Subject: bin/4131: ftpd should have a guest only option
To: None <gnats-bugs@gnats.netbsd.org>
From: Matthias Scheler <tron@lyssa.owl.de>
List: netbsd-bugs
Date: 09/21/1997 20:38:02
>Number:         4131
>Category:       bin
>Synopsis:       ftpd should have a guest only option
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 21 11:50:01 1997
>Last-Modified:
>Originator:     Matthias Scheler
>Organization:
Mario Kemper Maintenance Project
>Release:        970905
>Environment:
System: NetBSD lyssa 1.2G NetBSD 1.2G (LYSSA) #1: Sun Sep 7 15:04:37 MEST 1997 tron@lyssa:/usr/src/sys/arch/i386/compile/LYSSA i386


>Description:
Our "ftpd" has no option to restrict it to a guest only mode. This can
for e.g. be very useful in conjuction with the "twist" option of the
TCP wrapper library.

>How-To-Repeat:
man 8 ftpd

>Fix:
*** src/libexec/ftpd/ftpd.c.orig	Wed Aug 27 13:18:37 1997
--- src/libexec/ftpd/ftpd.c	Sun Sep 21 20:09:12 1997
*************** struct	passwd *pw;
*** 116,121 ****
--- 116,122 ----
  int	debug;
  int	logging;
  int	guest;
+ int	guestonly;
  int	dochroot;
  int	type;
  int	form;
*************** main(argc, argv, envp)
*** 243,253 ****
  #endif
  	data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
  	debug = 0;
  
  	/* set this here so klogin can use it... */
  	(void)snprintf(ttyline, sizeof(ttyline), "ftp%d", getpid());
  
! 	while ((ch = getopt(argc, argv, "a:dlt:T:u:v")) != EOF) {
  		switch (ch) {
  		case 'a':
  			anondir = optarg;
--- 244,255 ----
  #endif
  	data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
  	debug = 0;
+ 	guestonly = 0;
  
  	/* set this here so klogin can use it... */
  	(void)snprintf(ttyline, sizeof(ttyline), "ftp%d", getpid());
  
! 	while ((ch = getopt(argc, argv, "a:dglt:T:u:v")) != EOF) {
  		switch (ch) {
  		case 'a':
  			anondir = optarg;
*************** main(argc, argv, envp)
*** 258,263 ****
--- 260,269 ----
  			debug = 1;
  			break;
  
+ 		case 'g':
+ 			guestonly = 1;
+ 			break;
+ 
  		case 'l':
  			logging++;	/* > 1 == extra logging */
  			break;
*************** user(name)
*** 435,440 ****
--- 441,451 ----
  			    "ANONYMOUS FTP LOGIN REFUSED FROM %s", remotehost);
  		return;
  	}
+ 	else if (guestonly) {
+ 		reply(530, "access denied.", name);
+ 		return;
+ 	}
+ 
  	pw = sgetpwnam(name);
  	if (logging)
  		strncpy(curname, name, sizeof(curname)-1);
*** src/libexec/ftpd/ftpd.8.orig	Sat Jun 14 13:20:30 1997
--- src/libexec/ftpd/ftpd.8	Sun Sep 21 20:18:33 1997
*************** into for anonymous logins.
*** 65,70 ****
--- 65,72 ----
  Default is the home directory for the ftp user.
  .It Fl d
  Debugging information is written to the syslog using LOG_FTP.
+ .It Fl g
+ Allow only anonymous logins.
  .It Fl l
  Each successful and failed
  .Xr ftp 1

>Audit-Trail:
>Unformatted: