Hello community, here is the log from the commit of package pure-ftpd for openSUSE:Factory checked in at 2015-06-06 09:54:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pure-ftpd (Old) and /work/SRC/openSUSE:Factory/.pure-ftpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pure-ftpd" Changes: -------- --- /work/SRC/openSUSE:Factory/pure-ftpd/pure-ftpd.changes 2014-04-13 13:16:34.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pure-ftpd.new/pure-ftpd.changes 2015-06-06 09:54:27.000000000 +0200 @@ -1,0 +2,37 @@ +Fri Jun 5 08:38:25 UTC 2015 - [email protected] + +- Reenable sle11 builds I need for testing. + +------------------------------------------------------------------- +Fri Jun 5 07:51:32 UTC 2015 - [email protected] + +- Remove gpg/keyring, not provided now by upstream +- Cleanup with spec-cleaner +- Update to latest upstream 1.0.39: + * Explicitly include openssl/ec.h for OpenSSL 0.9.8 (CentOS 5) + * Retry if SSL_shutdown() returns -1 and SSL_ERROR_WANT_(READ|WRITE) + * The default cipher suite is now + ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SH + * TLS forward secrecy support was added. DH parameters are loaded from + TLS_DHPARAMS_FILE, if present. ECDH is also supported - Default curve + is prime256v1 (TLS_DEFAULT_ECDH_CURVE). The best curve is automatically + selected when using LibreSSL. + * scrypt hashed passwords can be used in the MySQL, PostgreSQL and + LDAP backends. + * The -C: prefix can be added to the cipher suite in order to make valid + client certificates mandatory. This is no longer a compile-time option. + * The Clear Command Channel (CCC) command is now supported. + * pure-config.py is compatible with Python 3. + * SSL (v2, v3) is refused by default. + * The PureDB backend supports the scrypt function in order to hash + passwords. This is the preferred algorithm, but requires the presence + of libsodium. + * DES-hashed passwords are not supported any more. + * LDAP uid and gid values can over overridden in the LDAP configuration file. + * RC4 was killed. +- Refreshed patches: + * pure-ftpd-1.0.20_config.patch + * pure-ftpd-1.0.20_doc.patch + * pure-ftpd-1.0.20_ftpwho_path.patch + +------------------------------------------------------------------- Old: ---- pure-ftpd-1.0.36.tar.bz2 pure-ftpd-1.0.36.tar.bz2.gpg pure-ftpd.keyring New: ---- pure-ftpd-1.0.39.tar.gz pure-ftpd.init ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pure-ftpd.spec ++++++ --- /var/tmp/diff_new_pack.vlbxoR/_old 2015-06-06 09:54:28.000000000 +0200 +++ /var/tmp/diff_new_pack.vlbxoR/_new 2015-06-06 09:54:28.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package pure-ftpd # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,23 +17,21 @@ Name: pure-ftpd -Version: 1.0.36 +Version: 1.0.39 Release: 0 Summary: A Lightweight, Fast, and Secure FTP Server License: BSD-3-Clause Group: Productivity/Networking/Ftp/Servers Url: http://www.pureftpd.org -Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.bz2 +Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%{version}.tar.gz +Source1: %{name}.init Source2: %{name}.pamd Source3: %{name}.xinetd Source4: %{name}.xml Source5: %{name}.firewall -#http://pkgs.fedoraproject.org/gitweb/?p=pure-ftpd.git;a=blob_plain;f=pure-ftpd.service -Source6: pure-ftpd.service -Source1000: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.bz2.gpg -Source1001: %{name}.keyring +Source6: %{name}.service # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_config.patch -- Custom service configs. -Patch: %{name}-1.0.20_config.patch +Patch0: %{name}-1.0.20_config.patch # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_doc.patch -- Adjust command paths on documentation. Patch1: %{name}-1.0.20_doc.patch # PATCH-FEATURE-OPENSUSE %{name}-1.0.20_virtualhosts.patch -- Custom VHOST_PATH on openSUSE. @@ -46,8 +44,6 @@ # PATCH-FIX-OPENSUSE: bnc#789833 # won't be upstreamed, can be dropped when systemd will be only one init system and kernel get AUDIT_LOGINUID_IMMUTABLE Patch9: pure-ftpd-1.0.36-cap-audit-control.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: gpg-offline BuildRequires: libcap-devel BuildRequires: mysql-devel BuildRequires: openldap2-devel @@ -56,8 +52,13 @@ Requires(pre): coreutils Provides: ftp-server Provides: pureftpd = %{version}-%{release} +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if 0%{?suse_version} > 1140 BuildRequires: pkgconfig(systemd) %{?systemd_requires} +%else +Requires(pre): %insserv_prereq +%endif %description Pure-FTPd is a fast, production-quality, and standard-conforming FTP @@ -70,9 +71,8 @@ Apache log files, and more. %prep -%gpg_verify %{S:1000} %setup -q -%patch +%patch0 %patch1 %patch2 %patch5 @@ -82,7 +82,8 @@ %build CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector" -%configure --with-rfc2640 \ +%configure \ + --with-rfc2640 \ --sysconfdir=%{_sysconfdir}/%{name} \ --with-ldap \ --with-paranoidmsg \ @@ -105,58 +106,75 @@ --with-tls \ --with-boring \ --with-peruserlimits \ - --with-largefile %_target_cpu-suse-linux \ + --with-largefile %{_target_cpu}-suse-linux \ --with-virtualchroot -%{__make} +make %{?_smp_mflags} cat configuration-file/pure-config.pl |grep -v "^print" | grep -v "^exec" > configuration-file/pure-config-args echo "print join(\" \", @flg);" >> configuration-file/pure-config-args %install -%makeinstall +make DESTDIR=%{buildroot} install %{?_smp_mflags} -%{__install} -dD -m 0755 \ +install -dD -m 0755 \ %{buildroot}%{_sysconfdir}/{%{name},%{name}/vhosts,pam.d,xinetd.d,openldap/schema} -%{__install} -m 0755 \ +install -m 0755 \ configuration-file/pure-config.pl \ configuration-file/pure-config-args \ %{buildroot}%{_sbindir} -%{__install} -m 0644 configuration-file/pure-ftpd.conf \ +install -m 0644 configuration-file/pure-ftpd.conf \ %{buildroot}%{_sysconfdir}/%{name} -ln -sf /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name} - -%{__install} -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/pure-ftpd -%{__install} -m 0644 %{S:3} %{buildroot}%{_sysconfdir}/xinetd.d/pure-ftpd -%{__install} -m 0644 pureftpd.schema %{buildroot}%{_sysconfdir}/openldap/schema/ -%{__install} -d %{buildroot}%{_datadir}/omc/svcinfo.d/ -%{__install} -m 0644 %{S:4} %{buildroot}%{_datadir}/omc/svcinfo.d/ - -%{__install} -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ -%{__install} -m 644 %{S:5} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%name - -%{__install} -D -m0644 %{S:6} %{buildroot}%{_unitdir}/%{name}.service - -%clean -%{__rm} -rf %{buildroot} +install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/pure-ftpd +install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/pure-ftpd +install -m 0644 pureftpd.schema %{buildroot}%{_sysconfdir}/openldap/schema/ +install -d %{buildroot}%{_datadir}/omc/svcinfo.d/ +install -m 0644 %{SOURCE4} %{buildroot}%{_datadir}/omc/svcinfo.d/ + +install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ +install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} + +%if 0%{?suse_version} > 1140 +install -D -m0644 %{SOURCE6} %{buildroot}%{_unitdir}/%{name}.service +ln -sf service %{buildroot}%{_sbindir}/rc%{name} +%else +install -D -m 0755 %{SOURCE1} %{buildroot}%{_initddir}/%{name} +mkdir -p %{buildroot}%{_sbindir} +ln -sf %{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name} +%endif %pre +%if 0%{?suse_version} > 1140 %service_add_pre %{name}.service +%endif %preun +%if 0%{?suse_version} > 1140 %service_del_preun %{name}.service +%else +%stop_on_removal %{name} +%endif %post if [ -f etc/pure-ftpd.conf ]; then mv etc/pure-ftpd.conf etc/pure-ftpd/pure-ftpd.conf fi +%if 0%{?suse_version} > 1140 %service_add_post %{name}.service +%else +%fillup_and_insserv %{name} +%endif %postun +%if 0%{?suse_version} > 1140 %service_del_postun %{name}.service +%else +%restart_on_update %{name} +%insserv_cleanup +%endif %files %defattr(-, root, root) -%{_datadir}/omc/svcinfo.d/%name.xml +%{_datadir}/omc/svcinfo.d/%{name}.xml %doc AUTHORS CONTACT COPYING NEWS THANKS README README.Contrib %doc README.Configuration-File HISTORY README.Virtual-Users %doc README.LDAP pureftpd-ldap.conf README.MySQL README.PGSQL README.TLS @@ -171,7 +189,11 @@ %config %{_sysconfdir}/pam.d/pure-ftpd %config(noreplace) %{_sysconfdir}/%{name}/pure-ftpd.conf %config(noreplace) %{_sysconfdir}/xinetd.d/pure-ftpd -%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%name +%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} +%if 0%{?suse_version} > 1140 %{_unitdir}/%{name}.service +%else +%{_initddir}/%{name} +%endif %changelog ++++++ pure-ftpd-1.0.20_config.patch ++++++ --- /var/tmp/diff_new_pack.vlbxoR/_old 2015-06-06 09:54:28.000000000 +0200 +++ /var/tmp/diff_new_pack.vlbxoR/_new 2015-06-06 09:54:28.000000000 +0200 @@ -1,8 +1,8 @@ Index: configuration-file/pure-ftpd.conf.in =================================================================== ---- configuration-file/pure-ftpd.conf.in.orig 2012-08-29 09:05:46.928152475 +0200 -+++ configuration-file/pure-ftpd.conf.in 2012-08-29 09:07:01.064801607 +0200 -@@ -37,19 +37,20 @@ +--- configuration-file/pure-ftpd.conf.in.orig ++++ configuration-file/pure-ftpd.conf.in +@@ -37,19 +37,20 @@ BrokenClientsCompatibility no # Maximum number of simultaneous users @@ -27,7 +27,7 @@ -@@ -59,6 +60,9 @@ +@@ -59,6 +60,9 @@ MaxClientsPerIP 8 VerboseLog no @@ -37,7 +37,7 @@ # List dot-files even when the client doesn't send "-a". -@@ -68,7 +72,7 @@ +@@ -68,7 +72,7 @@ DisplayDotFiles yes # Don't allow authenticated users - have a public anonymous FTP only. @@ -46,7 +46,7 @@ -@@ -107,23 +111,23 @@ +@@ -107,23 +111,23 @@ MaxIdleTime 15 # LDAP configuration file (see README.LDAP) @@ -74,7 +74,7 @@ # Path to pure-authd socket (see README.Authentication-Modules) -@@ -134,7 +138,7 @@ +@@ -134,7 +138,7 @@ MaxIdleTime 15 # If you want to enable PAM authentication, uncomment the following line @@ -83,7 +83,7 @@ -@@ -177,7 +181,7 @@ +@@ -177,7 +181,7 @@ MaxLoad 4 # Port range for passive connections replies. - for firewalling. @@ -92,7 +92,7 @@ -@@ -230,14 +234,26 @@ +@@ -230,14 +234,26 @@ AntiWarez yes # File creation mask. <umask for files>:<umask for dirs> . # 177:077 if you feel paranoid. @@ -121,7 +121,7 @@ -@@ -257,7 +273,7 @@ +@@ -257,7 +273,7 @@ AllowAnonymousFXP no # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. @@ -130,7 +130,7 @@ -@@ -270,13 +286,13 @@ +@@ -270,13 +286,13 @@ ProhibitDotFilesRead no # Never overwrite files. When a file whose name already exist is uploaded, # it get automatically renamed to file.1, file.2, file.3, ... @@ -146,7 +146,7 @@ -@@ -373,7 +389,7 @@ +@@ -373,7 +389,7 @@ MaxDiskUsage 99 # Set to 'yes' if you don't want your users to rename files. @@ -155,15 +155,15 @@ -@@ -449,3 +465,4 @@ +@@ -453,3 +469,4 @@ CustomerProof yes # FileSystemCharset big5 # ClientCharset big5 + Index: pureftpd-mysql.conf =================================================================== ---- pureftpd-mysql.conf.orig 2012-08-29 09:05:46.928152475 +0200 -+++ pureftpd-mysql.conf 2012-08-29 09:05:50.166268187 +0200 +--- pureftpd-mysql.conf.orig ++++ pureftpd-mysql.conf @@ -19,17 +19,18 @@ # Optional : define the location of mysql.sock if the server runs on this host. @@ -188,15 +188,3 @@ # Mandatory : database to open. -Index: pureftpd-pgsql.conf -=================================================================== ---- pureftpd-pgsql.conf.orig 2012-08-29 09:05:46.928152475 +0200 -+++ pureftpd-pgsql.conf 2012-08-29 09:05:50.166268187 +0200 -@@ -16,6 +16,7 @@ - # PGSQLPort .s.PGSQL.5432 - - # Mandatory : user to bind the server as. -+ - PGSQLUser postgres - - # Mandatory : user password. You *must* have a password. ++++++ pure-ftpd-1.0.20_doc.patch ++++++ --- /var/tmp/diff_new_pack.vlbxoR/_old 2015-06-06 09:54:28.000000000 +0200 +++ /var/tmp/diff_new_pack.vlbxoR/_new 2015-06-06 09:54:28.000000000 +0200 @@ -1,41 +1,44 @@ only in patch2: unchanged: ================================================================================ ---- README.Configuration-File +Index: README.Configuration-File +=================================================================== +--- README.Configuration-File.orig +++ README.Configuration-File -@@ -3,12 +3,12 @@ - flag is designed to speed up highly loaded servers, by avoiding DNS lookups. +@@ -4,12 +4,12 @@ flag recommended and avoids DNS lookups. + To enable this, just add it to the server name: --/usr/local/sbin/pure-ftpd -H -+/usr/sbin/pure-ftpd -H +- /usr/local/sbin/pure-ftpd -H ++ /usr/sbin/pure-ftpd -H Alternative long options are also supported. Here's an equivalent of the previous command: --/usr/local/sbin/pure-ftpd --dontresolve -+/usr/sbin/pure-ftpd --dontresolve +- /usr/local/sbin/pure-ftpd --dontresolve ++ /usr/sbin/pure-ftpd --dontresolve + + But you can use traditional configuration files over command-line options. - But you can use traditional configuration files over command-line - options. Adding a parser for configuration files in the server is a bad -@@ -22,16 +22,17 @@ +@@ -20,17 +20,17 @@ options. Then, the server will be starte + Please have a look at the 'configuration-files' directory. Copy the sample configuration file called 'pure-ftpd.conf' to a suitable location, say /etc: - cd configuration-files --cp pure-ftpd.conf /etc -+mkdir /etc/pure-ftpd/ -+cp pure-ftpd.conf /etc/pure-ftpd/ +- cd configuration-files +- cp pure-ftpd.conf /etc ++ mkdir /etc/pure-ftpd/ ++ cp pure-ftpd.conf /etc/pure-ftpd/ -Edit /etc/pure-ftpd.conf according to your needs. +Edit /etc/pure-ftpd/pure-ftpd.conf according to your needs. Then, to start the server, just run the following command: - chmod 755 pure-config.pl - ./pure-config.pl /etc/pure-ftpd.conf + chmod 755 pure-config.pl + ./pure-config.pl /etc/pure-ftpd.conf -This is a simple Perl script that will run /usr/local/sbin/pure-ftpd