From 178f53fd5f1af1eca8e4e460921396f39d6d4ccc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 26 Oct 2017 13:23:57 +0200 Subject: [PATCH 01/73] Document the relationship of text_userdb_names and chroot_local_user Resolves: rhbz#1439724 --- ...ationship-of-text_userdb_names-and-c.patch | 29 +++++++++++++++++++ vsftpd.spec | 7 ++++- 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 0037-Document-the-relationship-of-text_userdb_names-and-c.patch diff --git a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch new file mode 100644 index 0000000..7bf92ae --- /dev/null +++ b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch @@ -0,0 +1,29 @@ +From 221f35f302d53f5a89f8e79592492e7cb322e81a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 26 Oct 2017 13:08:32 +0200 +Subject: [PATCH 37/37] Document the relationship of text_userdb_names and + chroot_local_user + +Note in vsftpd.conf(5) that text_userdb_names may not work when +chroot_local_user is set to YES. +--- + vsftpd.conf.5 | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index a3d569e..45b3f9c 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -578,6 +578,9 @@ Default: NO + By default, numeric IDs are shown in the user and group fields of directory + listings. You can get textual names by enabling this parameter. It is off + by default for performance reasons. ++Note that textual names are not guaranteed when ++.BR chroot_local_user ++is set to YES. + + Default: NO + .TP +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index e3f1e06..db2cbc8 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -65,6 +65,7 @@ Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch +Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -134,6 +135,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Oct 26 2017 Ondřej Lysoněk - 3.0.3-9 +- Document the relationship of text_userdb_names and chroot_local_user +- Resolves: rhbz#1439724 + * Tue Sep 05 2017 Ondřej Lysoněk - 3.0.3-8 - Build against OpenSSL 1.1 - Redefine VSFTP_COMMAND_FD to 1 to get errors generated during From 0d16113de4272560193b1e7376beaf69bc52c69c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 31 Oct 2017 16:17:50 +0100 Subject: [PATCH 02/73] Document allow_writeable_chroot in the man page Resolves: rhbz#1507143 --- ...low_writeable_chroot-in-the-man-page.patch | 32 +++++++++++++++++++ vsftpd.spec | 7 +++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 0038-Document-allow_writeable_chroot-in-the-man-page.patch diff --git a/0038-Document-allow_writeable_chroot-in-the-man-page.patch b/0038-Document-allow_writeable_chroot-in-the-man-page.patch new file mode 100644 index 0000000..50aeee4 --- /dev/null +++ b/0038-Document-allow_writeable_chroot-in-the-man-page.patch @@ -0,0 +1,32 @@ +From a565aa70aafd5c955680e43bb396c8a371fee6a9 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 31 Oct 2017 16:13:46 +0100 +Subject: [PATCH 38/38] Document allow_writeable_chroot in the man page + +--- + vsftpd.conf.5 | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 45b3f9c..d1f0db5 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -56,6 +56,15 @@ Only applies if + is active. If set to YES, anonymous users will be allowed to use secured SSL + connections. + ++Default: NO ++.TP ++.B allow_writeable_chroot ++Allow chroot()'ing a user to a directory writable by that user. Note that ++setting this to YES is potentially dangerous. For example, if the user ++creates an 'etc' directory in the new root directory, they could potentially ++trick the C library into loading a user-created configuration file from the ++/etc/ directory. ++ + Default: NO + .TP + .B anon_mkdir_write_enable +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index db2cbc8..abd4948 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -66,6 +66,7 @@ Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch +Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -135,6 +136,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Oct 31 2017 Ondřej Lysoněk - 3.0.3-10 +- Document allow_writeable_chroot in the man page +- Resolves: rhbz#1507143 + * Thu Oct 26 2017 Ondřej Lysoněk - 3.0.3-9 - Document the relationship of text_userdb_names and chroot_local_user - Resolves: rhbz#1439724 From e38d5f28a1ce9acd680b88c39a5f92ec8cfc5d54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 24 Nov 2017 11:24:56 +0100 Subject: [PATCH 03/73] Reset author in a patch Reset author in the patch 0038-Document-allow_writeable_chroot-in-the-man-page.patch --- 0038-Document-allow_writeable_chroot-in-the-man-page.patch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/0038-Document-allow_writeable_chroot-in-the-man-page.patch b/0038-Document-allow_writeable_chroot-in-the-man-page.patch index 50aeee4..f8d8c1d 100644 --- a/0038-Document-allow_writeable_chroot-in-the-man-page.patch +++ b/0038-Document-allow_writeable_chroot-in-the-man-page.patch @@ -1,6 +1,6 @@ -From a565aa70aafd5c955680e43bb396c8a371fee6a9 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 31 Oct 2017 16:13:46 +0100 +From 35ec3be5427a54facd5f6299fda2da4c146d4846 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 24 Nov 2017 11:22:43 +0100 Subject: [PATCH 38/38] Document allow_writeable_chroot in the man page --- From f200da9342424e55a88d23823092fc626222dbaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 24 Nov 2017 11:34:23 +0100 Subject: [PATCH 04/73] Improve documentation of ASCII mode in the man page Resolves: rhbz#1139409 --- ...tation-of-ASCII-mode-in-the-man-page.patch | 34 +++++++++++++++++++ vsftpd.spec | 7 +++- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch diff --git a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch new file mode 100644 index 0000000..4b32923 --- /dev/null +++ b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch @@ -0,0 +1,34 @@ +From 7d4b76abb437184fa692533cb5537318026a30e8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 24 Nov 2017 11:26:37 +0100 +Subject: [PATCH 39/39] Improve documentation of ASCII mode in the man page + +--- + vsftpd.conf.5 | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index d1f0db5..3ca55e4 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -113,11 +113,17 @@ Default: YES + .TP + .B ascii_download_enable + When enabled, ASCII mode data transfers will be honoured on downloads. ++When disabled, the server will pretend to allow ASCII mode but in fact ++ignore the request. Turn this option on to have the server actually do ++ASCII mangling on files when in ASCII mode. + + Default: NO + .TP + .B ascii_upload_enable + When enabled, ASCII mode data transfers will be honoured on uploads. ++See also ++.BR ascii_download_enable ++for more details. + + Default: NO + .TP +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index abd4948..b75f1c4 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 10%{?dist} +Release: 11%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -67,6 +67,7 @@ Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch +Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -136,6 +137,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Nov 24 2017 Ondřej Lysoněk - 3.0.3-11 +- Improve documentation of ASCII mode in the man page +- Resolves: rhbz#1139409 + * Tue Oct 31 2017 Ondřej Lysoněk - 3.0.3-10 - Document allow_writeable_chroot in the man page - Resolves: rhbz#1507143 From 071c1c3826a8073a3e339108f11382a614179065 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Dec 2017 12:26:20 +0100 Subject: [PATCH 05/73] Use system wide crypto policy Resolves: rhbz#1483970 --- 0040-Use-system-wide-crypto-policy.patch | 27 ++++++++++++++++++++++++ vsftpd.spec | 7 +++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 0040-Use-system-wide-crypto-policy.patch diff --git a/0040-Use-system-wide-crypto-policy.patch b/0040-Use-system-wide-crypto-policy.patch new file mode 100644 index 0000000..d79530b --- /dev/null +++ b/0040-Use-system-wide-crypto-policy.patch @@ -0,0 +1,27 @@ +From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001 +From: Martin Sehnoutka +Date: Tue, 29 Aug 2017 10:32:16 +0200 +Subject: [PATCH 40/40] Use system wide crypto policy + +Resolves: rhbz#1483970 +--- + tunables.