Hello Folks @ 3000-l,

Re: FTPMON under 5.5 "password" parameter

--------------------------------------------------Paul Courry writes--
Please forgive me if I do not follow the nuances of James complete
post, but the class I took in HP networking in 2000 very specifically
stated in the workbook that FTP most *definitely* executes logon
UDC's. As an aside, FTP and anonymous are user names that are
permitted and several special variables were created when FTP was
invoked by a user.

Could someone with the time and inclination set up a system wide udc
that would dump the showvar @ to a printer, then invoke FTP from their
PC or another machine and give us all a definitive answer?
----------------------------------------------------------------------

This is easy enough to test...

build a logon UDC for a user:

:newuser byebye;home=work;pass=gone

:print udc.work.sys
saybye
option logon,nobreak
bye

:setcatalog udc.work.sys;user=byebye.sys

and from a Telnet session... I logon as byebye.sys

MPE/iX:hello byebye.sys
ENTER ACCOUNT (SYS) PASSWORD:

ENTER USER (BYEBYE) PASSWORD:

HP3000  Release: C.65.00   User Version: C.65.00   SUN, JAN  7, 2001,  2:21
AM
MPE/iX  HP31900 C.25.06  Copyright Hewlett-Packard 1987.  All rights
reserved.

This system is reserved for Network Expert Center use only!
Unauthorized use is prohibited by law and people with sticks.

CPU=1. Connect=1. SUN, JAN  7, 2001,  2:21 AM.

<Your 'TELNET' connection has terminated>

and as you can see the "option logon,nobreak" UDC performs the "bye" and
logs you off.

and now if I logon with FTP:

:ftp aleta
File Transfer Protocol [A0010A02] (C) Hewlett-Packard Co. 1990
220 HP ARPA FTP Server [A0010A02] (C) Hewlett-Packard Co. 1990
Connected to aleta (15.44.48.51).  (FTPINFO 40)
Name(manager): byebye.sys
331 Password required for BYEBYE.SYS.  Syntax: userpass,acctpass
Password:
230 User logged on
Remote system type is MPE/iX
200 TIMEOUT command ok.
ftp>
ftp> pwd
257-"/SYS/WORK" is the current directory.
257 "BYEBYE.SYS,WORK" is the current session.ion will be opened
ftp>
ftp> ls /SYS/WORK/UDC
200 PORT command ok.
150 File: LISTFILE /SYS/WORK/UDC,6 opened; data connection will be opened
/SYS/WORK/UDC
226 Transfer complete.
15 bytes received in 0.01 seconds (1.63 Kbytes/sec)
ftp>  dir /SYS/WORK/UDC
200 PORT command ok.
150 File: LISTFILE /SYS/WORK/UDC,2 opened; data connection will be opened
 PATH= /SYS/WORK/

 CODE  ------------LOGICAL RECORD-----------  ----SPACE----  FILENAME
         SIZE  TYP        EOF      LIMIT R/B  SECTORS #X MX

          72B  FA           3          3   3       16  1  1  UDC


226 Transfer complete.
225 bytes received in 0.01 seconds (14.65 Kbytes/sec)
ftp>

and as you can see I am not logged off and in fact I can perform commands
and in fact I can delete this UDC file which is not possible if you are
logged in and executing the UDC.

ftp> del /SYS/WORK/UDC
250 DELE file action successful.

and now if I log in again with my Telnet session:

MPE/iX:hello byebye.sys
ENTER ACCOUNT (SYS) PASSWORD:

ENTER USER (BYEBYE) PASSWORD:

NONEXISTENT PERMANENT FILE  (FSERR 52)
Couldn't open UDC file "UDC.WORK.SYS". (CIERR 1923)
No user-level UDCs have been initialized. (CIWARN 1927)

This system is reserved for Network Expert Center use only!
Unauthorized use is prohibited by law and people with sticks.

:

for the test with UDC and variables...  I coded my option logon UDC
to set a variable test and to showvar test and to showvar FTP@

dontsaybye
option logon,nobreak
setvar test 1
showvar test
showvar ftp@

and now if I log in again with my Telnet session:

MPE/iX:hello byebye.sys
ENTER ACCOUNT (SYS) PASSWORD:

ENTER USER (BYEBYE) PASSWORD:

HP3000  Release: C.65.00   User Version: C.65.00   SUN, JAN  7, 2001,  2:33
AM
MPE/iX  HP31900 C.25.06  Copyright Hewlett-Packard 1987.  All rights
reserved.

This system is reserved for Network Expert Center use only!
Unauthorized use is prohibited by law and people with sticks.

TEST = 1
showvar ftp@
        ^
No match found for this variable set. (CIWARN 8116)
:

and in this case we find the OPTION LOGON UDC works and sets TEST=1, but
we also find out that the FTP variables are not set.

:ftp
File Transfer Protocol [A0010A02] (C) Hewlett-Packard Co. 1990
ftp> quit
:showvar ftp@
FTPLASTERR = 0
FTPXFERFILES = 0
FTPREQFILES = 0
FTPREPLACE = TRUE

by going into FTP we find out that the FTP variables are set internally
to the FTP/iX program and are not present on the system until the first
time FTP is run.

and now for the FTP test with a logon udc again...

ftp> :showvar test
showvar test
        ^
Variable not found in variable table. (CIERR 8106)
ftp> :showvar ftp@
FTPLASTERR = 0
FTPXFERFILES = 0
FTPREQFILES = 0
FTPREPLACE = TRUE
FTPLASTREPLY = 200 TIMEOUT command ok.

we again see the option logon,nobreak UDC is not executed by FTP, but
that the FTP variables are available since they are generated internally
to FTP/iX.

The FTP/iX and DSCOPY file transfer protocols do not execute UDC's when
logging on to a remote system.  In the case of FTP/iX it could actually
be argued that this is as per RFC specification since the RFC's do not
specify a Terminal Emulator as part of the FTP protocol and in the case
of a LOGON UDC that generated output or requested input, a terminal
emulator of some sort would be necessary to intercept this i/o and
present it to FTP/iX in a message format that it could execute.

As per your side note:  "As an aside, FTP and anonymous are user names
that are permitted".  Yes, in the FTP code we translate a user logon of
'ftp' or 'anonymous' to 'USER.FTPGUEST' and do a chroot to /FTPGUEST/PUB.

I hope this helps clear up any confusion.

Regards,

James Hofmeister
Hewlett Packard
Worldwide Technology Network Expert Center
P.S. My Ideals are my own, not necessarily my employers.