Commit Graph

46 Commits

Author SHA1 Message Date
mpp
1a24f26482 Document the fact that the administrator may have
to change syslog's config file in order for all of
ftpd's log messages to be displayed by syslogd.

Closes PR# 1559.
1997-01-11 20:17:05 +00:00
torstenb
2338c15cab add flag to allow only anonymous ftp logins
Reviewed by:	pst
1996-11-30 12:00:25 +00:00
pst
a1e653b591 Conditionalize setsockopt IP_PORTRANGE to make ftpd portable. 1996-11-20 22:13:51 +00:00
pst
707ef06e76 Truncate argument list to avoid buffer overflows.
Cannidate for: 2.1 and 2.2
1996-11-20 22:12:50 +00:00
ache
167eae6a63 Implement alternative strategy if it is impossible to confirm
password: ask for it, but don't tell that S/key password required.
It looks like non-s/key system from outside.

Additionally tell that s/key required when it is so for normal case
1996-10-18 17:09:26 +00:00
ache
20c849d4c4 Oops, fix my previous commit, now tell user his s/key parameters 1996-10-17 17:46:00 +00:00
ache
802f868bd5 Don't ever ask for password if it is impossible to confirm it
It happens if 1) regular passwords not allowed, 2) skey database
not activated for given user.
Under some rare circumstanes skey_challenge can return empty
diagnostic or even previous buffer, fix it.
1996-10-17 17:06:04 +00:00
wosch
e5b4420bce add forgotten $Id$ 1996-09-22 21:56:57 +00:00
pst
04a3f3a0e8 Fix some compilation warnings. 1996-09-21 18:01:23 +00:00
julian
e61c99399c Reviewed by: various
Submitted by:	archie@whistle.com

allow ftpd to bind to a single address/interface
this allows easy split services.
1996-08-09 22:22:30 +00:00
markm
446905a247 Tidy up the Kerberised bits. While I'm here, fix some -Wall complaints. 1996-08-09 09:02:31 +00:00
phk
790a84011b Fix another bogon. 1996-08-06 14:29:06 +00:00
phk
16eacdefb5 Make password checking in ftpd work again. 1996-08-06 08:43:43 +00:00
pst
3bba35025b Convert STATS and PARANOID to run-time options.
Document the new -R (relax paranoia) option.

From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks
(relax, we're still exportable), and /etc/ftpchroot feature for
semi-anonymous accounts
1996-08-05 00:21:15 +00:00
pst
b3a838e71c If PARANOID is set, do not allow PORT commands to remote ports less than 1024
or addresses other than the requestor's address.  This violates the FTP
protocol (hmm...as I write this, I'm going to change this to a run-time var.)

Require login before PASV and RNTO commands.

Close unused PASV ports so they don't hang around forever.

Do not allow file overwrites via rename or STOR when anonymous
(suspenders).

Clean up buffer utilization.

My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out
by Mike Prettejohn and Kit Knox.
1996-08-04 22:40:35 +00:00
ache
b5273e03b1 If hostname > UT_HOSTSIZE, use its numerical address instead to keep
valid utmp and wtmp entries
1996-06-17 14:59:07 +00:00
phk
2741893871 backout yacc changes 1996-06-02 17:10:13 +00:00
peter
5af709283d Use the sysctl settable data port ranges rather than the statically
compiled values.  see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE
discussion in <netinet/in.h>
1996-05-31 03:10:25 +00:00
phk
86e21386df Fix yacc rule usage. 1996-05-30 21:29:03 +00:00
dg
694ee22509 Implemented a "-D" option that causes ftpd to detach and become a daemon -
accepting connections on the FTP port and forking children processes to
handling them. This is lower overhead than spawning ftpd from inetd and
can be a significant win on busy FTP servers. Be sure to disable ftpd in
inetd.conf if you decide to use this option.
These changes are based on similar changes I made to wu-ftpd and have
been in use on wcarchive for several months.
1996-04-11 10:22:16 +00:00
dg
4c6a5fb127 Fix bug that caused a coredump when attempting to enter passive mode when
not logged in. Original fix slightly altered by me to return the correct
reply code.

