Compare commits

...

No commits in common. "c8" and "imports/c8s/vsftpd-3.0.3-31.el8" have entirely different histories.

9 changed files with 6 additions and 476 deletions

1
.vsftpd.metadata Normal file
View File

@ -0,0 +1 @@
d5f5a180dbecd0fbcdc92bf0ba2fc001c962b55a SOURCES/vsftpd-3.0.3.tar.gz

View File

@ -1,25 +0,0 @@
From ab797dcffc855b05c9e7c8db4e5be2fc7510831b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 17 Mar 2020 12:57:36 +0100
Subject: [PATCH] Remove a hint about the ftp_home_dir SELinux boolean
The boolean has been removed from SELinux.
---
vsftpd.conf | 1 -
1 file changed, 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index 6b8eebb..ea20a72 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -12,7 +12,6 @@
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
-# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
--
2.25.1

View File

@ -1,75 +0,0 @@
diff -urN a/parseconf.c b/parseconf.c
--- a/parseconf.c 2021-05-29 23:39:19.000000000 +0200
+++ b/parseconf.c 2023-03-03 10:22:38.256439634 +0100
@@ -185,6 +185,7 @@
{ "dsa_cert_file", &tunable_dsa_cert_file },
{ "dh_param_file", &tunable_dh_param_file },
{ "ecdh_param_file", &tunable_ecdh_param_file },
+ { "ssl_ciphersuites", &tunable_ssl_ciphersuites },
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -urN a/ssl.c b/ssl.c
--- a/ssl.c 2021-08-02 08:24:35.000000000 +0200
+++ b/ssl.c 2023-03-03 10:28:05.989757655 +0100
@@ -135,6 +135,11 @@
{
die("SSL: could not set cipher list");
}
+ if (tunable_ssl_ciphersuites &&
+ SSL_CTX_set_ciphersuites(p_ctx, tunable_ssl_ciphersuites) != 1)
+ {
+ die("SSL: could not set ciphersuites list");
+ }
if (RAND_status() != 1)
{
die("SSL: RNG is not seeded");
diff -urN a/tunables.c b/tunables.c
--- a/tunables.c 2021-05-29 23:39:00.000000000 +0200
+++ b/tunables.c 2023-03-03 10:13:30.566868026 +0100
@@ -154,6 +154,7 @@
const char* tunable_dsa_cert_file;
const char* tunable_dh_param_file;
const char* tunable_ecdh_param_file;
const char* tunable_ssl_ciphers;
+const char* tunable_ssl_ciphersuites;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -293,6 +293,7 @@
install_str_setting(0, &tunable_dh_param_file);
install_str_setting(0, &tunable_ecdh_param_file);
install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers);
+ install_str_setting("TLS_AES_256_GCM_SHA384", &tunable_ssl_ciphersuites);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
diff -urN a/tunables.h b/tunables.h
--- a/tunables.h
+++ b/tunables.h
@@ -144,6 +144,7 @@
extern const char* tunable_dsa_cert_file;
extern const char* tunable_dh_param_file;
extern const char* tunable_ecdh_param_file;
extern const char* tunable_ssl_ciphers;
+extern const char* tunable_ssl_ciphersuites;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -1009,6 +1009,16 @@
Default: PROFILE=SYSTEM
.TP
+.B ssl_ciphersuites
+This option can be used to select which SSL cipher suites vsftpd will allow for
+encrypted SSL connections with TLSv1.3. See the
+.BR ciphers
+man page for further details. Note that restricting ciphers can be a useful
+security precaution as it prevents malicious remote parties forcing a cipher
+which they have found problems with.
+
+Default: TLS_AES_256_GCM_SHA384
+.TP
.B user_config_dir
This powerful option allows the override of any config option specified in
the manual page, on a per-user basis. Usage is simple, and is best illustrated

