Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package pure-ftpd for openSUSE:Factory checked in at 2022-08-09 15:28:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pure-ftpd (Old) and /work/SRC/openSUSE:Factory/.pure-ftpd.new.1521 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pure-ftpd" Tue Aug 9 15:28:09 2022 rev:5 rq:994037 version:1.0.51 Changes: -------- --- /work/SRC/openSUSE:Factory/pure-ftpd/pure-ftpd.changes 2022-01-24 23:10:15.998646167 +0100 +++ /work/SRC/openSUSE:Factory/.pure-ftpd.new.1521/pure-ftpd.changes 2022-08-09 15:28:43.061687814 +0200 @@ -1,0 +2,12 @@ +Mon Aug 1 22:37:52 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 1.0.51: + * Compatibility with OpenSSL 1.1.0 was improved. + * PostgreSQL: the port number is not escaped any more in connection + strings. + * TLS tickets are issued but not renewed - This fixes compatibility + issues with some clients. + * PureDB: additional checks for corrupted databases have been added, + and synchronization to disk uses F_FULLFSYNC on macOS X. + +------------------------------------------------------------------- Old: ---- pure-ftpd-1.0.50.tar.bz2 pure-ftpd-1.0.50.tar.bz2.minisig New: ---- pure-ftpd-1.0.51.tar.bz2 pure-ftpd-1.0.51.tar.bz2.minisig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pure-ftpd.spec ++++++ --- /var/tmp/diff_new_pack.9BVb5V/_old 2022-08-09 15:28:43.757689803 +0200 +++ /var/tmp/diff_new_pack.9BVb5V/_new 2022-08-09 15:28:43.761689815 +0200 @@ -17,7 +17,7 @@ Name: pure-ftpd -Version: 1.0.50 +Version: 1.0.51 Release: 0 Summary: A Lightweight, Fast, and Secure FTP Server License: BSD-3-Clause ++++++ pure-ftpd-1.0.50.tar.bz2 -> pure-ftpd-1.0.51.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/COPYING new/pure-ftpd-1.0.51/COPYING --- old/pure-ftpd-1.0.50/COPYING 2021-01-12 09:58:21.000000000 +0100 +++ new/pure-ftpd-1.0.51/COPYING 2022-01-01 22:49:33.000000000 +0100 @@ -2,7 +2,7 @@ Pure-FTPd is covered by the following license : /* - * Copyright (c) 2001 - 2021 + * Copyright (c) 2001 - 2022 * Frank Denis <j at pureftpd dot org> with help of contributors. * * Permission to use, copy, modify, and/or distribute this software for any diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/ChangeLog new/pure-ftpd-1.0.51/ChangeLog --- old/pure-ftpd-1.0.50/ChangeLog 2021-11-23 23:00:45.000000000 +0100 +++ new/pure-ftpd-1.0.51/ChangeLog 2022-06-14 13:19:51.000000000 +0200 @@ -1,4 +1,13 @@ +* Version 1.0.51: + - Compatibility with OpenSSL 1.1.0 was improved. + - PostgreSQL: the port number is not escaped any more in connection +strings. + - TLS tickets are issued but not renewed - This fixes compatibility +issues with some clients. + - PureDB: additional checks for corrupted databases have been added, +and synchronization to disk uses F_FULLFSYNC on macOS X. + * Version 1.0.50: - Support for MD5, SHA1 and MySQL PASSWORD() function were removed for password hashing. You should now use scrypt, argon2 or the system crypt(3) @@ -12,7 +21,7 @@ necessary, possibly reaching hard-coded limits and causing a forced session close. This has been fixed. - The SPSV command has been removed. - - Under some circunstances, the server would not start when configured + - Under some circumstances, the server would not start when configured with directory aliases. This has been fixed. - PostgreSQL: hard-coded global configuration strings were not escaped. This has been fixed. @@ -181,7 +190,7 @@ * Version 1.0.33: - Sync built-in glob(3) code with OpenBSD-current, and remove code we don't use instead of ifdef'ing it. - - Repair checkproc() on Linux when support for capabitilies is + - Repair checkproc() on Linux when support for capabilities is compiled in. Reported by Eric Gouyer. - Don't read /dev/*random every time we need a value. Just use arc4random() everywhere and seed it before we possibly chroot(). @@ -238,7 +247,7 @@ - When an upload gets renamed (--autorename), send the new name to the uploadscript instead of the original one. - The ALLO command now checks for the actual disk space in addition to the -virtal quota. +virtual