rpms/vsftpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 3.0.3 version

Browse Source
This commit is contained in:
Martin Sehnoutka 2016-03-17 14:10:03 +01:00
parent 15b422966d
commit 8167548a23
30 changed files with 2364 additions and 426 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -5,3 +5,4 @@ vsftpd-2.3.2.tar.gz
/vsftpd-3.0.0.tar.gz
/vsftpd-3.0.1.tar.gz
/vsftpd-3.0.2.tar.gz
/vsftpd-3.0.3.tar.gz

2
sources
View File

@ -1 +1 @@
8b00c749719089401315bd3c44dddbb2 vsftpd-3.0.2.tar.gz
da119d084bd3f98664636ea05b5bb398 vsftpd-3.0.3.tar.gz

26
vsftpd-2.0.5-fix_qm.patch Normal file
View File

@ -0,0 +1,26 @@
From cdcb1c5f660fb4f72b4896f5145a34e9dd158252 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 12:00:34 +0100
Subject: [PATCH 26/26] Applied vsftpd-2.0.5-fix_qm.patch
---
ls.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ls.c b/ls.c
index f18791d..de68c30 100644
--- a/ls.c
+++ b/ls.c
@@ -459,7 +459,8 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
must_match_at_current_pos = 0;
}
} while (locate_result.found &&
- str_getlen(&name_remain_str) > 0 && last_token != '*');
+ str_getlen(&name_remain_str) > 0 &&
+ last_token != '*' && last_token != '?');
}
/* Any incoming string left means no match unless we ended on the correct
* type of wildcard.
--
2.5.0

19
vsftpd-2.1.0-build_ssl.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.1.0/builddefs.h.build_ssl vsftpd-2.1.0/builddefs.h
--- vsftpd-2.1.0/builddefs.h.build_ssl 2009-01-08 18:49:33.000000000 +0100
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:49:41.000000000 +0100
From 2ee718251d602abf6f4c5bb2fc6d829e32d3f3e1 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 02/26] Applied vsftpd-2.1.0-build_ssl.patch
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index e908352..63cc62b 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -3,7 +3,7 @@
#undef VSF_BUILD_TCPWRAPPERS
@ -10,3 +20,6 @@ diff -up vsftpd-2.1.0/builddefs.h.build_ssl vsftpd-2.1.0/builddefs.h
#endif /* VSF_BUILDDEFS_H */
--
2.5.0

