diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8 index 466a309f3345..208de852df54 100644 --- a/libexec/ftpd/ftpd.8 +++ b/libexec/ftpd/ftpd.8 @@ -1,4 +1,4 @@ -.\" $NetBSD: ftpd.8,v 1.16 1997/09/23 13:56:41 lukem Exp $ +.\" $NetBSD: ftpd.8,v 1.17 1997/09/23 14:25:30 lukem Exp $ .\" .\" Copyright (c) 1985, 1988, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -45,6 +45,7 @@ Internet File Transfer Protocol server .Op Fl dl .Op Fl a Ar anondir .Op Fl c Ar confdir +.Op Fl C Ar user .Sh DESCRIPTION .Nm is the @@ -69,6 +70,14 @@ Change the root directory of the configuration files from .Dq Pa /etc to .Ar directory . +.It Fl C +Check whether the specified user would be granted access under +the restrictions given in +.Pa /etc/ftpusers +and exit without attempting a connection. +.Nm +exits with an exit code of 0 if access would be granted, or 1 otherwise. +This can be useful for testing configurations. .It Fl d Debugging information is written to the syslog using LOG_FTP. .It Fl l @@ -460,7 +469,9 @@ Make this directory owned by and unwritable by anyone (mode 555). The program .Xr ls 1 -must be present to support the list command. +must be present to support the +.Sq LIST +command. This program should be mode 111. .It Pa ~ftp/etc Make this directory owned by diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index 1fb1ff72f922..597ddc1c9b0e 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.34 1997/09/23 13:56:42 lukem Exp $ */ +/* $NetBSD: ftpd.c,v 1.35 1997/09/23 14:25:31 lukem Exp $ */ /* * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994 @@ -44,7 +44,7 @@ __COPYRIGHT( #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID("$NetBSD: ftpd.c,v 1.34 1997/09/23 13:56:42 lukem Exp $"); +__RCSID("$NetBSD: ftpd.c,v 1.35 1997/09/23 14:25:31 lukem Exp $"); #endif #endif /* not lint */ @@ -223,6 +223,49 @@ main(argc, argv, envp) char *cp, line[LINE_MAX]; FILE *fd; + debug = 0; + logging = 0; + (void)strcpy(confdir, _DEFAULT_CONFDIR); + + while ((ch = getopt(argc, argv, "a:c:C:dlt:T:u:v")) != -1) { + switch (ch) { + case 'a': + anondir = optarg; + break; + + case 'c': + (void)strncpy(confdir, optarg, sizeof(confdir)); + confdir[sizeof(confdir)-1] = '\0'; + break; + + case 'C': + exit(checkaccess(optarg)); + /* NOTREACHED */ + + case 'd': + case 'v': /* deprecated */ + debug = 1; + break; + + case 'l': + logging++; /* > 1 == extra logging */ + break; + + case 't': + case 'T': + case 'u': + warnx("-%c has been deprecated in favour of ftpd.conf", + ch); + break; + + default: + if (optopt == 'a' || optopt == 'C') + exit(1); + warnx("unknown flag -%c ignored", optopt); + break; + } + } + /* * LOG_NDELAY sets up the logging connection immediately, * necessary for anonymous ftp's that chroot and can't do it later. @@ -244,44 +287,10 @@ main(argc, argv, envp) syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); #endif data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1); - debug = 0; - (void)strcpy(confdir, _DEFAULT_CONFDIR); /* set this here so klogin can use it... */ (void)snprintf(ttyline, sizeof(ttyline), "ftp%d", getpid()); - while ((ch = getopt(argc, argv, "a:c:dlt:T:u:v")) != EOF) { - switch (ch) { - case 'a': - anondir = optarg; - break; - - case 'c': - (void)strncpy(confdir, optarg, sizeof(confdir)); - confdir[sizeof(confdir)-1] = '\0'; - break; - - case 'd': - case 'v': /* deprecated */ - debug = 1; - break; - - case 'l': - logging++; /* > 1 == extra logging */ - break; - - case 't': - case 'T': - case 'u': - warnx("-%c has been deprecated in favour of ftpd.conf", - ch); - break; - - default: - warnx("unknown flag -%c ignored", optopt); - break; - } - } (void) freopen(_PATH_DEVNULL, "w", stderr); (void) signal(SIGPIPE, lostconn); (void) signal(SIGCHLD, SIG_IGN); @@ -346,7 +355,7 @@ lostconn(signo) if (debug) syslog(LOG_DEBUG, "lost connection"); - dologout(-1); + dologout(1); } /* @@ -543,7 +552,6 @@ checkaccess(name) } (void) fclose(fd); return (retval); - } #undef ALLOWED #undef NOT_ALLOWED