diff -u -r --new-file twoftpd-1.16/Makefile twoftpd-1.16-sg1/Makefile
--- twoftpd-1.16/Makefile	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/Makefile	Wed Jun 26 05:23:34 2002
@@ -95,7 +95,7 @@
 path.o: compile path.c twoftpd.h backend.h
 	./compile path.c
 
-programs: twoftpd-anon twoftpd-auth twoftpd-xfer twoftpd-conf twoftpd-anon-conf twoftpd-bind-port
+programs: twoftpd-anon twoftpd-auth twoftpd-xfer twoftpd-conf twoftpd-anon-conf twoftpd-bind-port twoftpd-drop
 
 respond.o: compile respond.c twoftpd.h log.h
 	./compile respond.c
@@ -138,6 +138,12 @@
 twoftpd-anon.o: compile twoftpd-anon.c twoftpd.h backend.h
 	./compile twoftpd-anon.c
 
+twoftpd-drop: load twoftpd-drop.o backend.a main.a socket.lib
+	./load twoftpd-drop backend.a main.a `cat socket.lib` -lpath/path -liobuf/iobuf -lnet/socket -lunix/nonblock -lunix/sig -lstr/iter -lstr/str
+
+twoftpd-drop.o: compile twoftpd-drop.c twoftpd.h backend.h
+	./compile twoftpd-drop.c
+
 twoftpd-auth: load twoftpd-auth.o main.a socket.lib
 	./load twoftpd-auth main.a `cat socket.lib` -lcvm/client -liobuf/iobuf -lnet/socket -lunix/sig
 
diff -u -r --new-file twoftpd-1.16/TARGETS twoftpd-1.16-sg1/TARGETS
--- twoftpd-1.16/TARGETS	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/TARGETS	Wed Jun 26 05:18:34 2002
@@ -42,3 +42,5 @@
 twoftpd-conf.o
 twoftpd-xfer
 twoftpd-xfer.o
+twoftpd-drop
+twoftpd-drop.o
diff -u -r --new-file twoftpd-1.16/insthier.c twoftpd-1.16-sg1/insthier.c
--- twoftpd-1.16/insthier.c	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/insthier.c	Wed Jun 26 05:09:20 2002
@@ -14,6 +14,7 @@
   c(bin,  "twoftpd-bind-port", -1, -1, 0555);
   c(bin,  "twoftpd-conf",      -1, -1, 0555);
   c(bin,  "twoftpd-xfer",      -1, -1, 0555);
+  c(bin,  "twoftpd-drop",      -1, -1, 0555);
 
   c(man1, "twoftpd-auth.1",    -1, -1, 0444);
   c(man1, "twoftpd-xfer.1",    -1, -1, 0444);
diff -u -r --new-file twoftpd-1.16/path.c twoftpd-1.16-sg1/path.c
--- twoftpd-1.16/path.c	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/path.c	Wed Jun 26 04:28:32 2002
@@ -19,6 +19,7 @@
 #include "twoftpd.h"
 #include "backend.h"
 #include <path/path.h>
+#include <errno.h>
 
 str fullpath;
 
@@ -33,10 +34,18 @@
   if (nodotfiles) {
     long i;
     if (fullpath.s[0] == '.') return 0;
-    for (i = str_findlast(&fullpath, '/'); i > 0;
+    for (i = str_findlast(&fullpath, '/'); i >= 0;
 	 i = str_findprev(&fullpath, '/', i-1))
-      if (fullpath.s[i+1] == '.') return 0;
+      {
+	if (fullpath.s[i+1] == '.') {
+	  errno=EPERM;
+	  return 0;
+	}
+	if (i == 0)
+	  break;
+      }
   }
+  
   return 1;
 }
 
diff -u -r --new-file twoftpd-1.16/retr.c twoftpd-1.16-sg1/retr.c
--- twoftpd-1.16/retr.c	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/retr.c	Wed Jun 26 03:45:10 2002
@@ -96,7 +96,8 @@
     return 1;
   }
   result = copy(&in, &out);
-  ibuf_close(&in);
+  if (!ibuf_close(&in))
+    result = 0;
   if (!close_out_connection(&out)) result = 0;
   if (result)
     return respond_bytes(226, "File sent successfully", network_bytes, 1);
diff -u -r --new-file twoftpd-1.16/store.c twoftpd-1.16-sg1/store.c
--- twoftpd-1.16/store.c	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/store.c	Wed Jun 26 03:45:10 2002
@@ -25,10 +25,10 @@
 #include "twoftpd.h"
 #include "backend.h"
 
