0xB2,0x21,0xEA,0xD6,
157	0x49,0x22,0x6A,0x30,0x6A,0x63,0x2E,0x52,0x79,0xCF,0xBC,0xC2,
158	0xB6,0x2E,0xA5,0x5D,0xB3,0xDA,0xC2,0xDD,0x02,0xEA,0x26,0x2F,
159	0x3B,0x0A,0x12,0xBB,0xA2,0xEF,0x2B,0xFA,0xCC,0x25,0x63,0x1B,
160	0xC3,0x00,0x18,0x8F,0x36,0xB7,0x30,0x5A,0x55,0x1A,0xE0,0x12,
161	0xA1,0xD2,0x9C,0x93,
162	};
163	static unsigned char dh2048_g[]={
164	0x02,
165	};
166
167	DH *get_dh2048()
168	{
169	DH *dh;
170
171	if ((dh=DH_new()) == NULL) return(NULL);
172	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
173	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
174	if ((dh->p == NULL) \|\| (dh->g == NULL))
175	return(NULL);
176	return(dh);
177	}
178	/*
179	-----BEGIN DH PARAMETERS-----
180	MIIBCAKCAQEA0Ob/HzngzIWspObdBuUtv+pkLseZig/LPJ3urGH/aTFx/i97ZZWg
181	pFm442ZbP9hCmU8JRMWNi10WqgVuixFZH9cRhIdNvru6mvDD4g64D/0IsUiY3ona
182	ABUEpFG+W2AKDiCsxYNdxA+jjhFmLNNhXxaDqs9SnH116spno6tYn2cXoFQ6K8q1
183	A35QvZke77KPtPvSLWqposDU0mhsIXF4dYJM2OgsC8k/9vBk2W52y7uZ+7wVVHt/
184	lzaPCxz/3SiZ5TqtzYSroe+yIerWSSJqMGpjLlJ5z7zCti6lXbPawt0C6iYvOwoS
185	u6LvK/rMJWMbwwAYjza3MFpVGuASodKckwIBAg==
186	-----END DH PARAMETERS-----
187	*/

Line 0 Link Here

(-)proftpd-1.2.6rc1.orig/include/tlsutil.h (+65 lines)
		1	/*
		2	* Copyright (c) 1999 - 2002 Peter 'Luna' Runestig <peter@runestig.com>
		3	* All rights reserved.
		4	*
		5	* Redistribution and use in source and binary forms, with or without modifi-
		6	* cation, are permitted provided that the following conditions are met:
		7	*
		8	* o Redistributions of source code must retain the above copyright notice,
		9	* this list of conditions and the following disclaimer.
		10	*
		11	* o Redistributions in binary form must reproduce the above copyright no-
		12	* tice, this list of conditions and the following disclaimer in the do-
		13	* cumentation and/or other materials provided with the distribution.
		14	*
		15	* o The names of the contributors may not be used to endorse or promote
		16	* products derived from this software without specific prior written
		17	* permission.
		18	*
		19	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
		20	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
		21	* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		22	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
		23	* ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
		24	* TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
		25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
		26	* ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
		27	* LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
		28	* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		29	*/
		30
		31	#ifndef _TLSUTIL_H_
		32	#define _TLSUTIL_H_
		33
		34	extern int tls_on_data;
		35	extern int tls_on_ctrl;
		36	extern int tls_implicit;
		37	extern int tls_no_verify;
		38	extern int tls_dont_request_cert;
		39	extern int tls_required;
		40	extern int tls_init_error;
		41	extern char *tls_rsa_key_file;
		42	extern char *tls_rsa_cert_file;
		43	extern char *tls_dsa_key_file;
		44	extern char *tls_dsa_cert_file;
		45	extern char *tls_crl_file;
		46	extern char *tls_dhparam_file;
		47	extern char *tls_cipher_list;
		48
		49	int tls_init(void);
		50	int tls_accept(conn_t *conn, int data_connection);
		51	void tls_cleanup(void);
		52	void tls_close_session(SSL *ssl);
		53	int tls_recv(int s, void *buf, size_t len, int flags);
		54	int tls_send(int s, const void *msg, size_t len, int flags);
		55	ssize_t tls_read(SSL ssl, void buf, size_t count);
		56	ssize_t tls_write(SSL ssl, const void buf, size_t count);
		57	int tls_pending(SSL *ssl);
		58	void tls_optarg(char *optarg);
		59	char *tls_userid_from_client_cert();
		60	int tls_is_user_valid(char *user);
		61	void tls_set_file_defaults(void);
		62	int tls_setup_session_cache(void);
		63
		64
65	#endif

Line 0 Link Here

(-)proftpd-1.2.6rc1.orig/modules/mod_tls.c (+483 lines)
		1	/*
		2	* ProFTPD - FTP server daemon
		3	* Copyright (c) 1997, 1998 Public Flood Software
		4	*
		5	* This program is free software; you can redistribute it and/or modify
		6	* it under the terms of the GNU General Public License as published by
		7	* the Free Software Foundation; either version 2 of the License, or
		8	* (at your option) any later version.