378
vsftpd-2.1.0-configuration.patch
View File

@ -1,37 +1,27 @@
diff -up vsftpd-2.2.0/defs.h.configuration vsftpd-2.2.0/defs.h
--- vsftpd-2.2.0/defs.h.configuration 2009-01-07 21:22:22.000000000 +0100
+++ vsftpd-2.2.0/defs.h 2009-08-04 07:37:01.000000000 +0200
@@ -1,7 +1,7 @@
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
From 4c4dcfaa65c86da78d2cf49f0f4a5c8d63a78d3a Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 04/26] Applied vsftpd-2.1.0-configuration.patch
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
---
EXAMPLE/INTERNET_SITE/README | 6 +++---
EXAMPLE/INTERNET_SITE_NOINETD/README | 4 ++--
EXAMPLE/PER_IP_CONFIG/README | 4 ++--
EXAMPLE/VIRTUAL_USERS/README | 14 +++++++-------
FAQ | 8 ++++----
INSTALL | 10 +++++-----
README | 5 +++++
defs.h | 2 +-
tunables.c | 10 +++++-----
vsftpd.8 | 10 +++++-----
vsftpd.conf | 20 +++++++++++++-------
vsftpd.conf.5 | 22 +++++++++++-----------
12 files changed, 63 insertions(+), 52 deletions(-)
#define VSFTP_COMMAND_FD 0
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README 2009-08-04 07:37:01.000000000 +0200
@@ -17,7 +17,7 @@ even per-connect-IP configurability.
To use this example config:
-1) Copy the vsftpd.conf file in this directory to /etc/vsftpd.conf.
+1) Copy the vsftpd.conf file in this directory to /etc/vsftpd/vsftpd.conf.
2) Start up vsftpd, e.g.
vsftpd &
@@ -51,5 +51,5 @@ in the vsftpd.conf:
listen_address=192.168.1.2
And launch vsftpd with a specific config file like this:
-vsftpd /etc/vsftpd.conf.site1 &
+vsftpd /etc/vsftpd/vsftpd.conf.site1 &
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README 2009-08-04 07:37:01.000000000 +0200
diff --git a/EXAMPLE/INTERNET_SITE/README b/EXAMPLE/INTERNET_SITE/README
index 12b10a5..fe3d7ca 100644
--- a/EXAMPLE/INTERNET_SITE/README
+++ b/EXAMPLE/INTERNET_SITE/README
@@ -41,13 +41,13 @@ no_access = 192.168.1.3
As an example of how to ban certain sites from connecting, 192.168.1.3 will
be denied access.
@ -48,7 +38,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EX
log_on_success += PID HOST DURATION
log_on_failure += HOST
@@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration
@@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration file.
An example file is supplied. Install it like this:
@ -57,10 +47,31 @@ diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EX
Let's example the contents of the file:
diff -up vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README
--- vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README 2009-08-04 07:37:01.000000000 +0200
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc
diff --git a/EXAMPLE/INTERNET_SITE_NOINETD/README b/EXAMPLE/INTERNET_SITE_NOINETD/README
index ce17af2..9198c5f 100644
--- a/EXAMPLE/INTERNET_SITE_NOINETD/README
+++ b/EXAMPLE/INTERNET_SITE_NOINETD/README
@@ -17,7 +17,7 @@ even per-connect-IP configurability.
To use this example config:
-1) Copy the vsftpd.conf file in this directory to /etc/vsftpd.conf.
+1) Copy the vsftpd.conf file in this directory to /etc/vsftpd/vsftpd.conf.
2) Start up vsftpd, e.g.
vsftpd &
@@ -51,5 +51,5 @@ in the vsftpd.conf:
listen_address=192.168.1.2
And launch vsftpd with a specific config file like this:
-vsftpd /etc/vsftpd.conf.site1 &
+vsftpd /etc/vsftpd/vsftpd.conf.site1 &
diff --git a/EXAMPLE/PER_IP_CONFIG/README b/EXAMPLE/PER_IP_CONFIG/README
index a9ef352..34924d5 100644
--- a/EXAMPLE/PER_IP_CONFIG/README
+++ b/EXAMPLE/PER_IP_CONFIG/README
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc/hosts.allow.
Let's have a look at the example:
@ -75,10 +86,11 @@ diff -up vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration vsftpd-2.2.0/EX
applied ON TOP of the default vsftpd.conf.
This is obviously very powerful. You might use this to apply different
access restrictions for some IPs (e.g. the ability to upload).
diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README
--- vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README 2009-08-04 07:37:01.000000000 +0200
@@ -15,7 +15,7 @@ See example file "logins.txt" - this spe
diff --git a/EXAMPLE/VIRTUAL_USERS/README b/EXAMPLE/VIRTUAL_USERS/README
index b48995d..72972fa 100644
--- a/EXAMPLE/VIRTUAL_USERS/README
+++ b/EXAMPLE/VIRTUAL_USERS/README
@@ -15,7 +15,7 @@ See example file "logins.txt" - this specifies "tom" with password "foo" and
"fred" with password "bar".
Whilst logged in as root, create the actual database file like this:
@ -87,7 +99,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
(Requires the Berkeley db program installed).
NOTE: Many systems have multiple versions of "db" installed, so you may
need to use e.g. db3_load for correct operation. This is known to affect
@@ -23,10 +23,10 @@ some Debian systems. The core issue is t
@@ -23,10 +23,10 @@ some Debian systems. The core issue is that pam_userdb expects its login
database to be a specific db version (often db3, whereas db4 may be installed
on your system).
@ -100,7 +112,7 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
For more information on maintaing your login database, look around for
documentation on "Berkeley DB", e.g.
@@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses you
@@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses your new database.
See the example file vsftpd.pam. It contains two lines:
@ -123,10 +135,11 @@ diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EX
Step 5) Start up vsftpd.
diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
--- vsftpd-2.2.0/FAQ.configuration 2009-02-18 23:33:04.000000000 +0100
+++ vsftpd-2.2.0/FAQ 2009-08-04 07:37:01.000000000 +0200
@@ -34,7 +34,7 @@ needs this user to run bits of itself wi
diff --git a/FAQ b/FAQ
index 59fe56b..0142a0d 100644
--- a/FAQ
+++ b/FAQ
@@ -35,7 +35,7 @@ needs this user to run bits of itself with no privilege.
Q) Help! Local users cannot log in.
A) There are various possible problems.
A1) By default, vsftpd disables any logins other than anonymous logins. Put
@ -135,7 +148,7 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to
find out whether this has happened or not). If vsftpd links with PAM, then
you will need to have a PAM file installed for the vsftpd service. There is
@@ -46,12 +46,12 @@ system have a "shadow.h" file in the inc
@@ -47,12 +47,12 @@ system have a "shadow.h" file in the include path?
A4) If you are not using PAM, then vsftpd will do its own check for a valid
user shell in /etc/shells. You may need to disable this if you use an invalid
shell to disable logins other than FTP logins. Put check_shell=NO in your
@ -150,7 +163,7 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
Q) Help! What are the security implications referred to in the
"chroot_local_user" option?
@@ -87,7 +87,7 @@ A2) Alternatively, run as many copies as
@@ -88,7 +88,7 @@ A2) Alternatively, run as many copies as vsftpd as necessary, in standalone
mode. Use "listen_address=x.x.x.x" to set the virtual IP.
Q) Help! Does vsftpd support virtual users?
@ -159,9 +172,10 @@ diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
has the effect of mapping every non-anonymous successful login to the local
username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb
module to provide authentication against an external (i.e. non-/etc/passwd)
diff -up vsftpd-2.2.0/INSTALL.configuration vsftpd-2.2.0/INSTALL
--- vsftpd-2.2.0/INSTALL.configuration 2008-02-02 02:30:39.000000000 +0100
+++ vsftpd-2.2.0/INSTALL 2009-08-04 07:37:01.000000000 +0200
diff --git a/INSTALL b/INSTALL
index 4f811aa..93a8a81 100644
--- a/INSTALL
+++ b/INSTALL
@@ -56,14 +56,14 @@ cp vsftpd.8 /usr/local/man/man8
"make install" doesn't copy the sample config file. It is recommended you
@ -194,10 +208,11 @@ diff -up vsftpd-2.2.0/INSTALL.configuration vsftpd-2.2.0/INSTALL
The default configuration allows neither local user logins nor anonymous
uploads. You may wish to change these defaults.
diff -up vsftpd-2.2.0/README.configuration vsftpd-2.2.0/README
--- vsftpd-2.2.0/README.configuration 2009-07-07 22:23:22.000000000 +0200
+++ vsftpd-2.2.0/README 2009-08-04 07:37:01.000000000 +0200
@@ -37,3 +37,8 @@ All configuration options are documented
diff --git a/README b/README
index 86643c1..adc7f42 100644
--- a/README
+++ b/README
@@ -37,3 +37,8 @@ All configuration options are documented in the manual page vsftpd.conf.5.
Various example configurations are discussed in the EXAMPLE directory.
Frequently asked questions are tackled in the FAQ file.
@ -206,10 +221,24 @@ diff -up vsftpd-2.2.0/README.configuration vsftpd-2.2.0/README
+The location of configuration files was changed to /etc/vsftpd/. If you want
+to migrate your old conf files from /etc (files vsftpd.xxxx.rpmsave) use
+/etc/vsfptd/vsftpd_conf_migrate.sh
diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
--- vsftpd-2.2.0/tunables.c.configuration 2009-07-15 22:08:27.000000000 +0200
+++ vsftpd-2.2.0/tunables.c 2009-08-04 07:37:01.000000000 +0200
@@ -186,7 +186,7 @@ tunables_load_defaults()
diff --git a/defs.h b/defs.h
index 0ff5864..ca11eac 100644
--- a/defs.h
+++ b/defs.h
@@ -1,7 +1,7 @@
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
#define VSFTP_COMMAND_FD 0
diff --git a/tunables.c b/tunables.c
index 284a10d..0ac4c34 100644
--- a/tunables.c
+++ b/tunables.c
@@ -190,7 +190,7 @@ tunables_load_defaults()
tunable_listen_ipv6 = 0;
tunable_dual_log_enable = 0;
tunable_syslog_enable = 0;
@ -218,7 +247,7 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
tunable_virtual_use_local_privs = 0;
tunable_session_support = 0;
tunable_download_enable = 1;
@@ -254,11 +254,11 @@ tunables_load_defaults()
@@ -262,11 +262,11 @@ tunables_load_defaults()
install_str_setting(".message", &tunable_message_file);
install_str_setting("nobody", &tunable_nopriv_user);
install_str_setting(0, &tunable_ftpd_banner);
@ -233,7 +262,7 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
install_str_setting(0, &tunable_anon_root);
install_str_setting(0, &tunable_local_root);
install_str_setting(0, &tunable_banner_file);
@@ -271,7 +271,7 @@ tunables_load_defaults()
@@ -279,7 +279,7 @@ tunables_load_defaults()
install_str_setting(0, &tunable_hide_file);
install_str_setting(0, &tunable_deny_file);
install_str_setting(0, &tunable_user_sub_token);
@ -242,10 +271,11 @@ diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
&tunable_email_password_file);
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
--- vsftpd-2.2.0/vsftpd.8.configuration 2009-07-17 22:56:23.000000000 +0200
+++ vsftpd-2.2.0/vsftpd.8 2009-08-04 07:40:27.000000000 +0200
@@ -21,7 +21,7 @@ itself will listen on the network. This
diff --git a/vsftpd.8 b/vsftpd.8
index 6640b57..c920e7d 100644
--- a/vsftpd.8
+++ b/vsftpd.8
@@ -21,7 +21,7 @@ itself will listen on the network. This latter mode is easier to use, and
recommended. It is activated by setting
.Pa listen=YES
in
@ -254,7 +284,7 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
Direct execution of the
.Nm vsftpd
binary will then launch the FTP service ready for immediate client connections.
@@ -33,7 +33,7 @@ as root. Any command line option not sta
@@ -33,7 +33,7 @@ as root. Any command line option not starting with a "-" character is treated
as a config file that will be loaded. Note that config files are loaded in the
strict order that they are encountered on the command line.
If no config files are specified, the default configuration file of
@ -263,7 +293,7 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
will be loaded, after all other command line options are processed.
.Pp
Supported options are:
@@ -47,14 +47,14 @@ their appearance on the command line, in
@@ -47,14 +47,14 @@ their appearance on the command line, including intermingling with loading of
config files.
.El
.Sh EXAMPLES
@ -281,105 +311,10 @@ diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
.Sh SEE ALSO
.Xr vsftpd.conf 5
.end
diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
--- vsftpd-2.2.0/vsftpd.conf.5.configuration 2009-07-17 22:57:04.000000000 +0200
+++ vsftpd-2.2.0/vsftpd.conf.5 2009-08-04 07:37:01.000000000 +0200
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory up
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless th
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -801,7 +801,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -862,7 +862,7 @@ This option can be used to provide an al
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -985,10 +985,10 @@ the manual page, on a per-user basis. Us
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1024,7 +1024,7 @@ This option is the name of the file load
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--- vsftpd-2.2.2/vsftpd.conf.configuration 2009-10-19 04:04:23.000000000 +0200
+++ vsftpd-2.2.2/vsftpd.conf 2010-08-06 09:28:44.891173995 +0200
diff --git a/vsftpd.conf b/vsftpd.conf
index cc1c607..db44170 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -1,4 +1,4 @@
-# Example config file /etc/vsftpd.conf
+# Example config file /etc/vsftpd/vsftpd.conf
@ -410,7 +345,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
@@ -52,7 +54,7 @@
@@ -52,7 +54,7 @@ connect_from_port_20=YES
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
@ -419,7 +354,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
@@ -87,7 +89,7 @@
@@ -87,7 +89,7 @@ connect_from_port_20=YES
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
@ -428,7 +363,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
@@ -95,7 +97,7 @@
@@ -98,7 +100,7 @@ connect_from_port_20=YES
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
@ -437,7 +372,7 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
@@ -112,3 +114,7 @@
@@ -115,3 +117,7 @@ listen=YES
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
@ -445,3 +380,104 @@ diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
+pam_service_name=vsftpd
+userlist_enable=YES
+tcp_wrappers=YES
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fcc6022..5e46a2f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "listen" mode, vsftpd will background
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory upon login. The meaning is slightly
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless the password provided is listed in the
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This file is consulted if the option
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -803,7 +803,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -864,7 +864,7 @@ This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -987,10 +987,10 @@ the manual page, on a per-user basis. Usage is simple, and is best illustrated
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1026,7 +1026,7 @@ This option is the name of the file loaded when the
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--
2.5.0