-static unsigned long network_bytes;
+unsigned long network_bytes;
 static str rnfr_filename;
 
-static int copy(ibuf* in, obuf* out)
+int copy(ibuf* in, obuf* out)
 {
   char buf[iobuf_bufsize];
   char* ptr;
@@ -79,9 +79,13 @@
     obuf_close(&out);
     return 1;
   }
+
   r = copy(&in, &out);
-  ibuf_close(&in);
-  obuf_close(&out);
+  if (!ibuf_close(&in))
+    r = 0;
+  if (!obuf_close(&out))
+    r = 0;
+
   if (r)
     return respond_bytes(226, "File received successfully", network_bytes, 0);
   else
Binary files twoftpd-1.16/test and twoftpd-1.16-sg1/test differ
diff -u -r --new-file twoftpd-1.16/twoftpd-auth.c twoftpd-1.16-sg1/twoftpd-auth.c
--- twoftpd-1.16/twoftpd-auth.c	Sun Jun  2 18:48:30 2002
+++ twoftpd-1.16-sg1/twoftpd-auth.c	Wed Jun 26 04:46:16 2002
@@ -18,6 +18,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <ctype.h>
 #include "twoftpd.h"
 #include <cvm/client.h>
 #include <sysdeps.h>
@@ -30,6 +31,11 @@
 static const char* cvmodule = 0;
 static const char* creds[2];
 
+char **nopass;
+int num_nopass, max_nopass;
+#define ALLOC_COUNT 10
+int find_nopass(void);
+
 static void do_exec()
 {
   alarm(0);
@@ -39,10 +45,21 @@
   exit(1);
 }
 
+static int handle_pass(void);
+
 static int handle_user(void)
 {
+  int i;
+
   if (user) free((char*)user);
   user = strdup(req_param);
+  for(i=0;i<num_nopass;i++) {
+    if (strcasecmp(user,nopass[i]) == 0)
+      {
+	req_param = "";
+	return handle_pass();
+      }
+  }
   return respond(331, 1, "Send PASS.");
 }
 
@@ -92,6 +109,48 @@
   if ((tmp = getenv("AUTH_TIMEOUT")) != 0) auth_timeout = strtou(tmp, &tmp);
   alarm(auth_timeout);
 
