Bug 24048

Summary: natd/libalias doesn't always properly modify FTP PORT command
Product: Base System Reporter: alo <alo>
Component: miscAssignee: ru <ru>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.1-RELEASE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description alo 2001-01-03 14:00:06 UTC 
natd (actually libalias/alias_db.c) only modifies FTP PORT commands
if they are immediately in the beginning of a new line.
This is implemented by having a flag which is set when a CR/LF
pair is detected.  This works well except when PORT command
happens to be first command in the FTP session.
This is the case eg. with certain banking related application.

Fix: Initialize CRLF flag in the beginnig of the alias association.
Flag name should be modified to something like
"IN_THE_BEGINNING_OF_A_LINE".
How-To-Repeat: Use ftp client which send PORT command as its first command over
the command channel.
Comment 1 ru freebsd_committer freebsd_triage 2001-01-12 08:22:40 UTC 
On Wed, Jan 03, 2001 at 05:58:14AM -0800, alo@iki.fi wrote:
> 
> natd (actually libalias/alias_db.c) only modifies FTP PORT commands
> if they are immediately in the beginning of a new line.
> This is implemented by having a flag which is set when a CR/LF
> pair is detected.  This works well except when PORT command
> happens to be first command in the FTP session.
> 
I don't see the major problem with this change, but is this allowed
by FTP protocol specs?  (The first command being a PORT command.)


Cheers,
-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age
Comment 2 alo 2001-01-16 23:04:45 UTC 
   > natd (actually libalias/alias_db.c) only modifies FTP PORT commands
   > if they are immediately in the beginning of a new line.
   > This is implemented by having a flag which is set when a CR/LF
   > pair is detected.  This works well except when PORT command
   > happens to be first command in the FTP session.
   > 
   I don't see the major problem with this change, but is this allowed
   by FTP protocol specs?  (The first command being a PORT command.)

I would guess so.

In RFC959, page 45, there is an example of a client transferring data
between two servers.  In that example, the first command to one of the
servers is a PORT command. 

Of course one could argue that the authentication has been left out of
the example but I cannot see any place where the authentication would
be required.

Regards,

	Antti Louko
Comment 3 ru freebsd_committer freebsd_triage 2001-02-27 08:12:50 UTC 
Responsible Changed
From-To: freebsd-bugs->ru

I will take a look at it a bit later.
Comment 4 ru freebsd_committer freebsd_triage 2001-05-30 15:24:34 UTC 
State Changed
From-To: open->closed

Fixed in 5.0-CURRENT, MFC into 4.3-STABLE planned within a week.