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/tunables.c b/tunables.c +index 5440c00..354251c 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -297,8 +297,7 @@ tunables_load_defaults() + install_str_setting(0, &tunable_dsa_cert_file); + install_str_setting(0, &tunable_dh_param_file); + install_str_setting(0, &tunable_ecdh_param_file); +- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384", +- &tunable_ssl_ciphers); ++ install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers); + install_str_setting(0, &tunable_rsa_private_key_file); + install_str_setting(0, &tunable_dsa_private_key_file); + install_str_setting(0, &tunable_ca_certs_file); +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index b75f1c4..f51ffba 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 11%{?dist} +Release: 12%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -68,6 +68,7 @@ Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch +Patch40: 0040-Use-system-wide-crypto-policy.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -137,6 +138,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-12 +- Use system wide crypto policy +- Resolves: rhbz#1483970 + * Fri Nov 24 2017 Ondřej Lysoněk - 3.0.3-11 - Improve documentation of ASCII mode in the man page - Resolves: rhbz#1139409 From adb9788c891574c0a83ddcfbb3aaff823a181b50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Dec 2017 14:43:27 +0100 Subject: [PATCH 06/73] Fix docs for ssl_ciphers, fix FEAT handling, disable TLSv1, TLSv1.1 Document the new default for ssl_ciphers in the man page Related: rhbz#1483970 When handling the FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2 Patch was written by Martin Sehnoutka Resolves: rhbz#1432054 Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default. --- ...-default-for-ssl_ciphers-in-the-man-.patch | 31 +++++++++++ ...AT-command-check-ssl_tlsv1_1-and-ssl.patch | 32 +++++++++++ 0043-Enable-only-TLSv1.2-by-default.patch | 53 +++++++++++++++++++ vsftpd.spec | 13 ++++- 4 files changed, 128 insertions(+), 1 deletion(-) create mode 100644 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch create mode 100644 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch create mode 100644 0043-Enable-only-TLSv1.2-by-default.patch diff --git a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch new file mode 100644 index 0000000..e004e0f --- /dev/null +++ b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch @@ -0,0 +1,31 @@ +From 2369d1ea5144d525d315aba90da528e7d9bfd1cc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 21 Dec 2017 14:19:18 +0100 +Subject: [PATCH 41/41] Document the new default for ssl_ciphers in the man + page + +Related: rhbz#1483970 +--- + vsftpd.conf.5 | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 3ca55e4..2a7662e 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -1078,7 +1078,11 @@ man page for further details. Note that restricting ciphers can be a useful + security precaution as it prevents malicious remote parties forcing a cipher + which they have found problems with. + +-Default: AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384 ++By default, the system-wide crypto policy is used. See ++.BR update-crypto-policies(8) ++for further details. ++ ++Default: PROFILE=SYSTEM + .TP + .B user_config_dir + This powerful option allows the override of any config option specified in +-- +2.14.3 + diff --git a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch new file mode 100644 index 0000000..542cd69 --- /dev/null +++ b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch @@ -0,0 +1,32 @@ +From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 21 Dec 2017 14:29:25 +0100 +Subject: [PATCH 42/42] When handling FEAT command, check ssl_tlsv1_1 and + ssl_tlsv1_2 + +Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1 +or ssl_tlsv1_2 configuration option is enabled. + +The patch was written by Martin Sehnoutka. + +Resolves: rhbz#1432054 +--- + features.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/features.c b/features.c +index 1212980..d024366 100644 +--- a/features.c ++++ b/features.c +@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess) + { + vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); + } +- if (tunable_tlsv1) ++ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2) + { + vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); + } +-- +2.14.3 + diff --git a/0043-Enable-only-TLSv1.2-by-default.patch b/0043-Enable-only-TLSv1.2-by-default.patch new file mode 100644 index 0000000..ca8b1d3 --- /dev/null +++ b/0043-Enable-only-TLSv1.2-by-default.patch @@ -0,0 +1,53 @@ +From 75c942c77aa575143c5b75637e64a925ad12641a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 21 Dec 2017 16:38:40 +0100 +Subject: [PATCH 43/43] Enable only TLSv1.2 by default + +Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default. +--- + tunables.c | 6 +++--- + vsftpd.conf.5 | 4 ++-- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/tunables.c b/tunables.c +index 354251c..9680528 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -211,9 +211,9 @@ tunables_load_defaults() + tunable_force_local_data_ssl = 1; + tunable_sslv2 = 0; + tunable_sslv3 = 0; +- /* TLSv1 up to TLSv1.2 is enabled by default */ +- tunable_tlsv1 = 1; +- tunable_tlsv1_1 = 1; ++ tunable_tlsv1 = 0; ++ tunable_tlsv1_1 = 0; ++ /* Only TLSv1.2 is enabled by default */ + tunable_tlsv1_2 = 1; + tunable_tilde_user_enable = 0; + tunable_force_anon_logins_ssl = 0; +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 2a7662e..df14027 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -539,7 +539,7 @@ Only applies if + is activated. If enabled, this option will permit TLS v1 protocol connections. + TLS v1.2 connections are preferred. + +-Default: YES ++Default: NO + .TP + .B ssl_tlsv1_1 + Only applies if +@@ -547,7 +547,7 @@ Only applies if + is activated. If enabled, this option will permit TLS v1.1 protocol connections. + TLS v1.2 connections are preferred. + +-Default: YES ++Default: NO + .TP + .B ssl_tlsv1_2 + Only applies if +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index f51ffba..35e803f 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 12%{?dist} +Release: 13%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -69,6 +69,9 @@ Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch Patch40: 0040-Use-system-wide-crypto-policy.patch +Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch +Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch +Patch43: 0043-Enable-only-TLSv1.2-by-default.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -138,6 +141,14 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-13 +- Document the new default for ssl_ciphers in the man page +- Related: rhbz#1483970 +- When handling FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2 +- Patch was written by Martin Sehnoutka +- Resolves: rhbz#1432054 +- Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default + * Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-12 - Use system wide crypto policy - Resolves: rhbz#1483970 From d8fa56df7a02506135f4b562783604efbeb3ee0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 10:06:40 +0100 Subject: [PATCH 07/73] Disable anonymous_enable in default config file Resolves: rhbz#1338637 --- vsftpd.