+  if (find_nopass() < 0) {
+    respond(550,1,"Error reading environment");
+    return 0;
+  }
+
   return respond(220, 0, "TwoFTPd server ready.") &&
     respond(220, 1, "Authenticate first.");
 }
+
+
+int find_nopass(void)
+{
+  char *e, *we, *ws, *s;
+
+  if (!(e=getenv("TWOFTPD_NOPASS")))
+    return 0;
+
+  we = e;
+  while (1) {
+    ws = we;
+    while (*ws && (isspace(*ws) || !isprint(*ws))) {
+      ws++;
+    }
+    if (!*ws)
+      break;
+    we = ws;
+    
+    while (isprint(*we) && !isspace(*we)) {
+      we++;
+    }
+    if (!(s = malloc(we-ws+1)))
+      return -1;
+    memcpy(s,ws,we-ws);
+    s[we-ws]='\0';
+    if (num_nopass >= max_nopass) {
+      max_nopass += ALLOC_COUNT;
+      if (!(nopass = realloc(nopass,max_nopass * sizeof(char *)))) 
+	return -1;
+    }
+    nopass[num_nopass] = s;
+    num_nopass++;
+  }
+  return 0;
+
+}
diff -u -r --new-file twoftpd-1.16/twoftpd-drop.c twoftpd-1.16-sg1/twoftpd-drop.c
--- twoftpd-1.16/twoftpd-drop.c	Wed Dec 31 19:00:00 1969
+++ twoftpd-1.16-sg1/twoftpd-drop.c	Wed Jun 26 03:45:09 2002
@@ -0,0 +1,128 @@
+/* twoftpd-xfer.c - Main dispatch table for twoftpd-xfer
+ * Copyright (C) 2001  Bruce Guenter <bruceg@em.ca>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+#include "twoftpd.h"
+#include "backend.h"
+
+#include <errno.h>
+#include <string.h>
+#include <malloc.h>
+
+#define MAX_FILENAME_TRIES 100
+
+int copy(ibuf* in, obuf* out);
+extern unsigned long network_bytes;
+
+static int drop_handle_stor(void);
+
+const unsigned startup_code = 230;
+const char program[] = "twoftpd-drop";
+
+const command verbs[] = {
+  { "TYPE", 0, 0,           handle_type },
+  { "STRU", 0, 0,           handle_stru },
+  { "MODE", 0, 0,           handle_mode },
+  { "CWD",  0, 0,           handle_cwd },
+  { "PWD",  0, handle_pwd,  0 },
+  { "CDUP", 0, handle_cdup, 0 },
+  { "PASV", 0, handle_pasv, 0 },
+  { "PORT", 0, 0,           handle_port },
+/*   { "LIST", 0, handle_list, handle_list }, */
+/*   { "NLST", 0, handle_nlst, handle_nlst }, */
+/*   { "SIZE", 0, 0,           handle_size }, */
+/*   { "MDTM", 0, 0,           handle_mdtm }, */
+  { "REST", 0, 0,           handle_rest },
+/*   { "RETR", 0, 0,           handle_retr }, */
+  { "STOR", 0, 0,           drop_handle_stor },
+/*   { "APPE", 0, 0,           handle_appe }, */
+/*   { "MKD",  0, 0,           handle_mkd  }, */
+/*   { "RMD",  0, 0,           handle_rmd  }, */
+/*   { "DELE", 0, 0,           handle_dele }, */
+/*   { "RNFR", 0, 0,           handle_rnfr }, */
+/*   { "RNTO", 0, 0,           handle_rnto }, */
+  /* Compatibility verbs as defined by RFC1123 */
+  { "XCWD", 0, 0,           handle_cwd },
+  { "XPWD", 0, handle_pwd,  0 },
+  { "XCUP", 0, handle_cdup, 0 },
+/*   { "XMKD", 0, 0,           handle_mkd  }, */
+/*   { "XRMD", 0, 0,           handle_rmd  }, */
+  /* Handle stray login commands */
+  { "USER", 1, 0,           handle_pass },
+  { "PASS", 1, 0,           handle_pass },
+  { "ACCT", 0, 0,           handle_pass },
+  { 0,      0, 0,           0 }
+};
+
+const command site_commands[] = {
+/*   { "CHMOD", 0, 0, handle_site_chmod }, */
+  { 0,       0, 0, 0 }
+};
+
+
+static int drop_handle_stor(void)
+{
+  ibuf in;
+  obuf out;
+  char *newname;
+  char *numhere;
+  int strsize;
+  int r;
+  int i;
+
+  if (!open_out(&out, req_param, OBUF_CREATE|OBUF_EXCLUSIVE)) {
+    if (errno != EEXIST)
+      return respond_syserr(550,"Could not open output file");
+    strsize=strlen(req_param);
+    if (!(newname = malloc(strsize+5+1)))
+      return respond_syserr(550,"No memory available");
+    strcpy(newname,req_param);
+    numhere=newname+strsize+1;
+    *(numhere-1) = '_';
+    *(numhere+4) = '\0';
+
+    for(i=1;i<=MAX_FILENAME_TRIES;i++) {
+      *(numhere+3) = i % 10 + '0';
+      *(numhere+2) = (i / 10) % 10 + '0';
+      *(numhere+1) = (i / 100) % 10 + '0';
+      *(numhere+0) = (i / 1000) % 10 + '0';
+      if (open_out(&out,newname, OBUF_CREATE|OBUF_EXCLUSIVE)) {
+	break;
+      } else {
+	if (errno != EEXIST)
+	  return respond_syserr(550,"Could not open output file");
+      }
+    }
+    if (i > MAX_FILENAME_TRIES)
+      return respond_syserr(550,"Could not open output file");
+  }
+    
+  if (!make_in_connection(&in)) {
+    obuf_close(&out);
+    return 1;
+  }
+  
+  r = copy(&in,&out);
+  if (!ibuf_close(&in))
+    r = 0;
+  if (!obuf_close(&out))
+    r = 0;
+
+  if (r)
+    return respond_bytes(226, "File received succesfully", network_bytes, 0);
+  else
+    return respond_bytes(451, "File store failed", network_bytes, 0);
+}