diff options
Diffstat (limited to 'src/appl/gssftp/ftpd')
| -rw-r--r-- | src/appl/gssftp/ftpd/ChangeLog | 924 |
1 files changed, 0 insertions, 924 deletions
diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog deleted file mode 100644 index edabd69db..000000000 --- a/src/appl/gssftp/ftpd/ChangeLog +++ /dev/null @@ -1,924 +0,0 @@ -2006-03-10 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (generate-files-mac): Depend on ftpcmd.c. - -2005-01-13 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c: GCC 4.0 fixes... Move static declaration of gunique out - of function. - -2004-11-26 Sam Hartman <hartmans@mit.edu> - - * ftpcmd.y: nbby should be 8 for anything platform we care about. - The previous test broke on Debian BSD, so the test has been - removed. - -2004-11-03 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y (getline): Merge Athena change to reject MICed - password. - - * ftpd.M: Document '-E'. - - * ftpd.c (main): Merge Athena's '-E' changes to prohibit - unencrypted passwords. - -2004-09-22 Tom Yu <tlyu@mit.edu> - - * Makefile.in (ftpd): Use UTIL_LIB. - -2004-08-27 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (ftpd_gss_convert_creds): Terminate argument list to - krb5_build_principal_ext with 0, not NULL. Patch from Nalin - Dahyabhai. - -2004-08-27 Sam Hartman <hartmans@mit.edu> - - * ftpd.c (passwd;): Patch from Garry Zacheiss to use - krb5_get_init_creds_password instead of krb5_get_in_tkt since - get_in_tkt is obselete - -2004-08-08 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (main): Use socklen_t for the size of the address from - accept. - -2003-12-13 Ken Raeburn <raeburn@mit.edu> - - * ftpcmd.y (getline): Allow "AUTH" as an unprotected command. - * ftpd.c (login): Fix checks for accept_sec_context status. Only - send back one message in the CONTINUE_NEEDED case. - (with_gss_error_text): New function, split out from - reply_gss_error. - (reply_gss_error): Call it. - (reply_gss_error_1): New function. - (log_gss_error, log_gss_error_1): New functions. - (login): Call log_gss_error instead of syslog on error from - gss_display_name. - -2003-06-05 Sam Hartman <hartmans@mit.edu> - - * popen.c (ftpd_popen): Use fork not vfork - -2003-04-23 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c: Don't declare errno. - -2003-01-03 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (auth_data): Kerberos v4 checksum must be a 32-bit - value. - -2002-10-23 Ezra Peisach <epeisach@bu.edu> - - * ftpcmd.y: Bison 1.75 cleanup. Essentially remove `=' before - statements to be executed. (ticket 1218). - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-23 Ezra Peisach <epeisach@bu.edu> - - * ftpd.c (auth_data, reply_gss_code): Use OM_uint32 instead of int - to match arguments to gssapi functions. - -2002-07-12 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c: Include port-sockets.h. - -2002-06-25 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (ftpd): Don't use krb5util library. - -2002-04-11 Sam Hartman <hartmans@mit.edu> - - * ftpd.c (adata;): Don't use channel bindings in call to gss_accept - -2002-03-20 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Remove dependency on krb524.h and krb524_err.h as - they may not be present if compiling --without-krb4. - -2002-03-05 Ken Raeburn <raeburn@mit.edu> - - * ftpcmd.y (unix): Define if BSD is defined. - -2002-01-08 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (login): New argument LOGINCODE, optional result code to - override local use of success code 230 when homedir is not - accessible but root directory is. - (user): Pass result code 232 to login. - (pass): Pass result code 0 to login. - -2001-11-30 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y (pathname): Handle returns from ftpglob() better so - that errors get sent via reply(), while causing some match - failures to match to simply return $1, so the higher level can - deal. Previously, some failures would cause synch problems since - NULL would be returned and no reply was sent. - -2001-10-11 Mitchell Berger <mitchb@mit.edu> - - * ftpd.M: Remove improper formatting from the .SH NAME section, as it - was reported to cause windex generation problems and was inconsistent - with all the other man pages. - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * ftpd_var.h, secure.h: Make prototypes unconditional. - -2001-08-03 Mitchell Berger <mitchb@mit.edu> - - * ftpd.M: Update the usage line and option descriptions to be in sync - with what the code actually does and be in a consistent order. - -2001-08-03 Mitchell Berger <mitchb@mit.edu> - - * ftpd.c (main): Convert to do option parsing with getopt() rather - than the whitespace-sensitive voodoo we've used in the past. This - fixes a bug where use of -u to set a default umask silently failed and - granted more permission on files than desired if the -u and the mode - were separated by a space, and likely many other such bugs. - -2001-07-04 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c: Provide prototypes for myoob and lostconn. - -2001-07-03 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c (sgetpwnam): Remove local declaration of sgetsave. - -2001-07-02 Ezra Peisach <epeisach@mit.edu> - - * popen.c: Include ftpd_var.h. - - * ftpd.c: Declare secure_fprintf, gunique, sgetsave, sgetpwnam, - path_expand static. - - * ftpd_var.h: Add prototypes for getline, renamefrom, ftpd_popen, - ftpd_pclose. - - * ftpcmd.y: Declare lookup, copy and urgsafe_getc static. - -2001-06-22 Ezra Peisach <epeisach@mit.edu> - - * ftpcmd.y (help): Change local variable type to ftype. - - * ftpd.c (main): Local variable name changes to prevent shadowing - of cp, sin, optarg. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c: If NEED_SETENV defined, prototype for setenv. - (auth_data): radix_encode expects a int * and not a size_t *. Use - temporary variable to pass data in and out. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c: Include gssapi/gssapi_krb5.h for gss_krb5_copy_ccache - prototype. Provide prototype for yyparse. - -2001-06-19 Ezra Peisach <epeisach@mit.edu> - - * ftpcmd.y: Cleanup potential ambiguity between comparsion and - pre-increment for a variable. - -2001-06-15 Ezra Peisach <epeisach@mit.edu> - - * ftpcmd.y, ftpd.c: Cast argument to isspace()/isdigit() to int. - - * secure.h (SESSION): Pass pointer to C_Block as expected by - krb5_mk_priv(). - -2001-06-08 Mitchell Berger <mitchb@mit.edu> - - * pathnames.h: _PATH_FTPUSERS renamed to _PATH_FTPUSERS_DEFAULT. - - * ftpd.c: Added '-U filename' option to allow specification of - an ftpusers file other than the default. - - * ftpd.M: Documented the new -U option. - -2001-06-06 Ezra Peisach <epeisach@mit.edu> - - * ftpcmd.y: Include "ftpd_var.h" and remove prototype for reply() - and lreply(). Add prototypes and declare as returning void - sizecmd(), help() and yylex(). Cleanup assignments in - conditionals. - - * ftpd.c: Include <grp.h> for initgroups() prototype. Move - reply(), lreply() prototypes to ftpd_var.h (and include - same). Include "krb524.h" for krb524_convert_creds_kdc() - prototype. Include secure.h. Provide static prototypes for - ftpd_gss_convert_creds(), ftpd_gss_userok(), dolog(), - receive_data(), login(), end_login(), disallowed_user(), - restricted_user(), checkuser(). Declare main(), checkuser(), - disallowed_user(), restricted_user(), end_login(), kpass(), - retreive_data(), auth_data(), secure_printf(), ftpd_gss_userok(), - as returning int. Declare setdlevel(), user(), pass(), login(), - retreive(), store_file(), secure_error(), statfilecmd(), - stat_cmd(), fatal(), reply(), lreply(), ack(), nack(), yyerror(), - delete_file(), cwd(), makedir(), removedir(), pwd(), renamecmd(), - dolog(), dologout(), passive(), perror_reply(), auth(), - send_file_list(), reply_gss_error(), secure_gss_error(), - ftpd_gss_convert_creds(), as returning void. Cleanup printf - argument mismatches. - - * ftpd_var.h: New header file with many prototypes from ftpd.c. - - * popen.c (ftpd_popen): Add parenthesis in conditional to - distinguish || vs &&. Add prototype for