incubator-mod_ftp-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Sanity check
Date Sun, 11 Feb 2007 15:29:41 GMT
William A. Rowe, Jr. wrote:
> 
> I discovered that FTP's + Apache 2.2's list (including all DAV and FTP
> along with HTTP methods) has exceeded the optimistic 62 keyed methods.
> 
> So in the short-term, I've dropped the verbs that don't require us to
> authenticate, e.g. every registered verb that isn't FTP_NEED_LOGIN.
> 
> If we don't need login, and we don't authenticate, it's considered
> an always-safe method.  If you don't want it, ensure that FTP On
> doesn't apply to the region.  These methods include USER, PASS,
> AUTH, PBSZ, PROT and QUIT
> 
> I'm adding NOOP to this list of !FTP_NEED_LOGIN methods to save us
> one more method.

I've had to register PASS again because, although it does not need
a login to run the handler in the first place, its handler will process
this method through the auth stack to determine 'the' logged in user.

> We can save a number of methods if we don't register commands which
> have no provider.  Especially those mail related commands that nobody
> expects to see implemented in today's ftpd servers.  Thoughts?

Still looking for feedback... thoughts?

Mime
View raw message