Added parameters to configure passive random ports range

2025-04-12 10:48:40 +03:00 · 2022-11-27 09:21:10 -08:00
parent 9e5115b5ba
commit 8f76766726
20 changed files with 46 additions and 19 deletions
--- a/4
+++ b/4
@ -22,8 +22,8 @@ ENABLE_LARGE_FILE_SUPPORT=-D LARGE_FILE_SUPPORT_ENABLED -D _LARGEFILE64_SOURCE

 ENABLE_OPENSSL_SUPPORT=
 #TO ENABLE OPENSSL SUPPORT UNCOMMENT NEXT 2 LINES
-ENABLE_OPENSSL_SUPPORT=-D OPENSSL_ENABLED
-LIBS=-lpthread -lssl -lcrypto
+#ENABLE_OPENSSL_SUPPORT=-D OPENSSL_ENABLED
+#LIBS=-lpthread -lssl -lcrypto

 ENABLE_PAM_SUPPORT=
 PAM_AUTH_LIB=
--- a/build/modules/auth.o
+++ b/build/modules/auth.o
--- a/build/modules/configRead.o
+++ b/build/modules/configRead.o
--- a/build/modules/connection.o
+++ b/build/modules/connection.o
--- a/build/modules/daemon.o
+++ b/build/modules/daemon.o
--- a/build/modules/dynamicMemory.o
+++ b/build/modules/dynamicMemory.o
--- a/build/modules/dynamicVectors.o
+++ b/build/modules/dynamicVectors.o
--- a/build/modules/errorHandling.o
+++ b/build/modules/errorHandling.o
--- a/build/modules/fileManagement.o
+++ b/build/modules/fileManagement.o
--- a/build/modules/ftpCommandElaborate.o
+++ b/build/modules/ftpCommandElaborate.o
--- a/build/modules/ftpData.o
+++ b/build/modules/ftpData.o
--- a/build/modules/ftpServer.o
+++ b/build/modules/ftpServer.o
--- a/build/modules/logFunctions.o
+++ b/build/modules/logFunctions.o
--- a/build/modules/openSsl.o
+++ b/build/modules/openSsl.o
--- a/build/modules/signals.o
+++ b/build/modules/signals.o
--- a/build/uFTP
+++ b/build/uFTP
--- a/ftpData.c
+++ b/ftpData.c
@ -93,7 +93,6 @@ void setDynamicStringDataType(dynamicStringDataType *dynamicString, char *theStr
    }
 }

-
 int getSafePath(dynamicStringDataType *safePath, char *theDirectoryName, loginDataType *loginData, DYNMEM_MemoryTable_DataType **memoryTable)
 {
 	#define STRING_SIZE		4096
@ -199,25 +198,16 @@ void appendToDynamicStringDataType(dynamicStringDataType *dynamicString, char *t

 void setRandomicPort(ftpDataType *data, int socketPosition)
 {
-    static unsigned short int randomizeInteger = 0;
    unsigned short int randomicPort = 5000;
    int i;

-    randomizeInteger += 1;
-    
-    if (randomizeInteger >  100 )
-        randomizeInteger = 1;
-
-    while(randomicPort < 10000)
-        randomicPort = ((rand() + socketPosition + randomizeInteger) % (50000)) + 10000;
-   i = 0;
+  randomicPort = data->ftpParameters.connectionPortMin + (rand()%(data->ftpParameters.connectionPortMax - data->ftpParameters.connectionPortMin)); 

   while (i < data->ftpParameters.maxClients)
   {
-       if (randomicPort == data->clients[i].workerData.connectionPort ||
-           randomicPort < 10000)
+       if (randomicPort == data->clients[i].workerData.connectionPort)
       {
-        randomicPort = ((rand() + socketPosition + i + randomizeInteger) % (50000)) + 10000;
+        randomicPort = data->ftpParameters.connectionPortMin + (rand()%(data->ftpParameters.connectionPortMax - data->ftpParameters.connectionPortMin)); 
        i = 0;
       }
       else 
@ -225,10 +215,11 @@ void setRandomicPort(ftpDataType *data, int socketPosition)
        i++;
       }
   }
-   
-   
+      
   data->clients[socketPosition].workerData.connectionPort = randomicPort;
-   //printf("data->clients[%d].workerData.connectionPort = %d", socketPosition, data->clients[socketPosition].workerData.connectionPort);
+
+   printf("\n  data->clients[%d].workerData.connectionPort = %d", socketPosition, data->clients[socketPosition].workerData.connectionPort);
+
 }

 int writeListDataInfoToSocket(ftpDataType *ftpData, int clientId, int *filesNumber, int commandType, DYNMEM_MemoryTable_DataType **memoryTable)
--- a/ftpData.h
+++ b/ftpData.h
@ -92,6 +92,10 @@ struct ftpParameters
    char certificatePath[MAXIMUM_INODE_NAME];
    char privateCertificatePath[MAXIMUM_INODE_NAME];
    int pamAuthEnabled;
+
+    /* If specified, use a port range for pasv connections */
+    int connectionPortMin;
+    int connectionPortMax;
 } typedef ftpParameters_DataType;
    
 struct dynamicStringData
--- a/library/configRead.c
+++ b/library/configRead.c
@ -548,6 +548,33 @@ static int parseConfigurationFile(ftpParameters_DataType *ftpParameters, DYNV_Ve
        //printf("\nPRIVATE_CERTIFICATE_PATH parameter not found in the configuration file, using the default value: %s", ftpParameters->privateCertificatePath);
    }

+
+    searchIndex = searchParameter("RANDOM_PORT_START", parametersVector);
+    if (searchIndex != -1)
+    {
+        ftpParameters->connectionPortMin = atoi(((parameter_DataType *) parametersVector->Data[searchIndex])->value);
+        printf("\n RANDOM_PORT_START: %d", ftpParameters->connectionPortMin);
+    }
+    else
+    {
+        ftpParameters->connectionPortMin = 10000;
+        printf("\n RANDOM_PORT_START parameter not found in the configuration file, using the default value: %d", ftpParameters->connectionPortMin);
+    }
+
+
+    searchIndex = searchParameter("RANDOM_PORT_END", parametersVector);
+    if (searchIndex != -1)
+    {
+        ftpParameters->connectionPortMax = atoi(((parameter_DataType *) parametersVector->Data[searchIndex])->value);
+        printf("\n RANDOM_PORT_END: %d", ftpParameters->connectionPortMax);
+    }
+    else
+    {
+        ftpParameters->connectionPortMax = 50000;
+        printf("\n RANDOM_PORT_END parameter not found in the configuration file, using the default value: %d", ftpParameters->connectionPortMax);
+    }
+
+
    /* USER SETTINGS */
    userIndex = 0;
    memset(userX, 0, PARAMETER_SIZE_LIMIT);
--- a/uftpd.cfg
+++ b/uftpd.cfg
@ -13,7 +13,7 @@ FTP_PORT = 21
 SINGLE_INSTANCE = true
 #Allow only one server instance (true or false)

-DAEMON_MODE = true
+DAEMON_MODE = false
 #Run in background, daemon mode ok

 IDLE_MAX_TIMEOUT = 3600
@ -38,6 +38,11 @@ PRIVATE_CERTIFICATE_PATH=/etc/uFTP/key.pem
 #and /etc/shadow
 ENABLE_PAM_AUTH = false

+
+RANDOM_PORT_START = 10000
+
+RANDOM_PORT_END   = 50000
+
 #USERS
 #START FROM USER 0 TO XXX
 USER_0 = username