diff --git a/.fmf/version b/.fmf/version deleted file mode 100644 index d00491f..0000000 --- a/.fmf/version +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/.gitignore b/.gitignore index d4e96bd..811254b 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,3 @@ vsftpd-2.3.2.tar.gz /vsftpd-3.0.1.tar.gz /vsftpd-3.0.2.tar.gz /vsftpd-3.0.3.tar.gz -/vsftpd-3.0.5.tar.gz diff --git a/0001-Don-t-use-the-provided-script-to-locate-libraries.patch b/0001-Don-t-use-the-provided-script-to-locate-libraries.patch index f4a67e3..fdeb69e 100644 --- a/0001-Don-t-use-the-provided-script-to-locate-libraries.patch +++ b/0001-Don-t-use-the-provided-script-to-locate-libraries.patch @@ -1,7 +1,7 @@ From 7bd573d76e9c1996ad5a96f0289731a253a24301 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:35:51 +0200 -Subject: [PATCH 01/59] Don't use the provided script to locate libraries. +Subject: [PATCH 01/33] Don't use the provided script to locate libraries. This branch is Fedora (RHEL) specific, so we know what libraries we have and want to use. @@ -23,5 +23,5 @@ index c63ed1b..98118dc 100644 LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now -- -2.14.4 +2.7.4 diff --git a/0001-Fix-timestamp-handling-in-MDTM.patch b/0001-Fix-timestamp-handling-in-MDTM.patch deleted file mode 100644 index 3975bf3..0000000 --- a/0001-Fix-timestamp-handling-in-MDTM.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 6a4dc470e569df38b8a7ea09ee6aace3c73b7353 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Wed, 28 Mar 2018 09:06:34 +0200 -Subject: [PATCH 1/2] Fix timestamp handling in MDTM - -There were two problems with the timestamp handling with MDTM: - -1. In vsf_sysutil_parse_time(), the `the_time.tm_isdst` attribute was - always set to 0, regardless of whether DST (daylight saving time) - is active on the given date or not. - - This made glibc shift the timestamp when DST was in fact active on - the given date, in an attempt to correct the discrepancy between - the given timestamp and the `tm_isdst` attribute. The shifting - produced incorrect results however. - - We fix this by setting `tm_isdst` to -1 to let glibc decide if DST - is active or not at the time of the timestamp. glibc won't touch - the timestamp then. - -2. vsftpd used to record the offset from UTC of the current timezone - in the global variable `s_timezone`. This variable was then - subtracted from the variable `the_time` in vsf_sysutil_setmodtime() - when the config option use_localtime=NO was set. This was done to - compensate for the fact that mktime(), used in - vsf_sysutil_parse_time(), expects a timestamp expressed as local - time, whereas vsftpd is dealing with universal time. - - However, this did not work in the case when the offset stored in - `s_timezone` did not match the timezone of the timestamp given to - mktime() - this happens when DST is active at the current time, but - DST is not active at the time of the timestamp, or vice versa. - - We fix this by subtracting the real timezone offset directly in - vsf_sysutil_parse_time(). - - Note that the `tm_gmtoff` attribute, used in this fix, is a - BSD/glic extension. However, using `tm_gmtoff` seems like the - simplest solution and we need to make this work only with glibc - anyway. - -The fix was tested in the following way. We checked that the timestamp -given to the MDTM command when setting modification time exactly -matches the timestamp received as response from MDTM when reading back -the modification time. Additionally, we checked that the modification -time was set correctly on the given file on disk. - -These two checks were performed under various conditions - all the -combinations of DST/non-DST system time, DST/non-DST modification -time, use_localtime=YES/NO. - -Note that (I think) this will still not work if the rules for when DST -is active change. For example, if DST is ever completely cancelled in -the Europe/Prague timezone, and vsftpd is dealing with a timestamp -from a time when DST was active, it will produce incorrect results. I -think we would need the full zone file to fix this, but the zone file -is hard to provide when we're chroot-ed. - -Resolves: rhbz#1567855 ---- - postlogin.c | 5 +++-- - sysutil.c | 17 ++++++++++------- - sysutil.h | 4 ++-- - 3 files changed, 15 insertions(+), 11 deletions(-) - -diff --git a/postlogin.c b/postlogin.c -index 7c749ef..8a3d9d2 100644 ---- a/postlogin.c -+++ b/postlogin.c -@@ -1788,7 +1788,8 @@ handle_mdtm(struct vsf_session* p_sess) - if (do_write != 0) - { - str_split_char(&p_sess->ftp_arg_str, &s_filename_str, ' '); -- modtime = vsf_sysutil_parse_time(str_getbuf(&p_sess->ftp_arg_str)); -+ modtime = vsf_sysutil_parse_time( -+ str_getbuf(&p_sess->ftp_arg_str), tunable_use_localtime); - str_copy(&p_sess->ftp_arg_str, &s_filename_str); - } - resolve_tilde(&p_sess->ftp_arg_str, p_sess); -@@ -1809,7 +1810,7 @@ handle_mdtm(struct vsf_session* p_sess) - else - { - retval = vsf_sysutil_setmodtime( -- str_getbuf(&p_sess->ftp_arg_str), modtime, tunable_use_localtime); -+ str_getbuf(&p_sess->ftp_arg_str), modtime); - if (retval != 0) - { - vsf_cmdio_write(p_sess, FTP_FILEFAIL, -diff --git a/sysutil.c b/sysutil.c -index e847650..66d4c5e 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -2819,11 +2819,13 @@ vsf_sysutil_syslog(const char* p_text, int severe) - } - - long --vsf_sysutil_parse_time(const char* p_text) -+vsf_sysutil_parse_time(const char* p_text, int is_localtime) - { -+ long res; - struct tm the_time; - unsigned int len = vsf_sysutil_strlen(p_text); - vsf_sysutil_memclr(&the_time, sizeof(the_time)); -+ the_time.tm_isdst = -1; - if (len >= 8) - { - char yr[5]; -@@ -2848,17 +2850,18 @@ vsf_sysutil_parse_time(const char* p_text) - the_time.tm_min = vsf_sysutil_atoi(mins); - the_time.tm_sec = vsf_sysutil_atoi(sec); - } -- return mktime(&the_time); -+ res = mktime(&the_time); -+ if (!is_localtime) -+ { -+ res += the_time.tm_gmtoff; -+ } -+ return res; - } - - int --vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime) -+vsf_sysutil_setmodtime(const char* p_file, long the_time) - { - struct utimbuf new_times; -- if (!is_localtime) -- { -- the_time -= s_timezone; -- } - vsf_sysutil_memclr(&new_times, sizeof(new_times)); - new_times.actime = the_time; - new_times.modtime = the_time; -diff --git a/sysutil.h b/sysutil.h -index 7a59f13..b90f6ca 100644 ---- a/sysutil.h -+++ b/sysutil.h -@@ -349,9 +349,9 @@ void vsf_sysutil_chroot(const char* p_root_path); - */ - long vsf_sysutil_get_time_sec(void); - long vsf_sysutil_get_time_usec(void); --long vsf_sysutil_parse_time(const char* p_text); -+long vsf_sysutil_parse_time(const char* p_text, int is_localtime); - void vsf_sysutil_sleep(double seconds); --int vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime); -+int vsf_sysutil_setmodtime(const char* p_file, long the_time); - - /* Limits */ - void vsf_sysutil_set_address_space_limit(unsigned long bytes); --- -2.24.1 - diff --git a/0001-Move-closing-standard-FDs-after-listen.patch b/0001-Move-closing-standard-FDs-after-listen.patch deleted file mode 100644 index 12511e7..0000000 --- a/0001-Move-closing-standard-FDs-after-listen.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 40fea4552377504ce69935149e64e39a595f4600 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Sat, 3 Aug 2019 17:50:14 +0200 -Subject: [PATCH 1/2] Move closing standard FDs after listen() - -The vsf_sysutil_close() calls need to be moved a bit further so that -die() works properly in case listen() fails. - -I see no reason the calls should be placed before listen() -specifically, as they are now. My guess is that the author who added -the calls thought that listen() is a blocking call, which is not the -case. The only thing we need to satisfy is that close() is called -before accept, because that is a blocking call. That's all that is -needed to fix the bug that was fixed by adding the close() calls. - -Resolves: rhbz#1666380 ---- - standalone.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/standalone.c b/standalone.c -index 3f35e9e..b358ca1 100644 ---- a/standalone.c -+++ b/standalone.c -@@ -152,15 +152,15 @@ vsf_standalone_main(void) - vsf_sysutil_kill(vsf_sysutil_getppid(), kVSFSysUtilSigUSR1); - } - } -- vsf_sysutil_close(0); -- vsf_sysutil_close(1); -- vsf_sysutil_close(2); - retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG); - if (vsf_sysutil_retval_is_error(retval)) - { - die("could not listen"); - } - vsf_sysutil_sockaddr_alloc(&p_accept_addr); -+ vsf_sysutil_close(0); -+ vsf_sysutil_close(1); -+ vsf_sysutil_close(2); - while (1) - { - struct vsf_client_launch child_info; --- -2.20.1 - diff --git a/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch b/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch deleted file mode 100644 index 88640ac..0000000 --- a/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch +++ /dev/null @@ -1,25 +0,0 @@ -From ab797dcffc855b05c9e7c8db4e5be2fc7510831b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 17 Mar 2020 12:57:36 +0100 -Subject: [PATCH] Remove a hint about the ftp_home_dir SELinux boolean - -The boolean has been removed from SELinux. ---- - vsftpd.conf | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/vsftpd.conf b/vsftpd.conf -index 6b8eebb..ea20a72 100644 ---- a/vsftpd.conf -+++ b/vsftpd.conf -@@ -12,7 +12,6 @@ - anonymous_enable=NO - # - # Uncomment this to allow local users to log in. --# When SELinux is enforcing check for SE bool ftp_home_dir - local_enable=YES - # - # Uncomment this to enable any form of FTP write command. --- -2.25.1 - diff --git a/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch b/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch deleted file mode 100644 index 63d555e..0000000 --- a/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 7957425ef5ab365fc96ea0615f99705581c6dbd8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Mon, 12 Aug 2019 18:15:36 +0200 -Subject: [PATCH] Repeat pututxline() until it succeeds if it fails with EINTR - -Since the pututxline() bug rhbz#1749439 is now fixed in glibc in -Fedora and RHEL-8, we can implement a complete solution for the stale -utmp entries issue originally reported as rhbz#1688848. - -This patch is a followup to commit 896b3694ca062d7. - -Resolves: rhbz#1688852 -Resolves: rhbz#1737433 ---- - sysdeputil.c | 53 +++++++++++++--------------------------------------- - 1 file changed, 13 insertions(+), 40 deletions(-) - -diff --git a/sysdeputil.c b/sysdeputil.c -index 4fbcca7..75be680 100644 ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -1203,7 +1203,7 @@ void - vsf_insert_uwtmp(const struct mystr* p_user_str, - const struct mystr* p_host_str) - { -- int attempts; -+ struct utmpx* p_res; - - if (sizeof(s_utent.ut_line) < 16) - { -@@ -1233,34 +1233,21 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, - vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str), - sizeof(s_utent.ut_host)); - s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); -- for (attempts = 2; attempts > 0; --attempts) -+ setutxent(); -+ do - { -- struct utmpx* p_res; -- setutxent(); - p_res = pututxline(&s_utent); - /* For now we'll ignore errors other than EINTR and EAGAIN */ -- if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) -- { -- break; -- } -- } -- if (attempts == 0) -- { -- /* This makes us skip pututxline() in vsf_remove_uwtmp() */ -- s_uwtmp_inserted = -1; -- } -- else -- { -- s_uwtmp_inserted = 1; -- endutxent(); -- } -+ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN)); -+ s_uwtmp_inserted = 1; -+ endutxent(); - updwtmpx(WTMPX_FILE, &s_utent); - } - - void - vsf_remove_uwtmp(void) - { -- int attempts; -+ struct utmpx* p_res; - - if (!s_uwtmp_inserted) - { -@@ -1270,27 +1257,13 @@ vsf_remove_uwtmp(void) - vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); - vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); - s_utent.ut_tv.tv_sec = 0; -- if (s_uwtmp_inserted == 1) -+ setutxent(); -+ do - { -- for (attempts = 2; attempts > 0; --attempts) -- { -- struct utmpx* p_res; -- setutxent(); -- p_res = pututxline(&s_utent); -- /* For now we'll ignore errors other than EINTR and EAGAIN */ -- if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) -- { -- break; -- } -- } -- if (attempts != 0) -- { -- endutxent(); -- } -- } -- /* Set s_uwtmp_inserted to 0 regardless of the result of -- * pututxline() to make sure we won't run this function twice. -- */ -+ p_res = pututxline(&s_utent); -+ /* For now we'll ignore errors other than EINTR and EAGAIN */ -+ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN)); -+ endutxent(); - s_uwtmp_inserted = 0; - s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); - updwtmpx(WTMPX_FILE, &s_utent); --- -2.20.1 - diff --git a/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch b/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch deleted file mode 100644 index 00bf82c..0000000 --- a/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 96698a525784ad91cb27b572dd5f871c183fdfa5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Sun, 28 Jul 2019 12:25:35 +0200 -Subject: [PATCH 1/2] Set s_uwtmp_inserted only after record insertion/removal - -pututxline() is the function that actually inserts the new record, so -setting 's_uwtmp_inserted' before calling pututxline() doesn't make -sense. - -We'll need this change for other fixes. ---- - sysdeputil.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/sysdeputil.c b/sysdeputil.c -index 4fe56c2..bd1e8c9 100644 ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -1224,7 +1224,6 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, - sizeof(s_utent.ut_line)); - str_free(&line_str); - } -- s_uwtmp_inserted = 1; - s_utent.ut_type = USER_PROCESS; - s_utent.ut_pid = vsf_sysutil_getpid(); - vsf_sysutil_strcpy(s_utent.ut_user, str_getbuf(p_user_str), -@@ -1235,6 +1234,7 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, - setutxent(); - (void) pututxline(&s_utent); - endutxent(); -+ s_uwtmp_inserted = 1; - updwtmpx(WTMPX_FILE, &s_utent); - } - -@@ -1245,7 +1245,6 @@ vsf_remove_uwtmp(void) - { - return; - } -- s_uwtmp_inserted = 0; - s_utent.ut_type = DEAD_PROCESS; - vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); - vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); -@@ -1253,6 +1252,7 @@ vsf_remove_uwtmp(void) - setutxent(); - (void) pututxline(&s_utent); - endutxent(); -+ s_uwtmp_inserted = 0; - s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); - updwtmpx(WTMPX_FILE, &s_utent); - } --- -2.20.1 - diff --git a/0002-Drop-an-unused-global-variable.patch b/0002-Drop-an-unused-global-variable.patch deleted file mode 100644 index 53af589..0000000 --- a/0002-Drop-an-unused-global-variable.patch +++ /dev/null @@ -1,56 +0,0 @@ -From d0045e35674d64d166d17c3c079ae03e8c2e6361 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 13 Feb 2020 17:29:06 +0100 -Subject: [PATCH 2/2] Drop an unused global variable - -The global variable `s_timezone` is not used anymore, so we can drop -it. ---- - sysutil.c | 17 +++-------------- - 1 file changed, 3 insertions(+), 14 deletions(-) - -diff --git a/sysutil.c b/sysutil.c -index 66d4c5e..0ccf551 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -72,8 +72,6 @@ static struct timeval s_current_time; - static int s_current_pid = -1; - /* Exit function */ - static exitfunc_t s_exit_func; --/* Difference in timezone from GMT in seconds */ --static long s_timezone; - - /* Our internal signal handling implementation details */ - static struct vsf_sysutil_sig_details -@@ -2661,7 +2659,6 @@ char* vsf_sysutil_get_tz() - void - vsf_sysutil_tzset(void) - { -- int retval; - char *tz=NULL, tzbuf[sizeof("+HHMM!")]; - time_t the_time = time(NULL); - struct tm* p_tm; -@@ -2681,17 +2678,9 @@ vsf_sysutil_tzset(void) - { - die("localtime"); - } -- retval = strftime(tzbuf, sizeof(tzbuf), "%z", p_tm); -- tzbuf[sizeof(tzbuf) - 1] = '\0'; -- if (retval == 5) -- { -- s_timezone = ((tzbuf[1] - '0') * 10 + (tzbuf[2] - '0')) * 60 * 60; -- s_timezone += ((tzbuf[3] - '0') * 10 + (tzbuf[4] - '0')) * 60; -- if (tzbuf[0] == '+') -- { -- s_timezone *= -1; -- } -- } -+ /* Not sure if the following call to strftime() has any desired side -+ effects, so I'm keeping it to be safe. */ -+ (void) strftime(tzbuf, sizeof(tzbuf), "%z", p_tm); - /* Call in to the time subsystem again now that TZ is set, trying to force - * caching of the actual zoneinfo for the timezone. - */ --- -2.24.1 - diff --git a/0002-Enable-build-with-SSL.patch b/0002-Enable-build-with-SSL.patch index e772099..41180fa 100644 --- a/0002-Enable-build-with-SSL.patch +++ b/0002-Enable-build-with-SSL.patch @@ -1,7 +1,7 @@ From 6fe24bc56694808ac7f8038855883a971967f0fb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:40:53 +0200 -Subject: [PATCH 02/59] Enable build with SSL. +Subject: [PATCH 02/33] Enable build with SSL. --- builddefs.h | 2 +- @@ -21,5 +21,5 @@ index e908352..63cc62b 100644 #endif /* VSF_BUILDDEFS_H */ -- -2.14.4 +2.7.4 diff --git a/0002-Prevent-recursion-in-bug.patch b/0002-Prevent-recursion-in-bug.patch deleted file mode 100644 index 061fd1e..0000000 --- a/0002-Prevent-recursion-in-bug.patch +++ /dev/null @@ -1,107 +0,0 @@ -From e679a3ce0f2cf1558da31e0bccd9e2398b89c7e9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 30 Jul 2019 16:07:01 +0200 -Subject: [PATCH 2/2] Prevent recursion in bug() - -Resolves: rhbz#1666380 ---- - sysutil.c | 35 +++++++++++++++++++++++++++++++---- - sysutil.h | 1 + - utility.c | 12 +++++++----- - 3 files changed, 39 insertions(+), 9 deletions(-) - -diff --git a/sysutil.c b/sysutil.c -index fd07d99..e2df671 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -774,21 +774,48 @@ vsf_sysutil_deactivate_linger_failok(int fd) - (void) setsockopt(fd, SOL_SOCKET, SO_LINGER, &the_linger, sizeof(the_linger)); - } - --void --vsf_sysutil_activate_noblock(int fd) -+static int -+vsf_sysutil_activate_noblock_internal(int fd, int return_err) - { - int retval; - int curr_flags = fcntl(fd, F_GETFL); - if (vsf_sysutil_retval_is_error(curr_flags)) - { -- die("fcntl"); -+ if (return_err) -+ { -+ return -1; -+ } -+ else -+ { -+ die("fcntl"); -+ } - } - curr_flags |= O_NONBLOCK; - retval = fcntl(fd, F_SETFL, curr_flags); - if (retval != 0) - { -- die("fcntl"); -+ if (return_err) -+ { -+ return -1; -+ } -+ else -+ { -+ die("fcntl"); -+ } - } -+ return 0; -+} -+ -+void -+vsf_sysutil_activate_noblock(int fd) -+{ -+ (void) vsf_sysutil_activate_noblock_internal(fd, 0); -+} -+ -+int -+vsf_sysutil_activate_noblock_no_die(int fd) -+{ -+ return vsf_sysutil_activate_noblock_internal(fd, 1); - } - - void -diff --git a/sysutil.h b/sysutil.h -index 2df14ed..0772423 100644 ---- a/sysutil.h -+++ b/sysutil.h -@@ -281,6 +281,7 @@ void vsf_sysutil_activate_oobinline(int fd); - void vsf_sysutil_activate_linger(int fd); - void vsf_sysutil_deactivate_linger_failok(int fd); - void vsf_sysutil_activate_noblock(int fd); -+int vsf_sysutil_activate_noblock_no_die(int fd); - void vsf_sysutil_deactivate_noblock(int fd); - /* This does SHUT_RDWR */ - void vsf_sysutil_shutdown_failok(int fd); -diff --git a/utility.c b/utility.c -index 75e5bdd..5619a04 100644 ---- a/utility.c -+++ b/utility.c -@@ -47,11 +47,13 @@ bug(const char* p_text) - { - vsf_log_die(p_text); - } -- vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD); -- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); -- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, -- vsf_sysutil_strlen(p_text)); -- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); -+ if (vsf_sysutil_activate_noblock_no_die(VSFTP_COMMAND_FD) == 0) -+ { -+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); -+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, -+ vsf_sysutil_strlen(p_text)); -+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); -+ } - if (tunable_log_die) - { - /* Workaround for https://github.com/systemd/systemd/issues/2913 */ --- -2.20.1 - diff --git a/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch b/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch deleted file mode 100644 index e89efcf..0000000 --- a/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 896b3694ca062d747cd67e9e9ba246adb3fc706b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Mon, 5 Aug 2019 13:55:37 +0200 -Subject: [PATCH 2/2] Repeat pututxline() if it fails with EINTR - -This is a partial fix for rhbz#1688848. We cannot resolve it -completely until glibc bug rhbz#1734791 is fixed. See -https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c13. - -The maximum number of attempts is currently 2, which might seem -low. However setting it to 2 was a decision based on data - see -https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c16. - -Resolves: rhbz#1688848 ---- - sysdeputil.c | 53 +++++++++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 46 insertions(+), 7 deletions(-) - -diff --git a/sysdeputil.c b/sysdeputil.c -index bd1e8c9..4fbcca7 100644 ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -1203,6 +1203,8 @@ void - vsf_insert_uwtmp(const struct mystr* p_user_str, - const struct mystr* p_host_str) - { -+ int attempts; -+ - if (sizeof(s_utent.ut_line) < 16) - { - return; -@@ -1231,16 +1233,35 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, - vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str), - sizeof(s_utent.ut_host)); - s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); -- setutxent(); -- (void) pututxline(&s_utent); -- endutxent(); -- s_uwtmp_inserted = 1; -+ for (attempts = 2; attempts > 0; --attempts) -+ { -+ struct utmpx* p_res; -+ setutxent(); -+ p_res = pututxline(&s_utent); -+ /* For now we'll ignore errors other than EINTR and EAGAIN */ -+ if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) -+ { -+ break; -+ } -+ } -+ if (attempts == 0) -+ { -+ /* This makes us skip pututxline() in vsf_remove_uwtmp() */ -+ s_uwtmp_inserted = -1; -+ } -+ else -+ { -+ s_uwtmp_inserted = 1; -+ endutxent(); -+ } - updwtmpx(WTMPX_FILE, &s_utent); - } - - void - vsf_remove_uwtmp(void) - { -+ int attempts; -+ - if (!s_uwtmp_inserted) - { - return; -@@ -1249,9 +1270,27 @@ vsf_remove_uwtmp(void) - vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); - vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); - s_utent.ut_tv.tv_sec = 0; -- setutxent(); -- (void) pututxline(&s_utent); -- endutxent(); -+ if (s_uwtmp_inserted == 1) -+ { -+ for (attempts = 2; attempts > 0; --attempts) -+ { -+ struct utmpx* p_res; -+ setutxent(); -+ p_res = pututxline(&s_utent); -+ /* For now we'll ignore errors other than EINTR and EAGAIN */ -+ if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) -+ { -+ break; -+ } -+ } -+ if (attempts != 0) -+ { -+ endutxent(); -+ } -+ } -+ /* Set s_uwtmp_inserted to 0 regardless of the result of -+ * pututxline() to make sure we won't run this function twice. -+ */ - s_uwtmp_inserted = 0; - s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); - updwtmpx(WTMPX_FILE, &s_utent); --- -2.20.1 - diff --git a/0003-Enable-build-with-TCP-Wrapper.patch b/0003-Enable-build-with-TCP-Wrapper.patch index e656776..baa8881 100644 --- a/0003-Enable-build-with-TCP-Wrapper.patch +++ b/0003-Enable-build-with-TCP-Wrapper.patch @@ -1,7 +1,7 @@ From 1e0e2b13836d40f5a3f4cb20f2b3ea8204115b51 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:42:09 +0200 -Subject: [PATCH 03/59] Enable build with TCP Wrapper +Subject: [PATCH 03/33] Enable build with TCP Wrapper --- builddefs.h | 2 +- @@ -21,5 +21,5 @@ index 63cc62b..83de674 100644 #define VSF_BUILD_SSL -- -2.14.4 +2.7.4 diff --git a/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch b/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch index e82cd84..4380365 100644 --- a/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch +++ b/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch @@ -1,7 +1,7 @@ From fff93602a4b252be8d674e27083dde68a7acf038 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:46:03 +0200 -Subject: [PATCH 04/59] Use /etc/vsftpd/ dir for config files instead of /etc. +Subject: [PATCH 04/33] Use /etc/vsftpd/ dir for config files instead of /etc. --- EXAMPLE/INTERNET_SITE/README | 6 +++--- @@ -479,5 +479,5 @@ index fcc6022..5e46a2f 100644 .B vsftpd_log_file This option is the name of the file to which we write the vsftpd style -- -2.14.4 +2.7.4 diff --git a/0005-Use-hostname-when-calling-PAM-authentication-module.patch b/0005-Use-hostname-when-calling-PAM-authentication-module.patch index af842f5..7d8d7de 100644 --- a/0005-Use-hostname-when-calling-PAM-authentication-module.patch +++ b/0005-Use-hostname-when-calling-PAM-authentication-module.patch @@ -1,7 +1,7 @@ From 08c49b78942d40c99fae8c40e7668aa73e1bd695 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 15:01:23 +0200 -Subject: [PATCH 05/59] Use hostname when calling PAM authentication module. +Subject: [PATCH 05/33] Use hostname when calling PAM authentication module. Currently the vsftpd passes all logins as IP addresses into PAM. This prevents administrators from setting up @@ -71,5 +71,5 @@ index 06f01f4..b2782da 100644 if (retval != 1) { -- -2.14.4 +2.7.4 diff --git a/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch b/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch index f030f35..22af9be 100644 --- a/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch +++ b/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch @@ -1,7 +1,7 @@ From 423cbf4ddca6578b87e0f8a3fc425688cd1ca89c Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 16:18:39 +0200 -Subject: [PATCH 06/59] Close stdin/out/err before listening for incoming +Subject: [PATCH 06/33] Close stdin/out/err before listening for incoming connections. When running vsftpd as a stand-alone FTP daemon, vsftpd @@ -31,5 +31,5 @@ index ba01ab1..e0f2d5b 100644 if (vsf_sysutil_retval_is_error(retval)) { -- -2.14.4 +2.7.4 diff --git a/0007-Make-filename-filters-smarter.patch b/0007-Make-filename-filters-smarter.patch index 6db2d1a..21c7b78 100644 --- a/0007-Make-filename-filters-smarter.patch +++ b/0007-Make-filename-filters-smarter.patch @@ -1,7 +1,7 @@ From 548375b2122f83771dc0b8571f16e5b5adabba98 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:04:31 +0200 -Subject: [PATCH 07/59] Make filename filters smarter. +Subject: [PATCH 07/33] Make filename filters smarter. In the original version vsftpd was not able to prevent users from downloading for instance /etc/passwd by @@ -98,5 +98,5 @@ index ab0a9a4..3a21b50 100644 /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string * buffer, starting at character position 'p_pos'. The extracted line will -- -2.14.4 +2.7.4 diff --git a/0008-Write-denied-logins-into-the-log.patch b/0008-Write-denied-logins-into-the-log.patch index 5e16953..7a927ef 100644 --- a/0008-Write-denied-logins-into-the-log.patch +++ b/0008-Write-denied-logins-into-the-log.patch @@ -1,7 +1,7 @@ From 75c172596aa9e7a9f32062579f7f98783341c924 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:17:17 +0200 -Subject: [PATCH 08/59] Write denied logins into the log. +Subject: [PATCH 08/33] Write denied logins into the log. This patch adds a new option 'userlist_log'. If enabled, every login denial based on the user list will be logged. @@ -127,21 +127,21 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index 5e46a2f..9d767b1 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 -@@ -586,6 +586,14 @@ Default: NO - If set to yes, all SSL client certificates received must validate OK. - Self-signed certs do not constitute OK validation. (New in v2.0.6). +@@ -588,6 +588,14 @@ Self-signed certs do not constitute OK validation. (New in v2.0.6). -+Default: NO -+.TP + Default: NO + .TP +.B userlist_log +This option is examined if +.BR userlist_enable +is activated. If enabled, every login denial based on the user list will be +logged. + - Default: NO - .TP ++Default: NO ++.TP .B virtual_use_local_privs + If enabled, virtual users will use the same privileges as local users. By + default, virtual users will use the same privileges as anonymous users, which -- -2.14.4 +2.7.4 diff --git a/0009-Trim-whitespaces-when-reading-configuration.patch b/0009-Trim-whitespaces-when-reading-configuration.patch index 97f3e4f..6aa8c70 100644 --- a/0009-Trim-whitespaces-when-reading-configuration.patch +++ b/0009-Trim-whitespaces-when-reading-configuration.patch @@ -1,7 +1,7 @@ From d024bc27cee40f21e6a3841266062408c44e56fb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:35:54 +0200 -Subject: [PATCH 09/59] Trim whitespaces when reading configuration. +Subject: [PATCH 09/33] Trim whitespaces when reading configuration. --- parseconf.c | 2 +- @@ -95,5 +95,5 @@ index c34778c..c2ddd15 100644 void vsf_sysutil_memcpy(void* p_dest, const void* p_src, const unsigned int size); -- -2.14.4 +2.7.4 diff --git a/0010-Improve-daemonizing.patch b/0010-Improve-daemonizing.patch index d2de767..366bee6 100644 --- a/0010-Improve-daemonizing.patch +++ b/0010-Improve-daemonizing.patch @@ -1,7 +1,7 @@ From 569e7078244470ac0fcc2af3947c2735338555ec Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:29:29 +0200 -Subject: [PATCH 10/59] Improve daemonizing +Subject: [PATCH 10/33] Improve daemonizing Init script gets correct return code if binding fails. --- @@ -205,5 +205,5 @@ index c2ddd15..bfc92cb 100644 /* Various string functions */ unsigned int vsf_sysutil_strlen(const char* p_text); -- -2.14.4 +2.7.4 diff --git a/0011-Fix-listing-with-more-than-one-star.patch b/0011-Fix-listing-with-more-than-one-star.patch index a675978..bc56d65 100644 --- a/0011-Fix-listing-with-more-than-one-star.patch +++ b/0011-Fix-listing-with-more-than-one-star.patch @@ -1,7 +1,7 @@ From 32e6642640635d7305969f808b5badb706a11bff Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:36:17 +0200 -Subject: [PATCH 11/59] Fix listing with more than one star '*'. +Subject: [PATCH 11/33] Fix listing with more than one star '*'. This is a regression introduced by some previous patch. --- @@ -34,5 +34,5 @@ index f489478..616b2d9 100644 str_mid_to_end(&name_remain_str, &temp_str, indexx + str_getlen(&s_match_needed_str)); -- -2.14.4 +2.7.4 diff --git a/0012-Replace-syscall-__NR_clone-.-with-clone.patch b/0012-Replace-syscall-__NR_clone-.-with-clone.patch index 84d01e6..de7aba4 100644 --- a/0012-Replace-syscall-__NR_clone-.-with-clone.patch +++ b/0012-Replace-syscall-__NR_clone-.-with-clone.patch @@ -1,7 +1,7 @@ From 0c3a1123c391995ab46cfde603fa025ff180a819 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:43:54 +0200 -Subject: [PATCH 12/59] Replace syscall(__NR_clone ..) with clone () +Subject: [PATCH 12/33] Replace syscall(__NR_clone ..) with clone () in order to fix incorrect order of params on s390 arch --- @@ -31,5 +31,5 @@ index b2782da..3bbabaa 100644 { if (ret == 0) -- -2.14.4 +2.7.4 diff --git a/0013-Extend-man-pages-with-systemd-info.patch b/0013-Extend-man-pages-with-systemd-info.patch index 5dcd965..cde58f4 100644 --- a/0013-Extend-man-pages-with-systemd-info.patch +++ b/0013-Extend-man-pages-with-systemd-info.patch @@ -1,7 +1,7 @@ From 813a4bc45d45f4af94c699893cb2d2ba998d5d31 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:53:07 +0200 -Subject: [PATCH 13/59] Extend man pages with systemd info. +Subject: [PATCH 13/33] Extend man pages with systemd info. Man pages now reflect how is vsftpd used as systemd service. @@ -82,5 +82,5 @@ index 9d767b1..0744f85 100644 The format of vsftpd.conf is very simple. Each line is either a comment or a directive. Comment lines start with a # and are ignored. A directive line -- -2.14.4 +2.7.4 diff --git a/0014-Add-support-for-square-brackets-in-ls.patch b/0014-Add-support-for-square-brackets-in-ls.patch index 5035675..b53b9ee 100644 --- a/0014-Add-support-for-square-brackets-in-ls.patch +++ b/0014-Add-support-for-square-brackets-in-ls.patch @@ -1,11 +1,14 @@ -commit de556b2643b5da622f501b435740c651b9f82554 -Author: Tomas Korbar -Date: Mon Dec 15 02:00:00 2025 +0200 +From ba0520650ae7f9f63e48ba9fb3a94297aebe2d0c Mon Sep 17 00:00:00 2001 +From: Martin Sehnoutka +Date: Wed, 7 Sep 2016 14:22:21 +0200 +Subject: [PATCH 14/33] Add support for square brackets in ls. - Add support for square brackets in ls. +--- + ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++---------------------- + 1 file changed, 150 insertions(+), 72 deletions(-) diff --git a/ls.c b/ls.c -index 616b2d9..ab69af9 100644 +index 616b2d9..b840136 100644 --- a/ls.c +++ b/ls.c @@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str, @@ -188,7 +191,7 @@ index 616b2d9..ab69af9 100644 - if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str, - iters)) + unsigned int cur_pos; -+ unsigned char stch, ench; ++ char stch, ench; + const char *p_brace; + + str_split_char(&filter_remain_str, &temp_str, ']'); @@ -213,7 +216,7 @@ index 616b2d9..ab69af9 100644 + cur_pos++; + } + // expand char[s] -+ for (;stch <= ench && !str_isempty(&brace_list_str) && stch != 0; stch++) ++ for (;stch <= ench && !str_isempty(&brace_list_str); stch++) + { + str_empty(&new_filter_str); + if (!matched) @@ -269,4 +272,6 @@ index 616b2d9..ab69af9 100644 } /* Any incoming string left means no match unless we ended on the correct * type of wildcard. +-- +2.7.4 diff --git a/0015-Listen-on-IPv6-by-default.patch b/0015-Listen-on-IPv6-by-default.patch index b762b09..1e7a7f6 100644 --- a/0015-Listen-on-IPv6-by-default.patch +++ b/0015-Listen-on-IPv6-by-default.patch @@ -1,7 +1,7 @@ From c5daaedf1efe23b397a5950f5503f5cbfac871c8 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 14:25:28 +0200 -Subject: [PATCH 15/59] Listen on IPv6 by default. +Subject: [PATCH 15/33] Listen on IPv6 by default. --- vsftpd.conf | 14 +++++++++----- @@ -51,5 +51,5 @@ index 0744f85..72bb86f 100644 Default: NO .TP -- -2.14.4 +2.7.4 diff --git a/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch b/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch index fae6b9c..31779c2 100644 --- a/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch +++ b/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch @@ -1,7 +1,7 @@ From 048208a4db5d7164d89ba5d7545e281d0a3472d3 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 15:35:59 +0200 -Subject: [PATCH 16/59] Increase VSFTP_AS_LIMIT from 200UL to 400UL. +Subject: [PATCH 16/33] Increase VSFTP_AS_LIMIT from 200UL to 400UL. When using a PAM module to get users from LDAP or database the old limit was insufficient. @@ -23,5 +23,5 @@ index ca11eac..bde3232 100644 #endif /* VSF_DEFS_H */ -- -2.14.4 +2.7.4 diff --git a/0017-Fix-an-issue-with-timestamps-during-DST.patch b/0017-Fix-an-issue-with-timestamps-during-DST.patch index f331433..ec3af9f 100644 --- a/0017-Fix-an-issue-with-timestamps-during-DST.patch +++ b/0017-Fix-an-issue-with-timestamps-during-DST.patch @@ -1,7 +1,7 @@ From 5ec0b86e5c1ff060720b5a6cd1af9d93ec993650 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 29 Sep 2016 11:14:03 +0200 -Subject: [PATCH 17/59] Fix an issue with timestamps during DST. +Subject: [PATCH 17/33] Fix an issue with timestamps during DST. vsftpd now checks whether a file was uploaded during DST and adjust the timestamp accordingly. @@ -157,5 +157,5 @@ index c848356..2abdd13 100644 s_timezone *= -1; } -- -2.14.4 +2.7.4 diff --git a/0018-Change-the-default-log-file-in-configuration.patch b/0018-Change-the-default-log-file-in-configuration.patch index 369a69c..990cf90 100644 --- a/0018-Change-the-default-log-file-in-configuration.patch +++ b/0018-Change-the-default-log-file-in-configuration.patch @@ -1,7 +1,7 @@ From 61dac172bdb14c5a37713078828ea8c8f78c7eb6 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 29 Sep 2016 13:53:16 +0200 -Subject: [PATCH 18/59] Change the default log file in configuration. +Subject: [PATCH 18/33] Change the default log file in configuration. Previous "default" value was wrong. tunables.c:262 => install_str_setting("/var/log/xferlog", @@ -39,5 +39,5 @@ index ae6c6c9..39d1955 100644 # If you want, you can have your log file in standard ftpd xferlog format. # Note that the default log file location is /var/log/xferlog in this case. -- -2.14.4 +2.7.4 diff --git a/0019-Introduce-reverse_lookup_enable-option.patch b/0019-Introduce-reverse_lookup_enable-option.patch index 85023c1..dbf01c0 100644 --- a/0019-Introduce-reverse_lookup_enable-option.patch +++ b/0019-Introduce-reverse_lookup_enable-option.patch @@ -1,7 +1,7 @@ From 721de88621100f6ed33f1602415bc249f3ed3219 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:22:32 +0100 -Subject: [PATCH 19/59] Introduce reverse_lookup_enable option. +Subject: [PATCH 19/33] Introduce reverse_lookup_enable option. vsftpd can transform IP address into hostname before PAM authentication. You can disable it to prevent @@ -88,12 +88,10 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index 72bb86f..fb6324e 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 -@@ -423,6 +423,15 @@ so you may want to disable it. For a discussion of the consequences, see - http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html - (Added in v2.1.0). +@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html -+Default: YES -+.TP + Default: YES + .TP +.B reverse_lookup_enable +Set to YES if you want vsftpd to transform the ip address into the hostname, +before pam authentication. This is useful if you use pam_access including the @@ -101,9 +99,11 @@ index 72bb86f..fb6324e 100644 +for some hostname is available and the name server doesn't respond for a while, +you should set this to NO to avoid a performance issue. + - Default: YES - .TP ++Default: YES ++.TP .B run_as_launching_user + Set to YES if you want vsftpd to run as the user which launched vsftpd. This is + useful where root access is not available. MASSIVE WARNING! Do NOT enable this -- -2.14.4 +2.7.4 diff --git a/0020-Use-unsigned-int-for-uid-and-gid-representation.patch b/0020-Use-unsigned-int-for-uid-and-gid-representation.patch index ac3ac1f..f5cd8f0 100644 --- a/0020-Use-unsigned-int-for-uid-and-gid-representation.patch +++ b/0020-Use-unsigned-int-for-uid-and-gid-representation.patch @@ -1,7 +1,7 @@ From dcaaf1e0dd3985e229a87de18b83f301d30b6ce9 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:31:39 +0100 -Subject: [PATCH 20/59] Use unsigned int for uid and gid representation. +Subject: [PATCH 20/33] Use unsigned int for uid and gid representation. --- ls.c | 4 ++-- @@ -246,5 +246,5 @@ index bfc92cb..79b5514 100644 void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user); void vsf_sysutil_seteuid_numeric(int uid); -- -2.14.4 +2.7.4 diff --git a/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/0021-Introduce-support-for-DHE-based-cipher-suites.patch index 3460c2a..ad7e5ba 100644 --- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch +++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch @@ -1,7 +1,7 @@ From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:48:28 +0100 -Subject: [PATCH 21/59] Introduce support for DHE based cipher suites. +Subject: [PATCH 21/33] Introduce support for DHE based cipher suites. --- parseconf.c | 1 + @@ -31,36 +31,81 @@ index c362983..22b69b3 100644 #include #include #include ++#include +#include -+#include #include #include -@@ -58,6 +60,23 @@ +@@ -38,6 +40,7 @@ static void setup_bio_callbacks(); + static long bio_callback( + BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); + static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); ++static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); + static int ssl_cert_digest( + SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); + static void maybe_log_shutdown_state(struct vsf_session* p_sess); +@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess, static int ssl_inited; static struct mystr debug_str; -+EVP_PKEY * -+DH_get_dh() -+{ -+ OSSL_PARAM dh_params[2]; -+ EVP_PKEY *dh_key = NULL; -+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL); + -+ dh_params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0); -+ dh_params[1] = OSSL_PARAM_construct_end(); ++// Grab prime number from OpenSSL; ++// (get_rfc*) for all available primes. ++// wraps selection of comparable algorithm strength ++#if !defined(match_dh_bits) ++ #define match_dh_bits(keylen) \ ++ keylen >= 8191 ? 