1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-22 11:17:19 +00:00
freebsd/contrib/lukemftpd
Simon L. B. Nielsen 8978d9e7ef Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
2009-01-07 20:17:55 +00:00
..
libnetbsd
src Prevent cross-site forgery attacks on lukemftpd(8) due to splitting 2009-01-07 20:17:55 +00:00
acconfig.h
aclocal.m4
ChangeLog
config.h.in
configure
configure.in
COPYING
INSTALL
install-sh
lukemftpd.h
Makefile.in
NEWS
README
THANKS
todo

WHAT IS LUKEMFTPD?
------------------

`lukemftpd' is what many users affectionately call the enhanced ftp
server in NetBSD ( http://www.netbsd.org/ ).  The `lukem' comes from
the account name of the NetBSD developer who wrote most of the
enhancements: Luke Mewburn <lukem@netbsd.org>.

This package is a `port' of the NetBSD ftp server to other systems.

The enhancements over the standard ftp server in 4.4BSD (and derivatives)
include:
	* command line options:
		+ allow override of directory used by anonymous ftp (-a)
		+ optional change of directory for configuration files (-c)
		+ check whether a user would be granted access (-C)
		+ specify email address for display messages (-e)
		+ change hostname advertised as (-h, -H)
		+ specify data port to listen on (-P)
		+ keep track of the number of users logged in (-q, -Q)
		+ permanently drop privileges (-r)
		+ specify version advertised (-V)
		+ log wu-ftpd style `xferlog' entries to syslog (-X)

	* % escape sequences in files displayed to users (/etc/motd,
	  /etc/ftpwelcome, ...)

	* IPv6 support (from the KAME project).

	* ftpusers(5) control of who may log in, and optional
	  specification of a "class" to be associated with the
	  specified user or group.

	* ftpd.conf(5) to control various configuration options on
	  a per-class basis.  The following options are supported:
		+ address to advertise in PASV and LPSV responses
		+ check the PORT command for validity
		+ specify the directory to chroot(2) to
		+ automatic in-line conversions (e.g, `.tar.gz'
		  retrieval of directories)
		+ deny logins after the username is provided (rather
		  than after the password)
		+ display a file the first time a directory is entered
		+ specify the home directory of the session (for "cd ~")
		+ limit the maximum number of concurrent sessions
		+ limit the maximum size of an uploaded file
		+ set the default timeout and restrict the maximum
		  timeout that a user may request
		+ deny user from running the CHMOD, DELE, MKD, RMD, RNFR
		  and UMASK commands
		+ specify the motd(5) file to display upon login
		+ specify a glob(3) pattern of files to notify a user
		  of the existance of once a directory is entered
		+ enable/disable the use of PASV and EPSV connections
		+ limit the ports that PORT and LPRT may bind to
		+ limit the transfer rate of transfers
		+ limit the characters that may be used in an uploaded
		  filename
		+ set the umask
		+ deny user from running APPE, STOR and STOU as well
		  as CHMOD, ...

	* In-built copy of ls(1) to implement LIST (unless disabled
	  out with --disable-builtinls), so that /bin/ls does not need
	  to exist inside the ftp tree.

	* Virtual servers can be supported with a combination of
	  ftpd(8) flags and support in the invoking inetd(8) program
	  (such as that in NetBSD).

	* Optional S/Key authentication (if configued with --with-skey).


Features present in NetBSD's ftpd but not yet available in lukemftpd:
	* logging active sessions to utmp(5) (-u, -U)
	* logging completed sessions to wtmp(5) (-w, -W)


INSTALLATION
------------

Refer to `INSTALL' for more information on how to compile and install
lukemftpd.


FEEDBACK / BUG REPORTS
----------------------

Please email feedback back to the maintainer: <lukem@netbsd.org>.


COPYRIGHT
---------

lukemftpd is covered by a BSD-style copyright notice. Please refer to
the file `COPYING' for more information.


AVAILABILITY
------------

The primary ftp site for lukemftpd is:
	ftp://ftp.netbsd.org/pub/NetBSD/misc/lukemftp/
(the same location as lukemftp)