Skip to content
Find file
Fetching contributors…
Cannot retrieve contributors at this time
576 lines (382 sloc) 17.4 KB
*** Don't forget to consider incrementing the version number in
*** [and leave this message at the top of the file]
2007-07-18 Ahmon Dancy <dancy@dancy>
* makefile: Build w/ 8.1
* install-repo: Pass --update to createrepo
* Set LC_TIME=POSIX environment for /bin/ls command to
maintain expected time format for FTP clients.
2006-08-30 root <>
* aftpd.spec: Parameterized 'release' and 'version'. Also added
%postun section to restart the program during upgrades.
* makefile: Allow rpm release number to be specified in an
environment variable. Defaults to '1'. Also pass version
information to rpmbuild.
* open-logs: Use os-open so that the file permissions can
be set if a given logfile doesn't exist at open time. Mode #o0600
is used to prevent casual browsing by non-privileged users.
2006-07-29 root <>
* aftpd.init: Fixed the condrestart clause.
2006-02-22 Ahmon Dancy <dancy@dancy>
* Modifications for RPM packaging.
* new: aftpd.spec.
* modified: aftpd.init: Do not specify any runlevels by default.
It is not appropriate to automatically enable a security sensitive
program like an FTP server.
* modified: Removed some text at the beginning of the
file. This file will be used as /etc/
* modified: makefile: Many changes to the install-common rule to
aid in rpm packaging.
* new: aftpd.logrotate: Logrotate config.
2005-12-19 Kevin Layer <>
* makefile: preferred lisp => 8.0; better install for SuSE
2005-10-11 Ahmon Dancy <dancy@dancy>
* Bumped version to 1.0.28 to indicate 8.0.beta build.
* Makefile: Find the build lisp in the same way as maild.
2005-08-19 Ahmon Dancy <dancy@dancy>
* Bumped version to 1.0.27:
When building passive socket or making an outgoing active
connection, always use the interface the data connection is on.
2005-07-17 root <>
* Version 1.0.26
* Added support for SITE UTIME command.
2005-05-25 Ahmon Dancy <dancy@dancy>
* Bumped version number for new binary builds on ACL 7.0
* Tweaked the error handling on a few filesystem calls.
Now uses *strict-probe-file*.
* Fixed for building on FreeBSD 4.10.
* Use 7.0 lisp for building. Added FreeBSD support.
* new for FreeBSD 4.
* readme.txt: Updated to reflect FreeBSD support.
2004-07-13 root <>
* cmd-rnto: Added missing 'fullpath' to format string
when complaining about out of bounds rename.
* Deleted. Cruft removal.
* *.tgz: Updating source and binary tarballs.
2004-01-14 root <>
<no version change>
* makefile: Updated mlisp variable for use offsite. Fixed install
2004-01-14 Ahmon Dancy <dancy@dancy>
spawn-client: Close the client socket with :abort t
ftpd-main: close and reopen logfiles for each connection to allow
for better log rotation. Also, when closing the control
connection due to unexpected errors, don't try to report the error
on the control connection.. since it's the control channel that
probably caused the unexpected error in the first place. Just log
the error and close down.
main: removed obsolete "I" in call to
with-command-line-arguments. Commented out prior change of
setting *print-hostname-in-stream* to nil. I guess it made no
difference. Also, log the program version in the ftp log when
starting up.
makefile: Updated regular expression for locating the version
2002-12-19 Ahmon Dancy <dancy@dancy>
* setf socket:*print-hostname-in-stream* to nil to see
if hung process problem goes away.
2002-12-18 Kevin Layer <layer@crikey>
<no version change, just doc changes>
* fix typos in comments
* readme.txt: fix typo
2002-12-13 Ahmon Dancy <dancy@dancy>
* Added *default-directory-mode* parameter which is used
for directories created by MKD. Note that umask will affect final
mode that is used.
* Updated the cleanup func to display a reason for the
cmd-mkd: Pass the new *default-directory-mode* parameter to
make-directory. Also, if anonymous mkdir's are allowed, don't
bother quarantining anonymous mkdirs. That would just result in a
bunch of emtpy directories being created that can't be accessed.
2002-12-12 Kevin Layer <layer@crikey>
- cmd-stou does not exist (STOU is not implemented)
- DNS: use only acldns and not C library
- use umask for MKD
- MDTM was returning the wrong time
1.0.19 release
2002-11-14 Ahmon Dancy <dancy@dancy>
* Added finish-output call in write-complete-vector so
that calls to socket-bytes-written count will return proper
information (when logging to the xferlog).
* The open-logs function now uses :always-append when
opening/creating the regular log and the xfer log.
Moved the ftp-log function down closer to the xfer-log
Removed the with-stream-lock stuff around ftp-log and xfer-log
since they are no longer needed now that the files are opened with
* Reworked NLST once more to handle all the edge cases.
It should be pretty compatible w/ wu-ftpd now.