quota. - Work around OSX broken poll() - After an atomic resumed upload, don't append the previous file size to the quota. @@ -330,7 +339,7 @@ Zhao. - Almost a complete rewrite of the upload, download and TLS code for more reliability - - Seemlessly handle ABOR without any SIGURG + - Seamlessly handle ABOR without any SIGURG - Try to immediately handle any kind of disconnection - Use poll() rather than select() as much as possible - Distinguish aborted (even the hard way) and completed download and upload @@ -564,7 +573,7 @@ PAM was broken in 1.0.16b due to PAM_SUCCESS not being copied to the right slot. It has been fixed. Automake has been updated to 1.7.8. - configure.ac has been cleaned up a bit regarding the conditionnal inclusion + configure.ac has been cleaned up a bit regarding the conditional inclusion of stdlib.h/unistd.h . RPMs are now built with largefile support, privsep and sysquotas by default. @@ -856,7 +865,7 @@ Accept '..' in file names in fakexlate() . Use addreply_noformat() whenever possible (speedup). New switch : -Z (--customerproof) . Right now, it adds | 0600 or | 0700 -to chmod commands to avoid users locking their own files. Additionnaly, we +to chmod commands to avoid users locking their own files. Additionally, we now try a traditional chmod() call if fchmod() fails. There's a race here, but no security trouble to fear. Reported by Mark Reidel <mr at domainfactory.de> Spec file fixes, contributed by Jose Pedro Oliveira <jpo at di.uminho.pt> @@ -892,7 +901,7 @@ then. Now, we also group everything to a single packet before sending the data. Merge Ben Gertzfield's extended LDAP schema. - AtheOS is unfortuntely gone from the list of supported OS because it + AtheOS is unfortunately gone from the list of supported OS because it lacks mmap(). Invalid SQL queries are now logged in order to help debugging. @@ -1211,7 +1220,7 @@ what's needed to parse/allocate/free related structures. All modules have the same hooks, grouped in a new structure : Authentication . Semantic change for AuthResult.auth_ok : 0 means a soft error (user not -found, or server temporarely down), -1 means hard error (bad password), 1 +found, or server temporarily down), -1 means hard error (bad password), 1 means ok. To be secure, we fall back to the next authentication method only on soft errors. Also, AuthResult objects are now passed by address to authentication handlers. @@ -1234,7 +1243,7 @@ Add peer info to authentication (pw_*_check()) functions. When MySQL or LDAP are enabled, add additional groups of the system uid. Made LDAP attributes more configurable (macroized strings in log_ldap.h) . - New digraph for SQL substitions : \R (remote IP) . + New digraph for SQL substitutions : \R (remote IP) . New fields for the LDAP configuration file parser : LDAPDefaultUID and LDAPDefaultGID. Updated the LDAP documentation. @@ -1416,7 +1425,7 @@ Merge the virtual host login code with the regular login code (suggested by Chris Mentjox <chris at widexs.nl>. ftp_parser.c/sfgets() rewritten to optimize read() calls. - Use the same policy to forbit dot-files for cd and for other commands, + Use the same policy to forbid dot-files for cd and for other commands, for consistency and to ease migration from other servers. Don't unlink() partially uploaded files unless user is anonymous. Add fillenv() and newenv_*() in pure-uploadscript.c diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/HISTORY new/pure-ftpd-1.0.51/HISTORY --- old/pure-ftpd-1.0.50/HISTORY 2011-09-07 07:02:03.000000000 +0200 +++ new/pure-ftpd-1.0.51/HISTORY 2021-12-16 13:08:57.000000000 +0100 @@ -19,7 +19,7 @@ to ensure a good nights sleep. Troll-FTPd was often considered for inclusion in secure distributions, but -the project was't actively maintained. Release 1.25 is dated 03/1999 and has +the project wasn't actively maintained. Release 1.25 is dated 03/1999 and has been made with help from Janos Farkas, cmj at localnet.com, August Fullford and Ximenes Zalteca. Troll-FTPd 1.26 was released two years after, just to fix minor bugs. Arnt said that there won't