From c33e077838c8fee729c726f59c441555847b07e6 Mon Sep 17 00:00:00 2001
From: Guido van Rossum <guido@python.org>
Date: Fri, 28 Dec 2001 20:54:28 +0000
Subject: =?UTF-8?q?SF=20patch=20#497420=20(Eduardo=20P=C3=A9rez):=20ftplib?=
 =?UTF-8?q?:=20ftp=20anonymous=20password?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Instead of sending the real user and host, use "anonymous@" (i.e. no
host name at all!) as the default anonymous FTP password.  This avoids
privacy violations.
---
 Doc/lib/libftplib.tex |  7 ++-----
 Lib/ftplib.py         | 21 ++++++++-------------
 Misc/ACKS             |  1 +
 3 files changed, 11 insertions(+), 18 deletions(-)

diff --git a/Doc/lib/libftplib.tex b/Doc/lib/libftplib.tex
index 0d0d700..d4851ab 100644
--- a/Doc/lib/libftplib.tex
+++ b/Doc/lib/libftplib.tex
@@ -20,7 +20,7 @@ Here's a sample session using the \module{ftplib} module:
 \begin{verbatim}
 >>> from ftplib import FTP
 >>> ftp = FTP('ftp.cwi.nl')   # connect to host, default port
->>> ftp.login()               # user anonymous, passwd user@hostname
+>>> ftp.login()               # user anonymous, passwd anonymous@
 >>> ftp.retrlines('LIST')     # list directory contents
 total 24418
 drwxrwsr-x   5 ftp-usr  pdmaint     1536 Mar 20 09:48 .
@@ -121,10 +121,7 @@ Log in as the given \var{user}.  The \var{passwd} and \var{acct}
 parameters are optional and default to the empty string.  If no
 \var{user} is specified, it defaults to \code{'anonymous'}.  If
 \var{user} is \code{'anonymous'}, the default \var{passwd} is
-\samp{\var{realuser}@\var{host}} where \var{realuser} is the real user
-name (glanced from the \envvar{LOGNAME} or \envvar{USER} environment
-variable) and \var{host} is the hostname as returned by
-\function{socket.gethostname()}.  This function should be called only
+\code{'anonymous@'}.  This function should be called only
 once for each instance, after a connection has been established; it
 should not be called at all if a host and user were given when the
 instance was created.  Most FTP commands are only allowed after the
diff --git a/Lib/ftplib.py b/Lib/ftplib.py
index a176a87..cf1f32f 100644
--- a/Lib/ftplib.py
+++ b/Lib/ftplib.py
@@ -351,19 +351,14 @@ class FTP:
         if not passwd: passwd = ''
         if not acct: acct = ''
         if user == 'anonymous' and passwd in ('', '-'):
-            # get fully qualified domain name of local host
-            thishost = socket.getfqdn()
-            try:
-                if os.environ.has_key('LOGNAME'):
-                    realuser = os.environ['LOGNAME']
-                elif os.environ.has_key('USER'):
-                    realuser = os.environ['USER']
-                else:
-                    realuser = 'anonymous'
-            except AttributeError:
-                # Not all systems have os.environ....
-                realuser = 'anonymous'
-            passwd = passwd + realuser + '@' + thishost
+	    # If there is no anonymous ftp password specified
+	    # then we'll just use anonymous@
+	    # We don't send any other thing because:
+	    # - We want to remain anonymous
+	    # - We want to stop SPAM
+	    # - We don't want to let ftp sites to discriminate by the user,
+	    #   host or country.
+            passwd = passwd + 'anonymous@'
         resp = self.sendcmd('USER ' + user)
         if resp[0] == '3': resp = self.sendcmd('PASS ' + passwd)
         if resp[0] == '3': resp = self.sendcmd('ACCT ' + acct)
diff --git a/Misc/ACKS b/Misc/ACKS
index 0d1e2c5..6f64724 100644
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -330,6 +330,7 @@ Randy Pausch
 Marcel van der Peijl
 Samuele Pedroni
 Steven Pemberton
+Eduardo Pérez
 Tim Peters
 Chris Petrilli
 Geoff Philbrick
-- 
cgit v0.12