Subject: Re: rfc2228 in ftpd
To: Perry E. Metzger <>
From: Aidan Cully <>
List: tech-security
Date: 06/23/2002 21:30:21
On Sun, Jun 23, 2002 at 07:02:15PM -0400, Perry E. Metzger wrote:
> I'm not sure I was even aware of that RFC before now. Are we sure the
> IETF still considers it to be a standards track document?

Can you un-RFC something except by superseding it?
draft-murray-auth-ftp-ssl uses some of the commands from rfc2228, and
gives a summary at the end.  We've also had rfc2228 stubs in ftpcmd.y
for years, and I'm sure I've mentioned this before.

> I'd also
> suggest that the matter be discussed on tech-security -- tech-userlevel
> is not the right list...

Right, sorry...


> Aidan Cully <> writes:
> > I plan to commit this next week, if there are no objections.  The patch
> > is in .  Since
> > the last time I posted, there was a change that sort-of conflicted with
> > my patch (which, I know, is what I get for waiting years to commit
> > things), namely enami's change to use either mmap() or read() to read
> > a file before sending it...  I admit, I don't fully understand this
> > patch (I can see what it does, but not why it does it...  for performance,
> > I assume.), so I kind of hacked around it by employing enami's method when
> > there's no protection on the file to be transmitted, and my method
> > otherwise.  I know this is a kludge, but I figure it's an important
> > feature, and it can be cleaned up after the initial commit.
> > 
> > So play around with it, let me know if I should do something else with
> > the patch before committing it.
> > 
> > --aidan
> > 
> --
> Perry E. Metzger
> --
> NetBSD: The right OS for your embedded design.