rpms/lftp
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:c8
Branches Tags
rpms:c8
rpms:c8s
rpms:c9s
rpms:c10s
rpms:c8-beta
rpms:c9
rpms:c9-beta
rpms:imports/c10s/lftp-4.9.2-19.el10
rpms:imports/c10s/lftp-4.9.2-18.el10
rpms:imports/c8/lftp-4.8.4-4.el8_10
rpms:imports/c10s/lftp-4.9.2-17.el10
rpms:imports/c10s/lftp-4.9.2-16.el10
rpms:imports/c10s/lftp-4.9.2-15.el10
rpms:imports/c8/lftp-4.8.4-3.el8
rpms:imports/c8-beta/lftp-4.8.4-3.el8
rpms:imports/c9/lftp-4.9.2-4.el9
rpms:imports/c9-beta/lftp-4.9.2-4.el9
rpms:imports/c8-beta/lftp-4.8.4-2.el8
rpms:imports/c8-beta/lftp-4.8.4-1.el8
rpms:imports/c8s/lftp-4.8.4-2.el8
rpms:imports/c8/lftp-4.8.4-2.el8
rpms:imports/c8/lftp-4.8.4-1.el8
..
compare: rpms:c9-beta
Branches Tags
rpms:c8s
rpms:c9s
rpms:c10s
rpms:c8
rpms:c8-beta
rpms:c9
rpms:c9-beta
rpms:imports/c10s/lftp-4.9.2-19.el10
rpms:imports/c10s/lftp-4.9.2-18.el10
rpms:imports/c8/lftp-4.8.4-4.el8_10
rpms:imports/c10s/lftp-4.9.2-17.el10
rpms:imports/c10s/lftp-4.9.2-16.el10
rpms:imports/c10s/lftp-4.9.2-15.el10
rpms:imports/c8/lftp-4.8.4-3.el8
rpms:imports/c8-beta/lftp-4.8.4-3.el8
rpms:imports/c9/lftp-4.9.2-4.el9
rpms:imports/c9-beta/lftp-4.9.2-4.el9
rpms:imports/c8-beta/lftp-4.8.4-2.el8
rpms:imports/c8-beta/lftp-4.8.4-1.el8
rpms:imports/c8s/lftp-4.8.4-2.el8
rpms:imports/c8/lftp-4.8.4-2.el8
rpms:imports/c8/lftp-4.8.4-1.el8

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

6 changed files with 43 additions and 552 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/lftp-4.8.4.tar.xz
SOURCES/lftp-4.9.2.tar.xz

2
.lftp.metadata
View File

@ -1 +1 @@
fa97429d4376c87dd0b6a9b27ed89184fb2a9149 SOURCES/lftp-4.8.4.tar.xz
e1c7936fef725c9e9c5ccccc30f73f9a9f781115 SOURCES/lftp-4.9.2.tar.xz