		9	*
		10	* This program is distributed in the hope that it will be useful,
		11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		13	* GNU General Public License for more details.
		14	*
		15	* You should have received a copy of the GNU General Public License
		16	* along with this program; if not, write to the Free Software
		17	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
		18	*/
		19	/*
		20	* AUTH/TLS module for ProFTPD, based on the mod_sample.c file.
		21	*
		22	* Copyright (c) 2000 - 2002 Peter 'Luna' Runestig <peter@runestig.com>
		23	* All rights reserved.
		24	*
		25	* Redistribution and use in source and binary forms, with or without modifi-
		26	* cation, are permitted provided that the following conditions are met:
		27	*
		28	* o Redistributions of source code must retain the above copyright notice,
		29	* this list of conditions and the following disclaimer.
		30	*
		31	* o Redistributions in binary form must reproduce the above copyright no-
		32	* tice, this list of conditions and the following disclaimer in the do-
		33	* cumentation and/or other materials provided with the distribution.
		34	*
		35	* o The names of the contributors may not be used to endorse or promote
		36	* products derived from this software without specific prior written
		37	* permission.
		38	*
		39	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
		40	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
		41	* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
		43	* ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
		44	* TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
		45	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
		46	* ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
		47	* LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
		48	* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		49	*/
		50
		51	#include "conf.h"
		52	#include <privs.h>
		53	#include "tlsutil.h"
		54
		55	extern session_t session;
		56
		57	#define CHECK_TLS_INIT_ERROR() if (tls_init_error) { \
		58	char errmsg[256]; \
		59	snprintf(errmsg, sizeof(errmsg), \
		60	"Local error code %d was returned from tls_init()", \
		61	tls_init_error); \
		62	return ERROR_MSG(cmd, R_431, errmsg); }
		63
		64	/* This sample configuration directive handler will get called
65	* whenever the "FooBarDirective" directive is encountered in the
66	* configuration file.
67	*/
68
69	MODRET set_rsacertfile(cmd_rec *cmd)
70	{
71	config_rec *c;
72
73	/* The CHECK_ARGS macro checks the number of arguments passed to the
74	* directive against what we want. Note that this is one less than
75	* cmd->argc, because cmd->argc includes cmd->argv[0] (the directive
76	* itself). If CHECK_ARGS fails, a generic error is sent to the user
77	*/
78	CHECK_ARGS(cmd, 1);
79
80	/* The CHECK_CONF macro makes sure that this directive is not being
81	* "used" in the wrong context (i.e. if the directive is only available
82	* or applicable inside certain contexts). In this case, we are allowing
83	* the directive inside of <Anonymous> and <Limit>, but nowhere else.
84	* If this macro fails a generic error is logged and the handler aborts.
85	*/
86	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
87
88	/* add_config_param adds a configuration paramater to our current
89	* configuration context.
90	*/
91	c = add_config_param_str("TlsRsaCertFile", 1, cmd->argv[1]);
92
93	/* By adding the CF_MERGEDOWN flag to the parameter we just created
94	* we are telling proftpd that this parameter should be copied and
95	* "merged" into all "lower" contexts until it either hits a
96	* parameter w/ the same name or bottoms out.
97	*
98	* Example _without_ CF_MERGEDOWN:
99	*
100	* <VirtualHost>
101	* \|----------\
102	* <Anonymous>
103	* \| - FooBarDirective <------- Config places it here
104	* \|-----------\
105	* <Directory> <------- Doesn't apply here
106	* \|-------------\
107	* <Limit> <--- Or here.....
108	*
109	* Now, if we specify CF_MERGDOWN, the tree ends up looking like:
110	*
111	* <VirtualHost>
112	* \|----------\
113	* <Anonymous>
114	* \| - FooBarDirective <------- Config places it here
115	* \|-----------\
116	* <Directory> <------- Now, it DOES apply here
117	* \| - FooBarDirective
118	* \|-------------\
119	* <Limit> <-------- And here ...