41
vsftpd-2.1.0-filter.patch
View File

@ -1,7 +1,19 @@
diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c
--- vsftpd-2.1.0/ls.c.filter 2008-02-02 02:30:41.000000000 +0100
+++ vsftpd-2.1.0/ls.c 2009-01-08 19:31:15.000000000 +0100
@@ -239,9 +239,31 @@ vsf_filename_passes_filter(const struct
From d8f1f584c96d3449265a54fa62c5944b1b7c915c Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 07/26] Applied vsftpd-2.1.0-filter.patch
---
ls.c | 26 ++++++++++++++++++++++++--
str.c | 11 +++++++++++
str.h | 1 +
3 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/ls.c b/ls.c
index 7e1376d..e9302dd 100644
--- a/ls.c
+++ b/ls.c
@@ -246,9 +246,31 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
int ret = 0;
char last_token = 0;
int must_match_at_current_pos = 1;
@ -35,10 +47,11 @@ diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c
while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
{
static struct mystr s_match_needed_str;
diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c
--- vsftpd-2.1.0/str.c.filter 2008-12-17 06:54:16.000000000 +0100
+++ vsftpd-2.1.0/str.c 2009-01-08 19:31:15.000000000 +0100
@@ -680,3 +680,14 @@ str_replace_unprintable(struct mystr* p_
diff --git a/str.c b/str.c
index 6596204..ba4b92a 100644
--- a/str.c
+++ b/str.c
@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
}
}
@ -53,10 +66,11 @@ diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c
+ if (str_isempty(d_str))
+ str_copy (d_str, path);
+}
diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h
--- vsftpd-2.1.0/str.h.filter 2008-12-17 06:53:23.000000000 +0100
+++ vsftpd-2.1.0/str.h 2009-01-08 19:32:14.000000000 +0100
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst
diff --git a/str.h b/str.h
index ab0a9a4..3a21b50 100644
--- a/str.h
+++ b/str.h
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct mystr* p_str, char new_char);
int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str);
@ -64,3 +78,6 @@ diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h
/* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
* buffer, starting at character position 'p_pos'. The extracted line will
--
2.5.0

21
vsftpd-2.1.0-libs.patch
View File

@ -1,7 +1,17 @@
diff -up vsftpd-3.0.0/Makefile.libs vsftpd-3.0.0/Makefile
--- vsftpd-3.0.0/Makefile.libs 2012-04-03 09:21:18.000000000 +0200
+++ vsftpd-3.0.0/Makefile 2012-04-10 21:20:39.377248990 +0200
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --p
From e007fc137c6bee2d359af9cfc88cd01fb672cc1e Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 01/26] Applied vsftpd-2.1.0-libs.patch
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index c63ed1b..98118dc 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
-D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion
@ -10,3 +20,6 @@ diff -up vsftpd-3.0.0/Makefile.libs vsftpd-3.0.0/Makefile
LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
--
2.5.0

27
vsftpd-2.1.0-pam_hostname.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
--- vsftpd-2.2.0/sysdeputil.c.pam_hostname 2009-08-08 03:51:10.000000000 +0200
+++ vsftpd-2.2.0/sysdeputil.c 2009-08-24 12:24:07.220623773 +0200
From fb9754bb10105b6c23d355fd448f55ab94c704b8 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 05/26] Applied vsftpd-2.1.0-pam_hostname.patch
---
sysdeputil.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index 06f01f4..b2782da 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -16,6 +16,10 @@
#include "tunables.h"
#include "builddefs.h"
@ -12,7 +22,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
/* For Linux, this adds nothing :-) */
#include "port/porting_junk.h"
@@ -325,6 +329,10 @@ vsf_sysdep_check_auth(struct mystr* p_us
@@ -323,6 +327,10 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
const struct mystr* p_remote_host)
{
int retval = -1;
@ -23,7 +33,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
pam_item_t item;
const char* pam_user_name = 0;
struct pam_conv the_conv =
@@ -345,7 +353,12 @@ vsf_sysdep_check_auth(struct mystr* p_us
@@ -346,7 +354,12 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
return 0;
}
#ifdef PAM_RHOST
@ -37,7 +47,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
if (retval != PAM_SUCCESS)
{
(void) pam_end(s_pamh, retval);
@@ -558,7 +571,7 @@ vsf_sysdep_has_capabilities(void)
@@ -559,7 +572,7 @@ vsf_sysdep_has_capabilities(void)
}
return s_runtime_has_caps;
}
@ -46,7 +56,7 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
#ifndef VSF_SYSDEP_HAVE_LIBCAP
static int
do_checkcap(void)
@@ -1080,7 +1093,7 @@ vsf_sysutil_recv_fd(const int sock_fd)
@@ -1081,7 +1094,7 @@ vsf_sysutil_recv_fd(const int sock_fd)
msg.msg_flags = 0;
/* In case something goes wrong, set the fd to -1 before the syscall */
p_fd = (int*)CMSG_DATA(CMSG_FIRSTHDR(&msg));
@ -55,3 +65,6 @@ diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
retval = recvmsg(sock_fd, &msg, 0);
if (retval != 1)
{
--
2.5.0

19
vsftpd-2.1.0-tcp_wrappers.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.1.0/builddefs.h.tcp_wrappers vsftpd-2.1.0/builddefs.h
--- vsftpd-2.1.0/builddefs.h.tcp_wrappers 2009-01-08 18:52:46.000000000 +0100
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:52:56.000000000 +0100
From 3e01cb1388681f8a956c954570db4fe8ac61d1bc Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 03/26] Applied vsftpd-2.1.0-tcp_wrappers.patch
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index 63cc62b..83de674 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -1,7 +1,7 @@
#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H
@ -10,3 +20,6 @@ diff -up vsftpd-2.1.0/builddefs.h.tcp_wrappers vsftpd-2.1.0/builddefs.h
#define VSF_BUILD_PAM
#define VSF_BUILD_SSL
--
2.5.0

59
vsftpd-2.1.0-trim.patch
View File

@ -1,7 +1,21 @@
diff -up vsftpd-2.2.0/parseconf.c.trim vsftpd-2.2.0/parseconf.c
--- vsftpd-2.2.0/parseconf.c.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/parseconf.c 2009-08-04 08:10:49.000000000 +0200
@@ -275,7 +275,7 @@ vsf_parseconf_load_setting(const char* p
From aea6f1b484d06c56f636ae5ed7df232d6a94f57a Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 09/26] Applied vsftpd-2.1.0-trim.patch
---
parseconf.c | 2 +-
str.c | 12 ++++++++++++
str.h | 1 +
sysutil.c | 12 ++++++++++++
sysutil.h | 1 +
5 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/parseconf.c b/parseconf.c
index 385afd2..30df598 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -280,7 +280,7 @@ vsf_parseconf_load_setting(const char* p_setting, int errs_fatal)
}
else
{
@ -10,10 +24,11 @@ diff -up vsftpd-2.2.0/parseconf.c.trim vsftpd-2.2.0/parseconf.c
}
return;
}
diff -up vsftpd-2.2.0/str.c.trim vsftpd-2.2.0/str.c
--- vsftpd-2.2.0/str.c.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/str.c 2009-08-04 08:01:10.000000000 +0200
@@ -89,6 +89,18 @@ str_strdup(const struct mystr* p_str)
diff --git a/str.c b/str.c
index ba4b92a..41b27db 100644
--- a/str.c
+++ b/str.c
@@ -104,6 +104,18 @@ str_strdup(const struct mystr* p_str)
return vsf_sysutil_strdup(str_getbuf(p_str));
}
@ -32,10 +47,11 @@ diff -up vsftpd-2.2.0/str.c.trim vsftpd-2.2.0/str.c
void
str_alloc_alt_term(struct mystr* p_str, const char* p_src, char term)
{
diff -up vsftpd-2.2.0/str.h.trim vsftpd-2.2.0/str.h
--- vsftpd-2.2.0/str.h.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/str.h 2009-08-04 08:01:10.000000000 +0200
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str
diff --git a/str.h b/str.h
index 3a21b50..44270da 100644
--- a/str.h
+++ b/str.h
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str, unsigned long the_ulong);
void str_alloc_filesize_t(struct mystr* p_str, filesize_t the_filesize);
void str_copy(struct mystr* p_dest, const struct mystr* p_src);
const char* str_strdup(const struct mystr* p_str);
@ -43,10 +59,11 @@ diff -up vsftpd-2.2.0/str.h.trim vsftpd-2.2.0/str.h
void str_empty(struct mystr* p_str);
void str_free(struct mystr* p_str);
void str_trunc(struct mystr* p_str, unsigned int trunc_len);
diff -up vsftpd-2.2.0/sysutil.c.trim vsftpd-2.2.0/sysutil.c
--- vsftpd-2.2.0/sysutil.c.trim 2009-07-16 05:32:21.000000000 +0200
+++ vsftpd-2.2.0/sysutil.c 2009-08-04 08:01:10.000000000 +0200
@@ -1032,6 +1032,18 @@ vsf_sysutil_strdup(const char* p_str)
diff --git a/sysutil.c b/sysutil.c
index 5cdb6ef..428a34a 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1035,6 +1035,18 @@ vsf_sysutil_strdup(const char* p_str)
return strdup(p_str);
}
@ -65,9 +82,10 @@ diff -up vsftpd-2.2.0/sysutil.c.trim vsftpd-2.2.0/sysutil.c
void
vsf_sysutil_memclr(void* p_dest, unsigned int size)
{
diff -up vsftpd-2.2.0/sysutil.h.trim vsftpd-2.2.0/sysutil.h
--- vsftpd-2.2.0/sysutil.h.trim 2009-07-16 05:31:53.000000000 +0200
+++ vsftpd-2.2.0/sysutil.h 2009-08-04 08:01:10.000000000 +0200
diff --git a/sysutil.h b/sysutil.h
index c34778c..c2ddd15 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -186,6 +186,7 @@ int vsf_sysutil_wait_get_exitcode(
/* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text);
@ -76,3 +94,6 @@ diff -up vsftpd-2.2.0/sysutil.h.trim vsftpd-2.2.0/sysutil.h
void vsf_sysutil_memclr(void* p_dest, unsigned int size);
void vsf_sysutil_memcpy(void* p_dest, const void* p_src,
const unsigned int size);
--
2.5.0

81
vsftpd-2.1.0-userlist_log.patch
View File

@ -1,7 +1,23 @@
diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c
--- vsftpd-2.1.0/logging.c.userlist_log 2008-12-17 20:56:45.000000000 +0100
+++ vsftpd-2.1.0/logging.c 2009-02-24 09:12:42.000000000 +0100
@@ -95,6 +95,13 @@ vsf_log_line(struct vsf_session* p_sess,
From 2f563a92cf4c12d8a37e413ffdc14a7eb4637c03 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 08/26] Applied vsftpd-2.1.0-userlist_log.patch
---
logging.c | 7 +++++++
logging.h | 11 +++++++++++
parseconf.c | 1 +
prelogin.c | 14 ++++++++++++++
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
7 files changed, 44 insertions(+)
diff --git a/logging.c b/logging.c
index ad531d6..99671b4 100644
--- a/logging.c
+++ b/logging.c
@@ -103,6 +103,13 @@ vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
vsf_log_common(p_sess, 1, what, p_str);
}
@ -15,10 +31,11 @@ diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c
int
vsf_log_entry_pending(struct vsf_session* p_sess)
{
diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h
--- vsftpd-2.1.0/logging.h.userlist_log 2008-07-30 03:29:21.000000000 +0200
+++ vsftpd-2.1.0/logging.h 2009-02-24 09:12:42.000000000 +0100
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session*
diff --git a/logging.h b/logging.h
index 48f88ec..1ff57d1 100644
--- a/logging.h
+++ b/logging.h
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session* p_sess, int succeeded);
void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
struct mystr* p_str);
@ -35,10 +52,11 @@ diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h
+
#endif /* VSF_LOGGING_H */
diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c
--- vsftpd-2.1.0/parseconf.c.userlist_log 2008-12-18 07:21:41.000000000 +0100
+++ vsftpd-2.1.0/parseconf.c 2009-02-24 09:12:42.000000000 +0100
@@ -96,6 +96,7 @@ parseconf_bool_array[] =
diff --git a/parseconf.c b/parseconf.c
index ea2242b..385afd2 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -91,6 +91,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files },
{ "pasv_addr_resolve", &tunable_pasv_addr_resolve },
@ -46,10 +64,11 @@ diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c
{ "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert },
{ "validate_cert", &tunable_validate_cert },
diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c
--- vsftpd-2.1.0/prelogin.c.userlist_log 2009-02-18 23:23:53.000000000 +0100
+++ vsftpd-2.1.0/prelogin.c 2009-02-24 09:17:41.000000000 +0100
@@ -220,6 +220,20 @@ handle_user_command(struct vsf_session*
diff --git a/prelogin.c b/prelogin.c
index df4aade..1588bc1 100644
--- a/prelogin.c
+++ b/prelogin.c
@@ -246,6 +246,20 @@ handle_user_command(struct vsf_session* p_sess)
check_login_delay();
vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied.");
check_login_fails(p_sess);
@ -70,9 +89,10 @@ diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c
str_empty(&p_sess->user_str);
return;
}
diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
--- vsftpd-2.1.0/tunables.c.userlist_log 2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/tunables.c 2009-02-24 09:12:42.000000000 +0100
diff --git a/tunables.c b/tunables.c
index 0ac4c34..b30fca1 100644
--- a/tunables.c
+++ b/tunables.c
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write;
int tunable_lock_upload_files;
@ -81,7 +101,7 @@ diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
int tunable_debug_ssl;
int tunable_require_cert;
int tunable_validate_cert;
@@ -206,6 +207,7 @@ tunables_load_defaults()
@@ -212,6 +213,7 @@ tunables_load_defaults()
tunable_mdtm_write = 1;
tunable_lock_upload_files = 1;
tunable_pasv_addr_resolve = 0;
@ -89,10 +109,11 @@ diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
tunable_debug_ssl = 0;
tunable_require_cert = 0;
tunable_validate_cert = 0;
diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h
--- vsftpd-2.1.0/tunables.h.userlist_log 2008-12-17 06:47:11.000000000 +0100
+++ vsftpd-2.1.0/tunables.h 2009-02-24 09:12:42.000000000 +0100
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl;
diff --git a/tunables.h b/tunables.h
index 05d2456..e44d64c 100644
--- a/tunables.h
+++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -100,10 +121,11 @@ diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h
extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */
extern int tunable_validate_cert; /* SSL certs must be valid */
diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5
--- vsftpd-2.1.0/vsftpd.conf.5.userlist_log 2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/vsftpd.conf.5 2009-02-24 09:12:42.000000000 +0100
@@ -585,6 +585,14 @@ Self-signed certs do not constitute OK v
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 5e46a2f..9d767b1 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -588,6 +588,14 @@ Self-signed certs do not constitute OK validation. (New in v2.0.6).
Default: NO
.TP
@ -118,3 +140,6 @@ diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5
.B virtual_use_local_privs
If enabled, virtual users will use the same privileges as local users. By
default, virtual users will use the same privileges as anonymous users, which
--
2.5.0

51
vsftpd-2.1.1-daemonize_plus.patch
View File

@ -1,6 +1,18 @@
diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
--- vsftpd-2.1.1/standalone.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/standalone.c 2009-05-10 22:11:24.000000000 +0200
From 662531f296a0b7341e4e6817e084585a7e7a1d87 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 10/26] Applied vsftpd-2.1.1-daemonize_plus.patch
---
standalone.c | 38 +++++++++++++++++++++++++++++++++++++-
sysutil.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sysutil.h | 7 ++++++-
3 files changed, 102 insertions(+), 2 deletions(-)
diff --git a/standalone.c b/standalone.c
index e0f2d5b..3b65ea2 100644
--- a/standalone.c
+++ b/standalone.c
@@ -26,6 +26,8 @@ static unsigned int s_ipaddr_size;
static void handle_sigchld(void* duff);
@ -35,7 +47,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
}
/* Son, close standard FDs to avoid SSH hang-on-exit */
vsf_sysutil_reopen_standard_fds();
@@ -98,6 +112,10 @@ vsf_standalone_main(void)
@@ -99,6 +113,10 @@ vsf_standalone_main(void)
{
die("could not bind listening IPv4 socket");
}
@ -46,7 +58,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
}
else
{
@@ -127,6 +145,10 @@ vsf_standalone_main(void)
@@ -129,6 +147,10 @@ vsf_standalone_main(void)
{
die("could not bind listening IPv6 socket");
}
@ -57,7 +69,7 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
}
vsf_sysutil_close(0);
vsf_sysutil_close(1);
@@ -252,6 +274,20 @@ handle_sighup(void* duff)
@@ -268,6 +290,20 @@ handle_sighup(void* duff)
vsf_parseconf_load_file(0, 0);
}
@ -78,10 +90,11 @@ diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
static unsigned int
hash_ip(unsigned int buckets, void* p_key)
{
diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
--- vsftpd-2.1.1/sysutil.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/sysutil.c 2009-05-10 22:11:59.000000000 +0200
@@ -202,6 +202,9 @@ vsf_sysutil_translate_sig(const enum EVS
diff --git a/sysutil.c b/sysutil.c
index 428a34a..c848356 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -201,6 +201,9 @@ vsf_sysutil_translate_sig(const enum EVSFSysUtilSignal sig)
case kVSFSysUtilSigHUP:
realsig = SIGHUP;
break;
@ -91,7 +104,7 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
default:
bug("unknown signal in vsf_sysutil_translate_sig");
break;
@@ -539,6 +542,12 @@ vsf_sysutil_getpid(void)
@@ -549,6 +552,12 @@ vsf_sysutil_getpid(void)
return (unsigned int) s_current_pid;
}
@ -104,7 +117,7 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
int
vsf_sysutil_fork(void)
{
@@ -2807,3 +2816,53 @@ vsf_sysutil_set_no_fds()
@@ -2871,3 +2880,53 @@ vsf_sysutil_post_fork()
s_sig_details[i].pending = 0;
}
}
@ -158,10 +171,11 @@ diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
+{
+ return pause();
+}
diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
--- vsftpd-2.1.1/sysutil.h.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/sysutil.h 2009-05-10 22:11:24.000000000 +0200
@@ -29,7 +29,8 @@ enum EVSFSysUtilSignal
diff --git a/sysutil.h b/sysutil.h
index c2ddd15..bfc92cb 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -30,7 +30,8 @@ enum EVSFSysUtilSignal
kVSFSysUtilSigCHLD,
kVSFSysUtilSigPIPE,
kVSFSysUtilSigURG,
@ -171,7 +185,7 @@ diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
};
enum EVSFSysUtilInterruptContext
{
@@ -165,6 +165,7 @@ void vsf_sysutil_free(void* p_ptr);
@@ -165,6 +166,7 @@ void vsf_sysutil_free(void* p_ptr);
/* Process creation/exit/process handling */
unsigned int vsf_sysutil_getpid(void);
@ -189,3 +203,6 @@ diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
/* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text);
--
2.5.0

