fennectech · November 19, 2018 08:50
diff --git a/dirtyauth.diff b/dirtyauth.diff
 diff --git a/source/ftp.c b/source/ftp.c
 index 1336281..794e551 100644
 --- a/source/ftp.c
 +++ b/source/ftp.c
 @@ -166,6 +166,8 @@ struct ftp_session_t
   uint64_t filesize; /*! persistent file size between callbacks */
   FILE *fp;          /*! persistent open file pointer between callbacks */
   DIR *dp;           /*! persistent open directory pointer between callbacks */
 +  bool user_ok;
 +  bool pass_ok;
 };
 
 /*! ftp command descriptor */
 @@ -503,7 +505,7 @@ ftp_session_open_file_read(ftp_session_t *session)
   struct stat st;
 
   /* open file in read mode */
 -  if(!strcmp("/logs/ftpd.log", session->buffer)) {
 +  if(!strcmp("/modules/logs/ftpd.log", session->buffer)) {
     console_print(RED "Tried to open ftpd.log for reading. That's not allowed!\n");
     return -1;
   }
 @@ -586,7 +588,7 @@ ftp_session_open_file_write(ftp_session_t *session,
   int rc;
   const char *mode = "wb";
 
 -  if(!strcmp("/logs/ftpd.log", session->buffer)) {
 +  if(!strcmp("/modules/logs/ftpd.log", session->buffer)) {
     console_print(RED "Tried to open ftpd.log for writing. That's not allowed!");
     return -1;
   }
 @@ -1240,6 +1242,8 @@ ftp_session_new(int listen_fd)
   session->data_fd = -1;
   session->mlst_flags = SESSION_MLST_TYPE | SESSION_MLST_SIZE | SESSION_MLST_MODIFY | SESSION_MLST_PERM;
   session->state = COMMAND_STATE;
 +  session->user_ok    = false;
 +  session->pass_ok    = false;
 
   /* link to the sessions list */
   if (sessions == NULL)
 @@ -1392,6 +1396,50 @@ ftp_session_connect(ftp_session_t *session)
   return 0;
 }
 
 +static bool
 +ftp_auth_oncommand(ftp_session_t *session, const char *command) {
 +  if(command && (strcasecmp("USER", command) == 0 || strcasecmp("PASS", command) == 0 || strcasecmp("QUIT", command) == 0)) {
 +    return true;
 +  }
 +  
 +  return session->user_ok && session->pass_ok;
 +}
 +
 +static void
 +ftp_auth_check(ftp_session_t *session, const char *user, const char *pass) 
 +{
 +  
 +  if(user) {
 +    if(strcmp("___USER___", user) == 0) {
 +      session->user_ok = true;
 +    } else {
 +      ftp_session_set_state(session, COMMAND_STATE, CLOSE_PASV | CLOSE_DATA);
 +      ftp_send_response(session, 430, "unknown user\r\n");
 +      ftp_session_close_cmd(session);
 +      return;
 +    }
 +  }
 +  
 +  if(pass) {
 +    if(strcmp("___PASS___", pass) == 0) {
 +      session->pass_ok = true;
 +    } else {
 +      ftp_session_set_state(session, COMMAND_STATE, CLOSE_PASV | CLOSE_DATA);
 +      ftp_send_response(session, 430, "wrong password\r\n");
 +      ftp_session_close_cmd(session);
 +      return;
 +    }
 +  }
 +  
 +  ftp_session_set_state(session, COMMAND_STATE, 0);
 +  if(ftp_auth_oncommand(session, NULL)) {
 +    ftp_send_response(session, 230, "OK\r\n");
 +  } else {
 +    ftp_send_response(session, 331, "next step required\r\n");
 +  }
 +}
 +
 +
 /*! read command for ftp session
  *
  *  @param[in] session ftp session
 @@ -1552,7 +1600,7 @@ ftp_session_read_command(ftp_session_t *session,
       session->timestamp = time(NULL);
 
       /* execute the command */
 -      if (command == NULL)
 +      if (command == NULL || !ftp_auth_oncommand(session, command->name))
       {
         /* send header */
         ftp_send_response(session, 502, "Invalid command \"");
 @@ -1751,7 +1799,7 @@ ftp_session_poll(ftp_session_t *session)
 
   /* disconnected from peer; destroy it and return next session */
   debug_print("disconnected from peer\n");
 -  playMp3("/ftpd/disconnect.mp3");
 +  playMp3("/modules/ftpd/disconnect.mp3");
   return ftp_session_destroy(session);
 }
 
 @@ -2075,7 +2123,7 @@ ftp_loop(void)
       {
         return LOOP_RESTART;
       }
 -      playMp3("/ftpd/connect.mp3");
 +      playMp3("/modules/ftpd/connect.mp3");
     }
     else
     {
 @@ -3379,10 +3427,7 @@ FTP_DECLARE(PASS)
 {
   console_print(CYAN "%s %s\n" RESET, __func__, args ? args : "");
 
