Hello community, here is the log from the commit of package pure-ftpd.1248 for openSUSE:12.2:Update checked in at 2013-01-31 16:14:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/pure-ftpd.1248 (Old) and /work/SRC/openSUSE:12.2:Update/.pure-ftpd.1248.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pure-ftpd.1248", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-01-09 19:40:42.352580873 +0100 +++ /work/SRC/openSUSE:12.2:Update/.pure-ftpd.1248.new/pure-ftpd.changes 2013-01-31 16:14:14.000000000 +0100 @@ -0,0 +1,652 @@ +------------------------------------------------------------------- +Wed Jan 23 08:48:59 UTC 2013 - [email protected] + +- fix bnc#789833: pure-ftpd login failes + * pure-ftpd-1.0.36-cap-audit-control.patch +- remove oes related patches have never used at openSUSE + * pure-ftpd-1.0.20-oes_remote_server.patch + * pure-ftpd-1.0.22-oes-bugfix-534424.patch +- change old PreReq to Requires(pre) +- add version to pureftpd symbol + +------------------------------------------------------------------- +Fri Apr 20 11:55:23 UTC 2012 - [email protected] + +- spec file: fixed pure-ftpd.service file installation + +------------------------------------------------------------------- +Tue Apr 10 11:39:50 UTC 2012 - [email protected] + +- update to 1.0.36 : + - Sync built-in glob(3) code with OpenBSD-current, and remove code we +don't use instead of ifdef'ing it. + - Repair checkproc() on Linux when support for capabitilies is +compiled in. Reported by Eric Gouyer. + - Don't read /dev/*random every time we need a value. Just use +arc4random() everywhere and seed it before we possibly chroot(). + - Add support for MFMT, with the same code as SITE UTIME. + - Support 2-arguments SITE UTIME. + - LDAP: Add LDAPDefaultHomeDirectory, suggested by Landry Breuil. + - Add SSL_OP_NO_SSLv3 to SSL options if the list of ciphers is +prefixed by -S: , needed by Brad. + - Use more paranoid compiler options whenever possible, and preliminary +uncluttering of the autoconf script. + - Try to cache locale-related data at startup after tzset(), rather +than during a session. + - Fix quota computation after rename() overwrites an existing file. +Reported by Hiramoto Koujo, thanks! + - Improved autoconf detection of -fstack-protector and -fPIE + - If 10 digits are not enough to print the size of a file in an +ls-like output, bump the max number of digits to 18. This adds support for +files up to 1 exabyte. + - Don't display dot files (except . and ..) if dot_read_ok is 0 in +donlist() - but not in sglob() yet. This change is purely cosmetic. There are +many ways to figure out if a file exists. + +- document bnc#756306: pure-ftpd umask setting not working properly + * /etc/pure-ftpd/pure-ftpd.conf contains a note about a side-effect of pam_umask + +- add native pure-ftpd.service for systemd-powered systems + +- use the same way how to start the daemon in sysvinit script and put + $remote_fs dependency + usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize + +------------------------------------------------------------------- +Wed Jun 22 08:31:38 UTC 2011 - [email protected] + +- fix bnc#700611 - pure-ftpd fails with pam + * pure-ftpd-1.0.32-cap-audit-write.patch + +------------------------------------------------------------------- +Fri May 27 22:23:06 UTC 2011 - [email protected] + +- Update to 1.0.32: + - Support SHA1 password hashing in MySQL and PostgreSQL backends + - Support for braces expansion in directory listings has been + disabled - Cf. CVE-2011-0418 +- Aditional changes FROM 1.0.31: + - Introduce --tlsciphersuite (-J) to set the list of allowed ciphers, + thanks to Todd Rinaldo. + - The -F switch has been documented in the built-in help. + - Shell-like escaping