When a file is uploaded into a specially configured directory, a MD5 digest of
the uploaded file is automatically calculated. This MD5 digest is written
automatically to a file in the same directory. For example, if a file called
"file.txt" is uploaded into a
MD5Path directory, then a file called
"file.txt.md5" will also automatically be written. The contents of
.md5 file are identical to the output of the common
.md5 file is useful for large uploads, where the sender
wants to be certain that the file was received by the server intact. By
comparing the autogenerated
.md5 file's MD5 digest with an MD5
digest of the large file calculated by the client before sending, the sender
can verify the upload.
mod_md5 module is contained in the
file for ProFTPD 1.3.x, found
here, and is not compiled by default.
Installation instructions are discussed here.
The most current version of
mod_md5 can be found at:
Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.
2001-12-18: Thanks to Bill Fenner for the initial ideas for this module
2002-08-08: Thanks to Jonas Jensen for noting the problems when using
SITE MD5 in a
DefaultRoot login, and on non-regular files (e.g. directories).
MD5Engine directive enables or disables the module's
runtime MD5 engine. If it is set to off this module does no
MD5 processing at all. Use this directive to disable the module instead of
commenting out all
MD5Path directive specifies a path to a directory.
Files uploaded to that directory (and its subdirectories) will automatically
have MD5 digests calculated and printed to a file
Multiple such directories can be configured by using mulitple
Note that if the given path starts with a
mod_md5 will treat the directory normally, and not generate
.md5 files in that directory. This is primarily useful for
.md5 generation in directories whose parent directories
# A path can use ~ notation MD5Path ~/public_ftp/md5 # Calculate digests in the normal upload directory MD5Path /path/to/upload/dir # Disable generation of .md5 files in a subdirectory of the upload directory MD5Path !/path/to/upload/dir/subdir
SITEcommand accepts a single parameter, the path to the file of which to obtain the MD5 digest, and can only be used once the client has successfully logged in. When allowing this command to be used, it is best to limit its use to trusted clients, e.g.:
<Limit SITE_MD5> Allow ... DenyAll </Limit>for calculating the sum for large files can be CPU-intensive.
ftp> quote SITE MD5 HelloWorld.txt 200-9af2f8218b150c351ad802c6f3d66abe HelloWorld.txt 200 Please contact firstname.lastname@example.org if this digest is inaccurate
Use of this
SITE can be controlled via
<Limit SITE_MD5> AllowUser stan DenyAll </Limit>
proftpd-dir/contrib/Then follow the normal steps for using third-party modules in proftpd:
./configure --with-modules=mod_md5 make make install
.md5files for uploaded files,
mod_md5also automatically deletes the
.md5file when its file is deleted from a
mod_md5 will notice that the configuration directives
changed substantially with the
1.0rc1 release. These changes
are necessary in order to support new functionality, such as !
MD5Path negation. The other new feature in
is better integration with
mod_ifsession. This means that now
mod_md5's capabilities can be controlled to a finer degree by
mod_ifsession control contexts (demonstrated below).
This example shows a typical
<IfModule mod_md5.c> MD5Engine on MD5Path /var/ftp/public/upload </IfModule>
Another example configuration which allows use of
capabilities by users in a special group, using
<IfModule mod_md5.c> MD5Engine on <IfGroup md5ftp> MD5Path ~ </IfUser> </IfModule>
Note that for
mod_ifsession to be
used properly together,
mod_ifsession must come after
mod_md5 in your
--with-modules configure option.