Add a new option, '-o', for "Write-only". Disables the RETR command,

preventing anyone from downloading files.  In conjunction with -A, and some
appropriate file permissions, this lets you create an anonymous FTP drop
box for people to upload files to.

The more obvious "-w" flag is already taken by NetBSD's ftpd.  "-o" was
available as an option letter in all three BSDs.

3 files changed, 16 insertions, 2 deletions

diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index 1ae6e41..2da3ef2 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -93,6 +93,7 @@ extern  int transflag;
 extern  char tmpline[];
 extern	int readonly;
 extern	int noepsv;
+extern	int noretr;
 
 off_t	restart_point;
 
@@ -439,8 +440,11 @@ cmd
 		}
 	| RETR check_login SP pathname CRLF
 		{
-			if ($2 && $4 != NULL)
+			if (noretr)
+				reply(500, "RETR command is disabled");
+			else if ($2 && $4 != NULL)
 				retrieve((char *) 0, $4);
+
 			if ($4 != NULL)
 				free($4);
 		}
diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8
index dd32934..1b64380 100644
--- a/libexec/ftpd/ftpd.8
+++ b/libexec/ftpd/ftpd.8
@@ -50,6 +50,7 @@
 .Op Fl S
 .Op Fl U
 .Op Fl r
+.Op Fl o
 .Op Fl E
 .Op Fl T Ar maxtimeout
 .Op Fl t Ar timeout
@@ -157,6 +158,9 @@ Allow only anonymous ftp access.
 .It Fl r
 Put server in read-only mode.
 All commands which may modify the local filesystem are disabled.
+.It Fl o
+Put server in write-only mode.
+RETR is disabled, preventing downloads.
 .It Fl E
 Disable the EPSV command.
 This is useful for servers behind older firewalls.
diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index f9556e0..254282b 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -149,6 +149,8 @@ int	usedefault = 1;		/* for data transfers */
 int	pdata = -1;		/* for passive mode */
 int	readonly=0;		/* Server is in readonly mode.	*/
 int	noepsv=0;		/* EPSV command is disabled.	*/
+int	noretr=0;		/* RETR command is disabled.	*/
+
 sig_atomic_t transflag;
 off_t	file_size;
 off_t	byte_count;
@@ -299,7 +301,7 @@ main(argc, argv, envp)
 #endif /* OLD_SETPROCTITLE */
 
 
-	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:va:p:46")) != -1) {
+	while ((ch = getopt(argc, argv, "AdlDESURrt:T:u:voa:p:46")) != -1) {
 		switch (ch) {
 		case 'D':
 			daemon_mode++;
@@ -382,6 +384,10 @@ main(argc, argv, envp)
 			family = AF_INET6;
 			break;
 
+		case 'o':
+			noretr = 1;
+			break;
+
 		default:
 			warnx("unknown flag -%c ignored", optopt);
 			break;