Hello community, here is the log from the commit of package uftpd for openSUSE:Factory checked in at 2020-07-05 01:18:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/uftpd (Old) and /work/SRC/openSUSE:Factory/.uftpd.new.3060 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "uftpd" Sun Jul 5 01:18:36 2020 rev:10 rq:818523 version:2.13 Changes: -------- --- /work/SRC/openSUSE:Factory/uftpd/uftpd.changes 2020-05-29 21:37:39.294699494 +0200 +++ /work/SRC/openSUSE:Factory/.uftpd.new.3060/uftpd.changes 2020-07-05 01:20:29.325427370 +0200 @@ -1,0 +2,13 @@ +Tue Jun 30 22:19:31 UTC 2020 - Martin Hauke <[email protected]> + +- Update to version 2.13 + Changes + * Unit test framework in place, with regression test for issue + Fixes + * Socket leak in daemon accept() handling causing "Too many open + files". Effectively causing denial of service + * Minor memory leak fixed, only allocated once at startup. + Affects only non-MMU systems +- Run testsuite + +------------------------------------------------------------------- Old: ---- uftpd-2.12.tar.gz New: ---- uftpd-2.13.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ uftpd.spec ++++++ --- /var/tmp/diff_new_pack.czkpmh/_old 2020-07-05 01:20:30.245430192 +0200 +++ /var/tmp/diff_new_pack.czkpmh/_new 2020-07-05 01:20:30.249430205 +0200 @@ -2,7 +2,7 @@ # spec file for package uftpd # # Copyright (c) 2020 SUSE LLC -# Copyright (c) 2018, Martin Hauke <[email protected]> +# Copyright (c) 2018-2020, Martin Hauke <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,12 +18,12 @@ Name: uftpd -Version: 2.12 +Version: 2.13 Release: 0 Summary: A combined TFTP/FTP server License: ISC Group: Productivity/Networking/Ftp/Servers -URL: http://troglobit.com/uftpd.html +URL: https://troglobit.com/uftpd.html #Git-Clone: https://github.com/troglobit/uftpd.git Source: https://github.com/troglobit/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz BuildRequires: autoconf @@ -31,9 +31,14 @@ BuildRequires: pkgconfig BuildRequires: pkgconfig(libite) BuildRequires: pkgconfig(libuev) >= 2.2.0 -Conflicts: tftp Conflicts: atftp +Conflicts: tftp Provides: tftp(server) +# SECTION test requirements +BuildRequires: ftp +BuildRequires: netcfg +BuildRequires: tftp +# /SECTION %description uftpd serves both TFTP and FTP without any configuration file, starts @@ -46,12 +51,16 @@ %build autoreconf -fiv %configure -make %{?_smp_mflags} +%make_build %install %make_install rm -rf %{buildroot}/%{_datadir}/doc +%check +ulimit -n 1024 +make check || find . -name test-suite.log -exec cat {} + + %files %doc README.md %license LICENSE ++++++ uftpd-2.12.tar.gz -> uftpd-2.13.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.github/CODE-OF-CONDUCT.md new/uftpd-2.13/.github/CODE-OF-CONDUCT.md --- old/uftpd-2.12/.github/CODE-OF-CONDUCT.md 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/.github/CODE-OF-CONDUCT.md 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,45 @@ +Contributor Code of Conduct +=========================== + +As contributors and maintainers of this project, and in the interest of +fostering an open and welcoming community, we pledge to respect all +people who contribute through reporting issues, posting feature +requests, updating documentation, submitting pull requests or patches, +and other activities. + +We are committed to making participation in this project a +harassment-free experience for everyone, regardless of level of +experience, gender, gender identity and expression, sexual orientation, +disability, personal appearance, body size, race, ethnicity, age, +religion, or nationality. + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery +* Personal attacks +* Trolling or insulting/derogatory comments +* Public or private harassment +* Publishing other's private information, such as physical or electronic + addresses, without explicit permission +* Other unethical or unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, +or reject comments, commits, code, wiki edits, issues, and other +contributions that are not aligned to this Code of Conduct. By adopting +this Code of Conduct, project maintainers commit themselves to fairly +and consistently applying these principles to every aspect of managing +this project. Project maintainers who do not follow or enforce the Code +of Conduct may be permanently removed from the project team. + +This code of conduct applies both within project spaces and in public +spaces when an individual is representing the project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior may +be reported by opening an issue or contacting one or more of the project +maintainers. + +This Code of Conduct is adapted from the [Contributor Covenant][1], +[version 1.2.0][2]. + +[1]: http://contributor-covenant.org +[2]: http://contributor-covenant.org/version/1/2/0/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.github/CONTRIBUTING.md new/uftpd-2.13/.github/CONTRIBUTING.md --- old/uftpd-2.12/.github/CONTRIBUTING.md 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/.github/CONTRIBUTING.md 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,71 @@ +Contributing to uftpd +===================== + +We welcome any and all help in the form of bug reports, fixes, patches +for new features -- *preferably as GitHub pull requests*. Other methods +are of course also possible: emailing the maintainer a patch or even a +raw file, or simply emailing a feature request or an alert of a problem. +For email questions/requests/alerts there is always the risk of memory +exhaustion on the part of the maintainer(s), so use GitHub :) + +If you are unsure of what to do, or how to implement an idea or bugfix, +open an issue with `"[RFC: Unsure if this is a bug ... ?"`, or similar, +so we can discuss it. Talking about the code first is the best way to +get started before submitting a pull request. + +Either way, when sending an email, patch, or pull request, start by +stating the version the change is made against, what it does, and why. + +Please take care to ensure you follow the project coding style and the +commit message format. If you follow these recommendations you help +the maintainer(s) and make it easier for them to include your code. + + +Coding Style +------------ + +> **Tip:** Always submit code that follows the style of surrounding code! + +First of all, lines are allowed to be longer than 72 characters these +days. In fact, there exist no enforced maximum, but keeping it around +100 chars is OK. + +The coding style itself is strictly Linux [KNF][]. + + +Commit Messages +--------------- + +Commit messages exist to track *why* a change was made. Try to be as +clear and concise as possible in your commit messages, and always, be +proud of your work and set up a proper GIT identity for your commits: + + git config --global user.name "Jane Doe" + git config --global user.email [email protected] + +Example commit message from the [Pro Git][gitbook] online book, notice +how `git commit -s` is used to automatically add a `Signed-off-by`: + + Brief, but clear and concise summary of changes + + More detailed explanatory text, if necessary. Wrap it to about 72 + characters or so. In some contexts, the first line is treated as + the subject of an email and the rest of the text as the body. The + blank line separating the ummary from the body is critical (unless + you omit the body entirely); tools like rebase can get confused if + you run the two together. + + Further paragraphs come after blank lines. + + - Bullet points are okay, too + + - Typically a hyphen or asterisk is used for the bullet, preceded + by a single space, with blank lines in between, but conventions + vary here + + Signed-off-by: Jane Doe <[email protected]> + + +[github]: https://github.com/troglobit/uftpd/ +[KNF]: https://en.wikipedia.org/wiki/Kernel_Normal_Form +[gitbook]: https://git-scm.com/book/ch5-2.html diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.github/SECURITY.md new/uftpd-2.13/.github/SECURITY.md --- old/uftpd-2.12/.github/SECURITY.md 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/.github/SECURITY.md 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,12 @@ +# Security Policy + +## Supported Versions + +uftpd is a small project, as such we have no possibility to support older versions. +The only supported version is the latest released on GitHub: + +<https://github.com/troglobit/uftpd/releases> + +## Reporting a Vulnerability + +Contact the project's main author and owner to report and discuss vulnerabilities. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.github/workflows/c-cpp.yml new/uftpd-2.13/.github/workflows/c-cpp.yml --- old/uftpd-2.12/.github/workflows/c-cpp.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/.github/workflows/c-cpp.yml 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,44 @@ +name: C/C++ CI + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Install tools for unit tests + run: sudo apt-get -y install tree ftp tftp-hpa + - name: Install libuEv + run: | + wget https://github.com/troglobit/libuev/releases/download/v2.3.1/libuev-2.3.1.tar.xz + tar xf libuev-2.3.1.tar.xz + (cd libuev-2.3.1 && ./configure --prefix=/tmp && make && make install-strip) + - name: Install libite (-lite) + run: | + wget https://github.com/troglobit/libite/releases/download/v2.2.0/libite-2.2.0.tar.xz + tar xf libite-2.2.0.tar.xz + (cd libite-2.2.0 && ./configure --prefix=/tmp && make && make install-strip) + - name: configure + run: | + ./autogen.sh + PKG_CONFIG_PATH=/tmp/lib/pkgconfig ./configure --disable-silent-rules --prefix= + - name: build + run: make -j5 + - name: run unit tests + run: | + ulimit -n 1024 + LD_LIBRARY_PATH=/tmp/lib make check + - name: install + run: | + DESTDIR=~/tmp make install-strip + tree ~/tmp + ldd ~/tmp/sbin/uftpd + LD_LIBRARY_PATH=/tmp/lib ~/tmp/sbin/uftpd -h + - name: distcheck + run: PKG_CONFIG_PATH=/tmp/lib/pkgconfig LD_LIBRARY_PATH=/tmp/lib make distcheck diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.gitignore new/uftpd-2.13/.gitignore --- old/uftpd-2.12/.gitignore 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/.gitignore 2020-06-30 23:45:05.000000000 +0200 @@ -11,6 +11,7 @@ aclocal.m4 ar-lib autom4te.cache/* +aux/ compile config.* configure diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/.travis.yml new/uftpd-2.13/.travis.yml --- old/uftpd-2.12/.travis.yml 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/.travis.yml 2020-06-30 23:45:05.000000000 +0200 @@ -5,10 +5,6 @@ # Use docker for quicker builds, it now allows https://docs.travis-ci.com/user/apt/ sudo: false -# Attempt to use Ubuntu 16.04 -dist: xenial -group: travis_latest - # Test build with both GCC and Clang (LLVM) compiler: - gcc @@ -24,6 +20,8 @@ apt: packages: - tree + - ftp + - tftp-hpa coverity_scan: project: name: "troglobit/uftpd" @@ -34,18 +32,20 @@ branch_pattern: dev install: - - wget https://github.com/troglobit/libuev/releases/download/v2.2.0/libuev-2.2.0.tar.xz - - wget https://github.com/troglobit/libite/releases/download/v1.5.0/libite-1.5.0.tar.xz - - tar xf libuev-2.2.0.tar.xz - - tar xf libite-1.5.0.tar.xz - - (cd libuev-2.2.0 && ./configure --prefix=/tmp && make && make install-strip) - - (cd libite-1.5.0 && ./configure --prefix=/tmp && make && make install-strip) + - wget https://github.com/troglobit/libuev/releases/download/v2.3.1/libuev-2.3.1.tar.xz + - wget https://github.com/troglobit/libite/releases/download/v2.2.0/libite-2.2.0.tar.xz + - tar xf libuev-2.3.1.tar.xz + - tar xf libite-2.2.0.tar.xz + - (cd libuev-2.3.1 && ./configure --prefix=/tmp && make && make install-strip) + - (cd libite-2.2.0 && ./configure --prefix=/tmp && make && make install-strip) script: - ./autogen.sh - PKG_CONFIG_PATH=/tmp/lib/pkgconfig ./configure --disable-silent-rules --prefix= - make clean - make -j5 + - ulimit -n 1024 + - LD_LIBRARY_PATH=/tmp/lib make check - DESTDIR=~/tmp make install-strip - tree ~/tmp - ldd ~/tmp/sbin/uftpd diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/ChangeLog.md new/uftpd-2.13/ChangeLog.md --- old/uftpd-2.12/ChangeLog.md 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/ChangeLog.md 2020-06-30 23:45:05.000000000 +0200 @@ -3,6 +3,18 @@ All notable changes to the project are documented in this file. +[v2.13][] - 2020-06-30 +---------------------- + +### Changes +- Unit test framework in place, with regression test for issue #31 + +### Fixes +- Issue #31: Socket leak in daemon accept() handling causing "Too many + open files". Effectively causing denial of service +- Minor memory leak fixed, only allocated once at startup. Affects + only non-MMU systems + [v2.12][] - 2020-05-25 ---------------------- @@ -468,7 +480,9 @@ Lines must end in the old `\r\n` format, rather than UNIX `\n`. -[UNRELEASED]: https://github.com/troglobit/uftpd/compare/v2.11...HEAD +[UNRELEASED]: https://github.com/troglobit/uftpd/compare/v2.13...HEAD +[v2.13]: https://github.com/troglobit/uftpd/compare/v2.12...v2.13 +[v2.12]: https://github.com/troglobit/uftpd/compare/v2.11...v2.12 [v2.11]: https://github.com/troglobit/uftpd/compare/v2.10...v2.11 [v2.10]: https://github.com/troglobit/uftpd/compare/v2.9...v2.10 [v2.9]: https://github.com/troglobit/uftpd/compare/v2.8...v2.9 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/LICENSE new/uftpd-2.13/LICENSE --- old/uftpd-2.12/LICENSE 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/LICENSE 2020-06-30 23:45:05.000000000 +0200 @@ -1,4 +1,4 @@ -Copyright (C) 2014-2019 Joachim Nilsson <[email protected]> +Copyright (C) 2014-2020 Joachim Nilsson <[email protected]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/Makefile.am new/uftpd-2.13/Makefile.am --- old/uftpd-2.12/Makefile.am 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/Makefile.am 2020-06-30 23:45:05.000000000 +0200 @@ -1,4 +1,4 @@ -SUBDIRS = src man +SUBDIRS = src man tests doc_DATA = README.md LICENSE ChangeLog.md EXTRA_DIST = README.md LICENSE ChangeLog.md diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/configure.ac new/uftpd-2.13/configure.ac --- old/uftpd-2.12/configure.ac 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/configure.ac 2020-06-30 23:45:05.000000000 +0200 @@ -1,11 +1,12 @@ -AC_INIT([uftpd], [2.12], [https://github.com/troglobit/uftpd/issues],, +AC_INIT([uftpd], [2.13], [https://github.com/troglobit/uftpd/issues],, [https://troglobit.com/projects/uftpd/]) +AC_CONFIG_AUX_DIR(aux) AM_INIT_AUTOMAKE([1.11 foreign no-dist-gzip dist-xz]) AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([src/uftpd.c]) AC_CONFIG_HEADER([config.h]) -AC_CONFIG_FILES([Makefile src/Makefile man/Makefile]) +AC_CONFIG_FILES([Makefile src/Makefile man/Makefile tests/Makefile]) AC_PROG_CC AC_PROG_LN_S diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/debian/changelog new/uftpd-2.13/debian/changelog --- old/uftpd-2.12/debian/changelog 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/debian/changelog 2020-06-30 23:45:05.000000000 +0200 @@ -1,3 +1,11 @@ +uftpd (2.13) unstable; urgency=medium + + * Fix issue #31: Socket leak in daemon accept(), causing denial of + service in standalone daemon setups. Does not affect .deb install. + * Fix minor memory leak, only affects non-MMU systems. + + -- Joachim Nilsson <[email protected]> Tue, 30 Jun 2020 23:36:35 +0200 + uftpd (2.12) stable; urgency=medium * Fix issue #30: uftpd crashes when an invalid CWD is entered diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/debian/copyright new/uftpd-2.13/debian/copyright --- old/uftpd-2.12/debian/copyright 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/debian/copyright 2020-06-30 23:45:05.000000000 +0200 @@ -1,5 +1,5 @@ -Copyright: (c) 2014-2019 Joachim Nilsson <[email protected]> +Copyright: (c) 2014-2020 Joachim Nilsson <[email protected]> License: ISC Permission to use, copy, modify, and/or distribute this software for any diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/debian/rules new/uftpd-2.13/debian/rules --- old/uftpd-2.12/debian/rules 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/debian/rules 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,7 @@ #!/usr/bin/make -f # export DH_VERBOSE=1 export DEB_BUILD_MAINT_OPTIONS = hardening=+all +export DEB_BUILD_OPTIONS='parallel=1' %: dh $@ --with autoreconf,systemd diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/doc/TODO.md new/uftpd-2.13/doc/TODO.md --- old/uftpd-2.12/doc/TODO.md 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/doc/TODO.md 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,13 @@ +TODO +==== + +* Setup signed .deb repository on deb.troglobit.com +* Port to *BSD (Free/Net/Open) -- requires kqueue support in libuEv +* Add TFTP retransmit support and inactivity timer, see + http://tools.ietf.org/html/rfc2349 +* Add support for IPv6 +* Update Coverity Scan model to skip intended constructs +* Add uftp client, with .netrc support + - See netrc(5) for details of format. + - Build small CLI library using editline. + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/docs/CODE-OF-CONDUCT.md new/uftpd-2.13/docs/CODE-OF-CONDUCT.md --- old/uftpd-2.12/docs/CODE-OF-CONDUCT.md 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/docs/CODE-OF-CONDUCT.