Chris Markle acc_gnsc (cam@columbia-pdn)
Fri, 4 Sep 87 16:59:07 EDT
A number of people have quickly pointed out to me that section 5.4
"Sequencing of Commands and Replies" in RFC 959 specifically states the
responses that are valid after a PASS command, and guess what, 331 is
not one of them.
So, if the password specified on the PASS command has expired we will do the
1) send a "530 passwd expired; retry with passwd/newpasswd"
2) extend the syntax for the PASS text to allow specification of a new passwd
PASS passwd[/newpasswd] [GROUP(xxx)]
(GROUP is another piece of user id the user may want to specify in a usual
MVS security environment)
3) while we're at it, extend the syntax of the USER command also
USER userid[/passwd[/newpasswd]] [GROUP(xxx)]
This will screw up 4.x users who use .netrc files to allow auto-login
when 4.x client FTP connects to a remote host, in the case where the passwd
has expired, but that's life in the big (BLUE) city!
Chris Markle - firstname.lastname@example.org - (301)290-8100
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:39:15 GMT