On Thu, May 06, 2021 at 06:36:52PM +0200, Mark Kettenis wrote: > > From: "Theo de Raadt" <dera...@openbsd.org> > > Date: Thu, 06 May 2021 10:26:31 -0600 > > > > Jan Klemkow <j.klem...@wemelug.de> wrote: > > > > > On Wed, May 05, 2021 at 12:18:43PM -0600, Theo de Raadt wrote: > > > > I would like a further justification for removing these ports from > > > > the very limited dynamic reserved space used by bindresvport. > > > > > > > > (but not by rresvport, which appears still stomp over them) > > > > > > > > For tcp, 32 of the 512 are locked out. > > > > For udp, 19. > > > > > > > > What software is actually using these ports? > > > > > > > > Is that software irrelevant these days? > > > > > > I'm working on a diff to bring ftps with libtls into our ftpd(8). There > > > is a "getaddrinfo(NULL, "ftps", &hints, &res0)" call, which uses this > > > port. Thus, I made this change. > > > > Hang on -- does the world want ftps support?
I don't know, what "the world" wants. But, I want ftps. As far as I can see, ftps is the only way to bring our ftpd(8) into the 21st century. I use ftp in my private local setup. I also want to use over public internet in the future, like I did in the past. Thats why I'm working on it. > I was going to ask the same thing. I mean even with encryption the > FTP protocol still is a bad idea given all the problems with NAT > traversal and such. In don't use NAT or packet filters in my setup. With IPv6 there is no active FTP problem.