2002-11-12 Kevin Layer <layer@crikey>
* makefile: break on warnings when compiling
* use osi module; remove all def-foreign-call's; don't
use, and in favor of equivalent
functionality in osi module
* (NEW) for debugging
* (REMOVED) no longer needed
* (REMOVED) no longer needed
* (REMOVED) no longer needed
* (REMOVED) system-constants.c: no longer needed
2002-10-22 Ahmon Dancy <dancy@dancy>
* Changed the code for NLST to make it behave more like wu-ftpd.
2002-09-30 Ahmon Dancy <dancy@dancy>
Call probe-pids-file during PASS cmd regardless of *maxusers*
variable. This will keep the size of the file in check.
Now open-logs in main function, before forking.
Uses with-fork macro in main now.
Logs a message "FTP server started" now.
disassociate function has been changed quite a bit. Instead of
making stdin, stdout, and stderr all use /dev/null, just stdin
uses /dev/null. stdout and stderr now use *logstream*'s file
descriptor. This will allow for catching any diagnostic messages
that would have otherwise been dropped (like if the server socket
port is already in use by another ftp process).
makefile: added build.tmp to the clean rule.
2002-09-23 Kevin Layer <layer@crikey>
* remove :cr external format (it's unused); the rest is
already part of 6.2, so ignore it there
1.0.14 release
2002-09-18 Kevin Layer <layer@crikey>
* makefile: fix installation; "make install" does the right thing
on Linux and Solaris now.
* readme.txt: fix installation description
2002-09-17 Kevin Layer <layer@crikey>
* makefile: put files in src arching in aftpd-<version> directory
* add comments to make clear that changing this file in
the binary distribution will do no good.
2002-09-16 Kevin Layer <layer@crikey>
* README: moretweaks, ready for release
* makefile: add S99aftpd aftpd.init to SOURCE_FILES
2002-09-16 Ahmon Dancy <dancy@dancy>
* BUGS: Added additional bug regarding lingering ftp server
* README: Updated installation notes
* S99aftpd: new file. Startup script for Solaris
* aftpd.init: new file. Startup script for Redhat-like systems.
* makefile: Added installation code.
2002-09-16 Kevin Layer <layer@crikey>
* README: tweaks
* load at app build time
* makefile: do away with binaries/, since it's not needed; add
`src' rule
2002-09-16 Kevin Layer <layer@crikey>
* makefile: add `linux' and `solaris' rules
* (NEW) binary-license.txt
* (NEW) makefile
* (NEW) binaries/linux
* (NEW) binaries/solaris
* README: tweaks
* remove load of, since it causes warnings--new
way is load, compile and load
2002-08-09 Ahmon Dancy <dancy@dancy>
Inc'd the version number to 1.0.13.
Added code to implement new *pasvipaddrs* parameter.
New file used to parse and match IP network addresses (needed for
new *pasvipaddrs* parameter).
Added notes about the new *pasvipaddrs* config parameter.
New *pasvipaddrs* parameter to enhance usability when NAT is
involved in the network configuration.
2002-02-19 D Layer <>
* README: reorganize and add a little more info
renamed CONFIG to, and include it during the compilation
2002-02-14 Kevin Layer <layer@crikey>
* add version #
2002-01-21 Ahmon Dancy <dancy@dancy>
* CONFIG: Added RCS id tag. Added pointer to Security notes
section in README for conversions.
* README: Added Security notes section. Added additional info for
anonymous FTP setup
* Added pointer to Security notes section in README for
2002-01-18 Ahmon Dancy <dancy@dancy>
* README: Fleshed out.
* CONFIG: New file w/ configuration section of for
documentation purposes.
* Made the connection banner a configurable parameter.
Added a gang of comments for the config params.
2002-01-07 Ahmon Dancy <dancy@dancy>
Added parameter *pidsfile* which holds the path to the pids file.
The pids file keeps track of ftpd's that may be running (for in
limiting the number of connections).
Changed the default control channel timeout to 5 minutes.
Added kill() foreign call.
Added some macros related to forking.
Removed old child reaping code. It didn't work out well.
Children are now immediately orphaned so that they become children
of process id #1 (init) (which always reaps).
New children call add-pid to add their process id to the
*pidsfile* flie.
To check the connections limit, probe-pids-file is called. This
function calls kill w/ signal 0 for every pid it finds in the
*pidsfile* file. signal 0 doesn't actually send a signal, but
does error checking. This effectively checks for the existence of
a particular processes. The list of processes that still exist is
written back to the *pidsfile* file and the count is returned.
Made NLST use globbing. Some clients expect this.
2001-12-20 Ahmon Dancy <dancy@dancy>
* fixed WNOHANG constant for Solaris.
Changed calls to with-stream-lock (removed :wait keyword.. always
want to wait).
* Added with-saved-file-position macro which
executes its body with file position set to 0 beforehand and
restored afterword. Now using this macro in the lock- and
unlock-stream functions to ensure the the entire file is locked
and unlocked.
2001-12-19 Ahmon Dancy <dancy@dancy>
* Added make-active-connection function to make a
PORT-based connection which will log errors.
establish-data-connection uses this now.
Added *ftpdataport* parameter. Defaults to 20 and will likely
never be changed by anyone.
Added *maxusers* parameter. If set to a number, it indicates the
maximum number of clients that can be connected at once.
