Go Back   FlashFXP Forums > > > >
IP checking poll IP checking poll
Tickets Today's Posts Search

Suggestions Got a new idea or addition which would benefit IOFTPD? Post it here!

View Poll Results: Is hard-coded IP checking needed?
Essential, I have provided explanation below 27 49.09%
Desired, but script-based checking is fine 18 32.73%
Dont care 10 18.18%
Voters: 55. You may not vote on this poll

Reply
 
Thread Tools Rate Thread Display Modes
Old 07-20-2005, 10:15 AM   #1
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default
Quote:
Originally Posted by EwarWoo
Just a quick straw poll to see how many people consider IP checking an important compnent of your FTP usage.
In relation to this thread:
http://www.inicom.net/forum/showthread.php?t=15198

Edit:// I would vote Essential but for some reason wont let me vote or view results on the poll I posted, so whatever the results let me know and add 1 on there
This is rather pointless. How many times do I need to state, that this is something that can be scripted (there is absolutely no reason to have it hardcoded). Also, at the moment it looks like that none of the SITE commands will be hardcoded because of:

a) Use of (LUA) scripted command has neglible implication on general server performance.
b) Eventually most (all?) commands are likely to be scripted. There will be hardcoded helper functions for LUA that can be used to improve performance.
c) Io resolves client's hostname, and places it to client environment - only task left to do, is to go through list of ips stored in user/group contexts'.

pseudo-code USER command:
Code:
client = current_client();
if (is_logged_in(client)) {
  echo("530 Already logged in.");
  return;
}
user_name = get_arg_string(1, STR_END);
if (set_env(client, "UserName", user_name)) {
  echo("331 Password required for " + str(user_name));
} else {
  echo("530 Error:" + strerror(get_last_error()));
}

pseudo-code PASS command:
Code:
client = current_client();
if (is_logged_in(client)) {
  echo("530 Already logged in.");
  return;
}
user_name = get_env(client, "UserName");
if (! user_name) {
  echo("530 Use USER to login.");
  return;
}

uid = get_uid(user_name);
if (uid == INVALID_ID) {
  echo("530 Error:" + strerror(get_last_error()));
  return;
}
user = load_user(uid);
if (! user) {
  echo("530 Error:" + strerror(get_last_error()));
  return;
}
// ip-check
row_id = get_row_id(user, "Ip");
ip_cnt = get_row_count(user, row_id);
if (ip_cnt > 0) {
  match = false;
  client_host = get_env(client, "Hostname");
  client_ip = get_env(client, "Ip");
  while (ip_cnt--) {
    tmp_str = get_column_value(user, row_id, ip_cnt, 0);
    if (! str_match(client_host, tmp_str) ||
        ! str_match(client_ip, tmp_str)) {
      match = true;
      break;
    }
  }
  if (! match) {
    echo("530 Invalid username/password.");
    return;
  }
}

if (login_client(client, user, get_arg_string(1, STR_END))) {
  echo("230 Login successful.");
} else {
  echo("530 Error:" + strerror(get_last_error()));
}
darkone is offline   Reply With Quote
Reply

Tags
checking, ftp, poll, results, vote

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 05:40 PM.
Archive - Privacy Statement - Top
Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)