View File

@ -1,215 +0,0 @@
diff --git a/logging.c b/logging.c
index 9e86808..613ff4b 100644
--- a/logging.c
+++ b/logging.c
@@ -171,7 +171,14 @@ vsf_log_do_log_to_file(int fd, struct mystr* p_str)
return;
}
}
- str_replace_unprintable(p_str, '?');
+ if (tunable_wc_logs_enable)
+ {
+ str_replace_unprintable_with_hex_wc(p_str);
+ }
+ else
+ {
+ str_replace_unprintable_with_hex(p_str);
+ }
str_append_char(p_str, '\n');
/* Ignore write failure; maybe the disk filled etc. */
(void) str_write_loop(p_str, fd);
diff --git a/parseconf.c b/parseconf.c
index 3cfe7da..3729818 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -113,6 +113,7 @@ parseconf_bool_array[] =
{ "allow_writeable_chroot", &tunable_allow_writeable_chroot },
{ "better_stou", &tunable_better_stou },
{ "log_die", &tunable_log_die },
+ { "wc_logs_enable", &tunable_wc_logs_enable },
{ 0, 0 }
};
diff --git a/str.c b/str.c
index 82b8ae4..c03e7d8 100644
--- a/str.c
+++ b/str.c
@@ -20,6 +20,11 @@
#include "utility.h"
#include "sysutil.h"
+#include <stdio.h>
+#include <string.h>
+#include <wchar.h>
+#include <wctype.h>
+
/* File local functions */
static void str_split_text_common(struct mystr* p_src, struct mystr* p_rhs,
const char* p_text, int is_reverse);
@@ -723,6 +728,102 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
}
}
+void
+str_replace_unprintable_with_hex(struct mystr* p_str)
+{
+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len);
+ if (ups_size < p_str->len)
+ {
+ str_replace_unprintable(p_str, '?');
+ str_append_text(p_str, ": BUG: string is too long");
+ bug(p_str->p_buf);
+ }
+ unsigned int* ups = vsf_sysutil_malloc(ups_size);
+ unsigned int up_count = 0;
+ for (unsigned int i=0; i < p_str->len; i++)
+ {
+ if (!vsf_sysutil_isprint(p_str->p_buf[i]))
+ {
+ ups[up_count++] = i;
+ }
+ }
+ str_replace_positions_with_hex(p_str, ups, up_count);
+ vsf_sysutil_free(ups);
+}
+
+void str_replace_unprintable_with_hex_wc(struct mystr* p_str)
+{
+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len);
+ if (ups_size < p_str->len)
+ {
+ str_replace_unprintable(p_str, '?');
+ str_append_text(p_str, ": BUG: string is too long");
+ bug(p_str->p_buf);
+ }
+ unsigned int* ups = vsf_sysutil_malloc(ups_size);
+ unsigned int up_count = 0;
+
+ size_t current = 0;
+ wchar_t pwc;
+ mbstate_t ps;
+ memset(&ps, 0, sizeof(ps));
+ ssize_t len = 0;
+ while ((len = mbrtowc(&pwc, p_str->p_buf, p_str->len - current, &ps)) > 0)
+ {
+ if (!iswprint(pwc))
+ {
+ for (int i = 0; i < len; i++)
+ {
+ ups[up_count++] = current++;
+ }
+ }
+ else
+ {
+ current += len;
+ }
+ }
+ if (len < 0)
+ {
+ while (current < p_str->len)
+ {
+ ups[up_count++] = current++;
+ }
+ }
+ str_replace_positions_with_hex(p_str, ups, up_count);
+ vsf_sysutil_free(ups);
+}
+
+void
+str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, const unsigned int pos_count)
+{
+ if (pos_count == 0)
+ return;
