Re: ftp problems with OpenBSD 3.9
Hi! On Thu, Jun 15, 2006 at 09:29:40PM -0400, Nick Holland wrote: Smith wrote: how do I compile it. I know I can look at previous patches and possible figure it out but I wouldn't know if it's the proper way to do it. I have a test machine all setup and ready and my pwd is /usr/src/libexec/ftpd. Just replied privately, but since you asked publicly also, should reply for the list, in case anyone else wants to try... And since replying to you, I've tested it. It at least seems to work. Not sure it fixes your problem, however. make obj make cleandir # to be sure make depend # can sometimes make a difference in addition to # dependencies (e.g. run yacc/lex) make make install Stop and restart ftpd if you are running it as a daemon (ftpd -D), and you should be able to test... Nick. Kind regards, Hannah.
Re: ftp problems with OpenBSD 3.9
Okay, I followed Nick Holland's suggestion. First, I had setup an OpenBSD 3.9 test machine. The only configuration I did was to setup the ftpd service as described in a previous post. I tested it, the problem still persisted. Then I download src.tar.gz from the 3.8 directory on a mirror and extracted it into /usr/src. Then in /usr/src/libexec/ftpd, I did make obj, make cleandir, make depend, make, make install. Finally I rebooted. I did a test and it was successful. So it appears something did change. Does this mean I should read up sendbug and figure out how to report a bug or was this change intentional?
Re: ftp problems with OpenBSD 3.9
I tried in /etc/rc.conf.local ftpd_flags=-DllUSAn4 and rebooted. Problem still persisted. I checked netstat -an to verify that it was not listening on tcp6 port 21. I'm going to do Nick Holland's suggestion and the tcpdump idea too.
Re: ftp problems with OpenBSD 3.9
how do I compile it. I know I can look at previous patches and possible figure it out but I wouldn't know if it's the proper way to do it. I have a test machine all setup and ready and my pwd is /usr/src/libexec/ftpd.
Re: ftp problems with OpenBSD 3.9
Smith wrote: how do I compile it. I know I can look at previous patches and possible figure it out but I wouldn't know if it's the proper way to do it. I have a test machine all setup and ready and my pwd is /usr/src/libexec/ftpd. Just replied privately, but since you asked publicly also, should reply for the list, in case anyone else wants to try... And since replying to you, I've tested it. It at least seems to work. Not sure it fixes your problem, however. make obj make make install Stop and restart ftpd if you are running it as a daemon (ftpd -D), and you should be able to test... Nick.
ftp problems with OpenBSD 3.9
I may be beat up for asking this question, but I'll endure it if it leads to an answer. In the past, I've setup OpenBSD 3.8 ftpd servers that my users access using Microsoft web folders. Everything works fine. A user double clicks on the web folder and the contents of the ftp folder pops up right away. Microsoft web folders is a way of creating a folder to access an ftp server but make it look like a regular Windows explorer folder. It is available by default in Microsoft 2000 and XP. Now I've installed a couple of OpenBSD 3.9 ftpd servers which are configure exactly like the OpenBSD 3.8 servers. But when a user double-clicks on a web folder, a error message pops up saying that login failed. At this point I click login as and click the okay button because the username and password is saved already (this is on the client-side). This results in a successful login. So my question is, has there been a change in OpenBSD 3.9 from 3.8 that caused ftp authentication that worked fine in 3.8 to not work in 3.9? Why am I doing this setup? Our company buys big copier machines that have scanning capabilities. In order to use the scanning capabilities, the copier needs to send the scans to a server. I can setup a Microsoft file server or I can setup a OpenBSD ftp server. So for maintenance, security, cost and licensing administration reasons, I chose the OpenBSD ftp server option.