is now partially handled when emulating the "ls" + command. + - Use my_make_scrambled_password() instead of make_scrambled_password(). + Suggested by Arkadiusz Miskiewicz. +- Refresh and fix patch for [bnc#407363]: + - old: patch pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch + - new: patch pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch +- Refresh PassivePortRange patch: + - old: pure-ftpd-1.0.21-portrange.patch + - new: pure-ftpd-1.0.32-portrange.patch + +------------------------------------------------------------------- +Mon Apr 11 11:56:20 UTC 2011 - [email protected] + +- update to 1.0.30 + * pure-quotacheck can now work with a large number of files. + * OPTS UTF-8 is now an alias to OPTS UTF8. + * Fix a STARTTLS flaw similar to Postfix’s CVE-2011-0411. If you’re using + TLS, upgrading is recommended. + * Provide ANSI-compliant MySQL configuration example. + * Fix some issues with man pages. + +------------------------------------------------------------------- +Thu Oct 7 13:29:41 UTC 2010 - [email protected] + +- add pure-ftpd-1.0.22-oes-bugfix-534424.patch for tracking OES patches +- use macro with_oes to determine if OES patches might be applied or not + +------------------------------------------------------------------- +Tue Sep 14 18:24:00 UTC 2010 - [email protected] + +- Use with-rfc2640 [bnc#638626] + +------------------------------------------------------------------- +Tue Jul 20 15:32:37 UTC 2010 - [email protected] + +- add missing buildRequires on libcap-devel + +------------------------------------------------------------------- +Tue May 25 13:10:33 UTC 2010 - [email protected] + +- $remote_fs --> network-remotefs + +------------------------------------------------------------------- +Fri May 14 18:34:37 UTC 2010 - [email protected] + +- Added "--with-virtualchroot" option; +- Spec file cleaned with spec-cleaner; +- updated to version 1.0.29: + - max_dlmap_size was size_t instead off_t, causing misalignment while + downloading > 4 Gb files on a 32-bits arch. + - pread() vs lseek()+read() was a useless optimization, since pread() + doesn't change the file position and further reads weren't going through + plain read() calls. + - iconv_fd_* should be initialized by (iconv_t) -1 as we test them upon + exit. Fixes segfaults on glibc. + - pure-uploadscript tries to reach the pipe during 30 seconds instead of 10. +- changes in version 1.0.28: + - FTPD_PAM_SERVICE_NAME can be defined in order to change the PAM service + name. + - When an upload gets renamed (--autorename), send the new name to the + uploadscript instead of the original one. + - The ALLO command now checks for the actual disk space in addition to the + virtal quota. + - Work around OSX broken poll() + - After an atomic resumed upload, don't append the previous file size to the + quota. + - Always accept OPTS UTF8 ON, but refuse OPTS UTF8 OFF if client_charset is + UTF8. + - Fix AUTHD_ENCRYPTED + - Reset the CWD failures counter after a successful directory has been + created. It avoids spurious disconnections with ncftp. + - Support for iPhone has been moved to another branch. + - Fix crash with PostgreSQL. + +------------------------------------------------------------------- +Fri Feb 12 15:27:50 UTC 2010 - [email protected] + +- updated to version 1.0.27: + - Have pureftpd_shutdown() shut the server down even if a client is + connected on iPhone. + - Allow users with no quota to delete .pureftpd-upload-* files. + - Unbreak ipv6 support, reported by Brad Smith. + - Disable SSLv3 renegotiation if an old SSL library is used. If you really + want to re-enable SSLv3 renegotiation, even with a recent library, you can + always define ACCEPT_SSL_RENEGOTIATION. +- changes