be any other release unless he ever diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/README new/pure-ftpd-1.0.51/README --- old/pure-ftpd-1.0.50/README 2020-03-31 18:22:41.000000000 +0200 +++ new/pure-ftpd-1.0.51/README 2021-12-16 13:08:49.000000000 +0100 @@ -1422,7 +1422,7 @@ mode, suitable for inline calls from CGI, SSI or PHP scripts. '-x': output well-formed XML data for post-processing. This is the most -acurate mode. Time is in seconds and file sizes are in bytes (in other +accurate mode. Time is in seconds and file sizes are in bytes (in other output formats, sizes are in kbytes for easier readability) . '-v': verbose output in text mode. Additional info includes the size of @@ -1464,7 +1464,7 @@ For security purposes, the server never launches any external program. It's why there is a separate daemon, that reads new uploads pushed into a named -pipe by the server. Uploads are processed synchronously and sequencially. +pipe by the server. Uploads are processed synchronously and sequentially. It's why on loaded or untrusted servers, it might be a bad idea to use pure-uploadscript with lengthy or cpu-intensive scripts. @@ -1752,7 +1752,7 @@ This is often enough to properly work with UTF-8 capable clients. -But optionnally, you can specify the default charset for clients, with +But optionally, you can specify the default charset for clients, with --clientcharset: /usr/local/sbin/pure-ftpd --fscharset=iso-8859-15 --clientcharset=big5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/README.Configuration-File new/pure-ftpd-1.0.51/README.Configuration-File --- old/pure-ftpd-1.0.50/README.Configuration-File 2018-01-04 13:13:36.000000000 +0100 +++ new/pure-ftpd-1.0.51/README.Configuration-File 2021-12-16 13:09:11.000000000 +0100 @@ -17,7 +17,7 @@ As an alternative to command-line switches, Pure-FTPd can use a configuration file. The set of supported features is the same no -matter what way of configuring the server is beind used. +matter what way of configuring the server is being used. A sample configuration file named pure-ftpd.conf should have been installed in /etc/, /usr/local/etc/ or another standard location derived from diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/README.Virtual-Users new/pure-ftpd-1.0.51/README.Virtual-Users --- old/pure-ftpd-1.0.50/README.Virtual-Users 2019-04-20 11:36:33.000000000 +0200 +++ new/pure-ftpd-1.0.51/README.Virtual-Users 2021-12-16 13:09:35.000000000 +0100 @@ -240,7 +240,7 @@ pure-pw mkdb this reads /etc/pureftpd.passwd and creates /etc/pureftpd.pdb by default, but -to read another file, add the pdb file, optionnaly followed by -f <passwd file> +to read another file, add the pdb file, optionally followed by -f <passwd file> For instance: @@ -304,7 +304,7 @@ can use different passwords for FTP and for Telnet access. - ------------------------ ENVIRONNEMENT VARIABLES ------------------------ + ------------------------ ENVIRONMENT VARIABLES ------------------------ If defined, a PURE_PASSWDFILE environment variable can set the default path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/config.h.in new/pure-ftpd-1.0.51/config.h.in --- old/pure-ftpd-1.0.50/config.h.in 2021-09-27 12:00:43.000000000 +0200 +++ new/pure-ftpd-1.0.51/config.h.in 2022-01-01 22:48:48.000000000 +0100 @@ -12,7 +12,7 @@ /* return value of an overflowed snprintf */ #undef CONF_SNPRINTF_TYPE -/* defaut TCP receive buffer */ +/* default TCP receive buffer */ #undef CONF_TCP_SO_RCVBUF /* default TCP send buffer */ @@ -380,6 +380,9 @@ /* Define to 1 if you have the `srandomdev' function. */ #undef HAVE_SRANDOMDEV +/* Define to 1 if you have the `SSL_CTX_set_num_tickets' function. */ +#undef HAVE_SSL_CTX_SET_NUM_TICKETS + /* define if you have ss_len */ #undef HAVE_SS_LEN diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/configure new/pure-ftpd-1.0.51/configure --- old/pure-ftpd-1.0.50/configure 2021-11-23 21:41:24.000000000 +0100 +++ new/pure-ftpd-1.0.51/configure 2022-06-14 13:23:20.