Fix a segfault when running as PID 1

Also rebase the patches.
2018-07-25 13:28:40 +02:00 · 2018-07-25 13:28:40 +02:00 · 7c0626d6c4
commit 7c0626d6c4
parent 447ded9958
60 changed files with 207 additions and 145 deletions
--- a/0001-Don-t-use-the-provided-script-to-locate-libraries.patch
+++ b/0001-Don-t-use-the-provided-script-to-locate-libraries.patch
@ -1,7 +1,7 @@
 From 7bd573d76e9c1996ad5a96f0289731a253a24301 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 13:35:51 +0200
-Subject: [PATCH 01/33] Don't use the provided script to locate libraries.
+Subject: [PATCH 01/59] Don't use the provided script to locate libraries.

 This branch is Fedora (RHEL) specific, so we know what
 libraries we have and want to use.
@ -23,5 +23,5 @@ index c63ed1b..98118dc 100644
 LDFLAGS	=	-fPIE -pie -Wl,-z,relro -Wl,-z,now
 
 -- 
-2.7.4
+2.14.4

--- a/0002-Enable-build-with-SSL.patch
+++ b/0002-Enable-build-with-SSL.patch
@ -1,7 +1,7 @@
 From 6fe24bc56694808ac7f8038855883a971967f0fb Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 13:40:53 +0200
-Subject: [PATCH 02/33] Enable build with SSL.
+Subject: [PATCH 02/59] Enable build with SSL.

 ---
 builddefs.h | 2 +-
@ -21,5 +21,5 @@ index e908352..63cc62b 100644
 #endif /* VSF_BUILDDEFS_H */
 
 -- 
-2.7.4
+2.14.4

--- a/0003-Enable-build-with-TCP-Wrapper.patch
+++ b/0003-Enable-build-with-TCP-Wrapper.patch
@ -1,7 +1,7 @@
 From 1e0e2b13836d40f5a3f4cb20f2b3ea8204115b51 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 13:42:09 +0200
-Subject: [PATCH 03/33] Enable build with TCP Wrapper
+Subject: [PATCH 03/59] Enable build with TCP Wrapper

 ---
 builddefs.h | 2 +-
@ -21,5 +21,5 @@ index 63cc62b..83de674 100644
 #define VSF_BUILD_SSL
 
 -- 
-2.7.4
+2.14.4

--- a/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch
+++ b/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch
@ -1,7 +1,7 @@
 From fff93602a4b252be8d674e27083dde68a7acf038 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 13:46:03 +0200
-Subject: [PATCH 04/33] Use /etc/vsftpd/ dir for config files instead of /etc.
+Subject: [PATCH 04/59] Use /etc/vsftpd/ dir for config files instead of /etc.

 ---
 EXAMPLE/INTERNET_SITE/README         |  6 +++---
@ -479,5 +479,5 @@ index fcc6022..5e46a2f 100644
 .B vsftpd_log_file
 This option is the name of the file to which we write the vsftpd style
 -- 
-2.7.4
+2.14.4

--- a/0005-Use-hostname-when-calling-PAM-authentication-module.patch
+++ b/0005-Use-hostname-when-calling-PAM-authentication-module.patch
@ -1,7 +1,7 @@
 From 08c49b78942d40c99fae8c40e7668aa73e1bd695 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 15:01:23 +0200
-Subject: [PATCH 05/33] Use hostname when calling PAM authentication module.
+Subject: [PATCH 05/59] Use hostname when calling PAM authentication module.

 Currently the vsftpd passes all logins as IP addresses
 into PAM. This prevents administrators from setting up
@ -71,5 +71,5 @@ index 06f01f4..b2782da 100644
   if (retval != 1)
   {
 -- 
-2.7.4
+2.14.4

--- a/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch
+++ b/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch
@ -1,7 +1,7 @@
 From 423cbf4ddca6578b87e0f8a3fc425688cd1ca89c Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 6 Sep 2016 16:18:39 +0200
-Subject: [PATCH 06/33] Close stdin/out/err before listening for incoming
+Subject: [PATCH 06/59] Close stdin/out/err before listening for incoming
 connections.

 When running vsftpd as a stand-alone FTP daemon, vsftpd
@ -31,5 +31,5 @@ index ba01ab1..e0f2d5b 100644
   if (vsf_sysutil_retval_is_error(retval))
   {
 -- 
-2.7.4
+2.14.4

--- a/0007-Make-filename-filters-smarter.patch
+++ b/0007-Make-filename-filters-smarter.patch
@ -1,7 +1,7 @@
 From 548375b2122f83771dc0b8571f16e5b5adabba98 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 10:04:31 +0200
-Subject: [PATCH 07/33] Make filename filters smarter.
+Subject: [PATCH 07/59] Make filename filters smarter.

 In the original version vsftpd was not able to prevent
 users from downloading for instance /etc/passwd by
@ -98,5 +98,5 @@ index ab0a9a4..3a21b50 100644
 /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
  * buffer, starting at character position 'p_pos'. The extracted line will
 -- 
-2.7.4
+2.14.4

--- a/0008-Write-denied-logins-into-the-log.patch
+++ b/0008-Write-denied-logins-into-the-log.patch
@ -1,7 +1,7 @@
 From 75c172596aa9e7a9f32062579f7f98783341c924 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 10:17:17 +0200
-Subject: [PATCH 08/33] Write denied logins into the log.
+Subject: [PATCH 08/59] Write denied logins into the log.

