Update to 3.0.3 version

This commit is contained in:
Martin Sehnoutka 2016-03-17 14:10:03 +01:00
parent 15b422966d
commit 8167548a23
30 changed files with 2364 additions and 426 deletions

1
.gitignore vendored
View File

@ -5,3 +5,4 @@ vsftpd-2.3.2.tar.gz
/vsftpd-3.0.0.tar.gz /vsftpd-3.0.0.tar.gz
/vsftpd-3.0.1.tar.gz /vsftpd-3.0.1.tar.gz
/vsftpd-3.0.2.tar.gz /vsftpd-3.0.2.tar.gz
/vsftpd-3.0.3.tar.gz

View File

@ -1 +1 @@
8b00c749719089401315bd3c44dddbb2 vsftpd-3.0.2.tar.gz da119d084bd3f98664636ea05b5bb398 vsftpd-3.0.3.tar.gz

26
vsftpd-2.0.5-fix_qm.patch Normal file
View File

@ -0,0 +1,26 @@
From cdcb1c5f660fb4f72b4896f5145a34e9dd158252 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 12:00:34 +0100
Subject: [PATCH 26/26] Applied vsftpd-2.0.5-fix_qm.patch
---
ls.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ls.c b/ls.c
index f18791d..de68c30 100644
--- a/ls.c
+++ b/ls.c
@@ -459,7 +459,8 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
must_match_at_current_pos = 0;
}
} while (locate_result.found &&
- str_getlen(&name_remain_str) > 0 && last_token != '*');
+ str_getlen(&name_remain_str) > 0 &&
+ last_token != '*' && last_token != '?');
}
/* Any incoming string left means no match unless we ended on the correct
* type of wildcard.
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.1.0/builddefs.h.build_ssl vsftpd-2.1.0/builddefs.h From 2ee718251d602abf6f4c5bb2fc6d829e32d3f3e1 Mon Sep 17 00:00:00 2001
--- vsftpd-2.1.0/builddefs.h.build_ssl 2009-01-08 18:49:33.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:49:41.000000000 +0100 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 02/26] Applied vsftpd-2.1.0-build_ssl.patch
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index e908352..63cc62b 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -3,7 +3,7 @@ @@ -3,7 +3,7 @@
#undef VSF_BUILD_TCPWRAPPERS #undef VSF_BUILD_TCPWRAPPERS
@ -10,3 +20,6 @@ diff -up vsftpd-2.1.0/builddefs.h.build_ssl vsftpd-2.1.0/builddefs.h
#endif /* VSF_BUILDDEFS_H */ #endif /* VSF_BUILDDEFS_H */
--
2.5.0

