ftpd: stop using -g flag for /bin/ls

In 3bfbb521 the behaviour of ls was changed such that -g was no longer
a noop for compatibility with BSD 4.3, but instead changed the output
of long mode to exclude the owner of the file and display only the
group.

Update how FTPd invokes ls to restore the previous behaviour

Reported-by: Andrew Fengler <andrew.fengler@scaleengine.com>
Reviewed-by: jrtc27, des, imp
MFC after: 3 days
Sponsored-by: ScaleEngine Inc.
Fixes: 3bfbb521fef5 ("ls: Improve POSIX compatibility for -g and -n.")

libexec: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

ftpd: correct deprecation notice markup

Also bump .Dd for the original change.

Reported by: karels
Fixes: 98b98ec1bc7e ("ftpd: add deprecation notice")
Sponsored by: The FreeBSD Foundation

ftpd: add deprecation notice

Approved by: gordon
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26447

Remove $FreeBSD$: one-line nroff pattern

Remove /^\.\\"\s*\$FreeBSD\$$\n/

Put OPIE to rest.

Differential Revision: https://reviews.freebsd.org/D36592

ftp: Use /var/spool/ftp as ftp's home consistently

The home directory of the ftp user is /var/spool/ftp according to
hier(7). Update the manual page of ftpd(8) to reflect that.

MFC after: 2 weeks

Revisit blacklistd support in ftpd

Enhance blacklistd support to not log anything by default,
unless blacklistd support is enabled on the command line.
Document new flag in man page, cleanup patches to be less
intrusive in code.

Reported by: Rick Adams
Reviewed by: cem, emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8374

Remove the 3rd clause ("advertising clause") of the BSD license as
permitted by the University of Berkeley on July 22, 1999.

Reviewed by: imp
MFC after: 1 week

Bump date missed in r202756

PR: docs/171624
Submitted by: bdrewery
Approved by: gabor
MFC after: 3 days

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

mdoc: drop redundant .Pp and .LP calls

They have no effect when coming in pairs, or before .Bl/.Bd

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

Remove stale references to utmp(5) and its corresponding filenames.

I removed utmp and its manpage, but not other manpages referring to it.

o Fix typo: indentical -> identical.

PR: docs/131149
Submitted by: Patrick Oonk
MFC after: 1 week

- Import the HEAD csup code which is the basis for the cvsmode work.

Remove references to S/Key and list OPIE.

Reword the description of the UTF8 option (-8) so I can swear
to myself that I understand it.

Bump document date.

Add support for RFC 2389 (FEAT) and RFC 2640 (UTF8) to ftpd(8).

The support for RFC 2640 (UTF8) is optional and rudimentary.
The server just advertises its capability to handle UTF-8 file
names and relies on its own 8-bit cleanness, as well as on
the backward compatibility of UTF-8 with ASCII. So uploaded
files will have UTF-8 names, but the initial server contents
should be prepared in UTF-8 by hand, no on-the-fly conversion
of file names will be done.

PR: bin/111714
Submitted by: Zhang Weiwu <see email in the PR>
MFC after: 1 week

Touch .Dd because the last commit was content-related.

Use pidfile(3) provided by libutil to manage the deamon's pid file.

By default, create a pid file at the standard location, /var/run/ftpd.pid,
in accord with the expected behavior of a stock system daemon.

MFC after: 5 days

Sort sections.

Mechanically kill hard sentence breaks.

There's no such beast like AF_INET4, even when powered by whiskey.

Don't depend on IPv4-mapped IPv6 address to bind to both IPv4
and IPv6.

Wrote at: Hakone.
Powered by: Warner Losh's scotch whisky.
Requested by: nork

Add a note that the -u option can be overridden by settings in login.conf(5).

PR: docs/56017
Submitted by: Josef El-Rayes <j.el-rayes@daemon.li>

Add section number to .Xr

mdoc(7) police: Properly markup the previous revision.

Approved by: re (blanket)

Update the description of the -u option to mention that IP_PORTRANGE_HIGH
and _DEFAULT are the same for 5.x.

Committed under threat of action from: The mdoc police

mdoc(7) police: Scheduled sweep.

Add a new option to ftpd(8), "-h", to disable printing any
host-specific information in FTP server messages (so paranoid
admins can sleep at night :-)

PR: bin/16705
MFC after: 1 week

Give the code around chroot(2)/chdir(2) a major overhaul by
separating its part around chroot(2) from that around initial
chdir(2). This makes the below changes really easy.