blkfree(). - (ftpd_pclose): Declare as returning int. - -2001-04-25 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y: Don't dereference a NULL pointer returned from - ftpglob(). - - * ftpd.c: Be more paranoid about return values from ftpglob(). - Police uses of sprintf(). Account for expansion in - radix_encode(). - -2001-03-07 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (strerror): Only define if not HAVE_STRERROR. - -2000-12-06 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (dolog): Cast first argument to pty_make_sane_hostname to - sockaddr pointer. - -2000-10-16 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c (reply): For gssapi connection, do not include NULL in - sealed reply string. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * ftpd.c (login): Return of krb5_cc_get_name is now const char *. - -2000-08-25 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y: Fix up grammar so that single character token names - are no longer used; this was breaking the build using bison on - HP/UX because some system headers declare structures with members - having all-uppercase field names and bison puts the token name - #define statements in front of the C declarations section in the - output, causing them to be in force while those headers get - #included. There doesn't seem to be much purpose in not just - using character constants, anyway. - -Tue Aug 22 11:37:35 2000 Ezra Peisach <epeisach@mit.edu> - - * secure.h (myaddr): For secure data stream, pass the port number - of the data stream and not the control stream to krb_mk_priv. - - * ftpd.c (auth_data): Iterate over all krb4 services instead of - trying to examine the srvtab file for a particular key (which - failes when falling back on the v5 keytab for des3 services). - -2000-06-14 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y (nonguest): Return $1, not 1, if (!guest). - -2000-05-11 Nalin Dahyabhai <nalin@redhat.com> - - * ftpd.c (gunique): Make sure that path stored in "new" isn't too long. - -2000-02-18 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (reply, lreply): Declare with format attribute under - gcc. - (send_data, receive_data, send_file_list): Declare some variables - volatile to protect against getting clobbered by setjmp/longjmp. - * popen.c (ftpd_popen): Declare IOP volatile. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-21 Ken Raeburn <raeburn@mit.edu> - - * ftpd.c (checkuser): Only call fclose on file handle if it's not - NULL. - (send_file_list): Don't declare strpbrk function if it's defined - as a macro. - -Thu Mar 25 23:13:56 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.c (login): Check that the luid is not the uid we want to - change to prior to calling setluid() so that we can run as - non-root. - -Wed Mar 24 17:11:32 1999 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y (urgsafe_getc): New function; like getc() except it - retries once if SIOCATMARK returns TRUE. - (getline): Use urgsafe_getc() rather than getc() to avoid problems - with certain Mac clients that cause the urgent pointer to end up - in a location that results in EOF from getc(). - -Fri Mar 12 07:35:01 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.c (user): Remove extra "%s" in call to sprintf() to avoid - dereferencing stack garbage. - -Mon Mar 8 23:47:51 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.M: Resync with reality. - - * Makefile.in (ftpd): Add libpty to link line. Remove mention of - logwtmp files. - - * ftpd.c: Fix up hostname logging to use - pty_make_sane_hostname(). - -Thu Feb 25 23:31:37 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.c (reply): Don't call secure_gss_error() or secure_error() - from within reply() to avoid setting up an infinite - loop. [krb5-appl/684] - -Thu Feb 18 18:34:23 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.c (login): Add call to setluid() if necessary. - -Fri Feb 12 21:11:18 1999 Tom Yu <tlyu@mit.edu> - - * ftpd.c: strcat -> strncat - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -Mon Oct 26 13:46:47 