View File

@ -1,37 +1,27 @@
diff -up vsftpd-2.2.0/defs.h.configuration vsftpd-2.2.0/defs.h From 4c4dcfaa65c86da78d2cf49f0f4a5c8d63a78d3a Mon Sep 17 00:00:00 2001
--- vsftpd-2.2.0/defs.h.configuration 2009-01-07 21:22:22.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.2.0/defs.h 2009-08-04 07:37:01.000000000 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -1,7 +1,7 @@ Subject: [PATCH 04/26] Applied vsftpd-2.1.0-configuration.patch
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf" ---
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf" EXAMPLE/INTERNET_SITE/README | 6 +++---
EXAMPLE/INTERNET_SITE_NOINETD/README | 4 ++--
EXAMPLE/PER_IP_CONFIG/README | 4 ++--
EXAMPLE/VIRTUAL_USERS/README | 14 +++++++-------
FAQ | 8 ++++----
INSTALL | 10 +++++-----
README | 5 +++++
defs.h | 2 +-
tunables.c | 10 +++++-----
vsftpd.8 | 10 +++++-----
vsftpd.conf | 20 +++++++++++++-------
vsftpd.conf.5 | 22 +++++++++++-----------
12 files changed, 63 insertions(+), 52 deletions(-)
#define VSFTP_COMMAND_FD 0 diff --git a/EXAMPLE/INTERNET_SITE/README b/EXAMPLE/INTERNET_SITE/README
index 12b10a5..fe3d7ca 100644
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README --- a/EXAMPLE/INTERNET_SITE/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration 2008-02-02 02:30:40.000000000 +0100 +++ b/EXAMPLE/INTERNET_SITE/README
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README 2009-08-04 07:37:01.000000000 +0200
@@ -17,7 +17,7 @@ even per-connect-IP configurability.
To use this example config:
-1) Copy the vsftpd.conf file in this directory to /etc/vsftpd.conf.
+1) Copy the vsftpd.conf file in this directory to /etc/vsftpd/vsftpd.conf.
2) Start up vsftpd, e.g.
vsftpd &
@@ -51,5 +51,5 @@ in the vsftpd.conf:
listen_address=192.168.1.2
And launch vsftpd with a specific config file like this:
-vsftpd /etc/vsftpd.conf.site1 &
+vsftpd /etc/vsftpd/vsftpd.conf.site1 &
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README 2009-08-04 07:37:01.000000000 +0200
@@ -41,13 +41,13 @@ no_access = 192.168.1.3 @@ -41,13 +41,13 @@ no_access = 192.168.1.3
As an example of how to ban certain sites from connecting, 192.168.1.3 will As an example of how to ban certain sites from connecting, 192.168.1.3 will
be denied access. be denied access.
@ -48,7 +38,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EX
log_on_success += PID HOST DURATION log_on_success += PID HOST DURATION
log_on_failure += HOST log_on_failure += HOST
@@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration @@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration file.
An example file is supplied. Install it like this: An example file is supplied. Install it like this:
@ -57,10 +47,31 @@ diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EX
Let's example the contents of the file: Let's example the contents of the file:
diff -up vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README diff --git a/EXAMPLE/INTERNET_SITE_NOINETD/README b/EXAMPLE/INTERNET_SITE_NOINETD/README
--- vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration 2008-02-02 02:30:40.000000000 +0100 index ce17af2..9198c5f 100644
+++ vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README 2009-08-04 07:37:01.000000000 +0200 --- a/EXAMPLE/INTERNET_SITE_NOINETD/README
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc +++ b/EXAMPLE/INTERNET_SITE_NOINETD/README
@@ -17,7 +17,7 @@ even per-connect-IP configurability.
To use this example config:
-1) Copy the vsftpd.conf file in this directory to /etc/vsftpd.conf.
+1) Copy the vsftpd.conf file in this directory to /etc/vsftpd/vsftpd.conf.
2) Start up vsftpd, e.g.
vsftpd &
@@ -51,5 +51,5 @@ in the vsftpd.conf:
listen_address=192.168.1.2
And launch vsftpd with a specific config file like this:
-vsftpd /etc/vsftpd.conf.site1 &
+vsftpd /etc/vsftpd/vsftpd.conf.site1 &
diff --git a/EXAMPLE/PER_IP_CONFIG/README b/EXAMPLE/PER_IP_CONFIG/README
index a9ef352..34924d5 100644
--- a/EXAMPLE/PER_IP_CONFIG/README
+++ b/EXAMPLE/PER_IP_CONFIG/README
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc/hosts.allow.
Let's have a look at the example: Let's have a look at the example:
@ -75,10 +86,11 @@ diff -up vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration vsftpd-2.2.0/EX
applied ON TOP of the default vsftpd.conf. applied ON TOP of the default vsftpd.conf.
This is obviously very powerful. You might use this to apply different This is obviously very powerful. You might use this to apply different
access restrictions for some IPs (e.g. the ability to upload). access restrictions for some IPs (e.g. the ability to upload).
diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README diff --git a/EXAMPLE/VIRTUAL_USERS/README b/EXAMPLE/VIRTUAL_USERS/README
--- vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration 2008-02-02 02:30:40.000000000 +0100 index b48995d..72972fa 100644
+++ vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README 2009-08-04 07:37:01.000000000 +0200 --- a/EXAMPLE/VIRTUAL_USERS/README
@@ -15,7 +15,7 @@ See example file "logins.txt" - this spe +++ b/EXAMPLE/VIRTUAL_USERS/README
@@ -15,7 +15,7 @@ See example file "logins.txt" - this specifies "tom" with password "foo" and
"fred" with password "bar". "fred" with password "bar".
Whilst logged in as root, create the actual database file like this: Whilst logged in as root, create the actual database file like this:
@ -87,7 +99,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
(Requires the Berkeley db program installed). (Requires the Berkeley db program installed).
NOTE: Many systems have multiple versions of "db" installed, so you may NOTE: Many systems have multiple versions of "db" installed, so you may
need to use e.g. db3_load for correct operation. This is known to affect need to use e.g. db3_load for correct operation. This is known to affect
@@ -23,10 +23,10 @@ some Debian systems. The core issue is t @@ -23,10 +23,10 @@ some Debian systems. The core issue is that pam_userdb expects its login
database to be a specific db version (often db3, whereas db4 may be installed database to be a specific db version (often db3, whereas db4 may be installed
on your system). on your system).
@ -100,7 +112,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
For more information on maintaing your login database, look around for For more information on maintaing your login database, look around for
documentation on "Berkeley DB", e.g. documentation on "Berkeley DB", e.g.
@@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses you @@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses your new database.
See the example file vsftpd.pam. It contains two lines: See the example file vsftpd.pam. It contains two lines:
@ -123,10 +135,11 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
Step 5) Start up vsftpd. Step 5) Start up vsftpd.
diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ diff --git a/FAQ b/FAQ
--- vsftpd-2.2.0/FAQ.configuration 2009-02-18 23:33:04.000000000 +0100 index 59fe56b..0142a0d 100644
+++ vsftpd-2.2.0/FAQ 2009-08-04 07:37:01.000000000 +0200 --- a/FAQ
@@ -34,7 +34,7 @@ needs this user to run bits of itself wi +++ b/FAQ
@@ -35,7 +35,7 @@ needs this user to run bits of itself with no privilege.
Q) Help! Local users cannot log in. Q) Help! Local users cannot log in.
A) There are various possible problems. A) There are various possible problems.
A1) By default, vsftpd disables any logins other than anonymous logins. Put A1) By default, vsftpd disables any logins other than anonymous logins. Put
@ -135,7 +148,7 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to
find out whether this has happened or not). If vsftpd links with PAM, then find out whether this has happened or not). If vsftpd links with PAM, then
you will need to have a PAM file installed for the vsftpd service. There is you will need to have a PAM file installed for the vsftpd service. There is
@@ -46,12 +46,12 @@ system have a "shadow.h" file in the inc @@ -47,12 +47,12 @@ system have a "shadow.h" file in the include path?
A4) If you are not using PAM, then vsftpd will do its own check for a valid A4) If you are not using PAM, then vsftpd will do its own check for a valid
user shell in /etc/shells. You may need to disable this if you use an invalid user shell in /etc/shells. You may need to disable this if you use an invalid
shell to disable logins other than FTP logins. Put check_shell=NO in your shell to disable logins other than FTP logins. Put check_shell=NO in your
@ -150,7 +163,7 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
Q) Help! What are the security implications referred to in the Q) Help! What are the security implications referred to in the
"chroot_local_user" option? "chroot_local_user" option?
@@ -87,7 +87,7 @@ A2) Alternatively, run as many copies as @@ -88,7 +88,7 @@ A2) Alternatively, run as many copies as vsftpd as necessary, in standalone
mode. Use "listen_address=x.x.x.x" to set the virtual IP. mode. Use "listen_address=x.x.x.x" to set the virtual IP.
Q) Help! Does vsftpd support virtual users? Q) Help! Does vsftpd support virtual users?
@ -159,9 +172,10 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
has the effect of mapping every non-anonymous successful login to the local has the effect of mapping every non-anonymous successful login to the local
username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb
module to provide authentication against an external (i.e. non-/etc/passwd) module to provide authentication against an external (i.e. non-/etc/passwd)
diff -up vsftpd-2.2.0/INSTALL.configuration vsftpd-2.2.0/INSTALL diff --git a/INSTALL b/INSTALL
--- vsftpd-2.2.0/INSTALL.configuration 2008-02-02 02:30:39.000000000 +0100 index 4f811aa..93a8a81 100644
+++ vsftpd-2.2.0/INSTALL 2009-08-04 07:37:01.000000000 +0200 --- a/INSTALL
+++ b/INSTALL
@@ -56,14 +56,14 @@ cp vsftpd.8 /usr/local/man/man8 @@ -56,14 +56,14 @@ cp vsftpd.8 /usr/local/man/man8
"make install" doesn't copy the sample config file. It is recommended you "make install" doesn't copy the sample config file. It is recommended you
@ -194,10 +208,11 @@ diff -up vsftpd-2.2.0/INSTALL.configuration vsftpd-2.2.0/INSTALL
The default configuration allows neither local user logins nor anonymous The default configuration allows neither local user logins nor anonymous
uploads. You may wish to change these defaults. uploads. You may wish to change these defaults.
diff -up vsftpd-2.2.0/README.configuration vsftpd-2.2.0/README diff --git a/README b/README
--- vsftpd-2.2.0/README.configuration 2009-07-07 22:23:22.000000000 +0200 index 86643c1..adc7f42 100644
+++ vsftpd-2.2.0/README 2009-08-04 07:37:01.000000000 +0200 --- a/README
@@ -37,3 +37,8 @@ All configuration options are documented +++ b/README
@@ -37,3 +37,8 @@ All configuration options are documented in the manual page vsftpd.conf.5.
Various example configurations are discussed in the EXAMPLE directory. Various example configurations are discussed in the EXAMPLE directory.
Frequently asked questions are tackled in the FAQ file. Frequently asked questions are tackled in the FAQ file.
@ -206,10 +221,24 @@ diff -up vsftpd-2.2.0/README.configuration vsftpd-2.2.0/README
+The location of configuration files was changed to /etc/vsftpd/. If you want +The location of configuration files was changed to /etc/vsftpd/. If you want
+to migrate your old conf files from /etc (files vsftpd.xxxx.rpmsave) use +to migrate your old conf files from /etc (files vsftpd.xxxx.rpmsave) use
+/etc/vsfptd/vsftpd_conf_migrate.sh +/etc/vsfptd/vsftpd_conf_migrate.sh
diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c diff --git a/defs.h b/defs.h
--- vsftpd-2.2.0/tunables.c.configuration 2009-07-15 22:08:27.000000000 +0200 index 0ff5864..ca11eac 100644
+++ vsftpd-2.2.0/tunables.c 2009-08-04 07:37:01.000000000 +0200 --- a/defs.h
@@ -186,7 +186,7 @@ tunables_load_defaults() +++ b/defs.h
@@ -1,7 +1,7 @@
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
#define VSFTP_COMMAND_FD 0
diff --git a/tunables.c b/tunables.c
index 284a10d..0ac4c34 100644
--- a/tunables.c
+++ b/tunables.c
@@ -190,7 +190,7 @@ tunables_load_defaults()
tunable_listen_ipv6 = 0; tunable_listen_ipv6 = 0;
tunable_dual_log_enable = 0; tunable_dual_log_enable = 0;
tunable_syslog_enable = 0; tunable_syslog_enable = 0;
@ -218,7 +247,7 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
tunable_virtual_use_local_privs = 0; tunable_virtual_use_local_privs = 0;
tunable_session_support = 0; tunable_session_support = 0;
tunable_download_enable = 1; tunable_download_enable = 1;
@@ -254,11 +254,11 @@ tunables_load_defaults() @@ -262,11 +262,11 @@ tunables_load_defaults()
install_str_setting(".message", &tunable_message_file); install_str_setting(".message", &tunable_message_file);
install_str_setting("nobody", &tunable_nopriv_user); install_str_setting("nobody", &tunable_nopriv_user);
install_str_setting(0, &tunable_ftpd_banner); install_str_setting(0, &tunable_ftpd_banner);
@ -233,7 +262,7 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
install_str_setting(0, &tunable_anon_root); install_str_setting(0, &tunable_anon_root);
install_str_setting(0, &tunable_local_root); install_str_setting(0, &tunable_local_root);
install_str_setting(0, &tunable_banner_file); install_str_setting(0, &tunable_banner_file);
@@ -271,7 +271,7 @@ tunables_load_defaults() @@ -279,7 +279,7 @@ tunables_load_defaults()
install_str_setting(0, &tunable_hide_file); install_str_setting(0, &tunable_hide_file);
install_str_setting(0, &tunable_deny_file); install_str_setting(0, &tunable_deny_file);
install_str_setting(0, &tunable_user_sub_token); install_str_setting(0, &tunable_user_sub_token);
@ -242,10 +271,11 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
&tunable_email_password_file); &tunable_email_password_file);
install_str_setting("/usr/share/ssl/certs/vsftpd.pem", install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file); &tunable_rsa_cert_file);
diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8 diff --git a/vsftpd.8 b/vsftpd.8
--- vsftpd-2.2.0/vsftpd.8.configuration 2009-07-17 22:56:23.000000000 +0200 index 6640b57..c920e7d 100644
+++ vsftpd-2.2.0/vsftpd.8 2009-08-04 07:40:27.000000000 +0200 --- a/vsftpd.8
@@ -21,7 +21,7 @@ itself will listen on the network. This +++ b/vsftpd.8
@@ -21,7 +21,7 @@ itself will listen on the network. This latter mode is easier to use, and
recommended. It is activated by setting recommended. It is activated by setting
.Pa listen=YES .Pa listen=YES
in in
@ -254,7 +284,7 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
Direct execution of the Direct execution of the
.Nm vsftpd .Nm vsftpd
binary will then launch the FTP service ready for immediate client connections. binary will then launch the FTP service ready for immediate client connections.
@@ -33,7 +33,7 @@ as root. Any command line option not sta @@ -33,7 +33,7 @@ as root. Any command line option not starting with a "-" character is treated
as a config file that will be loaded. Note that config files are loaded in the as a config file that will be loaded. Note that config files are loaded in the
strict order that they are encountered on the command line. strict order that they are encountered on the command line.
If no config files are specified, the default configuration file of If no config files are specified, the default configuration file of
@ -263,7 +293,7 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
will be loaded, after all other command line options are processed. will be loaded, after all other command line options are processed.
.Pp .Pp
Supported options are: Supported options are:
@@ -47,14 +47,14 @@ their appearance on the command line, in @@ -47,14 +47,14 @@ their appearance on the command line, including intermingling with loading of
config files. config files.
.El .El
.Sh EXAMPLES .Sh EXAMPLES
@ -281,105 +311,10 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
.Sh SEE ALSO .Sh SEE ALSO
.Xr vsftpd.conf 5 .Xr vsftpd.conf 5
.end .end
diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5 diff --git a/vsftpd.conf b/vsftpd.conf
--- vsftpd-2.2.0/vsftpd.conf.5.configuration 2009-07-17 22:57:04.000000000 +0200 index cc1c607..db44170 100644
+++ vsftpd-2.2.0/vsftpd.conf.5 2009-08-04 07:37:01.000000000 +0200 --- a/vsftpd.conf
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd +++ b/vsftpd.conf
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory up
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless th
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -801,7 +801,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -862,7 +862,7 @@ This option can be used to provide an al
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -985,10 +985,10 @@ the manual page, on a per-user basis. Us
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1024,7 +1024,7 @@ This option is the name of the file load
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--- vsftpd-2.2.2/vsftpd.conf.configuration 2009-10-19 04:04:23.000000000 +0200
+++ vsftpd-2.2.2/vsftpd.conf 2010-08-06 09:28:44.891173995 +0200
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
-# Example config file /etc/vsftpd.conf -# Example config file /etc/vsftpd.conf
+# Example config file /etc/vsftpd/vsftpd.conf +# Example config file /etc/vsftpd/vsftpd.conf
@ -410,7 +345,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
#anon_upload_enable=YES #anon_upload_enable=YES
# #
# Uncomment this if you want the anonymous FTP user to be able to create # Uncomment this if you want the anonymous FTP user to be able to create
@@ -52,7 +54,7 @@ @@ -52,7 +54,7 @@ connect_from_port_20=YES
# #
# If you want, you can have your log file in standard ftpd xferlog format. # If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case. # Note that the default log file location is /var/log/xferlog in this case.
@ -419,7 +354,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
# #
# You may change the default value for timing out an idle session. # You may change the default value for timing out an idle session.
#idle_session_timeout=600 #idle_session_timeout=600
@@ -87,7 +89,7 @@ @@ -87,7 +89,7 @@ connect_from_port_20=YES
# useful for combatting certain DoS attacks. # useful for combatting certain DoS attacks.
#deny_email_enable=YES #deny_email_enable=YES
# (default follows) # (default follows)
@ -428,7 +363,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
# #
# You may specify an explicit list of local users to chroot() to their home # You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of # directory. If chroot_local_user is YES, then this list becomes a list of
@@ -95,7 +97,7 @@ @@ -98,7 +100,7 @@ connect_from_port_20=YES
#chroot_local_user=YES #chroot_local_user=YES
#chroot_list_enable=YES #chroot_list_enable=YES
# (default follows) # (default follows)
@ -437,7 +372,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
# #
# You may activate the "-R" option to the builtin ls. This is disabled by # You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large # default to avoid remote users being able to cause excessive I/O on large
@@ -112,3 +114,7 @@ @@ -115,3 +117,7 @@ listen=YES
# sockets, you must run two copies of vsftpd with two configuration files. # sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !! # Make sure, that one of the listen options is commented !!
#listen_ipv6=YES #listen_ipv6=YES
@ -445,3 +380,104 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
+pam_service_name=vsftpd +pam_service_name=vsftpd
+userlist_enable=YES +userlist_enable=YES
+tcp_wrappers=YES +tcp_wrappers=YES
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fcc6022..5e46a2f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "listen" mode, vsftpd will background
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory upon login. The meaning is slightly
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless the password provided is listed in the
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This file is consulted if the option
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -803,7 +803,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -864,7 +864,7 @@ This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -987,10 +987,10 @@ the manual page, on a per-user basis. Usage is simple, and is best illustrated
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1026,7 +1026,7 @@ This option is the name of the file loaded when the
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--
2.5.0