120	* \| - FooBarDirective
121	*
122	*/
123	c->flags \|= CF_MERGEDOWN;
124
125	/* Tell proftpd that we handled the request w/ no problems.
126	*/
127	return HANDLED(cmd);
128	}
129
130	MODRET set_rsakeyfile(cmd_rec *cmd)
131	{
132	config_rec *c;
133
134	CHECK_ARGS(cmd, 1);
135	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
136
137	c = add_config_param_str("TlsRsaKeyFile", 1, cmd->argv[1]);
138	c->flags \|= CF_MERGEDOWN;
139	return HANDLED(cmd);
140	}
141
142	MODRET set_dsacertfile(cmd_rec *cmd)
143	{
144	config_rec *c;
145
146	CHECK_ARGS(cmd, 1);
147	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
148
149	c = add_config_param_str("TlsDsaCertFile", 1, cmd->argv[1]);
150	c->flags \|= CF_MERGEDOWN;
151	return HANDLED(cmd);
152	}
153
154	MODRET set_dsakeyfile(cmd_rec *cmd)
155	{
156	config_rec *c;
157
158	CHECK_ARGS(cmd, 1);
159	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
160
161	c = add_config_param_str("TlsDsaKeyFile", 1, cmd->argv[1]);
162	c->flags \|= CF_MERGEDOWN;
163	return HANDLED(cmd);
164	}
165
166	MODRET set_crlfile(cmd_rec *cmd)
167	{
168	config_rec *c;
169
170	CHECK_ARGS(cmd, 1);
171	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
172
173	c = add_config_param_str("TlsCrlFile", 1, cmd->argv[1]);
174	c->flags \|= CF_MERGEDOWN;
175	return HANDLED(cmd);
176	}
177
178	MODRET set_dhparamfile(cmd_rec *cmd)
179	{
180	config_rec *c;
181
182	CHECK_ARGS(cmd, 1);
183	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
184
185	c = add_config_param_str("TlsDhParamFile", 1, cmd->argv[1]);
186	c->flags \|= CF_MERGEDOWN;
187	return HANDLED(cmd);
188	}
189
190	MODRET set_cipherlist(cmd_rec *cmd)
191	{
192	config_rec *c;
193
194	CHECK_ARGS(cmd, 1);
195	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
196
197	c = add_config_param_str("TlsCipherList", 1, cmd->argv[1]);
198	c->flags \|= CF_MERGEDOWN;
199	return HANDLED(cmd);
200	}
201
202	MODRET set_no_verify(cmd_rec *cmd)
203	{
204	config_rec *c;
205	int b;
206
207	CHECK_ARGS(cmd, 1);
208	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
209
210	if ((b = get_boolean(cmd, 1)) == -1)
211	CONF_ERROR(cmd, "expected boolean argument.");
212	c = add_config_param("TlsCertsOk", 1, (void *) b);
213	c->flags \|= CF_MERGEDOWN;
214	return HANDLED(cmd);
215	}
216
217	MODRET set_dont_request_cert(cmd_rec *cmd)
218	{
219	config_rec *c;
220	int b;
221
222	CHECK_ARGS(cmd, 1);
223	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
224
225	if ((b = get_boolean(cmd, 1)) == -1)
226	CONF_ERROR(cmd, "expected boolean argument.");
227	c = add_config_param("TlsDontRequestCert", 1, (void *) b);
228	c->flags \|= CF_MERGEDOWN;
229	return HANDLED(cmd);
230	}
231
232	MODRET set_required(cmd_rec *cmd)
233	{
234	config_rec *c;
235	int b;
236
237	CHECK_ARGS(cmd, 1);
238	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
239
240	if ((b = get_boolean(cmd, 1)) == -1)
241	CONF_ERROR(cmd, "expected boolean argument.");
242	c = add_config_param("TlsRequired", 1, (void *) b);
243	c->flags \|= CF_MERGEDOWN;
244	return HANDLED(cmd);
245	}
246
247	MODRET set_implicit(cmd_rec *cmd)
248	{
249	config_rec *c;
250	int b;
251
252	CHECK_ARGS(cmd, 1);
253	CHECK_CONF(cmd, CONF_ROOT \| CONF_VIRTUAL \| CONF_GLOBAL);
254
255	if ((b = get_boolean(cmd, 1)) == -1)
256	CONF_ERROR(cmd, "expected boolean argument.");
257	c = add_config_param("TlsImplicit", 1, (void *) b);
