cam@columbia-pdn (Chris Markle acc_gnsc) (09/04/87)
Folks, A number of people have quickly pointed out to me that section 5.4 "Sequencing of Commands and Replies" in RFC 959 specifically states the responses that are valid after a PASS command, and guess what, 331 is not one of them. So, if the password specified on the PASS command has expired we will do the following: 1) send a "530 passwd expired; retry with passwd/newpasswd" 2) extend the syntax for the PASS text to allow specification of a new passwd PASS passwd[/newpasswd] [GROUP(xxx)] (GROUP is another piece of user id the user may want to specify in a usual MVS security environment) 3) while we're at it, extend the syntax of the USER command also USER userid[/passwd[/newpasswd]] [GROUP(xxx)] This will screw up 4.x users who use .netrc files to allow auto-login when 4.x client FTP connects to a remote host, in the case where the passwd has expired, but that's life in the big (BLUE) city! Chris Markle - cam@acc-sb-unix.arpa - (301)290-8100
STJOHNS@SRI-NIC.ARPA (09/05/87)
No, no, no!!! DO NOT extend the meaning of the USER command or for that matter that of the PASS command. They have very specific meanings. Instead, create your own extension commands "XCPW" and "XGRP". These can be specified via the "quote" command that is supposed to be part of all FTP implementations. This is within the scope of the standard. Please, be sensible - standards are there for a reason, interoperability. Mike