Networking/Discussion/Technology/ftpd: DNS lookup & anonymous lookup/List of Posts
 
Forum Topic - ftpd: DNS lookup & anonymous lookup:
   
Update
Jared Roundy
07/02/2008 4:50 PM
post9961
ftpd: DNS lookup & anonymous lookup   
When I connect to the QNX ftp server it takes 20 seconds before I get the login prompt.  Looking at the network trace I 
see it is trying to look up the client's DNS name.  Looking at the ftp documentation and code I see now way to turn this
 off.  Is there a way to turn this off?

We are moving to qnx but need the option of being backward compatible with our old systems.  One of the things we need 
to support is ftp login to a guest account without a user name, and no password prompt.    Looking at the documentation 
& code I see this isn't a current option.  When I try it I get the error:
"500 'USER ':command not understood".
Wanting to see how much of a change it would be to support this I tried changing cmdtab[] in file ftpcmd.y to list USER 
as a ZSTR1, but I still get the same error and don't make it to the user() in ftpd.c (where other changes would be 
needed).  Is there some other location that needs to be changed to let the request make it to user() in ftpd.c?  Is 
there any plan to add a configuration parameter to allow an empty user name login?
Mario Charest
07/02/2008 5:52 PM
post9971
Re: ftpd: DNS lookup & anonymous lookup   
> When I connect to the QNX ftp server it takes 20 seconds before I get the 
> login prompt.  Looking at the network trace I see it is trying to look up the 
> client's DNS name.  Looking at the ftp documentation and code I see now way to
>  turn this off.  Is there a way to turn this off?

Make sure /etc/resolv.conf is empty.
Robert Craig
07/02/2008 6:16 PM
post9973
RE: ftpd: DNS lookup & anonymous lookup   
Hi Jared:

Before I dig in, is this with the io-net network stack or io-pkt?  Ftpd
for io-pkt is a completely new port so the behaviour of the two may be
different.

I suspect that it's io-pkt given that you're looking at the source.  I
think that what needs to get done is that "no user / no password"
results in "anonymous : anonymous"  since you MUST have a user name of
some sort in order to make sure that access permissions get assigned
correctly.

	Robert.

-----Original Message-----
From: Jared Roundy [mailto:jroundy@zebra.com] 
Sent: Wednesday, July 02, 2008 4:51 PM
To: technology-networking
Subject: ftpd: DNS lookup & anonymous lookup

When I connect to the QNX ftp server it takes 20 seconds before I get
the login prompt.  Looking at the network trace I see it is trying to
look up the client's DNS name.  Looking at the ftp documentation and
code I see now way to turn this off.  Is there a way to turn this off?

We are moving to qnx but need the option of being backward compatible
with our old systems.  One of the things we need to support is ftp login
to a guest account without a user name, and no password prompt.
Looking at the documentation & code I see this isn't a current option.
When I try it I get the error:
"500 'USER ':command not understood".
Wanting to see how much of a change it would be to support this I tried
changing cmdtab[] in file ftpcmd.y to list USER as a ZSTR1, but I still
get the same error and don't make it to the user() in ftpd.c (where
other changes would be needed).  Is there some other location that needs
to be changed to let the request make it to user() in ftpd.c?  Is there
any plan to add a configuration parameter to allow an empty user name
login?


_______________________________________________
Technology
http://community.qnx.com/sf/go/post9961
Jared Roundy
07/02/2008 6:26 PM
post9974
Re: RE: ftpd: DNS lookup & anonymous lookup   
I am using io-pkt.

Having the code map "no user / no password" to "anonymous : anonymous" without the password prompt would work great.  I 
do realize we to need to map it to a user for access permissions.
Sean Boudreau(deleted)
07/03/2008 11:59 AM
post10032
Re: ftpd: DNS lookup & anonymous lookup   
On Wed, Jul 02, 2008 at 04:50:45PM -0400, Jared Roundy wrote:
> When I connect to the QNX ftp server it takes 20 seconds before I get the login prompt.  Looking at the network trace 
I see it is trying to look up the client's DNS name.  Looking at the ftp documentation and code I see now way to turn 
this off.  Is there a way to turn this off?

I added a -n option to ftpd to prevent this.  Still thinking
about the other issue.

Enjoy.

-seanb
Jared Roundy
07/14/2008 12:53 PM
post10478
Re: ftpd: DNS lookup & anonymous lookup   
The -n works great.  
Have you come up with any way to have no_username login as anonymous with an anonymous password (without the password 
request)?
Robert Craig
07/14/2008 1:18 PM
post10483
RE: ftpd: DNS lookup & anonymous lookup   
No chance of adding an option to the client side?  Most FTP clients seem
to support the "-a" (or -A option for windows) for anonymous login which
seems to be the "standard" way of not having to pass in a username /
password....

	Robert.

-----Original Message-----
From: Jared Roundy [mailto:jroundy@zebra.com] 
Sent: Monday, July 14, 2008 12:53 PM
To: technology-networking
Subject: Re: ftpd: DNS lookup & anonymous lookup

The -n works great.  
Have you come up with any way to have no_username login as anonymous
with an anonymous password (without the password request)?

_______________________________________________
Technology
http://community.qnx.com/sf/go/post10478
Jared Roundy
07/14/2008 2:23 PM
post10488
Re: RE: ftpd: DNS lookup & anonymous lookup   
We don't control the ftp client our users are using.  
For multiple reasons our next generation product needs to backward compatible.  Our current system will handle the case 
where they don't supply a user name.
Sean Boudreau(deleted)
07/14/2008 2:30 PM
post10489
Re: RE: ftpd: DNS lookup & anonymous lookup   
On Mon, Jul 14, 2008 at 02:23:12PM -0400, Jared Roundy wrote:
> We don't control the ftp client our users are using.  
> For multiple reasons our next generation product needs to backward compatible.  Our current system will handle the 
case where they don't supply a user name.

Which client exibits this behaviour?

-seanb
Jared Roundy
07/14/2008 2:40 PM
post10491
Re: RE: ftpd: DNS lookup & anonymous lookup   
I have been using the DOS/Windows ftp client for my testing.

Jared
Sean Boudreau(deleted)
07/14/2008 2:42 PM
post10492
Re: RE: ftpd: DNS lookup & anonymous lookup   
On Mon, Jul 14, 2008 at 02:40:26PM -0400, Jared Roundy wrote:
> I have been using the DOS/Windows ftp client for my testing.
> 

Can you post a sample session showing this behaviour.

Thanks,

-seanb
Jared Roundy
07/14/2008 2:56 PM
post10493
Re: RE: ftpd: DNS lookup & anonymous lookup   
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

d:\dev>ftp 172.30.16.100
Connected to 172.30.16.100.
220 ZBR-79071 Version V53.16.4ZP28 ready.
User (172.30.16.100:(none)):
230 User logged in.
ftp> bye
221 Service closing control connection. Bye...

d:\dev>ftp 172.30.16.101
Connected to 172.30.16.101.
220 Desker FTP server (QNXNTO-ftpd 20070723) ready.
User (172.30.16.101:(none)):
500 'USER ': command not understood.
Login failed.
ftp> bye
221 Thank you for using the FTP service on Desker.

Above are the two systems.  The top (.100) is our current system.  The bottom (.101) is the QNX system.  You will notice
 that the QNX login failed, so I wouldn't be able to do anything in there.  If you want a network trace I can get that 
for you as well.
In DOS at the User prompt I was just hitting <enter>.

Jared
Robert Craig
07/14/2008 5:56 PM
post10509
RE: RE: ftpd: DNS lookup & anonymous lookup   
I've been looking at the same path as you.  You would have thought that
it would have been as simple as changing from a STR1 to ZSTR1 in
ftpcmpd.y (and possibly adding in a little bit of support code around
the USER / PASS entries).  This definitely helps since it gets you
through yylex, but there's still something buried in yyparse that's
resulting in a "parse error" now.  Don't you love auto-generated code?  

	I'll keep digging for a bit longer to try and see where it's
going off the rails.

	Robert.

-----Original Message-----
From: Jared Roundy [mailto:jroundy@zebra.com] 
Sent: Monday, July 14, 2008 2:23 PM
To: technology-networking
Subject: Re: RE: ftpd: DNS lookup & anonymous lookup

We don't control the ftp client our users are using.  
For multiple reasons our next generation product needs to backward
compatible.  Our current system will handle the case where they don't
supply a user name.

_______________________________________________
Technology
http://community.qnx.com/sf/go/post10488
Robert Craig
07/14/2008 6:57 PM
post10510
RE: RE: ftpd: DNS lookup & anonymous lookup   
OK... We have a solution...

In ftpcmd.y, line 1866

	case CMD:
		hasyyerrored = 0;
+		if (strncasecmp(cmdp,"USER \r\n",7) == 0) {
+			strcpy(cmdp, "USER anonymous\r\n");
+		}
		if ((cp = strchr(cmdp, '\r'))) {


Add in the three lines as above and an empty user name maps to
"anonymous".  Turns out that ftpd already has the hooks to deal with an
empty password, so that's all it takes.  I don't know if this is in
compliance with the RFC, so we won't be pulling it into our GA code
base, but it's a pretty simple change.

	Robert.


-----Original Message-----
From: Jared Roundy [mailto:jroundy@zebra.com] 
Sent: Monday, July 14, 2008 2:23 PM
To: technology-networking
Subject: Re: RE: ftpd: DNS lookup & anonymous lookup

We don't control the ftp client our users are using.  
For multiple reasons our next generation product needs to backward
compatible.  Our current system will handle the case where they don't
supply a user name.

_______________________________________________
Technology
http://community.qnx.com/sf/go/post10488

Return