summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2002-08-20 18:18:56 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2002-08-20 18:18:56 +0000
commit72ca7392d288e96cc9882bd40cfa1b03eea9b007 (patch)
treeccfa3e12f499f9343f238c58e717a4a446c8f315
parent1aef4814ce604481151e709dbf3e327d4bd60d31 (diff)
-n: disallow anon ftp even if ftp account exists
-rw-r--r--libexec/ftpd/ftpd.86
-rw-r--r--libexec/ftpd/ftpd.c14
2 files changed, 14 insertions, 6 deletions
diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8
index 0df1524875c..38518e666c6 100644
--- a/libexec/ftpd/ftpd.8
+++ b/libexec/ftpd/ftpd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ftpd.8,v 1.52 2002/07/28 00:44:47 pvalchev Exp $
+.\" $OpenBSD: ftpd.8,v 1.53 2002/08/20 18:18:55 deraadt Exp $
.\" $NetBSD: ftpd.8,v 1.8 1996/01/14 20:55:23 thorpej Exp $
.\"
.\" Copyright (c) 1985, 1988, 1991, 1993
@@ -42,7 +42,7 @@
.Nd Internet File Transfer Protocol server
.Sh SYNOPSIS
.Nm ftpd
-.Op Fl AdDlMPSU46
+.Op Fl AdDlMnPSU46
.Op Fl T Ar maxtimeout
.Op Fl t Ar timeout
.Op Fl u Ar mask
@@ -93,6 +93,8 @@ for anonymous transfers, a directory matching the fully qualified name of
the IP number the client connected to, and located inside
.Pa ~ftp
is used instead.
+.It Fl n
+Do not permit anonymous ftp logins. Normally they are permitted.
.It Fl P
Permit illegal port numbers or addresses for PORT command initiated connects.
By default
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index d44993dd3fa..a9845446c41 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ftpd.c,v 1.134 2002/07/24 23:17:07 millert Exp $ */
+/* $OpenBSD: ftpd.c,v 1.135 2002/08/20 18:18:55 deraadt Exp $ */
/* $NetBSD: ftpd.c,v 1.15 1995/06/03 22:46:47 mycroft Exp $ */
/*
@@ -74,7 +74,7 @@ static const char copyright[] =
static const char sccsid[] = "@(#)ftpd.c 8.4 (Berkeley) 4/16/94";
#else
static const char rcsid[] =
- "$OpenBSD: ftpd.c,v 1.134 2002/07/24 23:17:07 millert Exp $";
+ "$OpenBSD: ftpd.c,v 1.135 2002/08/20 18:18:55 deraadt Exp $";
#endif
#endif /* not lint */
@@ -150,6 +150,7 @@ int debug = 0;
int timeout = 900; /* timeout after 15 minutes of inactivity */
int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */
int logging;
+int anon_ok = 1;
int anon_only = 0;
int multihome = 0;
int guest;
@@ -269,7 +270,7 @@ curdir()
return (guest ? path+1 : path);
}
-char *argstr = "AdDhlMSt:T:u:UvP46";
+char *argstr = "AdDhnlMSt:T:u:UvP46";
static void
usage()
@@ -327,6 +328,10 @@ main(argc, argv, envp)
multihome = 1;
break;
+ case 'n':
+ anon_ok = 0;
+ break;
+
case 'S':
stats = 1;
break;
@@ -716,7 +721,8 @@ user(name)
guest = 0;
host = multihome ? dhostname : hostname;
- if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) {
+ if (anon_ok &&
+ (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0)) {
if (checkuser(_PATH_FTPUSERS, "ftp") ||
checkuser(_PATH_FTPUSERS, "anonymous"))
reply(530, "User %s access denied.", name);