Commit Graph

42 Commits

Author SHA1 Message Date
ache
591c888b2a Implement alternative strategy if it is impossible to confirm
password: ask for it, but don't tell that S/key password required.
It looks like non-s/key system from outside.

Additionally tell that s/key required when it is so for normal case
1996-10-18 17:09:26 +00:00
ache
4a74559d46 Oops, fix my previous commit, now tell user his s/key parameters 1996-10-17 17:46:00 +00:00
ache
79889c2b44 Don't ever ask for password if it is impossible to confirm it
It happens if 1) regular passwords not allowed, 2) skey database
not activated for given user.
Under some rare circumstanes skey_challenge can return empty
diagnostic or even previous buffer, fix it.
1996-10-17 17:06:04 +00:00
wosch
361a15b8f4 add forgotten $Id$ 1996-09-22 21:56:57 +00:00
pst
8ddc5c2acb Fix some compilation warnings. 1996-09-21 18:01:23 +00:00
julian
773f3eb265 Reviewed by: various
Submitted by:	archie@whistle.com

allow ftpd to bind to a single address/interface
this allows easy split services.
1996-08-09 22:22:30 +00:00
markm
a81e90df6d Tidy up the Kerberised bits. While I'm here, fix some -Wall complaints. 1996-08-09 09:02:31 +00:00
phk
a1042b7bfe Fix another bogon. 1996-08-06 14:29:06 +00:00
phk
1be57b96e3 Make password checking in ftpd work again. 1996-08-06 08:43:43 +00:00
pst
fca5bc38ec Convert STATS and PARANOID to run-time options.
Document the new -R (relax paranoia) option.

From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks
(relax, we're still exportable), and /etc/ftpchroot feature for
semi-anonymous accounts
1996-08-05 00:21:15 +00:00
pst
3782e8c314 If PARANOID is set, do not allow PORT commands to remote ports less than 1024
or addresses other than the requestor's address.  This violates the FTP
protocol (hmm...as I write this, I'm going to change this to a run-time var.)

Require login before PASV and RNTO commands.

Close unused PASV ports so they don't hang around forever.

Do not allow file overwrites via rename or STOR when anonymous
(suspenders).

Clean up buffer utilization.

My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out
by Mike Prettejohn and Kit Knox.
1996-08-04 22:40:35 +00:00
ache
87e1afbd93 If hostname > UT_HOSTSIZE, use its numerical address instead to keep
valid utmp and wtmp entries
1996-06-17 14:59:07 +00:00
phk
3b816e03a0 backout yacc changes 1996-06-02 17:10:13 +00:00
peter
b4bca346b0 Use the sysctl settable data port ranges rather than the statically
compiled values.  see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE
discussion in <netinet/in.h>
1996-05-31 03:10:25 +00:00
phk
63f8b4ca8e Fix yacc rule usage. 1996-05-30 21:29:03 +00:00
dg
53e950c185 Implemented a "-D" option that causes ftpd to detach and become a daemon -
accepting connections on the FTP port and forking children processes to
handling them. This is lower overhead than spawning ftpd from inetd and
can be a significant win on busy FTP servers. Be sure to disable ftpd in
inetd.conf if you decide to use this option.
These changes are based on similar changes I made to wu-ftpd and have
been in use on wcarchive for several months.
1996-04-11 10:22:16 +00:00
dg
c9c91989d4 Fix bug that caused a coredump when attempting to enter passive mode when
not logged in. Original fix slightly altered by me to return the correct
reply code.

Submitted by:	Vadim Kolontsov <vadim@tversu.ac.ru>
1996-03-18 11:09:03 +00:00
peter
eee47fe281 Make ftpd use setproctitle() from libutil
I've left the old code in there under #ifdef OLD_SETPROCTITLE in case
somebody wants to try to compile out ftpd on some other machine.
1996-01-01 08:35:11 +00:00
guido
8476f980ec Timeout when an expected accept does not happen after all.
This gets rids of dozens of hanging ftpd's because some broken
pc implementation `forgets' to open a passive connection.
Obtained from: Wietse Venema
1995-11-29 19:52:30 +00:00
mpp
684146e8ce Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
pst
0e79ca4d90 Use data ports in the range 40000..44999 by default to enhance FTP usability
in a firewall environment.  Original idea by Mark Tracy (?).

Reviewed by:	wollman
Submitted by:	pst
1995-08-05 19:12:05 +00:00
rgrimes
f05428e4cd Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
dg
ac00cc595d Make last change a little more robust by checking for failure of getcwd(). 1995-05-22 11:03:55 +00:00
dg
d860120023 Set "HOME" so that tilde expands correctly. It previously was always root's
directory /root.
1995-05-22 09:53:02 +00:00
wollman
687339a1f2 Speed up ftpd and make it more efficient:
- set TCP_NOPUSH to keep from sending short packets at each write(2) boundary
- set SO_SNDBUF to 64k so we have a reasonable amount of buffer space
- for a regular file in binary mode which is not being restarted and is
. smaller than 16 Meg, use mmap(2) and write(2) the whole file in one big
  gulp

In the most common circumstances, this should dramatically reduce the
system-call load from ftpd, since the call to write() will not return until
the entire file has been written, rather than writing just a few K at a time
in a loop.
1995-05-03 16:58:12 +00:00
gpalmer
a3faef6dde Fix two more references to /etc/motd that I overlooked. PR #29 1995-04-15 07:05:07 +00:00
gpalmer
f51cfabe50 Close PR #29. The file should be /etc/ftpmotd, not /etc/motd. 1995-04-15 07:02:22 +00:00
nate
90728fa67c Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 06:41:08 +00:00
guido
ee5cff554b Add some functionality to ftpd so it logs all anonymous file
transfers. It only does this when -S is set.
Reviewed by:
Submitted by:
Obtained from: logdaemon package
1995-02-26 19:36:59 +00:00
pst
9b41696ca0 recommit rev 1.5 of ftpd, I fatfingered a command 1994-10-27 19:36:01 +00:00
pst
387cc054fe Printing out /etc/motd when a ftp login occurs is a security hole
(as is printing out a version number at the telnet login banner).

Don't print out /etc/motd when people login, instead if present,
print out /etc/ftpmotd.  It looks like 4.4lite2 has done something similar
(perhaps for different reasons) because /etc/motd no longer shows up
on vangogh.

Folks who like the old behavior can create a symbolic link to motd.
1994-10-27 19:14:39 +00:00
pst
d772bde0c4 Figured it out, misapplied a patch, ftpd now works again. 1994-10-22 06:23:15 +00:00
pst
8e9dc68f93 Fix broken command parser (fall back 10 yards and scratch head). 1994-10-22 06:19:53 +00:00
pst
3bbaa5903c Include most of the logdaemon v4.4 S/key changes 1994-10-19 00:03:45 +00:00
pst
e21dbb93b1 Clean up makefile 1994-09-30 21:19:58 +00:00
pst
02b021a2a7 Use new skey access routines 1994-09-29 18:59:42 +00:00
dg
7a0e318154 Fixed bug where /etc/ftpusers was ineffective. Caused by the wrong
pointer being passed to strcmp(). Bug noticed by Matthew Green.
1994-09-20 15:53:30 +00:00
guido
c1db1c5a23 Put skey support to ftpd
Reviewed by:
Submitted by:	guido
1994-08-21 19:09:58 +00:00
guido
a368a750a1 Put skey support in ftpd.
Reviewed by:
Submitted by:	 guido
1994-08-21 19:09:23 +00:00
csgr
bb1890fe44 LDADD= -lcrypt
Submitted by:	Geoff
1994-08-20 21:19:46 +00:00
wollman
96c19e77ba Update to new make macros and disable Kerberos because we haven't got it
set up right yet.
1994-08-05 21:24:58 +00:00
rgrimes
7d07d2de2f BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00