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,44 +0,0 @@ -# Contributor Code of Conduct - -As contributors and maintainers of this project, and in the interest of -fostering an open and welcoming community, we pledge to respect all -people who contribute through reporting issues, posting feature -requests, updating documentation, submitting pull requests or patches, -and other activities. - -We are committed to making participation in this project a -harassment-free experience for everyone, regardless of level of -experience, gender, gender identity and expression, sexual orientation, -disability, personal appearance, body size, race, ethnicity, age, -religion, or nationality. - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery -* Personal attacks -* Trolling or insulting/derogatory comments -* Public or private harassment -* Publishing other's private information, such as physical or electronic - addresses, without explicit permission -* Other unethical or unprofessional conduct. - -Project maintainers have the right and responsibility to remove, edit, -or reject comments, commits, code, wiki edits, issues, and other -contributions that are not aligned to this Code of Conduct. By adopting -this Code of Conduct, project maintainers commit themselves to fairly -and consistently applying these principles to every aspect of managing -this project. Project maintainers who do not follow or enforce the Code -of Conduct may be permanently removed from the project team. - -This code of conduct applies both within project spaces and in public -spaces when an individual is representing the project or its community. - -Instances of abusive, harassing, or otherwise unacceptable behavior may -be reported by opening an issue or contacting one or more of the project -maintainers. - -This Code of Conduct is adapted from the [Contributor Covenant][1], -[version 1.2.0][2]. - -[1]: http://contributor-covenant.org -[2]: http://contributor-covenant.org/version/1/2/0/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/docs/CONTRIBUTING.md new/uftpd-2.13/docs/CONTRIBUTING.md --- old/uftpd-2.12/docs/CONTRIBUTING.md 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/docs/CONTRIBUTING.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,89 +0,0 @@ -Contributing to uftpd -===================== - -We welcome any and all help in the form of bug reports, fixes, patches -for new features -- *preferably as GitHub pull requests*. Other methods -are of course also possible: emailing the maintainer a patch or even a -raw file, or simply emailing a feature request or an alert of a problem. -For email questions/requests/alerts there is always the risk of memory -exhaustion on the part of the maintainer(s), so use GitHub :) - -If you are unsure of what to do, or how to implement an idea or bugfix, -open an issue with `"[RFC: Unsure if this is a bug ... ?"`, or similar, -so we can discuss it. Talking about the code first is the best way to -get started before submitting a pull request. - -Either way, when sending an email, patch, or pull request, start by -stating the version the change is made against, what it does, and why. - -Please take care to ensure you follow the project coding style and the -commit message format. If you follow these recommendations you help -the maintainer(s) and make it easier for them to include your code. - - -Coding Style ------------- - -> **Tip:** Always submit code that follows the style of surrounding code! - -First of all, lines are allowed to be longer than 72 characters these -days. In fact, there exist no enforced maximum, but keeping it around -100 chars is OK. - -The coding style itself is strictly Linux [KNF][]. - - -Commit Messages ---------------- - -Commit messages exist to track *why* a change was made. Try to be as -clear and concise as possible in your commit messages, and always, be -proud of your work and set up a proper GIT identity for your