 This patch adds a new option 'userlist_log'. If enabled,
 every login denial based on the user list will be logged.
@ -127,21 +127,21 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
 index 5e46a2f..9d767b1 100644
 --- a/vsftpd.conf.5
 +++ b/vsftpd.conf.5
-@@ -588,6 +588,14 @@ Self-signed certs do not constitute OK validation. (New in v2.0.6).
+@@ -586,6 +586,14 @@ Default: NO
+ If set to yes, all SSL client certificates received must validate OK.
+ Self-signed certs do not constitute OK validation. (New in v2.0.6).
 
- Default: NO
- .TP
+Default: NO
+.TP
 +.B userlist_log
 +This option is examined if
 +.BR userlist_enable
 +is activated. If enabled, every login denial based on the user list will be
 +logged.
 +
-+Default: NO
-+.TP
+ Default: NO
+ .TP
 .B virtual_use_local_privs
- If enabled, virtual users will use the same privileges as local users. By
- default, virtual users will use the same privileges as anonymous users, which
 -- 
-2.7.4
+2.14.4

--- a/0009-Trim-whitespaces-when-reading-configuration.patch
+++ b/0009-Trim-whitespaces-when-reading-configuration.patch
@ -1,7 +1,7 @@
 From d024bc27cee40f21e6a3841266062408c44e56fb Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 10:35:54 +0200
-Subject: [PATCH 09/33] Trim whitespaces when reading configuration.
+Subject: [PATCH 09/59] Trim whitespaces when reading configuration.

 ---
 parseconf.c |  2 +-
@ -95,5 +95,5 @@ index c34778c..c2ddd15 100644
 void vsf_sysutil_memcpy(void* p_dest, const void* p_src,
                         const unsigned int size);
 -- 
-2.7.4
+2.14.4

--- a/0010-Improve-daemonizing.patch
+++ b/0010-Improve-daemonizing.patch
@ -1,7 +1,7 @@
 From 569e7078244470ac0fcc2af3947c2735338555ec Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 11:29:29 +0200
-Subject: [PATCH 10/33] Improve daemonizing
+Subject: [PATCH 10/59] Improve daemonizing

 Init script gets correct return code if binding fails.
 ---
@ -205,5 +205,5 @@ index c2ddd15..bfc92cb 100644
 /* Various string functions */
 unsigned int vsf_sysutil_strlen(const char* p_text);
 -- 
-2.7.4
+2.14.4

--- a/0011-Fix-listing-with-more-than-one-star.patch
+++ b/0011-Fix-listing-with-more-than-one-star.patch
@ -1,7 +1,7 @@
 From 32e6642640635d7305969f808b5badb706a11bff Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 11:36:17 +0200
-Subject: [PATCH 11/33] Fix listing with more than one star '*'.
+Subject: [PATCH 11/59] Fix listing with more than one star '*'.

 This is a regression introduced by some previous patch.
 ---
@ -34,5 +34,5 @@ index f489478..616b2d9 100644
       str_mid_to_end(&name_remain_str, &temp_str,
                      indexx + str_getlen(&s_match_needed_str));
 -- 
-2.7.4
+2.14.4

--- a/0012-Replace-syscall-__NR_clone-.-with-clone.patch
+++ b/0012-Replace-syscall-__NR_clone-.-with-clone.patch
@ -1,7 +1,7 @@
 From 0c3a1123c391995ab46cfde603fa025ff180a819 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 11:43:54 +0200
-Subject: [PATCH 12/33] Replace syscall(__NR_clone ..) with clone ()
+Subject: [PATCH 12/59] Replace syscall(__NR_clone ..) with clone ()

 in order to fix incorrect order of params on s390 arch
 ---
@ -31,5 +31,5 @@ index b2782da..3bbabaa 100644
     {
       if (ret == 0)
 -- 
-2.7.4
+2.14.4

--- a/0013-Extend-man-pages-with-systemd-info.patch
+++ b/0013-Extend-man-pages-with-systemd-info.patch
@ -1,7 +1,7 @@
 From 813a4bc45d45f4af94c699893cb2d2ba998d5d31 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 11:53:07 +0200
-Subject: [PATCH 13/33] Extend man pages with systemd info.
+Subject: [PATCH 13/59] Extend man pages with systemd info.

 Man pages now reflect how is vsftpd used as
 systemd service.
@ -82,5 +82,5 @@ index 9d767b1..0744f85 100644
 The format of vsftpd.conf is very simple. Each line is either a comment or
 a directive. Comment lines start with a # and are ignored. A directive line
 -- 
-2.7.4
+2.14.4

--- a/0014-Add-support-for-square-brackets-in-ls.patch
+++ b/0014-Add-support-for-square-brackets-in-ls.patch
@ -1,7 +1,7 @@
 From ba0520650ae7f9f63e48ba9fb3a94297aebe2d0c Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 14:22:21 +0200
-Subject: [PATCH 14/33] Add support for square brackets in ls.
+Subject: [PATCH 14/59] Add support for square brackets in ls.

 ---
 ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++----------------------
@ -273,5 +273,5 @@ index 616b2d9..b840136 100644
   /* Any incoming string left means no match unless we ended on the correct
    * type of wildcard.
 -- 
-2.7.4
+2.14.4

--- a/0015-Listen-on-IPv6-by-default.patch
+++ b/0015-Listen-on-IPv6-by-default.patch
@ -1,7 +1,7 @@
 From c5daaedf1efe23b397a5950f5503f5cbfac871c8 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 14:25:28 +0200
-Subject: [PATCH 15/33] Listen on IPv6 by default.
+Subject: [PATCH 15/59] Listen on IPv6 by default.

 ---
 vsftpd.conf   | 14 +++++++++-----
@ -51,5 +51,5 @@ index 0744f85..72bb86f 100644
 Default: NO
 .TP
 -- 
-2.7.4
+2.14.4

--- a/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch
+++ b/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch
@ -1,7 +1,7 @@
 From 048208a4db5d7164d89ba5d7545e281d0a3472d3 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Wed, 7 Sep 2016 15:35:59 +0200
-Subject: [PATCH 16/33] Increase VSFTP_AS_LIMIT from 200UL to 400UL.
+Subject: [PATCH 16/59] Increase VSFTP_AS_LIMIT from 200UL to 400UL.

 When using a PAM module to get users from LDAP or database the old
 limit was insufficient.
@ -23,5 +23,5 @@ index ca11eac..bde3232 100644
 #endif /* VSF_DEFS_H */
 
 -- 
-2.7.4
+2.14.4

--- a/0017-Fix-an-issue-with-timestamps-during-DST.patch
+++ b/0017-Fix-an-issue-with-timestamps-during-DST.patch
@ -1,7 +1,7 @@
 From 5ec0b86e5c1ff060720b5a6cd1af9d93ec993650 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 29 Sep 2016 11:14:03 +0200
-Subject: [PATCH 17/33] Fix an issue with timestamps during DST.
+Subject: [PATCH 17/59] Fix an issue with timestamps during DST.

 vsftpd now checks whether a file was uploaded during DST and
 adjust the timestamp accordingly.
@ -157,5 +157,5 @@ index c848356..2abdd13 100644
       s_timezone *= -1;
     }
 -- 
-2.7.4
+2.14.4

--- a/0018-Change-the-default-log-file-in-configuration.patch
+++ b/0018-Change-the-default-log-file-in-configuration.patch
@ -1,7 +1,7 @@
 From 61dac172bdb14c5a37713078828ea8c8f78c7eb6 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 29 Sep 2016 13:53:16 +0200
-Subject: [PATCH 18/33] Change the default log file in configuration.
+Subject: [PATCH 18/59] Change the default log file in configuration.

 Previous "default" value was wrong.
 tunables.c:262 => install_str_setting("/var/log/xferlog",
@ -39,5 +39,5 @@ index ae6c6c9..39d1955 100644
 # If you want, you can have your log file in standard ftpd xferlog format.
 # Note that the default log file location is /var/log/xferlog in this case.
 -- 
-2.7.4
+2.14.4

--- a/0019-Introduce-reverse_lookup_enable-option.patch
+++ b/0019-Introduce-reverse_lookup_enable-option.patch
@ -1,7 +1,7 @@
 From 721de88621100f6ed33f1602415bc249f3ed3219 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 10:22:32 +0100
-Subject: [PATCH 19/33] Introduce reverse_lookup_enable option.
+Subject: [PATCH 19/59] Introduce reverse_lookup_enable option.

 vsftpd can transform IP address into hostname before
 PAM authentication. You can disable it to prevent
@ -88,10 +88,12 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
 index 72bb86f..fb6324e 100644
 --- a/vsftpd.conf.5
 +++ b/vsftpd.conf.5
-@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
+@@ -423,6 +423,15 @@ so you may want to disable it. For a discussion of the consequences, see
+ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
+ (Added in v2.1.0).
 
- Default: YES
- .TP
+Default: YES
+.TP
 +.B reverse_lookup_enable
 +Set to YES if you want vsftpd to transform the ip address into the hostname,
 +before pam authentication. This is useful if you use pam_access including the
@ -99,11 +101,9 @@ index 72bb86f..fb6324e 100644
 +for some hostname is available and the name server doesn't respond for a while,
 +you should set this to NO to avoid a performance issue.
 +
-+Default: YES
-+.TP
+ Default: YES
+ .TP
 .B run_as_launching_user
- Set to YES if you want vsftpd to run as the user which launched vsftpd. This is
- useful where root access is not available. MASSIVE WARNING! Do NOT enable this
 -- 
-2.7.4
+2.14.4

--- a/0020-Use-unsigned-int-for-uid-and-gid-representation.patch
+++ b/0020-Use-unsigned-int-for-uid-and-gid-representation.patch
@ -1,7 +1,7 @@
 From dcaaf1e0dd3985e229a87de18b83f301d30b6ce9 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 10:31:39 +0100
-Subject: [PATCH 20/33] Use unsigned int for uid and gid representation.
+Subject: [PATCH 20/59] Use unsigned int for uid and gid representation.

 ---
 ls.c      |  4 ++--
@ -246,5 +246,5 @@ index bfc92cb..79b5514 100644
 void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user);
 void vsf_sysutil_seteuid_numeric(int uid);
 -- 
-2.7.4
+2.14.4

--- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch
+++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch
@ -1,7 +1,7 @@
 From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 10:48:28 +0100
-Subject: [PATCH 21/33] Introduce support for DHE based cipher suites.
+Subject: [PATCH 21/59] Introduce support for DHE based cipher suites.

 ---
 parseconf.c   |  1 +
@ -222,5 +222,5 @@ index fb6324e..ff94eca 100644
 This option can be used to provide an alternate file for usage by the
 .BR secure_email_list_enable
 -- 
-2.7.4
+2.14.4

--- a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch
+++ b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch
@ -1,7 +1,7 @@
 From a6d641a0ccba1033587f6faa0e5e6749fa35f5c4 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 10:49:22 +0100
-Subject: [PATCH 22/33] Introduce support for EDDHE based cipher suites.
+Subject: [PATCH 22/59] Introduce support for EDDHE based cipher suites.