1998 Dan Winship <danw@mit.edu> - - * ftpd.c (main): Add -A (require authentication, but not - necessarily authorization) and -C (user wants local credentials). - - (user): Implement -A. Reorganize code a bit. If want_creds (-C) is - set, require a password even if authorization succeeds. - - (kpass): Add krb5 ticket-getting code too. If want_creds is set, - don't destroy the tickets after verifying the Kerberos password. - - (pass): Check krb password before local password, so we can - get credentials if we need them. Ignore local password if - want_creds is set. In case of "too many failed login attempts", - exit via dologout() instead of exit() so on-disk credentials are - destroyed. - - (auth_data): If user forwards GSSAPI creds and want_creds is set, - write them out to a krb5 ccache. If doing krb4 compat, convert - them to krb4 tickets as well. (If want_creds is not set, smile and - nod at the user and then destroy the creds.) - - (end_login): If the user has creds on disk, destroy them. - (dologout): If the user has creds on disk, destroy them. - - * ftpd.M: Add -A and -C. - -Fri Oct 23 18:18:52 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ftpd.c (pass): Wait 5 seconds before returning "password - incorrect", and only allow three bad passwords. Then - return an 421 reply code before closing the connection and - going away. - - * ftpcmd.y (cmd): Don't allow the PORT command to accept a port - number lower than 1024; this prevents some nasty ftp - "bounce attacks" to SMTP ports, etc. - -Tue Oct 20 16:29:46 1998 Dan Winship <danw@mit.edu> - - * ftpd.M: Reality check. Add -a to synopsis, document -c and -u - and CCC. - -1998-10-08 Geoffrey King <gjking@mit.edu> - - * ftpd.c: Add support for restricted users, as requested in - [krb5-appl/481]. Users that appear in /etc/ftpusers, followed - by the keyword "restrict" will be granted access, but a chroot() - will be done to their home directory. - -Tue Sep 29 19:25:09 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ftpd.c (auth_data): Don't use h_errno, it's not fully portable, - and it's not worth it. - -1998-08-28 Geoffrey King <gjking@mit.edu> - - * ftpd.c (login): New function. Essentially, the old pass - function has been split into its two logical components, pass and - login. Don't reply 230 "User logged in" if the user didn't - send a PASS command; this causes the client to get a bit confused. - (pass): If auth_ok is true, reply with code 202 to tell the - user that a PASS command is not necessary. - (auth_ok): New function that returns true if either gss_ok or - kerb_ok is true (all the #ifdefs were beginning to clutter things, - and it's a good abstraction in case other auth types are ever - added in the future). - (user): If GSSAPI or Kerberos v4 authentication succeeds, call - login immediately, instead of waiting for the client to send "PASS - dummy." Also, use #ifdef PARANOID instead of "some paranoid sites - may wish to uncomment this" - -Wed Aug 19 06:47:46 1998 Geoffrey King <gjking@mit.edu> - - * ftpd.c: Add a new command line option, -c, which tells the - server to accept the CCC command. - - * ftpcmd.y: If the -c option was given, check to make sure the CCC - command itself was integrity protected, and then set ccc_ok to - allow future commands to be transmitted as cleartext. - (getline): Now that CCC is potentially allowed, we must check to - see if we are parsing an unprotected command even if a security - context is established (i.e. auth_type is set). - -Wed Aug 12 02:57:07 1998 Geoffrey King <gjking@mit.edu> - - * ftpcmd.y, ftpd.c: Replace global variable level with clevel and - dlevel to allow independence of command and data channel - protection levels. - -Tue Aug 11 04:30:59 1998 Matthew D Hancher <mdh@mit.edu> - - * ftpd.c: Add support for extended logging as per PR#481. Using - the 'l' command line option twice now logs the major file commands, - and using it thrice logs bytecounts for RETR and STOR as well. - -Fri Aug 7 00:56:30 1998 Matthew D Hancher <mdh@mit.edu> - - * ftpcmd.y: Replace