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for pure-ftpd 1.0.50. +# Generated by GNU Autoconf 2.71 for pure-ftpd 1.0.51. # # Report bugs to <https://github.com/jedisct1/pure-ftpd>. # @@ -611,8 +611,8 @@ # Identity of this package. PACKAGE_NAME='pure-ftpd' PACKAGE_TARNAME='pure-ftpd' -PACKAGE_VERSION='1.0.50' -PACKAGE_STRING='pure-ftpd 1.0.50' +PACKAGE_VERSION='1.0.51' +PACKAGE_STRING='pure-ftpd 1.0.51' PACKAGE_BUGREPORT='https://github.com/jedisct1/pure-ftpd' PACKAGE_URL='https://www.pureftpd.org' @@ -1386,7 +1386,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures pure-ftpd 1.0.50 to adapt to many kinds of systems. +\`configure' configures pure-ftpd 1.0.51 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1457,7 +1457,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of pure-ftpd 1.0.50:";; + short | recursive ) echo "Configuration of pure-ftpd 1.0.51:";; esac cat <<\_ACEOF @@ -1624,7 +1624,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -pure-ftpd configure 1.0.50 +pure-ftpd configure 1.0.51 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2281,7 +2281,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by pure-ftpd $as_me 1.0.50, which was +It was created by pure-ftpd $as_me 1.0.51, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -3567,7 +3567,7 @@ # Define the identity of the package. PACKAGE='pure-ftpd' - VERSION='1.0.50' + VERSION='1.0.51' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -8325,7 +8325,8 @@ for path in \ /usr/kerberos \ /usr/local /opt /usr/local/opt \ - /usr/[email protected] /opt/[email protected] /usr/local/opt/[email protected] \ + /opt/homebrew/opt/openssl@3 /usr/local/opt/openssl@3 \ + /opt/homebrew/opt/[email protected] /usr/local/opt/[email protected] \ /usr/openssl /opt/openssl /usr/local/opt/openssl; do if test -d $path/include; then CPPFLAGS="$CPPFLAGS -I${path}/include" @@ -14873,8 +14874,8 @@ printf %s "checking whether getgroups 0 is sane... " >&6; } if test "$cross_compiling" = yes then : - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: suppose that it doesnt" >&5 -printf "%s\n" "suppose that it doesnt" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: suppose that it doesn't" >&5 +printf "%s\n" "suppose that it doesn't" >&6; } else $as_nop cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -15849,6 +15850,12 @@ printf "%s\n" "#define HAVE_TLS_SERVER_METHOD 1" >>confdefs.h fi +ac_fn_c_check_func "$LINENO" "SSL_CTX_set_num_tickets" "ac_cv_func_SSL_CTX_set_num_tickets" +if test "x$ac_cv_func_SSL_CTX_set_num_tickets" = xyes +then : + printf "%s\n" "#define HAVE_SSL_CTX_SET_NUM_TICKETS 1" >>confdefs.h + +fi printf "%s\n" "#define WITH_TLS /**/" >>confdefs.h @@ -16502,7 +16509,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by pure-ftpd $as_me 1.0.50, which was +This file was extended by pure-ftpd $as_me 1.0.51, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -16571,7 +16578,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -pure-ftpd config.status 1.0.50 +pure-ftpd config.status 1.0.51 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/configure.ac new/pure-ftpd-1.0.51/configure.ac --- old/pure-ftpd-1.0.50/configure.ac 2021-11-23 21:41:18.000000000 +0100 +++ new/pure-ftpd-1.0.51/configure.ac 2022-06-14 13:16:17.000000000 +0200 @@ -1,7 +1,7 @@ dnl AM_ACLOCAL_INCLUDE(m4) AC_PREREQ([2.65]) -AC_INIT([pure-ftpd], [1.0.50], +AC_INIT([pure-ftpd], [1.0.51], [https://github.com/jedisct1/pure-ftpd], [pure-ftpd], [https://www.pureftpd.org]) AC_CONFIG_SRCDIR(src/ftpd.c) AC_CONFIG_HEADERS([config.h]) @@ -101,7 +101,8 @@ for path in \ /usr/kerberos \ /usr/local /opt /usr/local/opt \ - /usr/[email protected] /opt/[email protected] /usr/local/opt/[email protected] \ + /opt/homebrew/opt/openssl@3 /usr/local/opt/openssl@3 \ + /opt/homebrew/opt/[email protected] /usr/local/opt/[email protected] \ /usr/openssl /opt/openssl /usr/local/opt/openssl; do if test -d $path/include; then CPPFLAGS="$CPPFLAGS -I${path}/include" @@ -1065,7 +1066,7 @@ AC_MSG_RESULT(yes) AC_DEFINE(SAFE_GETGROUPS_0,,[Define is getgroups(0, NULL) works on your system]) ],[AC_MSG_RESULT(no) -],[AC_MSG_RESULT(suppose that it doesnt)]) +],[AC_MSG_RESULT(suppose