Commit Graph

62 Commits

Author SHA1 Message Date
Daniel O'Callaghan
3401a71f4e Tell the chroot()ed user that "access restrictions apply". 1997-05-21 23:24:41 +00:00
David Nugent
5d0bfe39ec login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
David Nugent
ea4e54b942 Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for
definition of a system's virtual hosts.
1997-04-29 12:42:08 +00:00
David Nugent
31fea7b8f2 YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny
and allow chroot access to entire groups.
1997-04-27 08:29:21 +00:00
David Nugent
334ab9fdd0 Document internal ls, how to compile it in and what it changes wrt
anon ftp and chrooted users.
1997-04-26 12:23:51 +00:00
David Nugent
af85d782fd Adds optional "internal ls" support for ftpd, by collecting
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.

To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
1997-04-26 12:12:10 +00:00
David Nugent
b071c689de Add basic login.conf (sans authentication) support. 1997-04-23 04:56:39 +00:00
Warner Losh
91477cc4d7 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-28 15:48:21 +00:00
Mike Pritchard
42946c8261 Remove some incorrect text on how passwords are validated.
Closes PR# 3050.

Submitted by:	 Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
1997-03-25 03:45:52 +00:00
Peter Wemm
9e522f7a18 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
Mike Pritchard
90ac6cd46a #include <string.h> to help silence -Wall. 1997-02-20 23:11:22 +00:00
Guido van Rooij
c65c314e66 Actually allow the -R flag. 1997-02-13 19:24:25 +00:00
David Greenman
ac7636cbfc Oops, fix white space in last commit. 1997-01-28 07:09:05 +00:00
David Greenman
0b4df2eec2 Fix signal handler race condition. 1997-01-28 07:06:54 +00:00
Alexander Langer
8abdc2eb40 Sweep through the tree fixing mmap() usage:
- Use MAP_FAILED instead of the constant -1 to indicate
    failure (required by POSIX).
  - Removed flag arguments of '0' (required by POSIX).
  - Fixed code which expected an error return of 0.
  - Fixed code which thought any address with the high bit set
    was an error.
  - Check for failure where no checks were present.

Discussed with:	bde
1997-01-16 21:58:40 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Mike Pritchard
f3396fdc63 Document the fact that the administrator may have
to change syslog's config file in order for all of
ftpd's log messages to be displayed by syslogd.

Closes PR# 1559.
1997-01-11 20:17:05 +00:00
Torsten Blum
5a392aec2b add flag to allow only anonymous ftp logins
Reviewed by:	pst
1996-11-30 12:00:25 +00:00
Paul Traina
dacc975297 Conditionalize setsockopt IP_PORTRANGE to make ftpd portable. 1996-11-20 22:13:51 +00:00
Paul Traina
312c86cfd9 Truncate argument list to avoid buffer overflows.
Cannidate for: 2.1 and 2.2
1996-11-20 22:12:50 +00:00
Andrey A. Chernov
43658eac64 Implement alternative strategy if it is impossible to confirm
password: ask for it, but don't tell that S/key password required.
It looks like non-s/key system from outside.

Additionally tell that s/key required when it is so for normal case
1996-10-18 17:09:26 +00:00
Andrey A. Chernov
28fbb50335 Oops, fix my previous commit, now tell user his s/key parameters 1996-10-17 17:46:00 +00:00
Andrey A. Chernov
28ed0fe08b Don't ever ask for password if it is impossible to confirm it
It happens if 1) regular passwords not allowed, 2) skey database
not activated for given user.
Under some rare circumstanes skey_challenge can return empty
diagnostic or even previous buffer, fix it.
1996-10-17 17:06:04 +00:00
Wolfram Schneider
148531ef1e add forgotten $Id$ 1996-09-22 21:56:57 +00:00
Paul Traina
39ea627d62 Fix some compilation warnings. 1996-09-21 18:01:23 +00:00
Julian Elischer
105a3c98b9 Reviewed by: various
Submitted by:	archie@whistle.com

allow ftpd to bind to a single address/interface
this allows easy split services.
1996-08-09 22:22:30 +00:00
Mark Murray
9aca17cb12 Tidy up the Kerberised bits. While I'm here, fix some -Wall complaints. 1996-08-09 09:02:31 +00:00
Poul-Henning Kamp
3cde2031c8 Fix another bogon. 1996-08-06 14:29:06 +00:00
Poul-Henning Kamp
0bb6e9ed65 Make password checking in ftpd work again. 1996-08-06 08:43:43 +00:00
Paul Traina
a5a4544e77 Convert STATS and PARANOID to run-time options.
Document the new -R (relax paranoia) option.