in version 1.0.26: + - Fix incompatibilities with Cyberduck when TLS is enabled. + - Don't TLS_accept() immediately after accept(). Reply on the connection + socket first, so that clients don't have to wait before knowing that they + can actually use TLS. It avoids lags with LFTP and hangs with Cyberduck. + - Properly change the process name on Linux when the -S option is used, by + Margus Kaidja. + - Unbreak authentication of non-chrooted users. Thanks to Juergen Daubert + for the bug report. +- changes in version 1.0.25: + - Show symlinks as symlinks in MLSD, except when the broken client + compatibility mode is turned on and links are not dangling (just like the + old LIST and NLIST commands). Reported by Mime Cuvalo. + - More gcc 2 compatibility, thanks to Todd Rinaldo. + - Properly handle custom paths in man pages. Thanks to Scott Haneda and + Mathieu Parisot. + - Have $localstatedir default to /var as it used to be unless + --localstatedir=... is explicitely passed to ./configure + - Use @VERSION@ in man pages. + - --without-pam disables PAM on OSX and iPhone. + - Allow cross-compilation. + - Experimental iPhone target. + - Change the way it links, building a library first. + - Don't use mmap() any more for downloads. It's too slow. + - Don't use hard-coded paths in order to find MySQL and PostgreSQL + libraries and header files. Use mysql_config and pg_config instead. + Suggested by John Alberts. + - Log the DELE command similar to the RETR and STOR commands. Suggested by + Martin Fuxa. + - The primary group gets cached so that it's always displayed in directory + listings. + - Avoid a client process to burn CPU in an infinite loop if the command + channel gets disconnected before the data channel. Reported by Thomas Min + and Margus Kaidja. + - Restore the traditional behavior of a download restarting at the end of a + file. For some weird reasons, some clients still insist on doing that. Don't + send a 55x return code, just let them download... nothing. + - Documentation updates. +- changes in version 1.0.24: + - Refuse empty passwords in LDAP bind mode. Reported by Henning Brauer. ++++ 455 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.pure-ftpd.1248.new/pure-ftpd.changes New: ---- pure-ftpd-1.0.20_config.patch pure-ftpd-1.0.20_doc.patch pure-ftpd-1.0.20_ftpwho_path.patch pure-ftpd-1.0.20_virtualhosts.patch pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch pure-ftpd-1.0.32-portrange.patch pure-ftpd-1.0.36-cap-audit-control.patch pure-ftpd-1.0.36.tar.bz2 pure-ftpd.changes pure-ftpd.firewall pure-ftpd.init pure-ftpd.pamd pure-ftpd.service pure-ftpd.spec pure-ftpd.xinetd pure-ftpd.xml ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pure-ftpd.spec ++++++ # # spec file for package pure-ftpd # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: pure-ftpd Version: 1.0.36 Release: 0 Summary: A Lightweight, Fast, and Secure FTP Server License: BSD-3-Clause Group: Productivity/Networking/Ftp/Servers Url: http://www.pureftpd.org Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.bz2 Source1: %{name}.init Source2: %{name}.pamd Source3: %{name}.xinetd Source4: %{name}.xml Source5: %{name}.firewall #http://pkgs.fedoraproject.org/gitweb/?p=pure-ftpd.git;a=blob_plain;f=pure-ftpd.service Source6: pure-ftpd.service # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_config.patch -- Custom service configs. Patch: %{name}-1.0.20_config.patch # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_doc.patch -- Adjust command paths on documentation. Patch1: %{name}-1.0.20_doc.patch # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_virtualhosts.patch -- Custom VHOST_PATH on openSUSE. Patch2: %{name}-1.0.20_virtualhosts.patch Patch5: %{name}-1.0.20_ftpwho_path.patch # PATCH-FIX-UPSTREAM %{name}-1.0.32-default_tcp_sedrcv_buffer_size.patch Patch7: %{name}-1.0.32-default_tcp_sedrcv_buffer_size.patch # PATCH-FEATURE-OPENSUSE %{name}-1.0.32-portrange.patch -- Add PassivePortRange to "%numpairc_switch_for". Patch8: %{name}-1.0.32-portrange.patch # PATCH-FIX-OPENSUSE: bnc#789833 # won't be upstreamed, can be dropped when systemd will be only one init system and kernel get AUDIT_LOGINUID_IMMUTABLE Patch9: pure-ftpd-1.0.36-cap-audit-control.