Re: ftp problems with OpenBSD 3.9
On 6/14/06, Tim [EMAIL PROTECTED] wrote: I may be beat up for asking this question, but I'll endure it if it leads to an answer. In the past, I've setup OpenBSD 3.8 ftpd servers that my users access using Microsoft web folders. Everything works fine. A user double clicks on the web folder and the contents of the ftp folder pops up right away. Microsoft web folders is a way of creating a folder to access an ftp server but make it look like a regular Windows explorer folder. It is available by default in Microsoft 2000 and XP. Now I've installed a couple of OpenBSD 3.9 ftpd servers which are configure exactly like the OpenBSD 3.8 servers. But when a user double-clicks on a web folder, a error message pops up saying that login failed. At this point I click login as and click the okay button because the username and password is saved already (this is on the client-side). This results in a successful login. So my question is, has there been a change in OpenBSD 3.9 from 3.8 that caused ftp authentication that worked fine in 3.8 to not work in 3.9? Read before you upgrade ftp-proxy(8) has changed, as detailed below, so your pf.conf(5) file may need to be updated. http://www.openbsd.org/faq/upgrade39.html Good luck -Nick
Re: ftp problems with OpenBSD 3.9
Sorry, a little more detail. Pf is not running on any of these ftpd servers. My ftpd setup consist mainly of: /etc/rc.conf.local = ftpd_flags=-DllUSAn /etc/ftpusers = has the admin account in there /etc/ftpchroot = the account that will receive the scans /etc/shells = /usr/bin/false the account that receives the scans has the false shell This is the setup for all the ftpd server I have for both 3.9 and 3.8. For both versions, the rest of the server is pretty much default. Nick Guenther wrote: On 6/14/06, Tim [EMAIL PROTECTED] wrote: I may be beat up for asking this question, but I'll endure it if it leads to an answer. In the past, I've setup OpenBSD 3.8 ftpd servers that my users access using Microsoft web folders. Everything works fine. A user double clicks on the web folder and the contents of the ftp folder pops up right away. Microsoft web folders is a way of creating a folder to access an ftp server but make it look like a regular Windows explorer folder. It is available by default in Microsoft 2000 and XP. Now I've installed a couple of OpenBSD 3.9 ftpd servers which are configure exactly like the OpenBSD 3.8 servers. But when a user double-clicks on a web folder, a error message pops up saying that login failed. At this point I click login as and click the okay button because the username and password is saved already (this is on the client-side). This results in a successful login. So my question is, has there been a change in OpenBSD 3.9 from 3.8 that caused ftp authentication that worked fine in 3.8 to not work in 3.9? Read before you upgrade ftp-proxy(8) has changed, as detailed below, so your pf.conf(5) file may need to be updated. http://www.openbsd.org/faq/upgrade39.html Good luck -Nick
Re: ftp problems with OpenBSD 3.9
From: [EMAIL PROTECTED] Sorry, a little more detail. Pf is not running on any of these ftpd servers. My ftpd setup consist mainly of: /etc/rc.conf.local = ftpd_flags=-DllUSAn /etc/ftpusers = has the admin account in there /etc/ftpchroot = the account that will receive the scans /etc/shells = /usr/bin/false the account that receives the scans has the false shell This is the setup for all the ftpd server I have for both 3.9 and 3.8. For both versions, the rest of the server is pretty much default. Does FTP work using a real FTP client? Windows explorer overlay to FTP has always been a kick in the nuts for me. And I wouldn't consider the command line client to be any better (still doesn't support passive mode? Or support it well, or something?) Does the problem occur in only one of active mode or passive mode? Both? If the problem exists in active mode but not passive, can you change the setting in your IE properties and be done with it? DS
Re: ftp problems with OpenBSD 3.9
I would ask: does it still work under 3.8? I'm not so sure 3.9 is the culprit. MS security updates hose this kind of stuff all the time (at least for me). Take care, Allen --- Tim [EMAIL PROTECTED] wrote: I may be beat up for asking this question, but I'll endure it if it leads to an answer. In the past, I've setup OpenBSD 3.8 ftpd servers that my users access using Microsoft web folders. Everything works fine. A user double clicks on the web folder and the contents of the ftp folder pops up right away. Microsoft web folders is a way of creating a folder to access an ftp server but make it look like a regular Windows explorer folder. It is available by default in Microsoft 2000 and XP. Now I've installed a couple of OpenBSD 3.9 ftpd servers which are configure exactly like the OpenBSD 3.8 servers. But when a user double-clicks on a web folder, a error message pops up saying that login failed. At this point I click login as and click the okay button because the username and password is saved already (this is on the client-side). This results in a successful login. So my question is, has there been a change in OpenBSD 3.9 from 3.8 that caused ftp authentication that worked fine in 3.8 to not work in 3.9? Why am I doing this setup? Our company buys big copier machines that have scanning capabilities. In order to use the scanning capabilities, the copier needs to send the scans to a server. I can setup a Microsoft file server or I can setup a OpenBSD ftp server. So for maintenance, security, cost and licensing administration reasons, I chose the OpenBSD ftp server option. Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: ftp problems with OpenBSD 3.9
This will answer two post: It does work in 3.8 still. As a matter a fact, I have two servers on the intranet. The 3.8 works fine but not the 3.9. I tried the passive/active and still the problem persist. If I use the command line or filezilla (another windows ftp client that's open source), it works just fine in both versions. At this point I'm thinking something change on the OpenBSD side, especially since 3.9 has the new ftp-proxy. I don't use pf or ftp-proxy for this situation but maybe OpenBSD ftpd was modified to make ftp-proxy work. If there really hasn't been any change in ftpd from 3.8 to 3.9, I'll focus the problem as being on Microsoft's side.