21
vsftpd-2.2.0-wildchar.patch
View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.3.2/ls.c.tmp vsftpd-2.3.2/ls.c
--- vsftpd-2.3.2/ls.c.tmp 2010-08-20 13:18:54.397583558 +0200
+++ vsftpd-2.3.2/ls.c 2010-08-20 13:14:59.047831385 +0200
@@ -305,6 +305,20 @@ vsf_filename_passes_filter(const struct
From 46b1cacac22d4c5f0b7695579860f7ecc28d3efb Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 11/26] Applied vsftpd-2.2.0-wildchar.patch
---
ls.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/ls.c b/ls.c
index e9302dd..92be544 100644
--- a/ls.c
+++ b/ls.c
@@ -311,6 +311,20 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
{
goto out;
}
@ -22,3 +32,6 @@ diff -up vsftpd-2.3.2/ls.c.tmp vsftpd-2.3.2/ls.c
/* Chop matched string out of remainder */
str_mid_to_end(&name_remain_str, &temp_str,
indexx + str_getlen(&s_match_needed_str));
--
2.5.0

23
vsftpd-2.2.2-clone.patch
View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
--- vsftpd-2.2.2/sysdeputil.c.clone 2010-05-13 13:26:32.099358732 +0200
+++ vsftpd-2.2.2/sysdeputil.c 2010-05-13 13:26:43.894359985 +0200
@@ -1279,7 +1279,7 @@ vsf_sysutil_fork_isolate_failok()
From 1220fb187aa6b114ae4877fd74a42979d580d8ef Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 12/26] Applied vsftpd-2.2.2-clone.patch
---
sysdeputil.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index b2782da..3bbabaa 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1306,7 +1306,7 @@ vsf_sysutil_fork_isolate_failok()
static int cloneflags_work = 1;
if (cloneflags_work)
{
@ -10,7 +20,7 @@ diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
if (ret != -1 || (errno != EINVAL && errno != EPERM))
{
if (ret == 0)
@@ -1301,7 +1301,7 @@ vsf_sysutil_fork_newnet()
@@ -1328,7 +1328,7 @@ vsf_sysutil_fork_newnet()
static int cloneflags_work = 1;
if (cloneflags_work)
{
@ -19,3 +29,6 @@ diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
if (ret != -1 || (errno != EINVAL && errno != EPERM))
{
if (ret == 0)
--
2.5.0

1501
vsftpd-2.2.2-nfs-fail.patch Normal file
View File

File diff suppressed because it is too large Load Diff

34
vsftpd-2.3.4-listen_ipv6.patch
View File

@ -1,14 +1,27 @@
--- vsftpd-2.3.4/vsftpd.conf~ 2011-11-21 13:15:03.888357116 +0000
+++ vsftpd-2.3.4/vsftpd.conf 2011-11-21 13:17:43.676136602 +0000
@@ -108,12 +108,16 @@ xferlog_std_format=YES
From d723e42f895f8bbf6888512a772aa549b0a396d9 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 15/26] Applied vsftpd-2.3.4-listen_ipv6.patch
---
vsftpd.conf | 14 +++++++++-----
vsftpd.conf.5 | 5 +++--
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index db44170..ae6c6c9 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -111,12 +111,16 @@ xferlog_std_format=YES
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
-listen=YES
+listen=NO
#
-#
-# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
-# sockets, you must run two copies of vsftpd with two configuration files.
+listen=NO
+#
+# This directive enables listening on IPv6 sockets. By default, listening
+# on the IPv6 "any" address (::) will accept connections from both IPv6
+# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
@ -21,9 +34,11 @@
pam_service_name=vsftpd
userlist_enable=YES
--- vsftpd-2.3.4/vsftpd.conf.5~ 2011-11-21 13:15:03.905357305 +0000
+++ vsftpd-2.3.4/vsftpd.conf.5 2011-11-21 13:18:31.771672385 +0000
@@ -281,8 +281,9 @@ Default: NO
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 0744f85..72bb86f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -297,8 +297,9 @@ Default: NO
.TP
.B listen_ipv6
Like the listen parameter, except vsftpd will listen on an IPv6 socket instead
@ -35,3 +50,6 @@
Default: NO
.TP
--
2.5.0

29
vsftpd-2.3.4-sd.patch
View File

@ -1,6 +1,17 @@
diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
--- vsftpd-3.0.2/vsftpd.8.sd 2013-09-04 13:04:40.383348837 +0200
+++ vsftpd-3.0.2/vsftpd.8 2013-09-04 13:45:00.370277842 +0200
From 4b7a6eecf79ee63c21fa27e5f5c22f248824991c Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 13/26] Applied vsftpd-2.3.4-sd.patch
---
vsftpd.8 | 24 ++++++++++++++++++++++++
vsftpd.conf.5 | 18 +++++++++++++++++-
2 files changed, 41 insertions(+), 1 deletion(-)
diff --git a/vsftpd.8 b/vsftpd.8
index c920e7d..fbeb1a2 100644
--- a/vsftpd.8
+++ b/vsftpd.8
@@ -25,6 +25,23 @@ in
Direct execution of the
.Nm vsftpd
@ -25,7 +36,7 @@ diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
.Sh OPTIONS
An optional
configuration file or files
@@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "bla
@@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd
setting and any identical setting that was in the config file.
.Sh FILES
.Pa /etc/vsftpd/vsftpd.conf
@ -39,9 +50,10 @@ diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
.Xr vsftpd.conf 5
+.Xr systemd.unit 5
.end
diff -up vsftpd-3.0.2/vsftpd.conf.5.sd vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.sd 2013-09-04 13:04:40.391348915 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2013-09-04 13:44:57.573250302 +0200
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 9d767b1..0744f85 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -12,7 +12,23 @@ inetd such as
.BR xinetd
to launch vsftpd with different configuration files on a per virtual host
@ -67,3 +79,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.sd vsftpd-3.0.2/vsftpd.conf.5
.SH FORMAT
The format of vsftpd.conf is very simple. Each line is either a comment or
a directive. Comment lines start with a # and are ignored. A directive line
--
2.5.0

36
vsftpd-2.3.4-sqb.patch
View File

@ -1,7 +1,17 @@
diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
--- vsftpd-3.0.2/ls.c.sqb 2014-07-04 09:55:57.899506894 +0200
+++ vsftpd-3.0.2/ls.c 2014-07-04 09:58:02.187569017 +0200
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct
From 9db0f2142b7d456af0a147a53c7555996e90dfd6 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 14/26] Applied vsftpd-2.3.4-sqb.patch
---
ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++----------------------
1 file changed, 150 insertions(+), 72 deletions(-)
diff --git a/ls.c b/ls.c
index 92be544..0ad7f54 100644
--- a/ls.c
+++ b/ls.c
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
int ret = 0;
char last_token = 0;
int must_match_at_current_pos = 1;
@ -10,7 +20,7 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
str_copy(&filter_remain_str, p_filter_str);
@@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct
@@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
static struct mystr s_match_needed_str;
/* Locate next special token */
struct str_locate_result locate_result =
@ -19,7 +29,7 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
(*iters)++;
/* Isolate text leading up to token (if any) - needs to be matched */
if (locate_result.found)
@@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct
@@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
str_empty(&filter_remain_str);
last_token = 0;
}
@ -171,16 +181,15 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
- str_copy(&filter_remain_str, &temp_str);
- str_split_char(&brace_list_str, &temp_str, ',');
- while (!str_isempty(&brace_list_str))
- {
- str_copy(&new_filter_str, &brace_list_str);
- str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
- iters))
+ struct str_locate_result end_sqb =
+ str_locate_char(&filter_remain_str, ']');
+ must_match_at_current_pos = 1;
+ if (end_sqb.found)
+ {
{
- str_copy(&new_filter_str, &brace_list_str);
- str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
- iters))
+ unsigned int cur_pos;
+ char stch, ench;
+ const char *p_brace;
@ -263,3 +272,6 @@ diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
}
/* Any incoming string left means no match unless we ended on the correct
* type of wildcard.
--
2.5.0