261
SOURCES/lftp-4.8.4-re-newed-cert.patch
View File

@ -1,261 +0,0 @@
From fd40ee3542d877c37ff129d5c9b02df21d20c6a0 Mon Sep 17 00:00:00 2001
From: Miao Wang <shankerwangmiao@gmail.com>
Date: Sat, 9 Oct 2021 18:13:30 +0800
Subject: [PATCH] Use gnutls_certificate_verify_peers2 to verify server
certificates
Fixes: #641
Signed-off-by: Miao Wang <shankerwangmiao@gmail.com>
---
src/lftp_ssl.cc | 207 +++++++++++-------------------------------------
src/lftp_ssl.h | 2 -
2 files changed, 48 insertions(+), 161 deletions(-)
diff --git a/src/lftp_ssl.cc b/src/lftp_ssl.cc
index 968d3fb26..26e91e4b9 100644
--- a/src/lftp_ssl.cc
+++ b/src/lftp_ssl.cc
@@ -338,6 +338,16 @@ void lftp_ssl_gnutls::load_keys()
if(res<0)
Log::global->Format(0,"gnutls_certificate_set_x509_key_file(%s,%s): %s\n",cert_file,key_file,gnutls_strerror(res));
}
+ res = gnutls_certificate_set_x509_trust(cred, instance->ca_list, instance->ca_list_size);
+ if(res < 0)
+ Log::global->Format(0, "gnutls_certificate_set_x509_trust: %s\n", gnutls_strerror(res));
+ else
+ Log::global->Format(9, "Loaded %d CAs\n", res);
+ res = gnutls_certificate_set_x509_crl(cred, instance->crl_list, instance->crl_list_size);
+ if(res < 0)
+ Log::global->Format(0, "gnutls_certificate_set_x509_crl: %s\n", gnutls_strerror(res));
+ else
+ Log::global->Format(9, "Loaded %d CRLs\n", res);
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred);
}
void lftp_ssl_gnutls::shutdown()
@@ -358,174 +368,53 @@ lftp_ssl_gnutls::~lftp_ssl_gnutls()
*/
void lftp_ssl_gnutls::verify_certificate_chain(const gnutls_datum_t *cert_chain,int cert_chain_length)
{
- int i;
- gnutls_x509_crt_t *cert=(gnutls_x509_crt_t*)alloca(cert_chain_length*sizeof(gnutls_x509_crt_t));
-
- /* Import all the certificates in the chain to
- * native certificate format.
- */
- for (i = 0; i < cert_chain_length; i++)
- {
- gnutls_x509_crt_init(&cert[i]);
- gnutls_x509_crt_import(cert[i],&cert_chain[i],GNUTLS_X509_FMT_DER);
+ int err;
+ unsigned int status;
+
+ gnutls_x509_crt_t leaf_cert;
+ err = gnutls_x509_crt_init(&leaf_cert);
+ if(err < 0){
+ set_cert_error(xstring::format("GnuTLS Error: %s", gnutls_strerror(err)), NULL);
+ goto err_out;
}
-
- /* Now verify the certificates against their issuers
- * in the chain.
- */
- for (i = 1; i < cert_chain_length; i++)
- verify_cert2(cert[i - 1], cert[i]);
-
- /* Here we must verify the last certificate in the chain against
- * our trusted CA list.
- */
- verify_last_cert(cert[cert_chain_length - 1]);
-
- /* Check if the name in the first certificate matches our destination!
- */
- bool check_hostname = ResMgr::QueryBool("ssl:check-hostname", hostname);
- if(check_hostname) {
- if(!gnutls_x509_crt_check_hostname(cert[0], hostname))
- set_cert_error(xstring::format("certificate common name doesn't match requested host name %s",quote(hostname)),get_fp(cert[0]));
- } else {
- Log::global->Format(0, "WARNING: Certificate verification: hostname checking disabled\n");
+ gnutls_x509_crt_import(leaf_cert, &cert_chain[0], GNUTLS_X509_FMT_DER);
+ if(err < 0){
+ set_cert_error(xstring::format("GnuTLS Error: %s", gnutls_strerror(err)), NULL);
+ goto deinit_cert;
}
- for (i = 0; i < cert_chain_length; i++)
- gnutls_x509_crt_deinit(cert[i]);
-}
-
-
-/* Verifies a certificate against an other certificate
- * which is supposed to be it's issuer. Also checks the
- * crl_list if the certificate is revoked.
- */
-void lftp_ssl_gnutls::verify_cert2(gnutls_x509_crt_t crt,gnutls_x509_crt_t issuer)
-{
- int ret;
- time_t now = SMTask::now;
- size_t name_size;
- char name[256];
-
- /* Print information about the certificates to
- * be checked.
- */
- name_size = sizeof(name);
- gnutls_x509_crt_get_dn(crt, name, &name_size);
-
- Log::global->Format(9, "Certificate: %s\n", name);
-
- name_size = sizeof(name);
- gnutls_x509_crt_get_issuer_dn(crt, name, &name_size);
-
- Log::global->Format(9, " Issued by: %s\n", name);
-
- /* Get the DN of the issuer cert.
- */
- name_size = sizeof(name);
- gnutls_x509_crt_get_dn(issuer, name, &name_size);
-
- Log::global->Format(9, " Checking against: %s\n", name);
-
- /* Do the actual verification.
- */
- unsigned crt_status=0;
- unsigned issuer_status=0;
- gnutls_x509_crt_verify(crt, &issuer, 1, 0, &crt_status);
- if(crt_status&GNUTLS_CERT_SIGNER_NOT_CA)
- {