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 35e803f..fbe289d 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 13%{?dist} +Release: 14%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -72,6 +72,7 @@ Patch40: 0040-Use-system-wide-crypto-policy.patch Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch Patch43: 0043-Enable-only-TLSv1.2-by-default.patch +Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -141,6 +142,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-14 +- Disable anonymous_enable in default config file +- Resolves: rhbz#1338637 + * Thu Dec 21 2017 Ondřej Lysoněk - 3.0.3-13 - Document the new default for ssl_ciphers in the man page - Related: rhbz#1483970 From a3ebf226c90633008e5a5cf4697885ed5335daab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 10:07:55 +0100 Subject: [PATCH 08/73] Add patch forgotten in last commit --- ...nymous_enable-in-default-config-file.patch | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 0044-Disable-anonymous_enable-in-default-config-file.patch diff --git a/0044-Disable-anonymous_enable-in-default-config-file.patch b/0044-Disable-anonymous_enable-in-default-config-file.patch new file mode 100644 index 0000000..cc9eace --- /dev/null +++ b/0044-Disable-anonymous_enable-in-default-config-file.patch @@ -0,0 +1,26 @@ +From ffaeebcfdb56ba75392af21c68c0bac78a226b55 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 2 Jan 2018 09:54:43 +0100 +Subject: [PATCH 44/44] Disable anonymous_enable in default config file + +Resolves: rhbz#1338637 +--- + vsftpd.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/vsftpd.conf b/vsftpd.conf +index 39d1955..4626c1b 100644 +--- a/vsftpd.conf ++++ b/vsftpd.conf +@@ -9,7 +9,7 @@ + # capabilities. + # + # Allow anonymous FTP? (Beware - allowed by default if you comment this out). +-anonymous_enable=YES ++anonymous_enable=NO + # + # Uncomment this to allow local users to log in. + # When SELinux is enforcing check for SE bool ftp_home_dir +-- +2.14.3 + From fe56946d0eadb41a642e3044f534400455e56230 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 16:49:50 +0100 Subject: [PATCH 09/73] Expand the explanation of the ascii_* options behaviour --- ...on-of-ascii_-options-behaviour-in-ma.patch | 52 +++++++++++++++++++ ...r-to-the-man-page-regarding-the-asci.patch | 27 ++++++++++ vsftpd.spec | 7 ++- 3 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch create mode 100644 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch diff --git a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch new file mode 100644 index 0000000..b4a6f59 --- /dev/null +++ b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch @@ -0,0 +1,52 @@ +From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 2 Jan 2018 16:25:55 +0100 +Subject: [PATCH 45/46] Expand explanation of ascii_* options behaviour in man + page + +--- + vsftpd.conf.5 | 22 ++++++++++++++++++---- + 1 file changed, 18 insertions(+), 4 deletions(-) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index df14027..a5abeb2 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -114,16 +114,30 @@ Default: YES + .B ascii_download_enable + When enabled, ASCII mode data transfers will be honoured on downloads. + When disabled, the server will pretend to allow ASCII mode but in fact +-ignore the request. Turn this option on to have the server actually do ++ignore requests to activate it. So the client will think the ASCII mode ++is active and therefore may still translate any ++.BR ++character sequences in the received file. See the following article for ++a detailed explanation of the behaviour: ++https://access.redhat.com/articles/3250241. ++ ++Turn this option on to have the server actually do + ASCII mangling on files when in ASCII mode. + + Default: NO + .TP + .B ascii_upload_enable + When enabled, ASCII mode data transfers will be honoured on uploads. +-See also +-.BR ascii_download_enable +-for more details. ++When disabled, the server will pretend to allow ASCII mode but in fact ++ignore requests to activate it. So the client will think the ASCII mode ++is active and will translate native line terminators to the standard ++.BR ++line terminators for transmission, but the server will not do ++any translation. See the following article for a detailed explanation ++of the behaviour: https://access.redhat.com/articles/3250241. ++ ++Turn this option on to have the server actually do ++ASCII mangling on files when in ASCII mode. + + Default: NO + .TP +-- +2.14.3 + diff --git a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch new file mode 100644 index 0000000..9e8b8ea --- /dev/null +++ b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch @@ -0,0 +1,27 @@ +From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 2 Jan 2018 16:33:18 +0100 +Subject: [PATCH 46/46] vsftpd.conf: Refer to the man page regarding the + ascii_* options + +--- + vsftpd.conf | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/vsftpd.conf b/vsftpd.conf +index 4626c1b..e70bc6d 100644 +--- a/vsftpd.conf ++++ b/vsftpd.conf +@@ -73,7 +73,8 @@ xferlog_std_format=YES + # + # By default the server will pretend to allow ASCII mode but in fact ignore + # the request. Turn on the below options to have the server actually do ASCII +-# mangling on files when in ASCII mode. ++# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains ++# the behaviour when these options are disabled. + # Beware that on some FTP servers, ASCII support allows a denial of service + # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd + # predicted this attack and has always been safe, reporting the size of the +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index fbe289d..05e8dc2 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 14%{?dist} +Release: 15%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -73,6 +73,8 @@ Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch Patch43: 0043-Enable-only-TLSv1.2-by-default.patch Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch +Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch +Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -142,6 +144,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-15 +- Expand the explanation of the ascii_* options behaviour + * Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-14 - Disable anonymous_enable in default config file - Resolves: rhbz#1338637 From c1815032433e064fcff3f2deac50290f163b88e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 5 Jan 2018 10:42:56 +0100 Subject: [PATCH 10/73] Disable tcp_wrappers support, fix man page Disable tcp_wrappers support Resolves: rhbz#1518796 Fix default value of strict_ssl_read_eof in man page --- 0047-Disable-tcp_wrappers-support.patch | 49 +++++++++++++++++++ ...e-of-strict_ssl_read_eof-in-man-page.patch | 29 +++++++++++ vsftpd.spec | 10 +++- 3 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 0047-Disable-tcp_wrappers-support.patch create mode 100644 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch diff --git a/0047-Disable-tcp_wrappers-support.patch b/0047-Disable-tcp_wrappers-support.patch new file mode 100644 index 0000000..ce64f2d --- /dev/null +++ b/0047-Disable-tcp_wrappers-support.patch @@ -0,0 +1,49 @@ +From b383ec42bb750419fea102fccf36af5216145eb2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 5 Jan 2018 09:17:13 +0100 +Subject: [PATCH 47/48] Disable tcp_wrappers support + +Resolves: rhbz#1518796 +--- + Makefile | 2 +- + builddefs.h | 1 - + vsftpd.conf | 1 - + 3 files changed, 1 insertion(+), 3 deletions(-) + +diff --git a/Makefile b/Makefile +index 98118dc..612994e 100644 +--- a/Makefile ++++ b/Makefile +@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \ + -D_FORTIFY_SOURCE=2 \ + #-pedantic -Wconversion + +-LIBS = -lwrap -lnsl -lpam -lcap -ldl -lcrypto ++LIBS = -lnsl -lpam -lcap -ldl -lcrypto + LINK = -Wl,-s + LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now + +diff --git a/builddefs.h b/builddefs.h +index 83de674..2aa3a4c 100644 +--- a/builddefs.h ++++ b/builddefs.h +@@ -1,7 +1,6 @@ + #ifndef VSF_BUILDDEFS_H + #define VSF_BUILDDEFS_H + +-#define VSF_BUILD_TCPWRAPPERS + #define VSF_BUILD_PAM + #define VSF_BUILD_SSL + +diff --git a/vsftpd.conf b/vsftpd.conf +index e70bc6d..6b8eebb 100644 +--- a/vsftpd.conf ++++ b/vsftpd.conf +@@ -125,4 +125,3 @@ listen_ipv6=YES + + pam_service_name=vsftpd + userlist_enable=YES +-tcp_wrappers=YES +-- +2.14.3 + diff --git a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch new file mode 100644 index 0000000..5fbb2cc --- /dev/null +++ b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch @@ -0,0 +1,29 @@ +From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 5 Jan 2018 09:40:09 +0100 +Subject: [PATCH 48/48] Fix default value of strict_ssl_read_eof in man page + +--- + vsftpd.conf.5 | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index a5abeb2..43b0435 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -574,10 +574,9 @@ Default: YES + .B strict_ssl_read_eof + If enabled, SSL data uploads are required to terminate via SSL, not an + EOF on the socket. This option is required to be sure that an attacker did +-not terminate an upload prematurely with a faked TCP FIN. Unfortunately, it +-is not enabled by default because so few clients get it right. (New in v2.0.7). ++not terminate an upload prematurely with a faked TCP FIN. (New in v2.0.7). + +-Default: NO ++Default: YES + .TP + .B strict_ssl_write_shutdown + If enabled, SSL data downloads are required to terminate via SSL, not an +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index 05e8dc2..b95acb7 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 15%{?dist} +Release: 16%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -24,7 +24,6 @@ BuildRequires: pam-devel BuildRequires: libcap-devel BuildRequires: openssl-devel BuildRequires: systemd -BuildRequires: tcp_wrappers-devel BuildRequires: git Requires: logrotate @@ -75,6 +74,8 @@ Patch43: 0043-Enable-only-TLSv1.2-by-default.patch Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch +Patch47: 0047-Disable-tcp_wrappers-support.patch +Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -144,6 +145,11 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jan 05 2018 Ondřej Lysoněk - 3.0.3-16 +- Disable tcp_wrappers support +- Resolves: rhbz#1518796 +- Fix default value of strict_ssl_read_eof in man page + * Tue Jan 02 2018 Ondřej Lysoněk - 3.0.3-15 - Expand the explanation of the ascii_* options behaviour From e413c71aa351a208815bc2f6c7883234a0f65a95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 17 Jan 2018 13:30:01 +0100 Subject: [PATCH 11/73] Add BuildRequires: libnsl2-devel Add BuildRequires: libnsl2-devel because of https://fedoraproject.org/wiki/Changes/NISIPv6 --- vsftpd.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index b95acb7..de2f47b 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 16%{?dist} +Release: 17%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -25,6 +25,7 @@ BuildRequires: libcap-devel BuildRequires: openssl-devel BuildRequires: systemd BuildRequires: git +BuildRequires: libnsl2-devel Requires: logrotate @@ -145,6 +146,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Jan 10 2018 Ondřej Lysoněk - 3.0.3-17 +- Add BuildRequires: libnsl2-devel +- https://fedoraproject.org/wiki/Changes/NISIPv6 + * Fri Jan 05 2018 Ondřej Lysoněk - 3.0.3-16 - Disable tcp_wrappers support - Resolves: rhbz#1518796 From 37f8d87aad5c8f3c0f47f5698e73f94dcd12900f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 6 Feb 2018 15:07:15 +0100 Subject: [PATCH 12/73] Add new filename generation algorithm for STOU command A new configuration option 'better_stou' can be used to enable a better algorithm for generating unique filenames. Resolves: rhbz#1479237 --- ...-generation-algorithm-for-STOU-comma.patch | 322 ++++++++++++++++++ vsftpd.spec | 8 +- 2 files changed, 329 insertions(+), 1 deletion(-) create mode 100644 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch diff --git a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch new file mode 100644 index 0000000..bfbb871 --- /dev/null +++ b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch @@ -0,0 +1,322 @@ +From 1203b943b369651d96d057f8190f14f015e6ff0b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 6 Feb 2018 13:30:44 +0100 +Subject: [PATCH 49/49] Add new filename generation algorithm for STOU command + +A new configuration option 'better_stou' can be used to enable +a better algorithm for generating unique filenames. + +Resolves: rhbz#1479237 +--- + parseconf.c | 1 + + postlogin.c | 176 +++++++++++++++++++++++++++++++++++++++++++++++++--------- + sysutil.c | 3 + + sysutil.h | 3 +- + tunables.c | 2 + + tunables.h | 3 + + vsftpd.conf.5 | 5 ++ + 7 files changed, 166 insertions(+), 27 deletions(-) + +diff --git a/parseconf.c b/parseconf.c +index 33a1349..47b54f1 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -111,6 +111,7 @@ parseconf_bool_array[] = + { "http_enable", &tunable_http_enable }, + { "seccomp_sandbox", &tunable_seccomp_sandbox }, + { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, ++ { "better_stou", &tunable_better_stou }, + { 0, 0 } + }; + +diff --git a/postlogin.c b/postlogin.c +index 8363c9c..7c749ef 100644 +--- a/postlogin.c ++++ b/postlogin.c +@@ -29,6 +29,7 @@ + #include "opts.h" + + #include ++#include + + /* Private local functions */ + static void handle_pwd(struct vsf_session* p_sess); +@@ -1028,6 +1029,114 @@ handle_stor(struct vsf_session* p_sess) + handle_upload_common(p_sess, 0, 0); + } + ++/* Based on __gen_tempname() from glibc - thanks, glibc! Relicensed ++ * from LGPL2.1+ to GPL2. ++ */ ++static int ++create_unique_file(struct vsf_session* p_sess, struct mystr* p_outstr, ++ const struct mystr* p_base_str, ++ int (*access_checker)(const struct mystr*)) ++{ ++ struct mystr s_result = INIT_MYSTR; ++ const int suffix_len = 6; ++ unsigned int count; ++ static unsigned long long int value; ++ unsigned long long int random_time_bits; ++ int fd = -1; ++ /* These are the characters used in temporary file names. */ ++ struct mystr s_letters = INIT_MYSTR; ++ unsigned int s_letters_len; ++ int base_len; ++ ++ str_alloc_text(&s_letters, ++ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); ++ s_letters_len = str_getlen(&s_letters); ++ ++ /* A lower bound on the number of temporary files to attempt to ++ generate. The maximum total number of temporary file names that ++ can exist for a given template is 62**6. It should never be ++ necessary to try all of these combinations. Instead if a reasonable ++ number of names is tried (we define reasonable as 62**3) fail to ++ give the system administrator the chance to remove the problems. */ ++#define ATTEMPTS_MIN (62 * 62 * 62) ++ ++ /* The number of times to attempt to generate a temporary file. */ ++#if ATTEMPTS_MIN < TMP_MAX ++ unsigned int attempts = TMP_MAX; ++#else ++ unsigned int attempts = ATTEMPTS_MIN; ++#endif ++#undef ATTEMPTS_MIN ++ ++ { ++ long sec = vsf_sysutil_get_time_sec(); ++ long usec = vsf_sysutil_get_time_usec(); ++ random_time_bits = ((unsigned long long int) usec << 16) ^ sec; ++ value += random_time_bits ^ vsf_sysutil_getpid(); ++ } ++ ++ if (str_isempty(p_base_str)) ++ { ++ const char *base = "STOU."; ++ base_len = vsf_sysutil_strlen(base); ++ str_reserve(&s_result, base_len + suffix_len); ++ str_alloc_text(&s_result, base); ++ } ++ else ++ { ++ str_reserve(&s_result, str_getlen(p_base_str) + suffix_len + 1); ++ str_copy(&s_result, p_base_str); ++ str_append_char(&s_result, '.'); ++ base_len = str_getlen(&s_result); ++ } ++ ++ for (count = 0; count < attempts; value += 7777, ++count) ++ { ++ unsigned long long v = value; ++ str_trunc(&s_result, base_len); ++ for (int i = 0; i < suffix_len; ++i) ++ { ++ char c; ++ c = str_get_char_at(&s_letters, v % s_letters_len); ++ v /= s_letters_len; ++ str_append_char(&s_result, c); ++ } ++ if (!access_checker(&s_result)) ++ { ++ /* If we generate a filename which is not allowed, we fail immediatelly, ++ * without trying any other possibilities. This is to prevent attackers ++ * from keeping us busy. ++ */ ++ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); ++ break; ++ } ++ fd = str_create_exclusive(&s_result); ++ if (vsf_sysutil_retval_is_error(fd)) ++ { ++ if (kVSFSysUtilErrEXIST == vsf_sysutil_get_error()) ++ { ++ continue; ++ } ++ else ++ { ++ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); ++ break; ++ } ++ } ++ else ++ { ++ break; ++ } ++ } ++ if (!vsf_sysutil_retval_is_error(fd)) ++ { ++ str_copy(p_outstr, &s_result); ++ } ++ str_free(&s_letters); ++ str_free(&s_result); ++ return fd; ++} ++ + static void + handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique) + { +@@ -1049,41 +1158,56 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique) + return; + } + resolve_tilde(&p_sess->ftp_arg_str, p_sess); +- p_filename = &p_sess->ftp_arg_str; +- if (is_unique) +- { +- get_unique_filename(&s_filename, p_filename); +- p_filename = &s_filename; +- } + vsf_log_start_entry(p_sess, kVSFLogEntryUpload); + str_copy(&p_sess->log_str, &p_sess->ftp_arg_str); + prepend_path_to_filename(&p_sess->log_str); +- if (!vsf_access_check_file(p_filename)) +- { +- vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); +- return; +- } +- /* NOTE - actual file permissions will be governed by the tunable umask */ +- /* XXX - do we care about race between create and chown() of anonymous +- * upload? +- */ +- if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable)) ++ p_filename = &p_sess->ftp_arg_str; ++ if (is_unique && tunable_better_stou) + { +- new_file_fd = str_create_exclusive(p_filename); ++ new_file_fd = create_unique_file(p_sess, &s_filename, p_filename, ++ vsf_access_check_file); ++ if (vsf_sysutil_retval_is_error(new_file_fd)) ++ { ++ return; ++ } ++ p_filename = &s_filename; + } + else + { +- /* For non-anonymous, allow open() to overwrite or append existing files */ +- new_file_fd = str_create(p_filename); +- if (!is_append && offset == 0) ++ if (is_unique) + { +- do_truncate = 1; ++ get_unique_filename(&s_filename, p_filename); ++ p_filename = &s_filename; ++ } ++ if (!vsf_access_check_file(p_filename)) ++ { ++ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied."); ++ return; ++ } ++ /* NOTE - actual file permissions will be governed by the tunable umask */ ++ /* XXX - do we care about race between create and chown() of anonymous ++ * upload? ++ */ ++ if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable)) ++ { ++ new_file_fd = str_create_exclusive(p_filename); ++ } ++ else ++ { ++ /* For non-anonymous, allow open() to overwrite or append existing ++ * files ++ */ ++ new_file_fd = str_create(p_filename); ++ if (!is_append && offset == 0) ++ { ++ do_truncate = 1; ++ } ++ } ++ if (vsf_sysutil_retval_is_error(new_file_fd)) ++ { ++ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); ++ return; + } +- } +- if (vsf_sysutil_retval_is_error(new_file_fd)) +- { +- vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file."); +- return; + } + created = 1; + vsf_sysutil_fstat(new_file_fd, &s_p_statbuf); +diff --git a/sysutil.c b/sysutil.c +index 1c0422e..e847650 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -1666,6 +1666,9 @@ vsf_sysutil_get_error(void) + case EAGAIN: + retval = kVSFSysUtilErrAGAIN; + break; ++ case EEXIST: ++ retval = kVSFSysUtilErrEXIST; ++ break; + default: + break; + } +diff --git a/sysutil.h b/sysutil.h +index be727f5..7a59f13 100644 +--- a/sysutil.h ++++ b/sysutil.h +@@ -19,7 +19,8 @@ enum EVSFSysUtilError + kVSFSysUtilErrOPNOTSUPP, + kVSFSysUtilErrACCES, + kVSFSysUtilErrNOENT, +- kVSFSysUtilErrAGAIN ++ kVSFSysUtilErrAGAIN, ++ kVSFSysUtilErrEXIST + }; + enum EVSFSysUtilError vsf_sysutil_get_error(void); + +diff --git a/tunables.c b/tunables.c +index 9680528..5ec2bdc 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -92,6 +92,7 @@ int tunable_ftp_enable; + int tunable_http_enable; + int tunable_seccomp_sandbox; + int tunable_allow_writeable_chroot; ++int tunable_better_stou; + + unsigned int tunable_accept_timeout; + unsigned int tunable_connect_timeout; +@@ -239,6 +240,7 @@ tunables_load_defaults() + tunable_http_enable = 0; + tunable_seccomp_sandbox = 0; + tunable_allow_writeable_chroot = 0; ++ tunable_better_stou = 0; + + tunable_accept_timeout = 60; + tunable_connect_timeout = 60; +diff --git a/tunables.h b/tunables.h +index a466427..85ea1a8 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -93,6 +93,9 @@ extern int tunable_ftp_enable; /* Allow FTP protocol */ + extern int tunable_http_enable; /* Allow HTTP protocol */ + extern int tunable_seccomp_sandbox; /* seccomp filter sandbox */ + extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */ ++extern int tunable_better_stou; /* Use better file name generation ++ * algorithm for the STOU command ++ */ + + /* Integer/numeric defines */ + extern unsigned int tunable_accept_timeout; +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 43b0435..6911a73 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -65,6 +65,11 @@ creates an 'etc' directory in the new root directory, they could potentially + trick the C library into loading a user-created configuration file from the + /etc/ directory. + ++Default: NO ++.TP ++.B better_stou ++Use better file name generation algorithm for the STOU command. ++ + Default: NO + .TP + .B anon_mkdir_write_enable +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index de2f47b..988cec6 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 17%{?dist} +Release: 18%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -77,6 +77,7 @@ Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch Patch47: 0047-Disable-tcp_wrappers-support.patch Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch +Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -146,6 +147,11 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-18 +- Add a new config option 'better_stou', which can be used to enable + a better algorithm for generating unique filenames for the STOU command. +- Resolves: rhbz#1479237 + * Wed Jan 10 2018 Ondřej Lysoněk - 3.0.3-17 - Add BuildRequires: libnsl2-devel - https://fedoraproject.org/wiki/Changes/NISIPv6 From e26d2ceeaac4cf019aa3ab5a6650b2da9a1ef2ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 6 Feb 2018 18:17:12 +0100 Subject: [PATCH 13/73] Don't link with libnsl --- 0050-Don-t-link-with-libnsl.patch | 27 +++++++++++++++++++++++++++ vsftpd.spec | 7 +++++-- 2 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 0050-Don-t-link-with-libnsl.patch diff --git a/0050-Don-t-link-with-libnsl.patch b/0050-Don-t-link-with-libnsl.patch new file mode 100644 index 0000000..c907980 --- /dev/null +++ b/0050-Don-t-link-with-libnsl.patch @@ -0,0 +1,27 @@ +From f8663f35d5d150f0533bb052e48306b9a5111d87 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 6 Feb 2018 18:04:53 +0100 +Subject: [PATCH 50/50] Don't link with libnsl + +Don't link with libnsl. It builds just fine without it and +vsf_findlibs.sh enables it only when tcp_wrappers is enabled. +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 612994e..0f7411c 100644 +--- a/Makefile ++++ b/Makefile +@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \ + -D_FORTIFY_SOURCE=2 \ + #-pedantic -Wconversion + +-LIBS = -lnsl -lpam -lcap -ldl -lcrypto ++LIBS = -lpam -lcap -ldl -lcrypto + LINK = -Wl,-s + LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now + +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index 988cec6..821d997 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 18%{?dist} +Release: 19%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -25,7 +25,6 @@ BuildRequires: libcap-devel BuildRequires: openssl-devel BuildRequires: systemd BuildRequires: git -BuildRequires: libnsl2-devel Requires: logrotate @@ -78,6 +77,7 @@ Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch Patch47: 0047-Disable-tcp_wrappers-support.patch Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch +Patch50: 0050-Don-t-link-with-libnsl.