258	c->flags \|= CF_MERGEDOWN;
259	return HANDLED(cmd);
260	}
261
262	MODRET cmd_auth(cmd_rec *cmd)
263	{
264	char *cp;
265
266	if (tls_implicit)
267	return ERROR_MSG(cmd, R_504, "The AUTH command is not supported on an implicit TLS connection");
268	if (cmd->argc < 2)
269	return ERROR_MSG(cmd, R_504, "The AUTH command needs at least one argument");
270
271	/* convert to upper case */
272	cp = cmd->argv[1];
273	while (*cp) {
274	cp = toupper(cp);
275	cp++;
276	}
277
278	if (!strcmp(cmd->argv[1], "TLS") \|\| !strcmp(cmd->argv[1], "TLS-C")) {
279	CHECK_TLS_INIT_ERROR();
280	send_response("234", "AUTH TLS successful");
281	if (tls_accept(session.c, FALSE)) {
282	/* exit if we fail */
283	send_response_async(R_421,
284	"Failed TLS negotiation on control channel, disconnected");
285	main_exit((void*) LOG_ERR,
286	"Failed TLS negotiation on control channel, disconnected.",
287	(void*) 0, NULL);
288	}
289	}
290	else if (!strcmp(cmd->argv[1], "SSL") \|\| !strcmp(cmd->argv[1], "TLS-P")) {
291	CHECK_TLS_INIT_ERROR();
292	send_response("234", "AUTH SSL successful");
293	if (tls_accept(session.c, FALSE)) {
294	/* exit if we fail */
295	send_response_async(R_421,
296	"Failed TLS negotiation on control channel, disconnected");
297	main_exit((void*) LOG_ERR,
298	"Failed TLS negotiation on control channel, disconnected.",
299	(void*) 0, NULL);
300	}
301	tls_on_data = 1;
302	}
303	else {
304	char errmsg[255];
305	snprintf(errmsg, sizeof(errmsg), "AUTH %s unsupported", cmd->argv[1]);
306	return ERROR_MSG(cmd, R_504, errmsg);
307	}
308
309	return HANDLED(cmd);
310	}
311
312	static int pbsz_ok = 0;
313
314	MODRET cmd_pbsz(cmd_rec *cmd)
315	{
316	if (cmd->argc < 2)
317	return ERROR_MSG(cmd, R_501, "PBSZ command needs at least one argument");
318	if (!tls_on_ctrl)
319	return ERROR_MSG(cmd, R_503, "You can't issue PBSZ on an insecure control connection");
320
321	/* we expect "PBSZ 0" */
322	CHECK_TLS_INIT_ERROR();
323	if (!strcmp(cmd->argv[1], "0"))
324	send_response("200", "PBSZ 0 successful");
325	else
326	send_response("200", "PBSZ=0 successful");
327	pbsz_ok = 1;
328
329	return HANDLED(cmd);
330	}
331
332	MODRET cmd_prot(cmd_rec *cmd)
333	{
334	if (cmd->argc < 2)
335	return ERROR_MSG(cmd, R_504, "PROT command needs at least one argument");
336	if (!pbsz_ok)
337	return ERROR_MSG(cmd, R_503, "You must issue the PBSZ command prior to PROT");
338
339	/* only PROT C or PROT P is valid in respect to SSL/TLS */
340	if (!strcmp(cmd->argv[1], "C")) {
341	CHECK_TLS_INIT_ERROR();
342	send_response("200", "Protection set to Clear");
343	tls_on_data = 0;
344	}
345	else if (!strcmp(cmd->argv[1], "P")) {
346	CHECK_TLS_INIT_ERROR();
347	send_response("200", "Protection set to Private");
348	tls_on_data = 1;
349	}
350	else if (!strcmp(cmd->argv[1], "S") \|\| !strcmp(cmd->argv[1], "E")) {
351	char errmsg[255];
352	snprintf(errmsg, sizeof(errmsg), "PROT %s unsupported", cmd->argv[1]);
353	return ERROR_MSG(cmd, R_536, errmsg);
354	}
355	else {
356	char errmsg[255];
357	snprintf(errmsg, sizeof(errmsg), "PROT %s unsupported", cmd->argv[1]);
358	return ERROR_MSG(cmd, R_504, errmsg);
359	}
360
361	return HANDLED(cmd);
362	}
363
364	/* There are three tables which act as the "glue" between proftpd and
365	* a module. None of the tables are _required_ (however having none would
366	* make the module fairly useless).