Added *toomanymsg* parameter. Defaults to /etc/toomany.msg which
is a file that will be displayed when someone tries to use the
PASS command when *maxusers* has been reached.
Renamed *anonymous-???-restricted* to *anonymous-???-disabled*.
Changed conversion list. No need to call (vector) for vector
Added summore foreign calls for uid management.
Added *extra-files* parameter which lists the other source files
that go w/ this app.
Program is now easy to kill with control-C in debug mode.
Added code to keep track of how many children there are.
Added parameter *reaptime* to control how often a check is done
for an exited child. Defaults to 10 seconds. Set to a lower
value if you want higher accuracy.
strerror: If 'errno' is null, return "Unknown error".
outline: Used Kevin's code for making sure that security problems
don't creep in from programming mistakes using outline without a
format string.
Removed with-output-to-client macro. It was only used in one
place and wasn't necessary.
stderr-reader: Logs to ftp log instead of standard output.
get-request: Maximum line length is now 5000 characters.
Updated this function to gracefully deal with too-long lines. The
entire line is ignored and a line-too-long error is returned to
the client.
Added macro with-root-privs for doing certain operations that
require root privs. This should be checked for any potential
cmd-pass: Added maxusers check. Changed call to setgid to
setegid. Changed call to setuid to seteuid. Now we can recover
root privs when necessary [and so can anyone who manages to find
some exploit to execute arbitrary code].
dump-msg: New function to dump a file to the control connection,
prefixed by a code. dump-welcome-msg was removed and the call to
it was replaced w/ a call to dump-msg. The too-many-users file is
displayed using this now as well.
PORT-based FTP data connections now use the local port
*ftpdataport* (default, 20). Some clients required this. Using
port 20 requires root privs.
Fixed several places where I used 't' as the general case in a
handler-case, rather than 'error'.
Removed compile-regexp from places that it wasn't necessary. jkf
says that there's a compiler macro for regular expressions.
make-mdtm-string: No longer uses C library call. All built in
stuff w/ help from Charley.
glob-single: Shorter now due to use of enough-namestring.
make-relative, basename: Unnecessary functions removed.
ftp-log and xferlog: Use posix locks to make sure that several
clients don't smash updates to the logs. Also, make sure writing
always begins at the end of the log.
main: Make sure that ACL 6.1 or later is being used.
Added some command line arguments. -d to run in debugging mode.
-p xxxx to use an alternative FTP port. -f xxx to specify an
alternate config file.
top level: Complain if trying to build on non-linux, non-Solaris
Moved process group setting stuff into its own function. Renamed to New
2001-12-11 Ahmon Dancy <dancy@dancy>
* Removed dependency on Changed stuff over to
use excl::filesys- and other built-in stuff.
* Removed
* Make sure that the anonymous ftp account actually
exists before allowing an anonymous login.
2001-12-10 Ahmon Dancy <dancy@dancy>
* Added *xferlog* parameter which specifies the location of the
transfer log file. Added code to do xferlog logging. The log has
the following format:
(universal-time numeric-ip-address file direction bytes user)
If *debug* is non-nill, the xferlog goes to stdout.
2001-12-08 Ahmon Dancy <dancy@dancy>
* Enhanced the *restricted-users* stuff. If it's 't' everyone is
restricted except for those users listed in *unrestricted-users*.
* Rewrote make-full-path since it was missing some situations.
* The config file is now reloaded for each new connection so that
changes can be made on the fly.
* Added *logfile* and it's workings.
* Process forks and disassociates from the controlling terminal
now. More like a typical daemon.
2001-12-07 Ahmon Dancy <dancy@dancy>
* README: added build instructions and fixed a typo.
* Some export changes suggested by jkf.
Added *restricted-users* variable. Users in this list will be
confined to their home directories. Added code to handle this
Changed conversions to use vectors instead of strings. This is
store-file-ascii updated to use external format stuff.
Turned off globbing support for STAT.
Added :srecord to generate-executable call.
2001-12-06 Ahmon Dancy <dancy@dancy>
* Added support for the telnet codes that sometimes get sent
before ABOR requests. They're ignored. Double-IAC codes are
converted to a single #xff character (in case a filename has such
a character).
* Added cmd-abor. I thought I had that in there already.
* Transfer error messages are now ensured to be all on one line.
* Fixed bug in store-file-binary.
* added minimal HELP SITE support.
* Updated the way the config file is loaded. Add process id to
ftp-log output. If *debug* is :verbose, log (outline) data.
* Added some 'require's.
* Changed the default PASV port range. Changed *debug*
to default to nil. Added *configfile* parameter and code to load
*configfile* if it exists.
Some external format changes. Using a 6.1-only :e-crlf format
which eased some application building pains.
Added ftp-log function for logging. Changed all relevant format
statements to calls to ftp-log.
Changed the "Entering Passive Mode" respond (removed some
debugging info that upset Opera).
Added "image" and "ascii" as aliases for "i" and "a" in the TYPE
command [Bogus browsers.. *sigh*].
Added application-building function.
Something went wrong with that request. Please try again.