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -147,6 +147,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-19 +- Don't link with libnsl + * Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-18 - Add a new config option 'better_stou', which can be used to enable a better algorithm for generating unique filenames for the STOU command. From 3617ae075ab985b3c5717821e8f57643ad7990b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Mon, 19 Feb 2018 14:28:33 +0100 Subject: [PATCH 14/73] Add gcc to BuildRequires --- vsftpd.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 821d997..cfd4e2c 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 19%{?dist} +Release: 20%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -25,6 +25,7 @@ BuildRequires: libcap-devel BuildRequires: openssl-devel BuildRequires: systemd BuildRequires: git +BuildRequires: gcc Requires: logrotate @@ -147,6 +148,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Mon Feb 19 2018 Ondřej Lysoněk - 3.0.3-20 +- Add gcc to BuildRequires + * Tue Feb 06 2018 Ondřej Lysoněk - 3.0.3-19 - Don't link with libnsl From a5222c1cb2078df3a6f90bb9444b821cc384da89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 5 Apr 2018 12:34:02 +0200 Subject: [PATCH 15/73] Improve documentation of better_stou in the man page --- ...ation-of-better_stou-in-the-man-page.patch | 30 +++++++++++++++++++ vsftpd.spec | 6 +++- 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 0001-Improve-documentation-of-better_stou-in-the-man-page.patch diff --git a/0001-Improve-documentation-of-better_stou-in-the-man-page.patch b/0001-Improve-documentation-of-better_stou-in-the-man-page.patch new file mode 100644 index 0000000..e1293ab --- /dev/null +++ b/0001-Improve-documentation-of-better_stou-in-the-man-page.patch @@ -0,0 +1,30 @@ +From 765f99b26705c8d6fe2be4feb07f4c91e7eb96f9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 5 Apr 2018 12:29:03 +0200 +Subject: [PATCH] Improve documentation of better_stou in the man page + +--- + vsftpd.conf.5 | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 6911a73..e9ae474 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -68,7 +68,12 @@ trick the C library into loading a user-created configuration file from the + Default: NO + .TP + .B better_stou +-Use better file name generation algorithm for the STOU command. ++Use a better file name generation algorithm for the STOU command. The default ++original algorithm simply adds an increasing number suffix to the file name, ++which is prone to race conditions if multiple uploaders use the STOU command ++with the same file name simultaneously, which can result in failure of the ++command. The new algorithm adds a unique random six character suffix to ++the file name, which works much better in face of concurrent uploads. + + Default: NO + .TP +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index cfd4e2c..bfd1d68 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 20%{?dist} +Release: 21%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -79,6 +79,7 @@ Patch47: 0047-Disable-tcp_wrappers-support.patch Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch Patch50: 0050-Don-t-link-with-libnsl.patch +Patch51: 0001-Improve-documentation-of-better_stou-in-the-man-page.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -148,6 +149,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Apr 05 2018 Ondřej Lysoněk - 3.0.3-21 +- Improve documentation of better_stou in the man page + * Mon Feb 19 2018 Ondřej Lysoněk - 3.0.3-20 - Add gcc to BuildRequires From 4d37c01b055ad622a6bdbcf58870ee6a8dca7ced Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 17 Apr 2018 13:46:13 +0200 Subject: [PATCH 16/73] Fix filename expansion in vsftpd_conf_migrate.sh --- vsftpd.spec | 5 ++++- vsftpd_conf_migrate.sh | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/vsftpd.spec b/vsftpd.spec index bfd1d68..a98b407 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 21%{?dist} +Release: 22%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -149,6 +149,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Apr 27 2018 Ondřej Lysoněk - 3.0.3-22 +- Fix filename expansion in vsftpd_conf_migrate.sh + * Thu Apr 05 2018 Ondřej Lysoněk - 3.0.3-21 - Improve documentation of better_stou in the man page diff --git a/vsftpd_conf_migrate.sh b/vsftpd_conf_migrate.sh index 47abeb8..a94d6c1 100755 --- a/vsftpd_conf_migrate.sh +++ b/vsftpd_conf_migrate.sh @@ -2,7 +2,7 @@ #move old config files and symlink them #shipped with vsftpd-2.0.1-6 PREFIX="vsftpd" -for file in $( ls /etc/${PREFIX}.* ); do +for file in /etc/${PREFIX}.*; do if [ ! -L $file ]; then new=`echo $file | sed s/${PREFIX}\./${PREFIX}\\\\//g | sed s/\.rpmsave//g` mv -f ${file} ${new} From f2b42b7996447fde95825ccf6464b473e4d67108 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 10 May 2018 09:59:12 +0200 Subject: [PATCH 17/73] Fix issues found by Coverity Scan --- 0001-Fix-rDNS-with-IPv6.patch | 195 ++++++++++++++++++ 0002-Always-do-chdir-after-chroot.patch | 32 +++ ...imeo-Check-return-value-of-setsockop.patch | 33 +++ ...tz-Check-the-return-value-of-syscall.patch | 108 ++++++++++ vsftpd.spec | 9 +- 5 files changed, 376 insertions(+), 1 deletion(-) create mode 100644 0001-Fix-rDNS-with-IPv6.patch create mode 100644 0002-Always-do-chdir-after-chroot.patch create mode 100644 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch create mode 100644 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch diff --git a/0001-Fix-rDNS-with-IPv6.patch b/0001-Fix-rDNS-with-IPv6.patch new file mode 100644 index 0000000..2328968 --- /dev/null +++ b/0001-Fix-rDNS-with-IPv6.patch @@ -0,0 +1,195 @@ +From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 26 Apr 2018 10:00:19 +0200 +Subject: [PATCH 1/4] Fix rDNS with IPv6 + +Previously IPv6 addresses were not translated to hostnames for PAM to use. +--- + privops.c | 3 ++- + sysdeputil.c | 28 +++++++++++++++------------- + sysdeputil.h | 5 ++++- + sysutil.c | 35 +++++++++++++++++++++++++++++++++++ + sysutil.h | 4 ++++ + 5 files changed, 60 insertions(+), 15 deletions(-) + +diff --git a/privops.c b/privops.c +index f27c5c4..e577a27 100644 +--- a/privops.c ++++ b/privops.c +@@ -383,7 +383,8 @@ handle_local_login(struct vsf_session* p_sess, + struct mystr* p_user_str, + const struct mystr* p_pass_str) + { +- if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str)) ++ if (!vsf_sysdep_check_auth(p_sess, p_user_str, p_pass_str, ++ &p_sess->remote_ip_str)) + { + return kVSFLoginFail; + } +diff --git a/sysdeputil.c b/sysdeputil.c +index 2063c87..4fe56c2 100644 +--- a/sysdeputil.c ++++ b/sysdeputil.c +@@ -16,10 +16,6 @@ + #include "tunables.h" + #include "builddefs.h" + +-/* For gethostbyaddr, inet_addr */ +-#include +-#include +- + /* For Linux, this adds nothing :-) */ + #include "port/porting_junk.h" + +@@ -242,13 +238,15 @@ void vsf_remove_uwtmp(void); + + #ifndef VSF_SYSDEP_HAVE_PAM + int +-vsf_sysdep_check_auth(struct mystr* p_user_str, ++vsf_sysdep_check_auth(struct vsf_session* p_sess, ++ struct mystr* p_user_str, + const struct mystr* p_pass_str, + const struct mystr* p_remote_host) + { + const