8192 : \ ++ keylen >= 6143 ? 6144 : \ ++ keylen >= 4095 ? 4096 : \ ++ keylen >= 3071 ? 3072 : \ ++ keylen >= 2047 ? 2048 : \ ++ keylen >= 1535 ? 1536 : \ ++ keylen >= 1023 ? 1024 : 768 ++#endif + -+ if (EVP_PKEY_keygen_init(pctx) <= 0 || EVP_PKEY_CTX_set_params(pctx, dh_params) <= 0) -+ return NULL; -+ EVP_PKEY_generate(pctx, &dh_key); -+ EVP_PKEY_CTX_free(pctx); -+ return dh_key; ++#if !defined(DH_get_prime) ++ BIGNUM * ++ DH_get_prime(int bits) ++ { ++ switch (bits) { ++ case 768: return get_rfc2409_prime_768(NULL); ++ case 1024: return get_rfc2409_prime_1024(NULL); ++ case 1536: return get_rfc3526_prime_1536(NULL); ++ case 2048: return get_rfc3526_prime_2048(NULL); ++ case 3072: return get_rfc3526_prime_3072(NULL); ++ case 4096: return get_rfc3526_prime_4096(NULL); ++ case 6144: return get_rfc3526_prime_6144(NULL); ++ case 8192: return get_rfc3526_prime_8192(NULL); ++ // shouldn't happen when used match_dh_bits; strict compiler ++ default: return NULL; ++ } +} ++#endif ++ ++#if !defined(DH_get_dh) ++ // Grab DH parameters ++ DH * ++ DH_get_dh(int size) ++ { ++ DH *dh = DH_new(); ++ if (!dh) { ++ return NULL; ++ } ++ dh->p = DH_get_prime(match_dh_bits(size)); ++ BN_dec2bn(&dh->g, "2"); ++ if (!dh->p || !dh->g) ++ { ++ DH_free(dh); ++ return NULL; ++ } ++ return dh; ++ } ++#endif + void ssl_init(struct vsf_session* p_sess) { -@@ -72,7 +89,7 @@ +@@ -65,7 +122,7 @@ ssl_init(struct vsf_session* p_sess) { die("SSL: could not allocate SSL context"); } @@ -69,44 +114,61 @@ index c362983..22b69b3 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -149,8 +166,27 @@ +@@ -111,6 +168,25 @@ ssl_init(struct vsf_session* p_sess) die("SSL: cannot load DSA private key"); } } + if (tunable_dh_param_file) + { + BIO *bio; -+ EVP_PKEY *dh_params = NULL; ++ DH *dhparams = NULL; + if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL) + { + die("SSL: cannot load custom DH params"); + } + else + { -+ dh_params = PEM_read_bio_Parameters(bio, NULL); ++ dhparams = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); + BIO_free(bio); + -+ if (!SSL_CTX_set0_tmp_dh_pkey(p_ctx, dh_params)) -+ { ++ if (!SSL_CTX_set_tmp_dh(p_ctx, dhparams)) ++ { + die("SSL: setting custom DH params failed"); -+ } ++ } + } + } if (tunable_ssl_ciphers && SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1) { - die("SSL: could not set cipher list"); - } -@@ -184,6 +226,9 @@ +@@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess) /* Ensure cached session doesn't expire */ SSL_CTX_set_timeout(p_ctx, INT_MAX); } ++ ++ SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + -+ SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh()); + p_sess->p_ssl_ctx = p_ctx; + ssl_inited = 1; + } +@@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx) + return 1; + } + ++#define UNUSED(x) ( (void)(x) ) + - /* Set up ALPN to check for FTP protocol intention of client. */ - SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); - /* Set up SNI callback for an optional hostname check. */ ++static DH * ++ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) ++{ ++ // strict compiler bypassing ++ UNUSED(ssl); ++ UNUSED(is_export); ++ ++ return DH_get_dh(keylength); ++} ++ + void + ssl_add_entropy(struct vsf_session* p_sess) + { diff --git a/tunables.c b/tunables.c index c737465..1ea7227 100644 --- a/tunables.c @@ -160,5 +222,5 @@ index fb6324e..ff94eca 100644 This option can be used to provide an alternate file for usage by the .BR secure_email_list_enable -- -2.14.4 +2.7.4 diff --git a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch index 0a09a2c..b4eb574 100644 --- a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch +++ b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch @@ -1,7 +1,7 @@ From a6d641a0ccba1033587f6faa0e5e6749fa35f5c4 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:49:22 +0100 -Subject: [PATCH 22/59] Introduce support for EDDHE based cipher suites. +Subject: [PATCH 22/33] Introduce support for EDDHE based cipher suites. --- parseconf.c | 1 + @@ -36,40 +36,48 @@ index 22b69b3..96bf8ad 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -244,6 +244,33 @@ - - SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh()); +@@ -244,6 +244,41 @@ ssl_init(struct vsf_session* p_sess) + + SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + if (tunable_ecdh_param_file) + { + BIO *bio; -+ EVP_PKEY *ec_params = NULL; ++ int nid; ++ EC_GROUP *ecparams = NULL; ++ EC_KEY *eckey; + + if ((bio = BIO_new_file(tunable_ecdh_param_file, "r")) == NULL) + die("SSL: cannot load custom ec params"); + else + { -+ ec_params = PEM_read_bio_Parameters(bio, NULL); ++ ecparams = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL); + BIO_free(bio); + -+ if (ec_params != NULL) ++ if (ecparams && (nid = EC_GROUP_get_curve_name(ecparams)) && ++ (eckey = EC_KEY_new_by_curve_name(nid))) + { -+ if (!SSL_CTX_set1_groups_list(p_ctx, ec_params)) ++ if (!SSL_CTX_set_tmp_ecdh(p_ctx, eckey)) + die("SSL: setting custom EC params failed"); -+ } -+ else ++ } ++ else + { + die("SSL: getting ec group or key failed"); -+ } ++ } + } + } + else + { -+ SSL_CTX_set1_groups_list(p_ctx, "P-256"); ++#if defined(SSL_CTX_set_ecdh_auto) ++ SSL_CTX_set_ecdh_auto(p_ctx, 1); ++#else ++ SSL_CTX_set_tmp_ecdh(p_ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ++#endif + } - /* Set up ALPN to check for FTP protocol intention of client. */ - SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); - /* Set up SNI callback for an optional hostname check. */ ++ + p_sess->p_ssl_ctx = p_ctx; + ssl_inited = 1; + } diff --git a/tunables.c b/tunables.c index 1ea7227..93f85b1 100644 --- a/tunables.c @@ -124,5 +132,5 @@ index ff94eca..e242873 100644 This option can be used to provide an alternate file for usage by the .BR secure_email_list_enable -- -2.14.4 +2.7.4 diff --git a/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch b/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch index 7cc0bfa..077d261 100644 --- a/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch +++ b/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch @@ -1,7 +1,7 @@ From 3d02ef3be17f37baf729e786a8f36af4982f70ad Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:52:16 +0100 -Subject: [PATCH 23/59] Add documentation for isolate_* options. Correct +Subject: [PATCH 23/33] Add documentation for isolate_* options. Correct default values of max_clients, max_per_ip. @@ -59,5 +59,5 @@ index e242873..31d317f 100644 .B pasv_max_port The maximum port to allocate for PASV style data connections. Can be used to -- -2.14.4 +2.7.4 diff --git a/0024-Introduce-new-return-value-450.patch b/0024-Introduce-new-return-value-450.patch index 86c5f8e..f8c7b8c 100644 --- a/0024-Introduce-new-return-value-450.patch +++ b/0024-Introduce-new-return-value-450.patch @@ -1,7 +1,7 @@ From 1d5cdf309387ff92988ab17d746f015d833a4b92 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 11:08:52 +0100 -Subject: [PATCH 24/59] Introduce new return value 450: +Subject: [PATCH 24/33] Introduce new return value 450: *450 Requested file action not taken. File unavailable (e.g., file busy). @@ -73,5 +73,5 @@ index 79b5514..c145bdf 100644 enum EVSFSysUtilError vsf_sysutil_get_error(void); -- -2.14.4 +2.7.4 diff --git a/0025-Improve-local_max_rate-option.patch b/0025-Improve-local_max_rate-option.patch index 2c74c7a..3560d87 100644 --- a/0025-Improve-local_max_rate-option.patch +++ b/0025-Improve-local_max_rate-option.patch @@ -1,7 +1,7 @@ From 386db86fe865fb552b1867af4bf4b78dbf9080cf Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 12:44:26 +0100 -Subject: [PATCH 25/59] Improve local_max_rate option. +Subject: [PATCH 25/33] Improve local_max_rate option. Now it should work as expected. --- @@ -60,9 +60,9 @@ diff --git a/main.c b/main.c index eaba265..f1e2f69 100644 --- a/main.c +++ b/main.c -@@ -40,7 +40,7 @@ +@@ -40,7 +40,7 @@ main(int argc, const char* argv[]) /* Control connection */ - 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, /* Data connection */ - -1, 0, -1, 0, 0, 0, 0, + -1, 0, -1, 0, 0, 0, 0, 0, @@ -86,5 +86,5 @@ index 956bfb7..3e8fdd5 100644 /* Details of the login */ int is_anonymous; -- -2.14.4 +2.7.4 diff --git a/0026-Prevent-hanging-in-SIGCHLD-handler.patch b/0026-Prevent-hanging-in-SIGCHLD-handler.patch index f928cbc..9b186a8 100644 --- a/0026-Prevent-hanging-in-SIGCHLD-handler.patch +++ b/0026-Prevent-hanging-in-SIGCHLD-handler.patch @@ -1,7 +1,7 @@ From 1e65a0a15f819b8bf1b551bd84f71d0da1f5a00c Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:02:27 +0100 -Subject: [PATCH 26/59] Prevent hanging in SIGCHLD handler. +Subject: [PATCH 26/33] Prevent hanging in SIGCHLD handler. vsftpd can now handle pam_exec.so in pam.d config without hanging in SIGCHLD handler. @@ -77,5 +77,5 @@ index 33d84dc..b1891e7 100644 else { -- -2.14.4 +2.7.4 diff --git a/0027-Delete-files-when-upload-fails.patch b/0027-Delete-files-when-upload-fails.patch index 94a00bf..98222e1 100644 --- a/0027-Delete-files-when-upload-fails.patch +++ b/0027-Delete-files-when-upload-fails.patch @@ -1,7 +1,7 @@ From 6224ecc5ac209323baa775880c0602c3fde3590a Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:10:41 +0100 -Subject: [PATCH 27/59] Delete files when upload fails. +Subject: [PATCH 27/33] Delete files when upload fails. Previously the uploaded file wasn't removed when the network was disconnected. Now it is successfully deleted. @@ -104,11 +104,10 @@ diff --git a/sysutil.c b/sysutil.c index 099748f..42bcdf8 100644 --- a/sysutil.c +++ b/sysutil.c -@@ -680,6 +680,16 @@ vsf_sysutil_activate_keepalive(int fd) - } +@@ -681,6 +681,16 @@ vsf_sysutil_activate_keepalive(int fd) } -+void + void +vsf_sysutil_rcvtimeo(int fd) +{ + struct timeval tv; @@ -118,9 +117,10 @@ index 099748f..42bcdf8 100644 + setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); +} + - void ++void vsf_sysutil_activate_reuseaddr(int fd) { + int reuseaddr = 1; diff --git a/sysutil.h b/sysutil.h index 13153cd..2886bbc 100644 --- a/sysutil.h @@ -134,5 +134,5 @@ index 13153cd..2886bbc 100644 void vsf_sysutil_activate_reuseaddr(int fd); void vsf_sysutil_set_nodelay(int fd); -- -2.14.4 +2.7.4 diff --git a/0028-Fix-man-page-rendering.patch b/0028-Fix-man-page-rendering.patch index e91d6dc..4d6e5e7 100644 --- a/0028-Fix-man-page-rendering.patch +++ b/0028-Fix-man-page-rendering.patch @@ -1,7 +1,7 @@ From ea99be1a7a5973bbe8ed798b65abe5ce3b92f5df Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:12:52 +0100 -Subject: [PATCH 28/59] Fix man page rendering. +Subject: [PATCH 28/33] Fix man page rendering. --- vsftpd.conf.5 | 3 ++- @@ -22,5 +22,5 @@ index 31d317f..cf1ae34 100644 (New in v2.0.7). -- -2.14.4 +2.7.4 diff --git a/0029-Fix-segfault-in-config-file-parser.patch b/0029-Fix-segfault-in-config-file-parser.patch index 65cb571..899bbd3 100644 --- a/0029-Fix-segfault-in-config-file-parser.patch +++ b/0029-Fix-segfault-in-config-file-parser.patch @@ -1,7 +1,7 @@ From 34b9e1d10c6be736f1b20be8795c655446f38c5e Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:14:55 +0100 -Subject: [PATCH 29/59] Fix segfault in config file parser. +Subject: [PATCH 29/33] Fix segfault in config file parser. --- str.c | 2 +- @@ -21,5 +21,5 @@ index 41b27db..82b8ae4 100644 void -- -2.14.4 +2.7.4 diff --git a/0030-Fix-logging-into-syslog-when-enabled-in-config.patch b/0030-Fix-logging-into-syslog-when-enabled-in-config.patch index 04669c7..c828c27 100644 --- a/0030-Fix-logging-into-syslog-when-enabled-in-config.patch +++ b/0030-Fix-logging-into-syslog-when-enabled-in-config.patch @@ -1,7 +1,7 @@ From 03ff061f18f555d7bec62fa6a597a275b4b3f1c7 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:18:22 +0100 -Subject: [PATCH 30/59] Fix logging into syslog when enabled in config. +Subject: [PATCH 30/33] Fix logging into syslog when enabled in config. --- logging.c | 2 +- @@ -21,5 +21,5 @@ index 99671b4..c4461f7 100644 if (!tunable_xferlog_enable && !tunable_dual_log_enable) { -- -2.14.4 +2.7.4 diff --git a/0031-Fix-question-mark-wildcard-withing-a-file-name.patch b/0031-Fix-question-mark-wildcard-withing-a-file-name.patch index acc8f6d..457404b 100644 --- a/0031-Fix-question-mark-wildcard-withing-a-file-name.patch +++ b/0031-Fix-question-mark-wildcard-withing-a-file-name.patch @@ -1,7 +1,7 @@ From 0da42468ac9518a544aad57d22d7697d6bdfa969 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:25:12 +0100 -Subject: [PATCH 31/59] Fix question mark wildcard withing a file name. +Subject: [PATCH 31/33] Fix question mark wildcard withing a file name. Previously '?' worked only at the end of a file name, now it can be used anywhere. @@ -24,5 +24,5 @@ index 3c0988c..35c15c7 100644 /* Any incoming string left means no match unless we ended on the correct * type of wildcard. -- -2.14.4 +2.7.4 diff --git a/0032-Propagate-errors-from-nfs-with-quota-to-client.patch b/0032-Propagate-errors-from-nfs-with-quota-to-client.patch index de56aa7..46a60c4 100644 --- a/0032-Propagate-errors-from-nfs-with-quota-to-client.patch +++ b/0032-Propagate-errors-from-nfs-with-quota-to-client.patch @@ -1,7 +1,7 @@ From aa9cb48373018502ef99a57aad70b69c0c75ff65 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:29:59 +0100 -Subject: [PATCH 32/59] Propagate errors from nfs with quota to client. +Subject: [PATCH 32/33] Propagate errors from nfs with quota to client. vsftpd now checks for errors when closing newly uploaded file and forward errors to the client (e.g. when file system quota was @@ -102,11 +102,10 @@ diff --git a/sysutil.c b/sysutil.c index 42bcdf8..1c0422e 100644 --- a/sysutil.c +++ b/sysutil.c -@@ -1268,6 +1268,27 @@ vsf_sysutil_close(int fd) - } +@@ -1269,6 +1269,27 @@ vsf_sysutil_close(int fd) } -+int + int +vsf_sysutil_close_errno(int fd) +{ + while (1) @@ -127,9 +126,10 @@ index 42bcdf8..1c0422e 100644 + } +} + - int ++int vsf_sysutil_close_failok(int fd) { + return close(fd); diff --git a/sysutil.h b/sysutil.h index 2886bbc..be727f5 100644 --- a/sysutil.h @@ -143,5 +143,5 @@ index 2886bbc..be727f5 100644 int vsf_sysutil_unlink(const char* p_dead); int vsf_sysutil_write_access(const char* p_filename); -- -2.14.4 +2.7.4 diff --git a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch new file mode 100644 index 0000000..a7254e2 --- /dev/null +++ b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch @@ -0,0 +1,153 @@ +From 01bef55a1987700af3d43cdc5f5be88d3843ab85 Mon Sep 17 00:00:00 2001 +From: Martin Sehnoutka +Date: Thu, 17 Nov 2016 13:36:17 +0100 +Subject: [PATCH 33/33] Introduce TLSv1.1 and TLSv1.2 options. + +Users can now enable a specific version of TLS protocol. +--- + parseconf.c | 2 ++ + ssl.c | 8 ++++++++ + tunables.c | 9 +++++++-- + tunables.h | 2 ++ + vsftpd.conf.5 | 24 ++++++++++++++++++++---- + 5 files changed, 39 insertions(+), 6 deletions(-) + +diff --git a/parseconf.c b/parseconf.c +index a2c715b..33a1349 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -85,6 +85,8 @@ parseconf_bool_array[] = + { "ssl_sslv2", &tunable_sslv2 }, + { "ssl_sslv3", &tunable_sslv3 }, + { "ssl_tlsv1", &tunable_tlsv1 }, ++ { "ssl_tlsv1_1", &tunable_tlsv1_1 }, ++ { "ssl_tlsv1_2", &tunable_tlsv1_2 }, + { "tilde_user_enable", &tunable_tilde_user_enable }, + { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, + { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, +diff --git a/ssl.c b/ssl.c +index 96bf8ad..ba8a613 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -135,6 +135,14 @@ ssl_init(struct vsf_session* p_sess) + { + options |= SSL_OP_NO_TLSv1; + } ++ if (!tunable_tlsv1_1) ++ { ++ options |= SSL_OP_NO_TLSv1_1; ++ } ++ if (!tunable_tlsv1_2) ++ { ++ options |= SSL_OP_NO_TLSv1_2; ++ } + SSL_CTX_set_options(p_ctx, options); + if (tunable_rsa_cert_file) + { +diff --git a/tunables.c b/tunables.c +index 93f85b1..78f2bcd 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -66,6 +66,8 @@ int tunable_force_local_data_ssl; + int tunable_sslv2; + int tunable_sslv3; + int tunable_tlsv1; ++int tunable_tlsv1_1; ++int tunable_tlsv1_2; + int tunable_tilde_user_enable; + int tunable_force_anon_logins_ssl; + int tunable_force_anon_data_ssl; +@@ -209,7 +211,10 @@ tunables_load_defaults() + tunable_force_local_data_ssl = 1; + tunable_sslv2 = 0; + tunable_sslv3 = 0; ++ /* TLSv1 up to TLSv1.2 is enabled by default */ + tunable_tlsv1 = 1; ++ tunable_tlsv1_1 = 1; ++ tunable_tlsv1_2 = 1; + tunable_tilde_user_enable = 0; + tunable_force_anon_logins_ssl = 0; + tunable_force_anon_data_ssl = 0; +@@ -292,8 +297,8 @@ tunables_load_defaults() + install_str_setting(0, &tunable_dsa_cert_file); + install_str_setting(0, &tunable_dh_param_file); + install_str_setting(0, &tunable_ecdh_param_file); +- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA", +- &tunable_ssl_ciphers); ++ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384", ++ &tunable_ssl_ciphers); + install_str_setting(0, &tunable_rsa_private_key_file); + install_str_setting(0, &tunable_dsa_private_key_file); + install_str_setting(0, &tunable_ca_certs_file); +diff --git a/tunables.h b/tunables.h +index 3e2d40c..a466427 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -67,6 +67,8 @@ extern int tunable_force_local_data_ssl; /* Require local data uses SSL */ + extern int tunable_sslv2; /* Allow SSLv2 */ + extern int tunable_sslv3; /* Allow SSLv3 */ + extern int tunable_tlsv1; /* Allow TLSv1 */ ++extern int tunable_tlsv1_1; /* Allow TLSv1.1 */ ++extern int tunable_tlsv1_2; /* Allow TLSv1.2 */ + extern int tunable_tilde_user_enable; /* Support e.g. ~chris */ + extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */ + extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */ +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index cf1ae34..a3d569e 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -506,7 +506,7 @@ Default: YES + Only applies if + .BR ssl_enable + is activated. If enabled, this option will permit SSL v2 protocol connections. +-TLS v1 connections are preferred. ++TLS v1.2 connections are preferred. + + Default: NO + .TP +@@ -514,7 +514,7 @@ Default: NO + Only applies if + .BR ssl_enable + is activated. If enabled, this option will permit SSL v3 protocol connections. +-TLS v1 connections are preferred. ++TLS v1.2 connections are preferred. + + Default: NO + .TP +@@ -522,7 +522,23 @@ Default: NO + Only applies if + .BR ssl_enable + is activated. If enabled, this option will permit TLS v1 protocol connections. +-TLS v1 connections are preferred. ++TLS v1.2 connections are preferred. ++ ++Default: YES ++.TP ++.B ssl_tlsv1_1 ++Only applies if ++.BR ssl_enable ++is activated. If enabled, this option will permit TLS v1.1 protocol connections. ++TLS v1.2 connections are preferred. ++ ++Default: YES ++.TP ++.B ssl_tlsv1_2 ++Only applies if ++.BR ssl_enable ++is activated. If enabled, this option will permit TLS v1.2 protocol connections. ++TLS v1.2 connections are preferred. + + Default: YES + .TP +@@ -1044,7 +1060,7 @@ man page for further details. Note that restricting ciphers can be a useful + security precaution as it prevents malicious remote parties forcing a cipher + which they have found problems with. + +-Default: DES-CBC3-SHA ++Default: AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384 + .TP + .B user_config_dir + This powerful option allows the override of any config option specified in +-- +2.7.4 + diff --git a/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch b/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch index 0c0bdb7..62fb66b 100644 --- a/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch +++ b/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch @@ -1,7 +1,7 @@ From 4922e60589326540b2ee4f0bdfd6cb95f645f3d5 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Fri, 18 Nov 2016 10:23:29 +0100 -Subject: [PATCH 34/59] Turn off seccomp sandbox, because it is too strict. +Subject: [PATCH] Turn off seccomp sandbox, because it is too strict. --- tunables.c | 2 +- @@ -21,5 +21,5 @@ index 78f2bcd..5440c00 100644 tunable_accept_timeout = 60; -- -2.14.4 +2.7.4 diff --git a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch new file mode 100644 index 0000000..ab3f35c --- /dev/null +++ b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch @@ -0,0 +1,74 @@ +From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Mon, 4 Sep 2017 11:32:03 +0200 +Subject: [PATCH 35/35] Modify DH enablement patch to build with OpenSSL 1.1 + +--- + ssl.c | 41 ++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +diff --git a/ssl.c b/ssl.c +index ba8a613..09ec96a 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -88,19 +88,54 @@ static struct mystr debug_str; + } + #endif + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ /* If the fields p and g in d are NULL, the corresponding input ++ * parameters MUST be non-NULL. q may remain NULL. ++ */ ++ if ((dh->p == NULL && p == NULL) ++ || (dh->g == NULL && g == NULL)) ++ return 0; ++ ++ if (p != NULL) { ++ BN_free(dh->p); ++ dh->p = p; ++ } ++ if (q != NULL) { ++ BN_free(dh->q); ++ dh->q = q; ++ } ++ if (g != NULL) { ++ BN_free(dh->g); ++ dh->g = g; ++ } ++ ++ if (q != NULL) { ++ dh->length = BN_num_bits(q); ++ } ++ ++ return 1; ++} ++#endif ++ + #if !defined(DH_get_dh) + // Grab DH parameters + DH * + DH_get_dh(int size) + { ++ BIGNUM *g = NULL; ++ BIGNUM *p = NULL; + DH *dh = DH_new(); + if (!dh) { + return NULL; + } +- dh->p = DH_get_prime(match_dh_bits(size)); +- BN_dec2bn(&dh->g, "2"); +- if (!dh->p || !dh->g) ++ p = DH_get_prime(match_dh_bits(size)); ++ BN_dec2bn(&g, "2"); ++ if (!p || !g || !DH_set0_pqg(dh, p, NULL, g)) + { ++ BN_free(g); ++ BN_free(p); + DH_free(dh); + return NULL; + } +-- +2.9.5 + diff --git a/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch b/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch index 4299b23..7f1911a 100644 --- a/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch +++ b/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch @@ -1,7 +1,7 @@ From 18e0ab25a0d66088728b506cf64f5545637eda26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 5 Sep 2017 14:26:08 +0200 -Subject: [PATCH 36/59] Redefine VSFTP_COMMAND_FD to 1 +Subject: [PATCH 36/36] Redefine VSFTP_COMMAND_FD to 1 Redefine VSFTP_COMMAND_FD to 1 (stdout) so that error messages generated during startup are picked up by systemd. @@ -25,5 +25,5 @@ index bde3232..315f0f0 100644 #define VSFTP_PASSWORD_MAX 128 #define VSFTP_USERNAME_MAX 128 -- -2.14.4 +2.9.5 diff --git a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch deleted file mode 100644 index ae188d7..0000000 --- a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 221f35f302d53f5a89f8e79592492e7cb322e81a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 26 Oct 2017 13:08:32 +0200 -Subject: [PATCH 37/59] Document the relationship of text_userdb_names and - chroot_local_user - -Note in vsftpd.conf(5) that text_userdb_names may not work when -chroot_local_user is set to YES. ---- - vsftpd.conf.5 | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index a3d569e..45b3f9c 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -578,6 +578,9 @@ Default: NO - By default, numeric IDs are shown in the user and group fields of directory - listings. You can get textual names by enabling this parameter. It is off - by default for performance reasons. -+Note that textual names are not guaranteed when -+.BR chroot_local_user -+is set to YES. - - Default: NO - .TP --- -2.14.4 - diff --git a/0038-Document-allow_writeable_chroot-in-the-man-page.patch b/0038-Document-allow_writeable_chroot-in-the-man-page.patch deleted file mode 100644 index ca073d3..0000000 --- a/0038-Document-allow_writeable_chroot-in-the-man-page.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 35ec3be5427a54facd5f6299fda2da4c146d4846 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 24 Nov 2017 11:22:43 +0100 -Subject: [PATCH 38/59] Document allow_writeable_chroot in the man page - ---- - vsftpd.conf.5 | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 45b3f9c..d1f0db5 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -56,6 +56,15 @@ Only applies if - is active. If set to YES, anonymous users will be allowed to use secured SSL - connections. - -+Default: NO -+.TP -+.B allow_writeable_chroot -+Allow chroot()'ing a user to a directory writable by that user. Note that -+setting this to YES is potentially dangerous. For example, if the user -+creates an 'etc' directory in the new root directory, they could potentially -+trick the C library into loading a user-created configuration file from the -+/etc/ directory. -+ - Default: NO - .TP - .B anon_mkdir_write_enable --- -2.14.4 - diff --git a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch deleted file mode 100644 index 307ce35..0000000 --- a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 7d4b76abb437184fa692533cb5537318026a30e8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 24 Nov 2017 11:26:37 +0100 -Subject: [PATCH 39/59] Improve documentation of ASCII mode in the man page - ---- - vsftpd.conf.5 | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index d1f0db5..3ca55e4 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -113,11 +113,17 @@ Default: YES - .TP - .B ascii_download_enable - When enabled, ASCII mode data transfers will be honoured on downloads. -+When disabled, the server will pretend to allow ASCII mode but in fact -+ignore the request. Turn this option on to have the server actually do -+ASCII mangling on files when in ASCII mode. - - Default: NO - .TP - .B ascii_upload_enable - When enabled, ASCII mode data transfers will be honoured on uploads. -+See also -+.BR ascii_download_enable -+for more details. - - Default: NO - .TP --- -2.14.4 - diff --git a/0040-Use-system-wide-crypto-policy.patch b/0040-Use-system-wide-crypto-policy.patch deleted file mode 100644 index 940a5b2..0000000 --- a/0040-Use-system-wide-crypto-policy.patch +++ /dev/null @@ -1,27 +0,0 @@ -From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001 -From: Martin Sehnoutka -Date: Tue, 29 Aug 2017 10:32:16 +0200 -Subject: [PATCH 40/59] Use system wide crypto policy - -Resolves: rhbz# ---- - tunables.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/tunables.c b/tunables.c -index 5440c00..354251c 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -297,8 +297,7 @@ tunables_load_defaults() - install_str_setting(0, &tunable_dsa_cert_file); - install_str_setting(0, &tunable_dh_param_file); - install_str_setting(0, &tunable_ecdh_param_file); -- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA", -- &tunable_ssl_ciphers); -+ install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers); - install_str_setting(0, &tunable_rsa_private_key_file); - install_str_setting(0, &tunable_dsa_private_key_file); - install_str_setting(0, &tunable_ca_certs_file); --- -2.14.4 - diff --git a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch deleted file mode 100644 index 93e2ce8..0000000 --- a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 2369d1ea5144d525d315aba90da528e7d9bfd1cc Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 21 Dec 2017 14:19:18 +0100 -Subject: [PATCH 41/59] Document the new default for ssl_ciphers in the man - page - -Related: rhbz#1483970 ---- - vsftpd.conf.5 | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 3ca55e4..2a7662e 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -1078,7 +1078,11 @@ man page for further details. Note that restricting ciphers can be a useful - security precaution as it prevents malicious remote parties forcing a cipher - which they have found problems with. - --Default: DES-CBC3-SHA -+By default, the system-wide crypto policy is used. See -+.BR update-crypto-policies(8) -+for further details. -+ -+Default: PROFILE=SYSTEM - .TP - .B ssl_sni_hostname - If set, SSL connections will be rejected unless the SNI hostname in the --- -2.14.4 - diff --git a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch deleted file mode 100644 index 1e14813..0000000 --- a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 21 Dec 2017 14:29:25 +0100 -Subject: [PATCH 42/59] When handling FEAT command, check ssl_tlsv1_1 and - ssl_tlsv1_2 - -Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1 -or ssl_tlsv1_2 configuration option is enabled. - -The patch was written by Martin Sehnoutka. - -Resolves: rhbz#1432054 ---- - features.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/features.c b/features.c -index 1212980..d024366 100644 ---- a/features.c -+++ b/features.c -@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess) - { - vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); - } -- if (tunable_tlsv1) -+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3) - { - vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); - } --- -2.14.4 - diff --git a/0044-Disable-anonymous_enable-in-default-config-file.patch b/0044-Disable-anonymous_enable-in-default-config-file.patch deleted file mode 100644 index 4e62d76..0000000 --- a/0044-Disable-anonymous_enable-in-default-config-file.patch +++ /dev/null @@ -1,26 +0,0 @@ -From ffaeebcfdb56ba75392af21c68c0bac78a226b55 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 2 Jan 2018 09:54:43 +0100 -Subject: [PATCH 44/59] Disable anonymous_enable in default config file - -Resolves: rhbz#1338637 ---- - vsftpd.conf | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/vsftpd.conf b/vsftpd.conf -index 39d1955..4626c1b 100644 ---- a/vsftpd.conf -+++ b/vsftpd.conf -@@ -9,7 +9,7 @@ - # capabilities. - # - # Allow anonymous FTP? (Beware - allowed by default if you comment this out). --anonymous_enable=YES -+anonymous_enable=NO - # - # Uncomment this to allow local users to log in. - # When SELinux is enforcing check for SE bool ftp_home_dir --- -2.14.4 - diff --git a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch deleted file mode 100644 index 2243790..0000000 --- a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 2 Jan 2018 16:25:55 +0100 -Subject: [PATCH 45/59] Expand explanation of ascii_* options behaviour in man - page - ---- - vsftpd.conf.5 | 22 ++++++++++++++++++---- - 1 file changed, 18 insertions(+), 4 deletions(-) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index df14027..a5abeb2 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -114,16 +114,30 @@ Default: YES - .B ascii_download_enable - When enabled, ASCII mode data transfers will be honoured on downloads. - When disabled, the server will pretend to allow ASCII mode but in fact --ignore the request. Turn this option on to have the server actually do -+ignore requests to activate it. So the client will think the ASCII mode -+is active and therefore may still translate any -+.BR -+character sequences in the received file. See the following article for -+a detailed explanation of the behaviour: -+https://access.redhat.com/articles/3250241. -+ -+Turn this option on to have the server actually do - ASCII mangling on files when in ASCII mode. - - Default: NO - .TP - .B ascii_upload_enable - When enabled, ASCII mode data transfers will be honoured on uploads. --See also --.BR ascii_download_enable --for more details. -+When disabled, the server will pretend to allow ASCII mode but in fact -+ignore requests to activate it. So the client will think the ASCII mode -+is active and will translate native line terminators to the standard -+.BR -+line terminators for transmission, but the server will not do -+any translation. See the following article for a detailed explanation -+of the behaviour: https://access.redhat.com/articles/3250241. -+ -+Turn this option on to have the server actually do -+ASCII mangling on files when in ASCII mode. - - Default: NO - .TP --- -2.14.4 - diff --git a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch deleted file mode 100644 index 61ed691..0000000 --- a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 2 Jan 2018 16:33:18 +0100 -Subject: [PATCH 46/59] vsftpd.conf: Refer to the man page regarding the - ascii_* options - ---- - vsftpd.conf | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/vsftpd.conf b/vsftpd.conf -index 4626c1b..e70bc6d 100644 ---- a/vsftpd.conf -+++ b/vsftpd.conf -@@ -73,7 +73,8 @@ xferlog_std_format=YES - # - # By default the server will pretend to allow ASCII mode but in fact ignore - # the request. Turn on the below options to have the server actually do ASCII --# mangling on files when in ASCII mode. -+# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains -+# the behaviour when these options are disabled. - # Beware that on some FTP servers, ASCII support allows a denial of service - # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd - # predicted this attack and has always been safe, reporting the size of the --- -2.14.4 - diff --git a/0047-Disable-tcp_wrappers-support.patch b/0047-Disable-tcp_wrappers-support.patch deleted file mode 100644 index f71aab0..0000000 --- a/0047-Disable-tcp_wrappers-support.patch +++ /dev/null @@ -1,49 +0,0 @@ -From b383ec42bb750419fea102fccf36af5216145eb2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 5 Jan 2018 09:17:13 +0100 -Subject: [PATCH 47/59] Disable tcp_wrappers support - -Resolves: rhbz#1518796 ---- - Makefile | 2 +- - builddefs.h | 1 - - vsftpd.conf | 1 - - 3 files changed, 1 insertion(+), 3 deletions(-) - -diff --git a/Makefile b/Makefile -index 98118dc..612994e 100644 ---- a/Makefile -+++ b/Makefile -@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \ - -D_FORTIFY_SOURCE=2 \ - #-pedantic -Wconversion - --LIBS = -lwrap -lnsl -lpam -lcap -ldl -lcrypto -+LIBS = -lnsl -lpam -lcap -ldl -lcrypto - LINK = -Wl,-s - LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now - -diff --git a/builddefs.h b/builddefs.h -index 83de674..2aa3a4c 100644 ---- a/builddefs.h -+++ b/builddefs.h -@@ -1,7 +1,6 @@ - #ifndef VSF_BUILDDEFS_H - #define VSF_BUILDDEFS_H - --#define VSF_BUILD_TCPWRAPPERS - #define VSF_BUILD_PAM - #define VSF_BUILD_SSL - -diff --git a/vsftpd.conf b/vsftpd.conf -index e70bc6d..6b8eebb 100644 ---- a/vsftpd.conf -+++ b/vsftpd.conf -@@ -125,4 +125,3 @@ listen_ipv6=YES - - pam_service_name=vsftpd - userlist_enable=YES --tcp_wrappers=YES --- -2.14.4 - diff --git a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch deleted file mode 100644 index 513e128..0000000 --- a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 5 Jan 2018 09:40:09 +0100 -Subject: [PATCH 48/59] Fix default value of strict_ssl_read_eof in man page - ---- - vsftpd.conf.5 | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index a5abeb2..43b0435 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -574,10 +574,9 @@ Default: YES - .B strict_ssl_read_eof - If enabled, SSL data uploads are required to terminate via SSL, not an - EOF on the socket. This option is required to be sure that an attacker did --not terminate an upload prematurely with a faked TCP FIN. Unfortunately, it --is not enabled by default because so few clients get it right. (New in v2.0.7). -+not terminate an upload prematurely with a faked TCP FIN. (New in v2.0.7). - --Default: NO -+Default: YES - .TP - .B strict_ssl_write_shutdown - If enabled, SSL data downloads are required to terminate via SSL, not an --- -2.14.4 - diff --git a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch deleted file mode 100644 index 22745b5..0000000 --- a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch +++ /dev/null @@ -1,322 +0,0 @@ -From 1203b943b369651d96d057f8190f14f015e6ff0b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 6 Feb 2018 13:30:44 +0100 -Subject: [PATCH 49/59] Add new filename generation algorithm for STOU command - -A new configuration option 'better_stou' can be used to enable -a better algorithm for generating unique filenames. - -Resolves: rhbz#1479237 ---- - parseconf.c | 1 + - postlogin.c | 176 +++++++++++++++++++++++++++++++++++++++++++++++++--------- - sysutil.c | 3 + - sysutil.h | 3 +- - tunables.c | 2 + - tunables.h | 3 + - vsftpd.conf.5 | 5 ++ - 7 files changed, 166 insertions(+), 27 deletions(-) - -diff --git a/parseconf.c b/parseconf.c -index 33a1349..47b54f1 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -111,6 +111,7 @@ parseconf_bool_array[] = - { "http_enable", &tunable_http_enable }, - { "seccomp_sandbox", &tunable_seccomp_sandbox }, - { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, -+ { "better_stou", &tunable_better_stou }, - { 0, 0 } - }; - -diff --git a/postlogin.c b/postlogin.c -index 8363c9c..7c749ef 100644 ---- a/postlogin.c -+++ b/postlogin.c -@@ -29,6 +29,7 @@ - #include "opts.h" - - #include -+#include - - /* Private local functions */ - static void handle_pwd(struct vsf_session* p_sess); -@@ -1028,6 +1029,114 @@ handle_stor(struct vsf_session* p_sess) - handle_upload_common(p_sess, 0, 0); - } - -+/* Based on __gen_tempname() from glibc - thanks, glibc! Relicensed -+ * from LGPL2.1+ to GPL2. -+ */ -+static int -+create_unique_file(struct vsf_session* p_sess, struct mystr* p_outstr, -+ const struct mystr* p_base_str, -+ int (*access_checker)(const struct mystr*)) -+{ -+ struct mystr s_result = INIT_MYSTR; -+ const int suffix_len = 6; -+ unsigned int count; -+ static unsigned long long int value; -+ unsigned long long int random_time_bits; -+ int fd = -1; -+ /* These are the characters used in temporary file names. */ -+ struct mystr s_letters = INIT_MYSTR; -+ unsigned int s_letters_len; -+ int base_len; -+ -+ str_alloc_text(&s_letters, -+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); -+ s_letters_len = str_getlen(&s_letters); -+ -+ /* A lower bound on the number of temporary files to attempt to -+ generate. The maximum total number of temporary file names that -+ can exist for a given template is 62**6. It should never be -+ necessary to try all of these combinations. Instead if a reasonable -+ number of names is tried (we define reasonable as 62**3) fail to -+ give the system administrator the chance to remove the problems. */ -+#define ATTEMPTS_MIN (62 * 62 * 62) -+ -+ /* The number of times to attempt to generate a temporary file. */ -+#if ATTEMPTS_MIN < TMP_MAX -+ unsigned int attempts = TMP_MAX; -+#else -+ unsigned int attempts = ATTEMPTS_MIN; -+#endif -+#undef ATTEMPTS_MIN -+ -+ { -+ long sec = vsf_sysutil_get_time_sec(); -+ long usec = vsf_sysutil_get_time_usec(); -+ random_time_bits = ((unsigned long long int) usec << 16) ^ sec; -+ value += random_time_bits ^ vsf_sysutil_getpid(); -+ } -+ -+ if (str_isempty(p_base_str)) -+ { -+ const char *base = "STOU."; -+ base_len = vsf_sysutil_strlen(base); -+ str_reserve(&s_result, base_len + suffix_len); -+ str_alloc_text(&s_result, base); -+ } -+ else -+ { -+ str_reserve(&s_result, str_getlen(p_base_str) + suffix_len + 1); -+ str_copy(&s_result, p_base_str); -+ str_append_char(&s_result, '.'); -+ base_len = str_getlen(&s_result); -+ } -+ -+ for (count = 0; count < attempts; value += 7777, ++count) -+ { -+ unsigned long long v = value; -+ str_trunc(&s_result, base_len); -+ for (int i = 0; i < suffix_len; ++i) -+ { -+ char c; -+ c = str_get_char_at(&s_letters, v % s_letters_len); -+ v /= s_letters_len; -+ str_append_char(&s_result, c); -+ } -+ if (!access_checker(&s_result)) -+ { -+ /* If we generate a filename which is not allowed, we fail immediatelly, -+ * without trying any other possibilities. This is to prevent attackers -+ * from keeping us busy. -+ */ -+ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); -+ break; -+ } -+ fd = str_create_exclusive(&s_result); -+ if (vsf_sysutil_retval_is_error(fd)) -+ { -+ if (kVSFSysUtilErrEXIST == vsf_sysutil_get_error()) -+ { -+ continue; -+ } -+ else -+ { -+ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); -+ break; -+ } -+ } -+ else -+ { -+ break; -+ } -+ } -+ if (!vsf_sysutil_retval_is_error(fd)) -+ { -+ str_copy(p_outstr, &s_result); -+ } -+ str_free(&s_letters); -+ str_free(&s_result); -+ return fd; -+} -+ - static void - handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique) - { -@@ -1049,41 +1158,56 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique) - return; - } - resolve_tilde(&p_sess->ftp_arg_str, p_sess); -- p_filename = &p_sess->ftp_arg_str; -- if (is_unique) -- { -- get_unique_filename(&s_filename, p_filename); -- p_filename = &s_filename; -- } - vsf_log_start_entry(p_sess, kVSFLogEntryUpload); - str_copy(&p_sess->log_str, &p_sess->ftp_arg_str); - prepend_path_to_filename(&p_sess->log_str); -- if (!vsf_access_check_file(p_filename)) -- { -- vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); -- return; -- } -- /* NOTE - actual file permissions will be governed by the tunable umask */ -- /* XXX - do we care about race between create and chown() of anonymous -- * upload? -- */ -- if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable)) -+ p_filename = &p_sess->ftp_arg_str; -+ if (is_unique && tunable_better_stou) - { -- new_file_fd = str_create_exclusive(p_filename); -+ new_file_fd = create_unique_file(p_sess, &s_filename, p_filename, -+ vsf_access_check_file); -+ if (vsf_sysutil_retval_is_error(new_file_fd)) -+ { -+ return; -+ } -+ p_filename = &s_filename; - } - else - { -- /* For non-anonymous, allow open() to overwrite or append existing files */ -- new_file_fd = str_create(p_filename); -- if (!is_append && offset == 0) -+ if (is_unique) - { -- do_truncate = 1; -+ get_unique_filename(&s_filename, p_filename); -+ p_filename = &s_filename; -+ } -+ if (!vsf_access_check_file(p_filename)) -+ { -+ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); -+ return; -+ } -+ /* NOTE - actual file permissions will be governed by the tunable umask */ -+ /* XXX - do we care about race between create and chown() of anonymous -+ * upload? -+ */ -+ if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable)) -+ { -+ new_file_fd = str_create_exclusive(p_filename); -+ } -+ else -+ { -+ /* For non-anonymous, allow open() to overwrite or append existing -+ * files -+ */ -+ new_file_fd = str_create(p_filename); -+ if (!is_append && offset == 0) -+ { -+ do_truncate = 1; -+ } -+ } -+ if (vsf_sysutil_retval_is_error(new_file_fd)) -+ { -+ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); -+ return; - } -- } -- if (vsf_sysutil_retval_is_error(new_file_fd)) -- { -- vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); -- return; - } - created = 1; - vsf_sysutil_fstat(new_file_fd, &s_p_statbuf); -diff --git a/sysutil.c b/sysutil.c -index 1c0422e..e847650 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -1666,6 +1666,9 @@ vsf_sysutil_get_error(void) - case EAGAIN: - retval = kVSFSysUtilErrAGAIN; - break; -+ case EEXIST: -+ retval = kVSFSysUtilErrEXIST; -+ break; - default: - break; - } -diff --git a/sysutil.h b/sysutil.h -index be727f5..7a59f13 100644 ---- a/sysutil.h -+++ b/sysutil.h -@@ -19,7 +19,8 @@ enum EVSFSysUtilError - kVSFSysUtilErrOPNOTSUPP, - kVSFSysUtilErrACCES, - kVSFSysUtilErrNOENT, -- kVSFSysUtilErrAGAIN -+ kVSFSysUtilErrAGAIN, -+ kVSFSysUtilErrEXIST - }; - enum EVSFSysUtilError vsf_sysutil_get_error(void); - -diff --git a/tunables.c b/tunables.c -index 9680528..5ec2bdc 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -92,6 +92,7 @@ int tunable_ftp_enable; - int tunable_http_enable; - int tunable_seccomp_sandbox; - int tunable_allow_writeable_chroot; -+int tunable_better_stou; - - unsigned int tunable_accept_timeout; - unsigned int tunable_connect_timeout; -@@ -239,6 +240,7 @@ tunables_load_defaults() - tunable_http_enable = 0; - tunable_seccomp_sandbox = 0; - tunable_allow_writeable_chroot = 0; -+ tunable_better_stou = 0; - - tunable_accept_timeout = 60; - tunable_connect_timeout = 60; -diff --git a/tunables.h b/tunables.h -index a466427..85ea1a8 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -93,6 +93,9 @@ extern int tunable_ftp_enable; /* Allow FTP protocol */ - extern int tunable_http_enable; /* Allow HTTP protocol */ - extern int tunable_seccomp_sandbox; /* seccomp filter sandbox */ - extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */ -+extern int tunable_better_stou; /* Use better file name generation -+ * algorithm for the STOU command -+ */ - - /* Integer/numeric defines */ - extern unsigned int tunable_accept_timeout; -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 43b0435..6911a73 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -65,6 +65,11 @@ creates an 'etc' directory in the new root directory, they could potentially - trick the C library into loading a user-created configuration file from the - /etc/ directory. - -+Default: NO -+.TP -+.B better_stou -+Use better file name generation algorithm for the STOU command. -+ - Default: NO - .TP - .B anon_mkdir_write_enable --- -2.14.4 - diff --git a/0050-Don-t-link-with-libnsl.patch b/0050-Don-t-link-with-libnsl.patch deleted file mode 100644 index 8b626bb..0000000 --- a/0050-Don-t-link-with-libnsl.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f8663f35d5d150f0533bb052e48306b9a5111d87 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 6 Feb 2018 18:04:53 +0100 -Subject: [PATCH 50/59] Don't link with libnsl - -Don't link with libnsl. It builds just fine without it and -vsf_findlibs.sh enables it only when tcp_wrappers is enabled. ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 612994e..0f7411c 100644 ---- a/Makefile -+++ b/Makefile -@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \ - -D_FORTIFY_SOURCE=2 \ - #-pedantic -Wconversion - --LIBS = -lnsl -lpam -lcap -ldl -lcrypto -+LIBS = -lpam -lcap -ldl -lcrypto - LINK = -Wl,-s - LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now - --- -2.14.4 - diff --git a/0051-Improve-documentation-of-better_stou-in-the-man-page.patch b/0051-Improve-documentation-of-better_stou-in-the-man-page.patch deleted file mode 100644 index c2593be..0000000 --- a/0051-Improve-documentation-of-better_stou-in-the-man-page.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 765f99b26705c8d6fe2be4feb07f4c91e7eb96f9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 5 Apr 2018 12:29:03 +0200 -Subject: [PATCH 51/59] Improve documentation of better_stou in the man page - ---- - vsftpd.conf.5 | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 6911a73..e9ae474 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -68,7 +68,12 @@ trick the C library into loading a user-created configuration file from the - Default: NO - .TP - .B better_stou --Use better file name generation algorithm for the STOU command. -+Use a better file name generation algorithm for the STOU command. The default -+original algorithm simply adds an increasing number suffix to the file name, -+which is prone to race conditions if multiple uploaders use the STOU command -+with the same file name simultaneously, which can result in failure of the -+command. The new algorithm adds a unique random six character suffix to -+the file name, which works much better in face of concurrent uploads. - - Default: NO - .TP --- -2.14.4 - diff --git a/0052-Fix-rDNS-with-IPv6.patch b/0052-Fix-rDNS-with-IPv6.patch deleted file mode 100644 index eca9474..0000000 --- a/0052-Fix-rDNS-with-IPv6.patch +++ /dev/null @@ -1,195 +0,0 @@ -From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 26 Apr 2018 10:00:19 +0200 -Subject: [PATCH 52/59] Fix rDNS with IPv6 - -Previously IPv6 addresses were not translated to hostnames for PAM to use. ---- - privops.c | 3 ++- - sysdeputil.c | 28 +++++++++++++++------------- - sysdeputil.h | 5 ++++- - sysutil.c | 35 +++++++++++++++++++++++++++++++++++ - sysutil.h | 4 ++++ - 5 files changed, 60 insertions(+), 15 deletions(-) - -diff --git a/privops.c b/privops.c -index f27c5c4..e577a27 100644 ---- a/privops.c -+++ b/privops.c -@@ -383,7 +383,8 @@ handle_local_login(struct vsf_session* p_sess, - struct mystr* p_user_str, - const struct mystr* p_pass_str) - { -- if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str)) -+ if (!vsf_sysdep_check_auth(p_sess, p_user_str, p_pass_str, -+ &p_sess->remote_ip_str)) - { - return kVSFLoginFail; - } -diff --git a/sysdeputil.c b/sysdeputil.c -index 2063c87..4fe56c2 100644 ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -16,10 +16,6 @@ - #include "tunables.h" - #include "builddefs.h" - --/* For gethostbyaddr, inet_addr */ --#include --#include -- - /* For Linux, this adds nothing :-) */ - #include "port/porting_junk.h" - -@@ -242,13 +238,15 @@ void vsf_remove_uwtmp(void); - - #ifndef VSF_SYSDEP_HAVE_PAM - int --vsf_sysdep_check_auth(struct mystr* p_user_str, -+vsf_sysdep_check_auth(struct vsf_session* p_sess, -+ struct mystr* p_user_str, - const struct mystr* p_pass_str, - const struct mystr* p_remote_host) - { - const char* p_crypted; - const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str)); - (void) p_remote_host; -+ (void) p_sess; - if (p_pwd == NULL) - { - return 0; -@@ -322,14 +320,14 @@ static int pam_conv_func(int nmsg, const struct pam_message** p_msg, - static void vsf_auth_shutdown(void); - - int --vsf_sysdep_check_auth(struct mystr* p_user_str, -+vsf_sysdep_check_auth(struct vsf_session* p_sess, -+ struct mystr* p_user_str, - const struct mystr* p_pass_str, - const struct mystr* p_remote_host) - { - int retval = -1; - #ifdef PAM_RHOST -- struct sockaddr_in sin; -- struct hostent *host; -+ struct mystr hostname = INIT_MYSTR; - #endif - pam_item_t item; - const char* pam_user_name = 0; -@@ -354,13 +352,17 @@ vsf_sysdep_check_auth(struct mystr* p_user_str, - return 0; - } - #ifdef PAM_RHOST -- if (tunable_reverse_lookup_enable) { -- sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host)); -- host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET); -- if (host != (struct hostent*)0) -- retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name); -+ if (tunable_reverse_lookup_enable) -+ { -+ if (vsf_sysutil_get_hostname(p_sess->p_remote_addr, &hostname) == 0) -+ { -+ retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(&hostname)); -+ str_free(&hostname); -+ } - else -+ { - retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host)); -+ } - } else { - retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host)); - } -diff --git a/sysdeputil.h b/sysdeputil.h -index 3b6b30a..6f2aa0a 100644 ---- a/sysdeputil.h -+++ b/sysdeputil.h -@@ -5,6 +5,8 @@ - #include "filesize.h" - #endif - -+#include "session.h" -+ - /* VSF_SYSDEPUTIL_H: - * Support for highly system dependent features, and querying for support - * or lack thereof -@@ -15,7 +17,8 @@ struct mystr; - - /* Authentication of local users */ - /* Return 0 for fail, 1 for success */ --int vsf_sysdep_check_auth(struct mystr* p_user, -+int vsf_sysdep_check_auth(struct vsf_session* p_sess, -+ struct mystr* p_user, - const struct mystr* p_pass, - const struct mystr* p_remote_host); - -diff --git a/sysutil.c b/sysutil.c -index e847650..b68583b 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -2356,6 +2356,41 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, - } - } - -+int -+vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr, -+ struct mystr* p_str) -+{ -+ struct sockaddr *sa; -+ socklen_t sa_len = 0; -+ char hostname[NI_MAXHOST]; -+ int res; -+ -+ sa = &p_addr->u.u_sockaddr; -+ if (sa->sa_family == AF_INET) -+ { -+ sa_len = sizeof(struct sockaddr_in); -+ } -+ else if (sa->sa_family == AF_INET6) -+ { -+ sa_len = sizeof(struct sockaddr_in6); -+ } -+ else -+ { -+ die("can only support ipv4 and ipv6 currently"); -+ } -+ res = getnameinfo(sa, sa_len, hostname, sizeof(hostname), NULL, 0, -+ NI_NAMEREQD); -+ if (res == 0) -+ { -+ str_alloc_text(p_str, hostname); -+ return 0; -+ } -+ else -+ { -+ return -1; -+ } -+} -+ - struct vsf_sysutil_user* - vsf_sysutil_getpwuid(const unsigned int uid) - { -diff --git a/sysutil.h b/sysutil.h -index 7a59f13..2df14ed 100644 ---- a/sysutil.h -+++ b/sysutil.h -@@ -7,6 +7,8 @@ - #include "filesize.h" - #endif - -+#include "str.h" -+ - /* Return value queries */ - int vsf_sysutil_retval_is_error(int retval); - enum EVSFSysUtilError -@@ -266,6 +268,8 @@ int vsf_sysutil_connect_timeout(int fd, - unsigned int wait_seconds); - void vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, - const char* p_name); -+int vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr, -+ struct mystr* p_str); - /* Option setting on sockets */ - void vsf_sysutil_activate_keepalive(int fd); - void vsf_sysutil_rcvtimeo(int fd); --- -2.14.4 - diff --git a/0053-Always-do-chdir-after-chroot.patch b/0053-Always-do-chdir-after-chroot.patch deleted file mode 100644 index e1c0105..0000000 --- a/0053-Always-do-chdir-after-chroot.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 315f9720db94af3319c9550feaf473b9cf09aeac Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 3 May 2018 13:20:28 +0200 -Subject: [PATCH 53/59] Always do chdir("/") after chroot() - -Always do chdir("/") after chroot() to be more sure we'll never get out -of it. This will not affect the working directory after calling -vsf_sysutil_chroot(), because in the current state vsftpd always calls -vsf_sysutil_chroot("."). ---- - sysutil.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/sysutil.c b/sysutil.c -index b68583b..3014c05 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -2588,6 +2588,11 @@ vsf_sysutil_chroot(const char* p_root_path) - { - die("chroot"); - } -+ retval = chdir("/"); -+ if (retval != 0) -+ { -+ die("chdir"); -+ } - } - - unsigned int --- -2.14.4 - diff --git a/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch b/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch deleted file mode 100644 index d67db00..0000000 --- a/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch +++ /dev/null @@ -1,33 +0,0 @@ -From ca27e6e34d89fc247a164ed7330735644f97d7d8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Wed, 9 May 2018 20:15:29 +0200 -Subject: [PATCH 54/59] vsf_sysutil_rcvtimeo: Check return value of setsockopt - ---- - sysutil.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/sysutil.c b/sysutil.c -index 3014c05..de5f876 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -684,10 +684,15 @@ void - vsf_sysutil_rcvtimeo(int fd) - { - struct timeval tv; -+ int retval; - - tv.tv_sec = tunable_data_connection_timeout; - tv.tv_usec = 0; -- setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); -+ retval = setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); -+ if (retval != 0) -+ { -+ die("setsockopt: rcvtimeo"); -+ } - } - - void --- -2.14.4 - diff --git a/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch b/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch deleted file mode 100644 index 85d4f2f..0000000 --- a/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch +++ /dev/null @@ -1,108 +0,0 @@ -From c7ac05fdf2a7b53d901bfc3afeb9a61916aaaaf1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Wed, 9 May 2018 20:26:37 +0200 -Subject: [PATCH 55/59] vsf_sysutil_get_tz: Check the return value of syscalls - -Check the return value of syscalls. There's always the possibility that -they'll fail. (Failure of close() is not handled though, apart from EINTR. -The file is open read-only so it shouldn't fail, and even if it does, -it's not tragic.) - -We return NULL in case of syscall failure. One might be tempted to simply -call die() when any kind of error occurs when parsing the timezone data, -but I think it's more in line with the behaviour of tzset(3) not to do -anything drastic in such a case (tzset() will silently use UTC when -the value given in the TZ environment variable is invalid). ---- - sysutil.c | 46 +++++++++++++++++++++++++++++++++++++--------- - 1 file changed, 37 insertions(+), 9 deletions(-) - -diff --git a/sysutil.c b/sysutil.c -index de5f876..fd07d99 100644 ---- a/sysutil.c -+++ b/sysutil.c -@@ -2647,12 +2647,12 @@ error: - die("reopening standard file descriptors to /dev/null failed"); - } - --char* vsf_sysutil_get_tz() -+char* vsf_sysutil_get_tz(void) - { - char *ret_tz = NULL; - char buff[BUFTZSIZ]; - off_t s_pos, e_pos; -- size_t rcnt, rest; -+ ssize_t rcnt, rest; - int fd; - - if ((fd = open(F_LOCALTIME, O_RDONLY)) > -1) -@@ -2663,8 +2663,12 @@ char* vsf_sysutil_get_tz() - return NULL; - } - s_pos = e_pos > BUFTZSIZ ? e_pos - BUFTZSIZ : 0; -- lseek(fd, s_pos, SEEK_SET); -- rcnt = read(fd, buff, BUFTZSIZ); -+ if (lseek(fd, s_pos, SEEK_SET) == -1 || -+ (rcnt = vsf_sysutil_read(fd, buff, BUFTZSIZ)) == -1) -+ { -+ close(fd); -+ return NULL; -+ } - - if (rcnt && buff[rcnt-1] == '\n') - { -@@ -2680,10 +2684,25 @@ char* vsf_sysutil_get_tz() - int len = e_pos - s_pos - offset; - if (len) - { -- lseek(fd, s_pos + offset, SEEK_SET); -+ if (lseek(fd, s_pos + offset, SEEK_SET) == -1) -+ { -+ close(fd); -+ return NULL; -+ } - ret_tz = calloc(1, len+4); -+ if (ret_tz == NULL) -+ { -+ close(fd); -+ return NULL; -+ } - memcpy(ret_tz, "TZ=", 3); -- rcnt = read(fd, ret_tz+3, len); -+ rcnt = vsf_sysutil_read(fd, ret_tz+3, len); -+ if (rcnt == -1) -+ { -+ free(ret_tz); -+ close(fd); -+ return NULL; -+ } - } - break; - } -@@ -2693,11 +2712,20 @@ char* vsf_sysutil_get_tz() - } - rest = s_pos > BUFTZSIZ ? s_pos - BUFTZSIZ : 0; - s_pos -= rest; -- lseek(fd, s_pos, SEEK_SET); -- rcnt = read(fd, buff, rest); -+ if (lseek(fd, s_pos, SEEK_SET) == -1) -+ { -+ close(fd); -+ return NULL; -+ } -+ rcnt = vsf_sysutil_read(fd, buff, rest); -+ if (rcnt == -1) -+ { -+ close(fd); -+ return NULL; -+ } - } while (rcnt > 0); - -- close (fd); -+ (void) vsf_sysutil_close_errno(fd); - } - - return ret_tz; --- -2.14.4 - diff --git a/0056-Log-die-calls-to-syslog.patch b/0056-Log-die-calls-to-syslog.patch deleted file mode 100644 index 46b93f6..0000000 --- a/0056-Log-die-calls-to-syslog.patch +++ /dev/null @@ -1,206 +0,0 @@ -From ee6af258e8cb1a7fada5e6d3e54429b89f12b158 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 15 Jun 2018 12:02:21 +0200 -Subject: [PATCH 56/59] Log die() calls to syslog - -Pass messages given to die(), die2() and bug() to syslog. Currently this -functionality requires waiting for a short amount of time (1 second is -used) after logging the message and before exiting. This is a workaround -for the following systemd bug: -https://github.com/systemd/systemd/issues/2913 - -The need for this workaround is the main reason why I decided not to -enable this functionality by default. - -Resolves: rhbz#1318198 -Resolves: rhbz#1582672 ---- - logging.c | 13 +++++++++---- - logging.h | 2 ++ - main.c | 4 ++++ - parseconf.c | 1 + - tcpwrap.c | 3 --- - tunables.c | 2 ++ - tunables.h | 2 ++ - utility.c | 11 +++++++++++ - vsftpd.conf.5 | 10 ++++++++++ - 9 files changed, 41 insertions(+), 7 deletions(-) - -diff --git a/logging.c b/logging.c -index c4461f7..9e86808 100644 ---- a/logging.c -+++ b/logging.c -@@ -30,10 +30,6 @@ static void vsf_log_do_log_to_file(int fd, struct mystr* p_str); - void - vsf_log_init(struct vsf_session* p_sess) - { -- if (tunable_syslog_enable || tunable_tcp_wrappers) -- { -- vsf_sysutil_openlog(0); -- } - if (!tunable_xferlog_enable && !tunable_dual_log_enable) - { - return; -@@ -389,3 +385,12 @@ vsf_log_do_log_vsftpd_format(struct vsf_session* p_sess, struct mystr* p_str, - } - } - -+void -+vsf_log_die(const char* p_text) -+{ -+ struct mystr log_str = INIT_MYSTR; -+ -+ str_append_text(&log_str, "ERROR: "); -+ str_append_text(&log_str, p_text); -+ str_syslog(&log_str, 1); -+} -diff --git a/logging.h b/logging.h -index 1ff57d1..75f06c1 100644 ---- a/logging.h -+++ b/logging.h -@@ -91,5 +91,7 @@ void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what, - void vsf_log_failed_line(struct vsf_session* p_sess, enum EVSFLogEntryType what, - struct mystr* p_str); - -+void vsf_log_die(const char* p_text); -+ - #endif /* VSF_LOGGING_H */ - -diff --git a/main.c b/main.c -index f039081..1178d44 100644 ---- a/main.c -+++ b/main.c -@@ -120,6 +120,10 @@ main(int argc, const char* argv[]) - } - vsf_sysutil_free(p_statbuf); - } -+ if (tunable_log_die || tunable_syslog_enable || tunable_tcp_wrappers) -+ { -+ vsf_sysutil_openlog(0); -+ } - /* Resolve pasv_address if required */ - if (tunable_pasv_address && tunable_pasv_addr_resolve) - { -diff --git a/parseconf.c b/parseconf.c -index 47b54f1..aeb401a 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -112,6 +112,7 @@ parseconf_bool_array[] = - { "seccomp_sandbox", &tunable_seccomp_sandbox }, - { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, - { "better_stou", &tunable_better_stou }, -+ { "log_die", &tunable_log_die }, - { 0, 0 } - }; - -diff --git a/tcpwrap.c b/tcpwrap.c -index 5bf57d3..132b771 100644 ---- a/tcpwrap.c -+++ b/tcpwrap.c -@@ -27,15 +27,12 @@ int - vsf_tcp_wrapper_ok(int remote_fd) - { - struct request_info req; -- vsf_sysutil_openlog(0); - request_init(&req, RQ_DAEMON, "vsftpd", RQ_FILE, remote_fd, 0); - fromhost(&req); - if (!hosts_access(&req)) - { -- vsf_sysutil_closelog(); - return 0; - } -- vsf_sysutil_closelog(); - return 1; - } - -diff --git a/tunables.c b/tunables.c -index 5ec2bdc..63de8e6 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -93,6 +93,7 @@ int tunable_http_enable; - int tunable_seccomp_sandbox; - int tunable_allow_writeable_chroot; - int tunable_better_stou; -+int tunable_log_die; - - unsigned int tunable_accept_timeout; - unsigned int tunable_connect_timeout; -@@ -241,6 +242,7 @@ tunables_load_defaults() - tunable_seccomp_sandbox = 0; - tunable_allow_writeable_chroot = 0; - tunable_better_stou = 0; -+ tunable_log_die = 0; - - tunable_accept_timeout = 60; - tunable_connect_timeout = 60; -diff --git a/tunables.h b/tunables.h -index 85ea1a8..8a4b8b2 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -96,6 +96,8 @@ extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */ - extern int tunable_better_stou; /* Use better file name generation - * algorithm for the STOU command - */ -+extern int tunable_log_die; /* Log calls to die(), die2() -+ * and bug() */ - - /* Integer/numeric defines */ - extern unsigned int tunable_accept_timeout; -diff --git a/utility.c b/utility.c -index 5fd714d..75e5bdd 100644 ---- a/utility.c -+++ b/utility.c -@@ -9,6 +9,8 @@ - #include "sysutil.h" - #include "str.h" - #include "defs.h" -+#include "logging.h" -+#include "tunables.h" - - #define DIE_DEBUG - -@@ -41,11 +43,20 @@ void - bug(const char* p_text) - { - /* Rats. Try and write the reason to the network for diagnostics */ -+ if (tunable_log_die) -+ { -+ vsf_log_die(p_text); -+ } - vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD); - (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); - (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, - vsf_sysutil_strlen(p_text)); - (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); -+ if (tunable_log_die) -+ { -+ /* Workaround for https://github.com/systemd/systemd/issues/2913 */ -+ vsf_sysutil_sleep(1.0); -+ } - vsf_sysutil_exit(2); - } - -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index e9ae474..f246906 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -358,6 +358,16 @@ wanting to e.g. append a file. - - Default: YES - .TP -+.B log_die -+Log an error to syslog when some error condition occurs and vsftpd decides -+to quit. Internally, the error messages given to the functions die(), die2() -+and bug() are passed to syslog. Currently this functionality requires waiting -+for a short amount of time (1 second is used) after logging the message and -+before exiting. This is a workaround for the following systemd bug: -+https://github.com/systemd/systemd/issues/2913 -+ -+Default: NO -+.TP - .B log_ftp_protocol - When enabled, all FTP requests and responses are logged, providing the option - xferlog_std_format is not enabled. Useful for debugging. --- -2.14.4 - diff --git a/0057-Improve-error-message-when-max-number-of-bind-attemp.patch b/0057-Improve-error-message-when-max-number-of-bind-attemp.patch deleted file mode 100644 index 3a0effe..0000000 --- a/0057-Improve-error-message-when-max-number-of-bind-attemp.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 380e40930661d643c865bace4e1791ca8f9d74cf Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Mon, 18 Jun 2018 14:01:46 +0200 -Subject: [PATCH 57/59] Improve error message when max number of bind attempts - is exceeded - -Resolves: rhbz#1318198 ---- - privops.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/privops.c b/privops.c -index e577a27..010d28d 100644 ---- a/privops.c -+++ b/privops.c -@@ -183,7 +183,7 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess) - } - if (!bind_retries) - { -- die("vsf_sysutil_bind"); -+ die("vsf_sysutil_bind, maximum number of attempts to find a listening port exceeded"); - } - return the_port; - } --- -2.14.4 - diff --git a/0058-Make-the-max-number-of-bind-retries-tunable.patch b/0058-Make-the-max-number-of-bind-retries-tunable.patch deleted file mode 100644 index 1350470..0000000 --- a/0058-Make-the-max-number-of-bind-retries-tunable.patch +++ /dev/null @@ -1,103 +0,0 @@ -From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Mon, 18 Jun 2018 10:13:48 +0200 -Subject: [PATCH 58/59] Make the max number of bind retries tunable - -Resolves: rhbz#1318198 ---- - parseconf.c | 1 + - privops.c | 8 ++++++-- - tunables.c | 2 ++ - tunables.h | 1 + - vsftpd.conf.5 | 5 +++++ - 5 files changed, 15 insertions(+), 2 deletions(-) - -diff --git a/parseconf.c b/parseconf.c -index aeb401a..3cfe7da 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -143,6 +143,7 @@ parseconf_uint_array[] = - { "delay_successful_login", &tunable_delay_successful_login }, - { "max_login_fails", &tunable_max_login_fails }, - { "chown_upload_mode", &tunable_chown_upload_mode }, -+ { "bind_retries", &tunable_bind_retries }, - { 0, 0 } - }; - -diff --git a/privops.c b/privops.c -index 010d28d..83b25c7 100644 ---- a/privops.c -+++ b/privops.c -@@ -120,8 +120,8 @@ unsigned short - vsf_privop_pasv_listen(struct vsf_session* p_sess) - { - static struct vsf_sysutil_sockaddr* s_p_sockaddr; -- int bind_retries = 10; -- unsigned short the_port; -+ int bind_retries = tunable_bind_retries + 1; -+ unsigned short the_port = 0; - /* IPPORT_RESERVED */ - unsigned short min_port = 1024; - unsigned short max_port = 65535; -@@ -131,6 +131,10 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess) - die("listed fd already active"); - } - -+ if (bind_retries < 2) -+ { -+ bind_retries = 2; -+ } - if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port) - { - min_port = (unsigned short) tunable_pasv_min_port; -diff --git a/tunables.c b/tunables.c -index 63de8e6..a7ce9c8 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -115,6 +115,7 @@ unsigned int tunable_delay_failed_login; - unsigned int tunable_delay_successful_login; - unsigned int tunable_max_login_fails; - unsigned int tunable_chown_upload_mode; -+unsigned int tunable_bind_retries; - - const char* tunable_secure_chroot_dir; - const char* tunable_ftp_username; -@@ -268,6 +269,7 @@ tunables_load_defaults() - tunable_max_login_fails = 3; - /* -rw------- */ - tunable_chown_upload_mode = 0600; -+ tunable_bind_retries = 9; - - install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); - install_str_setting("ftp", &tunable_ftp_username); -diff --git a/tunables.h b/tunables.h -index 8a4b8b2..029d645 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -120,6 +120,7 @@ extern unsigned int tunable_delay_failed_login; - extern unsigned int tunable_delay_successful_login; - extern unsigned int tunable_max_login_fails; - extern unsigned int tunable_chown_upload_mode; -+extern unsigned int tunable_bind_retries; - - /* String defines */ - extern const char* tunable_secure_chroot_dir; -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index f246906..ce3fba3 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -760,6 +760,11 @@ value will be treated as a base 10 integer! - - Default: 077 - .TP -+.B bind_retries -+Maximum number of attempts to find a free listening port in passive mode. -+ -+Default: 9 -+.TP - .B chown_upload_mode - The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6). - --- -2.14.4 - diff --git a/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch b/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch deleted file mode 100644 index 3adbd4c..0000000 --- a/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 970711fde95bee3de1e4a5e0b557c3132d0c3e3f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Tue, 6 Feb 2018 11:39:01 +0100 -Subject: [PATCH 59/59] Fix SEGFAULT when running in a container as PID 1 - -When vsftpd is running in a container as PID 1, it is possible -that it will get SIGCHILD for processes, which were not directly -created by it, but by some of its children. These processes will -not be in the s_p_pid_ip_hash hash table, and thus trying to -delete the entry from the hash table in standalone.c:handle_sigchld() -will result in segmentation fault. - -I can quite easily reproduce it with the upstream vsftpd and default -configuration, except for isolate=NO and isolate_network=NO being set -(it seems to me that network namespaces take a long time to create -and destroy, which hides the race condition), on a quad-core machine. -When connecting to vsftpd in a loop like this: -$ while true; do echo -en '' | nc localhost 21; done - -vsftpd crashes after a couple of seconds. ---- - standalone.c | 18 +++++++++++++----- - 1 file changed, 13 insertions(+), 5 deletions(-) - -diff --git a/standalone.c b/standalone.c -index 3b65ea2..3f35e9e 100644 ---- a/standalone.c -+++ b/standalone.c -@@ -270,13 +270,21 @@ handle_sigchld(void* duff) - if (reap_one) - { - struct vsf_sysutil_ipaddr* p_ip; -- /* Account total number of instances */ -- --s_children; -- /* Account per-IP limit */ - p_ip = (struct vsf_sysutil_ipaddr*) - hash_lookup_entry(s_p_pid_ip_hash, (void*)&reap_one); -- drop_ip_count(p_ip); -- hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one); -+ /* If we are running in a container as PID 1, it is possible -+ * that we will get SIGCHILD for processes, which were not -+ * created directly by our process and which are not in the -+ * s_p_pid_ip_hash hash table. -+ */ -+ if (p_ip) -+ { -+ /* Account total number of instances */ -+ --s_children; -+ /* Account per-IP limit */ -+ drop_ip_count(p_ip); -+ hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one); -+ } - } - } - } --- -2.14.4 - diff --git a/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch b/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch deleted file mode 100644 index 4fb8420..0000000 --- a/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch +++ /dev/null @@ -1,25 +0,0 @@ -From f3a745be207831ebd07add16e66ac2b43a743dc1 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Fri, 24 Jan 2025 11:42:39 +0100 -Subject: [PATCH] Correct the definition of setup_bio_callbacks() in ssl.c - ---- - ssl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ssl.c b/ssl.c -index e518097..02ed489 100644 ---- a/ssl.c -+++ b/ssl.c -@@ -36,7 +36,7 @@ - static char* get_ssl_error(); - static SSL* get_ssl(struct vsf_session* p_sess, int fd); - static int ssl_session_init(struct vsf_session* p_sess); --static void setup_bio_callbacks(); -+static void setup_bio_callbacks(SSL* p_ssl); - static long bio_callback( - BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed); - static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); --- -2.48.1 - diff --git a/ci.fmf b/ci.fmf deleted file mode 100644 index c5aa0e0..0000000 --- a/ci.fmf +++ /dev/null @@ -1 +0,0 @@ -resultsdb-testcase: separate diff --git a/fix-str_open.patch b/fix-str_open.patch deleted file mode 100644 index e5d5bd9..0000000 --- a/fix-str_open.patch +++ /dev/null @@ -1,27 +0,0 @@ ---- sysstr-orig.c 2022-07-27 09:44:52.606408000 +0200 -+++ sysstr.c 2022-07-27 09:54:24.043081352 +0200 -@@ -74,19 +74,11 @@ - int - str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) - { -- enum EVSFSysUtilOpenMode open_mode = kVSFSysUtilOpenUnknown; -- switch (mode) -- { -- case kVSFSysStrOpenReadOnly: -- open_mode = kVSFSysUtilOpenReadOnly; -- break; -- case kVSFSysStrOpenUnknown: -- /* Fall through */ -- default: -- bug("unknown mode value in str_open"); -- break; -- } -- return vsf_sysutil_open_file(str_getbuf(p_str), open_mode); -+ if (mode == kVSFSysStrOpenReadOnly) -+ return vsf_sysutil_open_file(str_getbuf(p_str), kVSFSysUtilOpenReadOnly); -+ -+ bug("unknown mode value in str_open"); -+ return -1; - } - - int diff --git a/gating.yaml b/gating.yaml deleted file mode 100644 index 9b2646f..0000000 --- a/gating.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- !Policy -product_versions: - - fedora-* -decision_context: bodhi_update_push_testing -subject_type: koji_build -rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} - -#Rawhide ---- !Policy -product_versions: - - fedora-* -decision_context: bodhi_update_push_stable -subject_type: koji_build -rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} - -#gating rhel ---- !Policy -product_versions: - - rhel-* -decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional} - - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} - diff --git a/plans.fmf b/plans.fmf deleted file mode 100644 index 900f2e5..0000000 --- a/plans.fmf +++ /dev/null @@ -1,47 +0,0 @@ -/tier1-internal: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/tier1/internal - adjust: - enabled: false - when: distro == centos-stream, fedora - because: They don't have access to internal repos. - -/tier1-public: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/tier1/public - -/tier2-tier3-internal: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/tier2-tier3/internal - adjust: - enabled: false - when: distro == centos-stream, fedora - because: They don't have access to internal repos. - -/tier2-tier3-public: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/tier2-tier3/public - -/others-internal: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/others/internal - adjust: - enabled: false - when: distro == centos-stream, fedora - because: They don't have access to internal repos. - -/others-public: - plan: - import: - url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git - name: /plans/others/public diff --git a/sources b/sources index e0f928f..b94676e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (vsftpd-3.0.5.tar.gz) = 9e9f9bde8c460fbc6b1d29ca531327fb2e40e336358f1cc19e1da205ef81b553719a148ad4613ceead25499d1ac3f03301a0ecd3776e5c228acccb7f9461a7ee +da119d084bd3f98664636ea05b5bb398 vsftpd-3.0.3.tar.gz diff --git a/vsftpd-3.0.3-ALPACA.patch b/vsftpd-3.0.3-ALPACA.patch deleted file mode 100644 index 336a1de..0000000 --- a/vsftpd-3.0.3-ALPACA.patch +++ /dev/null @@ -1,225 +0,0 @@ -diff --git a/parseconf.c b/parseconf.c -index 3729818..ee1b8b4 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -188,6 +188,7 @@ parseconf_str_array[] = - { "rsa_private_key_file", &tunable_rsa_private_key_file }, - { "dsa_private_key_file", &tunable_dsa_private_key_file }, - { "ca_certs_file", &tunable_ca_certs_file }, -+ { "ssl_sni_hostname", &tunable_ssl_sni_hostname }, - { "cmds_denied", &tunable_cmds_denied }, - { 0, 0 } - }; -diff --git a/ssl.c b/ssl.c -index 09ec96a..b622347 100644 ---- a/ssl.c -+++ b/ssl.c -@@ -41,6 +41,13 @@ static long bio_callback( - BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); - static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); - static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); -+static int ssl_alpn_callback(SSL* p_ssl, -+ const unsigned char** p_out, -+ unsigned char* outlen, -+ const unsigned char* p_in, -+ unsigned int inlen, -+ void* p_arg); -+static long ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg); - static int ssl_cert_digest( - SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); - static void maybe_log_shutdown_state(struct vsf_session* p_sess); -@@ -285,6 +292,11 @@ ssl_init(struct vsf_session* p_sess) - SSL_CTX_set_timeout(p_ctx, INT_MAX); - } - -+ /* Set up ALPN to check for FTP protocol intention of client. */ -+ SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); -+ /* Set up SNI callback for an optional hostname check. */ -+ SSL_CTX_set_tlsext_servername_callback(p_ctx, ssl_sni_callback); -+ SSL_CTX_set_tlsext_servername_arg(p_ctx, p_sess); - SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); - - if (tunable_ecdh_param_file) -@@ -871,6 +883,133 @@ ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) - return DH_get_dh(keylength); - } - -+static int -+ssl_alpn_callback(SSL* p_ssl, -+ const