*** Don't forget to consider incrementing the version number in ftpd.cl *** [and leave this message at the top of the file] 2005-05-25 Ahmon Dancy * ftpd.cl: Bumped version number for new binary builds on ACL 7.0 * ftpd.cl: Tweaked the error handling on a few filesystem calls. Now uses *strict-probe-file*. * ftpd.cl: Fixed for building on FreeBSD 4.10. * makefile.cl: Use 7.0 lisp for building. Added FreeBSD support. * rc.aftpd.sh: new for FreeBSD 4. * readme.txt: Updated to reflect FreeBSD support. 2004-07-13 root 1.0.24 * ftpd.cl: cmd-rnto: Added missing 'fullpath' to format string when complaining about out of bounds rename. * debug.cl: Deleted. Cruft removal. * *.tgz: Updating source and binary tarballs. 2004-01-14 root * makefile: Updated mlisp variable for use offsite. Fixed install rule. 2004-01-14 Ahmon Dancy 1.0.23 * ftpd.cl: spawn-client: Close the client socket with :abort t ftpd-main: close and reopen logfiles for each connection to allow for better log rotation. Also, when closing the control connection due to unexpected errors, don't try to report the error on the control connection.. since it's the control channel that probably caused the unexpected error in the first place. Just log the error and close down. main: removed obsolete "I" in call to with-command-line-arguments. Commented out prior change of setting *print-hostname-in-stream* to nil. I guess it made no difference. Also, log the program version in the ftp log when starting up. makefile: Updated regular expression for locating the version variable. 2002-12-19 Ahmon Dancy 1.0.22 * ftpd.cl: setf socket:*print-hostname-in-stream* to nil to see if hung process problem goes away. 2002-12-18 Kevin Layer * config.cl: fix typos in comments * readme.txt: fix typo 2002-12-13 Ahmon Dancy 1.0.21 * config.cl: Added *default-directory-mode* parameter which is used for directories created by MKD. Note that umask will affect final mode that is used. * ftpd.cl: Updated the cleanup func to display a reason for the closeout. cmd-mkd: Pass the new *default-directory-mode* parameter to make-directory. Also, if anonymous mkdir's are allowed, don't bother quarantining anonymous mkdirs. That would just result in a bunch of emtpy directories being created that can't be accessed. 2002-12-12 Kevin Layer 1.0.20 * ftpd.cl: - cmd-stou does not exist (STOU is not implemented) - DNS: use only acldns and not C library - use umask for MKD - MDTM was returning the wrong time ******************************************************************************* 1.0.19 release ******************************************************************************* 2002-11-14 Ahmon Dancy 1.0.19 * ftpd.cl: Added finish-output call in write-complete-vector so that calls to socket-bytes-written count will return proper information (when logging to the xferlog). * ftpd.cl: The open-logs function now uses :always-append when opening/creating the regular log and the xfer log. Moved the ftp-log function down closer to the xfer-log function. Removed the with-stream-lock stuff around ftp-log and xfer-log since they are no longer needed now that the files are opened with :always-append. * ftpd.cl: Reworked NLST once more to handle all the edge cases. It should be pretty compatible w/ wu-ftpd now. 2002-11-12 Kevin Layer 1.0.18 * makefile: break on warnings when compiling * ftpd.cl: use osi module; remove all def-foreign-call's; don't use eol.cl, passwd.cl and posix-lock.cl in favor of equivalent functionality in osi module * (NEW) debug.cl: for debugging * (REMOVED) eol.cl: no longer needed * (REMOVED) passwd.cl: no longer needed * (REMOVED) posix-lock.cl: no longer needed * (REMOVED) system-constants.c: no longer needed 2002-10-22 Ahmon Dancy 1.0.17 * Changed the code for NLST to make it behave more like wu-ftpd. 2002-09-30 Ahmon Dancy 1.0.16 Call probe-pids-file during PASS cmd regardless of *maxusers* variable. This will keep the size of the file in check. Now open-logs in main function, before forking. Uses with-fork macro in main now. Logs a message "FTP server started" now. disassociate function has been changed quite a bit. Instead of making stdin, stdout, and stderr all use /dev/null, just stdin uses /dev/null. stdout and stderr now use *logstream*'s file descriptor. This will allow for catching any diagnostic messages that would have otherwise been dropped (like if the server socket port is already in use by another ftp process). makefile: added build.tmp to the clean rule. 2002-09-23 Kevin Layer 1.0.15 * eol.cl: remove :cr external format (it's unused); the rest is already part of 6.2, so ignore it there ******************************************************************************* 1.0.14 release ******************************************************************************* 2002-09-18 Kevin Layer * makefile: fix installation; "make install" does