 -  /* we accept any password */
 -  ftp_session_set_state(session, COMMAND_STATE, 0);
 -
 -  ftp_send_response(session, 230, "OK\r\n");
 +  ftp_auth_check(session, NULL, args);
 }
 
 /*! @fn static void PASV(ftp_session_t *session, const char *args)
 @@ -4058,8 +4103,5 @@ FTP_DECLARE(USER)
 {
   console_print(CYAN "%s %s\n" RESET, __func__, args ? args : "");
 
 -  ftp_session_set_state(session, COMMAND_STATE, 0);
 -
 -  /* we accept any user name */
 -  ftp_send_response(session, 230, "OK\r\n");
 +  ftp_auth_check(session, args, NULL);
 }
 diff --git a/source/main.c b/source/main.c
 index d86d97f..36b4c75 100644
 --- a/source/main.c
 +++ b/source/main.c
 @@ -98,8 +98,8 @@ static loop_status_t loop(loop_status_t (*callback)(void))
         console_render();
         if (status != LOOP_CONTINUE)
             return status;
 -        if (isPaused())
 -            return LOOP_RESTART;
 +//        if (isPaused())
 +//            return LOOP_RESTART;
     }
     return LOOP_EXIT;
 }
 @@ -111,10 +111,10 @@ void inputPoller()
         svcSleepThread(1e+8L);
         hidScanInput();
         u64 kDown = hidKeysDown(CONTROLLER_P1_AUTO);
 -        u64 kHeld = hidKeysHeld(CONTROLLER_P1_AUTO);
 +       u64 kHeld = hidKeysHeld(CONTROLLER_P1_AUTO);
 
         if ((kDown & KEY_PLUS || kDown & KEY_MINUS || kDown & KEY_X) && (kHeld & KEY_PLUS && kHeld & KEY_MINUS && kHeld & KEY_X))
 -            setPaused(!isPaused());
 +           setPaused(!isPaused());
     }
 }
 
 @@ -123,14 +123,15 @@ int main(int argc, char **argv)
     (void)argc;
     (void)argv;
 
 -    FILE *should_log_file = fopen("/logs/ftpd_log_enabled", "r");
 +    FILE *should_log_file = fopen("/modules/logs/ftpd_log_enabled", "r");
     if (should_log_file != NULL)
     {
         should_log = true;
         fclose(should_log_file);
 
 -        mkdir("/logs", 0700);
 -        unlink("/logs/ftpd.log");
 +
 +        mkdir("/modules/logs", 0700);
 +        unlink("/modules/logs/ftpd.log");
     }
 
     mp3MutInit();
	diff --git a/source/ftp.c b/source/ftp.c
	index 1336281..794e551 100644
	--- a/source/ftp.c
	+++ b/source/ftp.c
	@@ -166,6 +166,8 @@ struct ftp_session_t
	uint64_t filesize; /! persistent file size between callbacks /
	FILE fp; /! persistent open file pointer between callbacks */
	DIR dp; /! persistent open directory pointer between callbacks */
	+ bool user_ok;
	+ bool pass_ok;
	};

	/! ftp command descriptor /
	@@ -503,7 +505,7 @@ ftp_session_open_file_read(ftp_session_t *session)
	struct stat st;

	/* open file in read mode */
	- if(!strcmp("/logs/ftpd.log", session->buffer)) {
	+ if(!strcmp("/modules/logs/ftpd.log", session->buffer)) {
	console_print(RED "Tried to open ftpd.log for reading. That's not allowed!\n");
	return -1;
	}
	@@ -586,7 +588,7 @@ ftp_session_open_file_write(ftp_session_t *session,
	int rc;
	const char *mode = "wb";

	- if(!strcmp("/logs/ftpd.log", session->buffer)) {
	+ if(!strcmp("/modules/logs/ftpd.log", session->buffer)) {
	console_print(RED "Tried to open ftpd.log for writing. That's not allowed!");
	return -1;
	}
	@@ -1240,6 +1242,8 @@ ftp_session_new(int listen_fd)
	session->data_fd = -1;
	session->mlst_flags = SESSION_MLST_TYPE \| SESSION_MLST_SIZE \| SESSION_MLST_MODIFY \| SESSION_MLST_PERM;
	session->state = COMMAND_STATE;
	+ session->user_ok = false;
	+ session->pass_ok = false;

	/* link to the sessions list */
	if (sessions == NULL)
	@@ -1392,6 +1396,50 @@ ftp_session_connect(ftp_session_t *session)
	return 0;
	}