Submitted by:	Vadim Kolontsov <vadim@tversu.ac.ru>
1996-03-18 11:09:03 +00:00
peter
77734e55ab Make ftpd use setproctitle() from libutil
I've left the old code in there under #ifdef OLD_SETPROCTITLE in case
somebody wants to try to compile out ftpd on some other machine.
1996-01-01 08:35:11 +00:00
guido
cb18f4ed84 Timeout when an expected accept does not happen after all.
This gets rids of dozens of hanging ftpd's because some broken
pc implementation `forgets' to open a passive connection.
Obtained from: Wietse Venema
1995-11-29 19:52:30 +00:00
mpp
dd8a8fe3c8 Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
pst
739b682b80 Use data ports in the range 40000..44999 by default to enhance FTP usability
in a firewall environment.  Original idea by Mark Tracy (?).

Reviewed by:	wollman
Submitted by:	pst
1995-08-05 19:12:05 +00:00
rgrimes
1c444a9f7e Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
dg
b51cb9480c Make last change a little more robust by checking for failure of getcwd(). 1995-05-22 11:03:55 +00:00
dg
a213dd9730 Set "HOME" so that tilde expands correctly. It previously was always root's
directory /root.
1995-05-22 09:53:02 +00:00
wollman
6d930a0647 Speed up ftpd and make it more efficient:
- set TCP_NOPUSH to keep from sending short packets at each write(2) boundary
- set SO_SNDBUF to 64k so we have a reasonable amount of buffer space
- for a regular file in binary mode which is not being restarted and is
. smaller than 16 Meg, use mmap(2) and write(2) the whole file in one big
  gulp

In the most common circumstances, this should dramatically reduce the
system-call load from ftpd, since the call to write() will not return until
the entire file has been written, rather than writing just a few K at a time
in a loop.
1995-05-03 16:58:12 +00:00
gpalmer
5d90a4d5a7 Fix two more references to /etc/motd that I overlooked. PR #29 1995-04-15 07:05:07 +00:00
gpalmer
9bccc3682f Close PR #29. The file should be /etc/ftpmotd, not /etc/motd. 1995-04-15 07:02:22 +00:00
nate
d4f9bb4f44 Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 06:41:08 +00:00
guido
f76739d1fa Add some functionality to ftpd so it logs all anonymous file
transfers. It only does this when -S is set.
Reviewed by:
Submitted by:
Obtained from: logdaemon package
1995-02-26 19:36:59 +00:00
pst
2c7f0613ba recommit rev 1.5 of ftpd, I fatfingered a command 1994-10-27 19:36:01 +00:00
pst
daa09629cc Printing out /etc/motd when a ftp login occurs is a security hole
(as is printing out a version number at the telnet login banner).

Don't print out /etc/motd when people login, instead if present,
print out /etc/ftpmotd.  It looks like 4.4lite2 has done something similar
(perhaps for different reasons) because /etc/motd no longer shows up
on vangogh.

Folks who like the old behavior can create a symbolic link to motd.
1994-10-27 19:14:39 +00:00
pst
a1edb96c4a Figured it out, misapplied a patch, ftpd now works again. 1994-10-22 06:23:15 +00:00
pst
8181408e04 Fix broken command parser (fall back 10 yards and scratch head). 1994-10-22 06:19:53 +00:00
pst
e3801229c7 Include most of the logdaemon v4.4 S/key changes 1994-10-19 00:03:45 +00:00
pst
b161e95bee Clean up makefile 1994-09-30 21:19:58 +00:00
pst
1377090952 Use new skey access routines 1994-09-29 18:59:42 +00:00
dg
933debd576 Fixed bug where /etc/ftpusers was ineffective. Caused by the wrong
pointer being passed to strcmp(). Bug noticed by Matthew Green.
1994-09-20 15:53:30 +00:00
guido
e83730c5dd Put skey support to ftpd
Reviewed by:
Submitted by:	guido
1994-08-21 19:09:58 +00:00
guido
8b81aa9471 Put skey support in ftpd.
Reviewed by:
Submitted by:	 guido
1994-08-21 19:09:23 +00:00
csgr
59dd21860a LDADD= -lcrypt
Submitted by:	Geoff
1994-08-20 21:19:46 +00:00
wollman
406ac1d7a9 Update to new make macros and disable Kerberos because we haven't got it
set up right yet.
1994-08-05 21:24:58 +00:00
rgrimes
7d07d2de2f BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00