From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks
(relax, we're still exportable), and /etc/ftpchroot feature for
semi-anonymous accounts
1996-08-05 00:21:15 +00:00
Paul Traina
61f891a6df If PARANOID is set, do not allow PORT commands to remote ports less than 1024
or addresses other than the requestor's address.  This violates the FTP
protocol (hmm...as I write this, I'm going to change this to a run-time var.)

Require login before PASV and RNTO commands.

Close unused PASV ports so they don't hang around forever.

Do not allow file overwrites via rename or STOR when anonymous
(suspenders).

Clean up buffer utilization.

My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out
by Mike Prettejohn and Kit Knox.
1996-08-04 22:40:35 +00:00
Andrey A. Chernov
333468bac7 If hostname > UT_HOSTSIZE, use its numerical address instead to keep
valid utmp and wtmp entries
1996-06-17 14:59:07 +00:00
Poul-Henning Kamp
6b5139742c backout yacc changes 1996-06-02 17:10:13 +00:00
Peter Wemm
40e9d39e59 Use the sysctl settable data port ranges rather than the statically
compiled values.  see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE
discussion in <netinet/in.h>
1996-05-31 03:10:25 +00:00
Poul-Henning Kamp
9ad70fa0b2 Fix yacc rule usage. 1996-05-30 21:29:03 +00:00
David Greenman
cf09a2067c Implemented a "-D" option that causes ftpd to detach and become a daemon -
accepting connections on the FTP port and forking children processes to
handling them. This is lower overhead than spawning ftpd from inetd and
can be a significant win on busy FTP servers. Be sure to disable ftpd in
inetd.conf if you decide to use this option.
These changes are based on similar changes I made to wu-ftpd and have
been in use on wcarchive for several months.
1996-04-11 10:22:16 +00:00
David Greenman
1332892bcf Fix bug that caused a coredump when attempting to enter passive mode when
not logged in. Original fix slightly altered by me to return the correct
reply code.

Submitted by:	Vadim Kolontsov <vadim@tversu.ac.ru>
1996-03-18 11:09:03 +00:00
Peter Wemm
b63e1fe2c4 Make ftpd use setproctitle() from libutil
I've left the old code in there under #ifdef OLD_SETPROCTITLE in case
somebody wants to try to compile out ftpd on some other machine.
1996-01-01 08:35:11 +00:00
Guido van Rooij
d6ed3c374d Timeout when an expected accept does not happen after all.
This gets rids of dozens of hanging ftpd's because some broken
pc implementation `forgets' to open a passive connection.
Obtained from: Wietse Venema
1995-11-29 19:52:30 +00:00
Mike Pritchard
ae532ecb79 Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
Paul Traina
4c450ad7a7 Use data ports in the range 40000..44999 by default to enhance FTP usability
in a firewall environment.  Original idea by Mark Tracy (?).

Reviewed by:	wollman
Submitted by:	pst
1995-08-05 19:12:05 +00:00
Rodney W. Grimes
6c06b4e2aa Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
David Greenman
956455631c Make last change a little more robust by checking for failure of getcwd(). 1995-05-22 11:03:55 +00:00
David Greenman
82c76939c1 Set "HOME" so that tilde expands correctly. It previously was always root's
directory /root.
1995-05-22 09:53:02 +00:00
Garrett Wollman
9fc5823a7a Speed up ftpd and make it more efficient:
- set TCP_NOPUSH to keep from sending short packets at each write(2) boundary
- set SO_SNDBUF to 64k so we have a reasonable amount of buffer space
- for a regular file in binary mode which is not being restarted and is
. smaller than 16 Meg, use mmap(2) and write(2) the whole file in one big
  gulp

In the most common circumstances, this should dramatically reduce the
system-call load from ftpd, since the call to write() will not return until
the entire file has been written, rather than writing just a few K at a time
in a loop.
1995-05-03 16:58:12 +00:00
Gary Palmer
7253b58b7b Fix two more references to /etc/motd that I overlooked. PR #29 1995-04-15 07:05:07 +00:00
Gary Palmer
025362a70b Close PR #29. The file should be /etc/ftpmotd, not /etc/motd. 1995-04-15 07:02:22 +00:00
Nate Williams
79f5f586ac Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 06:41:08 +00:00
Guido van Rooij
3eb568f24c Add some functionality to ftpd so it logs all anonymous file
transfers. It only does this when -S is set.
Reviewed by:
Submitted by:
Obtained from: logdaemon package
1995-02-26 19:36:59 +00:00
Paul Traina
2c60c54cc4 recommit rev 1.5 of ftpd, I fatfingered a command 1994-10-27 19:36:01 +00:00