with +This is a simple Perl script that will run /usr/sbin/pure-ftpd with the right options, according to the configuration file. - And because there's a Python vs. Perl friendly war since ages, we also + We also provide a Python version of this program ('pure-config.py'). ++++++ pure-ftpd-1.0.20_ftpwho_path.patch ++++++ --- /var/tmp/diff_new_pack.vlbxoR/_old 2015-06-06 09:54:28.000000000 +0200 +++ /var/tmp/diff_new_pack.vlbxoR/_new 2015-06-06 09:54:28.000000000 +0200 @@ -4,12 +4,12 @@ +++ src/ftpwho-update.h @@ -26,6 +26,9 @@ typedef struct FTPWhoEntry_ { volatile off_t download_total_size; - volatile off_t download_current_size; + volatile off_t download_current_size; char account[MAX_USER_LENGTH + 1U]; +#ifdef PATH_MAX + char filename[PATH_MAX]; +#else - #if defined(__OpenBSD__) + #if defined(__OpenBSD__) || defined(__Bitrig__) char filename[1024]; #else @@ -39,6 +42,7 @@ typedef struct FTPWhoEntry_ { ++++++ pure-ftpd.init ++++++ #! /bin/sh # Copyright (c) 2001, 2002 SuSE GmbH Nuernberg, Germany. # # Author: Thorsten Kukuk <[email protected]> # # /etc/init.d/pure-ftpd # # and symbolic its link # # /usr/sbin/rcpure-ftpd # # System startup script for the pure ftp daemon # ### BEGIN INIT INFO # Provides: pure-ftpd # Required-Start: network-remotefs $syslog $remote_fs # Required-Stop: network-remotefs $syslog $remote_fs # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: Start pure-ftpd ftp server. # Description: Start pure-ftpd ftp server. ### END INIT INFO FTPD_BIN=/usr/sbin/pure-ftpd test -x $FTPD_BIN || exit 5 # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed <num> set local and overall rc status to <num><num> # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status . /etc/rc.status # First reset status of this service rc_reset # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. case "$1" in start) echo -n "Starting pure-ftpd" #FTPD_ARGS=`/usr/sbin/pure-config-args /etc/pure-ftpd/pure-ftpd.conf` #startproc $FTPD_BIN $FTPD_ARGS startproc /usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize rc_status -v ;; stop) echo -n "Shutting down pure-ftpd" killproc -G -TERM $FTPD_BIN rc_status -v ;; try-restart) $0 status >/dev/null && $0 restart rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start rc_status ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. echo -n "Reload service pure-ftpd" $0 stop && $0 start rc_status ;; reload) ## Like force-reload, but if daemon does not support ## signalling, do nothing (!) echo -n "Reload service pure-ftpd" rc_failed 3 rc_status -v ;; status) echo -n "Checking for pure-ftpd: " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. # Status has a slightly different for the status command: # 0 - service running # 1 - service dead, but /var/run/ pid file exists # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running # NOTE: checkproc returns LSB compliant status values. checkproc $FTPD_BIN rc_status -v ;; probe) test /etc/pure-ftpd/pure-ftpd.conf -nt /var/run/pure-ftpd.pid && \ echo restart ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit ++++++ pure-ftpd.service ++++++ --- /var/tmp/diff_new_pack.vlbxoR/_old 2015-06-06 09:54:28.000000000 +0200 +++ /var/tmp/diff_new_pack.vlbxoR/_new 2015-06-06 09:54:28.000000000 +0200 @@ -3,6 +3,7 @@ After=syslog.target network.target [Service] +PIDFile=/var/run/pure-ftpd.pid ExecStart=/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf [Install]
