Oberon || Library || Module Index || Search Engine || Definition || Module


Ulm's Oberon Library:
FTPRequests


NAME

FTPRequests - scan FTP requests from input

SYNOPSIS

TYPE Request = POINTER TO RequestRec;
TYPE RequestRec =
      RECORD
         (PersistentDisciplines.ObjectRec)
         command: ConstStrings.String; (* in upper-case *)
         param: Streams.Stream; (* rest of the line, may be NIL *)
      END;


TYPE Event = POINTER TO EventRec; TYPE EventRec = RECORD (Events.EventRec) request: Request; END;

PROCEDURE GetRequest(s: Streams.Stream; VAR request: Request) : BOOLEAN;

DESCRIPTION

FTPRequests provides in Request a persistent type for incoming FTP requests, a scanner for FTP requests on bidirectional communication channels, and an event type that may be used for logging (see FTPLoggers).

GetRequest reads from s a request, consisting of

GetRequest processes telnet codes in conformance to RFC 959 and sends responses to these embedded requests to s under the assumption that s is a bidirectional network connection.

SECURITY CONSIDERATIONS

GetRequest accepts requests of arbitrary length and stores them into persistent objects. This opens FTP services using GetRequest to denial-of-service attacks by flooding them with unterminated requests which cause arbitrary amounts of memory to be consumed until all available resources are exhausted. A counter measure could be the application of general resource limits using SysResources and/or of time limits using FTPTimers and FTPTimerEvents.

DIAGNOSTICS

GetRequest returns TRUE on success and FALSE in case of failures but does not generate any error events on its own. Please check s.eof as an unexpected end on the input side can be the cause of a failure.

SEE ALSO

FTPCommands
collection of FTP command strings.
FTPResponses
sibling of this module that offers a persistent type for FTP responses and an operation that allows to send them over network connections.

Edited by: borchert, last change: 2001/04/23, revision: 1.2, converted to HTML: 2001/04/23

Oberon || Library || Module Index || Search Engine || Definition || Module