- // recheck the issuer certificate against CA
- gnutls_x509_crt_verify(issuer, instance->ca_list, instance->ca_list_size, 0, &issuer_status);
- if(issuer_status==0)
- crt_status&=~GNUTLS_CERT_SIGNER_NOT_CA;
- if(crt_status==GNUTLS_CERT_INVALID)
- crt_status=0;
+ err = gnutls_certificate_verify_peers2 (session, &status);
+ if(err < 0){
+ set_cert_error(xstring::format("Cerificate Verification Error: %s", gnutls_strerror(err)), get_fp(leaf_cert));
+ goto deinit_cert;
}
- if (crt_status & GNUTLS_CERT_INVALID)
- {
- char msg[256];
- strcpy(msg,"Not trusted");
- if(crt_status & GNUTLS_CERT_SIGNER_NOT_FOUND)
- strcat(msg,": no issuer was found");
- if(crt_status & GNUTLS_CERT_SIGNER_NOT_CA)
- strcat(msg,": issuer is not a CA");
- set_cert_error(msg,get_fp(crt));
- }
- else
- Log::global->Format(9, " Trusted\n");
-
- /* Now check the expiration dates.
- */
- if (gnutls_x509_crt_get_activation_time(crt) > now)
- set_cert_error("Not yet activated",get_fp(crt));
-
- if (gnutls_x509_crt_get_expiration_time(crt) < now)
- set_cert_error("Expired",get_fp(crt));
-
- /* Check if the certificate is revoked.
- */
- ret = gnutls_x509_crt_check_revocation(crt, instance->crl_list, instance->crl_list_size);
- if (ret == 1) { /* revoked */
- set_cert_error("Revoked",get_fp(crt));
- }
-}
-
-
-/* Verifies a certificate against the trusted CA list.
- * Also checks the crl_list if the certificate is revoked.
- */
-void lftp_ssl_gnutls::verify_last_cert(gnutls_x509_crt_t crt)
-{
- unsigned int crt_status;
- int ret;
- time_t now = SMTask::now;
- size_t name_size;
- char name[256];
-
- /* Print information about the certificates to
- * be checked.
- */
- name_size = sizeof(name);
- gnutls_x509_crt_get_dn(crt, name, &name_size);
-
- Log::global->Format(9, "Certificate: %s\n", name);
-
- name_size = sizeof(name);
- gnutls_x509_crt_get_issuer_dn(crt, name, &name_size);
-
- Log::global->Format(9, " Issued by: %s\n", name);
-
- /* Do the actual verification.
- */
- gnutls_x509_crt_verify(crt, instance->ca_list, instance->ca_list_size, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, &crt_status);
-
- if (crt_status & GNUTLS_CERT_INVALID)
- {
- char msg[256];
- strcpy(msg,"Not trusted");
- if (crt_status & GNUTLS_CERT_SIGNER_NOT_CA)
- strcat(msg,": Issuer is not a CA");
- set_cert_error(msg,get_fp(crt));
+ if(status != 0){
+ gnutls_datum_t reason;
+ err = gnutls_certificate_verification_status_print(status, gnutls_certificate_type_get(session), &reason, 0);
+ if(err < 0){
+ set_cert_error(xstring::format("Cerificate Verification Error: %s", gnutls_strerror(err)), get_fp(leaf_cert));
+ goto deinit_cert;
+ }
+ set_cert_error((const char*)reason.data, get_fp(leaf_cert));
+ gnutls_free(reason.data);
+ goto deinit_cert;
}
- else
- Log::global->Format(9, " Trusted\n");
+ if(ResMgr::QueryBool("ssl:check-hostname", hostname)) {
+ if(!gnutls_x509_crt_check_hostname(leaf_cert, hostname)){
+ set_cert_error(xstring::format("certificate common name doesn't match requested host name %s",quote(hostname)),get_fp(leaf_cert));
+ goto deinit_cert;
+ }
+ } else {
+ Log::global->Format(0, "WARNING: Certificate verification: hostname checking disabled\n");
+ }
- /* Now check the expiration dates.
- */
- if(gnutls_x509_crt_get_activation_time(crt) > now)
- set_cert_error("Not yet activated",get_fp(crt));
-
- if(gnutls_x509_crt_get_expiration_time(crt) < now)
- set_cert_error("Expired",get_fp(crt));
+ deinit_cert:
+ gnutls_x509_crt_deinit(leaf_cert);
- /* Check if the certificate is revoked.
- */
- ret = gnutls_x509_crt_check_revocation(crt, instance->crl_list, instance->crl_list_size);
- if (ret == 1) { /* revoked */
- set_cert_error("Revoked",get_fp(crt));
- }
+ err_out:
+ return;
}
bool lftp_ssl_gnutls::check_fatal(int res)
diff --git a/src/lftp_ssl.h b/src/lftp_ssl.h
index c37b047b4..87b92d4fa 100644
--- a/src/lftp_ssl.h
+++ b/src/lftp_ssl.h
@@ -92,8 +92,6 @@ class lftp_ssl_gnutls : public lftp_ssl_base
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
void verify_certificate_chain(const gnutls_datum_t *cert_chain,int cert_chain_length);
- void verify_cert2(gnutls_x509_crt_t crt,gnutls_x509_crt_t issuer);
- void verify_last_cert(gnutls_x509_crt_t crt);
int do_handshake();
bool check_fatal(int res);
static const xstring& get_fp(gnutls_x509_crt_t crt);

