- Remove uniq_rename patch.

- Correct create/lock race condition, original patch by <mpoole@redhat.com>
    (#240550).

vsftpd-2.0.5-uniq_rename.patch

@@ -1,76 +0,0 @@
---- vsftpd-2.0.3/postlogin.c.uniq_rename	2005-03-19 12:15:59.000000000 +0100
-+++ vsftpd-2.0.3/postlogin.c	2005-07-18 15:52:20.000000000 +0200
-@@ -70,7 +70,7 @@
- static void check_abor(struct vsf_session* p_sess);
- static void handle_sigurg(void* p_private);
- static void handle_upload_common(struct vsf_session* p_sess, int is_append,
--                                 int is_unique);
-+                                 int is_unique, int uniq_rename);
- static void get_unique_filename(struct mystr* p_outstr,
-                                 const struct mystr* p_base);
- static int data_transfer_checks_ok(struct vsf_session* p_sess);
-@@ -931,11 +931,11 @@
- static void
- handle_stor(struct vsf_session* p_sess)
- {
--  handle_upload_common(p_sess, 0, 0);
-+  handle_upload_common(p_sess, 0, 0, 1);
- }
- 
- static void
--handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
-+handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique, int uniq_rename)
- {
-   static struct mystr s_filename;
-   struct mystr* p_filename;
-@@ -952,6 +952,12 @@
-   p_filename = &p_sess->ftp_arg_str;
-   if (is_unique)
-   {
-+    if (uniq_rename)
-+ 		if (!vsf_access_check_file(p_filename)) 
-+		{
-+        	vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied.");
-+	  		return;
-+		}
-     get_unique_filename(&s_filename, p_filename);
-     p_filename = &s_filename;
-   }
-@@ -1057,6 +1063,14 @@
-   port_cleanup(p_sess);
-   pasv_cleanup(p_sess);
-   vsf_sysutil_close(new_file_fd);
-+  if (is_unique && uniq_rename)
-+  /* NOTE - might overwrite destination file. Not a concern because the same
-+   * could be accomplished with DELE.
-+   */
-+  {
-+	printf("I'm here\n");//vsf_cmdio_write(p_sess, FTP_TRANSFEROK, "IM HERE.");
-+  	str_rename(p_filename, &p_sess->ftp_arg_str);
-+  }
- }
- 
- static void
-@@ -1477,7 +1491,7 @@
- static void
- handle_appe(struct vsf_session* p_sess)
- {
--  handle_upload_common(p_sess, 1, 0);
-+  handle_upload_common(p_sess, 1, 0, 0);
- }
- 
- static void
-@@ -1655,7 +1669,7 @@
- static void
- handle_stou(struct vsf_session* p_sess)
- {
--  handle_upload_common(p_sess, 0, 1);
-+  handle_upload_common(p_sess, 0, 1, 0);
- }
- 
- static void
-@@ -1804,4 +1818,3 @@
-     }
-   }
- }
--