that it doesn't)]) AC_MSG_CHECKING(whether realpath likes unreadable directories) AC_RUN_IFELSE([AC_LANG_SOURCE([[ @@ -1198,7 +1199,7 @@ ]])],[CONF_TCP_SO_RCVBUF=`cat conftestval`],[CONF_TCP_SO_RCVBUF=65536],[CONF_TCP_SO_RCVBUF=65536]) AC_MSG_RESULT($CONF_TCP_SO_RCVBUF) -AC_DEFINE_UNQUOTED(CONF_TCP_SO_RCVBUF, $CONF_TCP_SO_RCVBUF, [defaut TCP receive buffer]) +AC_DEFINE_UNQUOTED(CONF_TCP_SO_RCVBUF, $CONF_TCP_SO_RCVBUF, [default TCP receive buffer]) AC_ARG_WITH(ldap, @@ -1309,7 +1310,7 @@ fi AC_CHECK_LIB(crypto, DH_new) AC_CHECK_LIB(ssl, SSL_accept) - AC_CHECK_FUNCS(DH_get_2048_256 TLS_server_method) + AC_CHECK_FUNCS(DH_get_2048_256 TLS_server_method SSL_CTX_set_num_tickets) AC_DEFINE(WITH_TLS,,[Enable TLS]) fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/gui/build.sh new/pure-ftpd-1.0.51/gui/build.sh --- old/pure-ftpd-1.0.50/gui/build.sh 2019-08-16 00:47:35.000000000 +0200 +++ new/pure-ftpd-1.0.51/gui/build.sh 2021-12-16 13:11:22.000000000 +0100 @@ -64,7 +64,7 @@ 'without-humor' "Disable humor (enabled by default)" off \ 'without-ascii' "Don't support 7-bits (ASCII) transfers" off \ 'without-globbing' "Don't include the globbing code" off \ -'without-nonalnum' "Only allow minimal alpha-numeric characters" off \ +'without-nonalnum' "Only allow minimal alphanumeric characters" off \ 'without-unicode' "Disable utf8 non-latin characters" off \ 'without-sendfile' "Don't use zero-copy optimizations" off \ 'without-privsep' "Disable privilege separation" off \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/man/pure-ftpd.8.in new/pure-ftpd-1.0.51/man/pure-ftpd.8.in --- old/pure-ftpd-1.0.50/man/pure-ftpd.8.in 2021-11-23 19:52:41.000000000 +0100 +++ new/pure-ftpd-1.0.51/man/pure-ftpd.8.in 2022-01-01 22:49:33.000000000 +0100 @@ -1,6 +1,6 @@ .\" .\" Troll-FTPd is Copyright 1995-2000 Trolltech AS, and Copyright 2001-2002 Arnt Gulbrandsen. -.\" Pure-FTPd is (C)opyleft 2001-2021 by Frank DENIS <j at pureftpd dot org> and the Pure-FTPd team. +.\" Pure-FTPd is (C)opyleft 2001-2022 by Frank DENIS <j at pureftpd dot org> and the Pure-FTPd team. .\" .\" Use, modification and distribution is allowed without limitation, warranty, or liability of any kind. .\" @@ -817,7 +817,7 @@ lists even files/directories whose names begin with ".". .TP .B \-C -lists files in as many colums as will fit on the screen. Undoes +lists files in as many columns as will fit on the screen. Undoes .BR \-1 " and " \-l . .TP .B \-d @@ -929,7 +929,7 @@ Troll Tech AS, Waldemar Thranes gate 98B, N\-0175 Oslo, Norway, fax +47 22806380. .PP -Pure\-FTPd is (C)opyleft 2001\-2021 by Frank DENIS <j at pureftpd dot org>. +Pure\-FTPd is (C)opyleft 2001\-2022 by Frank DENIS <j at pureftpd dot org>. .PP This software is covered by the BSD license. .PP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/man/pure-mrtginfo.8.in new/pure-ftpd-1.0.51/man/pure-mrtginfo.8.in --- old/pure-ftpd-1.0.50/man/pure-mrtginfo.8.in 2021-11-23 19:52:53.000000000 +0100 +++ new/pure-ftpd-1.0.51/man/pure-mrtginfo.8.in 2022-01-01 22:49:33.000000000 +0100 @@ -2,7 +2,7 @@ .\" Written by Arnt Gulbrandsen <[email protected]> and copyright 1995-1999 .\" Troll Tech AS, Waldemar Thranes gate 98B, N-0175 Oslo, Norway, fax +47 .\" 22806380. -.\" Pure-FTPd (C)opyleft 2001-2021 Frank Denis. +.\" Pure-FTPd (C)opyleft 2001-2022 Frank Denis. .\" .\" Use, modification and distribution is allowed without limitation, .\" warranty, or liability of any kind. @@ -58,7 +58,7 @@ Troll Tech AS, Waldemar Thranes gate 98B, N\-0175 Oslo, Norway, fax +47 22806380. .PP -Pure\-FTPd (C)opyleft 2001\-2021 by Frank DENIS <j at pureftpd dot org>. +Pure\-FTPd (C)opyleft 2001\-2022 by Frank DENIS <j at pureftpd dot org>. .PP Use, modification and distribution is allowed without limitation, warranty, or liability of any kind. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/man/pure-pw.8.in new/pure-ftpd-1.0.51/man/pure-pw.8.in --- old/pure-ftpd-1.0.50/man/pure-pw.8.in 2019-03-25 16:48:42.000000000 +0100 +++ new/pure-ftpd-1.0.51/man/pure-pw.8.in 2021-12-16 13:10:04.000000000 +0100 @@ -42,7 +42,7 @@ It means that you can easily create FTP\-only accounts without messing your system accounts. .br -Additionnaly, virtual users files can store individual quotas, ratios, +Additionally, virtual users files can store individual quotas, ratios, bandwidth, etc. System accounts can't do this. .br Thousands of virtual users can share the same system user, as long as they diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/man/pure-statsdecode.8.in new/pure-ftpd-1.0.51/man/pure-statsdecode.8.in --- old/pure-ftpd-1.0.50/man/pure-statsdecode.8.in 2019-03-25 16:48:42.000000000 +0100 +++ new/pure-ftpd-1.0.51/man/pure-statsdecode.8.in 2021-12-16 13:10:24.000000000 +0100 @@ -24,7 +24,7 @@ .LP pure\-statsdecode /var/log/pureftpd.log > /tmp/pureftpd.humanlog .LP -Alternativly you can run it as: +Alternatively you can run it as: .LP cat /var/log/pureftpd.log | pure\-statsdecode \- | gzip \-\-best > /tmp/pureftpd.humanlog.gz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/README new/pure-ftpd-1.0.51/puredb/README --- old/pure-ftpd-1.0.50/puredb/README 2018-01-04 13:13:36.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/README 2021-12-16 13:10:55.000000000 +0100 @@ -290,7 +290,7 @@ goto end; } if ((data = puredb_read(&db, retpos, retlen)) != NULL) { - printf("The maching data is: [%s]\n", data); + printf("Matching data: [%s]\n", data); puredb_read_free(data); } end: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/example_read.c new/pure-ftpd-1.0.51/puredb/src/example_read.c --- old/pure-ftpd-1.0.50/puredb/src/example_read.c 2019-03-15 12:56:39.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/example_read.c 2022-06-14 13:00:00.000000000 +0200 @@ -1,8 +1,7 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #include <config.h> - #include "puredb_p.h" #include "puredb_read.h" @@ -23,7 +22,7 @@ goto end; } if ((data = puredb_read(&db, retpos, retlen)) != NULL) { - printf("The maching data is : [%s]\n", data); + printf("Matching data: [%s]\n", data); puredb_read_free(data); } end: @@ -33,4 +32,3 @@ return 0; } - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/example_write.c new/pure-ftpd-1.0.51/puredb/src/example_write.c --- old/pure-ftpd-1.0.50/puredb/src/example_write.c 2019-03-15 12:56:37.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/example_write.c 2022-06-14 13:00:00.000000000 +0200 @@ -1,8 +1,7 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #include <config.h> - #include "puredb_p.h" #include "puredb_write.h" @@ -29,4 +28,3 @@ return 0; } - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/puredb_p.h new/pure-ftpd-1.0.51/puredb/src/puredb_p.h --- old/pure-ftpd-1.0.50/puredb/src/puredb_p.h 2019-03-15 12:56:34.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/puredb_p.h 2022-06-14 13:00:00.000000000 +0200 @@ -1,29 +1,14 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #ifndef __PUREDB_P_H__ #define __PUREDB_P_H__ 1 #include <stdio.h> -#ifdef STDC_HEADERS -# include <stdlib.h> -# include <stddef.h> -# include <stdarg.h> -#else -# if HAVE_STDLIB_H -# include <stdlib.h> -# endif -#endif -#if HAVE_STRING_H -# if !STDC_HEADERS && HAVE_MEMORY_H -# include <memory.h> -# endif -# include <string.h> -#else -# if HAVE_STRINGS_H -# include <strings.h> -# endif -#endif +#include <stdlib.h> +#include <stddef.h> +#include <stdarg.h> +#include <string.h> #include <limits.h> #include <errno.h> #ifdef HAVE_UNISTD_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/puredb_read.c new/pure-ftpd-1.0.51/puredb/src/puredb_read.c --- old/pure-ftpd-1.0.50/puredb/src/puredb_read.c 2019-03-15 12:56:31.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/puredb_read.c 2022-06-14 13:00:00.000000000 +0200 @@ -1,5 +1,5 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #include <config.h> @@ -50,6 +50,9 @@ #ifdef USE_MAPPED_IO if (db->map != NULL) { + if (db->size < 4 || offset > db->size - 4) { + return -1; + } mapoffset = db->map + offset; } else #endif @@ -108,7 +111,7 @@ if (fstat(db->fd, &st) < 0 || st.st_size > (off_t) 0xffffffff || (db->size = (puredb_u32_t) st.st_size) < ((size_t) (256U + 1U) * sizeof(puredb_u32_t) + - sizeof PUREDB_VERSION - (size_t) 1U)) { + sizeof PUREDB_VERSION - (size_t) 1U)) { close(db->fd); return -2; @@ -142,6 +145,7 @@ return -3; } + return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/puredb_read.h new/pure-ftpd-1.0.51/puredb/src/puredb_read.h --- old/pure-ftpd-1.0.50/puredb/src/puredb_read.h 2019-03-15 12:56:28.