Code review request
philipp at redfish-solutions.com
Tue Aug 8 20:38:40 EDT 2006
Russ Allbery wrote:
>Philip Prindeville <philipp at redfish-solutions.com> writes:
>>And inline... of course, the tabs are converted to blanks...
>>--- src/appl/gssftp/ftpd/ftpd.c.graylist 2006-06-07 20:13:07.000000000 -0600
>>+++ src/appl/gssftp/ftpd/ftpd.c 2006-06-07 20:13:08.000000000 -0600
>Ah, yes. I remember this originally.
>So, here's the basic problem: The appl tree in MIT Kerberos hasn't
>received much attention for a while. I've volunteered to try to maintain
>it as much as I can find time (which so far hasn't been much, and there
>are other things like OpenAFS that get a higher priority) because we use
>Kerberos rlogin and rsh extensively at Stanford and they still have some
>substantial benefits for us over ssh. However, telnet and ftpd are a
>different story. Both are far more complex than rsh and rlogin and my
>feeling is that they're less-used; we certainly don't use ftp/ftpd at all
>and don't use telnet/telnetd except for backward compatibility to an app
>that we're getting rid of within the next year or two.
>What that means is that, beyond security fixes and bug fixes, I'm not sure
>anyone really cares about the ftp or telnet parts of the app tree.
>My understanding is that the SRP versions of telnet and ftp available
>are supported and more actively developed (there was a new release as
>recently as last December) and also support GSS-API authentication. To be
>honest, you may be better off getting in contact with them and seeing if
>they'll incorporate your patch because they probably have more cycles to
>maintain the code.
>I'm actually a bit curious as to why you'd want to add greylisting to ftpd
>in particular. Do you have a lot of GSS-API ftp clients? That's a
>protocol that I'm honestly a bit surprised anyone has deployed to any
>great extent; from my vantage point, FTP seems to be dying fast in general
>and authenticated FTP losing quickly to SFTP (which, in recent versions of
>OpenSSH, also supports GSS-API).
>All this doesn't mean that no one is ever going to look at your patch. I
>may get guilty enough to look it over at some point, for instance. I just
>want to be sure that you have a realistic idea of development priorities
>and realize that you're contributing to a part of the MIT tree that, if
>not dead, is at least moribund.
Actually, I run an FTP repository with anonymous access... it's behind
that doesn't provide enough stateful inspection to handle brute-force
The functionality of greylisting for us is that is makes FTP password attack
software give up and go away, rather than wasting bandwidth on our
T1 circuit and degrading service for our legitimate users.
I'll contact Stanford as well and see if they can pick it up.
We ended up using gssftp because it gets installed by default with a lot of
In previous lives, I always used the WUStL FTP server for anonymous
More information about the krbdev