8
vsftpd-2.3.5-aslim.patch
View File

@ -1,11 +1,11 @@
diff -up vsftpd-2.3.5/defs.h.aslim vsftpd-2.3.5/defs.h
--- vsftpd-2.3.5/defs.h.aslim 2012-02-09 07:40:04.916658587 +0100
+++ vsftpd-2.3.5/defs.h 2012-02-09 07:50:18.365278392 +0100
diff -up vsftpd-3.0.3/defs.h.aslim vsftpd-3.0.3/defs.h
--- vsftpd-3.0.3/defs.h.aslim 2016-03-03 16:55:42.760819658 +0100
+++ vsftpd-3.0.3/defs.h 2016-03-03 17:01:49.606873710 +0100
@@ -19,7 +19,7 @@
/* Must be at least the size of VSFTP_MAX_COMMAND_LINE, VSFTP_DIR_BUFSIZE and
VSFTP_DATA_BUFSIZE*2 */
#define VSFTP_PRIVSOCK_MAXSTR VSFTP_DATA_BUFSIZE * 2
-#define VSFTP_AS_LIMIT 100UL * 1024 * 1024
-#define VSFTP_AS_LIMIT 200UL * 1024 * 1024
+#define VSFTP_AS_LIMIT 400UL * 1024 * 1024
#endif /* VSF_DEFS_H */

19
vsftpd-3.0.0-logrotate.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.0/RedHat/vsftpd.log.logrotate vsftpd-3.0.0/RedHat/vsftpd.log
--- vsftpd-3.0.0/RedHat/vsftpd.log.logrotate 2012-07-17 11:08:28.484061640 +0200
+++ vsftpd-3.0.0/RedHat/vsftpd.log 2012-07-17 11:09:08.000020510 +0200
From 5a4adb1078552f3f17f21dab9cacadbcacf593ec Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 18/26] Applied vsftpd-3.0.0-logrotate.patch
---
RedHat/vsftpd.log | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/RedHat/vsftpd.log b/RedHat/vsftpd.log
index d338de8..14731c1 100644
--- a/RedHat/vsftpd.log
+++ b/RedHat/vsftpd.log
@@ -3,3 +3,9 @@
nocompress
missingok
@ -11,3 +21,6 @@ diff -up vsftpd-3.0.0/RedHat/vsftpd.log.logrotate vsftpd-3.0.0/RedHat/vsftpd.log
+ nocompress
+ missingok
+}
--
2.5.0

21
vsftpd-3.0.0-tz.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
--- vsftpd-2.2.2/sysutil.c.tz 2012-04-26 12:45:21.095145878 +0200
+++ vsftpd-2.2.2/sysutil.c 2012-04-26 12:48:08.729618686 +0200
From cc7c4ed98d69230f24a4437db2ba6bee20f4e494 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 16/26] Applied vsftpd-3.0.0-tz.patch
---
sysutil.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++----------------
1 file changed, 77 insertions(+), 27 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index c848356..497d670 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -26,8 +26,10 @@
/* For Linux, this adds nothing :-) */
#include "port/porting_junk.h"
@ -25,7 +35,7 @@ diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
/* Private variables to this file */
/* Current umask() */
@@ -2558,49 +2565,92 @@ error:
@@ -2574,49 +2581,92 @@ error:
die("reopening standard file descriptors to /dev/null failed");
}
@ -144,3 +154,6 @@ diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
{
s_timezone *= -1;
}
--
2.5.0

19
vsftpd-3.0.0-xferlog.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.0/vsftpd.conf.xferlog vsftpd-3.0.0/vsftpd.conf
--- vsftpd-3.0.0/vsftpd.conf.xferlog 2012-07-17 10:38:14.022601998 +0200
+++ vsftpd-3.0.0/vsftpd.conf 2012-07-17 10:41:09.311073484 +0200
From 26d555a940faf7c7c90d8a8a2b5d5e0d9988f714 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 17/26] Applied vsftpd-3.0.0-xferlog.patch
---
vsftpd.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index ae6c6c9..39d1955 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -50,7 +50,7 @@ connect_from_port_20=YES
#
# You may override where the log file goes if you like. The default is shown
@ -10,3 +20,6 @@ diff -up vsftpd-3.0.0/vsftpd.conf.xferlog vsftpd-3.0.0/vsftpd.conf
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
--
2.5.0

63
vsftpd-3.0.2-dh.patch
View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.dh vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.dh 2014-09-15 15:07:43.719909056 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-09-15 15:07:43.724909061 +0200
From 1c4cb55ed61ca962a051c7de7cca866af8e2b2fa Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 21/26] Applied vsftpd-3.0.2-dh.patch
---
parseconf.c | 1 +
ssl.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
tunables.c | 5 +++-
tunables.h | 1 +
vsftpd.conf.5 | 6 ++++
5 files changed, 104 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 3e0dba4..38e3182 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -176,6 +176,7 @@ parseconf_str_array[] =
{ "email_password_file", &tunable_email_password_file },
{ "rsa_cert_file", &tunable_rsa_cert_file },
@ -9,9 +23,10 @@ diff -up vsftpd-3.0.2/parseconf.c.dh vsftpd-3.0.2/parseconf.c
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
--- vsftpd-3.0.2/ssl.c.dh 2012-04-03 02:23:42.000000000 +0200
+++ vsftpd-3.0.2/ssl.c 2014-09-15 15:07:43.725909062 +0200
diff --git a/ssl.c b/ssl.c
index c362983..22b69b3 100644
--- a/ssl.c
+++ b/ssl.c
@@ -28,6 +28,8 @@
#include <openssl/err.h>
#include <openssl/rand.h>
@ -29,7 +44,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
static int ssl_cert_digest(
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
static void maybe_log_shutdown_state(struct vsf_session* p_sess);
@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_se
@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess,
static int ssl_inited;
static struct mystr debug_str;
@ -125,7 +140,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{
@@ -156,6 +232,9 @@ ssl_init(struct vsf_session* p_sess)
@@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess)
/* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
@ -135,7 +150,7 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
@@ -675,6 +754,18 @@ ssl_verify_callback(int verify_ok, X509_
@@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
return 1;
}
@ -154,9 +169,10 @@ diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
void
ssl_add_entropy(struct vsf_session* p_sess)
{
diff -up vsftpd-3.0.2/tunables.c.dh vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.dh 2014-09-15 15:07:43.720909057 +0200
+++ vsftpd-3.0.2/tunables.c 2014-09-15 15:12:46.516209941 +0200
diff --git a/tunables.c b/tunables.c
index c737465..1ea7227 100644
--- a/tunables.c
+++ b/tunables.c
@@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
@ -169,17 +185,18 @@ diff -up vsftpd-3.0.2/tunables.c.dh vsftpd-3.0.2/tunables.c
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
- install_str_setting("AES128-SHA:DES-CBC3-SHA", &tunable_ssl_ciphers);
- install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
+ install_str_setting(0, &tunable_dh_param_file);
+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
+ &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
diff -up vsftpd-3.0.2/tunables.h.dh vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.dh 2014-09-15 15:07:43.720909057 +0200
+++ vsftpd-3.0.2/tunables.h 2014-09-15 15:07:43.725909062 +0200
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_toke
diff --git a/tunables.h b/tunables.h
index 9553038..3995472 100644
--- a/tunables.h
+++ b/tunables.h
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_token;
extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
@ -187,10 +204,11 @@ diff -up vsftpd-3.0.2/tunables.h.dh vsftpd-3.0.2/tunables.h
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff -up vsftpd-3.0.2/vsftpd.conf.5.dh vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.dh 2014-09-15 15:07:43.720909057 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-09-15 15:07:43.725909062 +0200
@@ -893,6 +893,12 @@ to be in the same file as the certificat
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fb6324e..ff94eca 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -893,6 +893,12 @@ to be in the same file as the certificate.
Default: (none)
.TP
@ -203,3 +221,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.dh vsftpd-3.0.2/vsftpd.conf.5
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
--
2.5.0

19
vsftpd-3.0.2-docupd.patch
View File

@ -1,6 +1,16 @@
diff -up vsftpd-3.0.2/vsftpd.conf.5.docupd vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.docupd 2014-06-05 09:47:27.987876849 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-06-05 09:47:27.989876848 +0200
From f7fb4f5c91ab132982c78f1b34f7fe1493fd1372 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:46 +0100
Subject: [PATCH 23/26] Applied vsftpd-3.0.2-docupd.patch
---
vsftpd.conf.5 | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index e242873..7a8f130 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -652,6 +652,21 @@ change it with the setting
.BR xferlog_file .
@ -46,3 +56,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.docupd vsftpd-3.0.2/vsftpd.conf.5
.TP
.B pasv_max_port
The maximum port to allocate for PASV style data connections. Can be used to
--
2.5.0