367	*/
368
369	/* The first table is the "configuration directive" table. It specifies
370	* handler routines in the module which will be used during configuration
371	* file parsing.
372	*/
373
374	static conftable mod_tls_config[] = {
375	{ "TlsRsaCertFile", set_rsacertfile, NULL },
376	{ "TlsRsaKeyFile", set_rsakeyfile, NULL },
377	{ "TlsDsaCertFile", set_dsacertfile, NULL },
378	{ "TlsDsaKeyFile", set_dsakeyfile, NULL },
379	{ "TlsCrlFile", set_crlfile, NULL },
380	{ "TlsDhParamFile", set_dhparamfile, NULL },
381	{ "TlsCipherList", set_cipherlist, NULL },
382	{ "TlsCertsOk", set_no_verify, NULL },
383	{ "TlsDontRequestCert", set_dont_request_cert, NULL },
384	{ "TlsRequired", set_required, NULL },
385	{ "TlsImplicit", set_implicit, NULL },
386	{ NULL , NULL, NULL}
387	};
388
389	/* Each module can supply up to two initialization routines (via
390	* the module structure at the bottom of this file). The first
391	* init function is called immediately after the module is loaded,
392	* while the second is called after proftpd is connected to a client,
393	* and the main proftpd server (if not in inetd mode) has forked off.
394	* The second init function's purpose is to let the module perform
395	* any necessary work once a client is connected and proftpd is ready
396	* to service the new client. In inetd mode, the "child init" function
397	* will be called immediately after proftpd is loaded, because proftpd
398	* is _always_ in "child mode" when run from inetd. Note that both
399	* of these initialization routines are optional. If you don't need
400	* them (or only need one), simply set the function pointer to NULL
401	* in the module structure.
402	*/
403
404	static int mod_tls_init()
405	{
406	return 0;
407	}
408
409	#define PROCESS_PARAM_STR(x, y) { \
410	char str = (char ) get_param_ptr(CURRENT_CONF, x, FALSE); \
411	if (str) { \
412	if (y) \
413	free(y); \
414	y = strdup(str); \
415	} \
416	}
417
418	#define PROCESS_PARAM_INT(x, y) { \
419	long i = get_param_int(CURRENT_CONF, x, FALSE); \
420	if (i != -1) \
421	y = i; \
422	}
423
424	static int mod_tls_child_init()
425	{
426	PROCESS_PARAM_STR("TlsRsaCertFile", tls_rsa_cert_file);
427	PROCESS_PARAM_STR("TlsRsaKeyFile", tls_rsa_key_file);
428	PROCESS_PARAM_STR("TlsDsaCertFile", tls_dsa_cert_file);
429	PROCESS_PARAM_STR("TlsDsaKeyFile", tls_dsa_key_file);
430	PROCESS_PARAM_STR("TlsCrlFile", tls_crl_file);
431	PROCESS_PARAM_STR("TlsDhParamFile", tls_dhparam_file);
432	PROCESS_PARAM_STR("TlsCipherList", tls_cipher_list);
433	PROCESS_PARAM_INT("TlsCertsOk", tls_no_verify);
434	PROCESS_PARAM_INT("TlsDontRequestCert", tls_dont_request_cert);
435	PROCESS_PARAM_INT("TlsRequired", tls_required);
436	PROCESS_PARAM_INT("TlsImplicit", tls_implicit);
437
438	return tls_init_error = tls_init();
439	}
440
441	/* command table ...
442	* first : command "type" (see the doc/API for more info)
443	*
444	* second : command "name", or the actual null-terminated ascii text
445	* sent by a client (in uppercase) for this command. see
446	* include/ftp.h for macros which define all rfced FTP protocol
447	* commands. Can also be the special macro C_ANY, which receives
448	* ALL commands.
449	*
450	* third : command "group" (used for access control via Limit directives),
451	* this can be either G_DIRS (for commands related to directory
452	* listing), G_READ (for commands related to reading files),
453	* G_WRITE (for commands related to file writing), or the
454	* special G_NONE for those commands against which the
455	* special <Limit READ\|WRITE\|DIRS> will not be applied.
456	*
457	* fourth : function pointer to your handler
458	*
459	* fifth : TRUE if the command cannot be used before authentication
460	* (via USER/PASS), otherwise FALSE.
