This example demonstrates a simple File Transfer Protocol (FTP) request validation exit program used between the client and the server. It is written in ILE RPG programming language. This code is not complete, but provides a starting point to help you create your own program.
By using the code examples, you agree to the terms of the Code license and disclaimer information.
(Pre formatted text in the following example will flow outside the frame.)
* Module Description *********************************************** * * * PROGRAM FUNCTION * * * * This program demonstrates some of the abilities an FTP client * * and server request validation exit program can have. * * * *This program is a sample only and has NOT undergone any * * formal review or testing. * * * ******************************************************************** F/SPACE 3 ******************************************************************** * * * INDICATOR USAGE * * * * IND. DESCRIPTION * * * * LR - CLOSE FILES ON EXIT * * * ******************************************************************** F/EJECT ******************************************************************** * DATA STRUCTURES USED BY THIS PROGRAM * ******************************************************************** * * Define constants * D Anonym C CONST('ANONYMOUS ') D PublicLib C CONST('/QSYS.LIB/ITSOIC400.LIB') D PublicDir C CONST('//ITSOIC.400') * * Some CL commands to used later on in the program * D ClearSavf C CONST('CLRSAVF ITSOIC400/TURVIS') D SaveLib C CONST('SAVLIB LIB(ITSOIC400) - D DEV(*SAVF) - D SAVF(ITSOIC400/TURVIS)') * * A value to be used to trigger a benevolent 'Trojan Horse' * D Savetti C CONST('ITSOIC400.LIB/TURVIS.FILE') Extension is FILE * although it is a * SAVF (and entered as * SAVF by the user) * * Some nice fields to help us through from lower to upper case character conversion * 1 D LW C CONST('abcdefghijklmnopqrstuvwxyz') D UP C CONST('ABCDEFGHIJKLMNOPQRSTUVWXYZ') * D NeverAllow C CONST(-1) D DontAllow C CONST(0) D Allow C CONST(1) D AlwaysAllw C CONST(2) C/EJECT ******************************************************************** * VARIABLE DEFINITIONS AND LISTS USED BY THIS PROGRAM ********************************************************************* C/SPACE 2 * * Define binary parameters * D DS D APPIDds 1 4B 0 D OPIDds 5 8B 0 D IPLENds 9 12B 0 D OPLENds 13 16B 0 D ALLOWOPds 17 20B 0 * C *LIKE DEFINE APPIDds APPIDIN C *LIKE DEFINE OPIDds OPIDIN C *LIKE DEFINE IPLENds IPLENIN C *LIKE DEFINE OPLENds OPLENIN C *LIKE DEFINE ALLOWOPds ALLOWOP * C *LIKE DEFINE OPINFOIN OPINFO * * Define parameter list * C *Entry PLIST * Input parameters: C PARM APPIDIN Application ID * possible values: 0 = FTP Client Program * 1 = FTP Server Program C PARM OPIDIN Operation ID * possible values: 0 = Initialize Session * 1 = Create Dir/Lib * 2 = Delete Dir/Lib * 3 = Set Current Dir * 4 = List Dir/Lib * 5 = Delete Files * 6 = Send Files * 7 = Receive Files * 8 = Rename Files * 9 = Execute CL cmd C PARM USRPRF 10 User Profile C PARM IPADDRIN 15 Remote IP Address C PARM IPLENIN Length of IP Address C PARM OPINFOIN 999 Operation-spec. Info C PARM OPLENIN Length of Oper. Spec * Return parameter: C PARM ALLOWOP Allow Operation (Out * possible values: -1 = Never Allow * (And don't bother * me with this ops * in this session) * 0 = Reject Operation * 1 = Allow Operation * 2 = Always Allow Oper. * (And don't bother * me with this ops * in this session) C/EJECT ******************************************************************** * The Main Program * ******************************************************************** * C SELECT C APPIDIN WHENEQ 0 C EXSR ClientRqs C APPIDIN WHENEQ 1 C EXSR ServerRqs C ENDSL * C EVAL *INLR = *ON C RETURN C/EJECT ******************************************************************** * S