From 87d5593c9fcbf4330bf11ef03d3dc0479ebed99b Mon Sep 17 00:00:00 2001
From: Maros Barabas <mbarabas@fedoraproject.org>
Date: Tue, 30 Jan 2007 10:16:01 +0000
Subject: [PATCH] fix file upload permission problem #190193

---
 vsftpd-2.0.3-user_config.patch | 11 +++++++++++
 vsftpd-2.0.5-anon_umask.patch  | 10 ++++++++++
 vsftpd.spec                    | 13 ++++++++++---
 3 files changed, 31 insertions(+), 3 deletions(-)
 create mode 100644 vsftpd-2.0.3-user_config.patch
 create mode 100644 vsftpd-2.0.5-anon_umask.patch

diff --git a/vsftpd-2.0.3-user_config.patch b/vsftpd-2.0.3-user_config.patch
new file mode 100644
index 0000000..5c7d4ff
--- /dev/null
+++ b/vsftpd-2.0.3-user_config.patch
@@ -0,0 +1,11 @@
+--- vsftpd-2.0.3/twoprocess.c.test	2005-08-31 11:49:58.000000000 +0200
++++ vsftpd-2.0.3/twoprocess.c	2005-08-31 11:58:11.000000000 +0200
+@@ -422,7 +424,7 @@ handle_per_user_config(const struct myst
+   {
+     vsf_parseconf_load_file(str_getbuf(&filename_str), 1);
+   }
+-  else
++  else if (vsf_sysutil_statbuf_get_uid(p_statbuf) != VSFTP_ROOT_UID)
+   {
+     die("reading non-root config file"); 
+   }
diff --git a/vsftpd-2.0.5-anon_umask.patch b/vsftpd-2.0.5-anon_umask.patch
new file mode 100644
index 0000000..086ce02
--- /dev/null
+++ b/vsftpd-2.0.5-anon_umask.patch
@@ -0,0 +1,10 @@
+--- vsftpd-2.0.5/postlogin.c.old	2007-01-19 12:52:52.000000000 +0100
++++ vsftpd-2.0.5/postlogin.c	2007-01-30 10:42:05.000000000 +0100
+@@ -1016,7 +1016,6 @@
+   /* Are we required to chown() this file for security? */
+   if (p_sess->is_anonymous && tunable_chown_uploads)
+   {
+-    vsf_sysutil_fchmod(new_file_fd, 0600);
+     if (tunable_one_process_model)
+     {
+       vsf_one_process_chown_upload(p_sess, new_file_fd);
diff --git a/vsftpd.spec b/vsftpd.spec
index 3ed3e97..842c812 100644
--- a/vsftpd.spec
+++ b/vsftpd.spec
@@ -3,7 +3,7 @@
 Summary: vsftpd - Very Secure Ftp Daemon
 Name: vsftpd
 Version: 2.0.5
-Release: 13%{?dist}
+Release: 14%{?dist}
 License: GPL
 Group: System Environment/Daemons
 URL: http://vsftpd.beasts.org/
@@ -28,7 +28,7 @@ Patch11: vsftpd-1.2.1-nonrootconf.patch
 Patch13: vsftpd-2.0.3-background.patch
 Patch14: vsftpd-2.0.3-daemonize_fds.patch
 Patch15: vsftpd-2.0.1-kickline.patch
-Patch16: vsfptd-2.0.3-user_config.patch
+Patch16: vsftpd-2.0.3-user_config.patch
 Patch17: vsftpd-2.0.3-pam_hostname.patch
 Patch18: vsftpd-close-std-fds.patch
 Patch19: vsftpd-2.0.5-default_ipv6.patch
@@ -40,6 +40,7 @@ Patch24: vsftpd-2.0.5-file_stat.patch
 Patch25: vsftpd-2.0.5-confspell.patch
 Patch26: vsftpd-2.0.5-bind_denied.patch
 Patch27: vsftpd-2.0.5-uniq_rename.patch
+Patch28: vsftpd-2.0.5-anon_umask.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 %if %{tcp_wrappers}
@@ -94,6 +95,7 @@ cp %{SOURCE1} .
 %patch25 -p1
 %patch26 -p1 -b .bind_denied
 %patch27 -p1 -b .uniq_rename
+%patch28 -p1 -b .anon_umask
 
 %build
 %ifarch s390x
@@ -152,11 +154,16 @@ fi
 /var/ftp
 
 %changelog
+* Tue Jan 30 2007 Maros Barabas <mbarabas@redhat.com> - 2.0.5-14
+- remove file upload permission problem 
+- change name of patch vsfptd-2.0.3-user_config
+- Resolves #190193
+
 * Fri Jan 19 2007 Maros Barabas <mbarabas@redhat.com> - 2.0.5-13
 - add lost patch: don't die when no user config file is present 
 - Resolves #166986
 
-* Thu Jan 18 2007 Radek Vokál <rvokal@redhat.com> - 2.0.5-12
+* Thu Jan 18 2007 Radek Vokal <rvokal@redhat.com> - 2.0.5-12
 - add dist tag
 - add buildrequires tcp_wrappers-devel