Move seteuid(to user's uid) to before calling chdir(2). There are
two goals to achieve by that. First, NFS mounted home directories
with restrictive permissions become accessible (local superuser
can't access them if not mapped to uid 0 on the remote side
explicitly.) Second, all the permissions to the home directory
pathname components become effective; previously a user could be
carried to any local directory despite its permissions since the
chdir(2) was done with euid 0. This reduces possible impact from
FTP server misconfiguration, e.g., assigning a wrong home directory
to a user.

Implement the "/./" feature. Now a guest or user subject to chrooting
may have "/./" in his login directory, which separates his chroot
directory from his home directory inside the chrooted environment.
This works for ftpchroot(5) as well.

PR: bin/17843 bin/23944

Extend the format of /etc/ftpchroot so an alternative chroot
directory can be specified for a user or a group.

Add the manpage ftpchroot(5) since the file's format has grown
complex enough.

PR: bin/45327
Portions submitted by: Hideki SAKAMOTO <sakamoto@hlla.is.tsukuba.ac.jp>
MFC after: 1 week

- Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
data port instead of always using hard-coded port 20.

Submitted by: roam
MFC after: 1 week

english(4) police.

mdoc(7) police:

Properly sort options, spell "file system" correctly, expand contraction.

Catch up to the src/etc/syslog.conf,v 1.23 change: ftpd(8) session logs
are now by default get logged to /var/log/xferlog.

Approved by: re

Add option '-W': don't log FTP sessions to wtmp.

Submitted by: maxim
MFC after: 1 week

Rework storing files thoroughly. This includes:

o Remove the race between stat(2) & fopen(3) when creating
a unique file.

o Improve bound checking when generating a unique name from
a given pathname.

o Ignore REST marker on APPE. No RFC specifies this case,
but the idea of resuming APPE's implies this.

o By default, deny upload resumes and appends by anonymous users.
Previously these commands were translated to STOU silently,
which led to broken files on server without any notification
to the user.

o Add an option, -m, to allow anonymous users to modify
existing files (e.g., to resume uploads) if filesystem
permissions permit.

Portions obrainded from: OpenBSD
MFC after: 3 weeks

Reflect in the ftpd(8) manpage the fact that ASCII SIZE
requests against large files will be denied.

MFC after: 10 days

Make the `-v' option a synonym for `-d'
(as it was intended initially)
and document it in the manpage.

MFC after: 2 weeks

Document the -u (set umask) option
(which has been there at least since 4.4BSD-Lite!)

MFC after: 2 weeks

Sort command-line options according to the mostly used style:
alphabetical order, lower and upper case of the same letter
stick together, lower case first.

MFC after: 2 weeks

The .Nm utility

Implement a flag to disable directory creation for anonymous users.

PR: misc/38987
Submitted by: Peter da Silva <peter@abbnm.com>
MFC after: 1 week

mdoc(7) police: markup nits.

Improve the description on how to construct ~ftp/pub. Specifically,
don't instruct users to set the directory mode 777.

PR: 30690
Obtained from: NetBSD (with modification)
MFC after: 2 weeks

Do the best we can with respect to fixing command-line option disorder
in the SYNOPSIS and DESCRIPTION.

Note that -l remains an ugly exception, to which no known rules apply,
since the specification of a single option multiple times isn't normal
standards-compliant CLI behaviour.

While here, mark AF_INET* and LOG_* defined values up with Dv.

Extend the functionality offered by the -o option into a new option
-O, which limits the impact of the write-only restriction to guest
users.

*) The existing manual page's SYNOPSIS and option listing in the
DESCRIPTION are already horribly disordered. No attempt has been
made to fix this.

*) The existing source's getopt() optstring and option handling switch
are already horribly disordered. No attempt has been made to fix
this.

Discussed with: nik, -audit

Add a new option, '-o', for "Write-only". Disables the RETR command,
preventing anyone from downloading files. In conjunction with -A, and some
appropriate file permissions, this lets you create an anonymous FTP drop
box for people to upload files to.

The more obvious "-w" flag is already taken by NetBSD's ftpd. "-o" was
available as an option letter in all three BSDs.

