Oberon ||
Compiler & Tools ||
Library ||
Module Index ||
Search Engine
Ulm's Oberon System:
adis-ftpup
NAME
adis-ftpup - read user name and password for a FTP session
SYNOPSIS
adis-ftpup
[-t
timeout]
command
DESCRIPTION
adis-ftpup
processes the login part of a FTP session,
requiring a user name and a password, and
passes the credentials without further checks to
command
in conformance to the checkpassword interface of Dan J. Bernstein,
see http://cr.yp.to/checkpwd/interface.html.
By default, there is a time limit that drops the connection
after 60 seconds of inactivity. The option -t allows
to specify another time limit in seconds. A time limit of 0
permits connections to hang for infinite periods.
adis-ftpup
expects file descriptor 0 (standard input) to be connected
to a bi-directional network connection where,
in conformance to the FTP protocol (see RFC 959, 5.4), a connection
greeting must have already been sent to the FTP client.
Following set of FTP commands is supported:
- USER
-
takes a user name and returns with a code of 331.
- PASS
-
sets the password, returns with a code of 230, and
causes the initial session of adis-ftpup to
be finished.
- ACCT
-
is always responded with a code of 500.
- QUIT
-
terminates the connection without proceeding to command.
- NOOP
-
is answered by a code of 200.
- ABOR
-
is always responded with a code of 226.
All other FTP commands are, in deviance from the minimal set
specified by RFC 959 (section 5.1), rejected
with a code of 502. It is not possible, for example, to set transfer
parameters before finishing authorization.
If successful (by seeing a syntactically valid PASS command),
command is invoked that inherits the open bidirectional connection
on file descriptor 0, and gets, in conformance to the
checkpassword interface, the credentials passed via file descriptor 3
using a pipeline. It waits then until command is finished
and exits with an exit code of 0.
adis-ftpup
supports pipelining (see FTPEngine) according to
http://cr.yp.to/ftp/pipelining.html.
SECURITY CONSIDERATIONS
adis-ftpup
requires itself no root or other special privileges.
But, under the assumption that it is normally run under root privileges,
adis-ftpup
- invokes no external commands except for command,
- does not access the file system (no configuration files,
no logs), and
- does not connect to other services.
The supplied credentials are passed to the checkpassword interface
only. They are not revealed otherwise.
The security considerations of FTPRequests apply.
SEE ALSO
- adis-ftplogin
-
possible plug-in that performs the authentication.
- adis-ftpsession
-
allows to continue a FTP session in case of a successful authentication.
- FTPAuthReader
-
implements USER, PASS, and ACCT.
- FTPSessions
-
implements QUIT, NOOP, and ABOR.
- FTPEngine
-
implements general session engine for a FTP server.
- tcpserver
-
recommended listener that is documented
on http://cr.yp.to/ucspi-tcp/tcpserver.html.
Note that option -B must
not be forgotten to send the connection greeting.
ACKNOWLEDGEMENTS
The idea to modularize Internet services in a series of
consecutive processes that
- listen on a port (inetd or tcpserver),
- check the client connection (tcp wrappers by Wietse Venema),
- read in the login credentials (adis-ftpup),
- check them in a separate plug-in
(checkpassword or adis-ftplogin),
set user and group IDs, and
- run the rest of the session in user mode (adis-ftpsession),
is derived from the typical setup of the POP3 service for Qmail by
Dan J. Bernstein.
BUGS
adis-ftpup
deliberately deviates from the minimal set of FTP commands
required by RFC 959 (section 5.1). It does so by design for
the sake of simplicity. The latter is achieved by sharing
the checkpassword interface with services like qmail-popup(1)
without bloating it up with more status informations.
The PASS command is answered by an immediate return
code of 230 that indicates that the authorization was successful
while, however, the login credentials will be checked later
by command that usually decides to close the connection
in case of authorization failures. Hence, an invalid combination
of login and password is noted by a connection loss instead
of a return code stating this.
There is no option yet that allows the connection greeting
to be provided. This would make the invocation of adis-ftpup
easier using listeners other than tcpserver(1).
Edited by: borchert, last change: 2001/12/06, revision: 1.2, converted to HTML: 2001/12/06
Oberon ||
Compiler & Tools ||
Library ||
Module Index ||
Search Engine