Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!husc6!rutgers!ucla-cs!zen!ucbvax!columbia-pdn!cam
From: cam@columbia-pdn (Chris Markle acc_gnsc)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: Multiple 331 passwd responses in FTP protocol
Message-ID: <8709042059.AA06511@columbia-pdn>
Date: Fri, 4-Sep-87 16:59:07 EDT
Article-I.D.: columbia.8709042059.AA06511
Posted: Fri Sep  4 16:59:07 1987
Date-Received: Sat, 5-Sep-87 20:42:29 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 28

Folks,

A number of people have quickly pointed out to me that section 5.4 
"Sequencing of Commands and Replies" in RFC 959 specifically states the
responses that are valid after a PASS command, and guess what, 331 is 
not one of them.

So, if the password specified on the PASS command has expired we will do the
following:

1) send a "530 passwd expired; retry with passwd/newpasswd"

2) extend the syntax for the PASS text to allow specification of a new passwd

	PASS passwd[/newpasswd] [GROUP(xxx)]

   (GROUP is another piece of user id the user may want to specify in a usual
    MVS security environment)

3) while we're at it, extend the syntax of the USER command also

	USER userid[/passwd[/newpasswd]] [GROUP(xxx)]

This will screw up 4.x users who use .netrc files to allow auto-login
when 4.x client FTP connects to a remote host, in the case where the passwd
has expired, but that's life in the big (BLUE) city!

Chris Markle - cam@acc-sb-unix.arpa - (301)290-8100