the right thing on Linux and Solaris now. * readme.txt: fix installation description 2002-09-17 Kevin Layer * makefile: put files in src arching in aftpd- directory * config.cl: add comments to make clear that changing this file in the binary distribution will do no good. 2002-09-16 Kevin Layer * README: moretweaks, ready for release * makefile: add S99aftpd aftpd.init to SOURCE_FILES 2002-09-16 Ahmon Dancy * BUGS: Added additional bug regarding lingering ftp server processes. * README: Updated installation notes * S99aftpd: new file. Startup script for Solaris * aftpd.init: new file. Startup script for Redhat-like systems. * makefile: Added installation code. 2002-09-16 Kevin Layer 1.0.14 * README: tweaks * ftpd.cl: load config.cl at app build time * makefile: do away with binaries/, since it's not needed; add `src' rule 2002-09-16 Kevin Layer * makefile: add `linux' and `solaris' rules * (NEW) binary-license.txt * (NEW) makefile * (NEW) binaries/linux * (NEW) binaries/solaris * README: tweaks * ftpd.cl: remove load of config.cl, since it causes warnings--new way is load config.cl, compile and load ftpd.cl. 2002-08-09 Ahmon Dancy 1.0.13 * ftpd.cl: Inc'd the version number to 1.0.13. Added code to implement new *pasvipaddrs* parameter. * ipaddr.cl: New file used to parse and match IP network addresses (needed for new *pasvipaddrs* parameter). * README: Added notes about the new *pasvipaddrs* config parameter. * config.cl: New *pasvipaddrs* parameter to enhance usability when NAT is involved in the network configuration. 2002-02-19 D Layer 1.0.12 * README: reorganize and add a little more info * CONFIG, config.cl, ftpd.cl: renamed CONFIG to config.cl, and include it during the compilation of ftpd.cl 2002-02-14 Kevin Layer 1.0.11 * ftpd.cl: add version # 2002-01-21 Ahmon Dancy * CONFIG: Added RCS id tag. Added pointer to Security notes section in README for conversions. * README: Added Security notes section. Added additional info for anonymous FTP setup * ftpd.cl: Added pointer to Security notes section in README for conversions. 2002-01-18 Ahmon Dancy * README: Fleshed out. * CONFIG: New file w/ configuration section of ftpd.cl for documentation purposes. * ftpd.cl: Made the connection banner a configurable parameter. Added a gang of comments for the config params. 2002-01-07 Ahmon Dancy * ftpd.cl: Added parameter *pidsfile* which holds the path to the pids file. The pids file keeps track of ftpd's that may be running (for in limiting the number of connections). Changed the default control channel timeout to 5 minutes. Added kill() foreign call. Added some macros related to forking. Removed old child reaping code. It didn't work out well. Children are now immediately orphaned so that they become children of process id #1 (init) (which always reaps). New children call add-pid to add their process id to the *pidsfile* flie. To check the connections limit, probe-pids-file is called. This function calls kill w/ signal 0 for every pid it finds in the *pidsfile* file. signal 0 doesn't actually send a signal, but does error checking. This effectively checks for the existence of a particular processes. The list of processes that still exist is written back to the *pidsfile* file and the count is returned. Made NLST use globbing. Some clients expect this. 2001-12-20 Ahmon Dancy * ftpd.cl: fixed WNOHANG constant for Solaris. Changed calls to with-stream-lock (removed :wait keyword.. always want to wait). * posix-lock.cl: Added with-saved-file-position macro which executes its body with file position set to 0 beforehand and restored afterword. Now using this macro in the lock- and unlock-stream functions to ensure the the entire file is locked and unlocked. 2001-12-19 Ahmon Dancy * ftpd.cl: Added make-active-connection function to make a PORT-based connection which will log errors. establish-data-connection uses this now. * ftpd.cl: Added *ftpdataport* parameter. Defaults to 20 and will likely never be changed by anyone. Added *maxusers* parameter. If set to a number, it indicates the maximum number of clients that can be connected at once. Added *toomanymsg* parameter. Defaults to /etc/toomany.msg which is a file that will be displayed when someone tries to use the PASS command when *maxusers* has been reached. Renamed *anonymous-???-restricted* to *anonymous-???