 ---
 parseconf.c   |  1 +
@ -132,5 +132,5 @@ index ff94eca..e242873 100644
 This option can be used to provide an alternate file for usage by the
 .BR secure_email_list_enable
 -- 
-2.7.4
+2.14.4

--- a/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch
+++ b/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch
@ -1,7 +1,7 @@
 From 3d02ef3be17f37baf729e786a8f36af4982f70ad Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 10:52:16 +0100
-Subject: [PATCH 23/33] Add documentation for isolate_* options. Correct
+Subject: [PATCH 23/59] Add documentation for isolate_* options. Correct
 default

 values of max_clients, max_per_ip.
@ -59,5 +59,5 @@ index e242873..31d317f 100644
 .B pasv_max_port
 The maximum port to allocate for PASV style data connections. Can be used to
 -- 
-2.7.4
+2.14.4

--- a/0024-Introduce-new-return-value-450.patch
+++ b/0024-Introduce-new-return-value-450.patch
@ -1,7 +1,7 @@
 From 1d5cdf309387ff92988ab17d746f015d833a4b92 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 11:08:52 +0100
-Subject: [PATCH 24/33] Introduce new return value 450:
+Subject: [PATCH 24/59] Introduce new return value 450:

 *450 Requested file action not taken.
      File unavailable (e.g., file busy).
@ -73,5 +73,5 @@ index 79b5514..c145bdf 100644
 enum EVSFSysUtilError vsf_sysutil_get_error(void);
 
 -- 
-2.7.4
+2.14.4

--- a/0025-Improve-local_max_rate-option.patch
+++ b/0025-Improve-local_max_rate-option.patch
@ -1,7 +1,7 @@
 From 386db86fe865fb552b1867af4bf4b78dbf9080cf Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 12:44:26 +0100
-Subject: [PATCH 25/33] Improve local_max_rate option.
+Subject: [PATCH 25/59] Improve local_max_rate option.

 Now it should work as expected.
 ---
@ -86,5 +86,5 @@ index 956bfb7..3e8fdd5 100644
   /* Details of the login */
   int is_anonymous;
 -- 
-2.7.4
+2.14.4

--- a/0026-Prevent-hanging-in-SIGCHLD-handler.patch
+++ b/0026-Prevent-hanging-in-SIGCHLD-handler.patch
@ -1,7 +1,7 @@
 From 1e65a0a15f819b8bf1b551bd84f71d0da1f5a00c Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:02:27 +0100
-Subject: [PATCH 26/33] Prevent hanging in SIGCHLD handler.
+Subject: [PATCH 26/59] Prevent hanging in SIGCHLD handler.

 vsftpd can now handle pam_exec.so in pam.d config without hanging
 in SIGCHLD handler.
@ -77,5 +77,5 @@ index 33d84dc..b1891e7 100644
   else
   {
 -- 
-2.7.4
+2.14.4

--- a/0027-Delete-files-when-upload-fails.patch
+++ b/0027-Delete-files-when-upload-fails.patch
@ -1,7 +1,7 @@
 From 6224ecc5ac209323baa775880c0602c3fde3590a Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:10:41 +0100
-Subject: [PATCH 27/33] Delete files when upload fails.
+Subject: [PATCH 27/59] Delete files when upload fails.

 Previously the uploaded file wasn't removed when the network was
 disconnected. Now it is successfully deleted.
@ -104,10 +104,11 @@ diff --git a/sysutil.c b/sysutil.c
 index 099748f..42bcdf8 100644
 --- a/sysutil.c
 +++ b/sysutil.c
-@@ -681,6 +681,16 @@ vsf_sysutil_activate_keepalive(int fd)
+@@ -680,6 +680,16 @@ vsf_sysutil_activate_keepalive(int fd)
+   }
 }
 
- void
+void
 +vsf_sysutil_rcvtimeo(int fd)
 +{
 +  struct timeval tv;
@ -117,10 +118,9 @@ index 099748f..42bcdf8 100644
 +  setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
 +}
 +
-+void
+ void
 vsf_sysutil_activate_reuseaddr(int fd)
 {
-   int reuseaddr = 1;
 diff --git a/sysutil.h b/sysutil.h
 index 13153cd..2886bbc 100644
 --- a/sysutil.h
@ -134,5 +134,5 @@ index 13153cd..2886bbc 100644
 void vsf_sysutil_activate_reuseaddr(int fd);
 void vsf_sysutil_set_nodelay(int fd);
 -- 
-2.7.4
+2.14.4

--- a/0028-Fix-man-page-rendering.patch
+++ b/0028-Fix-man-page-rendering.patch
@ -1,7 +1,7 @@
 From ea99be1a7a5973bbe8ed798b65abe5ce3b92f5df Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:12:52 +0100
-Subject: [PATCH 28/33] Fix man page rendering.
+Subject: [PATCH 28/59] Fix man page rendering.

 ---
 vsftpd.conf.5 | 3 ++-
@ -22,5 +22,5 @@ index 31d317f..cf1ae34 100644
 (New in v2.0.7).
 
 -- 
-2.7.4
+2.14.4

--- a/0029-Fix-segfault-in-config-file-parser.patch
+++ b/0029-Fix-segfault-in-config-file-parser.patch
@ -1,7 +1,7 @@
 From 34b9e1d10c6be736f1b20be8795c655446f38c5e Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:14:55 +0100
-Subject: [PATCH 29/33] Fix segfault in config file parser.
+Subject: [PATCH 29/59] Fix segfault in config file parser.

 ---
 str.c | 2 +-
@ -21,5 +21,5 @@ index 41b27db..82b8ae4 100644
 
 void
 -- 
-2.7.4
+2.14.4

--- a/0030-Fix-logging-into-syslog-when-enabled-in-config.patch
+++ b/0030-Fix-logging-into-syslog-when-enabled-in-config.patch
@ -1,7 +1,7 @@
 From 03ff061f18f555d7bec62fa6a597a275b4b3f1c7 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:18:22 +0100
-Subject: [PATCH 30/33] Fix logging into syslog when enabled in config.
+Subject: [PATCH 30/59] Fix logging into syslog when enabled in config.