View File

@ -1,7 +1,19 @@
diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c From d8f1f584c96d3449265a54fa62c5944b1b7c915c Mon Sep 17 00:00:00 2001
--- vsftpd-2.1.0/ls.c.filter 2008-02-02 02:30:41.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.1.0/ls.c 2009-01-08 19:31:15.000000000 +0100 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -239,9 +239,31 @@ vsf_filename_passes_filter(const struct Subject: [PATCH 07/26] Applied vsftpd-2.1.0-filter.patch
---
ls.c | 26 ++++++++++++++++++++++++--
str.c | 11 +++++++++++
str.h | 1 +
3 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/ls.c b/ls.c
index 7e1376d..e9302dd 100644
--- a/ls.c
+++ b/ls.c
@@ -246,9 +246,31 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
int ret = 0; int ret = 0;
char last_token = 0; char last_token = 0;
int must_match_at_current_pos = 1; int must_match_at_current_pos = 1;
@ -35,10 +47,11 @@ diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c
while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX) while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
{ {
static struct mystr s_match_needed_str; static struct mystr s_match_needed_str;
diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c diff --git a/str.c b/str.c
--- vsftpd-2.1.0/str.c.filter 2008-12-17 06:54:16.000000000 +0100 index 6596204..ba4b92a 100644
+++ vsftpd-2.1.0/str.c 2009-01-08 19:31:15.000000000 +0100 --- a/str.c
@@ -680,3 +680,14 @@ str_replace_unprintable(struct mystr* p_ +++ b/str.c
@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
} }
} }
@ -53,10 +66,11 @@ diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c
+ if (str_isempty(d_str)) + if (str_isempty(d_str))
+ str_copy (d_str, path); + str_copy (d_str, path);
+} +}
diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h diff --git a/str.h b/str.h
--- vsftpd-2.1.0/str.h.filter 2008-12-17 06:53:23.000000000 +0100 index ab0a9a4..3a21b50 100644
+++ vsftpd-2.1.0/str.h 2009-01-08 19:32:14.000000000 +0100 --- a/str.h
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst +++ b/str.h
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct mystr* p_str, char new_char);
int str_atoi(const struct mystr* p_str); int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str); filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str); unsigned int str_octal_to_uint(const struct mystr* p_str);
@ -64,3 +78,6 @@ diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h
/* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
* buffer, starting at character position 'p_pos'. The extracted line will * buffer, starting at character position 'p_pos'. The extracted line will
--
2.5.0

View File

@ -1,7 +1,17 @@
diff -up vsftpd-3.0.0/Makefile.libs vsftpd-3.0.0/Makefile From e007fc137c6bee2d359af9cfc88cd01fb672cc1e Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.0/Makefile.libs 2012-04-03 09:21:18.000000000 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.0/Makefile 2012-04-10 21:20:39.377248990 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --p Subject: [PATCH 01/26] Applied vsftpd-2.1.0-libs.patch
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index c63ed1b..98118dc 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
-D_FORTIFY_SOURCE=2 \ -D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion #-pedantic -Wconversion
@ -10,3 +20,6 @@ diff -up vsftpd-3.0.0/Makefile.libs vsftpd-3.0.0/Makefile
LINK = -Wl,-s LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c From fb9754bb10105b6c23d355fd448f55ab94c704b8 Mon Sep 17 00:00:00 2001
--- vsftpd-2.2.0/sysdeputil.c.pam_hostname 2009-08-08 03:51:10.000000000 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.2.0/sysdeputil.c 2009-08-24 12:24:07.220623773 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 05/26] Applied vsftpd-2.1.0-pam_hostname.patch
---
sysdeputil.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index 06f01f4..b2782da 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -16,6 +16,10 @@ @@ -16,6 +16,10 @@
#include "tunables.h" #include "tunables.h"
#include "builddefs.h" #include "builddefs.h"
@ -12,7 +22,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
/* For Linux, this adds nothing :-) */ /* For Linux, this adds nothing :-) */
#include "port/porting_junk.h" #include "port/porting_junk.h"
@@ -325,6 +329,10 @@ vsf_sysdep_check_auth(struct mystr* p_us @@ -323,6 +327,10 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
const struct mystr* p_remote_host) const struct mystr* p_remote_host)
{ {
int retval = -1; int retval = -1;
@ -23,7 +33,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
pam_item_t item; pam_item_t item;
const char* pam_user_name = 0; const char* pam_user_name = 0;
struct pam_conv the_conv = struct pam_conv the_conv =
@@ -345,7 +353,12 @@ vsf_sysdep_check_auth(struct mystr* p_us @@ -346,7 +354,12 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
return 0; return 0;
} }
#ifdef PAM_RHOST #ifdef PAM_RHOST
@ -37,7 +47,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
if (retval != PAM_SUCCESS) if (retval != PAM_SUCCESS)
{ {
(void) pam_end(s_pamh, retval); (void) pam_end(s_pamh, retval);
@@ -558,7 +571,7 @@ vsf_sysdep_has_capabilities(void) @@ -559,7 +572,7 @@ vsf_sysdep_has_capabilities(void)
} }
return s_runtime_has_caps; return s_runtime_has_caps;
} }
@ -46,7 +56,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
#ifndef VSF_SYSDEP_HAVE_LIBCAP #ifndef VSF_SYSDEP_HAVE_LIBCAP
static int static int
do_checkcap(void) do_checkcap(void)
@@ -1080,7 +1093,7 @@ vsf_sysutil_recv_fd(const int sock_fd) @@ -1081,7 +1094,7 @@ vsf_sysutil_recv_fd(const int sock_fd)
msg.msg_flags = 0; msg.msg_flags = 0;
/* In case something goes wrong, set the fd to -1 before the syscall */ /* In case something goes wrong, set the fd to -1 before the syscall */
p_fd = (int*)CMSG_DATA(CMSG_FIRSTHDR(&msg)); p_fd = (int*)CMSG_DATA(CMSG_FIRSTHDR(&msg));
@ -55,3 +65,6 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
retval = recvmsg(sock_fd, &msg, 0); retval = recvmsg(sock_fd, &msg, 0);
if (retval != 1) if (retval != 1)
{ {
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.1.0/builddefs.h.tcp_wrappers vsftpd-2.1.0/builddefs.h From 3e01cb1388681f8a956c954570db4fe8ac61d1bc Mon Sep 17 00:00:00 2001
--- vsftpd-2.1.0/builddefs.h.tcp_wrappers 2009-01-08 18:52:46.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:52:56.000000000 +0100 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 03/26] Applied vsftpd-2.1.0-tcp_wrappers.patch
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index 63cc62b..83de674 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
#ifndef VSF_BUILDDEFS_H #ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H #define VSF_BUILDDEFS_H
@ -10,3 +20,6 @@ diff -up vsftpd-2.1.0/builddefs.h.tcp_wrappers vsftpd-2.1.0/builddefs.h
#define VSF_BUILD_PAM #define VSF_BUILD_PAM
#define VSF_BUILD_SSL #define VSF_BUILD_SSL
--
2.5.0

View File

@ -1,7 +1,21 @@
diff -up vsftpd-2.2.0/parseconf.c.trim vsftpd-2.2.0/parseconf.c From aea6f1b484d06c56f636ae5ed7df232d6a94f57a Mon Sep 17 00:00:00 2001
--- vsftpd-2.2.0/parseconf.c.trim 2009-08-04 08:01:10.000000000 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.2.0/parseconf.c 2009-08-04 08:10:49.000000000 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -275,7 +275,7 @@ vsf_parseconf_load_setting(const char* p Subject: [PATCH 09/26] Applied vsftpd-2.1.0-trim.patch
---
parseconf.c | 2 +-
str.c | 12 ++++++++++++
str.h | 1 +
sysutil.c | 12 ++++++++++++
sysutil.h | 1 +
5 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/parseconf.c b/parseconf.c
index 385afd2..30df598 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -280,7 +280,7 @@ vsf_parseconf_load_setting(const char* p_setting, int errs_fatal)
} }
else else
{ {
@ -10,10 +24,11 @@ diff -up vsftpd-2.2.0/parseconf.c.trim vsftpd-2.2.0/parseconf.c
} }
return; return;
} }
diff -up vsftpd-2.2.0/str.c.trim vsftpd-2.2.0/str.c diff --git a/str.c b/str.c
--- vsftpd-2.2.0/str.c.trim 2009-08-04 08:01:10.000000000 +0200 index ba4b92a..41b27db 100644
+++ vsftpd-2.2.0/str.c 2009-08-04 08:01:10.000000000 +0200 --- a/str.c
@@ -89,6 +89,18 @@ str_strdup(const struct mystr* p_str) +++ b/str.c
@@ -104,6 +104,18 @@ str_strdup(const struct mystr* p_str)
return vsf_sysutil_strdup(str_getbuf(p_str)); return vsf_sysutil_strdup(str_getbuf(p_str));
} }
@ -32,10 +47,11 @@ diff -up vsftpd-2.2.0/str.c.trim vsftpd-2.2.0/str.c
void void
str_alloc_alt_term(struct mystr* p_str, const char* p_src, char term) str_alloc_alt_term(struct mystr* p_str, const char* p_src, char term)
{ {
diff -up vsftpd-2.2.0/str.h.trim vsftpd-2.2.0/str.h diff --git a/str.h b/str.h
--- vsftpd-2.2.0/str.h.trim 2009-08-04 08:01:10.000000000 +0200 index 3a21b50..44270da 100644
+++ vsftpd-2.2.0/str.h 2009-08-04 08:01:10.000000000 +0200 --- a/str.h
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str +++ b/str.h
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str, unsigned long the_ulong);
void str_alloc_filesize_t(struct mystr* p_str, filesize_t the_filesize); void str_alloc_filesize_t(struct mystr* p_str, filesize_t the_filesize);
void str_copy(struct mystr* p_dest, const struct mystr* p_src); void str_copy(struct mystr* p_dest, const struct mystr* p_src);
const char* str_strdup(const struct mystr* p_str); const char* str_strdup(const struct mystr* p_str);
@ -43,10 +59,11 @@ diff -up vsftpd-2.2.0/str.h.trim vsftpd-2.2.0/str.h
void str_empty(struct mystr* p_str); void str_empty(struct mystr* p_str);
void str_free(struct mystr* p_str); void str_free(struct mystr* p_str);
void str_trunc(struct mystr* p_str, unsigned int trunc_len); void str_trunc(struct mystr* p_str, unsigned int trunc_len);
diff -up vsftpd-2.2.0/sysutil.c.trim vsftpd-2.2.0/sysutil.c diff --git a/sysutil.c b/sysutil.c
--- vsftpd-2.2.0/sysutil.c.trim 2009-07-16 05:32:21.000000000 +0200 index 5cdb6ef..428a34a 100644
+++ vsftpd-2.2.0/sysutil.c 2009-08-04 08:01:10.000000000 +0200 --- a/sysutil.c
@@ -1032,6 +1032,18 @@ vsf_sysutil_strdup(const char* p_str) +++ b/sysutil.c
@@ -1035,6 +1035,18 @@ vsf_sysutil_strdup(const char* p_str)
return strdup(p_str); return strdup(p_str);
} }
@ -65,9 +82,10 @@ diff -up vsftpd-2.2.0/sysutil.c.trim vsftpd-2.2.0/sysutil.c
void void
vsf_sysutil_memclr(void* p_dest, unsigned int size) vsf_sysutil_memclr(void* p_dest, unsigned int size)
{ {
diff -up vsftpd-2.2.0/sysutil.h.trim vsftpd-2.2.0/sysutil.h diff --git a/sysutil.h b/sysutil.h
--- vsftpd-2.2.0/sysutil.h.trim 2009-07-16 05:31:53.000000000 +0200 index c34778c..c2ddd15 100644
+++ vsftpd-2.2.0/sysutil.h 2009-08-04 08:01:10.000000000 +0200 --- a/sysutil.h
+++ b/sysutil.h
@@ -186,6 +186,7 @@ int vsf_sysutil_wait_get_exitcode( @@ -186,6 +186,7 @@ int vsf_sysutil_wait_get_exitcode(
/* Various string functions */ /* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text); unsigned int vsf_sysutil_strlen(const char* p_text);
@ -76,3 +94,6 @@ diff -up vsftpd-2.2.0/sysutil.h.trim vsftpd-2.2.0/sysutil.h
void vsf_sysutil_memclr(void* p_dest, unsigned int size); void vsf_sysutil_memclr(void* p_dest, unsigned int size);
void vsf_sysutil_memcpy(void* p_dest, const void* p_src, void vsf_sysutil_memcpy(void* p_dest, const void* p_src,
const unsigned int size); const unsigned int size);
--
2.5.0