unsigned char** p_out, -+ unsigned char* outlen, -+ const unsigned char* p_in, -+ unsigned int inlen, -+ void* p_arg) { -+ unsigned int i; -+ struct vsf_session* p_sess = (struct vsf_session*) p_arg; -+ int is_ok = 0; -+ -+ (void) p_ssl; -+ -+ /* Initialize just in case. */ -+ *p_out = p_in; -+ *outlen = 0; -+ -+ for (i = 0; i < inlen; ++i) { -+ unsigned int left = (inlen - i); -+ if (left < 4) { -+ continue; -+ } -+ if (p_in[i] == 3 && p_in[i + 1] == 'f' && p_in[i + 2] == 't' && -+ p_in[i + 3] == 'p') -+ { -+ is_ok = 1; -+ *p_out = &p_in[i + 1]; -+ *outlen = 3; -+ break; -+ } -+ } -+ -+ if (!is_ok) -+ { -+ str_alloc_text(&debug_str, "ALPN rejection"); -+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); -+ } -+ if (!is_ok || tunable_debug_ssl) -+ { -+ str_alloc_text(&debug_str, "ALPN data: "); -+ for (i = 0; i < inlen; ++i) { -+ str_append_char(&debug_str, p_in[i]); -+ } -+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); -+ } -+ -+ if (is_ok) -+ { -+ return SSL_TLSEXT_ERR_OK; -+ } -+ else -+ { -+ return SSL_TLSEXT_ERR_ALERT_FATAL; -+ } -+} -+ -+static long -+ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg) -+{ -+ static struct mystr s_sni_expected_hostname; -+ static struct mystr s_sni_received_hostname; -+ -+ int servername_type; -+ const char* p_sni_servername; -+ struct vsf_session* p_sess = (struct vsf_session*) p_arg; -+ int is_ok = 0; -+ -+ (void) p_ssl; -+ (void) p_arg; -+ -+ if (tunable_ssl_sni_hostname) -+ { -+ str_alloc_text(&s_sni_expected_hostname, tunable_ssl_sni_hostname); -+ } -+ -+ /* The OpenSSL documentation says it is pre-initialized like this, but set -+ * it just in case. -+ */ -+ *p_al = SSL_AD_UNRECOGNIZED_NAME; -+ -+ servername_type = SSL_get_servername_type(p_ssl); -+ p_sni_servername = SSL_get_servername(p_ssl, TLSEXT_NAMETYPE_host_name); -+ if (p_sni_servername != NULL) { -+ str_alloc_text(&s_sni_received_hostname, p_sni_servername); -+ } -+ -+ if (str_isempty(&s_sni_expected_hostname)) -+ { -+ is_ok = 1; -+ } -+ else if (servername_type != TLSEXT_NAMETYPE_host_name) -+ { -+ /* Fail. */ -+ str_alloc_text(&debug_str, "SNI bad type: "); -+ str_append_ulong(&debug_str, servername_type); -+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); -+ } -+ else -+ { -+ if (!str_strcmp(&s_sni_expected_hostname, &s_sni_received_hostname)) -+ { -+ is_ok = 1; -+ } -+ else -+ { -+ str_alloc_text(&debug_str, "SNI rejection"); -+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); -+ } -+ } -+ -+ if (!is_ok || tunable_debug_ssl) -+ { -+ str_alloc_text(&debug_str, "SNI hostname: "); -+ str_append_str(&debug_str, &s_sni_received_hostname); -+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); -+ } -+ -+ if (is_ok) -+ { -+ return SSL_TLSEXT_ERR_OK; -+ } -+ else -+ { -+ return SSL_TLSEXT_ERR_ALERT_FATAL; -+ } -+} -+ - void - ssl_add_entropy(struct vsf_session* p_sess) - { -diff --git a/tunables.c b/tunables.c -index c96c1ac..d8dfcde 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -152,6 +152,7 @@ const char* tunable_ssl_ciphers; - const char* tunable_rsa_private_key_file; - const char* tunable_dsa_private_key_file; - const char* tunable_ca_certs_file; -+const char* tunable_ssl_sni_hostname; - - static void install_str_setting(const char* p_value, const char** p_storage); - -@@ -309,6 +310,7 @@ tunables_load_defaults() - install_str_setting(0, &tunable_rsa_private_key_file); - install_str_setting(0, &tunable_dsa_private_key_file); - install_str_setting(0, &tunable_ca_certs_file); -+ install_str_setting(0, &tunable_ssl_sni_hostname); - } - - void -diff --git a/tunables.h b/tunables.h -index 8d50150..de6cab0 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -157,6 +157,7 @@ extern const char* tunable_ssl_ciphers; - extern const char* tunable_rsa_private_key_file; - extern const char* tunable_dsa_private_key_file; - extern const char* tunable_ca_certs_file; -+extern const char* tunable_ssl_sni_hostname; - extern const char* tunable_cmds_denied; - - #endif /* VSF_TUNABLES_H */ -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 815773f..7006287 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -1128,6 +1128,12 @@ for further details. - - Default: PROFILE=SYSTEM - .TP -+.B ssl_sni_hostname -+If set, SSL connections will be rejected unless the SNI hostname in the -+incoming handshakes matches this value. -+ -+Default: (none) -+.TP - .B user_config_dir - This powerful option allows the override of any config option specified in - the manual page, on a per-user basis. Usage is simple, and is best illustrated diff --git a/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch b/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch deleted file mode 100644 index b215273..0000000 --- a/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch +++ /dev/null @@ -1,96 +0,0 @@ -diff --git a/features.c b/features.c -index d024366..3a60b88 100644 ---- a/features.c -+++ b/features.c -@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess) - { - vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); - } -- if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2) -+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3) - { - vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); - } -diff --git a/parseconf.c b/parseconf.c -index ee1b8b4..5188088 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -87,6 +87,7 @@ parseconf_bool_array[] = - { "ssl_tlsv1", &tunable_tlsv1 }, - { "ssl_tlsv1_1", &tunable_tlsv1_1 }, - { "ssl_tlsv1_2", &tunable_tlsv1_2 }, -+ { "ssl_tlsv1_3", &tunable_tlsv1_3 }, - { "tilde_user_enable", &tunable_tilde_user_enable }, - { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, - { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, -diff --git a/ssl.c b/ssl.c -index b622347..3af67ad 100644 ---- a/ssl.c -+++ b/ssl.c -@@ -185,6 +185,10 @@ ssl_init(struct vsf_session* p_sess) - { - options |= SSL_OP_NO_TLSv1_2; - } -+ if (!tunable_tlsv1_3) -+ { -+ options |= SSL_OP_NO_TLSv1_3; -+ } - SSL_CTX_set_options(p_ctx, options); - if (tunable_rsa_cert_file) - { -diff --git a/tunables.c b/tunables.c -index d8dfcde..dc001ac 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -68,6 +68,7 @@ int tunable_sslv3; - int tunable_tlsv1; - int tunable_tlsv1_1; - int tunable_tlsv1_2; -+int tunable_tlsv1_3; - int tunable_tilde_user_enable; - int tunable_force_anon_logins_ssl; - int tunable_force_anon_data_ssl; -@@ -218,8 +219,9 @@ tunables_load_defaults() - tunable_sslv3 = 0; - tunable_tlsv1 = 0; - tunable_tlsv1_1 = 0; -- /* Only TLSv1.2 is enabled by default */ -+ /* Only TLSv1.2 and TLSv1.3 are enabled by default */ - tunable_tlsv1_2 = 1; -+ tunable_tlsv1_3 = 1; - tunable_tilde_user_enable = 0; - tunable_force_anon_logins_ssl = 0; - tunable_force_anon_data_ssl = 0; -diff --git a/tunables.h b/tunables.h -index de6cab0..ff0eebc 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -69,6 +69,7 @@ extern int tunable_sslv3; /* Allow SSLv3 */ - extern int tunable_tlsv1; /* Allow TLSv1 */ - extern int tunable_tlsv1_1; /* Allow TLSv1.1 */ - extern int tunable_tlsv1_2; /* Allow TLSv1.2 */ -+extern int tunable_tlsv1_3; /* Allow TLSv1.3 */ - extern int tunable_tilde_user_enable; /* Support e.g. ~chris */ - extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */ - extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */ -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 7006287..d181e50 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -587,7 +587,15 @@ Default: NO - Only applies if - .BR ssl_enable - is activated. If enabled, this option will permit TLS v1.2 protocol connections. --TLS v1.2 connections are preferred. -+TLS v1.2 and TLS v1.3 connections are preferred. -+ -+Default: YES -+.TP -+.B ssl_tlsv1_3 -+Only applies if -+.BR ssl_enable -+is activated. If enabled, this option will permit TLS v1.3 protocol connections. -+TLS v1.2 and TLS v1.3 connections are preferred. - - Default: YES - .TP diff --git a/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch b/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch deleted file mode 100644 index 1f1925e..0000000 --- a/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch +++ /dev/null @@ -1,79 +0,0 @@ -diff -urN a/parseconf.c b/parseconf.c ---- a/parseconf.c 2021-05-29 23:39:19.000000000 +0200 -+++ b/parseconf.c 2023-03-03 10:22:38.256439634 +0100 -@@ -185,6 +185,7 @@ - { "dsa_cert_file", &tunable_dsa_cert_file }, - { "dh_param_file", &tunable_dh_param_file }, - { "ecdh_param_file", &tunable_ecdh_param_file }, -+ { "ssl_ciphersuites", &tunable_ssl_ciphersuites }, - { "ssl_ciphers", &tunable_ssl_ciphers }, - { "rsa_private_key_file", &tunable_rsa_private_key_file }, - { "dsa_private_key_file", &tunable_dsa_private_key_file }, -diff -urN a/ssl.c b/ssl.c ---- a/ssl.c 2021-08-02 08:24:35.000000000 +0200 -+++ b/ssl.c 2023-03-03 10:28:05.989757655 +0100 -@@ -135,6 +135,11 @@ - { - die("SSL: could not set cipher list"); - } -+ if (tunable_ssl_ciphersuites && -+ SSL_CTX_set_ciphersuites(p_ctx, tunable_ssl_ciphersuites) != 1) -+ { -+ die("SSL: could not set ciphersuites"); -+ } - if (RAND_status() != 1) - { - die("SSL: RNG is not seeded"); -diff -urN a/tunables.c b/tunables.c ---- a/tunables.c 2021-05-29 23:39:00.000000000 +0200 -+++ b/tunables.c 2023-03-03 10:13:30.566868026 +0100 -@@ -154,6 +154,7 @@ - const char* tunable_dsa_cert_file; - const char* tunable_dh_param_file; - const char* tunable_ecdh_param_file; - const char* tunable_ssl_ciphers; -+const char* tunable_ssl_ciphersuites; - const char* tunable_rsa_private_key_file; - const char* tunable_dsa_private_key_file; -@@ -293,6 +293,7 @@ - install_str_setting(0, &tunable_dh_param_file); - install_str_setting(0, &tunable_ecdh_param_file); - install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers); -+ install_str_setting("TLS_AES_256_GCM_SHA384", &tunable_ssl_ciphersuites); - install_str_setting(0, &tunable_rsa_private_key_file); - install_str_setting(0, &tunable_dsa_private_key_file); - install_str_setting(0, &tunable_ca_certs_file); -diff -urN a/tunables.h b/tunables.h ---- a/tunables.h -+++ b/tunables.h -@@ -144,6 +144,7 @@ - extern const char* tunable_dsa_cert_file; - extern const char* tunable_dh_param_file; - extern const char* tunable_ecdh_param_file; - extern const char* tunable_ssl_ciphers; -+extern const char* tunable_ssl_ciphersuites; - extern const char* tunable_rsa_private_key_file; - extern const char* tunable_dsa_private_key_file; ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -1009,6 +1009,20 @@ - - Default: PROFILE=SYSTEM - .TP -+.B ssl_ciphersuites -+This option can be used to select which SSL cipher suites vsftpd will allow for -+encrypted SSL connections with TLSv1.3. See the -+.BR ciphers -+man page for further details. Note that restricting ciphers can be a useful -+security precaution as it prevents malicious remote parties forcing a cipher -+which they have found problems with. -+ -+By default, the system-wide crypto policy is used. See -+.BR update-crypto-policies(8) -+for further details. -+ -+Default: TLS_AES_256_GCM_SHA384 -+.TP - .B ssl_sni_hostname - If set, SSL connections will be rejected unless the SNI hostname in the - incoming handshakes matches this value. diff --git a/vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch b/vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch deleted file mode 100644 index 914aebd..0000000 --- a/vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch +++ /dev/null @@ -1,215 +0,0 @@ -diff --git a/logging.c b/logging.c -index 9e86808..613ff4b 100644 ---- a/logging.c -+++ b/logging.c -@@ -171,7 +171,14 @@ vsf_log_do_log_to_file(int fd, struct mystr* p_str) - return; - } - } -- str_replace_unprintable(p_str, '?'); -+ if (tunable_wc_logs_enable) -+ { -+ str_replace_unprintable_with_hex_wc(p_str); -+ } -+ else -+ { -+ str_replace_unprintable_with_hex(p_str); -+ } - str_append_char(p_str, '\n'); - /* Ignore write failure; maybe the disk filled etc. */ - (void) str_write_loop(p_str, fd); -diff --git a/parseconf.c b/parseconf.c -index 3cfe7da..3729818 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -113,6 +113,7 @@ parseconf_bool_array[] = - { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, - { "better_stou", &tunable_better_stou }, - { "log_die", &tunable_log_die }, -+ { "wc_logs_enable", &tunable_wc_logs_enable }, - { 0, 0 } - }; - -diff --git a/str.c b/str.c -index 82b8ae4..c03e7d8 100644 ---- a/str.c -+++ b/str.c -@@ -20,6 +20,11 @@ - #include "utility.h" - #include "sysutil.h" - -+#include -+#include -+#include -+#include -+ - /* File local functions */ - static void str_split_text_common(struct mystr* p_src, struct mystr* p_rhs, - const char* p_text, int is_reverse); -@@ -723,6 +728,102 @@ str_replace_unprintable(struct mystr* p_str, char new_char) - } - } - -+void -+str_replace_unprintable_with_hex(struct mystr* p_str) -+{ -+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len); -+ if (ups_size < p_str->len) -+ { -+ str_replace_unprintable(p_str, '?'); -+ str_append_text(p_str, ": BUG: string is too long"); -+ bug(p_str->p_buf); -+ } -+ unsigned int* ups = vsf_sysutil_malloc(ups_size); -+ unsigned int up_count = 0; -+ for (unsigned int i=0; i < p_str->len; i++) -+ { -+ if (!vsf_sysutil_isprint(p_str->p_buf[i])) -+ { -+ ups[up_count++] = i; -+ } -+ } -+ str_replace_positions_with_hex(p_str, ups, up_count); -+ vsf_sysutil_free(ups); -+} -+ -+void str_replace_unprintable_with_hex_wc(struct mystr* p_str) -+{ -+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len); -+ if (ups_size < p_str->len) -+ { -+ str_replace_unprintable(p_str, '?'); -+ str_append_text(p_str, ": BUG: string is too long"); -+ bug(p_str->p_buf); -+ } -+ unsigned int* ups = vsf_sysutil_malloc(ups_size); -+ unsigned int up_count = 0; -+ -+ size_t current = 0; -+ wchar_t pwc; -+ mbstate_t ps; -+ memset(&ps, 0, sizeof(ps)); -+ ssize_t len = 0; -+ while ((len = mbrtowc(&pwc, p_str->p_buf, p_str->len - current, &ps)) > 0) -+ { -+ if (!iswprint(pwc)) -+ { -+ for (int i = 0; i < len; i++) -+ { -+ ups[up_count++] = current++; -+ } -+ } -+ else -+ { -+ current += len; -+ } -+ } -+ if (len < 0) -+ { -+ while (current < p_str->len) -+ { -+ ups[up_count++] = current++; -+ } -+ } -+ str_replace_positions_with_hex(p_str, ups, up_count); -+ vsf_sysutil_free(ups); -+} -+ -+void -+str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, const unsigned int pos_count) -+{ -+ if (pos_count == 0) -+ return; -+ -+ struct mystr tmp_str = INIT_MYSTR; -+ str_reserve(&tmp_str, p_str->len + 3 * pos_count); -+ unsigned int current = 0; -+ -+ for (unsigned int i=0; i < pos_count; i++) -+ { -+ unsigned int pos = poss[i]; -+ -+ if (current < pos) -+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, pos - current); -+ -+ char hex_buf[5]; -+ memset(hex_buf, 0, sizeof(hex_buf)); -+ sprintf(hex_buf, "\\x%02X", (unsigned char) p_str->p_buf[pos]); -+ str_append_text(&tmp_str, hex_buf); -+ current = pos + 1; -+ } -+ -+ if (current < p_str->len) -+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, p_str->len - current); -+ -+ str_copy(p_str, &tmp_str); -+ str_free(&tmp_str); -+} -+ - void - str_basename (struct mystr* d_str, const struct mystr* path) - { -diff --git a/str.h b/str.h -index 44270da..95a83b5 100644 ---- a/str.h -+++ b/str.h -@@ -98,6 +98,10 @@ int str_contains_space(const struct mystr* p_str); - int str_all_space(const struct mystr* p_str); - int str_contains_unprintable(const struct mystr* p_str); - void str_replace_unprintable(struct mystr* p_str, char new_char); -+void str_replace_unprintable_with_hex(struct mystr* p_str); -+void str_replace_unprintable_with_hex_wc(struct mystr* p_str); -+void str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, -+ const unsigned int pos_count); - int str_atoi(const struct mystr* p_str); - filesize_t str_a_to_filesize_t(const struct mystr* p_str); - unsigned int str_octal_to_uint(const struct mystr* p_str); -diff --git a/tunables.c b/tunables.c -index a7ce9c8..c96c1ac 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -94,6 +94,7 @@ int tunable_seccomp_sandbox; - int tunable_allow_writeable_chroot; - int tunable_better_stou; - int tunable_log_die; -+int tunable_wc_logs_enable; - - unsigned int tunable_accept_timeout; - unsigned int tunable_connect_timeout; -@@ -244,6 +245,7 @@ tunables_load_defaults() - tunable_allow_writeable_chroot = 0; - tunable_better_stou = 0; - tunable_log_die = 0; -+ tunable_wc_logs_enable = 0; - - tunable_accept_timeout = 60; - tunable_connect_timeout = 60; -diff --git a/tunables.h b/tunables.h -index 029d645..8d50150 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -98,6 +98,7 @@ extern int tunable_better_stou; /* Use better file name generation - */ - extern int tunable_log_die; /* Log calls to die(), die2() - * and bug() */ -+extern int tunable_wc_logs_enable; /* Allow non ASCII characters in logs */ - - /* Integer/numeric defines */ - extern unsigned int tunable_accept_timeout; -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index ce3fba3..815773f 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -735,6 +735,12 @@ If enabled, use CLONE_NEWPID and CLONE_NEWIPC to isolate processes to their - ipc and pid namespaces. So separated processes can not interact with each other. - - Default: YES -+.TP -+.B wc_logs_enable -+If enabled, logs will be treated as wide-character strings and not just -+ASCII strings when filtering out non-printable characters. -+ -+Default: NO - - .SH NUMERIC OPTIONS - Below is a list of numeric options. A numeric option must be set to a non diff --git a/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch b/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch deleted file mode 100644 index 8e3792b..0000000 --- a/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff --git a/ssl.c b/ssl.c ---- ssl.c -+++ ssl.c -@@ -28,17 +28,17 @@ - #include - #include - #include - #include - #include - #include - #include - - static char* get_ssl_error(); - static SSL* get_ssl(struct vsf_session* p_sess, int fd); - static int ssl_session_init(struct vsf_session* p_sess); - static void setup_bio_callbacks(); - static long bio_callback( -- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); -+ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed); - static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); - static int ssl_alpn_callback(SSL* p_ssl, - const unsigned char** p_out, -@@ -88,7 +88,7 @@ - long options; - int verify_option = 0; - SSL_library_init(); -- p_ctx = SSL_CTX_new(SSLv23_server_method()); -+ p_ctx = SSL_CTX_new_ex(NULL, NULL, TLS_server_method()); - if (p_ctx == NULL) - { - die("SSL: could not allocate SSL context"); -@@ -180,13 +180,10 @@ - die("SSL: RNG is not seeded"); - } - { -- EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); -- if (key == NULL) -+ if (!SSL_CTX_set1_groups_list(p_ctx, "P-256")) - { - die("SSL: failed to get curve p256"); - } -- SSL_CTX_set_tmp_ecdh(p_ctx, key); -- EC_KEY_free(key); - } - if (tunable_ssl_request_cert) - { -@@ -692,17 +689,19 @@ - static void setup_bio_callbacks(SSL* p_ssl) - { - BIO* p_bio = SSL_get_rbio(p_ssl); -- BIO_set_callback(p_bio, bio_callback); -+ BIO_set_callback_ex(p_bio, bio_callback); - p_bio = SSL_get_wbio(p_ssl); -- BIO_set_callback(p_bio, bio_callback); -+ BIO_set_callback_ex(p_bio, bio_callback); - } - - static long - bio_callback( -- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long ret) -+ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed) - { - int retval = 0; - int fd = 0; -+ (void) len; -+ (void) processed; - (void) p_arg; - (void) argi; - (void) argl; - diff --git a/vsftpd-3.0.5-replace-old-network-addr-functions.patch b/vsftpd-3.0.5-replace-old-network-addr-functions.patch deleted file mode 100644 index 89e6257..0000000 --- a/vsftpd-3.0.5-replace-old-network-addr-functions.patch +++ /dev/null @@ -1,139 +0,0 @@ -diff -urN vsftpd-3.0.5-orig/postlogin.c vsftpd-3.0.5/postlogin.c ---- vsftpd-3.0.5-orig/postlogin.c 2015-07-22 21:03:22.000000000 +0200 -+++ vsftpd-3.0.5/postlogin.c 2023-02-13 16:34:05.244467476 +0100 -@@ -27,4 +27,6 @@ - #include "ssl.h" - #include "vsftpver.h" -+#include -+#include - #include "opts.h" - -@@ -628,9 +629,10 @@ - else - { - const void* p_v4addr = vsf_sysutil_sockaddr_ipv6_v4(s_p_sockaddr); -+ static char result[INET_ADDRSTRLEN]; - if (p_v4addr) - { -- str_append_text(&s_pasv_res_str, vsf_sysutil_inet_ntoa(p_v4addr)); -+ str_append_text(&s_pasv_res_str, inet_ntop(AF_INET, p_v4addr, result, INET_ADDRSTRLEN)); - } - else - { -diff -urN vsftpd-3.0.5-orig/sysutil.c vsftpd-3.0.5/sysutil.c ---- vsftpd-3.0.5-orig/sysutil.c 2012-09-16 09:07:38.000000000 +0200 -+++ vsftpd-3.0.5/sysutil.c 2023-02-13 16:08:58.557153109 +0100 -@@ -2205,20 +2205,13 @@ - const struct sockaddr* p_sockaddr = &p_sockptr->u.u_sockaddr; - if (p_sockaddr->sa_family == AF_INET) - { -- return inet_ntoa(p_sockptr->u.u_sockaddr_in.sin_addr); -+ static char result[INET_ADDRSTRLEN]; -+ return inet_ntop(AF_INET, &p_sockptr->u.u_sockaddr_in.sin_addr, result, INET_ADDRSTRLEN); - } - else if (p_sockaddr->sa_family == AF_INET6) - { -- static char inaddr_buf[64]; -- const char* p_ret = inet_ntop(AF_INET6, -- &p_sockptr->u.u_sockaddr_in6.sin6_addr, -- inaddr_buf, sizeof(inaddr_buf)); -- inaddr_buf[sizeof(inaddr_buf) - 1] = '\0'; -- if (p_ret == NULL) -- { -- inaddr_buf[0] = '\0'; -- } -- return inaddr_buf; -+ static char result[INET6_ADDRSTRLEN]; -+ return inet_ntop(AF_INET6, &p_sockptr->u.u_sockaddr_in6.sin6_addr, result, INET6_ADDRSTRLEN); - } - else - { -@@ -2227,12 +2220,6 @@ - } - } - --const char* --vsf_sysutil_inet_ntoa(const void* p_raw_addr) --{ -- return inet_ntoa(*((struct in_addr*)p_raw_addr)); --} -- - int - vsf_sysutil_inet_aton(const char* p_text, struct vsf_sysutil_sockaddr* p_addr) - { -@@ -2241,7 +2228,7 @@ - { - bug("bad family"); - } -- if (inet_aton(p_text, &sin_addr)) -+ if (inet_pton(AF_INET, p_text, &sin_addr)) - { - vsf_sysutil_memcpy(&p_addr->u.u_sockaddr_in.sin_addr, - &sin_addr, sizeof(p_addr->u.u_sockaddr_in.sin_addr)); -@@ -2257,37 +2244,46 @@ - vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, - const char* p_name) - { -- struct hostent* hent = gethostbyname(p_name); -- if (hent == NULL) -+ struct addrinfo *result; -+ struct addrinfo hints; -+ int ret; -+ -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_family = AF_UNSPEC; -+ -+ if ((ret = getaddrinfo(p_name, NULL, &hints, &result)) != 0) - { -+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(ret)); - die2("cannot resolve host:", p_name); - } - vsf_sysutil_sockaddr_clear(p_sockptr); -- if (hent->h_addrtype == AF_INET) -+ if (result->ai_family == AF_INET) - { -- unsigned int len = hent->h_length; -+ unsigned int len = result->ai_addrlen; - if (len > sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr)) - { - len = sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr); - } - vsf_sysutil_sockaddr_alloc_ipv4(p_sockptr); - vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in.sin_addr, -- hent->h_addr_list[0], len); -+ &result->ai_addrlen, len); - } -- else if (hent->h_addrtype == AF_INET6) -+ else if (result->ai_family == AF_INET6) - { -- unsigned int len = hent->h_length; -+ unsigned int len = result->ai_addrlen; - if (len > sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr)) - { - len = sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr); - } - vsf_sysutil_sockaddr_alloc_ipv6(p_sockptr); - vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in6.sin6_addr, -- hent->h_addr_list[0], len); -+ &result->ai_addrlen, len); - } - else - { -- die("gethostbyname(): neither IPv4 nor IPv6"); -+ freeaddrinfo(result); -+ die("getaddrinfo(): neither IPv4 nor IPv6"); - } -+ freeaddrinfo(result); - } - -diff -urN vsftpd-3.0.5-orig/sysutil.h vsftpd-3.0.5/sysutil.h ---- vsftpd-3.0.5-orig/sysutil.h 2021-05-18 08:50:21.000000000 +0200 -+++ vsftpd-3.0.5/sysutil.h 2023-02-13 15:59:22.088331075 +0100 -@@ -277,7 +277,6 @@ - - const char* vsf_sysutil_inet_ntop( - const struct vsf_sysutil_sockaddr* p_sockptr); --const char* vsf_sysutil_inet_ntoa(const void* p_raw_addr); - int vsf_sysutil_inet_aton( - const char* p_text, struct vsf_sysutil_sockaddr* p_addr); - diff --git a/vsftpd-3.0.5-use-old-tlsv-options.patch b/vsftpd-3.0.5-use-old-tlsv-options.patch deleted file mode 100644 index 7c37ce9..0000000 --- a/vsftpd-3.0.5-use-old-tlsv-options.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- parseconf-orig.c 2022-10-25 15:17:18.990701984 +0200 -+++ parseconf.c 2022-10-25 15:12:44.213480000 +0200 -@@ -85,9 +85,9 @@ - { "ssl_sslv2", &tunable_sslv2 }, - { "ssl_sslv3", &tunable_sslv3 }, - { "ssl_tlsv1", &tunable_tlsv1 }, -- { "ssl_tlsv11", &tunable_tlsv1_1 }, -- { "ssl_tlsv12", &tunable_tlsv1_2 }, -- { "ssl_tlsv13", &tunable_tlsv1_3 }, -+ { "ssl_tlsv1_1", &tunable_tlsv1_1 }, -+ { "ssl_tlsv1_2", &tunable_tlsv1_2 }, -+ { "ssl_tlsv1_3", &tunable_tlsv1_3 }, - { "tilde_user_enable", &tunable_tilde_user_enable }, - { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, - { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, diff --git a/vsftpd-tmpfiles.conf b/vsftpd-tmpfiles.conf deleted file mode 100644 index f1a385c..0000000 --- a/vsftpd-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /var/ftp 0755 root root - -d /var/ftp/pub 0755 root root - diff --git a/vsftpd.service b/vsftpd.service index 4a41b72..8ebae44 100644 --- a/vsftpd.service +++ b/vsftpd.service @@ -1,6 +1,6 @@ [Unit] Description=Vsftpd ftp daemon -After=network-online.target +After=network.target [Service] Type=forking diff --git a/vsftpd.spec b/vsftpd.spec index d8e0a58..e3f1e06 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -1,12 +1,13 @@ %global _generatorsdir %{_prefix}/lib/systemd/system-generators Name: vsftpd -Version: 3.0.5 -Release: 14%{?dist} +Version: 3.0.3 +Release: 8%{?dist} Summary: Very Secure Ftp Daemon +Group: System Environment/Daemons # OpenSSL link exception -License: GPL-2.0-only WITH vsftpd-openssl-exception +License: GPLv2 with exceptions URL: https://security.appspot.com/vsftpd.html Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz Source1: vsftpd.xinetd @@ -18,15 +19,13 @@ Source7: vsftpd.service Source8: vsftpd@.service Source9: vsftpd.target Source10: vsftpd-generator -Source11: vsftpd-tmpfiles.conf -BuildRequires: make BuildRequires: pam-devel BuildRequires: libcap-devel BuildRequires: openssl-devel BuildRequires: systemd +BuildRequires: tcp_wrappers-devel BuildRequires: git -BuildRequires: gcc Requires: logrotate @@ -62,45 +61,10 @@ Patch29: 0029-Fix-segfault-in-config-file-parser.patch Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch +Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch +Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch -Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch -Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch -Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch -Patch40: 0040-Use-system-wide-crypto-policy.patch -Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch -Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch -Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch -Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch -Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch -Patch47: 0047-Disable-tcp_wrappers-support.patch -Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch -Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch -Patch50: 0050-Don-t-link-with-libnsl.patch -Patch51: 0051-Improve-documentation-of-better_stou-in-the-man-page.patch -Patch52: 0052-Fix-rDNS-with-IPv6.patch -Patch53: 0053-Always-do-chdir-after-chroot.patch -Patch54: 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch -Patch55: 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch -Patch56: 0056-Log-die-calls-to-syslog.patch -Patch57: 0057-Improve-error-message-when-max-number-of-bind-attemp.patch -Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch -Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch -Patch61: 0001-Move-closing-standard-FDs-after-listen.patch -Patch62: 0002-Prevent-recursion-in-bug.patch -Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch -Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch -Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch -Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch -Patch68: 0002-Drop-an-unused-global-variable.patch -Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch -Patch70: fix-str_open.patch -Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch -Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch -Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch -Patch74: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch -Patch75: vsftpd-3.0.5-use-old-tlsv-options.patch -Patch76: 0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -111,22 +75,21 @@ scratch. cp %{SOURCE1} . %build - %ifarch s390x sparcv9 sparc64 -%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ +make CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ %else -%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ +make CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ %endif - LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags} + LINK="-pie -lssl" %{?_smp_mflags} %install -mkdir -p $RPM_BUILD_ROOT%{_bindir} +mkdir -p $RPM_BUILD_ROOT%{_sbindir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{vsftpd,pam.d,logrotate.d} mkdir -p $RPM_BUILD_ROOT%{_mandir}/man{5,8} mkdir -p $RPM_BUILD_ROOT%{_unitdir} mkdir -p $RPM_BUILD_ROOT%{_generatorsdir} -install -m 755 vsftpd $RPM_BUILD_ROOT%{_bindir}/vsftpd +install -m 755 vsftpd $RPM_BUILD_ROOT%{_sbindir}/vsftpd install -m 600 vsftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/vsftpd.conf install -m 644 vsftpd.conf.5 $RPM_BUILD_ROOT/%{_mandir}/man5/ install -m 644 vsftpd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/ @@ -139,7 +102,6 @@ install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_unitdir} install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_unitdir} install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir} install -m 755 %{SOURCE10} $RPM_BUILD_ROOT%{_generatorsdir} -install -Dpm 644 %{SOURCE11} $RPM_BUILD_ROOT%{_tmpfilesdir}/vsftpd.conf mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub @@ -154,9 +116,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %systemd_postun_with_restart vsftpd.service %files +%defattr(-,root,root,-) %{_unitdir}/* %{_generatorsdir}/* -%{_bindir}/vsftpd +%{_sbindir}/vsftpd %dir %{_sysconfdir}/vsftpd %{_sysconfdir}/vsftpd/vsftpd_conf_migrate.sh %config(noreplace) %{_sysconfdir}/vsftpd/ftpusers @@ -169,214 +132,8 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_mandir}/man5/vsftpd.conf.* %{_mandir}/man8/vsftpd.* %{_var}/ftp -%{_tmpfilesdir}/vsftpd.conf %changelog -* Wed Jan 14 2026 Tomas Korbar - 3.0.5-14 -- Resolve CVE-2025-14242 - -* Thu Dec 18 2025 Fedor Vorobev - 3.0.5-13 -- Add a tmpfiles.d config. (image mode support) - -* Fri Jul 25 2025 Fedora Release Engineering - 3.0.5-12 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild - -* Tue Apr 15 2025 Tomas Korbar - 3.0.5-11 -- Move executable to bindir - -* Fri Jan 24 2025 Stepan Broz - 3.0.5-10 -- Correct the definition of setup_bio_callbacks() in ssl.c - -* Sun Jan 19 2025 Fedora Release Engineering - 3.0.5-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Mon Aug 19 2024 Tomas Korbar - 3.0.5-8 -- Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled - -* Sat Jul 20 2024 Fedora Release Engineering - 3.0.5-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Sat Jan 27 2024 Fedora Release Engineering - 3.0.5-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Sat Jul 22 2023 Fedora Release Engineering - 3.0.5-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Thu May 04 2023 Richard Lescak - 3.0.5-4 -- add option for TLSv1.3 ciphersuites -- SPDX migration - -* Fri Feb 17 2023 Richard Lescak - 3.0.5-3 -- make vsftpd compatible with Openssl 3.0+ -- replace old network functions - -* Sat Jan 21 2023 Fedora Release Engineering - 3.0.5-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Thu Jul 28 2022 Richard Lescak 3.0.5-1 -- rebase to version 3.0.5 - -* Sat Jul 23 2022 Fedora Release Engineering - 3.0.3-51 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Sat Jan 22 2022 Fedora Release Engineering - 3.0.3-50 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Wed Oct 27 2021 Artem Egorenkov - 3.0.3-49 -- add option to disable TLSv1.3 -- Resolves: rhbz#2017705 - -* Wed Oct 13 2021 Artem Egorenkov - 3.0.3-48 -- ALPACA fix backported from upstram 3.0.5 version -- Resolves: rhbz#1975648 - -* Wed Oct 13 2021 Artem Egorenkov - 3.0.3-47 -- Temporary pass -Wno-deprecated-declarations to gcc to ignore - deprecated warnings to be able to build against OpenSSL-3.0 -- Resolves: rhbz#1962603 - -* Tue Sep 14 2021 Sahana Prasad - 3.0.3-46 -- Rebuilt with OpenSSL 3.0.0 - -* Fri Jul 23 2021 Fedora Release Engineering - 3.0.3-45 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Thu Apr 8 2021 Artem Egorenkov - 3.0.3-44 -- Enable support for wide-character strings in logs -- Replace unprintables with HEX code, not question marks - -* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.0.3-43 -- Rebuilt for updated systemd-rpm-macros - See https://pagure.io/fesco/issue/2583. - -* Wed Jan 27 2021 Fedora Release Engineering - 3.0.3-42 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Fri Nov 27 2020 Timm Bäder - 3.0.3-41 -- Fix str_open() so it doesn't warn when compiled with clang -- Pass $RPM_LD_FLAGS when linking - -* Mon Nov 02 2020 Artem Egorenkov - 3.0.3-40 -- Unit files fixed "After=network-online.target" - -* Wed Jul 29 2020 Fedora Release Engineering - 3.0.3-39 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue Mar 17 2020 Ondřej Lysoněk - 3.0.3-38 -- Removed a hint about the ftp_home_dir SELinux boolean from the config file -- Resolves: rhbz#1623424 - -* Thu Feb 13 2020 Ondřej Lysoněk - 3.0.3-37 -- Fix timestamp handling in MDTM -- Resolves: rhbz#1567855 - -* Fri Feb 07 2020 Ondřej Lysoněk - 3.0.3-36 -- Fix build with gcc 10 -- Resolves: rhbz#1800239 - -* Fri Jan 31 2020 Fedora Release Engineering - 3.0.3-35 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Fri Jan 17 2020 Tom Stellard - 3.0.3-34 -- Use make_build macro - -* Thu Nov 28 2019 Ondřej Lysoněk - 3.0.3-33 -- Finish up the fix to the problem with bad utmp entries when pututxline() fails -- Resolves: rhbz#1688852 -- Resolves: rhbz#1737433 - -* Mon Aug 05 2019 Ondřej Lysoněk - 3.0.3-32 -- Partially fix problem with bad utmp entries when pututxline() fails -- Resolves: rhbz#1688848 - -* Sat Aug 03 2019 Ondřej Lysoněk - 3.0.3-31 -- Fix segfault when listen() returns an error -- Resolves: rhbz#1666380 - -* Sat Jul 27 2019 Fedora Release Engineering - 3.0.3-30 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Sun Feb 03 2019 Fedora Release Engineering - 3.0.3-29 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-28 -- Rebuilt, switched to SHA512 source tarball hash - -* Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-27 -- Fix a segfault when running as PID 1 - -* Sat Jul 14 2018 Fedora Release Engineering - 3.0.3-26 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Tue Jun 19 2018 Ondřej Lysoněk - 3.0.3-25 -- Add config option log_die allowing to pass error messages to syslog -- Add config option bind_retries allowing to change the max number -- of attempts to find a listening port for the PASV/EPSV command -- Resolves: rhbz#1318198 - -* Fri Jun 01 2018 Ondřej Lysoněk - 3.0.3-24 -- Fix filename expansion in vsftpd_conf_migrate.sh ... again - -* Thu May 10 2018 Ondřej Lysoněk - 3.0.3-23 -- Fix issues found by Coverity Scan - -* Fri Apr 27 2018 Ondřej Lysoněk - 3.0.3-22 -- Fix filename expansion in vsftpd_conf_migrate.sh - -* Thu Apr 05 2018 Ondřej Lysoněk - 3.0.3-21 -- Improve documentation of better_stou in the man page - -* Mon Feb 19 2018 Ondřej Lysoněk - 3.0.3-20 -- Add gcc to BuildRequires - -* Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-19 -- Don't link with libnsl - -* Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-18 -- Add a new config option 'better_stou', which can be used to enable - a better algorithm for generating unique filenames for the STOU command. -- Resolves: rhbz#1479237 - -* Wed Jan 10 2018 Ondřej Lysoněk - 3.0.3-17 -- Add BuildRequires: libnsl2-devel -- https://fedoraproject.org/wiki/Changes/NISIPv6 - -* Fri Jan 05 2018 Ondřej Lysoněk - 3.0.3-16 -- Disable tcp_wrappers support -- Resolves: rhbz#1518796 -- Fix default value of strict_ssl_read_eof in man page - -* Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-15 -- Expand the explanation of the ascii_* options behaviour - -* Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-14 -- Disable anonymous_enable in default config file -- Resolves: rhbz#1338637 - -* Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-13 -- Document the new default for ssl_ciphers in the man page -- Related: rhbz#1483970 -- When handling FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2 -- Patch was written by Martin Sehnoutka -- Resolves: rhbz#1432054 -- Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default - -* Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-12 -- Use system wide crypto policy -- Resolves: rhbz#1483970 - -* Fri Nov 24 2017 Ondřej Lysoněk - 3.0.3-11 -- Improve documentation of ASCII mode in the man page -- Resolves: rhbz#1139409 - -* Tue Oct 31 2017 Ondřej Lysoněk - 3.0.3-10 -- Document allow_writeable_chroot in the man page -- Resolves: rhbz#1507143 - -* Thu Oct 26 2017 Ondřej Lysoněk - 3.0.3-9 -- Document the relationship of text_userdb_names and chroot_local_user -- Resolves: rhbz#1439724 - * Tue Sep 05 2017 Ondřej Lysoněk - 3.0.3-8 - Build against OpenSSL 1.1 - Redefine VSFTP_COMMAND_FD to 1 to get errors generated during diff --git a/vsftpd.target b/vsftpd.target index 3828bf8..3f0a942 100644 --- a/vsftpd.target +++ b/vsftpd.target @@ -1,6 +1,6 @@ [Unit] Description=FTP daemon -After=network-online.target +After=network.target [Install] WantedBy=multi-user.target diff --git a/vsftpd@.service b/vsftpd@.service index b063f8f..f3a7a16 100644 --- a/vsftpd@.service +++ b/vsftpd@.service @@ -1,6 +1,6 @@ [Unit] Description=Vsftpd ftp daemon -After=network-online.target +After=network.target PartOf=vsftpd.target [Service] diff --git a/vsftpd_conf_migrate.sh b/vsftpd_conf_migrate.sh index 582c20d..47abeb8 100755 --- a/vsftpd_conf_migrate.sh +++ b/vsftpd_conf_migrate.sh @@ -1,9 +1,8 @@ #!/bin/bash #move old config files and symlink them #shipped with vsftpd-2.0.1-6 -shopt -s nullglob PREFIX="vsftpd" -for file in /etc/${PREFIX}.*; do +for file in $( ls /etc/${PREFIX}.* ); do if [ ! -L $file ]; then new=`echo $file | sed s/${PREFIX}\./${PREFIX}\\\\//g | sed s/\.rpmsave//g` mv -f ${file} ${new}