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/puredb_read.h 2022-06-14 13:00:00.000000000 +0200 @@ -1,5 +1,5 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #ifndef __PUREDB_READ_H__ #define __PUREDB_READ_H__ 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/puredb_write.c new/pure-ftpd-1.0.51/puredb/src/puredb_write.c --- old/pure-ftpd-1.0.50/puredb/src/puredb_write.c 2019-03-15 12:56:25.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/puredb_write.c 2022-06-14 13:00:00.000000000 +0200 @@ -1,5 +1,5 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #include <config.h> @@ -278,6 +278,9 @@ fflush(dbw->fpindex); #ifdef HAVE_FILENO fsync(fileno(dbw->fpindex)); +# ifdef F_FULLFSYNC + ioctl(fileno(dbw->fpindex), F_FULLFSYNC, 0); +# endif #endif if (fclose(dbw->fpindex) != 0) { return -1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/puredb_write.h new/pure-ftpd-1.0.51/puredb/src/puredb_write.h --- old/pure-ftpd-1.0.50/puredb/src/puredb_write.h 2019-03-15 12:56:23.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/puredb_write.h 2022-06-14 13:00:00.000000000 +0200 @@ -1,5 +1,5 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #ifndef __PUREDB_WRITE_H__ #define __PUREDB_WRITE_H__ 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/puredb/src/regression.c new/pure-ftpd-1.0.51/puredb/src/regression.c --- old/pure-ftpd-1.0.50/puredb/src/regression.c 2019-03-15 12:56:19.000000000 +0100 +++ new/pure-ftpd-1.0.51/puredb/src/regression.c 2022-06-14 13:00:00.000000000 +0200 @@ -1,7 +1,8 @@ -/* (C)opyleft 2001-2019 Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2022 Frank DENIS <j at pureftpd dot org> */ #include <config.h> + #ifdef HAVE_SNPRINTF #include "puredb_p.h" @@ -109,9 +110,4 @@ return 0; } -#else -int main(void) -{ - return 0; -} #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/ftp_parser.c new/pure-ftpd-1.0.51/src/ftp_parser.c --- old/pure-ftpd-1.0.50/src/ftp_parser.c 2021-11-23 21:52:57.000000000 +0100 +++ new/pure-ftpd-1.0.51/src/ftp_parser.c 2021-12-16 13:12:02.000000000 +0100 @@ -29,7 +29,7 @@ /* * Introduce a random delay, to mitigate guessing existing user names by - * mesuring delay. It's especially true when LDAP is used. + * measuring delay. It's especially true when LDAP is used. * No need to call usleep2() because we are root at this point. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/ftpd.h new/pure-ftpd-1.0.51/src/ftpd.h --- old/pure-ftpd-1.0.50/src/ftpd.h 2021-06-25 01:30:43.000000000 +0200 +++ new/pure-ftpd-1.0.51/src/ftpd.h 2021-12-16 13:12:17.000000000 +0100 @@ -580,7 +580,7 @@ # define DL_DLMAP_SIZE (128 * 1024UL) #endif #if DL_DEFAULT_CHUNK_SIZE > DL_MAX_CHUNK_SIZE || DL_MIN_CHUNK_SIZE > DL_MAX_CHUNK_SIZE -# error DL_MAX_CHUNK_SIZE shouldnt be <= DL_MIN_CHUNK_SIZE or <= DL_DEFAULT_CHUNK_SIZE +# error DL_MAX_CHUNK_SIZE shouldn't be <= DL_MIN_CHUNK_SIZE or <= DL_DEFAULT_CHUNK_SIZE #endif #if DL_DLMAP_SIZE < DL_MAX_CHUNK_SIZE # error DL_DLMAP_SIZE should be >= DL_MAX_CHUNK_SIZE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/log_ldap_p.h new/pure-ftpd-1.0.51/src/log_ldap_p.h --- old/pure-ftpd-1.0.50/src/log_ldap_p.h 2021-02-21 12:37:20.000000000 +0100 +++ new/pure-ftpd-1.0.51/src/log_ldap_p.h 2022-06-14 13:20:25.000000000 +0200 @@ -1,6 +1,6 @@ /* LDAP posixAccount handler for Pure-FTPd */ -/* (C)opyleft 2001-2019 by Frank DENIS <j at pureftpd dot org> */ +/* (C)opyleft 2001-2021 by Frank DENIS <j at pureftpd dot org> */ #ifndef __LOG_LDAP_P_H__ #define __LOG_LDAP_P_H__ 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/log_mysql.c new/pure-ftpd-1.0.51/src/log_mysql.c --- old/pure-ftpd-1.0.50/src/log_mysql.c 2021-11-23 21:52:57.000000000 +0100 +++ new/pure-ftpd-1.0.51/src/log_mysql.c 2021-12-16 