View File

@ -1,7 +1,23 @@
diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c From 2f563a92cf4c12d8a37e413ffdc14a7eb4637c03 Mon Sep 17 00:00:00 2001
--- vsftpd-2.1.0/logging.c.userlist_log 2008-12-17 20:56:45.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.1.0/logging.c 2009-02-24 09:12:42.000000000 +0100 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -95,6 +95,13 @@ vsf_log_line(struct vsf_session* p_sess, Subject: [PATCH 08/26] Applied vsftpd-2.1.0-userlist_log.patch
---
logging.c | 7 +++++++
logging.h | 11 +++++++++++
parseconf.c | 1 +
prelogin.c | 14 ++++++++++++++
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
7 files changed, 44 insertions(+)
diff --git a/logging.c b/logging.c
index ad531d6..99671b4 100644
--- a/logging.c
+++ b/logging.c
@@ -103,6 +103,13 @@ vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
vsf_log_common(p_sess, 1, what, p_str); vsf_log_common(p_sess, 1, what, p_str);
} }
@ -15,10 +31,11 @@ diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c
int int
vsf_log_entry_pending(struct vsf_session* p_sess) vsf_log_entry_pending(struct vsf_session* p_sess)
{ {
diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h diff --git a/logging.h b/logging.h
--- vsftpd-2.1.0/logging.h.userlist_log 2008-07-30 03:29:21.000000000 +0200 index 48f88ec..1ff57d1 100644
+++ vsftpd-2.1.0/logging.h 2009-02-24 09:12:42.000000000 +0100 --- a/logging.h
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session* +++ b/logging.h
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session* p_sess, int succeeded);
void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what, void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
struct mystr* p_str); struct mystr* p_str);
@ -35,10 +52,11 @@ diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h
+ +
#endif /* VSF_LOGGING_H */ #endif /* VSF_LOGGING_H */
diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c diff --git a/parseconf.c b/parseconf.c
--- vsftpd-2.1.0/parseconf.c.userlist_log 2008-12-18 07:21:41.000000000 +0100 index ea2242b..385afd2 100644
+++ vsftpd-2.1.0/parseconf.c 2009-02-24 09:12:42.000000000 +0100 --- a/parseconf.c
@@ -96,6 +96,7 @@ parseconf_bool_array[] = +++ b/parseconf.c
@@ -91,6 +91,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write }, { "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files }, { "lock_upload_files", &tunable_lock_upload_files },
{ "pasv_addr_resolve", &tunable_pasv_addr_resolve }, { "pasv_addr_resolve", &tunable_pasv_addr_resolve },
@ -46,10 +64,11 @@ diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c
{ "debug_ssl", &tunable_debug_ssl }, { "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert }, { "require_cert", &tunable_require_cert },
{ "validate_cert", &tunable_validate_cert }, { "validate_cert", &tunable_validate_cert },
diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c diff --git a/prelogin.c b/prelogin.c
--- vsftpd-2.1.0/prelogin.c.userlist_log 2009-02-18 23:23:53.000000000 +0100 index df4aade..1588bc1 100644
+++ vsftpd-2.1.0/prelogin.c 2009-02-24 09:17:41.000000000 +0100 --- a/prelogin.c
@@ -220,6 +220,20 @@ handle_user_command(struct vsf_session* +++ b/prelogin.c
@@ -246,6 +246,20 @@ handle_user_command(struct vsf_session* p_sess)
check_login_delay(); check_login_delay();
vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied."); vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied.");
check_login_fails(p_sess); check_login_fails(p_sess);
@ -70,9 +89,10 @@ diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c
str_empty(&p_sess->user_str); str_empty(&p_sess->user_str);
return; return;
} }
diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c diff --git a/tunables.c b/tunables.c
--- vsftpd-2.1.0/tunables.c.userlist_log 2009-02-24 09:12:42.000000000 +0100 index 0ac4c34..b30fca1 100644
+++ vsftpd-2.1.0/tunables.c 2009-02-24 09:12:42.000000000 +0100 --- a/tunables.c
+++ b/tunables.c
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl; @@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write; int tunable_mdtm_write;
int tunable_lock_upload_files; int tunable_lock_upload_files;
@ -81,7 +101,7 @@ diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
int tunable_debug_ssl; int tunable_debug_ssl;
int tunable_require_cert; int tunable_require_cert;
int tunable_validate_cert; int tunable_validate_cert;
@@ -206,6 +207,7 @@ tunables_load_defaults() @@ -212,6 +213,7 @@ tunables_load_defaults()
tunable_mdtm_write = 1; tunable_mdtm_write = 1;
tunable_lock_upload_files = 1; tunable_lock_upload_files = 1;
tunable_pasv_addr_resolve = 0; tunable_pasv_addr_resolve = 0;
@ -89,10 +109,11 @@ diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
tunable_debug_ssl = 0; tunable_debug_ssl = 0;
tunable_require_cert = 0; tunable_require_cert = 0;
tunable_validate_cert = 0; tunable_validate_cert = 0;
diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h diff --git a/tunables.h b/tunables.h
--- vsftpd-2.1.0/tunables.h.userlist_log 2008-12-17 06:47:11.000000000 +0100 index 05d2456..e44d64c 100644
+++ vsftpd-2.1.0/tunables.h 2009-02-24 09:12:42.000000000 +0100 --- a/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; +++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */ extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */ extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */ extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -100,10 +121,11 @@ diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h
extern int tunable_debug_ssl; /* Verbose SSL logging */ extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */ extern int tunable_require_cert; /* SSL client cert required */
extern int tunable_validate_cert; /* SSL certs must be valid */ extern int tunable_validate_cert; /* SSL certs must be valid */
diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
--- vsftpd-2.1.0/vsftpd.conf.5.userlist_log 2009-02-24 09:12:42.000000000 +0100 index 5e46a2f..9d767b1 100644
+++ vsftpd-2.1.0/vsftpd.conf.5 2009-02-24 09:12:42.000000000 +0100 --- a/vsftpd.conf.5
@@ -585,6 +585,14 @@ Self-signed certs do not constitute OK v +++ b/vsftpd.conf.5
@@ -588,6 +588,14 @@ Self-signed certs do not constitute OK validation. (New in v2.0.6).
Default: NO Default: NO
.TP .TP
@ -118,3 +140,6 @@ diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5
.B virtual_use_local_privs .B virtual_use_local_privs
If enabled, virtual users will use the same privileges as local users. By If enabled, virtual users will use the same privileges as local users. By
default, virtual users will use the same privileges as anonymous users, which default, virtual users will use the same privileges as anonymous users, which
--
2.5.0

View File

@ -1,6 +1,18 @@
diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c From 662531f296a0b7341e4e6817e084585a7e7a1d87 Mon Sep 17 00:00:00 2001
--- vsftpd-2.1.1/standalone.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.1.1/standalone.c 2009-05-10 22:11:24.000000000 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 10/26] Applied vsftpd-2.1.1-daemonize_plus.patch
---
standalone.c | 38 +++++++++++++++++++++++++++++++++++++-
sysutil.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sysutil.h | 7 ++++++-
3 files changed, 102 insertions(+), 2 deletions(-)
diff --git a/standalone.c b/standalone.c
index e0f2d5b..3b65ea2 100644
--- a/standalone.c
+++ b/standalone.c
@@ -26,6 +26,8 @@ static unsigned int s_ipaddr_size; @@ -26,6 +26,8 @@ static unsigned int s_ipaddr_size;
static void handle_sigchld(void* duff); static void handle_sigchld(void* duff);
@ -35,7 +47,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
} }
/* Son, close standard FDs to avoid SSH hang-on-exit */ /* Son, close standard FDs to avoid SSH hang-on-exit */
vsf_sysutil_reopen_standard_fds(); vsf_sysutil_reopen_standard_fds();
@@ -98,6 +112,10 @@ vsf_standalone_main(void) @@ -99,6 +113,10 @@ vsf_standalone_main(void)
{ {
die("could not bind listening IPv4 socket"); die("could not bind listening IPv4 socket");
} }
@ -46,7 +58,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
} }
else else
{ {
@@ -127,6 +145,10 @@ vsf_standalone_main(void) @@ -129,6 +147,10 @@ vsf_standalone_main(void)
{ {
die("could not bind listening IPv6 socket"); die("could not bind listening IPv6 socket");
} }
@ -57,7 +69,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
} }
vsf_sysutil_close(0); vsf_sysutil_close(0);
vsf_sysutil_close(1); vsf_sysutil_close(1);
@@ -252,6 +274,20 @@ handle_sighup(void* duff) @@ -268,6 +290,20 @@ handle_sighup(void* duff)
vsf_parseconf_load_file(0, 0); vsf_parseconf_load_file(0, 0);
} }
@ -78,10 +90,11 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
static unsigned int static unsigned int
hash_ip(unsigned int buckets, void* p_key) hash_ip(unsigned int buckets, void* p_key)
{ {
diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c diff --git a/sysutil.c b/sysutil.c
--- vsftpd-2.1.1/sysutil.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200 index 428a34a..c848356 100644
+++ vsftpd-2.1.1/sysutil.c 2009-05-10 22:11:59.000000000 +0200 --- a/sysutil.c
@@ -202,6 +202,9 @@ vsf_sysutil_translate_sig(const enum EVS +++ b/sysutil.c
@@ -201,6 +201,9 @@ vsf_sysutil_translate_sig(const enum EVSFSysUtilSignal sig)
case kVSFSysUtilSigHUP: case kVSFSysUtilSigHUP:
realsig = SIGHUP; realsig = SIGHUP;
break; break;
@ -91,7 +104,7 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
default: default:
bug("unknown signal in vsf_sysutil_translate_sig"); bug("unknown signal in vsf_sysutil_translate_sig");
break; break;
@@ -539,6 +542,12 @@ vsf_sysutil_getpid(void) @@ -549,6 +552,12 @@ vsf_sysutil_getpid(void)
return (unsigned int) s_current_pid; return (unsigned int) s_current_pid;
} }
@ -104,7 +117,7 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
int int
vsf_sysutil_fork(void) vsf_sysutil_fork(void)
{ {
@@ -2807,3 +2816,53 @@ vsf_sysutil_set_no_fds() @@ -2871,3 +2880,53 @@ vsf_sysutil_post_fork()
s_sig_details[i].pending = 0; s_sig_details[i].pending = 0;
} }
} }
@ -158,10 +171,11 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
+{ +{
+ return pause(); + return pause();
+} +}
diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h diff --git a/sysutil.h b/sysutil.h
--- vsftpd-2.1.1/sysutil.h.daemonize_plus 2009-05-10 22:11:24.000000000 +0200 index c2ddd15..bfc92cb 100644
+++ vsftpd-2.1.1/sysutil.h 2009-05-10 22:11:24.000000000 +0200 --- a/sysutil.h
@@ -29,7 +29,8 @@ enum EVSFSysUtilSignal +++ b/sysutil.h
@@ -30,7 +30,8 @@ enum EVSFSysUtilSignal
kVSFSysUtilSigCHLD, kVSFSysUtilSigCHLD,
kVSFSysUtilSigPIPE, kVSFSysUtilSigPIPE,
kVSFSysUtilSigURG, kVSFSysUtilSigURG,
@ -171,7 +185,7 @@ diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
}; };
enum EVSFSysUtilInterruptContext enum EVSFSysUtilInterruptContext
{ {
@@ -165,6 +165,7 @@ void vsf_sysutil_free(void* p_ptr); @@ -165,6 +166,7 @@ void vsf_sysutil_free(void* p_ptr);
/* Process creation/exit/process handling */ /* Process creation/exit/process handling */
unsigned int vsf_sysutil_getpid(void); unsigned int vsf_sysutil_getpid(void);
@ -189,3 +203,6 @@ diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
/* Various string functions */ /* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text); unsigned int vsf_sysutil_strlen(const char* p_text);
--
2.5.0

