Duplication of VRootAliases #42
Description
Related to testing on #41
The file system in use has to carry forward a directory structure layout to maintain a legacy standard. Aliases are in use to map the chroot env to the real paths and directory limits are in place to control inadvertent destruction of that structure, protecting the user environment. This system only runs in SFTP mode.
The implementation of these VRootAlias' has worked as shown without issues. However, in these newer versions of mod_vroot, I believe >0.9.5 I'm seeing this duplication bug which lists an extra entry for every number of times there's an alias defined.
I created a test instance and have tried to comment out all of the aliases and then one at a time to prove my duplicate multiplier theory.
Here's my sample proftpd.conf VRootAlias config:
<IfGroup ftpuser>
VRootAlias /bizcorp/us-west-1/SHARED public
VRootAlias /bizcorp/us-west-1/config ~/home/ftp/config
VRootAlias /bizcorp/us-west-1/SHARED ~/home/ftp/public
VRootAlias /bizcorp/us-west-1/SHARED ~/home/ftp/PUBLIC
VRootAlias /bizcorp/us-west-1/authorized_keys/%u .ssh/%u
</IfGroup>
Here's output from the sftp client:
sftp -i .\testuser_rsa -o Port=8822 [email protected]
Connected to 10.0.2.15.
sftp> ls
inbound outbound public
sftp> cd /
sftp> ls
home home home home home
sftp> cd home
sftp> ls
ftp ftp ftp ftp ftp
sftp> cd ftp
sftp> ls
PUBLIC config public testuser testuser
sftp> cd testuser
sftp> ls
inbound outbound public
sftp> cd inbound
Here's a patch but more so a hack to make it work and not a "true" fix as to what is the problem in the code:
diff -Naur proftpd.orig/contrib/mod_vroot/fsio.c proftpd/contrib/mod_vroot/fsio.c
--- proftpd.orig/contrib/mod_vroot/fsio.c 2023-01-26 18:30:42.294759353 +0000
+++ proftpd/contrib/mod_vroot/fsio.c 2023-01-26 20:05:32.461892080 +0000
@@ -922,6 +922,21 @@
memset(vroot_dent, 0, vroot_dentsz);
+ /* Multiple aliases under the legacy parent directory is
+ * creating a problem that causes the elts to have duplicate
+ * entries. When the listing is returned to the client there
+ * are dups, which are problematic if automation is walking
+ * the directory structure tree.
+ */
+
+ if (vroot_dir_idx > 0 &&
+ strcmp(elts[vroot_dir_idx], elts[vroot_dir_idx - 1]) == 0) {
+ (void) pr_log_writefile(vroot_logfd, MOD_VROOT_VERSION,
+ "Duplicate listing bug match, skipping the duplicate.");
+ vroot_dir_idx++;
+ goto next_dent;
+ }
+
if (vroot_dent_namesz == 0) {
sstrncpy(vroot_dent->d_name, elts[vroot_dir_idx++],
sizeof(vroot_dent->d_name));
From a client perspective this fixes the duplicates.
sftp -i .\testuser_rsa -o Port=8822 [email protected]
Connected to 10.0.2.15.
sftp> ls /
/home
sftp> ls /home
/home/ftp
sftp> cd /home/
sftp> ls
ftp
sftp> cd ftp
sftp> ls
PUBLIC config public testuser