-disabled*. Changed conversion list. No need to call (vector) for vector literals. Added summore foreign calls for uid management. Added *extra-files* parameter which lists the other source files that go w/ this app. Program is now easy to kill with control-C in debug mode. Added code to keep track of how many children there are. Added parameter *reaptime* to control how often a check is done for an exited child. Defaults to 10 seconds. Set to a lower value if you want higher accuracy. strerror: If 'errno' is null, return "Unknown error". outline: Used Kevin's code for making sure that security problems don't creep in from programming mistakes using outline without a format string. Removed with-output-to-client macro. It was only used in one place and wasn't necessary. stderr-reader: Logs to ftp log instead of standard output. get-request: Maximum line length is now 5000 characters. Updated this function to gracefully deal with too-long lines. The entire line is ignored and a line-too-long error is returned to the client. Added macro with-root-privs for doing certain operations that require root privs. This should be checked for any potential issues. cmd-pass: Added maxusers check. Changed call to setgid to setegid. Changed call to setuid to seteuid. Now we can recover root privs when necessary [and so can anyone who manages to find some exploit to execute arbitrary code]. dump-msg: New function to dump a file to the control connection, prefixed by a code. dump-welcome-msg was removed and the call to it was replaced w/ a call to dump-msg. The too-many-users file is displayed using this now as well. PORT-based FTP data connections now use the local port *ftpdataport* (default, 20). Some clients required this. Using port 20 requires root privs. Fixed several places where I used 't' as the general case in a handler-case, rather than 'error'. Removed compile-regexp from places that it wasn't necessary. jkf says that there's a compiler macro for regular expressions. make-mdtm-string: No longer uses C library call. All built in stuff w/ help from Charley. glob-single: Shorter now due to use of enough-namestring. make-relative, basename: Unnecessary functions removed. ftp-log and xferlog: Use posix locks to make sure that several clients don't smash updates to the logs. Also, make sure writing always begins at the end of the log. main: Make sure that ACL 6.1 or later is being used. Added some command line arguments. -d to run in debugging mode. -p xxxx to use an alternative FTP port. -f xxx to specify an alternate config file. top level: Complain if trying to build on non-linux, non-Solaris platform. Moved process group setting stuff into its own function. getpwnam.cl: Renamed to passwd.cl posix-lock.cl: New 2001-12-11 Ahmon Dancy * ftpd.cl: Removed dependency on stat.cl. Changed stuff over to use excl::filesys- and other built-in stuff. * stat.cl: Removed * ftpd.cl: Make sure that the anonymous ftp account actually exists before allowing an anonymous login. 2001-12-10 Ahmon Dancy * Added *xferlog* parameter which specifies the location of the transfer log file. Added code to do xferlog logging. The log has the following format: (universal-time numeric-ip-address file direction bytes user) If *debug* is non-nill, the xferlog goes to stdout. 2001-12-08 Ahmon Dancy * Enhanced the *restricted-users* stuff. If it's 't' everyone is restricted except for those users listed in *unrestricted-users*. * Rewrote make-full-path since it was missing some situations. * The config file is now reloaded for each new connection so that changes can be made on the fly. * Added *logfile* and it's workings. * Process forks and disassociates from the controlling terminal now. More like a typical daemon. 2001-12-07 Ahmon Dancy * README: added build instructions and fixed a typo. * eol.cl: Some export changes suggested by jkf. * ftp.cl: Added *restricted-users* variable. Users in this list will be confined to their home directories. Added code to handle this feature. Changed conversions to use vectors instead of strings. This is safer. store-file-ascii updated to use external format stuff. Turned off globbing support for STAT. Added :srecord to generate-executable call. 2001-12-06 Ahmon Dancy * Added support for the telnet codes that sometimes get sent before ABOR requests. They're ignored. Double-IAC codes are converted to a single #xff character (in case a filename has such a character). * Added cmd-abor. I thought I had that in there already. * Transfer error messages are now ensured to be all on one line. * Fixed bug in store-file-binary. * added minimal HELP SITE support. * Updated the way the config file is loaded. Add process id to ftp-log output. If *debug* is :verbose, log (outline) data. * eol.cl: Added some 'require's. * ftpd.cl: Changed the default PASV port range. Changed *debug* to default to nil. Added *configfile* parameter and code to load *configfile* if it exists. Some external format changes. Using a 6.1-only :e-crlf format which eased some application building pains. Added ftp-log function for logging. Changed all relevant format statements to calls to ftp-log. Changed the "Entering Passive Mode" respond (removed some debugging info that upset Opera). Added "image" and "ascii" as aliases for "i" and "a" in the TYPE command [Bogus browsers.. *sigh*]. Added application-building function.