13:12:09.000000000 +0100 @@ -467,7 +467,7 @@ auth_ok: /* - * do *NOT* accept root uid/gid - if the database is compromized, the FTP + * do *NOT* accept root uid/gid - if the database is compromised, the FTP * server could also be rooted. */ result->uid = (uid_t) strtoul(uid, NULL, 10); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/log_pgsql.c new/pure-ftpd-1.0.51/src/log_pgsql.c --- old/pure-ftpd-1.0.50/src/log_pgsql.c 2021-11-23 22:36:05.000000000 +0100 +++ new/pure-ftpd-1.0.51/src/log_pgsql.c 2022-06-14 13:22:40.000000000 +0200 @@ -269,7 +269,6 @@ char *conninfo = NULL; size_t sizeof_conninfo; char *escaped_server = NULL; - char *escaped_port = NULL; char *escaped_db = NULL; char *escaped_user = NULL; char *escaped_pw = NULL; @@ -278,7 +277,6 @@ *id_sql_server = NULL; if ((escaped_server = pw_pgsql_escape_conninfo(server)) == NULL || - (escaped_port = pw_pgsql_escape_conninfo(port)) == NULL || (escaped_db = pw_pgsql_escape_conninfo(db)) == NULL || (escaped_user = pw_pgsql_escape_conninfo(user)) == NULL || (escaped_pw = pw_pgsql_escape_conninfo(pw)) == NULL) { @@ -296,7 +294,7 @@ } if (SNCHECK(snprintf(conninfo, sizeof_conninfo, PGSQL_CONNECT_FMTSTRING, - escaped_server, escaped_port, escaped_db, + escaped_server, port, escaped_db, escaped_user, escaped_pw), sizeof_conninfo)) { goto bye; } @@ -314,7 +312,6 @@ bye: free(conninfo); free(escaped_server); - free(escaped_port); free(escaped_db); free(escaped_user); free(escaped_pw); @@ -547,7 +544,7 @@ auth_ok: /* - * do *NOT* accept root uid/gid - if the database is compromized, the FTP + * do *NOT* accept root uid/gid - if the database is compromised, the FTP * server could also be rooted. */ result->uid = (uid_t) strtoul(uid, NULL, 10); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pure-ftpd-1.0.50/src/tls.c new/pure-ftpd-1.0.51/src/tls.c --- old/pure-ftpd-1.0.50/src/tls.c 2021-11-23 21:52:57.000000000 +0100 +++ new/pure-ftpd-1.0.51/src/tls.c 2022-02-03 14:03:51.000000000 +0100 @@ -132,6 +132,27 @@ } } +#ifdef SSL_TICKET_SUCCESS_RENEW +static SSL_TICKET_RETURN session_ticket_cb(SSL *tls_ctx, + SSL_SESSION *session, + const unsigned char *keyname, + size_t keyname_len, + SSL_TICKET_STATUS status, + void *arg) +{ + (void) tls_ctx; + (void) session; + (void) keyname; + (void) keyname_len; + (void) arg; + + if (status == SSL_TICKET_SUCCESS || status == SSL_TICKET_SUCCESS_RENEW) { + return SSL_TICKET_RETURN_USE; + } + return SSL_TICKET_RETURN_IGNORE; +} +#endif + static int tls_init_ecdh_curve(void) { #ifdef SSL_CTRL_SET_ECDH_AUTO @@ -326,7 +347,9 @@ # ifdef SSL_OP_NO_TLSv1_3 SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_3); # endif - SSL_CTX_set_num_tickets(tls_ctx, 0); +# ifdef SSL_CTX_set_num_tickets + SSL_CTX_set_num_tickets(tls_ctx, 1); +# endif if (tlsciphersuite != NULL) { if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) { logfile(LOG_ERR, MSG_TLS_CIPHER_FAILED, tlsciphersuite); @@ -339,6 +362,9 @@ passes++; } SSL_CTX_set_verify_depth(tls_ctx, MAX_CERTIFICATE_DEPTH); +#ifdef SSL_TICKET_SUCCESS_RENEW + SSL_CTX_set_session_ticket_cb(tls_ctx, NULL, session_ticket_cb, NULL); +#endif } static void tls_load_cert_file(const char * const cert_file, ++++++ pure-ftpd-1.0.50.tar.bz2.minisig -> pure-ftpd-1.0.51.tar.bz2.minisig ++++++ --- /work/SRC/openSUSE:Factory/pure-ftpd/pure-ftpd-1.0.50.tar.bz2.minisig 2022-01-24 23:10:15.986646249 +0100 +++ /work/SRC/openSUSE:Factory/.pure-ftpd.new.1521/pure-ftpd-1.0.51.tar.bz2.minisig 2022-08-09 15:28:42.989687609 +0200 @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUQf6LRCGA9i57aBgT/tiGx1u6egpneerHNFnVcTxn+xTzczo+eqq4KwdZAzUobaHqAyMnIfL/qXmrDamBDNMBCRT6yOGR2XKwc= -trusted comment: timestamp:1637704947 file:pure-ftpd-1.0.50.tar.bz2 hashed -u6gmbzYNFi0OfccBzyL1Qs+/7N+1xSPrle1LEKJ4mfacBqqVPmdL7QGUTFYBlRhp1w4R36gBvvAt34/aMQePBw== +RUQf6LRCGA9i55Ntm0qP+FPe+r7MhsAauQBJY5vorUuG+gvqo+JMOBljJz1s3w250v8DyuZtAzrp8HseW/yI+lCdFXQ0qK3tJwA= +trusted comment: timestamp:1655205932 file:pure-ftpd-1.0.51.tar.bz2 hashed +MPIQoEEMaLa1M6iZ2NBLh30NkCwzjkVDs0C1Y5dBvXAkcznwfHZRQhfz1J/Ki79iaTZFyQtNFv3qhvg9dYTTCg==