Re: ftp problems with OpenBSD 3.9
On Wed, Jun 14, 2006 at 05:38:07PM -0700, Smith wrote: This will answer two post: It does work in 3.8 still. As a matter a fact, I have two servers on the intranet. The 3.8 works fine but not the 3.9. I tried the passive/active and still the problem persist. If I use the command line or filezilla (another windows ftp client that's open source), it works just fine in both versions. At this point I'm thinking something change on the OpenBSD side, especially since 3.9 has the new ftp-proxy. I don't use pf or ftp-proxy for this situation but maybe OpenBSD ftpd was modified to make ftp-proxy work. If there really hasn't been any change in ftpd from 3.8 to 3.9, I'll focus the problem as being on Microsoft's side. Fire up a packet sniffer and see what happens. There is tcpdump on the openbsd side and insecure software like wireshark for windows. This is far quicker than all this speculating about who changed what. Don't forget to also compare it with the working box :) Tobias
Re: ftp problems with OpenBSD 3.9
Smith wrote: This will answer two post: It does work in 3.8 still. As a matter a fact, I have two servers on the intranet. The 3.8 works fine but not the 3.9. I tried the passive/active and still the problem persist. If I use the command line or filezilla (another windows ftp client that's open source), it works just fine in both versions. At this point I'm thinking something change on the OpenBSD side, especially since 3.9 has the new ftp-proxy. I don't use pf or ftp-proxy for this situation but maybe OpenBSD ftpd was modified to make ftp-proxy work. If there really hasn't been any change in ftpd from 3.8 to 3.9, I'll focus the problem as being on Microsoft's side. Curiously, I've noticed the MS-whatever-it-is feature didn't work with a 3.9 FTP server, too. I kinda figured it was just MS being stupid with something other than a MS FTP server on the other side. I have not tried 3.8, however. I was about to try to figure out how I'd find the time to take a look at this, both to verify your claim (which I'd always do first) then to try to troubleshoot it a bit. But then I realized...HEY! I can get YOU to do the work! :) Here's what I'd do... Install a 3.9 test machine, verify the problem exists. Checkout the source tree, or at least, the src/libexec/ftpd section, but using the OPENBSD_3_8 tag, to get the 3.8 version, and see if it 1) compiles easily and 2) works on 3.9. It just might. Or it might not. Assuming it does...do you still have a problem? Or is it fixed? If you still have a problem...there is something else going on (which COULD possibly be a library or some other system change...but I'd also look for a configuration difference. IF changing the FTP source code from 3.9's to 3.8's Fixes the problem, just start putting in change after change until it breaks. :) Nick.
Re: ftp problems with OpenBSD 3.9
On Wed, Jun 14, 2006 at 10:27:43PM -0400, Nick Holland wrote: IF changing the FTP source code from 3.9's to 3.8's Fixes the problem, just start putting in change after change until it breaks. :) Could it just be this one, i.e. MS software tries to login without password? | CVSROOT:/cvs | Module name:src | Changes by: [EMAIL PROTECTED] 2006/03/14 08:33:28 | | Modified files: | libexec/ftpd : monitor.c | | Log message: | Allow anonymous logins without a password, which was broken | by the last commit. Noticed by Armin Wolfermann. ok henning@ This appears to be fixed in the stable branch, too. Ciao, Kili
