Patch Name:  PHNE_9786

Patch Description: s700_800 10.20 kftpd(1M) patch

Creation Date: 97/01/12

Post Date:  97/01/26

Hardware Platforms - OS Releases:
        s700: 10.20
        s800: 10.20

Products: N/A

Filesets:
        InternetSvcSec.INETSVCS-SEC InternetSvcSec.ISEC-ENG-A-MAN

Automatic Reboot?: No

Status: General Superseded

Critical: No

Path Name:  /hp-ux_patches/s700_800/10.X/PHNE_9786

Symptoms:
        PHNE_9786:

        (kftpd)
        * ftpd returns a 550 after an NLST when the file
         is not found.

        * Privileged ports cannot be specified as a part of
        the PORT command.

        * An error message  "You've GOT to be joking" is
        displayed when a client specifies a privileged port as
        a data-port.

        * The command modtime  displays incorrect date and
        time for some dates.

Defect Description:
        PHNE_9786:

        (kftpd)
        * ftpd returns a 550 after a NLST when a file is not
        found. The return code was changed to 450 per RFC 959.

        * An option "-p" has been added. The PORT command
        can now specify a privileged port as a data-port
        if this option is set.

        * The error message "You've GOT to be joking" has been
        replaced by "Port command failure".

        * The command modtime now behaves correctly.

SR:
        5003343970 5003344846 5003322867

Patch Files:
        /usr/lbin/kftpd
        /usr/share/man/man1m.Z/kftpd.1m

what(1) Output:
        /usr/lbin/kftpd:
                Copyright (c) 1985, 1988 Regents of the University o
                        f California.
                ftpd.c  based on 5.28   (Berkeley) 4/20/89
                Secure Internet Svcs - Revision 1.7.212.1  Mon Jan 1
                        3 23:52:32 GMT 1997
                ftpcmd.y        5.20 (Berkeley) 2/28/89
                glob.c  5.7 (Berkeley) 12/14/88
                popen.c 5.7 (Berkeley) 2/14/89
                logwtmp.c       5.2 (Berkeley) 9/22/88
        /usr/share/man/man1m.Z/kftpd.1m:
                (none)

cksum(1) Output:
        1302158752 507904 /usr/lbin/kftpd
        1398661287 8323 /usr/share/man/man1m.Z/kftpd.1m

Patch Conflicts: None

Patch Dependencies:  None

Hardware Dependencies:  None

Other Dependencies:  None

Supersedes:  None

Equivalent Patches: None

Patch Package Size:  560 Kbytes

Installation Instructions:
        Please review all instructions and the Hewlett-Packard
        SupportLine User Guide or your Hewlett-Packard support terms
        and conditions for precautions, scope of license,
        restrictions, and, limitation of liability and warranties,
        before installing this patch.
        ------------------------------------------------------------
        1. Back up your system before installing a patch.

        2. Login as root.

        3. Copy the patch to the /tmp directory.

        4. Move to the /tmp directory and unshar the patch:

                cd /tmp
                sh PHNE_9786

        5a. For a standalone system, run swinstall to install the
            patch:

                swinstall -x autoreboot=true -x match_target=true \
                        -s /tmp/PHNE_9786.depot

        5b. For a homogeneous NFS Diskless cluster run swcluster on the
            server to install the patch on the server and the clients:

                swcluster -i -b

            This will invoke swcluster in the interactive mode and
            force all clients to be shut down.

            WARNING: All cluster clients must be shut down prior to the
                     patch installation.  Installing the patch while the
                     clients are booted is unsupported and can lead to
                     serious problems.

            The swcluster command will invoke an swinstall session in which
            you must specify:

                alternate root path  -  default is /export/shared_root/OS_700
                source depot path    -  /tmp/PHNE_9786.depot

            To complete the installation, select the patch by choosing
            "Actions -> Match What Target Has" and then "Actions -> Install"
            from the Menubar.

        5c. For a heterogeneous NFS Diskless cluster:

                - run swinstall on the server as in step 5a to install
                  the patch on the cluster server.

                - run swcluster on the server as in step 5b to install
                  the patch on the cluster clients.

        By default swinstall will archive the original software in
        /var/adm/sw/patch/PHNE_9786.  If you do not wish to retain a
        copy of the original software, you can create an empty file
        named /var/adm/sw/patch/PATCH_NOSAVE.

        Warning: If this file exists when a patch is installed, the
                 patch cannot be deinstalled.  Please be careful
                 when using this feature.

        It is recommended that you move the PHNE_9786.text file to
        /var/adm/sw/patch for future reference.

        To put this patch on a magnetic tape and install from the
        tape drive, use the command:

                dd if=/tmp/PHNE_9786.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions:
        1. Disable the InternetSvcSec product using
        the command "/usr/sbin/inetsvcs_sec disable"

        2. Install patch.

        3. Enable the product using command
         "/usr/sbin/inetsvcs_sec enable".