This document describes release 0.01 of Software Innovations Incorporated's FTP service for Windows NT. Release 0.01 is a working prototype and has a number of known bugs and problems, some of which are related to API problems. Be sure to read this document carefully as the security of your system is an issue when using this version of FTPD.
Software Innovations Incorporated makes no warranty as to the fitness of this software for any use.
This software and documentation is Copyright 1993 Software Innovations Incorporated.
Portions of the software are Copyright 1984-1988 Regents of the University of California.
You are free to use and redistribute the binaries to the software provided that this document along with the above copyright notices are included. A $25 shareware fee is requested. Payment of the registration fee will entitle you to a free copy of the full production software and documentation. For a limited time, source code for this working prototype may be purchased for an additional $25.
Why order the source? The source provides examples of:
A working NT service, service installer, deinstaller
Control panel applet
Registry use
Multi-threaded operations
Critical section code
Thread-local storage
LanManager calls
WinSock operations in a multi-threaded environment
Send shareware and source fees to:
Software Innovations Incorporated
P.O. Box 644
Ames, Iowa 50010
or call (515) 232-9127 or fax (515) 232-7382 with credit-card orders (MC & Visa).
Fax orders are preferred. Be sure to include the following on a single sheet (no cover please):
The words : FTP/NT registration or: FTP/NT registration and source order
Your name as it appears on the card.
Type of card (MC or VISA)
Card Number
Expiration date
Shipping address
Your signature
The total amount authorized : $25 registration, $50 with source code, plus any tax or
express shipping (see below).
Iowa residents should include applicable sales tax. All source orders will be shipped within 24 hours by first class mail or UPS ground. Include an additional $5.00 for UPS 2nd Day or $9.00 for UPS next day. Production-version upgrades will be shipped as they become available.
Questions may also be e-mailed to:
martin@iastate.edu or 76137,3022 on CompuServe
bron@iastate.edu
DO NOT EMAIL CREDIT CARD ORDERS
Features
Implemented as a true Windows NT service.
Multi-threaded operation
Full integration with NT facilities
Logging recorded in the event logger
Configuration stored in the registry - no external config files
Connection limits
Support for a welcome message and .message files
Manifest
Your release kit contains the following files:
ftpdserv.exe The actual service program
ftpdmsgs.dll Message file for the NT event logger
ftpdctl.cpl The control panel applet
ftpd.wri This document
ftpdinst.exe An installer program
ftpddel.exe A de-installer
Installation
Be sure to read the known bugs and problems section BEFORE activating FTPD on your system. This version of FTPD has a necessarily-weak security system. SII plans to replace this in the first productional version.
In the productional release, an MSSETUP install script will be provided. For now, the process is a manual one.
To install the ftpd server:
1. Log in as Administrator
Make sure that neither the control panel, service manager, or event logger are
running on your desktop (close their windows).
2. Unzip the files in a temporary directory. The unzip program can be acquired from
ftp.iastate.edu pub/nt/(processor)/unzip.exe
unzip ftpdserv.zip
3. Execute the following commands:
copy ftpdserv.exe \winnt\system
copy ftpdmsgs.dll \winnt\system
copy ftpdctl.cpl \winnt\system
4. Run the installer program:
ftpdinst
This program will initialize values in the registry with defaults, register ftpd with
the event logger, and register the service program with the service manager.
To delete the service:
1. Run the de-installer:
ftpdel
This program will un-register the service with the service manager.
Registry values remain.
2. You may delete the files:
\winnt\system\ftpdserv.exe
\winnt\system\ftpdctl.cpl
3. You may also delete the file \winnt\system\ftpdmsgs.dll after clearing the
event logger application log of any FTPD messages.
Configuration
The FTPD service is configured using a control-panel applet. Double click on the FTPD icon to set the following values. Configuration changes affect only future connections. Existing ftpd client-server connections will continue using the settings in effect when they where initiated.
Log Connections Check this box if you wish to log all new connections and logins
to the event logger.
Log Transfers Check this box to log all files stored or retrieved
Maximum number of Enter the maximum number of simultaneous ftp client-server
simultaneous connections sessions that you wish to support at one time. This can be used
to limit the load which FTPD places on your system during busy
periods. If you don't want to limit the number of connections,
set this value to 0.
Default session timeout This sets the default idle timeout. Any session which is idle (no
commands issued for this number of seconds) will be
disconnected.
Maximum session timeout This sets the maximum idle timeout that a client may request.
A client may request a longer timeout value. This field
represents the maximum allowable timeout value that may
be requested.
Path to 'welcome' message When a new connection is established, the text file indicated
by this path will be displayed prior to the prompt for a login
name and password. (disabled - see known bugs section)
This option has temporarily been replaced by the
security-path kludge, below.
Share to use for access control
The share name used here (e.g., \\skyhawk\ftp) will be used
to check usernames and passwords. If this field is left empty,
then all that is required is a home directory for successful
login. If this is set to a server and share name, then anyone
with a correct name and password for and access to that
share will be allowed to login to the ftpd service.
This security kludge is in place until other appropriate
measures can be coded (see: know bugs)
Whenever a client sets the current working directory using the cd command, the service checks for the existance of a file named '.message'. If a .message file is found, it will be sent to the client each time s/he enters that directory. This is useful for presenting a brief descriptive message, disclaimer, or copyright notice for items in that directory. These messages should be kept as short as possible as they are displayed each time the client enters that directory.