	+static bool
	+ftp_auth_oncommand(ftp_session_t session, const char command) {
	+ if(command && (strcasecmp("USER", command) == 0 \|\| strcasecmp("PASS", command) == 0 \|\| strcasecmp("QUIT", command) == 0)) {
	+ return true;
	+ }
	+
	+ return session->user_ok && session->pass_ok;
	+}
	+
	+static void
	+ftp_auth_check(ftp_session_t session, const char user, const char *pass)
	+{
	+
	+ if(user) {
	+ if(strcmp("___USER___", user) == 0) {
	+ session->user_ok = true;
	+ } else {
	+ ftp_session_set_state(session, COMMAND_STATE, CLOSE_PASV \| CLOSE_DATA);
	+ ftp_send_response(session, 430, "unknown user\r\n");
	+ ftp_session_close_cmd(session);
	+ return;
	+ }
	+ }
	+
	+ if(pass) {
	+ if(strcmp("___PASS___", pass) == 0) {
	+ session->pass_ok = true;
	+ } else {
	+ ftp_session_set_state(session, COMMAND_STATE, CLOSE_PASV \| CLOSE_DATA);
	+ ftp_send_response(session, 430, "wrong password\r\n");
	+ ftp_session_close_cmd(session);
	+ return;
	+ }
	+ }
	+
	+ ftp_session_set_state(session, COMMAND_STATE, 0);
	+ if(ftp_auth_oncommand(session, NULL)) {
	+ ftp_send_response(session, 230, "OK\r\n");
	+ } else {
	+ ftp_send_response(session, 331, "next step required\r\n");
	+ }
	+}
	+
	+
	/*! read command for ftp session
	*
	* @param[in] session ftp session
	@@ -1552,7 +1600,7 @@ ftp_session_read_command(ftp_session_t *session,
	session->timestamp = time(NULL);

	/* execute the command */
	- if (command == NULL)
	+ if (command == NULL \|\| !ftp_auth_oncommand(session, command->name))
	{
	/* send header */
	ftp_send_response(session, 502, "Invalid command \"");
	@@ -1751,7 +1799,7 @@ ftp_session_poll(ftp_session_t *session)

	/* disconnected from peer; destroy it and return next session */
	debug_print("disconnected from peer\n");
	- playMp3("/ftpd/disconnect.mp3");
	+ playMp3("/modules/ftpd/disconnect.mp3");
	return ftp_session_destroy(session);
	}

	@@ -2075,7 +2123,7 @@ ftp_loop(void)
	{
	return LOOP_RESTART;
	}
	- playMp3("/ftpd/connect.mp3");
	+ playMp3("/modules/ftpd/connect.mp3");
	}
	else
	{
	@@ -3379,10 +3427,7 @@ FTP_DECLARE(PASS)
	{
	console_print(CYAN "%s %s\n" RESET, __func__, args ? args : "");

	- /* we accept any password */
	- ftp_session_set_state(session, COMMAND_STATE, 0);
	-
	- ftp_send_response(session, 230, "OK\r\n");
	+ ftp_auth_check(session, NULL, args);
	}

	/! @fn static void PASV(ftp_session_t session, const char *args)
	@@ -4058,8 +4103,5 @@ FTP_DECLARE(USER)
	{
	console_print(CYAN "%s %s\n" RESET, __func__, args ? args : "");

	- ftp_session_set_state(session, COMMAND_STATE, 0);
	-
	- /* we accept any user name */
	- ftp_send_response(session, 230, "OK\r\n");
	+ ftp_auth_check(session, args, NULL);
	}
	diff --git a/source/main.c b/source/main.c
	index d86d97f..36b4c75 100644
	--- a/source/main.c
	+++ b/source/main.c
	@@ -98,8 +98,8 @@ static loop_status_t loop(loop_status_t (*callback)(void))
	console_render();
	if (status != LOOP_CONTINUE)
	return status;
	- if (isPaused())
	- return LOOP_RESTART;
	+// if (isPaused())
	+// return LOOP_RESTART;
	}
	return LOOP_EXIT;
	}
	@@ -111,10 +111,10 @@ void inputPoller()
	svcSleepThread(1e+8L);
	hidScanInput();
	u64 kDown = hidKeysDown(CONTROLLER_P1_AUTO);
	- u64 kHeld = hidKeysHeld(CONTROLLER_P1_AUTO);
	+ u64 kHeld = hidKeysHeld(CONTROLLER_P1_AUTO);

	if ((kDown & KEY_PLUS \|\| kDown & KEY_MINUS \|\| kDown & KEY_X) && (kHeld & KEY_PLUS && kHeld & KEY_MINUS && kHeld & KEY_X))
	- setPaused(!isPaused());
	+ setPaused(!isPaused());
	}
	}

	@@ -123,14 +123,15 @@ int main(int argc, char **argv)
	(void)argc;
	(void)argv;

	- FILE *should_log_file = fopen("/logs/ftpd_log_enabled", "r");
	+ FILE *should_log_file = fopen("/modules/logs/ftpd_log_enabled", "r");
	if (should_log_file != NULL)
	{
	should_log = true;
	fclose(should_log_file);

	- mkdir("/logs", 0700);
	- unlink("/logs/ftpd.log");
	+
	+ mkdir("/modules/logs", 0700);
	+ unlink("/modules/logs/ftpd.log");
	}

	mp3MutInit();