57
vsftpd-3.0.2-ecdh.patch
View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.ecdh vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.ecdh 2014-09-15 15:49:48.801315298 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-09-15 15:49:48.804315301 +0200
From 400bd7cd3fc7478a668862cfba4b79e84a5034e9 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 22/26] Applied vsftpd-3.0.2-ecdh.patch
---
parseconf.c | 1 +
ssl.c | 37 ++++++++++++++++++++++++++++++++++++-
tunables.c | 4 +++-
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
5 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 38e3182..a2c715b 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -177,6 +177,7 @@ parseconf_str_array[] =
{ "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file },
@ -9,9 +23,10 @@ diff -up vsftpd-3.0.2/parseconf.c.ecdh vsftpd-3.0.2/parseconf.c
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
--- vsftpd-3.0.2/ssl.c.ecdh 2014-09-15 15:49:48.802315299 +0200
+++ vsftpd-3.0.2/ssl.c 2014-09-15 15:49:48.804315301 +0200
diff --git a/ssl.c b/ssl.c
index 22b69b3..96bf8ad 100644
--- a/ssl.c
+++ b/ssl.c
@@ -122,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
{
die("SSL: could not allocate SSL context");
@ -21,7 +36,7 @@ diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
@@ -235,6 +235,41 @@ ssl_init(struct vsf_session* p_sess)
@@ -244,6 +244,41 @@ ssl_init(struct vsf_session* p_sess)
SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
@ -63,9 +78,10 @@ diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
diff -up vsftpd-3.0.2/tunables.c.ecdh vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.ecdh 2014-09-15 15:49:48.802315299 +0200
+++ vsftpd-3.0.2/tunables.c 2014-09-15 15:51:13.176386035 +0200
diff --git a/tunables.c b/tunables.c
index 1ea7227..93f85b1 100644
--- a/tunables.c
+++ b/tunables.c
@@ -141,6 +141,7 @@ const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file;
@ -84,10 +100,11 @@ diff -up vsftpd-3.0.2/tunables.c.ecdh vsftpd-3.0.2/tunables.c
&tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
diff -up vsftpd-3.0.2/tunables.h.ecdh vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.ecdh 2014-09-15 15:49:48.802315299 +0200
+++ vsftpd-3.0.2/tunables.h 2014-09-15 15:49:48.804315301 +0200
@@ -143,6 +143,7 @@ extern const char* tunable_email_passwor
diff --git a/tunables.h b/tunables.h
index 3995472..3e2d40c 100644
--- a/tunables.h
+++ b/tunables.h
@@ -143,6 +143,7 @@ extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
extern const char* tunable_dh_param_file;
@ -95,10 +112,11 @@ diff -up vsftpd-3.0.2/tunables.h.ecdh vsftpd-3.0.2/tunables.h
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff -up vsftpd-3.0.2/vsftpd.conf.5.ecdh vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.ecdh 2014-09-15 15:49:48.802315299 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-09-15 15:49:48.806315302 +0200
@@ -899,6 +915,14 @@ ephemeral Diffie-Hellman key exchange in
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index ff94eca..e242873 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -899,6 +899,14 @@ ephemeral Diffie-Hellman key exchange in SSL.
Default: (none - use built in parameters appropriate for certificate key size)
.TP
@ -113,3 +131,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.ecdh vsftpd-3.0.2/vsftpd.conf.5
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
--
2.5.0

57
vsftpd-3.0.2-lookup.patch
View File

@ -1,6 +1,20 @@
diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.lookup 2014-04-17 10:01:50.862951491 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-04-17 10:02:42.343955443 +0200
From 341ecdb33ac371d0efcfe428719fdf627ab253c2 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 19/26] Applied vsftpd-3.0.2-lookup.patch
---
parseconf.c | 1 +
sysdeputil.c | 14 +++++++++-----
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 9 +++++++++
5 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 30df598..3e0dba4 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -91,6 +91,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files },
@ -9,10 +23,11 @@ diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c
{ "userlist_log", &tunable_userlist_log },
{ "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert },
diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c
--- vsftpd-3.0.2/sysdeputil.c.lookup 2014-04-17 09:57:02.111933144 +0200
+++ vsftpd-3.0.2/sysdeputil.c 2014-04-17 10:01:31.069950498 +0200
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_us
diff --git a/sysdeputil.c b/sysdeputil.c
index 3bbabaa..2063c87 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
return 0;
}
#ifdef PAM_RHOST
@ -34,9 +49,10 @@ diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c
if (retval != PAM_SUCCESS)
{
(void) pam_end(s_pamh, retval);
diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.lookup 2014-04-17 10:03:22.766958324 +0200
+++ vsftpd-3.0.2/tunables.c 2014-04-17 10:04:52.004964675 +0200
diff --git a/tunables.c b/tunables.c
index b30fca1..c737465 100644
--- a/tunables.c
+++ b/tunables.c
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write;
int tunable_lock_upload_files;
@ -53,10 +69,11 @@ diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c
tunable_userlist_log = 0;
tunable_debug_ssl = 0;
tunable_require_cert = 0;
diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.lookup 2014-04-17 10:03:27.405958676 +0200
+++ vsftpd-3.0.2/tunables.h 2014-04-17 10:04:22.763963824 +0200
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl;
diff --git a/tunables.h b/tunables.h
index e44d64c..9553038 100644
--- a/tunables.h
+++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -64,10 +81,11 @@ diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h
extern int tunable_userlist_log; /* Log every failed login attempt */
extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */
diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.lookup 2014-04-17 10:05:30.956969003 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-04-17 10:06:36.586971828 +0200
@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 72bb86f..fb6324e 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
Default: YES
.TP
@ -83,3 +101,6 @@ diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5
.B run_as_launching_user
Set to YES if you want vsftpd to run as the user which launched vsftpd. This is
useful where root access is not available. MASSIVE WARNING! Do NOT enable this
--
2.5.0

45
vsftpd-3.0.2-rc450.patch
View File

@ -1,6 +1,19 @@
diff -up vsftpd-3.0.2/ftpcodes.h.rc450 vsftpd-3.0.2/ftpcodes.h
--- vsftpd-3.0.2/ftpcodes.h.rc450 2008-02-12 01:30:46.000000000 +0100
+++ vsftpd-3.0.2/ftpcodes.h 2014-06-18 13:41:02.238821708 +0200
From e8c21dbd87c5e46c246c2d08c1abc84bb649fc02 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:46 +0100
Subject: [PATCH 24/26] Applied vsftpd-3.0.2-rc450.patch
---
ftpcodes.h | 1 +
postlogin.c | 9 ++++++++-
sysutil.c | 3 +++
sysutil.h | 3 ++-
4 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/ftpcodes.h b/ftpcodes.h
index 93290c0..81e25c5 100644
--- a/ftpcodes.h
+++ b/ftpcodes.h
@@ -52,6 +52,7 @@
#define FTP_TLS_FAIL 421
#define FTP_BADSENDCONN 425
@ -9,10 +22,11 @@ diff -up vsftpd-3.0.2/ftpcodes.h.rc450 vsftpd-3.0.2/ftpcodes.h
#define FTP_BADSENDFILE 451
#define FTP_BADCMD 500
diff -up vsftpd-3.0.2/postlogin.c.rc450 vsftpd-3.0.2/postlogin.c
--- vsftpd-3.0.2/postlogin.c.rc450 2012-09-18 11:59:37.000000000 +0200
+++ vsftpd-3.0.2/postlogin.c 2014-06-18 13:41:02.238821708 +0200
@@ -670,7 +670,14 @@ handle_retr(struct vsf_session* p_sess,
diff --git a/postlogin.c b/postlogin.c
index bf12970..29958c0 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -679,7 +679,14 @@ handle_retr(struct vsf_session* p_sess, int is_http)
opened_file = str_open(&p_sess->ftp_arg_str, kVSFSysStrOpenReadOnly);
if (vsf_sysutil_retval_is_error(opened_file))
{
@ -28,9 +42,10 @@ diff -up vsftpd-3.0.2/postlogin.c.rc450 vsftpd-3.0.2/postlogin.c
return;
}
/* Lock file if required */
diff -up vsftpd-3.0.2/sysutil.c.rc450 vsftpd-3.0.2/sysutil.c
--- vsftpd-3.0.2/sysutil.c.rc450 2014-06-18 13:41:02.231821807 +0200
+++ vsftpd-3.0.2/sysutil.c 2014-06-18 13:41:02.238821708 +0200
diff --git a/sysutil.c b/sysutil.c
index 62d833d..a924edf 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1632,6 +1632,9 @@ vsf_sysutil_get_error(void)
case ENOENT:
retval = kVSFSysUtilErrNOENT;
@ -41,9 +56,10 @@ diff -up vsftpd-3.0.2/sysutil.c.rc450 vsftpd-3.0.2/sysutil.c
default:
break;
}
diff -up vsftpd-3.0.2/sysutil.h.rc450 vsftpd-3.0.2/sysutil.h
--- vsftpd-3.0.2/sysutil.h.rc450 2014-06-18 13:41:02.231821807 +0200
+++ vsftpd-3.0.2/sysutil.h 2014-06-18 13:41:02.239821694 +0200
diff --git a/sysutil.h b/sysutil.h
index 79b5514..c145bdf 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -18,7 +18,8 @@ enum EVSFSysUtilError
kVSFSysUtilErrINVAL,
kVSFSysUtilErrOPNOTSUPP,
@ -54,3 +70,6 @@ diff -up vsftpd-3.0.2/sysutil.h.rc450 vsftpd-3.0.2/sysutil.h
};
enum EVSFSysUtilError vsf_sysutil_get_error(void);
--
2.5.0