Operation
When serving out files via FTPD, please take care to respect all copyright, license, and shareware terms and conditions on the files you are making accessible.
Starting the FTPD Service
o Open the control panel (in the group: Main).
o Double-click the Services icon
o Insure that the following services are started. You may wish to use the Configuration
button to make them `automatic' such that they start each time the system is booted.
LanmanWorkstation
LanManServer (may not be require in future releases)
TCP/IP
o Select the FTPD service and click on `Start'
If you wish FTPD to be started each time your system boots, click on Configure and
make FTPD `automatic'.
Stopping the FTPD Service
o Open the control panel and double click on the Services icon.
o Select FTPD from the list of services
o Click on `Stop' and confirm your selection by clicking on Yes in the confirmation dialog
o You may change FTPD to `manual' startup (such that it won't start automatically at each
reboot) by clicking on Configure and then selecting Manual.
Viewing the Activity Log
o Open the Event Logger (available to the administrator in the Administrative Tools group.
o Select Application from the Log menu to see FTPD event.
o As FTPD runs, you may press F5 to refresh the event logger's display.
See the Messages section of this document for a list of the possible log messages.
Client Operations
All normal FTPD server operations are supported. Because FTP was created for and exists primarily in the UNIX domains, some concessions to NT are required. Those include:
Directory delimiters. The following are all valid directory specifications:
cd d:\xxx\yyy
cd \\skyhawk\projects\ftp
cd /foo/bar
cd f:/foo/bar
Directory listings:
The client command `ls' will print a simple list of filenames.
The client command `dir' will print a more complete list of filenames and information:
ftp> dir
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
d Administrators 11-Feb-1993 3:02p bash
d Administrators 8-Feb-1993 5:16p bison
d Administrators 2-Feb-1993 3:00p compress
Administrators 29-Apr-1991 4:57p 4245 CRON.C
d Administrators 17-Feb-1993 4:19p dialit
d Administrators 11-Feb-1993 12:49p diff
:
:
d Administrators 16-Feb-1993 9:55p tcsh-6.03
d Administrators 2-Feb-1993 12:27p unzip
d Administrators 1-Feb-1993 5:39p UUCP
d Administrators 1-Feb-1993 5:38p WINNEWS
d Administrators 1-Feb-1993 3:26p zip
226 Transfer complete.
1725 bytes received in 2.32 seconds (0.74 Kbytes/sec)
The first column may contain one or more of:
d This is a directory
R a read-only file
S a system file
T a temporary file
Column 2 contains the name of the owner.
Column 3 contains the date last written
Column 4 contains the time last written
Column 5 (blank for directories) contains the size of the file
Column 6 contains the name of the item
Messages
The following message are currently supported. Some will not appear unless the proper logging options are selected in the control panel applet.
The FTP service has started successfully.
The FTP service has shut down successfully.
A new connection has been received from %1. This connection is being serviced by thread %2.
FTP login by %2 at %1
Anonymous FTP login from %1, %2
User %1 timed out after %2 seconds.
User %1 logged out from FTP.
User %1 has stored file %2.
User %1 has retrieved file %2.
Repeated login failures from %1.
Unable to create communication management thread.
The TCP/IP library reports it is not ready for use.
The requested WinSock API version is not available.
The specified WinSock version is not supported by this DLL.
CreateThread failed while trying to service a new connection.
getpeername() failed on new connection
getsockname() failed on new connection
Unable to allocate thread local storage index.
Unable to malloc thread local storage space.
Known Bugs and Problems
Description : Deprecated security. No real effective checking of the cleartext
username and password is done. One or more needed security API calls are
currently inaccessible at this level of NT.
Fix : Add additional API calls, as they become available, to obtain a thread-local
access token in order to validate ftpd login and to use in controlling file access.
This fix is a must before this program can be considered a well-behaved productional
facility. This fix is being actively pursued with MicroSoft.
Workaround : The service currently allows you to enter a server and share name into
the control panel applet. All attempted logins will be checked for access to that share.
While this may sound like a reasonable compromise, because the ftp service runs as
administrator, once logged in, no file or directory security is available.
Further, the authors' experience with the WNetAddConnection2() has shown this
to be an iffy proposition. That is, sometimes the call behaves as expected, other
times it doesn't. While this may be the result of programmer error, the situation does
seem to improve if you use the NET USE command to mount the share at least once.
If you can't get this surrogate method of security to work, just use an empty share name
in the control applet and anyone with a valid and accessible home directory will be
allowed access to ftp.
Description : The `welcome message' feature is disabled due to protocol
incompatibilities with some ftp clients.
Fix : This feature will be re-enabled as the protocol for such messages becomes
clearer.
Description : The .message file in a login (home) directory is not displayed.
Fix : Coding changes to ftpdserv to display this initial .message file.
Workaround : A command of CD . will display the .message file.
Description : The control-panel applet icon is temporary.
Fix : The author, not being an icon artist, welcomes suggestions and submissions.
Description : File sizes in the dir command only display the low 32 bits of the file size.
Description : Some paths supplied with the dir command result in invalid or empty
responses while a cd to that same path and the an ls or dir without arguments
displays the correct response.
Description : The stat-file command is not implemented. Under UNIX it displays
the result of ls -algA.
Fix : This will be implemented in the next release in a format as close to UNIX as
possible.
Description : The service sometimes reports that the connection limit has been
reached when it in fact has not.
Workaround : Set the connection limit to 0 if this occurs on your system.