View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.3.2/ls.c.tmp vsftpd-2.3.2/ls.c From 46b1cacac22d4c5f0b7695579860f7ecc28d3efb Mon Sep 17 00:00:00 2001
--- vsftpd-2.3.2/ls.c.tmp 2010-08-20 13:18:54.397583558 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.3.2/ls.c 2010-08-20 13:14:59.047831385 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -305,6 +305,20 @@ vsf_filename_passes_filter(const struct Subject: [PATCH 11/26] Applied vsftpd-2.2.0-wildchar.patch
---
ls.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/ls.c b/ls.c
index e9302dd..92be544 100644
--- a/ls.c
+++ b/ls.c
@@ -311,6 +311,20 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
{ {
goto out; goto out;
} }
@ -22,3 +32,6 @@ diff -up vsftpd-2.3.2/ls.c.tmp vsftpd-2.3.2/ls.c
/* Chop matched string out of remainder */ /* Chop matched string out of remainder */
str_mid_to_end(&name_remain_str, &temp_str, str_mid_to_end(&name_remain_str, &temp_str,
indexx + str_getlen(&s_match_needed_str)); indexx + str_getlen(&s_match_needed_str));
--
2.5.0

View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c From 1220fb187aa6b114ae4877fd74a42979d580d8ef Mon Sep 17 00:00:00 2001
--- vsftpd-2.2.2/sysdeputil.c.clone 2010-05-13 13:26:32.099358732 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.2.2/sysdeputil.c 2010-05-13 13:26:43.894359985 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -1279,7 +1279,7 @@ vsf_sysutil_fork_isolate_failok() Subject: [PATCH 12/26] Applied vsftpd-2.2.2-clone.patch
---
sysdeputil.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index b2782da..3bbabaa 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1306,7 +1306,7 @@ vsf_sysutil_fork_isolate_failok()
static int cloneflags_work = 1; static int cloneflags_work = 1;
if (cloneflags_work) if (cloneflags_work)
{ {
@ -10,7 +20,7 @@ diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
if (ret != -1 || (errno != EINVAL && errno != EPERM)) if (ret != -1 || (errno != EINVAL && errno != EPERM))
{ {
if (ret == 0) if (ret == 0)
@@ -1301,7 +1301,7 @@ vsf_sysutil_fork_newnet() @@ -1328,7 +1328,7 @@ vsf_sysutil_fork_newnet()
static int cloneflags_work = 1; static int cloneflags_work = 1;
if (cloneflags_work) if (cloneflags_work)
{ {
@ -19,3 +29,6 @@ diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
if (ret != -1 || (errno != EINVAL && errno != EPERM)) if (ret != -1 || (errno != EINVAL && errno != EPERM))
{ {
if (ret == 0) if (ret == 0)
--
2.5.0

1501
vsftpd-2.2.2-nfs-fail.patch Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,14 +1,27 @@
--- vsftpd-2.3.4/vsftpd.conf~ 2011-11-21 13:15:03.888357116 +0000 From d723e42f895f8bbf6888512a772aa549b0a396d9 Mon Sep 17 00:00:00 2001
+++ vsftpd-2.3.4/vsftpd.conf 2011-11-21 13:17:43.676136602 +0000 From: Martin Sehnoutka <msehnout@redhat.com>
@@ -108,12 +108,16 @@ xferlog_std_format=YES Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 15/26] Applied vsftpd-2.3.4-listen_ipv6.patch
---
vsftpd.conf | 14 +++++++++-----
vsftpd.conf.5 | 5 +++--
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index db44170..ae6c6c9 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -111,12 +111,16 @@ xferlog_std_format=YES
# When "listen" directive is enabled, vsftpd runs in standalone mode and # When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction # listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive. # with the listen_ipv6 directive.
-listen=YES -listen=YES
+listen=NO -#
#
-# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 -# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
-# sockets, you must run two copies of vsftpd with two configuration files. -# sockets, you must run two copies of vsftpd with two configuration files.
+listen=NO
+#
+# This directive enables listening on IPv6 sockets. By default, listening +# This directive enables listening on IPv6 sockets. By default, listening
+# on the IPv6 "any" address (::) will accept connections from both IPv6 +# on the IPv6 "any" address (::) will accept connections from both IPv6
+# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6 +# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
@ -21,9 +34,11 @@
pam_service_name=vsftpd pam_service_name=vsftpd
userlist_enable=YES userlist_enable=YES
--- vsftpd-2.3.4/vsftpd.conf.5~ 2011-11-21 13:15:03.905357305 +0000 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
+++ vsftpd-2.3.4/vsftpd.conf.5 2011-11-21 13:18:31.771672385 +0000 index 0744f85..72bb86f 100644
@@ -281,8 +281,9 @@ Default: NO --- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -297,8 +297,9 @@ Default: NO
.TP .TP
.B listen_ipv6 .B listen_ipv6
Like the listen parameter, except vsftpd will listen on an IPv6 socket instead Like the listen parameter, except vsftpd will listen on an IPv6 socket instead
@ -35,3 +50,6 @@
Default: NO Default: NO
.TP .TP
--
2.5.0

View File

@ -1,6 +1,17 @@
diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8 From 4b7a6eecf79ee63c21fa27e5f5c22f248824991c Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/vsftpd.8.sd 2013-09-04 13:04:40.383348837 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/vsftpd.8 2013-09-04 13:45:00.370277842 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 13/26] Applied vsftpd-2.3.4-sd.patch
---
vsftpd.8 | 24 ++++++++++++++++++++++++
vsftpd.conf.5 | 18 +++++++++++++++++-
2 files changed, 41 insertions(+), 1 deletion(-)
diff --git a/vsftpd.8 b/vsftpd.8
index c920e7d..fbeb1a2 100644
--- a/vsftpd.8
+++ b/vsftpd.8
@@ -25,6 +25,23 @@ in @@ -25,6 +25,23 @@ in
Direct execution of the Direct execution of the
.Nm vsftpd .Nm vsftpd
@ -25,7 +36,7 @@ diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
.Sh OPTIONS .Sh OPTIONS
An optional An optional
configuration file or files configuration file or files
@@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "bla @@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd
setting and any identical setting that was in the config file. setting and any identical setting that was in the config file.
.Sh FILES .Sh FILES
.Pa /etc/vsftpd/vsftpd.conf .Pa /etc/vsftpd/vsftpd.conf
@ -39,9 +50,10 @@ diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
.Xr vsftpd.conf 5 .Xr vsftpd.conf 5
+.Xr systemd.unit 5 +.Xr systemd.unit 5
.end .end
diff -up vsftpd-3.0.2/vsftpd.conf.5.sd vsftpd-3.0.2/vsftpd.conf.5 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.sd 2013-09-04 13:04:40.391348915 +0200 index 9d767b1..0744f85 100644
+++ vsftpd-3.0.2/vsftpd.conf.5 2013-09-04 13:44:57.573250302 +0200 --- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -12,7 +12,23 @@ inetd such as @@ -12,7 +12,23 @@ inetd such as
.BR xinetd .BR xinetd
to launch vsftpd with different configuration files on a per virtual host to launch vsftpd with different configuration files on a per virtual host
@ -67,3 +79,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.sd vsftpd-3.0.2/vsftpd.conf.5
.SH FORMAT .SH FORMAT
The format of vsftpd.conf is very simple. Each line is either a comment or The format of vsftpd.conf is very simple. Each line is either a comment or
a directive. Comment lines start with a # and are ignored. A directive line a directive. Comment lines start with a # and are ignored. A directive line
--
2.5.0

View File

@ -1,7 +1,17 @@
diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c From 9db0f2142b7d456af0a147a53c7555996e90dfd6 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/ls.c.sqb 2014-07-04 09:55:57.899506894 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/ls.c 2014-07-04 09:58:02.187569017 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct Subject: [PATCH 14/26] Applied vsftpd-2.3.4-sqb.patch
---
ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++----------------------
1 file changed, 150 insertions(+), 72 deletions(-)
diff --git a/ls.c b/ls.c
index 92be544..0ad7f54 100644
--- a/ls.c
+++ b/ls.c
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
int ret = 0; int ret = 0;
char last_token = 0; char last_token = 0;
int must_match_at_current_pos = 1; int must_match_at_current_pos = 1;
@ -10,7 +20,7 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
str_copy(&filter_remain_str, p_filter_str); str_copy(&filter_remain_str, p_filter_str);
@@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct @@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
static struct mystr s_match_needed_str; static struct mystr s_match_needed_str;
/* Locate next special token */ /* Locate next special token */
struct str_locate_result locate_result = struct str_locate_result locate_result =
@ -19,7 +29,7 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
(*iters)++; (*iters)++;
/* Isolate text leading up to token (if any) - needs to be matched */ /* Isolate text leading up to token (if any) - needs to be matched */
if (locate_result.found) if (locate_result.found)
@@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct @@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
str_empty(&filter_remain_str); str_empty(&filter_remain_str);
last_token = 0; last_token = 0;
} }
@ -171,16 +181,15 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
- str_copy(&filter_remain_str, &temp_str); - str_copy(&filter_remain_str, &temp_str);
- str_split_char(&brace_list_str, &temp_str, ','); - str_split_char(&brace_list_str, &temp_str, ',');
- while (!str_isempty(&brace_list_str)) - while (!str_isempty(&brace_list_str))
- {
- str_copy(&new_filter_str, &brace_list_str);
- str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
- iters))
+ struct str_locate_result end_sqb = + struct str_locate_result end_sqb =
+ str_locate_char(&filter_remain_str, ']'); + str_locate_char(&filter_remain_str, ']');
+ must_match_at_current_pos = 1; + must_match_at_current_pos = 1;
+ if (end_sqb.found) + if (end_sqb.found)
+ { {
- str_copy(&new_filter_str, &brace_list_str);
- str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
- iters))
+ unsigned int cur_pos; + unsigned int cur_pos;
+ char stch, ench; + char stch, ench;
+ const char *p_brace; + const char *p_brace;
@ -263,3 +272,6 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
} }
/* Any incoming string left means no match unless we ended on the correct /* Any incoming string left means no match unless we ended on the correct
* type of wildcard. * type of wildcard.
--
2.5.0

View File

@ -1,11 +1,11 @@
diff -up vsftpd-2.3.5/defs.h.aslim vsftpd-2.3.5/defs.h diff -up vsftpd-3.0.3/defs.h.aslim vsftpd-3.0.3/defs.h
--- vsftpd-2.3.5/defs.h.aslim 2012-02-09 07:40:04.916658587 +0100 --- vsftpd-3.0.3/defs.h.aslim 2016-03-03 16:55:42.760819658 +0100
+++ vsftpd-2.3.5/defs.h 2012-02-09 07:50:18.365278392 +0100 +++ vsftpd-3.0.3/defs.h 2016-03-03 17:01:49.606873710 +0100
@@ -19,7 +19,7 @@ @@ -19,7 +19,7 @@
/* Must be at least the size of VSFTP_MAX_COMMAND_LINE, VSFTP_DIR_BUFSIZE and /* Must be at least the size of VSFTP_MAX_COMMAND_LINE, VSFTP_DIR_BUFSIZE and
VSFTP_DATA_BUFSIZE*2 */ VSFTP_DATA_BUFSIZE*2 */
#define VSFTP_PRIVSOCK_MAXSTR VSFTP_DATA_BUFSIZE * 2 #define VSFTP_PRIVSOCK_MAXSTR VSFTP_DATA_BUFSIZE * 2
-#define VSFTP_AS_LIMIT 100UL * 1024 * 1024 -#define VSFTP_AS_LIMIT 200UL * 1024 * 1024
+#define VSFTP_AS_LIMIT 400UL * 1024 * 1024 +#define VSFTP_AS_LIMIT 400UL * 1024 * 1024
#endif /* VSF_DEFS_H */ #endif /* VSF_DEFS_H */