U B R O U T I N E S * ******************************************************************** ******************************************************************** * Here we handle all the FTP client request validation * ******************************************************************** C ClientRqs BEGSR * * Check user profile * C SELECT * * Check for 'bad' users who are not allowed to do anything ever * C USRPRF WHENEQ 'JOEBAD ' * C Z-ADD NeverAllow ALLOWOP Ops not allowed * * Check for 'normal' users who are not allowed to do some things * C USRPRF WHENEQ 'JOENORMAL ' * C SELECT * C OPIDIN WHENEQ 0 New Connection C Z-ADD Allow ALLOWOP * C OPIDIN WHENEQ 1 Create Directory/Lib C OPIDIN OREQ 2 Delete Directory/Lib C OPIDIN OREQ 5 Delete Files C OPIDIN OREQ 7 Receive Files from S C OPIDIN OREQ 8 Rename files C OPIDIN OREQ 9 Execute CL Commands * C Z-ADD NeverAllow ALLOWOP Ops never allowed * C OPIDIN WHENEQ 3 Set Current Dir C OPIDIN OREQ 4 List Directory/Lib C OPIDIN OREQ 6 Send Files to Server * * Extract library and directory names for comparison with allowed areas * C OPLENIN IFGE 11 C 11 SUBST OPINFOIN:1 Directory 11 C ELSE C OPLENIN SUBST(P) OPINFOIN:1 Directory C ENDIF C 1 LW:UP XLATE Directory Directory * C OPLENIN IFGE 23 C 23 SUBST OPINFOIN:1 Library 23 C ELSE C OPLENIN SUBST(P) OPINFOIN:1 Library C ENDIF * C Directory IFEQ PublicDir Allowed Directory C Library OREQ PublicLib or Library C Z-ADD Allow ALLOWOP C ELSE C Z-ADD DontAllow ALLOWOP C ENDIF * C OTHER C Z-ADD DontAllow ALLOWOP C ENDSL * * Check for 'cool' users who are allowed to do everything * C USRPRF WHENEQ 'JOEGOOD ' C USRPRF OREQ 'A960101B ' C USRPRF OREQ 'A960101C ' C USRPRF OREQ 'A960101D ' C USRPRF OREQ 'A960101E ' C USRPRF OREQ 'A960101F ' C USRPRF OREQ 'A960101Z ' * Allow All FTP Operations C Z-ADD AlwaysAllw ALLOWOP * 2 * Any Other User: To be secure, you would use NeverAllow. * If you want to allow all other users, change the NeverAllow * to AlwaysAllw. * C OTHER C Z-ADD NeverAllow ALLOWOP ******************************************************************** * Here we handle all the FTP server request validation * ******************************************************************** C ServerRqs BEGSR * * Check for ANONYMOUS user * C USRPRF IFEQ Anonym * C SELECT * C OPIDIN WHENEQ 1 Create Directory/Lib C OPIDIN OREQ 2 Delete Directory/Lib C OPIDIN OREQ 5 Delete Files C OPIDIN OREQ 7 Receive Files from C C OPIDIN OREQ 8 Rename files C OPIDIN OREQ 9 Execute CL Commands * C Z-ADD NeverAllow ALLOWOP Ops never allowed * C OPIDIN WHENEQ 3 Set Current Dir C OPIDIN OREQ 4 List Directory/Lib C OPIDIN OREQ 6 Send Files to Client * * Extract library and directory names for comparison with allowed areas * C OPLENIN IFGE 11 C 11 SUBST OPINFOIN:1 Directory 11 C ELSE C OPLENIN SUBST(P) OPINFOIN:1 Directory C ENDIF C 1 LW:UP XLATE Directory Directory * C OPLENIN IFGE 23 C 23 SUBST OPINFOIN:1 Library 23 C ELSE C OPLENIN SUBST(P) OPINFOIN:1 Library C ENDIF * C Directory IFEQ PublicDir Allowed Directory C Library OREQ PublicLib or Library C Z-ADD Allow ALLOWOP C ELSE C Z-ADD DontAllow ALLOWOP C ENDIF * C OTHER C Z-ADD DontAllow ALLOWOP C ENDSL * C ELSE * * Any Other User: Allow All FTP Operations * C OPIDIN IFEQ 6 Send Files to Client * * If client issued GET for save file HESSU in library HESSU then we refresh the contents * * C LW:UP XLATE OPINFOIN OPINFO C Z-ADD 0 i 3 0 C Savetti SCAN OPINFO:1 i * C i IFGT 0 * * We assume that the save file exits and here clear the save file * C MOVEL(p) ClearSavf Cmd 80 C Z-ADD 19 Len 15 5 C CALL 'QCMDEXC' 9999 C PARM Cmd C PARM Len * * and here we save the library to the save file * C MOVEL(p) SaveLib Cmd C Z-ADD 46 Len C CALL 'QCMDEXC' 9999 C PARM Cmd C PARM Len C ENDIF C ENDIF * C Z-ADD Allow ALLOWOP C ENDIF * C ENDSR