From 04f4dc63d2d212e9344ff9045b1769bb6af81266 Mon Sep 17 00:00:00 2001 From: Kirk McKusick Date: Mon, 19 Feb 1990 19:10:29 -0800 Subject: [PATCH] check /etc/ftpusers for denial of access to anonymous (4.3BSD-tahoe/libexec/1) SCCS-vsn: libexec/ftpd/ftpd.c 5.31 --- usr/src/libexec/ftpd/ftpd.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/usr/src/libexec/ftpd/ftpd.c b/usr/src/libexec/ftpd/ftpd.c index e30621c3d6..53b3780004 100644 --- a/usr/src/libexec/ftpd/ftpd.c +++ b/usr/src/libexec/ftpd/ftpd.c @@ -22,7 +22,7 @@ char copyright[] = #endif /* not lint */ #ifndef lint -static char sccsid[] = "@(#)ftpd.c 5.30 (Berkeley) %G%"; +static char sccsid[] = "@(#)ftpd.c 5.31 (Berkeley) %G%"; #endif /* not lint */ /* @@ -307,8 +307,8 @@ int askpasswd; /* had user command, ask for passwd */ * Sets global passwd pointer pw if named account exists * and is acceptable; sets askpasswd if a PASS command is * expected. If logged in previously, need to reset state. - * If name is "ftp" or "anonymous" and ftp account exists, - * set guest and pw, then just return. + * If name is "ftp" or "anonymous", the name is not in /etc/ftpusers, + * and ftp account exists, set guest and pw, then just return. * If account doesn't exist, ask for passwd anyway. * Otherwise, check user requesting login privileges. * Disallow anyone who does not have a standard @@ -334,7 +334,9 @@ user(name) guest = 0; if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) { - if ((pw = sgetpwnam("ftp")) != NULL) { + if (!checkuser("ftp") || !checkuser("anonymous")) + reply(530, "User %s access denied.", name); + else if ((pw = sgetpwnam("ftp")) != NULL) { guest = 1; askpasswd = 1; reply(331, "Guest login ok, send ident as password."); -- 2.20.1