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libcap-devel BuildRequires: mysql-devel BuildRequires: openldap2-devel BuildRequires: pam-devel BuildRequires: postgresql-devel Requires(pre): %insserv_prereq Requires(pre): coreutils Provides: ftp-server Provides: pureftpd = %{version}-%{release} %{!?_initddir: %global _initddir /etc/init.d} %if 0%{?suse_version} > 1140 BuildRequires: systemd %{?systemd_requires} %define have_systemd 1 %endif %description Pure-FTPd is a fast, production-quality, and standard-conforming FTP server, based-on Troll-FTPd. Unlike other popular FTP servers, it has no known security flaws, is trivial to set up, and is especially designed for modern Linux kernels (setfsuid and sendfile capabilities) . Features include: PAM support, IPv6, chroot()ed home directories, virtual domains, built-in LS, anti-warez system, bandwidth throttling, FXP, bounded ports for passive downloads, upload and download ratios, Apache log files, and more. %prep %setup -q %patch %patch1 %patch2 %patch5 %patch7 %patch8 %patch9 -p1 %build CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector" %configure --with-rfc2640 \ --sysconfdir=%{_sysconfdir}/%{name} \ --with-ldap \ --with-paranoidmsg \ --with-altlog \ --with-virtualhosts \ --with-ftpwho \ --with-mysql \ --with-nonalnum \ --with-pgsql \ --with-cookie \ --with-throttling \ --with-ratios \ --with-uploadscript \ --with-diraliases \ --with-pam \ --with-puredb \ --with-sysquotas \ --with-quotas \ --with-inetd \ --with-tls \ --with-boring \ --with-peruserlimits \ --with-largefile %_target_cpu-suse-linux \ --with-virtualchroot %{__make} cat configuration-file/pure-config.pl |grep -v "^print" | grep -v "^exec" > configuration-file/pure-config-args echo "print join(\" \", @flg);" >> configuration-file/pure-config-args %install %makeinstall %{__install} -dD -m 0755 \ %{buildroot}%{_sysconfdir}/{init.d,%{name},%{name}/vhosts,pam.d,xinetd.d,openldap/schema} %{__install} -m 0755 \ configuration-file/pure-config.pl \ configuration-file/pure-config-args \ %{buildroot}%{_sbindir} %{__install} -m 0644 configuration-file/pure-ftpd.conf \ %{buildroot}%{_sysconfdir}/%{name} %{__install} -m 0755 %{S:1} %{buildroot}%{_sysconfdir}/init.d/%{name} ln -sf /etc/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name} %{__install} -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/pure-ftpd %{__install} -m 0644 %{S:3} %{buildroot}%{_sysconfdir}/xinetd.d/pure-ftpd %{__install} -m 0644 pureftpd.schema %{buildroot}%{_sysconfdir}/openldap/schema/ %{__install} -d %{buildroot}%{_datadir}/omc/svcinfo.d/ %{__install} -m 0644 %{S:4} %{buildroot}%{_datadir}/omc/svcinfo.d/ %{__install} -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ %{__install} -m 644 %{S:5} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%name %if 0%{?have_systemd} %{__install} -D -m0644 %{S:6} %{buildroot}%{_unitdir}/%{name}.service %endif %clean %{__rm} -rf %{buildroot} %pre %if 0%{?have_systemd} %service_add_pre %{name}.service %endif %preun %stop_on_removal %{name} %if 0%{?have_systemd} %service_del_preun %{name}.service %endif %post if [ -f etc/pure-ftpd.conf ]; then mv etc/pure-ftpd.conf etc/pure-ftpd/pure-ftpd.conf fi %if 0%{?have_systemd} %service_add_post %{name}.service %endif %postun %insserv_cleanup %restart_on_update %{name} %if 0%{?have_systemd} %service_del_postun %{name}.service %endif %files %defattr(-, root, root) %{_datadir}/omc/svcinfo.d/%name.xml %doc AUTHORS CONTACT COPYING NEWS THANKS README README.Contrib %doc README.Configuration-File HISTORY README.Virtual-Users %doc README.LDAP pureftpd-ldap.conf README.MySQL README.PGSQL README.TLS %{_mandir}/man8/* %{_bindir}/* %{_sbindir}/* %dir %{_sysconfdir}/openldap %dir %{_sysconfdir}/openldap/schema %dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}/vhosts %config %{_sysconfdir}/openldap/schema/pureftpd.schema %config %{_sysconfdir}/init.d/pure-ftpd %config %{_sysconfdir}/pam.d/pure-ftpd %config(noreplace) %{_sysconfdir}/%{name}/pure-ftpd.conf %config(noreplace) %{_sysconfdir}/xinetd.d/pure-ftpd %config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%name %if 0%{?have_systemd} %{_unitdir}/%{name}.service %endif %changelog ++++++ pure-ftpd-1.0.20_config.patch ++++++ Index: configuration-file/pure-ftpd.conf.in =================================================================== --- configuration-file/pure-ftpd.conf.in.orig 2012-04-10 13:13:50.172790238 +0200 +++ configuration-file/pure-ftpd.conf.in 2012-04-10 13:28:29.870404545 +0200 @@ -37,7 +37,7 @@ # Maximum number of simultaneous users -MaxClientsNumber 50 +MaxClientsNumber 10 @@ -49,7 +49,7 @@ # Maximum number of sim clients with the same IP address -MaxClientsPerIP 8 +MaxClientsPerIP 3 @@ -59,6 +59,9 @@ VerboseLog no +# Allow dot-files +AllowDotFiles yes + # List dot-files even when the client doesn't send "-a". @@ -68,7 +71,7 @@ # Don't allow authenticated users - have a public anonymous FTP only. -AnonymousOnly no +AnonymousOnly yes @@ -107,23 +110,23 @@ # LDAP configuration file (see README.LDAP) -# LDAPConfigFile /etc/pureftpd-ldap.conf +# LDAPConfigFile /etc/pure-ftpd/pureftpd-ldap.conf # MySQL configuration file (see README.MySQL) -# MySQLConfigFile /etc/pureftpd-mysql.conf +# MySQLConfigFile /etc/pure-ftpd/pureftpd-mysql.conf # Postgres configuration file (see README.PGSQL) -# PGSQLConfigFile /etc/pureftpd-pgsql.conf +# PGSQLConfigFile /etc/pure-ftpd/pureftpd-pgsql.conf # PureDB user database (see README.Virtual-Users) -# PureDB /etc/pureftpd.pdb +# PureDB /etc/pure-ftpd/pureftpd.pdb # Path to pure-authd socket (see README.Authentication-Modules) @@ -134,7 +137,7 @@ # If you want to enable PAM authentication, uncomment the following line -# PAMAuthentication yes +PAMAuthentication yes @@ -177,7 +180,7 @@ # Port range for passive connections replies. - for firewalling. -# PassivePortRange 30000 50000 +PassivePortRange 30000 30100 @@ -230,14 +233,26 @@ # File creation mask. <umask for files>:<umask for dirs> . # 177:077 if you feel paranoid. +# Note: on SUSE systems umask is overrided by pam_umask inherited from +# /etc/pam.d/common-session. In case the system-wide default does not +# fit you, you can either +# +# 1.) add line 'session optional pam_umask.so umask=$value' into +# /etc/pam.d/pure-ftpd, so all changes in common-session will apply +# for pure-ftpd as well, but config file will be still ignored +# +# 2.) replace the line 'session include common-session' in +# /etc/pam.d/pure-ftpd by the content of /etc/pam.d/common-session, +# remove the line 'session optional pam_umask.so' and uncomment the +# line below -Umask 133:022 +#Umask 177:077 # Minimum UID for an authenticated user to log in. -MinUID 100 +MinUID 40 @@ -257,7 +272,7 @@ # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. -ProhibitDotFilesWrite no +ProhibitDotFilesWrite yes @@ -270,13 +285,13 @@ # Never overwrite files. When a file whose name already exist is uploaded, # it get automatically renamed to file.1, file.2, file.3, ... -AutoRename