FTP-Server with login security

Thomas Rauscher trauscher at loytec.com
Thu Mar 23 11:56:24 UTC 2006 

> > -----Original Message-----
> > From: Wilfried Busalski [mailto:w.busalski at lancier-monitoring.de]
> > Sent: Tuesday, March 21, 2006 1:46 PM
> > To: Rtems-Users
> > Subject: FTP-Server with login security
> > 
> > 
> > Hi all
> > 
> > The actual source of the ftpd.c is without any security for 
> login. Has 
> > anybody a patch for the ftpd.c with login security?
> > 
> > Regards
> > Wilfried Busalski
> >	
> 
> Hi,
> 
> I could provide a patch this week. It would allow to use the standard 
> username/password (plaintext) authentication.
> 

Hi,

I've filed a PR (927) with an attached patch which adds authentication
for
the RTEMS FTP server. To keep backwards compatibility and to have some
flexibility, there is a new value FTPD_AUTH for the access field which
enables
authentication. Thus, existing applications should not require any
changes.

/*
 * User management 
 */

typedef struct rtems_ftpd_auth
{
  /* Request */
  const char *username;
  const char *password;

  /* Response */
  int         access;
  char        rootdir[PATH_MAX];
} rtems_ftpd_auth_t;

typedef int (*rtems_ftpd_auth_cb_t)(rtems_ftpd_auth_t *auth, void
*user);
  
int rtems_ftpd_auth_add(rtems_ftpd_auth_cb_t auth_fn, void *user);

int rtems_ftpd_auth_del(rtems_ftpd_auth_cb_t auth_fn, void *user);


Authentication modules can be added by calling rtems_ftpd_auth_add()
which 
registers a callback function that tells the FTP server whether access
shall be granted or not. The read/write access and root directory for
each
user is also selected by the callback function.

With the current patch, up to 8 callbacks can be registered. Of course
this could be made dynamic.

An authentication function can be unregistered by calling
rtems_ftpd_auth_del() with the same callback function and user argument.

A simple example for such a authentication function giving full R/W
access to /
would be:

static int myauth(rtems_ftpd_auth_t *auth, void *userarg)
{
  (void) userarg;
        
  if(!strcmp(auth->username, "username") &&
     !strcmp(auth->password, "password")) 
  {
    auth->access = 0;
    strcpy(auth->rootdir, "/");
    return 1;
  }

  return 0;
}

The installation of this authentication header would be like this:

  ...
  rtems_ftpd_auth_add(myauth, NULL);
  ...

The FTP configuration would be:

struct rtems_ftpd_configuration rtems_ftpd_configuration =
  {
    0,
    0,
    0,
    0,
    0,
    10,
    0,
    FTPD_AUTH,
  };


Waiting for comments ...

Regards,
Thomas Rauscher

--
Thomas Rauscher
LOYTEC electronics GmbH

More information about the users mailing list