 ---
 logging.c | 2 +-
@ -21,5 +21,5 @@ index 99671b4..c4461f7 100644
   if (!tunable_xferlog_enable && !tunable_dual_log_enable)
   {
 -- 
-2.7.4
+2.14.4

--- a/0031-Fix-question-mark-wildcard-withing-a-file-name.patch
+++ b/0031-Fix-question-mark-wildcard-withing-a-file-name.patch
@ -1,7 +1,7 @@
 From 0da42468ac9518a544aad57d22d7697d6bdfa969 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:25:12 +0100
-Subject: [PATCH 31/33] Fix question mark wildcard withing a file name.
+Subject: [PATCH 31/59] Fix question mark wildcard withing a file name.

 Previously '?' worked only at the end of a file name, now it can
 be used anywhere.
@ -24,5 +24,5 @@ index 3c0988c..35c15c7 100644
   /* Any incoming string left means no match unless we ended on the correct
    * type of wildcard.
 -- 
-2.7.4
+2.14.4

--- a/0032-Propagate-errors-from-nfs-with-quota-to-client.patch
+++ b/0032-Propagate-errors-from-nfs-with-quota-to-client.patch
@ -1,7 +1,7 @@
 From aa9cb48373018502ef99a57aad70b69c0c75ff65 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:29:59 +0100
-Subject: [PATCH 32/33] Propagate errors from nfs with quota to client.
+Subject: [PATCH 32/59] Propagate errors from nfs with quota to client.

 vsftpd now checks for errors when closing newly uploaded file and
 forward errors to the client (e.g. when file system quota was
@ -102,10 +102,11 @@ diff --git a/sysutil.c b/sysutil.c
 index 42bcdf8..1c0422e 100644
 --- a/sysutil.c
 +++ b/sysutil.c
-@@ -1269,6 +1269,27 @@ vsf_sysutil_close(int fd)
+@@ -1268,6 +1268,27 @@ vsf_sysutil_close(int fd)
+   }
 }
 
- int
+int
 +vsf_sysutil_close_errno(int fd)
 +{
 +  while (1)
@ -126,10 +127,9 @@ index 42bcdf8..1c0422e 100644
 +  }
 +}
 +
-+int
+ int
 vsf_sysutil_close_failok(int fd)
 {
-   return close(fd);
 diff --git a/sysutil.h b/sysutil.h
 index 2886bbc..be727f5 100644
 --- a/sysutil.h
@ -143,5 +143,5 @@ index 2886bbc..be727f5 100644
 int vsf_sysutil_unlink(const char* p_dead);
 int vsf_sysutil_write_access(const char* p_filename);
 -- 
-2.7.4
+2.14.4

--- a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch
+++ b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch
@ -1,7 +1,7 @@
 From 01bef55a1987700af3d43cdc5f5be88d3843ab85 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Thu, 17 Nov 2016 13:36:17 +0100
-Subject: [PATCH 33/33] Introduce TLSv1.1 and TLSv1.2 options.
+Subject: [PATCH 33/59] Introduce TLSv1.1 and TLSv1.2 options.

 Users can now enable a specific version of TLS protocol.
 ---
@ -149,5 +149,5 @@ index cf1ae34..a3d569e 100644
 .B user_config_dir
 This powerful option allows the override of any config option specified in
 -- 
-2.7.4
+2.14.4

--- a/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch
+++ b/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch
@ -1,7 +1,7 @@
 From 4922e60589326540b2ee4f0bdfd6cb95f645f3d5 Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Fri, 18 Nov 2016 10:23:29 +0100
-Subject: [PATCH] Turn off seccomp sandbox, because it is too strict.
+Subject: [PATCH 34/59] Turn off seccomp sandbox, because it is too strict.

 ---
 tunables.c | 2 +-
@ -21,5 +21,5 @@ index 78f2bcd..5440c00 100644
 
   tunable_accept_timeout = 60;
 -- 
-2.7.4
+2.14.4

--- a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch
+++ b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch
@ -1,7 +1,7 @@
 From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 4 Sep 2017 11:32:03 +0200
-Subject: [PATCH 35/35] Modify DH enablement patch to build with OpenSSL 1.1
+Subject: [PATCH 35/59] Modify DH enablement patch to build with OpenSSL 1.1

 ---
 ssl.c | 41 ++++++++++++++++++++++++++++++++++++++---
@ -70,5 +70,5 @@ index ba8a613..09ec96a 100644
       return NULL;
     }
 -- 
-2.9.5
+2.14.4

--- a/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
+++ b/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
@ -1,7 +1,7 @@
 From 18e0ab25a0d66088728b506cf64f5545637eda26 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 5 Sep 2017 14:26:08 +0200
-Subject: [PATCH 36/36] Redefine VSFTP_COMMAND_FD to 1
+Subject: [PATCH 36/59] Redefine VSFTP_COMMAND_FD to 1

 Redefine VSFTP_COMMAND_FD to 1 (stdout) so that error messages generated
 during startup are picked up by systemd.
@ -25,5 +25,5 @@ index bde3232..315f0f0 100644
 #define VSFTP_PASSWORD_MAX      128
 #define VSFTP_USERNAME_MAX      128
 -- 
-2.9.5
+2.14.4

--- a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch
+++ b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch
@ -1,7 +1,7 @@
 From 221f35f302d53f5a89f8e79592492e7cb322e81a Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 26 Oct 2017 13:08:32 +0200
-Subject: [PATCH 37/37] Document the relationship of text_userdb_names and
+Subject: [PATCH 37/59] Document the relationship of text_userdb_names and
 chroot_local_user

 Note in vsftpd.conf(5) that text_userdb_names may not work when
@ -25,5 +25,5 @@ index a3d569e..45b3f9c 100644
 Default: NO
 .TP
 -- 
-2.14.3
+2.14.4