vsftpd-2.0.5-write_race.patch

@@ -0,0 +1,68 @@
+diff -up vsftpd-2.0.5/sysutil.h.write_race vsftpd-2.0.5/sysutil.h
+--- vsftpd-2.0.5/sysutil.h.write_race	2007-11-21 08:48:28.000000000 +0100
++++ vsftpd-2.0.5/sysutil.h	2007-11-21 08:48:28.000000000 +0100
+@@ -91,6 +91,8 @@ void vsf_sysutil_close(int fd);
+ int vsf_sysutil_close_failok(int fd);
+ int vsf_sysutil_unlink(const char* p_dead);
+ int vsf_sysutil_write_access(const char* p_filename);
++/* Trucate after open */
++int vsf_sysutil_truncate(int fd, filesize_t length);
+ 
+ /* Reading and writing */
+ void vsf_sysutil_lseek_to(const int fd, filesize_t seek_pos);
+diff -up vsftpd-2.0.5/postlogin.c.write_race vsftpd-2.0.5/postlogin.c
+--- vsftpd-2.0.5/postlogin.c.write_race	2007-11-21 08:48:28.000000000 +0100
++++ vsftpd-2.0.5/postlogin.c	2007-11-21 08:51:59.000000000 +0100
+@@ -953,6 +953,7 @@ handle_upload_common(struct vsf_session*
+   struct vsf_transfer_ret trans_ret;
+   int new_file_fd;
+   int remote_fd;
++  int truncit = 0;
+   filesize_t offset = p_sess->restart_pos;
+   p_sess->restart_pos = 0;
+   if (!data_transfer_checks_ok(p_sess))
+@@ -987,7 +988,15 @@ handle_upload_common(struct vsf_session*
+     /* For non-anonymous, allow open() to overwrite or append existing files */
+     if (!is_append && offset == 0)
+     {
+-      new_file_fd = str_create_overwrite(p_filename);
++      if (tunable_lock_upload_files)
++      {
++        new_file_fd = str_create_append(p_filename);
++        truncit = 1;
++      }
++      else
++      {
++        new_file_fd = str_create_overwrite(p_filename);
++      }
+     }
+     else
+     {
+@@ -1023,6 +1032,11 @@ handle_upload_common(struct vsf_session*
+   if (tunable_lock_upload_files)
+   {
+     vsf_sysutil_lock_file_write(new_file_fd);
++    if (truncit)
++    {
++      vsf_sysutil_truncate(new_file_fd, 0);
++      vsf_sysutil_lseek_to(new_file_fd, 0);
++    }
+   }
+   if (!is_append && offset != 0)
+   {
+diff -up vsftpd-2.0.5/sysutil.c.write_race vsftpd-2.0.5/sysutil.c
+--- vsftpd-2.0.5/sysutil.c.write_race	2007-11-21 08:48:28.000000000 +0100
++++ vsftpd-2.0.5/sysutil.c	2007-11-21 08:48:28.000000000 +0100
+@@ -1196,6 +1196,12 @@ vsf_sysutil_close_failok(int fd)
+ }
+ 
+ int
++vsf_sysutil_truncate(int fd, filesize_t length)
++{
++  return ftruncate(fd, length);
++}
++
++int
+ vsf_sysutil_unlink(const char* p_dead)
+ {
+   return unlink(p_dead);

vsftpd.spec

@@ -3,7 +3,7 @@
 Summary: Very Secure Ftp Daemon
 Name: vsftpd
 Version: 2.0.5
-Release: 20%{?dist}
+Release: 21%{?dist}
 License: GPL
 Group: System Environment/Daemons
 URL: http://vsftpd.beasts.org/
@@ -39,10 +39,10 @@ Patch23: vsftpd-2.0.4-filter.patch
 Patch24: vsftpd-2.0.5-file_stat.patch
 Patch25: vsftpd-2.0.5-confspell.patch
 Patch26: vsftpd-2.0.5-bind_denied.patch
-Patch27: vsftpd-2.0.5-uniq_rename.patch
 Patch28: vsftpd-2.0.5-anon_umask.patch
 Patch29: vsftpd-2.0.5-pasv_dot.patch
 Patch30: vsftpd-2.0.5-pam_end.patch
+Patch31: vsftpd-2.0.5-write_race.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 %if %{tcp_wrappers}
@@ -96,10 +96,10 @@ cp %{SOURCE1} .
 %patch24 -p1 -b .file_stat
 %patch25 -p1
 %patch26 -p1 -b .bind_denied
-%patch27 -p1 -b .uniq_rename
 %patch28 -p1 -b .anon_umask
 %patch29 -p1 -b .pasv_dot
 %patch30 -p1 -b .pam_end
+%patch31 -p1 -b .write_race
 
 %build
 %ifarch s390x
@@ -158,6 +158,11 @@ fi
 %{_var}/ftp
 
 %changelog
+* Fri Nov 30 2007 Martin Nagy <mnagy@redhat.com> - 2.0.5-21
+- Remove uniq_rename patch.
+- Correct create/lock race condition, original patch by <mpoole@redhat.com>
+  (#240550).
+
 * Thu Nov 08 2007 Martin Nagy <mnagy@redhat.com> - 2.0.5-20
 - Correct calling of pam_end (#235843).