commits: - - git config --global user.name "Jane Doe" - git config --global user.email [email protected] - -Example commit message from the [Pro Git][gitbook] online book, notice -how `git commit -s` is used to automatically add a `Signed-off-by`: - - Brief, but clear and concise summary of changes - - More detailed explanatory text, if necessary. Wrap it to about 72 - characters or so. In some contexts, the first line is treated as - the subject of an email and the rest of the text as the body. The - blank line separating the ummary from the body is critical (unless - you omit the body entirely); tools like rebase can get confused if - you run the two together. - - Further paragraphs come after blank lines. - - - Bullet points are okay, too - - - Typically a hyphen or asterisk is used for the bullet, preceded - by a single space, with blank lines in between, but conventions - vary here - - Signed-off-by: Jane Doe <[email protected]> - - -A good *counter* example [is this][rambling] ... - - -Code of Conduct ---------------- - -It is expected of everyone engaging in the project to, in the words of -Bill & Ted; [be excellent to each other][conduct]. - - -[github]: https://github.com/troglobit/uftpd/ -[KNF]: https://en.wikipedia.org/wiki/Kernel_Normal_Form -[gitbook]: https://git-scm.com/book/ch5-2.html -[rambling]: http://stopwritingramblingcommitmessages.com/ -[conduct]: https://github.com/troglobit/uftpd/blob/master/docs/CODE-OF-CONDUCT.md - -<!-- - -- Local Variables: - -- mode: markdown - -- End: - --> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/docs/SECURITY.md new/uftpd-2.13/docs/SECURITY.md --- old/uftpd-2.12/docs/SECURITY.md 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/docs/SECURITY.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,12 +0,0 @@ -# Security Policy - -## Supported Versions - -uftpd is a small project, as such we have no possibility to support older versions. -The only supported version is the latest released on GitHub: - -<https://github.com/troglobit/uftpd/releases> - -## Reporting a Vulnerability - -Contact the project's main author and owner to report and discuss vulnerabilities. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/docs/TODO.md new/uftpd-2.13/docs/TODO.md --- old/uftpd-2.12/docs/TODO.md 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/docs/TODO.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,13 +0,0 @@ -TODO -==== - -* Setup signed .deb repository on deb.troglobit.com -* Port to *BSD (Free/Net/Open) -- requires kqueue support in libuEv -* Add TFTP retransmit support and inactivity timer, see - http://tools.ietf.org/html/rfc2349 -* Add support for IPv6 -* Update Coverity Scan model to skip intended constructs -* Add uftp client, with .netrc support - - See netrc(5) for details of format. - - Build small CLI library using editline. - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/man/uftpd.8 new/uftpd-2.13/man/uftpd.8 --- old/uftpd-2.12/man/uftpd.8 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/man/uftpd.8 2020-06-30 23:45:05.000000000 +0200 @@ -1,5 +1,5 @@ .\" -.\" Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> +.\" Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> .\" .\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -13,7 +13,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd Aug 12, 2019 +.Dd June 30, 2020 .Dt UFTPD 8 .Os "uftpd (2.10)" .Sh NAME diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/common.c new/uftpd-2.13/src/common.c --- old/uftpd-2.12/src/common.c 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/common.c 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* Common methods shared between FTP and TFTP engines * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/ftpcmd.c new/uftpd-2.13/src/ftpcmd.c --- old/uftpd-2.12/src/ftpcmd.c 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/ftpcmd.c 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* FTP engine * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -1626,10 +1626,9 @@ ctrl = new_session(ctx, sd, &pid); if (!ctrl) { - if (pid < 0) { + if (pid < 0) shutdown(sd, SHUT_RDWR); - close(sd); - } + close(sd); return pid; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/log.c