old KERBEROS #ifdef's with KRB5_KRB4_COMPAT - so that K4 compatibility support actually gets compiled in. - - * ftpd.c: (pass): Make daemon not lose for homedirs on - root-squashing filesystems. - (auth_data): Fix that godawful "error: No error" message - when gss_acquire_cred() fails. - (user): Fix getusershell() code so it works more than once. - -1998-07-11 <hartmans@fundsxpress.com> - - * ftpd.c (data;): do not declare h_errno; breaks on AIX and - possibly with other multithreaded systems. - -1998-05-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * logwtmp.c: Include paths.h if present, and use _PATH_WTMP to - determine WTMPFILE. - -Fri May 8 18:06:52 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ftpcmd.y (cmd): Fix Y2K problem in the MDTM command. - -Fri Apr 10 20:06:31 1998 Tom Yu <tlyu@mit.edu> - - * ftpd.c (receive_data): - (send_data): Add support for sigsetjmp(). - (main): Use sigaction() if we can to avoid SysV lossage. - (send_file_list): Oops missed a sigsetjmp() call. - (send_data): Add call to secure_flush() to send a zero length - buffer when aborting. - (send_file_list): Add call to secure_flush() to send a zero length - buffer when aborting. - - * ftpcmd.y (PBSZ): Remove restriction on shrinking buffer size. - -Thu Mar 5 13:59:47 1998 Dan Winship <danw@mit.edu> - - * ftpcmd.y (getline): Don't syslog passwords! (or newlines) - -Tue Feb 24 21:34:34 1998 Tom Yu <tlyu@mit.edu> - - * ftpcmd.y: Add production "nonguest" to catch things that - anonymous users aren't supposed to do. Replace "check_login" with - "nonguest" in a few places to prevent w4r3z d00dz from being - lame with world-writable incoming directories. - -Sun Feb 22 19:37:07 1998 Tom Yu <tlyu@mit.edu> - - * ftpd.c: Use krb5_seteuid() and krb5_setegid(). [krb5-libs/505] - - * Makefile.in (ftpd): Fix up KRB4COMPAT_LIBS (was KRB5_BASE_LIBS), - and add UTIL_LIB. - -Wed Feb 18 15:30:10 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Fri Feb 13 22:23:34 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * ftpd.c: Applied lxs's changes to make ftpd safe for systems - where sizeof(off_t) > sizeof(int). - -Fri Feb 13 15:31:46 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in (thisconfigdir), configure.in: Point the - configuration directory at our parent, and remove our - local configure.in - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Fri Feb 6 13:25:28 1998 Theodore Y. Ts'o <tytso@mit.edu> - - * popen.c (ftpd_popen): Make sure you can't overrun the argv[] and - gargv[] arrays. (Patch submitted by dima@best.net). - -Thu Jan 29 19:51:02 1998 Dan Winship <danw@mit.edu> - - * ftpd.c (auth_data): Accept forwarded credentials and dispose of - them properly. (And fix some indentation bugs.) - -Sun Dec 21 18:17:53 1997 Tom Yu <tlyu@mit.edu> - - * logwtmp.c (ftp_logwtmp): Rename logwtmp to ftp_logwtmp to avoid - collision with native logwtmp. Also, return void rather than - int. - - * ftpd.c: Rename logwtmp to ftp_logwtmp to avoid collision with - native logwtmp. - -Thu Dec 11 23:28:07 1997 Tom Yu <tlyu@mit.edu> - - * ftpd.c: Don't include netdb.h or sys/socket.h if krb.h is - included; this works around an Ultrix bug where those headers - aren't protected against multiple inclusion. - -Thu Oct 16 01:23:41 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Change LOCALINCLUDE and the link line to allow for - krb4 compatibility. - - * ftpd.c: Change KERBEROS to KRB5_KRB4_COMPAT where appropriate. - (reply): Fix up braces around the check for auth_type == - "KERBEROS_V4" so that the nesting of if statements is correct. - Various and sundry fixes from danw@mit.edu to make it work. - -Thu Aug 28 23:48:27 1997 Sam Hartman <hartmans@luminous.mesas.com> - - * ftpd.c (send_file_list): Flush the data before closing it. - -Sun Aug 17 14:24:09 1997 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (SRCS): Add $(srcdir) where needed. - -Wed Jul 16 19:03:18 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * ftpd.M: Fix name of srvtab file to be krb5.keytab. - -Wed Feb 5 20:34:38 