Remove whitespace at EOL.

mdoc(7) police: removed HISTORY info from the .Os call.

mdoc(7) police: normalize .Nd.

Document that SITE extensions are disabled for anonymous logins.

Obtained from: logdaemon package by Wietse Venema

Add the "SITE MD5 filename" facility.

This allows you to determine if the file on the other side is the same
as the one you have without transferring the entire file to compare.

Needless to say, if the server end lies to you this check doesn't work,
but on the other hand, if it lies to you about the files checksum,
what can you trust from it ?

mdoc(7) police: removed hard sentence breaks, run through spell-checker.

Fix typo.

PR: 23591
Submitted by: mavetju@chello.nl

Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by: Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by: phk

mdoc(7) police: use the new features of the Nm macro.

Explain that the -S option only logs file downloads, not all transfers.

PR: 16934
Submitted by: Kurt Zeilenga <kurt@OpenLDAP.org>

Doc fix: remove references to ~ftp/bin/ls as we have FTPD_INTERNAL_LS
unconditionally active already.

Noticed by: obrien

another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project

$Id$ -> $FreeBSD$

unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone
really dislikes this, we could add a switch to disable it at runtime and
check in popen.c.

Update the SYNOPSIS to reflect that the -l option can be specified
more than once.

Pointed-out-by: sheldonh

Add missing -A option to SYNOPSIS.

PR: docs/10771

Oops, I missed a few more /etc/nologin references yesterday. It appears
my check of the tree was incomplete. Sorry guys.

Reported by: Ben Smithurst <ben@scientia.demon.co.uk>

Update to correctly reflect the default values of
net.inet.ip.portrange.hifirst and net.inet.ip.portrange.hilast

PR: docs/6745
Submitted by: Masachika Ishizuka <ishizuka@ish.org>

Added double quotes around CHMOD description to prevent garbled output.

PR: 8094
Submitted by: Christoph Weber-Fahr <wefa@callcenter.systemhaus.net>

Document the use of lines beginning with a '#' as comment lines.

PR: 5676

MFS.

FTP_INTERNAL_LS -> FTPD_INTERNAL_LS

Pointed out by: Jaye Mathisen <mrcpu@cdsnet.net>

Cosmetics in man page. Exit(-1) -> exit(1).

Import Lite2's src/libexec, except for makekey (which was spammed
by a repository copy from 1.1.5 and patched back to Lite1) and
rbootd/bootdir/SYSHPBSD (which is binary). All changed files have
already left the vendor branch.

Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for
definition of a system's virtual hosts.

YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny
and allow chroot access to entire groups.

Document internal ls, how to compile it in and what it changes wrt
anon ftp and chrooted users.

Add basic login.conf (sans authentication) support.

Remove some incorrect text on how passwords are validated.
Closes PR# 3050.

Submitted by: Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>

Revert $FreeBSD$ to $Id$

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Document the fact that the administrator may have
to change syslog's config file in order for all of
ftpd's log messages to be displayed by syslogd.

Closes PR# 1559.

add flag to allow only anonymous ftp logins

Reviewed by: pst

add forgotten $Id$

Reviewed by: various
Submitted by: archie@whistle.com

allow ftpd to bind to a single address/interface
this allows easy split services.

Convert STATS and PARANOID to run-time options.
Document the new -R (relax paranoia) option.

From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks
(relax, we're still exportable), and /etc/ftpchroot feature for
semi-anonymous accounts

Implemented a "-D" option that causes ftpd to detach and become a daemon -
accepting connections on the FTP port and forking children processes to
handling them. This is lower overhead than spawning ftpd from inetd and
can be a significant win on busy FTP servers. Be sure to disable ftpd in
inetd.conf if you decide to use this option.
These changes are based on similar changes I made to wu-ftpd and have
been in use on wcarchive for several months.

Use data ports in the range 40000..44999 by default to enhance FTP usability
in a firewall environment. Original idea by Mark Tracy (?).

Reviewed by: wollman
Submitted by: pst

Fix two more references to /etc/motd that I overlooked. PR #29

Close PR #29. The file should be /etc/ftpmotd, not /etc/motd.

Add some functionality to ftpd so it logs all anonymous file
transfers. It only does this when -S is set.
Reviewed by:
Submitted by:
Obtained from: logdaemon package

BSD 4.4 Lite Libexec Sources