--- a/0038-Document-allow_writeable_chroot-in-the-man-page.patch
+++ b/0038-Document-allow_writeable_chroot-in-the-man-page.patch
@ -1,7 +1,7 @@
 From 35ec3be5427a54facd5f6299fda2da4c146d4846 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Fri, 24 Nov 2017 11:22:43 +0100
-Subject: [PATCH 38/38] Document allow_writeable_chroot in the man page
+Subject: [PATCH 38/59] Document allow_writeable_chroot in the man page

 ---
 vsftpd.conf.5 | 9 +++++++++
@ -28,5 +28,5 @@ index 45b3f9c..d1f0db5 100644
 .TP
 .B anon_mkdir_write_enable
 -- 
-2.14.3
+2.14.4

--- a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
+++ b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
@ -1,7 +1,7 @@
 From 7d4b76abb437184fa692533cb5537318026a30e8 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Fri, 24 Nov 2017 11:26:37 +0100
-Subject: [PATCH 39/39] Improve documentation of ASCII mode in the man page
+Subject: [PATCH 39/59] Improve documentation of ASCII mode in the man page

 ---
 vsftpd.conf.5 | 6 ++++++
@ -30,5 +30,5 @@ index d1f0db5..3ca55e4 100644
 Default: NO
 .TP
 -- 
-2.14.3
+2.14.4

--- a/0040-Use-system-wide-crypto-policy.patch
+++ b/0040-Use-system-wide-crypto-policy.patch
@ -1,7 +1,7 @@
 From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001
 From: Martin Sehnoutka <msehnout@redhat.com>
 Date: Tue, 29 Aug 2017 10:32:16 +0200
-Subject: [PATCH 40/40] Use system wide crypto policy
+Subject: [PATCH 40/59] Use system wide crypto policy

 Resolves: rhbz#1483970
 ---
@ -23,5 +23,5 @@ index 5440c00..354251c 100644
   install_str_setting(0, &tunable_dsa_private_key_file);
   install_str_setting(0, &tunable_ca_certs_file);
 -- 
-2.14.3
+2.14.4

--- a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
+++ b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
@ -1,7 +1,7 @@
 From 2369d1ea5144d525d315aba90da528e7d9bfd1cc Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 21 Dec 2017 14:19:18 +0100
-Subject: [PATCH 41/41] Document the new default for ssl_ciphers in the man
+Subject: [PATCH 41/59] Document the new default for ssl_ciphers in the man
 page

 Related: rhbz#1483970
@ -27,5 +27,5 @@ index 3ca55e4..2a7662e 100644
 .B user_config_dir
 This powerful option allows the override of any config option specified in
 -- 
-2.14.3
+2.14.4

--- a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
+++ b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
@ -1,7 +1,7 @@
 From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 21 Dec 2017 14:29:25 +0100
-Subject: [PATCH 42/42] When handling FEAT command, check ssl_tlsv1_1 and
+Subject: [PATCH 42/59] When handling FEAT command, check ssl_tlsv1_1 and
 ssl_tlsv1_2

 Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1
@ -28,5 +28,5 @@ index 1212980..d024366 100644
       vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
     }
 -- 
-2.14.3
+2.14.4

--- a/0043-Enable-only-TLSv1.2-by-default.patch
+++ b/0043-Enable-only-TLSv1.2-by-default.patch
@ -1,7 +1,7 @@
 From 75c942c77aa575143c5b75637e64a925ad12641a Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 21 Dec 2017 16:38:40 +0100
-Subject: [PATCH 43/43] Enable only TLSv1.2 by default
+Subject: [PATCH 43/59] Enable only TLSv1.2 by default

 Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default.
 ---
@ -49,5 +49,5 @@ index 2a7662e..df14027 100644
 .B ssl_tlsv1_2
 Only applies if
 -- 
-2.14.3
+2.14.4

--- a/0044-Disable-anonymous_enable-in-default-config-file.patch
+++ b/0044-Disable-anonymous_enable-in-default-config-file.patch
@ -1,7 +1,7 @@
 From ffaeebcfdb56ba75392af21c68c0bac78a226b55 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 2 Jan 2018 09:54:43 +0100
-Subject: [PATCH 44/44] Disable anonymous_enable in default config file
+Subject: [PATCH 44/59] Disable anonymous_enable in default config file

 Resolves: rhbz#1338637
 ---
@ -22,5 +22,5 @@ index 39d1955..4626c1b 100644
 # Uncomment this to allow local users to log in.
 # When SELinux is enforcing check for SE bool ftp_home_dir
 -- 
-2.14.3
+2.14.4

--- a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
+++ b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
@ -1,7 +1,7 @@
 From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 2 Jan 2018 16:25:55 +0100
-Subject: [PATCH 45/46] Expand explanation of ascii_* options behaviour in man
+Subject: [PATCH 45/59] Expand explanation of ascii_* options behaviour in man
 page

 ---
@ -48,5 +48,5 @@ index df14027..a5abeb2 100644
 Default: NO
 .TP
 -- 
-2.14.3
+2.14.4

--- a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
+++ b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
@ -1,7 +1,7 @@
 From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 2 Jan 2018 16:33:18 +0100
-Subject: [PATCH 46/46] vsftpd.conf: Refer to the man page regarding the
+Subject: [PATCH 46/59] vsftpd.conf: Refer to the man page regarding the
 ascii_* options

 ---
@ -23,5 +23,5 @@ index 4626c1b..e70bc6d 100644
 # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
 # predicted this attack and has always been safe, reporting the size of the
 -- 
-2.14.3
+2.14.4