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Tue Nov 12 00:04:00 1996 Tom Yu <tlyu@mit.edu> - - * ftpd.c (ftpd_userok): Don't undconditionally return -1. - -Thu Nov 7 15:38:51 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * ftpd.c (ftpd_userok): Check return value of krb5_init_context() - -Thu Oct 17 23:55:32 1996 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (auth_data): actually exit the for loop if the ftp key - was ok. - -Mon Oct 14 07:54:17 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * ftpd.c (secure_fprintf): Use STDARG routines if - present. [krb5-appl/108] - -Tue Sep 10 14:07:36 1996 Tom Yu <tlyu@mit.edu> - - * ftpd.M: remove ".so man1/header.doc" - -Mon Jul 29 22:37:05 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Determine sizeof short, int, long for secure.c - -Tue Jul 23 23:13:07 1996 Marc Horowitz <marc@mit.edu> - - * ftpd.c (auth_data): the logic which dealt with multiple acceptor - names and fallback was just broken. - -Wed Jul 10 16:38:01 1996 Marc Horowitz <marc@mit.edu> - - * ftpd.c (store), ftpcmd.y (STOR, APPE, STOU): rename store() to - store_file() to avoid conflict with dbm store() function - * ftpd.c (delete), ftpcmd.y (DELE): rename delete() to - delete_file() to avoid conflict with the dbm delete() function - -Thu Jun 13 18:35:19 1996 Kevin L Mitchell <klmitch@mit.edu> - - * ftpd.c (authdata): misplaced braces caused server to not be able to - use ftp principle if it was present. Client looks for ftp - first, then tries host; ftpd was looking only for host. - -Mon Jun 3 16:12:59 1996 Tom Yu <tlyu@mit.edu> - - * Makefile.in, configure.in: back out previous changes and use - Ezra's patches instead. - -Sun Jun 2 22:08:17 1996 Tom Yu <tlyu@mit.edu> - - * configure.in, Makefile.in: only link getdtablesize.o if needed - -Thu Mar 28 21:07:20 1996 Ken Raeburn <raeburn@cygnus.com> - - * ftpcmd.y: Define unix for HP-UX. - -Mon Mar 18 12:12:20 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Add AC_HEADER_STDARG - - * ftpcmd.y, ftpd.c: Declard STDARG if HAVE_STDARG_H is - declared. - -Fri Mar 15 14:16:41 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * ftpd.c (auth_data): Do not fail if last gss_service is not - present in keytab. If no services present, return a useful - minor error status. - -Fri Mar 15 01:24:39 1996 Richard Basch <basch@lehman.com> - - * configure.in, ftpd.c: Added shadow password support. - -Wed Mar 13 20:05:52 1996 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (auth_data): use gethostbyname to canonicalize local host - name, just like krb5_sname_to_principal does. - -Fri Feb 16 15:51:59 1996 Mark Eichin <eichin@cygnus.com> - - * ftpcmd.y (yylex): error handling changes from kbalk@hp.com. - -Tue Jan 16 18:44:42 1996 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (user): 331 is more appropriate for kuserok failure. - -Wed Feb 7 13:33:41 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * Makefile.in (clean): Remove ftpd - -Thu Jan 18 18:39:06 1996 Sam Hartman <hartmans@zygorthian-space-raiders.MIT.EDU> - - * configure.in: Check for crypt in -lcrypt - - * ftpd.c: Conditionalize sys_errlist - - * configure.in: Check to declare sys_errlist. - -Thu Jan 18 14:55:42 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * ftpd.c : Only return an unable to acquire credentials error if all possible services fail. - -Sun Jan 14 02:58:42 1996 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (auth_data): call gss_release_cred on the server_creds we - acquired, before they leave scope. - -Sun Jan 14 02:47:19 1996 Karri Balk - Contractor <kbalk@cup.hp.com> - - * ftpd.c (gss_services): list of gssapi service names to try. - (auth_data): loop over gss_services. - -Sun Jan 14 01:54:35 1996 Bill Schoofs <wjs@cray.com> - - * Makefile.in (DEFINES): define NOCONFIDENTIAL for future use. - * ftpcmd.y (CCC): ditch broken CCC code, return proper 534 code. - (PBSZ): return proper code 501 for bad PBSZ argument - (PROT): recognize PROT E. - (cmdtab): add CCC so as to cleanly reject it. - (getline): reject CONF as unsupported (but put in code to - potentially recognize it in the future.) Reject protected commands - of auth_type isn't yet set. - * ftpd.c (setlevel): use 536, not 504, for invalid level, and - use levelnames to find the proper name. - (user): if kuserok succeeds, respond 232, not 231; if it fails, - respond 336 (though 331 might be more appropriate.) - (auth): fix spelling error. - -Tue Jan 2 19:19:16 1996 Mark Eichin <eichin@cygnus.com> - - * ftpd.c: use HAVE_SETEUID and HAVE_SETRESUID to figure out how - to emulate seteuid instead of assuming hpux. - * configure.in: test for seteuid, setreuid and setresuid. - -Fri Oct 20 17:17:19 1995 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (auth_data): supply correct channel bindings to accept, - matching the client changes. - -Thu Oct 19 12:22:28 1995 Mark W. Eichin <eichin@cygnus.com> - - * configure.in: check WITH_DBM_LNAME since we use an_to_ln. - -Wed Oct 4 19:26:50 1995 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (user): use HAVE_GETUSERSHELL. - * configure.in: check for getusershell. - -Mon Oct 2 16:43:54 1995 Mark Eichin <eichin@cygnus.com> - - * popen.c (ftpd_popen): malloc all strings, not just globbed ones. - -Sun Oct 1 03:31:24 1995 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (auth_data): acquire credentials (currently fixed for - service "host".) Fix loop reply logic. Add debugging syslogs. Set - auth_type *after* 235 success reply, so it doesn't get encrypted. - -Sun Oct 1 00:58:39 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in: use FTP_BUFSIZ everywhere and make it large for - now. - * configure.in: check for headers need to build getdtablesize. - * ftpd.c (secure_reply): add GSSAPI hooks. - (reply_gss_error): better gssapi error reporting. - - -Sat Sep 30 22:26:25 1995 Mark Eichin <eichin@cygnus.com> - - * ftpd.c: correct gssapi includes. Fix type of client_name. Use - gss_ok instead of kerb_ok for GSSAPI case (to simplify future - combined code.) Fix some declarations. Fix arguments to - gss_accept_sec_context for type. - * ftpcmd.y: correct gssapi includes. - -Sat Sep 30 21:40:30 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in: hook setenv.c and getdtablesize.c from appl/bsd. - Use double-colon rules for clean, depend, install. - configure.in: check for yacc, SIGTYPE, UTMP, SIGPROCMASK, - WAIT_TYPE, getdtablesize, getcwd, setenv (using the test from - appl/bsd.) - * ftpcmd.y: no conf.h. declare level. Use krb5_sigtype directly. - * ftpd.c: use getcwd directly, make -s srvtab KERBEROS specific. - (user): return 331 as per draft-8, but suggest 53z. - (auth_data): return 535 and 335 and quote draft-8 as to why. - (secure_gss_error): generic interface for secure.c functions to - call reply_gss_error instead. - * logwtmp.c: no conf.h, check NO_UT_HOST. - * popen.c: no conf.h, no getdtablesize. - (ftpd_pclose): Obey USE_SIGPROCMASK. - -Sat Sep 30 16:43:28 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in, Makefile.in: new files for port to GSSAPI and - build within the Kerberos V5 build tree. - * ftpcmd.y, ftpd.c, secure.c: GSSAPI authentication changes based - on the IETF CAT working group ***DRAFT*** FTP Security - specification, draft number 8, appendix I. - - -**** previous change logs from CNS V4 modifications of Steve Lunt's - draft-3 ftp daemon, which this is based on. **** - -Wed Jul 26 21:03:13 1995 Ken Raeburn <raeburn@cygnus.com> - - * secure.c: Include string.h. - - * ftpd.c (main): Cast signal() return value to long instead of - int; it's more likely to fit. - -Thu Feb 2 13:41:24 1995 Ian Lance Taylor <ian@cygnus.com> - - * ftpcmd.y (NBBY): Explicitly define if __pyrsoft and MIPSEB. - (cmd_list): In handling of SYST, undefine BSD if __svr4__ is - defined. - - * ftpd.c: Don't try to use IP_TOS if the IP_TOS argument - (IPTOS_LOWDELAY, etc.) is not defined. - -Wed Jan 18 17:12:22 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * ftpd.8: Include man1/tmac.doc. - -Wed Jan 11 15:29:10 1995 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * ftpd.c (authenticate): New variable. - (main): Handle -a (require authentication) option. - (user): If authenticate is set, reply with an error if kuserok - fails or if no Kerberos authentication was used. - * ftpcmd.y: Use check_login when parsing the PASV command. - * ftpd.8: Document new -a option. - -Tue Jan 3 01:25:57 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (clean): explicitly delete ftpcmd.c on clean. - -Thu Dec 29 15:17:12 1994 Mark Eichin <eichin@cygnus.com> - - * ftpcmd.y (rcmd): don't declare atol, since it isn't used here - anyhow, and it's a macro under linux. - (top level): #define NBBY 8 for linux. - -Thu Dec 29 14:51:41 1994 Mark Eichin <eichin@cygnus.com> - - * ftpd.c (statcmd): don't use NBBY check -- linux doesn't have it, - it is in no spec, and if it isn't 8, it won't work anyway. (Use - strcat instead of sprintf, while we're at it...) - -Tue Dec 27 16:29:24 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * ftpcmd.y (reply, lreply): Declare if STDARG || (__STDC__ && ! - VARARGS). - * ftpd.c: If STDARG is defined, or if __STDC__ is defined and - VARARGS is not defined, include <stdarg.h>. - (secure_error): Use <stdarg.h> routines if STDARG || (__STDC__ && - ! VARARGS). - (reply, lreply): Likewise. - (setproctitle): Just use one argument. - * secure.c (secure_error): Declare if STDARG || (__STDC__ && ! - VARARGS). - -Fri Dec 23 16:25:44 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * ftpcmd.y (unix): Define if _AIX is defined (AIX compiler does - not predefine unix). - -Thu Dec 22 15:05:14 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * ftpd.c (keyfile): New global variable. - (main): Move option processing before check of remote socket. Add - new options -p, -r, and -s. Handle -p by accepting a remote - connection. - (kpass): Use keyfile variable rather than KEYFILE. Pass keyfile - explicitly to krb_rd_req. - (auth_data): Likewise. - * ftpd.8: Document new -p, -r, and -s options. - -Fri Dec 16 11:06:16 1994 Ian Lance Taylor <ian@cygnus.com> - - Fixes for HP/UX: - * ftpd.c: On HP/UX, define seteuid and setegid as macros which - call setresuid and setresgid. - - Fixes for UnixWare: - * ftpd.c (main): Use a temporary variable rather than calling - htons(ntohs(X)). - * ftpcmd.y: Include conf.h. - (getline): Cast arguments to Kerberos routines to avoid warnings. - (toolong): Declare as type sigtype, and add dummy argument. - - Fixes for SCO: - * cmdtab.y: Include <sys/types.h>. - * ftpd.c (initgroups): Define on SCO. - (main): Don't handle SIGURG if it is not defined. - (pass): Don't try to use crypt on SCO; instead, require Kerberos - password or anonymous login. - - Fixes for AIX: - * ftpcmd.y (index): Don't define. - (strpbrk, strcpy): Don't declare. - * ftpd.c (index, rindex): Don't define. - * logwtmp.c (strncpy): Don't declare. - * secure.c: Include <netinet/in.h>. - - Fixes for Ultrix: - * ftpd.c (main): Define LOG_NDELAY and LOG_DAEMON as zero if they - are not already defined by <syslog.h>. - - Fixes for Irix 4: - * ftpd.c (retrieve): Don't refer to st_blksize if NOSTBLKSIZE is - defined. - - * ftpcmd.y: Fix yacc code to use %union and %type. - (yylex): Assign to fields of yylval, rather than to yylval - directly. - - General fixes to make it compile on Solaris: Use sigtype for - signal handler return values, including conf.h where needed. Add - a dummy argument to signal handler functions. Replace index, - rindex, bzero and bcopy with ANSI C functions. Cast Kerberos - routine arguments to avoid warnings. Also: - * ftpd.c: Don't include <varargs.h>. If POSIX is defined, include - unistd.h, otherwise define getcwd to call getwd. - (L_SET, L_INCR): Define if not defined. - (pwd): Use getcwd instead of getwd. If POSIX, change the error - handling accordingly. - * popen.c (getdtablesize): New function on hpux or __svr4__. - (ftpd_pclose): If WAIT_USES_INT, use int instead of union wait. - -Thu Dec 15 16:13:44 1994 Ian Lance Taylor <ian@sanguine.cygnus.com> - - * Initial checkin. Based on Steve Lunt's ftp program, which was - based on BSD code. |