View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.0/RedHat/vsftpd.log.logrotate vsftpd-3.0.0/RedHat/vsftpd.log From 5a4adb1078552f3f17f21dab9cacadbcacf593ec Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.0/RedHat/vsftpd.log.logrotate 2012-07-17 11:08:28.484061640 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.0/RedHat/vsftpd.log 2012-07-17 11:09:08.000020510 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 18/26] Applied vsftpd-3.0.0-logrotate.patch
---
RedHat/vsftpd.log | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/RedHat/vsftpd.log b/RedHat/vsftpd.log
index d338de8..14731c1 100644
--- a/RedHat/vsftpd.log
+++ b/RedHat/vsftpd.log
@@ -3,3 +3,9 @@ @@ -3,3 +3,9 @@
nocompress nocompress
missingok missingok
@ -11,3 +21,6 @@ diff -up vsftpd-3.0.0/RedHat/vsftpd.log.logrotate vsftpd-3.0.0/RedHat/vsftpd.log
+ nocompress + nocompress
+ missingok + missingok
+} +}
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c From cc7c4ed98d69230f24a4437db2ba6bee20f4e494 Mon Sep 17 00:00:00 2001
--- vsftpd-2.2.2/sysutil.c.tz 2012-04-26 12:45:21.095145878 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.2.2/sysutil.c 2012-04-26 12:48:08.729618686 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 16/26] Applied vsftpd-3.0.0-tz.patch
---
sysutil.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++----------------
1 file changed, 77 insertions(+), 27 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index c848356..497d670 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -26,8 +26,10 @@ @@ -26,8 +26,10 @@
/* For Linux, this adds nothing :-) */ /* For Linux, this adds nothing :-) */
#include "port/porting_junk.h" #include "port/porting_junk.h"
@ -25,7 +35,7 @@ diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
/* Private variables to this file */ /* Private variables to this file */
/* Current umask() */ /* Current umask() */
@@ -2558,49 +2565,92 @@ error: @@ -2574,49 +2581,92 @@ error:
die("reopening standard file descriptors to /dev/null failed"); die("reopening standard file descriptors to /dev/null failed");
} }
@ -144,3 +154,6 @@ diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
{ {
s_timezone *= -1; s_timezone *= -1;
} }
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.0/vsftpd.conf.xferlog vsftpd-3.0.0/vsftpd.conf From 26d555a940faf7c7c90d8a8a2b5d5e0d9988f714 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.0/vsftpd.conf.xferlog 2012-07-17 10:38:14.022601998 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.0/vsftpd.conf 2012-07-17 10:41:09.311073484 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 17/26] Applied vsftpd-3.0.0-xferlog.patch
---
vsftpd.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index ae6c6c9..39d1955 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -50,7 +50,7 @@ connect_from_port_20=YES @@ -50,7 +50,7 @@ connect_from_port_20=YES
# #
# You may override where the log file goes if you like. The default is shown # You may override where the log file goes if you like. The default is shown
@ -10,3 +20,6 @@ diff -up vsftpd-3.0.0/vsftpd.conf.xferlog vsftpd-3.0.0/vsftpd.conf
# #
# If you want, you can have your log file in standard ftpd xferlog format. # If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case. # Note that the default log file location is /var/log/xferlog in this case.
--
2.5.0

View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.dh vsftpd-3.0.2/parseconf.c From 1c4cb55ed61ca962a051c7de7cca866af8e2b2fa Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/parseconf.c.dh 2014-09-15 15:07:43.719909056 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/parseconf.c 2014-09-15 15:07:43.724909061 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 21/26] Applied vsftpd-3.0.2-dh.patch
---
parseconf.c | 1 +
ssl.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
tunables.c | 5 +++-
tunables.h | 1 +
vsftpd.conf.5 | 6 ++++
5 files changed, 104 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 3e0dba4..38e3182 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -176,6 +176,7 @@ parseconf_str_array[] = @@ -176,6 +176,7 @@ parseconf_str_array[] =
{ "email_password_file", &tunable_email_password_file }, { "email_password_file", &tunable_email_password_file },
{ "rsa_cert_file", &tunable_rsa_cert_file }, { "rsa_cert_file", &tunable_rsa_cert_file },
@ -9,9 +23,10 @@ diff -up vsftpd-3.0.2/parseconf.c.dh vsftpd-3.0.2/parseconf.c
{ "ssl_ciphers", &tunable_ssl_ciphers }, { "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file }, { "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file }, { "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c diff --git a/ssl.c b/ssl.c
--- vsftpd-3.0.2/ssl.c.dh 2012-04-03 02:23:42.000000000 +0200 index c362983..22b69b3 100644
+++ vsftpd-3.0.2/ssl.c 2014-09-15 15:07:43.725909062 +0200 --- a/ssl.c
+++ b/ssl.c
@@ -28,6 +28,8 @@ @@ -28,6 +28,8 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/rand.h> #include <openssl/rand.h>
@ -29,7 +44,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
static int ssl_cert_digest( static int ssl_cert_digest(
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
static void maybe_log_shutdown_state(struct vsf_session* p_sess); static void maybe_log_shutdown_state(struct vsf_session* p_sess);
@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_se @@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess,
static int ssl_inited; static int ssl_inited;
static struct mystr debug_str; static struct mystr debug_str;
@ -125,7 +140,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
if (tunable_ssl_ciphers && if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1) SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{ {
@@ -156,6 +232,9 @@ ssl_init(struct vsf_session* p_sess) @@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess)
/* Ensure cached session doesn't expire */ /* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX); SSL_CTX_set_timeout(p_ctx, INT_MAX);
} }
@ -135,7 +150,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
p_sess->p_ssl_ctx = p_ctx; p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1; ssl_inited = 1;
} }
@@ -675,6 +754,18 @@ ssl_verify_callback(int verify_ok, X509_ @@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
return 1; return 1;
} }
@ -154,9 +169,10 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
void void
ssl_add_entropy(struct vsf_session* p_sess) ssl_add_entropy(struct vsf_session* p_sess)
{ {
diff -up vsftpd-3.0.2/tunables.c.dh vsftpd-3.0.2/tunables.c diff --git a/tunables.c b/tunables.c
--- vsftpd-3.0.2/tunables.c.dh 2014-09-15 15:07:43.720909057 +0200 index c737465..1ea7227 100644
+++ vsftpd-3.0.2/tunables.c 2014-09-15 15:12:46.516209941 +0200 --- a/tunables.c
+++ b/tunables.c
@@ -140,6 +140,7 @@ const char* tunable_user_sub_token; @@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
const char* tunable_email_password_file; const char* tunable_email_password_file;
const char* tunable_rsa_cert_file; const char* tunable_rsa_cert_file;
@ -169,17 +185,18 @@ diff -up vsftpd-3.0.2/tunables.c.dh vsftpd-3.0.2/tunables.c
install_str_setting("/usr/share/ssl/certs/vsftpd.pem", install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file); &tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file); install_str_setting(0, &tunable_dsa_cert_file);
- install_str_setting("AES128-SHA:DES-CBC3-SHA", &tunable_ssl_ciphers); - install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
+ install_str_setting(0, &tunable_dh_param_file); + install_str_setting(0, &tunable_dh_param_file);
+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA", + install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
+ &tunable_ssl_ciphers); + &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file); install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file); install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file); install_str_setting(0, &tunable_ca_certs_file);
diff -up vsftpd-3.0.2/tunables.h.dh vsftpd-3.0.2/tunables.h diff --git a/tunables.h b/tunables.h
--- vsftpd-3.0.2/tunables.h.dh 2014-09-15 15:07:43.720909057 +0200 index 9553038..3995472 100644
+++ vsftpd-3.0.2/tunables.h 2014-09-15 15:07:43.725909062 +0200 --- a/tunables.h
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_toke +++ b/tunables.h
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_token;
extern const char* tunable_email_password_file; extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file; extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file; extern const char* tunable_dsa_cert_file;
@ -187,10 +204,11 @@ diff -up vsftpd-3.0.2/tunables.h.dh vsftpd-3.0.2/tunables.h
extern const char* tunable_ssl_ciphers; extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file; extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file; extern const char* tunable_dsa_private_key_file;
diff -up vsftpd-3.0.2/vsftpd.conf.5.dh vsftpd-3.0.2/vsftpd.conf.5 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.dh 2014-09-15 15:07:43.720909057 +0200 index fb6324e..ff94eca 100644
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-09-15 15:07:43.725909062 +0200 --- a/vsftpd.conf.5
@@ -893,6 +893,12 @@ to be in the same file as the certificat +++ b/vsftpd.conf.5
@@ -893,6 +893,12 @@ to be in the same file as the certificate.
Default: (none) Default: (none)
.TP .TP
@ -203,3 +221,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.dh vsftpd-3.0.2/vsftpd.conf.5
.B email_password_file .B email_password_file
This option can be used to provide an alternate file for usage by the This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable .BR secure_email_list_enable
--
2.5.0

View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.2/vsftpd.conf.5.docupd vsftpd-3.0.2/vsftpd.conf.5 From f7fb4f5c91ab132982c78f1b34f7fe1493fd1372 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/vsftpd.conf.5.docupd 2014-06-05 09:47:27.987876849 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-06-05 09:47:27.989876848 +0200 Date: Thu, 17 Mar 2016 11:44:46 +0100
Subject: [PATCH 23/26] Applied vsftpd-3.0.2-docupd.patch
---
vsftpd.conf.5 | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index e242873..7a8f130 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -652,6 +652,21 @@ change it with the setting @@ -652,6 +652,21 @@ change it with the setting
.BR xferlog_file . .BR xferlog_file .
@ -46,3 +56,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.docupd vsftpd-3.0.2/vsftpd.conf.5
.TP .TP
.B pasv_max_port .B pasv_max_port
The maximum port to allocate for PASV style data connections. Can be used to The maximum port to allocate for PASV style data connections. Can be used to
--
2.5.0

View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.ecdh vsftpd-3.0.2/parseconf.c From 400bd7cd3fc7478a668862cfba4b79e84a5034e9 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/parseconf.c.ecdh 2014-09-15 15:49:48.801315298 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/parseconf.c 2014-09-15 15:49:48.804315301 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 22/26] Applied vsftpd-3.0.2-ecdh.patch
---
parseconf.c | 1 +
ssl.c | 37 ++++++++++++++++++++++++++++++++++++-
tunables.c | 4 +++-
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
5 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 38e3182..a2c715b 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -177,6 +177,7 @@ parseconf_str_array[] = @@ -177,6 +177,7 @@ parseconf_str_array[] =
{ "rsa_cert_file", &tunable_rsa_cert_file }, { "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file }, { "dsa_cert_file", &tunable_dsa_cert_file },
@ -9,9 +23,10 @@ diff -up vsftpd-3.0.2/parseconf.c.ecdh vsftpd-3.0.2/parseconf.c
{ "ssl_ciphers", &tunable_ssl_ciphers }, { "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file }, { "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file }, { "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c diff --git a/ssl.c b/ssl.c
--- vsftpd-3.0.2/ssl.c.ecdh 2014-09-15 15:49:48.802315299 +0200 index 22b69b3..96bf8ad 100644
+++ vsftpd-3.0.2/ssl.c 2014-09-15 15:49:48.804315301 +0200 --- a/ssl.c
+++ b/ssl.c
@@ -122,7 +122,7 @@ ssl_init(struct vsf_session* p_sess) @@ -122,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
{ {
die("SSL: could not allocate SSL context"); die("SSL: could not allocate SSL context");
@ -21,7 +36,7 @@ diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
if (!tunable_sslv2) if (!tunable_sslv2)
{ {
options |= SSL_OP_NO_SSLv2; options |= SSL_OP_NO_SSLv2;
@@ -235,6 +235,41 @@ ssl_init(struct vsf_session* p_sess) @@ -244,6 +244,41 @@ ssl_init(struct vsf_session* p_sess)
SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
@ -63,9 +78,10 @@ diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
p_sess->p_ssl_ctx = p_ctx; p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1; ssl_inited = 1;
} }
diff -up vsftpd-3.0.2/tunables.c.ecdh vsftpd-3.0.2/tunables.c diff --git a/tunables.c b/tunables.c
--- vsftpd-3.0.2/tunables.c.ecdh 2014-09-15 15:49:48.802315299 +0200 index 1ea7227..93f85b1 100644
+++ vsftpd-3.0.2/tunables.c 2014-09-15 15:51:13.176386035 +0200 --- a/tunables.c
+++ b/tunables.c
@@ -141,6 +141,7 @@ const char* tunable_email_password_file; @@ -141,6 +141,7 @@ const char* tunable_email_password_file;
const char* tunable_rsa_cert_file; const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file; const char* tunable_dsa_cert_file;
@ -84,10 +100,11 @@ diff -up vsftpd-3.0.2/tunables.c.ecdh vsftpd-3.0.2/tunables.c
&tunable_ssl_ciphers); &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file); install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file); install_str_setting(0, &tunable_dsa_private_key_file);
diff -up vsftpd-3.0.2/tunables.h.ecdh vsftpd-3.0.2/tunables.h diff --git a/tunables.h b/tunables.h
--- vsftpd-3.0.2/tunables.h.ecdh 2014-09-15 15:49:48.802315299 +0200 index 3995472..3e2d40c 100644
+++ vsftpd-3.0.2/tunables.h 2014-09-15 15:49:48.804315301 +0200 --- a/tunables.h
@@ -143,6 +143,7 @@ extern const char* tunable_email_passwor +++ b/tunables.h
@@ -143,6 +143,7 @@ extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file; extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file; extern const char* tunable_dsa_cert_file;
extern const char* tunable_dh_param_file; extern const char* tunable_dh_param_file;
@ -95,10 +112,11 @@ diff -up vsftpd-3.0.2/tunables.h.ecdh vsftpd-3.0.2/tunables.h
extern const char* tunable_ssl_ciphers; extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file; extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file; extern const char* tunable_dsa_private_key_file;
diff -up vsftpd-3.0.2/vsftpd.conf.5.ecdh vsftpd-3.0.2/vsftpd.conf.5 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.ecdh 2014-09-15 15:49:48.802315299 +0200 index ff94eca..e242873 100644
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-09-15 15:49:48.806315302 +0200 --- a/vsftpd.conf.5
@@ -899,6 +915,14 @@ ephemeral Diffie-Hellman key exchange in +++ b/vsftpd.conf.5
@@ -899,6 +899,14 @@ ephemeral Diffie-Hellman key exchange in SSL.
Default: (none - use built in parameters appropriate for certificate key size) Default: (none - use built in parameters appropriate for certificate key size)
.TP .TP
@ -113,3 +131,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.ecdh vsftpd-3.0.2/vsftpd.conf.5
.B email_password_file .B email_password_file
This option can be used to provide an alternate file for usage by the This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable .BR secure_email_list_enable
--
2.5.0

View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c From 341ecdb33ac371d0efcfe428719fdf627ab253c2 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/parseconf.c.lookup 2014-04-17 10:01:50.862951491 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/parseconf.c 2014-04-17 10:02:42.343955443 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 19/26] Applied vsftpd-3.0.2-lookup.patch
---
parseconf.c | 1 +
sysdeputil.c | 14 +++++++++-----
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 9 +++++++++
5 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 30df598..3e0dba4 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -91,6 +91,7 @@ parseconf_bool_array[] = @@ -91,6 +91,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write }, { "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files }, { "lock_upload_files", &tunable_lock_upload_files },
@ -9,10 +23,11 @@ diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c
{ "userlist_log", &tunable_userlist_log }, { "userlist_log", &tunable_userlist_log },
{ "debug_ssl", &tunable_debug_ssl }, { "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert }, { "require_cert", &tunable_require_cert },
diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c diff --git a/sysdeputil.c b/sysdeputil.c
--- vsftpd-3.0.2/sysdeputil.c.lookup 2014-04-17 09:57:02.111933144 +0200 index 3bbabaa..2063c87 100644
+++ vsftpd-3.0.2/sysdeputil.c 2014-04-17 10:01:31.069950498 +0200 --- a/sysdeputil.c
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_us +++ b/sysdeputil.c
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
return 0; return 0;
} }
#ifdef PAM_RHOST #ifdef PAM_RHOST
@ -34,9 +49,10 @@ diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c
if (retval != PAM_SUCCESS) if (retval != PAM_SUCCESS)
{ {
(void) pam_end(s_pamh, retval); (void) pam_end(s_pamh, retval);
diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c diff --git a/tunables.c b/tunables.c
--- vsftpd-3.0.2/tunables.c.lookup 2014-04-17 10:03:22.766958324 +0200 index b30fca1..c737465 100644
+++ vsftpd-3.0.2/tunables.c 2014-04-17 10:04:52.004964675 +0200 --- a/tunables.c
+++ b/tunables.c
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl; @@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write; int tunable_mdtm_write;
int tunable_lock_upload_files; int tunable_lock_upload_files;
@ -53,10 +69,11 @@ diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c
tunable_userlist_log = 0; tunable_userlist_log = 0;
tunable_debug_ssl = 0; tunable_debug_ssl = 0;
tunable_require_cert = 0; tunable_require_cert = 0;
diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h diff --git a/tunables.h b/tunables.h
--- vsftpd-3.0.2/tunables.h.lookup 2014-04-17 10:03:27.405958676 +0200 index e44d64c..9553038 100644
+++ vsftpd-3.0.2/tunables.h 2014-04-17 10:04:22.763963824 +0200 --- a/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; +++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */ extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */ extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */ extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -64,10 +81,11 @@ diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h
extern int tunable_userlist_log; /* Log every failed login attempt */ extern int tunable_userlist_log; /* Log every failed login attempt */
extern int tunable_debug_ssl; /* Verbose SSL logging */ extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */ extern int tunable_require_cert; /* SSL client cert required */
diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5 diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.lookup 2014-04-17 10:05:30.956969003 +0200 index 72bb86f..fb6324e 100644
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-04-17 10:06:36.586971828 +0200 --- a/vsftpd.conf.5
@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2 +++ b/vsftpd.conf.5
@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
Default: YES Default: YES
.TP .TP
@ -83,3 +101,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5
.B run_as_launching_user .B run_as_launching_user
Set to YES if you want vsftpd to run as the user which launched vsftpd. This is Set to YES if you want vsftpd to run as the user which launched vsftpd. This is
useful where root access is not available. MASSIVE WARNING! Do NOT enable this useful where root access is not available. MASSIVE WARNING! Do NOT enable this
--
2.5.0

View File

@ -1,6 +1,19 @@
diff -up vsftpd-3.0.2/ftpcodes.h.rc450 vsftpd-3.0.2/ftpcodes.h From e8c21dbd87c5e46c246c2d08c1abc84bb649fc02 Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/ftpcodes.h.rc450 2008-02-12 01:30:46.000000000 +0100 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/ftpcodes.h 2014-06-18 13:41:02.238821708 +0200 Date: Thu, 17 Mar 2016 11:44:46 +0100
Subject: [PATCH 24/26] Applied vsftpd-3.0.2-rc450.patch
---
ftpcodes.h | 1 +
postlogin.c | 9 ++++++++-
sysutil.c | 3 +++
sysutil.h | 3 ++-
4 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/ftpcodes.h b/ftpcodes.h
index 93290c0..81e25c5 100644
--- a/ftpcodes.h
+++ b/ftpcodes.h
@@ -52,6 +52,7 @@ @@ -52,6 +52,7 @@
#define FTP_TLS_FAIL 421 #define FTP_TLS_FAIL 421
#define FTP_BADSENDCONN 425 #define FTP_BADSENDCONN 425
@ -9,10 +22,11 @@ diff -up vsftpd-3.0.2/ftpcodes.h.rc450 vsftpd-3.0.2/ftpcodes.h
#define FTP_BADSENDFILE 451 #define FTP_BADSENDFILE 451
#define FTP_BADCMD 500 #define FTP_BADCMD 500
diff -up vsftpd-3.0.2/postlogin.c.rc450 vsftpd-3.0.2/postlogin.c diff --git a/postlogin.c b/postlogin.c
--- vsftpd-3.0.2/postlogin.c.rc450 2012-09-18 11:59:37.000000000 +0200 index bf12970..29958c0 100644
+++ vsftpd-3.0.2/postlogin.c 2014-06-18 13:41:02.238821708 +0200 --- a/postlogin.c
@@ -670,7 +670,14 @@ handle_retr(struct vsf_session* p_sess, +++ b/postlogin.c
@@ -679,7 +679,14 @@ handle_retr(struct vsf_session* p_sess, int is_http)
opened_file = str_open(&p_sess->ftp_arg_str, kVSFSysStrOpenReadOnly); opened_file = str_open(&p_sess->ftp_arg_str, kVSFSysStrOpenReadOnly);
if (vsf_sysutil_retval_is_error(opened_file)) if (vsf_sysutil_retval_is_error(opened_file))
{ {
@ -28,9 +42,10 @@ diff -up vsftpd-3.0.2/postlogin.c.rc450 vsftpd-3.0.2/postlogin.c
return; return;
} }
/* Lock file if required */ /* Lock file if required */
diff -up vsftpd-3.0.2/sysutil.c.rc450 vsftpd-3.0.2/sysutil.c diff --git a/sysutil.c b/sysutil.c
--- vsftpd-3.0.2/sysutil.c.rc450 2014-06-18 13:41:02.231821807 +0200 index 62d833d..a924edf 100644
+++ vsftpd-3.0.2/sysutil.c 2014-06-18 13:41:02.238821708 +0200 --- a/sysutil.c
+++ b/sysutil.c
@@ -1632,6 +1632,9 @@ vsf_sysutil_get_error(void) @@ -1632,6 +1632,9 @@ vsf_sysutil_get_error(void)
case ENOENT: case ENOENT:
retval = kVSFSysUtilErrNOENT; retval = kVSFSysUtilErrNOENT;
@ -41,9 +56,10 @@ diff -up vsftpd-3.0.2/sysutil.c.rc450 vsftpd-3.0.2/sysutil.c
default: default:
break; break;
} }
diff -up vsftpd-3.0.2/sysutil.h.rc450 vsftpd-3.0.2/sysutil.h diff --git a/sysutil.h b/sysutil.h
--- vsftpd-3.0.2/sysutil.h.rc450 2014-06-18 13:41:02.231821807 +0200 index 79b5514..c145bdf 100644
+++ vsftpd-3.0.2/sysutil.h 2014-06-18 13:41:02.239821694 +0200 --- a/sysutil.h
+++ b/sysutil.h
@@ -18,7 +18,8 @@ enum EVSFSysUtilError @@ -18,7 +18,8 @@ enum EVSFSysUtilError
kVSFSysUtilErrINVAL, kVSFSysUtilErrINVAL,
kVSFSysUtilErrOPNOTSUPP, kVSFSysUtilErrOPNOTSUPP,
@ -54,3 +70,6 @@ diff -up vsftpd-3.0.2/sysutil.h.rc450 vsftpd-3.0.2/sysutil.h
}; };
enum EVSFSysUtilError vsf_sysutil_get_error(void); enum EVSFSysUtilError vsf_sysutil_get_error(void);
--
2.5.0