--- a/0047-Disable-tcp_wrappers-support.patch
+++ b/0047-Disable-tcp_wrappers-support.patch
@ -1,7 +1,7 @@
 From b383ec42bb750419fea102fccf36af5216145eb2 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Fri, 5 Jan 2018 09:17:13 +0100
-Subject: [PATCH 47/48] Disable tcp_wrappers support
+Subject: [PATCH 47/59] Disable tcp_wrappers support

 Resolves: rhbz#1518796
 ---
@ -45,5 +45,5 @@ index e70bc6d..6b8eebb 100644
 userlist_enable=YES
 -tcp_wrappers=YES
 -- 
-2.14.3
+2.14.4

--- a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
+++ b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
@ -1,7 +1,7 @@
 From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Fri, 5 Jan 2018 09:40:09 +0100
-Subject: [PATCH 48/48] Fix default value of strict_ssl_read_eof in man page
+Subject: [PATCH 48/59] Fix default value of strict_ssl_read_eof in man page

 ---
 vsftpd.conf.5 | 5 ++---
@ -25,5 +25,5 @@ index a5abeb2..43b0435 100644
 .B strict_ssl_write_shutdown
 If enabled, SSL data downloads are required to terminate via SSL, not an
 -- 
-2.14.3
+2.14.4

--- a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch
+++ b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch
@ -1,7 +1,7 @@
 From 1203b943b369651d96d057f8190f14f015e6ff0b Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 6 Feb 2018 13:30:44 +0100
-Subject: [PATCH 49/49] Add new filename generation algorithm for STOU command
+Subject: [PATCH 49/59] Add new filename generation algorithm for STOU command

 A new configuration option 'better_stou' can be used to enable
 a better algorithm for generating unique filenames.
@ -318,5 +318,5 @@ index 43b0435..6911a73 100644
 .TP
 .B anon_mkdir_write_enable
 -- 
-2.14.3
+2.14.4

--- a/0050-Don-t-link-with-libnsl.patch
+++ b/0050-Don-t-link-with-libnsl.patch
@ -1,7 +1,7 @@
 From f8663f35d5d150f0533bb052e48306b9a5111d87 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Tue, 6 Feb 2018 18:04:53 +0100
-Subject: [PATCH 50/50] Don't link with libnsl
+Subject: [PATCH 50/59] Don't link with libnsl

 Don't link with libnsl. It builds just fine without it and
 vsf_findlibs.sh enables it only when tcp_wrappers is enabled.
@ -23,5 +23,5 @@ index 612994e..0f7411c 100644
 LDFLAGS	=	-fPIE -pie -Wl,-z,relro -Wl,-z,now
 
 -- 
-2.14.3
+2.14.4

--- a/0051-Improve-documentation-of-better_stou-in-the-man-page.patch
+++ b/0051-Improve-documentation-of-better_stou-in-the-man-page.patch
@ -1,7 +1,7 @@
 From 765f99b26705c8d6fe2be4feb07f4c91e7eb96f9 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 5 Apr 2018 12:29:03 +0200
-Subject: [PATCH] Improve documentation of better_stou in the man page
+Subject: [PATCH 51/59] Improve documentation of better_stou in the man page

 ---
 vsftpd.conf.5 | 7 ++++++-
@ -26,5 +26,5 @@ index 6911a73..e9ae474 100644
 Default: NO
 .TP
 -- 
-2.14.3
+2.14.4

--- a/0052-Fix-rDNS-with-IPv6.patch
+++ b/0052-Fix-rDNS-with-IPv6.patch
@ -1,7 +1,7 @@
 From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 26 Apr 2018 10:00:19 +0200
-Subject: [PATCH 1/4] Fix rDNS with IPv6
+Subject: [PATCH 52/59] Fix rDNS with IPv6

 Previously IPv6 addresses were not translated to hostnames for PAM to use.
 ---
@ -191,5 +191,5 @@ index 7a59f13..2df14ed 100644
 void vsf_sysutil_activate_keepalive(int fd);
 void vsf_sysutil_rcvtimeo(int fd);
 -- 
-2.14.3
+2.14.4

--- a/0053-Always-do-chdir-after-chroot.patch
+++ b/0053-Always-do-chdir-after-chroot.patch
@ -1,7 +1,7 @@
 From 315f9720db94af3319c9550feaf473b9cf09aeac Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Thu, 3 May 2018 13:20:28 +0200
-Subject: [PATCH 2/4] Always do chdir("/") after chroot()
+Subject: [PATCH 53/59] Always do chdir("/") after chroot()

 Always do chdir("/") after chroot() to be more sure we'll never get out
 of it. This will not affect the working directory after calling
@ -28,5 +28,5 @@ index b68583b..3014c05 100644
 
 unsigned int
 -- 
-2.14.3
+2.14.4

--- a/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
+++ b/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
@ -1,7 +1,7 @@
 From ca27e6e34d89fc247a164ed7330735644f97d7d8 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Wed, 9 May 2018 20:15:29 +0200
-Subject: [PATCH 3/4] vsf_sysutil_rcvtimeo: Check return value of setsockopt
+Subject: [PATCH 54/59] vsf_sysutil_rcvtimeo: Check return value of setsockopt

 ---
 sysutil.c | 7 ++++++-
@ -29,5 +29,5 @@ index 3014c05..de5f876 100644
 
 void
 -- 
-2.14.3
+2.14.4

--- a/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
+++ b/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
@ -1,7 +1,7 @@
 From c7ac05fdf2a7b53d901bfc3afeb9a61916aaaaf1 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Wed, 9 May 2018 20:26:37 +0200
-Subject: [PATCH 4/4] vsf_sysutil_get_tz: Check the return value of syscalls
+Subject: [PATCH 55/59] vsf_sysutil_get_tz: Check the return value of syscalls