461	*
462	* sixth : TRUE if the command can be sent during a file transfer
463	* (note: as of 1.1.5, this is obsolete)
464	*
465	*/
466
467	cmdtable mod_tls_commands[] = {
468	{ CMD, "AUTH", G_NONE, cmd_auth, FALSE, FALSE },
469	{ CMD, "PBSZ", G_NONE, cmd_pbsz, FALSE, FALSE },
470	{ CMD, "PROT", G_NONE, cmd_prot, FALSE, FALSE },
471	{ 0, NULL }
472	};
473
474	module tls_module = {
475	NULL,NULL, /* Always NULL */
476	0x20, /* API Version 2.0 */
477	"tls",
478	mod_tls_config, /* Configuration handler table */
479	mod_tls_commands, /* Command handler table */
480	NULL, /* No authentication handler table */
481	mod_tls_init, /* Initialization function */
482	mod_tls_child_init /* Post-fork "child mode" init */
483	};

Lines 3-12 Link Here

(-)proftpd-1.2.6rc1.orig/sample-configurations/basic.conf (-1 / +28 lines)
3	# and a single anonymous login. It assumes that you have a user/group	3	# and a single anonymous login. It assumes that you have a user/group
4	# "nobody" and "ftp" for normal operation and anon.	4	# "nobody" and "ftp" for normal operation and anon.
5		5
6	ServerName "ProFTPD Default Installation"	6	ServerName "ProFTPD-TLS Default Installation"
		7	# ServerType is either "standalone" or "inetd"
7	ServerType standalone	8	ServerType standalone
8	DefaultServer on	9	DefaultServer on
9		10
		11	# If you want .message files to work with browsers, you probably
		12	# want to uncomment the next line
		13	#MultilineRFC2228 on
		14
		15	# These are the TLS related options, default values
		16	#TlsRsaCertFile ftpd-rsa.pem
		17	#TlsRsaKeyFile ftpd-rsa-key.pem
		18	#TlsDsaCertFile ftpd-dsa.pem
		19	#TlsDsaKeyFile ftpd-dsa-key.pem
		20	#TlsCrlFile ftpd-crl.pem
		21	#TlsDhParamFile ftpd-dhparam.pem
		22	#TlsCipherList ALL:!ADH
		23	#TlsRequired off
		24	# don't verify any peer certificates
		25	#TlsCertsOk off
		26	# Some ftp clients (e.g. SmartFTP) uses a broken SSL/TLS implementation that
		27	# aborts the SSL/TLS handshake, if the server sends a "CertificateRequest" and
		28	# the client don't have any certificate. This behaviour violates both the SSLv3
		29	# and TLSv1 spec (it's actually old SSLv2 behaviour). To be able to use those
		30	# clients without client certs, you must set the following option to "on".
		31	#TlsDontRequestCert off
		32	# Set the following to "on" if you want to use implicit SSL/TLS. It's not the
		33	# recommended way do to SSL/TLS ftp, but some user's want it anyway. Remember
		34	# to make proftpd listen to the proper ``ftps'' port also.
		35	#TlsImplicit off
		36
10	# Port 21 is the standard FTP port.	37	# Port 21 is the standard FTP port.
11	Port 21	38	Port 21
12	# Umask 022 is a good standard umask to prevent new dirs and files	39	# Umask 022 is a good standard umask to prevent new dirs and files

Line 0 Link Here

(-)proftpd-1.2.6rc1.orig/src/x509_to_user.c (+43 lines)
	1	/*
	2	* Copyright (c) 1999, 2000 Peter 'Luna' Runestig <peter@runestig.com>
	3	* All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without modifi-
	6	* cation, are permitted provided that the following conditions are met:
	7	*
	8	* o Redistributions of source code must retain the above copyright notice,
	9	* this list of conditions and the following disclaimer.
	10	*
	11	* o Redistributions in binary form must reproduce the above copyright no-
	12	* tice, this list of conditions and the following disclaimer in the do-
	13	* cumentation and/or other materials provided with the distribution.
	14	*
	15	* o The names of the contributors may not be used to endorse or promote
	16	* products derived from this software without specific prior written
	17	* permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	20	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
	21	* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	22	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LI-
	23	* ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUEN-
	24	* TIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEV-
	26	* ER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABI-
	27	* LITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
	28	* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	#include <openssl/ssl.h>
	32
	33	/* x509_to_user() returns 0 if valid userid in 'userid', else 1 */
	34	int x509_to_user(X509 peer_cert, char userid, int len)
	35	{
	36
	37	if (!(peer_cert && userid))
	38	return 1;
	39
	40	/* TODO: insert cert => userid translation code here */
	41
	42	return 1;
	43	}