no +AutoRename yes # Disallow anonymous users to upload new files (no = upload is allowed) -AnonymousCantUpload no +AnonymousCantUpload yes @@ -373,7 +388,7 @@ # Set to 'yes' if you don't want your users to rename files. -#NoRename yes +NoRename yes @@ -449,3 +464,4 @@ # FileSystemCharset big5 # ClientCharset big5 + Index: pureftpd-mysql.conf =================================================================== --- pureftpd-mysql.conf.orig 2012-04-10 13:13:50.172790238 +0200 +++ pureftpd-mysql.conf 2012-04-10 13:13:55.839987609 +0200 @@ -19,17 +19,18 @@ # Optional : define the location of mysql.sock if the server runs on this host. -MYSQLSocket /tmp/mysql.sock +MYSQLSocket /var/lib/mysql/mysql.sock # Mandatory : user to bind the server as. - -MYSQLUser root - +# +# using the Database root user is always a bad idea. +# +MYSQLUser ftpd # Mandatory : user password. You must have a password. -MYSQLPassword rootpw +MYSQLPassword ftpdpw # Mandatory : database to open. Index: pureftpd-pgsql.conf =================================================================== --- pureftpd-pgsql.conf.orig 2012-04-10 13:13:50.172790238 +0200 +++ pureftpd-pgsql.conf 2012-04-10 13:13:55.840987643 +0200 @@ -16,6 +16,7 @@ # PGSQLPort .s.PGSQL.5432 # Mandatory : user to bind the server as. + PGSQLUser postgres # Mandatory : user password. You *must* have a password. ++++++ pure-ftpd-1.0.20_doc.patch ++++++ only in patch2: unchanged: ================================================================================ --- README.Configuration-File +++ README.Configuration-File @@ -3,12 +3,12 @@ flag is designed to speed up highly loaded servers, by avoiding DNS lookups. To enable this, just add it to the server name: -/usr/local/sbin/pure-ftpd -H +/usr/sbin/pure-ftpd -H Alternative long options are also supported. Here's an equivalent of the previous command: -/usr/local/sbin/pure-ftpd --dontresolve +/usr/sbin/pure-ftpd --dontresolve But you can use traditional configuration files over command-line options. Adding a parser for configuration files in the server is a bad @@ -22,16 +22,17 @@ configuration file called 'pure-ftpd.conf' to a suitable location, say /etc: cd configuration-files -cp pure-ftpd.conf /etc +mkdir /etc/pure-ftpd/ +cp pure-ftpd.conf /etc/pure-ftpd/ -Edit /etc/pure-ftpd.conf according to your needs. +Edit /etc/pure-ftpd/pure-ftpd.conf according to your needs. Then, to start the server, just run the following command: chmod 755 pure-config.pl ./pure-config.pl /etc/pure-ftpd.conf -This is a simple Perl script that will run /usr/local/sbin/pure-ftpd with +This is a simple Perl script that will run /usr/sbin/pure-ftpd with the right options, according to the configuration file. And because there's a Python vs. Perl friendly war since ages, we also ++++++ pure-ftpd-1.0.20_ftpwho_path.patch ++++++ Index: src/ftpwho-update.h =================================================================== --- src/ftpwho-update.h.orig +++ src/ftpwho-update.h @@ -26,6 +26,9 @@ typedef struct FTPWhoEntry_ { volatile off_t download_total_size; volatile off_t download_current_size; char account[MAX_USER_LENGTH + 1U]; +#ifdef PATH_MAX + char filename[PATH_MAX]; +#else #if defined(__OpenBSD__) char filename[1024]; #else @@ -39,6 +42,7 @@ typedef struct FTPWhoEntry_ { char filename[1024]; # endif #endif +#endif } FTPWhoEntry; int ftpwho_initwho(void); ++++++ pure-ftpd-1.0.20_virtualhosts.patch ++++++ Index: src/ftpd.h =================================================================== --- src/ftpd.h.orig 2012-04-10 13:13:50.081787071 +0200 +++ src/ftpd.h 2012-04-10 13:15:02.434306712 +0200 @@ -411,7 +411,7 @@ #endif #ifndef VHOST_PATH -# define VHOST_PATH CONFDIR "/pure-ftpd" +# define VHOST_PATH CONFDIR "/vhosts" #endif #ifdef WITH_TLS ++++++ pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch ++++++ Index: configure =================================================================== --- configure.orig 2012-04-10 13:11:53.944741960 +0200 +++ configure 2012-04-10 13:12:09.310277199 +0200 @@ -12650,107 +12650,12 @@ $as_echo "no" >&6; } fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking default TCP send buffer size" >&5 -$as_echo_n "checking default TCP send buffer size... " >&6; } -if test "$cross_compiling" = yes; then : - CONF_TCP_SO_SNDBUF=65536 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include <stdio.h> -#ifdef STDC_HEADERS -# include <stdlib.h> -# include <stddef.h> -#else -# if HAVE_STDLIB_H -# include <stdlib.h> -# endif -#endif -#ifdef HAVE_UNISTD_H -# include <unistd.h> -#endif -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -int main(void) -{ - int fd,val=0,len=sizeof(int); - if ((fd = socket(PF_INET, SOCK_STREAM, 0)) < 0) return 1; - if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &val, &len) < 0) return 1; - if (val <= 0) return 1; - fprintf (fopen("conftestval", "w"), "%d\n", val); - return 0; -} - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - CONF_TCP_SO_SNDBUF=`cat conftestval` -else - CONF_TCP_SO_SNDBUF=65536 -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CONF_TCP_SO_SNDBUF" >&5 -$as_echo "$CONF_TCP_SO_SNDBUF" >&6; } - - cat >>confdefs.h <<_ACEOF -#define CONF_TCP_SO_SNDBUF $CONF_TCP_SO_SNDBUF +#define CONF_TCP_SO_SNDBUF 65536 _ACEOF - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking default TCP receive buffer size" >&5 -$as_echo_n "checking default TCP receive buffer size... " >&6; } -if test "$cross_compiling" = yes; then : - CONF_TCP_SO_RCVBUF=65536 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include <stdio.h> -#ifdef STDC_HEADERS -# include <stdlib.h> -# include <stddef.h> -#else -# if HAVE_STDLIB_H -# include <stdlib.h> -# endif -#endif -#ifdef HAVE_UNISTD_H -# include <unistd.h> -#endif -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -int main(void) -{ - int fd,val=0,len=sizeof(int); - if ((fd = socket(PF_INET, SOCK_STREAM, 0)) < 0) return 1; - if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &val, &len) < 0) return 1; - if (val <= 0) return 1; - fprintf (fopen("conftestval", "w"), "%d\n", val); - return 0; -} - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - CONF_TCP_SO_RCVBUF=`cat conftestval` -else - CONF_TCP_SO_RCVBUF=65536 -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CONF_TCP_SO_RCVBUF" >&5 -$as_echo "$CONF_TCP_SO_RCVBUF" >&6; } - - cat >>confdefs.h <<_ACEOF -#define CONF_TCP_SO_RCVBUF $CONF_TCP_SO_RCVBUF +#define CONF_TCP_SO_RCVBUF 65536 _ACEOF ++++++ pure-ftpd-1.0.32-portrange.patch ++++++ Index: configuration-file/pure-config.pl.in =================================================================== --- configuration-file/pure-config.pl.in.orig +++ configuration-file/pure-config.pl.in @@ -81,9 +81,10 @@ my %numpairb_switch_for = ( ); my %numpairc_switch_for = ( - Umask => "-U", - Quota => "-n", - PerUserLimits => "-y", + Umask => "-U", + Quota => "-n", + PerUserLimits => "-y", + PassivePortRange => "-p", ); my %auth_method_for = ( ++++++ pure-ftpd-1.0.36-cap-audit-control.patch ++++++ Index: pure-ftpd-1.0.36/src/caps_p.h =================================================================== --- pure-ftpd-1.0.36.orig/src/caps_p.h +++ pure-ftpd-1.0.36/src/caps_p.h @@ -7,7 +7,8 @@ # endif cap_value_t cap_keep_startup[] = { -# if defined(USE_PAM) && defined(CAP_AUDIT_WRITE) +# if defined(USE_PAM) && defined(CAP_AUDIT_CONTROL) && defined(CAP_AUDIT_WRITE) + CAP_AUDIT_CONTROL, CAP_AUDIT_WRITE, # endif CAP_SETGID, ++++++ pure-ftpd.firewall ++++++ ## Name: pureftpd ## Description: Opens ports for pureftpd with broadcast allowed. # space separated list of allowed TCP ports TCP="ftp 30000:30100" # space separated list of allowed UDP ports UDP="" # space separated list of allowed RPC services RPC="" # space separated list of allowed IP protocols IP="" # space separated list of allowed UDP broadcast ports BROADCAST="" ++++++ pure-ftpd.init ++++++ #! /bin/sh # Copyright (c) 2001, 2002 SuSE GmbH Nuernberg, Germany. # # Author: Thorsten Kukuk <[email protected]> # # /etc/init.d/pure-ftpd # # and symbolic its link # # /usr/sbin/rcpure-ftpd # # System startup script for the pure ftp daemon # ### BEGIN INIT INFO # Provides: pure-ftpd # Required-Start: network-remotefs $syslog $remote_fs # Required-Stop: network-remotefs $syslog $remote_fs # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: Start pure-ftpd ftp server. # Description: Start pure-ftpd ftp server. ### END INIT INFO FTPD_BIN=/usr/sbin/pure-ftpd test -x $FTPD_BIN || exit 5 # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed <num> set local and overall rc status to <num><num> # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status . /etc/rc.status # First reset status of this service rc_reset # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. case "$1" in start) echo -n "Starting pure-ftpd" #FTPD_ARGS=`/usr/sbin/pure-config-args /etc/pure-ftpd/pure-ftpd.conf` #startproc $FTPD_BIN $FTPD_ARGS startproc /usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize rc_status -v ;; stop) echo -n "Shutting down pure-ftpd" killproc -G -TERM $FTPD_BIN rc_status -v ;; try-restart) $0 status >/dev/null && $0 restart rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start rc_status ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. echo -n "Reload service pure-ftpd" $0 stop && $0 start rc_status ;; reload) ## Like force-reload, but if daemon does not support ## signalling, do nothing (!) echo -n "Reload service pure-ftpd" rc_failed 3 rc_status -v ;; status) echo -n "Checking for pure-ftpd: " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. # Status has a slightly different for the status command: # 0 - service running # 1 - service dead, but /var/run/ pid file exists # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running # NOTE: checkproc returns LSB compliant status values. checkproc $FTPD_BIN rc_status -v ;; probe) test /etc/pure-ftpd/pure-ftpd.conf -nt /var/run/pure-ftpd.pid && \ echo restart ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit ++++++ pure-ftpd.pamd ++++++ #%PAM-1.0 auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required pam_shells.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session ++++++ pure-ftpd.service ++++++ [Unit] Description=Pure-FTPd FTP server After=syslog.target network.target [Service] Type=forking PIDFile=/var/run/pure-ftpd.pid ExecStart=/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize [Install] WantedBy=multi-user.target ++++++ pure-ftpd.xinetd ++++++ # default: off # description: The ftpd server serves FTP connections. It uses normal, \ # unencrypted usernames and passwords for authentication. This ftpd is \ # the pure-ftpd. # ** NOTE ** when using pure-ftpd from xinetd the arguments to control # it's behaviour should be added here in this file in the # "server_args" line since the configuration file # /etc/pure-ftpd.conf is only for standalone pure-ftpd. # The command "/usr/sbin/pure-config-args /etc/pure-ftpd.conf" # will print the arguments needed for behaviour like standalone # pure-ftpd. service ftp { socket_type = stream server = /usr/sbin/pure-ftpd # server_args = protocol = tcp user = root wait = no disable = yes } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