 Check the return value of syscalls. There's always the possibility that
 they'll fail. (Failure of close() is not handled though, apart from EINTR.
@ -104,5 +104,5 @@ index de5f876..fd07d99 100644
 
   return ret_tz;
 -- 
-2.14.3
+2.14.4

--- a/0056-Log-die-calls-to-syslog.patch
+++ b/0056-Log-die-calls-to-syslog.patch
@ -1,7 +1,7 @@
 From ee6af258e8cb1a7fada5e6d3e54429b89f12b158 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Fri, 15 Jun 2018 12:02:21 +0200
-Subject: [PATCH 1/3] Log die() calls to syslog
+Subject: [PATCH 56/59] Log die() calls to syslog

 Pass messages given to die(), die2() and bug() to syslog. Currently this
 functionality requires waiting for a short amount of time (1 second is
--- a/0057-Improve-error-message-when-max-number-of-bind-attemp.patch
+++ b/0057-Improve-error-message-when-max-number-of-bind-attemp.patch
@ -1,8 +1,8 @@
 From 380e40930661d643c865bace4e1791ca8f9d74cf Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 18 Jun 2018 14:01:46 +0200
-Subject: [PATCH 2/3] Improve error message when max number of bind attempts is
- exceeded
+Subject: [PATCH 57/59] Improve error message when max number of bind attempts
+ is exceeded

 Resolves: rhbz#1318198
 ---
--- a/0058-Make-the-max-number-of-bind-retries-tunable.patch
+++ b/0058-Make-the-max-number-of-bind-retries-tunable.patch
@ -1,7 +1,7 @@
 From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
 Date: Mon, 18 Jun 2018 10:13:48 +0200
-Subject: [PATCH 3/3] Make the max number of bind retries tunable
+Subject: [PATCH 58/59] Make the max number of bind retries tunable

 Resolves: rhbz#1318198
 ---
--- a/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch
+++ b/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch
@ -0,0 +1,58 @@
+From 970711fde95bee3de1e4a5e0b557c3132d0c3e3f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
+Date: Tue, 6 Feb 2018 11:39:01 +0100
+Subject: [PATCH 59/59] Fix SEGFAULT when running in a container as PID 1
+
+When vsftpd is running in a container as PID 1, it is possible
+that it will get SIGCHILD for processes, which were not directly
+created by it, but by some of its children. These processes will
+not be in the s_p_pid_ip_hash hash table, and thus trying to
+delete the entry from the hash table in standalone.c:handle_sigchld()
+will result in segmentation fault.
+
+I can quite easily reproduce it with the upstream vsftpd and default
+configuration, except for isolate=NO and isolate_network=NO being set
+(it seems to me that network namespaces take a long time to create
+and destroy, which hides the race condition), on a quad-core machine.
+When connecting to vsftpd in a loop like this:
+$ while true; do echo -en '' | nc localhost 21; done
+
+vsftpd crashes after a couple of seconds.
+---
+ standalone.c | 18 +++++++++++++-----
+ 1 file changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/standalone.c b/standalone.c
+index 3b65ea2..3f35e9e 100644
+--- a/standalone.c
+++ b/standalone.c
+@@ -270,13 +270,21 @@ handle_sigchld(void* duff)
+     if (reap_one)
+     {
+       struct vsf_sysutil_ipaddr* p_ip;
+-      /* Account total number of instances */
+-      --s_children;
+-      /* Account per-IP limit */
+       p_ip = (struct vsf_sysutil_ipaddr*)
+         hash_lookup_entry(s_p_pid_ip_hash, (void*)&reap_one);
+-      drop_ip_count(p_ip);      
+-      hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one);
+      /* If we are running in a container as PID 1, it is possible
+       * that we will get SIGCHILD for processes, which were not
+       * created directly by our process and which are not in the
+       * s_p_pid_ip_hash hash table.
+       */
+      if (p_ip)
+      {
+        /* Account total number of instances */
+        --s_children;
+        /* Account per-IP limit */
+        drop_ip_count(p_ip);
+        hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one);
+      }
+     }
+   }
+ }
+-- 
+2.14.4
+
--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -2,7 +2,7 @@

 Name:    vsftpd
 Version: 3.0.3
-Release: 26%{?dist}
+Release: 27%{?dist}
 Summary: Very Secure Ftp Daemon

 Group:    System Environment/Daemons
@ -79,14 +79,15 @@ Patch47: 0047-Disable-tcp_wrappers-support.patch
 Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
 Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch
 Patch50: 0050-Don-t-link-with-libnsl.patch
-Patch51: 0001-Improve-documentation-of-better_stou-in-the-man-page.patch
-Patch52: 0001-Fix-rDNS-with-IPv6.patch
-Patch53: 0002-Always-do-chdir-after-chroot.patch
-Patch54: 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
-Patch55: 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
-Patch56: 0001-Log-die-calls-to-syslog.patch
-Patch57: 0002-Improve-error-message-when-max-number-of-bind-attemp.patch
-Patch58: 0003-Make-the-max-number-of-bind-retries-tunable.patch
+Patch51: 0051-Improve-documentation-of-better_stou-in-the-man-page.patch
+Patch52: 0052-Fix-rDNS-with-IPv6.patch
+Patch53: 0053-Always-do-chdir-after-chroot.patch
+Patch54: 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
+Patch55: 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
+Patch56: 0056-Log-die-calls-to-syslog.patch
+Patch57: 0057-Improve-error-message-when-max-number-of-bind-attemp.patch
+Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch
+Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch

 %description
 vsftpd is a Very Secure FTP daemon. It was written completely from
@ -155,6 +156,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
 %{_var}/ftp

 %changelog
+* Wed Jul 25 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-27
+- Fix a segfault when running as PID 1
+
 * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-26
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild