Add a new option, '-o', for "Write-only". Disables the RETR command,

preventing anyone from downloading files. In conjunction with -A, and some appropriate file permissions, this lets you create an anonymous FTP drop box for people to upload files to. The more obvious "-w" flag is already taken by NetBSD's ftpd. "-o" was available as an option letter in all three BSDs.
2026-05-28 04:12:45 -04:00 · 2001-08-28 11:59:21 +00:00 · 2001-08-28 11:59:21 +00:00 · 62513e761e
commit 62513e761e
parent b4fa8260b8
3 changed files with 16 additions and 2 deletions
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@ -93,6 +93,7 @@ extern  int transflag;
 extern  char tmpline[];
 extern	int readonly;
 extern	int noepsv;
+extern	int noretr;

 off_t	restart_point;

@ -439,8 +440,11 @@ cmd
 		}
 	| RETR check_login SP pathname CRLF
 		{
-			if ($2 && $4 != NULL)
+			if (noretr)
+				reply(500, "RETR command is disabled");
+			else if ($2 && $4 != NULL)
 				retrieve((char *) 0, $4);
+
 			if ($4 != NULL)
 				free($4);
 		}
--- a/libexec/ftpd/ftpd.8
+++ b/libexec/ftpd/ftpd.8
@ -50,6 +50,7 @@
 .Op Fl S
 .Op Fl U
 .Op Fl r
+.Op Fl o
 .Op Fl E
 .Op Fl T Ar maxtimeout
 .Op Fl t Ar timeout
@ -157,6 +158,9 @@ Allow only anonymous ftp access.
 .It Fl r
 Put server in read-only mode.
 All commands which may modify the local filesystem are disabled.
+.It Fl o
+Put server in write-only mode.
+RETR is disabled, preventing downloads.
 .It Fl E
 Disable the EPSV command.
 This is useful for servers behind older firewalls.
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@ -149,6 +149,8 @@ int	usedefault = 1;		/* for data transfers */
 int	pdata = -1;		/* for passive mode */
 int	readonly=0;		/* Server is in readonly mode.	*/
 int	noepsv=0;		/* EPSV command is disabled.	*/
+int	noretr=0;		/* RETR command is disabled.	*/
+
 sig_atomic_t transflag;
 off_t	file_size;
 off_t	byte_count;
@ -299,7 +301,7 @@ main(argc, argv, envp)
 #endif /* OLD_SETPROCTITLE */


-	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:va:p:46")) != -1) {
+	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:voa:p:46")) != -1) {
 		switch (ch) {
 		case 'D':
 			daemon_mode++;
@ -382,6 +384,10 @@ main(argc, argv, envp)
 			family = AF_INET6;
 			break;

+		case 'o':
+			noretr = 1;
+			break;
+
 		default:
 			warnx("unknown flag -%c ignored", optopt);
 			break;