View File

@ -1,7 +1,21 @@
diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c From 24a1132cfe48d4c8bd799494ca802c918ac9132b Mon Sep 17 00:00:00 2001
--- vsftpd-3.0.2/ls.c.uint-uidgid 2014-04-17 13:47:01.835114063 +0200 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-3.0.2/ls.c 2014-04-17 13:47:01.845114063 +0200 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -501,7 +501,7 @@ build_dir_line(struct mystr* p_str, cons Subject: [PATCH 20/26] Applied vsftpd-3.0.2-uint-uidgid.patch
---
ls.c | 4 ++--
privops.c | 3 +--
session.h | 6 +++---
sysutil.c | 44 ++++++++++++++------------------------------
sysutil.h | 20 ++++++++++----------
5 files changed, 30 insertions(+), 47 deletions(-)
diff --git a/ls.c b/ls.c
index 0ad7f54..f18791d 100644
--- a/ls.c
+++ b/ls.c
@@ -503,7 +503,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
} }
else else
{ {
@ -10,7 +24,7 @@ diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
struct vsf_sysutil_user* p_user = 0; struct vsf_sysutil_user* p_user = 0;
if (tunable_text_userdb_names) if (tunable_text_userdb_names)
{ {
@@ -526,7 +526,7 @@ build_dir_line(struct mystr* p_str, cons @@ -528,7 +528,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
} }
else else
{ {
@ -19,10 +33,11 @@ diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
struct vsf_sysutil_group* p_group = 0; struct vsf_sysutil_group* p_group = 0;
if (tunable_text_userdb_names) if (tunable_text_userdb_names)
{ {
diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c diff --git a/privops.c b/privops.c
--- vsftpd-3.0.2/privops.c.uint-uidgid 2012-09-16 09:21:24.000000000 +0200 index 21d7267..f27c5c4 100644
+++ vsftpd-3.0.2/privops.c 2014-04-17 13:48:26.431113895 +0200 --- a/privops.c
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_sess +++ b/privops.c
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_session* p_sess, int fd)
/* Drop it like a hot potato unless it's a regular file owned by /* Drop it like a hot potato unless it's a regular file owned by
* the the anonymous ftp user * the the anonymous ftp user
*/ */
@ -32,9 +47,10 @@ diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c
(vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->anon_ftp_uid && (vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->anon_ftp_uid &&
vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->guest_user_uid)) vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->guest_user_uid))
{ {
diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h diff --git a/session.h b/session.h
--- vsftpd-3.0.2/session.h.uint-uidgid 2012-04-05 03:27:19.000000000 +0200 index 27a488f..956bfb7 100644
+++ vsftpd-3.0.2/session.h 2014-04-17 13:47:01.845114063 +0200 --- a/session.h
+++ b/session.h
@@ -54,9 +54,9 @@ struct vsf_session @@ -54,9 +54,9 @@ struct vsf_session
struct mystr_list* p_visited_dir_list; struct mystr_list* p_visited_dir_list;
@ -48,10 +64,11 @@ diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h
/* Things we need to cache before we chroot() */ /* Things we need to cache before we chroot() */
struct mystr banned_email_str; struct mystr banned_email_str;
diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c diff --git a/sysutil.c b/sysutil.c
--- vsftpd-3.0.2/sysutil.c.uint-uidgid 2014-04-17 13:47:01.839114063 +0200 index 497d670..62d833d 100644
+++ vsftpd-3.0.2/sysutil.c 2014-04-17 13:47:01.846114063 +0200 --- a/sysutil.c
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struc +++ b/sysutil.c
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struct vsf_sysutil_statbuf* p_statbuf)
return p_stat->st_size; return p_stat->st_size;
} }
@ -77,7 +94,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
{ {
if (fchown(fd, uid, gid) != 0) if (fchown(fd, uid, gid) != 0)
{ {
@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysut @@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
} }
struct vsf_sysutil_user* struct vsf_sysutil_user*
@ -93,7 +110,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
} }
struct vsf_sysutil_user* struct vsf_sysutil_user*
@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struc @@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struct vsf_sysutil_user* p_user)
return p_passwd->pw_dir; return p_passwd->pw_dir;
} }
@ -110,7 +127,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user) vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
{ {
const struct passwd* p_passwd = (const struct passwd*) p_user; const struct passwd* p_passwd = (const struct passwd*) p_user;
@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf @@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
} }
struct vsf_sysutil_group* struct vsf_sysutil_group*
@ -165,10 +182,11 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
vsf_sysutil_getuid(void) vsf_sysutil_getuid(void)
{ {
return getuid(); return getuid();
diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h diff --git a/sysutil.h b/sysutil.h
--- vsftpd-3.0.2/sysutil.h.uint-uidgid 2014-04-17 13:47:01.827114063 +0200 index bfc92cb..79b5514 100644
+++ vsftpd-3.0.2/sysutil.h 2014-04-17 13:47:01.846114063 +0200 --- a/sysutil.h
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_nume +++ b/sysutil.h
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_numeric_date(
const struct vsf_sysutil_statbuf* p_stat, int use_localtime); const struct vsf_sysutil_statbuf* p_stat, int use_localtime);
unsigned int vsf_sysutil_statbuf_get_links( unsigned int vsf_sysutil_statbuf_get_links(
const struct vsf_sysutil_statbuf* p_stat); const struct vsf_sysutil_statbuf* p_stat);
@ -207,7 +225,7 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
const char* vsf_sysutil_group_getname(const struct vsf_sysutil_group* p_group); const char* vsf_sysutil_group_getname(const struct vsf_sysutil_group* p_group);
/* More random things */ /* More random things */
@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, uns @@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, unsigned int num_elem,
char* vsf_sysutil_getenv(const char* p_var); char* vsf_sysutil_getenv(const char* p_var);
typedef void (*exitfunc_t)(void); typedef void (*exitfunc_t)(void);
void vsf_sysutil_set_exit_func(exitfunc_t exitfunc); void vsf_sysutil_set_exit_func(exitfunc_t exitfunc);
@ -216,7 +234,7 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
/* Syslogging (bah) */ /* Syslogging (bah) */
void vsf_sysutil_openlog(int force); void vsf_sysutil_openlog(int force);
@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf @@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setgid(const struct vsf_sysutil_user* p_user); void vsf_sysutil_setgid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setuid_numeric(int uid); void vsf_sysutil_setuid_numeric(int uid);
void vsf_sysutil_setgid_numeric(int gid); void vsf_sysutil_setgid_numeric(int gid);
@ -227,3 +245,6 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
void vsf_sysutil_seteuid(const struct vsf_sysutil_user* p_user); void vsf_sysutil_seteuid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user); void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_seteuid_numeric(int uid); void vsf_sysutil_seteuid_numeric(int uid);
--
2.5.0

View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.0.7/standalone.c.close-fds vsftpd-2.0.7/standalone.c From 883736a0ad3b521c8210cc7e6cbc2cb302aca43c Mon Sep 17 00:00:00 2001
--- vsftpd-2.0.7/standalone.c.close-fds 2008-09-08 23:36:32.000000000 -0400 From: Martin Sehnoutka <msehnout@redhat.com>
+++ vsftpd-2.0.7/standalone.c 2008-09-08 23:37:53.000000000 -0400 Date: Thu, 17 Mar 2016 11:44:45 +0100
@@ -131,6 +131,9 @@ vsf_standalone_main(void) Subject: [PATCH 06/26] Applied vsftpd-close-std-fds.patch
---
standalone.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/standalone.c b/standalone.c
index ba01ab1..e0f2d5b 100644
--- a/standalone.c
+++ b/standalone.c
@@ -130,6 +130,9 @@ vsf_standalone_main(void)
die("could not bind listening IPv6 socket"); die("could not bind listening IPv6 socket");
} }
} }
@ -11,3 +21,6 @@ diff -up vsftpd-2.0.7/standalone.c.close-fds vsftpd-2.0.7/standalone.c
retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG); retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
if (vsf_sysutil_retval_is_error(retval)) if (vsf_sysutil_retval_is_error(retval))
{ {
--
2.5.0

View File

@ -2,8 +2,8 @@
%define _generatorsdir %{_prefix}/lib/systemd/system-generators %define _generatorsdir %{_prefix}/lib/systemd/system-generators
Name: vsftpd Name: vsftpd
Version: 3.0.2 Version: 3.0.3
Release: 15%{?dist} Release: 1%{?dist}
Summary: Very Secure Ftp Daemon Summary: Very Secure Ftp Daemon
Group: System Environment/Daemons Group: System Environment/Daemons
@ -167,6 +167,9 @@ rm -rf $RPM_BUILD_ROOT
%{_var}/ftp %{_var}/ftp
%changelog %changelog
* Thu Mar 17 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-1
- Update to 3.0.3 version
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-15 * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
@ -320,7 +323,7 @@ rm -rf $RPM_BUILD_ROOT
* Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.0-2 * Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.0-2
- rebuilt with new openssl - rebuilt with new openssl
* Tue Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1 * Mon Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1
- update to latest upstream release 2.2.0 - update to latest upstream release 2.2.0
* Tue Aug 04 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-0.1.pre4 * Tue Aug 04 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-0.1.pre4
@ -484,7 +487,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Aug 08 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-5 * Tue Aug 08 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-5
- option to change listening to IPv6 protocol - option to change listening to IPv6 protocol
* Thu Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4 * Tue Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4
- listen to IPv4 connections in default conf file - listen to IPv4 connections in default conf file
* Mon Jul 17 2006 Radek Vokal <rvokal@redhat.com> - 2.0.5-3 * Mon Jul 17 2006 Radek Vokal <rvokal@redhat.com> - 2.0.5-3
@ -569,7 +572,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Dec 14 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-7 * Tue Dec 14 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-7
- fixing directory in vsftpd.pam file (#142805) - fixing directory in vsftpd.pam file (#142805)
* Mon Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6 * Thu Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6
- vsftpd. files moved to /etc/vsftpd - vsftpd. files moved to /etc/vsftpd
- added vsftpd_conf_migrate.sh script for moving conf files - added vsftpd_conf_migrate.sh script for moving conf files
@ -709,10 +712,10 @@ rm -rf $RPM_BUILD_ROOT
* Wed Feb 7 2001 Seth Vidal <skvidal@phy.duke.edu> * Wed Feb 7 2001 Seth Vidal <skvidal@phy.duke.edu>
- updated to 0.0.11 - updated to 0.0.11
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu> * Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- Update to 0.0.10 - Update to 0.0.10
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu> * Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- First RPM packaging - First RPM packaging
- Stolen items from wu-ftpd's pam setup - Stolen items from wu-ftpd's pam setup
- Separated rh 7 and rh 6.X's packages - Separated rh 7 and rh 6.X's packages