+
+ struct mystr tmp_str = INIT_MYSTR;
+ str_reserve(&tmp_str, p_str->len + 3 * pos_count);
+ unsigned int current = 0;
+
+ for (unsigned int i=0; i < pos_count; i++)
+ {
+ unsigned int pos = poss[i];
+
+ if (current < pos)
+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, pos - current);
+
+ char hex_buf[5];
+ memset(hex_buf, 0, sizeof(hex_buf));
+ sprintf(hex_buf, "\\x%02X", (unsigned char) p_str->p_buf[pos]);
+ str_append_text(&tmp_str, hex_buf);
+ current = pos + 1;
+ }
+
+ if (current < p_str->len)
+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, p_str->len - current);
+
+ str_copy(p_str, &tmp_str);
+ str_free(&tmp_str);
+}
+
void
str_basename (struct mystr* d_str, const struct mystr* path)
{
diff --git a/str.h b/str.h
index 44270da..95a83b5 100644
--- a/str.h
+++ b/str.h
@@ -98,6 +98,10 @@ int str_contains_space(const struct mystr* p_str);
int str_all_space(const struct mystr* p_str);
int str_contains_unprintable(const struct mystr* p_str);
void str_replace_unprintable(struct mystr* p_str, char new_char);
+void str_replace_unprintable_with_hex(struct mystr* p_str);
+void str_replace_unprintable_with_hex_wc(struct mystr* p_str);
+void str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss,
+ const unsigned int pos_count);
int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str);
diff --git a/tunables.c b/tunables.c
index a7ce9c8..c96c1ac 100644
--- a/tunables.c
+++ b/tunables.c
@@ -94,6 +94,7 @@ int tunable_seccomp_sandbox;
int tunable_allow_writeable_chroot;
int tunable_better_stou;
int tunable_log_die;
+int tunable_wc_logs_enable;
unsigned int tunable_accept_timeout;
unsigned int tunable_connect_timeout;
@@ -244,6 +245,7 @@ tunables_load_defaults()
tunable_allow_writeable_chroot = 0;
tunable_better_stou = 0;
tunable_log_die = 0;
+ tunable_wc_logs_enable = 0;
tunable_accept_timeout = 60;
tunable_connect_timeout = 60;
diff --git a/tunables.h b/tunables.h
index 029d645..8d50150 100644
--- a/tunables.h
+++ b/tunables.h
@@ -98,6 +98,7 @@ extern int tunable_better_stou; /* Use better file name generation
*/
extern int tunable_log_die; /* Log calls to die(), die2()
* and bug() */
+extern int tunable_wc_logs_enable; /* Allow non ASCII characters in logs */
/* Integer/numeric defines */
extern unsigned int tunable_accept_timeout;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index ce3fba3..815773f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -735,6 +735,12 @@ If enabled, use CLONE_NEWPID and CLONE_NEWIPC to isolate processes to their
ipc and pid namespaces. So separated processes can not interact with each other.
Default: YES
+.TP
+.B wc_logs_enable
+If enabled, logs will be treated as wide-character strings and not just
+ASCII strings when filtering out non-printable characters.
+
+Default: NO
.SH NUMERIC OPTIONS
Below is a list of numeric options. A numeric option must be set to a non

View File

@ -1,132 +0,0 @@
diff --git a/features.c b/features.c
index d024366..3a60b88 100644
--- a/features.c
+++ b/features.c
@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess)
{
vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n");
}
- if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2)
+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3)
{
vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
}
diff --git a/parseconf.c b/parseconf.c
index 3729818..2c5ffe6 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -87,6 +87,7 @@ parseconf_bool_array[] =
{ "ssl_tlsv1", &tunable_tlsv1 },
{ "ssl_tlsv1_1", &tunable_tlsv1_1 },
{ "ssl_tlsv1_2", &tunable_tlsv1_2 },
+ { "ssl_tlsv1_3", &tunable_tlsv1_3 },
{ "tilde_user_enable", &tunable_tilde_user_enable },
{ "force_anon_logins_ssl", &tunable_force_anon_logins_ssl },
{ "force_anon_data_ssl", &tunable_force_anon_data_ssl },
diff --git a/ssl.c b/ssl.c
index 09ec96a..5d9c595 100644
--- a/ssl.c
+++ b/ssl.c
@@ -178,6 +178,10 @@ ssl_init(struct vsf_session* p_sess)
{
options |= SSL_OP_NO_TLSv1_2;
}
+ if (!tunable_tlsv1_3)
+ {
+ options |= SSL_OP_NO_TLSv1_3;
+ }
SSL_CTX_set_options(p_ctx, options);
if (tunable_rsa_cert_file)
{
diff --git a/tunables.c b/tunables.c
index c96c1ac..e6fbb9d 100644
--- a/tunables.c
+++ b/tunables.c
@@ -68,6 +68,7 @@ int tunable_sslv3;
int tunable_tlsv1;
int tunable_tlsv1_1;
int tunable_tlsv1_2;
+int tunable_tlsv1_3;
int tunable_tilde_user_enable;
int tunable_force_anon_logins_ssl;
int tunable_force_anon_data_ssl;
@@ -217,8 +218,9 @@ tunables_load_defaults()
tunable_sslv3 = 0;
tunable_tlsv1 = 0;
tunable_tlsv1_1 = 0;
- /* Only TLSv1.2 is enabled by default */
+ /* Only TLSv1.2 and TLSv1.3 are enabled by default */
tunable_tlsv1_2 = 1;
+ tunable_tlsv1_3 = 1;
tunable_tilde_user_enable = 0;
tunable_force_anon_logins_ssl = 0;
tunable_force_anon_data_ssl = 0;
diff --git a/tunables.h b/tunables.h
index 8d50150..6e1d301 100644
--- a/tunables.h
+++ b/tunables.h
@@ -69,6 +69,7 @@ extern int tunable_sslv3; /* Allow SSLv3 */
extern int tunable_tlsv1; /* Allow TLSv1 */
extern int tunable_tlsv1_1; /* Allow TLSv1.1 */
extern int tunable_tlsv1_2; /* Allow TLSv1.2 */
+extern int tunable_tlsv1_3; /* Allow TLSv1.3 */
extern int tunable_tilde_user_enable; /* Support e.g. ~chris */
extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */
extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 815773f..c37a536 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -555,7 +555,7 @@ Default: YES
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit SSL v2 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: NO
.TP
@@ -563,7 +563,7 @@ Default: NO
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit SSL v3 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: NO
.TP
@@ -571,7 +571,7 @@ Default: NO
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit TLS v1 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: NO
.TP
@@ -579,7 +579,7 @@ Default: NO
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit TLS v1.1 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: NO
.TP
@@ -587,7 +587,15 @@ Default: NO
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit TLS v1.2 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
+
+Default: YES
+.TP
+.B ssl_tlsv1_3
+Only applies if
+.BR ssl_enable
+is activated. If enabled, this option will permit TLS v1.3 protocol connections.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: YES
.TP

View File

@ -1,6 +1,6 @@
[Unit]
Description=Vsftpd ftp daemon
After=network-online.target
After=network.target
[Service]
Type=forking

View File

@ -1,6 +1,6 @@
[Unit]
Description=FTP daemon
After=network-online.target
After=network.target
[Install]
WantedBy=multi-user.target

View File

@ -1,6 +1,6 @@
[Unit]
Description=Vsftpd ftp daemon
After=network-online.target
After=network.target
PartOf=vsftpd.target
[Service]

View File

@ -2,7 +2,7 @@
Name: vsftpd
Version: 3.0.3
Release: 36%{?dist}
Release: 31%{?dist}
Summary: Very Secure Ftp Daemon
Group: System Environment/Daemons
@ -94,10 +94,7 @@ Patch62: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch
Patch63: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch
Patch64: 0003-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch
Patch65: 0001-Fix-timestamp-handling-in-MDTM.patch
Patch66: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch
Patch67: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch
Patch68: vsftpd-3.0.3-option_to_disable_TLSv1_3.patch
Patch69: vsftpd-3.0.3-add-option-for-tlsv1.3-ciphersuites.patch
%description
vsftpd is a Very Secure FTP daemon. It was written completely from
scratch.
@ -165,27 +162,6 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
%{_var}/ftp
%changelog
* Thu Apr 06 2023 Richard Lescak <rlescak@redhat.com> -3.0.3-36
- add patch to provide option for TLSv1.3 ciphersuites
- Resolves: rhbz#2069733
* Fri Dec 03 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-35
- add option to disable TLSv1.3
- Resolves: rhbz#1638375
* Mon Apr 12 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-34
- Enable support for wide-character strings in logs
- Replace unprintables with HEX code, not question marks
- Resolves: rhbz#1947900
* Mon Nov 02 2020 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-33
- Unit files fixed "After=network-online.target"
- Resolves: rhbz#1893636
* Tue Mar 17 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-32
- Removed a hint about the ftp_home_dir SELinux boolean from the config file
- Resolves: rhbz#1623424
* Thu Feb 13 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-31
- Fix timestamp handling in MDTM
- Resolves: rhbz#1567855