new/uftpd-2.13/src/log.c --- old/uftpd-2.12/src/log.c 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/log.c 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* uftpd -- the no nonsense (T)FTP server * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/tftpcmd.c new/uftpd-2.13/src/tftpcmd.c --- old/uftpd-2.12/src/tftpcmd.c 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/tftpcmd.c 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* TFTP Engine * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/uftpd.c new/uftpd-2.13/src/uftpd.c --- old/uftpd-2.12/src/uftpd.c 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/uftpd.c 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* uftpd -- the no nonsense (T)FTP server * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -110,6 +110,9 @@ while (wait(NULL) != -1) ; + if (home) + free(home); + /* Leave main loop. */ uev_exit(w->ctx); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/src/uftpd.h new/uftpd-2.13/src/uftpd.h --- old/uftpd-2.12/src/uftpd.h 2020-05-25 18:09:12.000000000 +0200 +++ new/uftpd-2.13/src/uftpd.h 2020-06-30 23:45:05.000000000 +0200 @@ -1,6 +1,6 @@ /* uftpd -- the no nonsense (T)FTP server * - * Copyright (c) 2014-2019 Joachim Nilsson <[email protected]> + * Copyright (c) 2014-2020 Joachim Nilsson <[email protected]> * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/.gitignore new/uftpd-2.13/tests/.gitignore --- old/uftpd-2.12/tests/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/.gitignore 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,2 @@ +*.trs +*.log diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/Makefile.am new/uftpd-2.13/tests/Makefile.am --- old/uftpd-2.12/tests/Makefile.am 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/Makefile.am 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,13 @@ +EXTRA_DIST = start.sh stop.sh +EXTRA_DIST += ftp.sh tftp.sh maxfiles.sh +CLEANFILES = *~ *.trs *.log +TEST_EXTENSIONS = .sh + +TESTS = start.sh +TESTS += ftp.sh +TESTS += tftp.sh +TESTS += maxfiles.sh +TESTS += stop.sh + +.PRECIOUS: stop.log + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/ftp.sh new/uftpd-2.13/tests/ftp.sh --- old/uftpd-2.12/tests/ftp.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/ftp.sh 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,9 @@ +#!/bin/sh +cd /tmp +ftp -n 127.0.0.1 9013 <<-END + verbose on + user anonymous a@b + bin + get testfile.txt + bye +END diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/maxfiles.sh new/uftpd-2.13/tests/maxfiles.sh --- old/uftpd-2.12/tests/maxfiles.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/maxfiles.sh 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,25 @@ +#!/bin/sh +set -e +cd /tmp + +#max=`ulimit -n` +max=1040 + +# check beyond max to verify uftpd doesn't leak descriptors +max=$(($max + 20)) + +get() +{ + ftp -n 127.0.0.1 9013 <<-END + user anonymous a@b + get testfile.txt + bye +END +} + +i=1 +while [ $i -lt $max ]; do + get + rm testfile.txt + i=$(($i + 1)) +done diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/start.sh new/uftpd-2.13/tests/start.sh --- old/uftpd-2.12/tests/start.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/start.sh 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,8 @@ +#!/bin/bash +cd ../tests +cp /etc/passwd testfile.txt + +../src/uftpd -n -o ftp=9013,tftp=6969 -l none . & +echo $! >/tmp/uftpd.pid + +sleep 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/stop.sh new/uftpd-2.13/tests/stop.sh --- old/uftpd-2.12/tests/stop.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/stop.sh 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,12 @@ +#!/bin/bash +cd ../tests +rm -f testfile.txt + +if [ -e /tmp/uftpd.pid ]; then + PID=`cat /tmp/uftpd.pid` + echo "Stopping uftpd PID $PID" + kill -9 $PID +fi + +rm -f /tmp/uftpd.pid +rm -f /tmp/testfile.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/uftpd-2.12/tests/tftp.sh new/uftpd-2.13/tests/tftp.sh --- old/uftpd-2.12/tests/tftp.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/uftpd-2.13/tests/tftp.sh 2020-06-30 23:45:05.000000000 +0200 @@ -0,0 +1,4 @@ +#!/bin/sh +set -x +cd /tmp +tftp -4 127.0.0.1 6969 -m binary -c get testfile.txt