59
SOURCES/lftp-4.8.4-ssh-prompt.patch
View File

@ -1,59 +0,0 @@
From 0ad0732b8fbacd3519b4e3ecf8c394681b314672 Mon Sep 17 00:00:00 2001
From: "Alexander V. Lukyanov" <lavv17f@gmail.com>
Date: Thu, 5 Dec 2019 21:34:11 +0300
Subject: [PATCH] SSH_Access: fixed yes/no/[fingerprint] recognition (fix #547,
fix #525)
---
src/SSH_Access.cc | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/SSH_Access.cc b/src/SSH_Access.cc
index 97683a3f..adf0c196 100644
--- a/src/SSH_Access.cc
+++ b/src/SSH_Access.cc
@@ -20,6 +20,8 @@
#include <config.h>
#include "SSH_Access.h"
#include "misc.h"
+#include <algorithm>
+#include "ascii_ctype.h"
void SSH_Access::MakePtyBuffers()
{
@@ -70,6 +70,26 @@ static bool IsPasswordPrompt(const char *b,const char *e)
return (e-b>=len && !strncasecmp(b,suffix,len));
}
+struct nocase_eq
+{
+ inline bool operator() (char lhs, char rhs) const
+ {
+ return c_tolower(lhs) == c_tolower(rhs);
+ };
+};
+
+static bool contains(char const *begin, char const *end, char const *needle)
+{
+ return std::search(begin, end, needle, needle+strlen(needle), nocase_eq()) != end;
+}
+
+static bool IsConfirmPrompt(const char *b,const char *e)
+{
+ if(b==e)
+ return false;
+ return e[-1]=='?' && contains(b,e,"yes/no");
+}
+
int SSH_Access::HandleSSHMessage()
{
int m=STALL;
@@ -99,7 +106,7 @@ int SSH_Access::HandleSSHMessage()
password_sent++;
return m;
}
- if(ends_with(b,b+s,"(yes/no)?"))
+ if(IsConfirmPrompt(b,b+s))
{
const char *answer=QueryBool("auto-confirm",hostname)?"yes\n":"no\n";
pty_recv_buf->Put(answer);

204
SOURCES/lftp-4.8.4-tls-close.patch
View File

@ -1,204 +0,0 @@
commit 299a194cc86ea81c40d2146dd095dda3954efc81
Author: Tomas Korbar <tkorbar@redhat.com>
Date: Tue May 6 12:01:10 2025 +0200
Ensure proper closing of TLS connection
diff --git a/src/buffer.cc b/src/buffer.cc
index 9ee6580..e54e20e 100644
--- a/src/buffer.cc
+++ b/src/buffer.cc
@@ -491,23 +491,31 @@ int IOBuffer::Do()
if(Done() || Error())
return STALL;
int res=0;
+ int remaining_size;
switch(mode)
{
case PUT:
- if(Size()==0)
- return STALL;
- res=Put_LL(buffer+buffer_ptr,Size());
- if(res>0)
- {
- RateAdd(res);
- buffer_ptr+=res;
- event_time=now;
- if(eof)
- PutEOF_LL();
- return MOVED;
+ remaining_size = Size();
+ if (remaining_size > 0) {
+ res=Put_LL(buffer+buffer_ptr, remaining_size);
+ if (res <= 0) {
+ return STALL;
+ }
+ RateAdd(res);
+ buffer_ptr+=res;
+ event_time=now;
+ if (eof) {
+ /* We do not have to check for return value of PutEOF_LL here as
+ * We MOVED anyway and find out whether it was a success in next Do */
+ PutEOF_LL();
+ }
+ return MOVED;
+ }
+ if (eof && PutEOF_LL()) {
+ event_time=now;
+ return MOVED;
}
break;
-
case GET:
if(eof)
return STALL;
diff --git a/src/buffer_ssl.cc b/src/buffer_ssl.cc
index 9e701c2..6dd8680 100644
--- a/src/buffer_ssl.cc
+++ b/src/buffer_ssl.cc
@@ -39,10 +39,11 @@ int IOBufferSSL::Do()
// nothing to write, but may need to do handshake
if(!ssl->handshake_done)
{
- if(Put_LL("",0)<0)
- return MOVED;
- if(ssl->handshake_done && eof)
- ssl->shutdown();
+ if(Put_LL("",0)<0)
+ return MOVED;
+ }
+ if(ssl->handshake_done && eof && IOBufferSSL::PutEOF_LL()) {
+ return MOVED;
}
if(ssl->handshake_done && !eof)
return m;
@@ -103,8 +104,17 @@ int IOBufferSSL::Put_LL(const char *buf,int size)
int IOBufferSSL::PutEOF_LL()
{
- if(Size()==0)
- ssl->shutdown();
+ int res;
+ if(Size()==0) {
+ res = ssl->shutdown();
+ if (res == ssl->RETRY) {
+ SetNotReady(ssl->fd,want_mask());
+ return 1;
+ } else if (res == ssl->ERROR) {
+ SetError(ssl->error,ssl->fatal);
+ return -1;
+ }
+ }
return 0;
}
diff --git a/src/buffer_ssl.h b/src/buffer_ssl.h
index d3cf7f0..8915066 100644
--- a/src/buffer_ssl.h
+++ b/src/buffer_ssl.h
@@ -42,7 +42,7 @@ public:
IOBufferSSL(const Ref<lftp_ssl>& s,dir_t m) : IOBuffer(m), ssl(s) {}
~IOBufferSSL();
int Do();
- bool Done() { return IOBuffer::Done() && ssl->handshake_done; }
+ bool Done() { return IOBuffer::Done() && ssl->handshake_done && ssl->goodbye_done; }
};
#endif
diff --git a/src/lftp_ssl.cc b/src/lftp_ssl.cc
index 0a0078a..8820b6f 100644
--- a/src/lftp_ssl.cc
+++ b/src/lftp_ssl.cc
@@ -45,6 +45,7 @@ lftp_ssl_base::lftp_ssl_base(int fd1,handshake_mode_t m,const char *h)
{
fd=fd1;
handshake_done=false;
+ goodbye_done=false;
handshake_mode=m;
fatal=false;
cert_error=false;
@@ -347,10 +348,24 @@ void lftp_ssl_gnutls::load_keys()
Log::global->Format(9, "Loaded %d CRLs\n", res);
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred);
}
-void lftp_ssl_gnutls::shutdown()
+/* Try to shutdown the tls connection, return 1 if needed to call again otherwise 0*/
+int lftp_ssl_gnutls::shutdown()
{
- if(handshake_done)
- gnutls_bye(session,GNUTLS_SHUT_RDWR); // FIXME - E_AGAIN
+ int res;
+ if(handshake_done) {
+ res = gnutls_bye(session,GNUTLS_SHUT_RDWR);
+ if (res == GNUTLS_E_SUCCESS) {
+ goodbye_done = true;
+ return DONE;
+ } else if (res == GNUTLS_E_AGAIN || res == GNUTLS_E_INTERRUPTED) {
+ return RETRY;
+ }
+ fatal=check_fatal(res);
+ set_error("gnutls_bye",gnutls_strerror(res));
+ return ERROR;
+ }
+ goodbye_done = true;
+ return DONE;
}
lftp_ssl_gnutls::~lftp_ssl_gnutls()
{
@@ -849,10 +864,23 @@ void lftp_ssl_openssl::load_keys()
}
}
}
-void lftp_ssl_openssl::shutdown()
+int lftp_ssl_openssl::shutdown()
{
- if(handshake_done)
- SSL_shutdown(ssl);
+ int res;
+ if(handshake_done) {
+ res = SSL_shutdown(ssl);
+ if (res == 1) {
+ goodbye_done = true;
+ return DONE;
+ } else if (res == 0) {
+ return RETRY;
+ }
+ fatal=check_fatal(res);
+ set_error("SSL_shutdown",strerror());
+ return ERROR;
+ }
+ goodbye_done = true;
+ return DONE;
}
lftp_ssl_openssl::~lftp_ssl_openssl()
{
diff --git a/src/lftp_ssl.h b/src/lftp_ssl.h
index 17a91b0..8e0cc85 100644
--- a/src/lftp_ssl.h
+++ b/src/lftp_ssl.h
@@ -37,6 +37,7 @@ class lftp_ssl_base
{
public:
bool handshake_done;
+ bool goodbye_done;
int fd;
xstring_c hostname;
enum handshake_mode_t { CLIENT, SERVER } handshake_mode;
@@ -107,7 +108,7 @@ public:
bool want_out();
void copy_sid(const lftp_ssl_gnutls *);
void load_keys();
- void shutdown();
+ int shutdown();
};
typedef lftp_ssl_gnutls lftp_ssl;
#elif USE_OPENSSL
@@ -143,7 +144,7 @@ public:
bool want_out();
void copy_sid(const lftp_ssl_openssl *);
void load_keys();
- void shutdown();
+ int shutdown();
};
typedef lftp_ssl_openssl lftp_ssl;
#endif

67
SPECS/lftp.spec
View File

@ -1,20 +1,16 @@
Summary: A sophisticated file transfer program
Name: lftp
Version: 4.8.4
Version: 4.9.2
Release: 4%{?dist}
License: GPLv3+
Group: Applications/Internet
Source0: http://lftp.yar.ru/ftp/%{name}-%{version}.tar.xz
URL: http://lftp.yar.ru/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: ncurses-devel, gnutls-devel, perl-generators, pkgconfig, readline-devel, gettext
BuildRequires: zlib-devel
BuildRequires: zlib-devel, gcc-c++
BuildRequires: desktop-file-utils
BuildRequires: make
Patch1: lftp-4.0.9-date_fmt.patch
Patch2: lftp-4.8.4-ssh-prompt.patch
Patch3: lftp-4.8.4-re-newed-cert.patch
Patch4: lftp-4.8.4-tls-close.patch
%description
LFTP is a sophisticated ftp/http file transfer program. Like bash, it has job
@ -24,7 +20,6 @@ reliability in mind.
%package scripts
Summary: Scripts for lftp
Group: Applications/Internet
Requires: lftp >= %{version}-%{release}
BuildArch: noarch
@ -35,9 +30,6 @@ Utility scripts for use with lftp.
%setup -q
%patch1 -p1 -b .date_fmt
%patch2 -p1 -b .ssh-prompt
%patch3 -p1 -b .re-newed-cert
%patch4 -p1 -b .tls-close
#sed -i.rpath -e '/lftp_cv_openssl/s|-R.*lib||' configure
sed -i.norpath -e \
@ -69,15 +61,9 @@ desktop-file-install \
%find_lang %{name}
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%ldconfig_scriptlets
%files -f %{name}.lang
%defattr(-,root,root,-)
%doc BUGS COPYING ChangeLog FAQ FEATURES README* NEWS THANKS TODO
%config(noreplace) %{_sysconfdir}/lftp.conf
%{_bindir}/*
@ -102,24 +88,53 @@ rm -rf $RPM_BUILD_ROOT
%files scripts
%defattr(-,root,root,-)
%{_datadir}/lftp
%changelog
* Tue May 06 2025 Tomas Korbar <tkorbar@redhat.com> - 4.8.4-4
- Ensure proper closing of TLS connection
- Resolves: RHEL-88955
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4.9.2-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jul 24 2023 Michal Ruprich <mruprich@redhat.com> - 4.8.4-3
- Resolves: #2182418 - Connection to site fails with certificate verification error
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 4.9.2-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Apr 28 2020 Michal Ruprich <michalruprich@gmail.com> - 4.8.4-2
- Resolves: #1793557 - SFTP over LFTP hangs if host key of the remote system doesn't exist
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Aug 19 2020 Michal Ruprich <michalruprich@gmail.com> - 4.9.2-1
- New version 4.9.2
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.9.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Apr 03 2020 Michal Ruprich <michalruprich@gmail.com> - 4.9.1-1
- New version 4.9.1
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.9.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jan 03 2020 Michal Ruprich <mruprich@redhat.com> - 4.9.0-1
- New version 4.9.0
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.8.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.8.4-3
- Rebuild for readline 8.0
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.8.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Aug 01 2018 Michal Ruprich <mruprich@redhat.com> - 4.8.4-1
- New version 4.8.4
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.8.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Apr 26 2018 Tomas Hozza <thozza@redhat.com> - 4.8.3-3
- Added gcc-c++ as an explicit BuildRequires
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.8.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild