Hi Abhilash,

  We'll discuss this offline.


On Wed, 30 Jan 2008 11:06 -0000, Abhilash wrote:

} Me Abhilash T.G (oso183)and arjun (oso211)has fixed a bug 6374978. The 
}diff file os attached. Just see it. Pls do reply if correct. you were 
}sponsoring us.
}Bug ID  6374978  
}Synopsis  ftpd doesn't like passwords that start with a minus.  
}State  1-Dispatched (Default State)  
}Category:Subcategory  network:ftp_server  
}Keywords  ftp | onnv_triage  
}Reported Against  2.9 , 5.10  
}Duplicate Of   
}Introduced In   
}Commit to Fix   
}Fixed In   
}Release Fixed   
}Related Bugs   
}Submit Date  20-JAN-2006  
}Last Update Date  12-OCT-2006  
}Description  ftpd can't handle passwords that start with a -.
}If you check 
}you can see:
}   2685        if (*passwd == '-')
}   2686            passwd++;
}Thus the rest of the password is later compared with the real one and fails.
}There's nothing wrong with a password of "-password", and it works fine for 
any other login type.  So this is a bug.
}Turns out this is sort-of by design.  in.ftpd(1), under "General FTP 
Extensions" reads:
}       A user whose FTP client hangs on a long reply, for example, a multiline
}       response, should use a dash (-) as the first character of the user's 
}       as this disables the Server's lreply() function.
}However, this being the case, the password should be checked for correctness 
*first*, and *then* the first character checked for being '-' and if so that 
removed and then the password checked again.  Otherwise we see this broken 
}Work Around  type a password of "-password" in FTP as "--password" 

Sun Microsystems - India Engineering Centre

Reply via email to