71
vsftpd-3.0.2-uint-uidgid.patch
View File

@ -1,7 +1,21 @@
diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
--- vsftpd-3.0.2/ls.c.uint-uidgid 2014-04-17 13:47:01.835114063 +0200
+++ vsftpd-3.0.2/ls.c 2014-04-17 13:47:01.845114063 +0200
@@ -501,7 +501,7 @@ build_dir_line(struct mystr* p_str, cons
From 24a1132cfe48d4c8bd799494ca802c918ac9132b Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 20/26] Applied vsftpd-3.0.2-uint-uidgid.patch
---
ls.c | 4 ++--
privops.c | 3 +--
session.h | 6 +++---
sysutil.c | 44 ++++++++++++++------------------------------
sysutil.h | 20 ++++++++++----------
5 files changed, 30 insertions(+), 47 deletions(-)
diff --git a/ls.c b/ls.c
index 0ad7f54..f18791d 100644
--- a/ls.c
+++ b/ls.c
@@ -503,7 +503,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
}
else
{
@ -10,7 +24,7 @@ diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
struct vsf_sysutil_user* p_user = 0;
if (tunable_text_userdb_names)
{
@@ -526,7 +526,7 @@ build_dir_line(struct mystr* p_str, cons
@@ -528,7 +528,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
}
else
{
@ -19,10 +33,11 @@ diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
struct vsf_sysutil_group* p_group = 0;
if (tunable_text_userdb_names)
{
diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c
--- vsftpd-3.0.2/privops.c.uint-uidgid 2012-09-16 09:21:24.000000000 +0200
+++ vsftpd-3.0.2/privops.c 2014-04-17 13:48:26.431113895 +0200
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_sess
diff --git a/privops.c b/privops.c
index 21d7267..f27c5c4 100644
--- a/privops.c
+++ b/privops.c
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_session* p_sess, int fd)
/* Drop it like a hot potato unless it's a regular file owned by
* the the anonymous ftp user
*/
@ -32,9 +47,10 @@ diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c
(vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->anon_ftp_uid &&
vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->guest_user_uid))
{
diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h
--- vsftpd-3.0.2/session.h.uint-uidgid 2012-04-05 03:27:19.000000000 +0200
+++ vsftpd-3.0.2/session.h 2014-04-17 13:47:01.845114063 +0200
diff --git a/session.h b/session.h
index 27a488f..956bfb7 100644
--- a/session.h
+++ b/session.h
@@ -54,9 +54,9 @@ struct vsf_session
struct mystr_list* p_visited_dir_list;
@ -48,10 +64,11 @@ diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h
/* Things we need to cache before we chroot() */
struct mystr banned_email_str;
diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
--- vsftpd-3.0.2/sysutil.c.uint-uidgid 2014-04-17 13:47:01.839114063 +0200
+++ vsftpd-3.0.2/sysutil.c 2014-04-17 13:47:01.846114063 +0200
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struc
diff --git a/sysutil.c b/sysutil.c
index 497d670..62d833d 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struct vsf_sysutil_statbuf* p_statbuf)
return p_stat->st_size;
}
@ -77,7 +94,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
{
if (fchown(fd, uid, gid) != 0)
{
@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysut
@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
}
struct vsf_sysutil_user*
@ -93,7 +110,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
}
struct vsf_sysutil_user*
@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struc
@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struct vsf_sysutil_user* p_user)
return p_passwd->pw_dir;
}
@ -110,7 +127,7 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
{
const struct passwd* p_passwd = (const struct passwd*) p_user;
@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf
@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
}
struct vsf_sysutil_group*
@ -165,10 +182,11 @@ diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
vsf_sysutil_getuid(void)
{
return getuid();
diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
--- vsftpd-3.0.2/sysutil.h.uint-uidgid 2014-04-17 13:47:01.827114063 +0200
+++ vsftpd-3.0.2/sysutil.h 2014-04-17 13:47:01.846114063 +0200
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_nume
diff --git a/sysutil.h b/sysutil.h
index bfc92cb..79b5514 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_numeric_date(
const struct vsf_sysutil_statbuf* p_stat, int use_localtime);
unsigned int vsf_sysutil_statbuf_get_links(
const struct vsf_sysutil_statbuf* p_stat);
@ -207,7 +225,7 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
const char* vsf_sysutil_group_getname(const struct vsf_sysutil_group* p_group);
/* More random things */
@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, uns
@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, unsigned int num_elem,
char* vsf_sysutil_getenv(const char* p_var);
typedef void (*exitfunc_t)(void);
void vsf_sysutil_set_exit_func(exitfunc_t exitfunc);
@ -216,7 +234,7 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
/* Syslogging (bah) */
void vsf_sysutil_openlog(int force);
@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf
@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setgid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setuid_numeric(int uid);
void vsf_sysutil_setgid_numeric(int gid);
@ -227,3 +245,6 @@ diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
void vsf_sysutil_seteuid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_seteuid_numeric(int uid);
--
2.5.0

21
vsftpd-close-std-fds.patch
View File

@ -1,7 +1,17 @@
diff -up vsftpd-2.0.7/standalone.c.close-fds vsftpd-2.0.7/standalone.c
--- vsftpd-2.0.7/standalone.c.close-fds 2008-09-08 23:36:32.000000000 -0400
+++ vsftpd-2.0.7/standalone.c 2008-09-08 23:37:53.000000000 -0400
@@ -131,6 +131,9 @@ vsf_standalone_main(void)
From 883736a0ad3b521c8210cc7e6cbc2cb302aca43c Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Mar 2016 11:44:45 +0100
Subject: [PATCH 06/26] Applied vsftpd-close-std-fds.patch
---
standalone.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/standalone.c b/standalone.c
index ba01ab1..e0f2d5b 100644
--- a/standalone.c
+++ b/standalone.c
@@ -130,6 +130,9 @@ vsf_standalone_main(void)
die("could not bind listening IPv6 socket");
}
}
@ -11,3 +21,6 @@ diff -up vsftpd-2.0.7/standalone.c.close-fds vsftpd-2.0.7/standalone.c
retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
if (vsf_sysutil_retval_is_error(retval))
{
--
2.5.0

17
vsftpd.spec
View File

@ -2,8 +2,8 @@
%define _generatorsdir %{_prefix}/lib/systemd/system-generators
Name: vsftpd
Version: 3.0.2
Release: 15%{?dist}
Version: 3.0.3
Release: 1%{?dist}
Summary: Very Secure Ftp Daemon
Group: System Environment/Daemons
@ -167,6 +167,9 @@ rm -rf $RPM_BUILD_ROOT
%{_var}/ftp
%changelog
* Thu Mar 17 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-1
- Update to 3.0.3 version
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
@ -320,7 +323,7 @@ rm -rf $RPM_BUILD_ROOT
* Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.0-2
- rebuilt with new openssl
* Tue Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1
* Mon Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1
- update to latest upstream release 2.2.0
* Tue Aug 04 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-0.1.pre4
@ -484,7 +487,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Aug 08 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-5
- option to change listening to IPv6 protocol
* Thu Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4
* Tue Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4
- listen to IPv4 connections in default conf file
* Mon Jul 17 2006 Radek Vokal <rvokal@redhat.com> - 2.0.5-3
@ -569,7 +572,7 @@ rm -rf $RPM_BUILD_ROOT
* Tue Dec 14 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-7
- fixing directory in vsftpd.pam file (#142805)
* Mon Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6
* Thu Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6
- vsftpd. files moved to /etc/vsftpd
- added vsftpd_conf_migrate.sh script for moving conf files
@ -709,10 +712,10 @@ rm -rf $RPM_BUILD_ROOT
* Wed Feb 7 2001 Seth Vidal <skvidal@phy.duke.edu>
- updated to 0.0.11
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
* Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- Update to 0.0.10
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
* Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- First RPM packaging
- Stolen items from wu-ftpd's pam setup
- Separated rh 7 and rh 6.X's packages