Your message dated Mon, 24 Jul 2006 03:28:36 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#307498: fixed in vsftpd 2.0.5-1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: vsftpd Version: 2.0.3-1.2 Severity: minor Tags: patch, upstream vsftpd uses SSL_CTX_use_certificate_file() instead of SSL_CTX_use_certificate_chain_file(). As a result, it is not possible to tell vsftpd to send intermediate certificates with its own. The following patch should suffice, but I'm no OpenSSL expert. As an alternative, a new option could be added to enable the separation of the site certificate from the intermediate ones (like you can do with Apache). -- Magnus Holmgren [EMAIL PROTECTED] --- vsftpd-2.0.3.orig/ssl.c +++ vsftpd-2.0.3/ssl.c @@ -71,8 +71,8 @@ { p_key = tunable_rsa_cert_file; } - if (SSL_CTX_use_certificate_file( - p_ctx, tunable_rsa_cert_file, X509_FILETYPE_PEM) != 1) + if (SSL_CTX_use_certificate_chain_file( + p_ctx, tunable_rsa_cert_file) != 1) { die("SSL: cannot load RSA certificate"); } @@ -88,8 +88,8 @@ { p_key = tunable_dsa_cert_file; } - if (SSL_CTX_use_certificate_file( - p_ctx, tunable_dsa_cert_file, X509_FILETYPE_PEM) != 1) + if (SSL_CTX_use_certificate_chain_file( + p_ctx, tunable_dsa_cert_file) != 1) { die("SSL: cannot load DSA certificate"); }
--- End Message ---
--- Begin Message ---Source: vsftpd Source-Version: 2.0.5-1 We believe that the bug you reported is fixed in the latest version of vsftpd, which is due to be installed in the Debian FTP archive: vsftpd_2.0.5-1.diff.gz to pool/main/v/vsftpd/vsftpd_2.0.5-1.diff.gz vsftpd_2.0.5-1.dsc to pool/main/v/vsftpd/vsftpd_2.0.5-1.dsc vsftpd_2.0.5-1_amd64.deb to pool/main/v/vsftpd/vsftpd_2.0.5-1_amd64.deb vsftpd_2.0.5.orig.tar.gz to pool/main/v/vsftpd/vsftpd_2.0.5.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Jacobowitz <[EMAIL PROTECTED]> (supplier of updated vsftpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 23 Jul 2006 18:46:23 -0400 Source: vsftpd Binary: vsftpd Architecture: source amd64 Version: 2.0.5-1 Distribution: unstable Urgency: low Maintainer: Daniel Jacobowitz <[EMAIL PROTECTED]> Changed-By: Daniel Jacobowitz <[EMAIL PROTECTED]> Description: vsftpd - The Very Secure FTP Daemon Closes: 307498 350996 375026 Changes: vsftpd (2.0.5-1) unstable; urgency=low . * New upstream release. - Added support for certificate chains (Closes: #307498). * Use quilt.make to manage changes to the upstream source. * Exclude libcap-dev build dependency for non-Linux architectures (Closes: #375026). * Mention trouble with background=yes in vsftpd.conf in the README file. * Create /var/run/vsftpd if necessary (Closes: #350996). Files: ef9ce4c2f94e88d67514a8e058e22882 673 net extra vsftpd_2.0.5-1.dsc 146062e8b2f93af43ff6c2c770feea94 155985 net extra vsftpd_2.0.5.orig.tar.gz 85d5a981966d8cb6f6c60a5e99ce32a1 7932 net extra vsftpd_2.0.5-1.diff.gz c146c1f2e047a27b8a172901f50aa2f8 120246 net extra vsftpd_2.0.5-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEw/0lbgOPXuCjg3cRAo1JAJ9KmxQoSmir+K+U6WitkKo8hQl2JgCggFhQ uReg0NJssYL+MDGdl+VwdUc= =DE/q -----END PGP SIGNATURE-----
--- End Message ---