char* p_crypted; + const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str)); + (void) p_remote_host; ++ (void) p_sess; + if (p_pwd == NULL) + { + return 0; +@@ -322,14 +320,14 @@ static int pam_conv_func(int nmsg, const struct pam_message** p_msg, + static void vsf_auth_shutdown(void); + + int +-vsf_sysdep_check_auth(struct mystr* p_user_str, ++vsf_sysdep_check_auth(struct vsf_session* p_sess, ++ struct mystr* p_user_str, + const struct mystr* p_pass_str, + const struct mystr* p_remote_host) + { + int retval = -1; + #ifdef PAM_RHOST +- struct sockaddr_in sin; +- struct hostent *host; ++ struct mystr hostname = INIT_MYSTR; + #endif + pam_item_t item; + const char* pam_user_name = 0; +@@ -354,13 +352,17 @@ vsf_sysdep_check_auth(struct mystr* p_user_str, + return 0; + } + #ifdef PAM_RHOST +- if (tunable_reverse_lookup_enable) { +- sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host)); +- host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET); +- if (host != (struct hostent*)0) +- retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name); ++ if (tunable_reverse_lookup_enable) ++ { ++ if (vsf_sysutil_get_hostname(p_sess->p_remote_addr, &hostname) == 0) ++ { ++ retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(&hostname)); ++ str_free(&hostname); ++ } + else ++ { + retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host)); ++ } + } else { + retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host)); + } +diff --git a/sysdeputil.h b/sysdeputil.h +index 3b6b30a..6f2aa0a 100644 +--- a/sysdeputil.h ++++ b/sysdeputil.h +@@ -5,6 +5,8 @@ + #include "filesize.h" + #endif + ++#include "session.h" ++ + /* VSF_SYSDEPUTIL_H: + * Support for highly system dependent features, and querying for support + * or lack thereof +@@ -15,7 +17,8 @@ struct mystr; + + /* Authentication of local users */ + /* Return 0 for fail, 1 for success */ +-int vsf_sysdep_check_auth(struct mystr* p_user, ++int vsf_sysdep_check_auth(struct vsf_session* p_sess, ++ struct mystr* p_user, + const struct mystr* p_pass, + const struct mystr* p_remote_host); + +diff --git a/sysutil.c b/sysutil.c +index e847650..b68583b 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -2356,6 +2356,41 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, + } + } + ++int ++vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr, ++ struct mystr* p_str) ++{ ++ struct sockaddr *sa; ++ socklen_t sa_len = 0; ++ char hostname[NI_MAXHOST]; ++ int res; ++ ++ sa = &p_addr->u.u_sockaddr; ++ if (sa->sa_family == AF_INET) ++ { ++ sa_len = sizeof(struct sockaddr_in); ++ } ++ else if (sa->sa_family == AF_INET6) ++ { ++ sa_len = sizeof(struct sockaddr_in6); ++ } ++ else ++ { ++ die("can only support ipv4 and ipv6 currently"); ++ } ++ res = getnameinfo(sa, sa_len, hostname, sizeof(hostname), NULL, 0, ++ NI_NAMEREQD); ++ if (res == 0) ++ { ++ str_alloc_text(p_str, hostname); ++ return 0; ++ } ++ else ++ { ++ return -1; ++ } ++} ++ + struct vsf_sysutil_user* + vsf_sysutil_getpwuid(const unsigned int uid) + { +diff --git a/sysutil.h b/sysutil.h +index 7a59f13..2df14ed 100644 +--- a/sysutil.h ++++ b/sysutil.h +@@ -7,6 +7,8 @@ + #include "filesize.h" + #endif + ++#include "str.h" ++ + /* Return value queries */ + int vsf_sysutil_retval_is_error(int retval); + enum EVSFSysUtilError +@@ -266,6 +268,8 @@ int vsf_sysutil_connect_timeout(int fd, + unsigned int wait_seconds); + void vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, + const char* p_name); ++int vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr, ++ struct mystr* p_str); + /* Option setting on sockets */ + void vsf_sysutil_activate_keepalive(int fd); + void vsf_sysutil_rcvtimeo(int fd); +-- +2.14.3 + diff --git a/0002-Always-do-chdir-after-chroot.patch b/0002-Always-do-chdir-after-chroot.patch new file mode 100644 index 0000000..566ca09 --- /dev/null +++ b/0002-Always-do-chdir-after-chroot.patch @@ -0,0 +1,32 @@ +From 315f9720db94af3319c9550feaf473b9cf09aeac Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 3 May 2018 13:20:28 +0200 +Subject: [PATCH 2/4] Always do chdir("/") after chroot() + +Always do chdir("/") after chroot() to be more sure we'll never get out +of it. This will not affect the working directory after calling +vsf_sysutil_chroot(), because in the current state vsftpd always calls +vsf_sysutil_chroot("."). +--- + sysutil.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/sysutil.c b/sysutil.c +index b68583b..3014c05 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -2588,6 +2588,11 @@ vsf_sysutil_chroot(const char* p_root_path) + { + die("chroot"); + } ++ retval = chdir("/"); ++ if (retval != 0) ++ { ++ die("chdir"); ++ } + } + + unsigned int +-- +2.14.3 + diff --git a/0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch b/0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch new file mode 100644 index 0000000..337fa28 --- /dev/null +++ b/0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch @@ -0,0 +1,33 @@ +From ca27e6e34d89fc247a164ed7330735644f97d7d8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Wed, 9 May 2018 20:15:29 +0200 +Subject: [PATCH 3/4] vsf_sysutil_rcvtimeo: Check return value of setsockopt + +--- + sysutil.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/sysutil.c b/sysutil.c +index 3014c05..de5f876 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -684,10 +684,15 @@ void + vsf_sysutil_rcvtimeo(int fd) + { + struct timeval tv; ++ int retval; + + tv.tv_sec = tunable_data_connection_timeout; + tv.tv_usec = 0; +- setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); ++ retval = setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); ++ if (retval != 0) ++ { ++ die("setsockopt: rcvtimeo"); ++ } + } + + void +-- +2.14.3 + diff --git a/0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch b/0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch new file mode 100644 index 0000000..72f70b1 --- /dev/null +++ b/0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch @@ -0,0 +1,108 @@ +From c7ac05fdf2a7b53d901bfc3afeb9a61916aaaaf1 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Wed, 9 May 2018 20:26:37 +0200 +Subject: [PATCH 4/4] vsf_sysutil_get_tz: Check the return value of syscalls + +Check the return value of syscalls. There's always the possibility that +they'll fail. (Failure of close() is not handled though, apart from EINTR. +The file is open read-only so it shouldn't fail, and even if it does, +it's not tragic.) + +We return NULL in case of syscall failure. One might be tempted to simply +call die() when any kind of error occurs when parsing the timezone data, +but I think it's more in line with the behaviour of tzset(3) not to do +anything drastic in such a case (tzset() will silently use UTC when +the value given in the TZ environment variable is invalid). +--- + sysutil.c | 46 +++++++++++++++++++++++++++++++++++++--------- + 1 file changed, 37 insertions(+), 9 deletions(-) + +diff --git a/sysutil.c b/sysutil.c +index de5f876..fd07d99 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -2647,12 +2647,12 @@ error: + die("reopening standard file descriptors to /dev/null failed"); + } + +-char* vsf_sysutil_get_tz() ++char* vsf_sysutil_get_tz(void) + { + char *ret_tz = NULL; + char buff[BUFTZSIZ]; + off_t s_pos, e_pos; +- size_t rcnt, rest; ++ ssize_t rcnt, rest; + int fd; + + if ((fd = open(F_LOCALTIME, O_RDONLY)) > -1) +@@ -2663,8 +2663,12 @@ char* vsf_sysutil_get_tz() + return NULL; + } + s_pos = e_pos > BUFTZSIZ ? e_pos - BUFTZSIZ : 0; +- lseek(fd, s_pos, SEEK_SET); +- rcnt = read(fd, buff, BUFTZSIZ); ++ if (lseek(fd, s_pos, SEEK_SET) == -1 || ++ (rcnt = vsf_sysutil_read(fd, buff, BUFTZSIZ)) == -1) ++ { ++ close(fd); ++ return NULL; ++ } + + if (rcnt && buff[rcnt-1] == '\n') + { +@@ -2680,10 +2684,25 @@ char* vsf_sysutil_get_tz() + int len = e_pos - s_pos - offset; + if (len) + { +- lseek(fd, s_pos + offset, SEEK_SET); ++ if (lseek(fd, s_pos + offset, SEEK_SET) == -1) ++ { ++ close(fd); ++ return NULL; ++ } + ret_tz = calloc(1, len+4); ++ if (ret_tz == NULL) ++ { ++ close(fd); ++ return NULL; ++ } + memcpy(ret_tz, "TZ=", 3); +- rcnt = read(fd, ret_tz+3, len); ++ rcnt = vsf_sysutil_read(fd, ret_tz+3, len); ++ if (rcnt == -1) ++ { ++ free(ret_tz); ++ close(fd); ++ return NULL; ++ } + } + break; + } +@@ -2693,11 +2712,20 @@ char* vsf_sysutil_get_tz() + } + rest = s_pos > BUFTZSIZ ? s_pos - BUFTZSIZ : 0; + s_pos -= rest; +- lseek(fd, s_pos, SEEK_SET); +- rcnt = read(fd, buff, rest); ++ if (lseek(fd, s_pos, SEEK_SET) == -1) ++ { ++ close(fd); ++ return NULL; ++ } ++ rcnt = vsf_sysutil_read(fd, buff, rest); ++ if (rcnt == -1) ++ { ++ close(fd); ++ return NULL; ++ } + } while (rcnt > 0); + +- close (fd); ++ (void) vsf_sysutil_close_errno(fd); + } + + return ret_tz; +-- +2.14.3 + diff --git a/vsftpd.spec b/vsftpd.spec index a98b407..745d1a2 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 22%{?dist} +Release: 23%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -80,6 +80,10 @@ Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch Patch50: 0050-Don-t-link-with-libnsl.patch Patch51: 0001-Improve-documentation-of-better_stou-in-the-man-page.patch +Patch52: 0001-Fix-rDNS-with-IPv6.patch +Patch53: 0002-Always-do-chdir-after-chroot.patch +Patch54: 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch +Patch55: 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -149,6 +153,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu May 10 2018 Ondřej Lysoněk - 3.0.3-23 +- Fix issues found by Coverity Scan + * Fri Apr 27 2018 Ondřej Lysoněk - 3.0.3-22 - Fix filename expansion in vsftpd_conf_migrate.sh From 81c7e83b2e0d5a8e793e813fcadb3e10c67a7876 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 1 Jun 2018 22:38:48 +0200 Subject: [PATCH 18/73] Fix filename expansion in vsftpd_conf_migrate.sh ... again We need to run 'shopt -s nullglob', otherwise the glob pattern will expand to itself if no matching files exist. --- vsftpd.spec | 5 ++++- vsftpd_conf_migrate.sh | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 745d1a2..2ba5f82 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 23%{?dist} +Release: 24%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -153,6 +153,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jun 01 2018 Ondřej Lysoněk - 3.0.3-24 +- Fix filename expansion in vsftpd_conf_migrate.sh ... again + * Thu May 10 2018 Ondřej Lysoněk - 3.0.3-23 - Fix issues found by Coverity Scan diff --git a/vsftpd_conf_migrate.sh b/vsftpd_conf_migrate.sh index a94d6c1..582c20d 100755 --- a/vsftpd_conf_migrate.sh +++ b/vsftpd_conf_migrate.sh @@ -1,6 +1,7 @@ #!/bin/bash #move old config files and symlink them #shipped with vsftpd-2.0.1-6 +shopt -s nullglob PREFIX="vsftpd" for file in /etc/${PREFIX}.*; do if [ ! -L $file ]; then From 550be6b7d6dc5136b8d4699e64f0531807ec075c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Jun 2018 10:09:03 +0200 Subject: [PATCH 19/73] Log error messages to syslog Add config option log_die allowing to pass error messages to syslog. Add config option bind_retries allowing to change the max number of attempts to find a listening port for the PASV/EPSV command. Resolves: rhbz#1318198 --- 0001-Log-die-calls-to-syslog.patch | 206 ++++++++++++++++++ ...ssage-when-max-number-of-bind-attemp.patch | 27 +++ ...e-max-number-of-bind-retries-tunable.patch | 103 +++++++++ vsftpd.spec | 11 +- 4 files changed, 346 insertions(+), 1 deletion(-) create mode 100644 0001-Log-die-calls-to-syslog.patch create mode 100644 0002-Improve-error-message-when-max-number-of-bind-attemp.patch create mode 100644 0003-Make-the-max-number-of-bind-retries-tunable.patch diff --git a/0001-Log-die-calls-to-syslog.patch b/0001-Log-die-calls-to-syslog.patch new file mode 100644 index 0000000..d6aa2f8 --- /dev/null +++ b/0001-Log-die-calls-to-syslog.patch @@ -0,0 +1,206 @@ +From ee6af258e8cb1a7fada5e6d3e54429b89f12b158 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 15 Jun 2018 12:02:21 +0200 +Subject: [PATCH 1/3] Log die() calls to syslog + +Pass messages given to die(), die2() and bug() to syslog. Currently this +functionality requires waiting for a short amount of time (1 second is +used) after logging the message and before exiting. This is a workaround +for the following systemd bug: +https://github.com/systemd/systemd/issues/2913 + +The need for this workaround is the main reason why I decided not to +enable this functionality by default. + +Resolves: rhbz#1318198 +Resolves: rhbz#1582672 +--- + logging.c | 13 +++++++++---- + logging.h | 2 ++ + main.c | 4 ++++ + parseconf.c | 1 + + tcpwrap.c | 3 --- + tunables.c | 2 ++ + tunables.h | 2 ++ + utility.c | 11 +++++++++++ + vsftpd.conf.5 | 10 ++++++++++ + 9 files changed, 41 insertions(+), 7 deletions(-) + +diff --git a/logging.c b/logging.c +index c4461f7..9e86808 100644 +--- a/logging.c ++++ b/logging.c +@@ -30,10 +30,6 @@ static void vsf_log_do_log_to_file(int fd, struct mystr* p_str); + void + vsf_log_init(struct vsf_session* p_sess) + { +- if (tunable_syslog_enable || tunable_tcp_wrappers) +- { +- vsf_sysutil_openlog(0); +- } + if (!tunable_xferlog_enable && !tunable_dual_log_enable) + { + return; +@@ -389,3 +385,12 @@ vsf_log_do_log_vsftpd_format(struct vsf_session* p_sess, struct mystr* p_str, + } + } + ++void ++vsf_log_die(const char* p_text) ++{ ++ struct mystr log_str = INIT_MYSTR; ++ ++ str_append_text(&log_str, "ERROR: "); ++ str_append_text(&log_str, p_text); ++ str_syslog(&log_str, 1); ++} +diff --git a/logging.h b/logging.h +index 1ff57d1..75f06c1 100644 +--- a/logging.h ++++ b/logging.h +@@ -91,5 +91,7 @@ void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what, + void vsf_log_failed_line(struct vsf_session* p_sess, enum EVSFLogEntryType what, + struct mystr* p_str); + ++void vsf_log_die(const char* p_text); ++ + #endif /* VSF_LOGGING_H */ + +diff --git a/main.c b/main.c +index f039081..1178d44 100644 +--- a/main.c ++++ b/main.c +@@ -120,6 +120,10 @@ main(int argc, const char* argv[]) + } + vsf_sysutil_free(p_statbuf); + } ++ if (tunable_log_die || tunable_syslog_enable || tunable_tcp_wrappers) ++ { ++ vsf_sysutil_openlog(0); ++ } + /* Resolve pasv_address if required */ + if (tunable_pasv_address && tunable_pasv_addr_resolve) + { +diff --git a/parseconf.c b/parseconf.c +index 47b54f1..aeb401a 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -112,6 +112,7 @@ parseconf_bool_array[] = + { "seccomp_sandbox", &tunable_seccomp_sandbox }, + { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, + { "better_stou", &tunable_better_stou }, ++ { "log_die", &tunable_log_die }, + { 0, 0 } + }; + +diff --git a/tcpwrap.c b/tcpwrap.c +index 5bf57d3..132b771 100644 +--- a/tcpwrap.c ++++ b/tcpwrap.c +@@ -27,15 +27,12 @@ int + vsf_tcp_wrapper_ok(int remote_fd) + { + struct request_info req; +- vsf_sysutil_openlog(0); + request_init(&req, RQ_DAEMON, "vsftpd", RQ_FILE, remote_fd, 0); + fromhost(&req); + if (!hosts_access(&req)) + { +- vsf_sysutil_closelog(); + return 0; + } +- vsf_sysutil_closelog(); + return 1; + } + +diff --git a/tunables.c b/tunables.c +index 5ec2bdc..63de8e6 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -93,6 +93,7 @@ int tunable_http_enable; + int tunable_seccomp_sandbox; + int tunable_allow_writeable_chroot; + int tunable_better_stou; ++int tunable_log_die; + + unsigned int tunable_accept_timeout; + unsigned int tunable_connect_timeout; +@@ -241,6 +242,7 @@ tunables_load_defaults() + tunable_seccomp_sandbox = 0; + tunable_allow_writeable_chroot = 0; + tunable_better_stou = 0; ++ tunable_log_die = 0; + + tunable_accept_timeout = 60; + tunable_connect_timeout = 60; +diff --git a/tunables.h b/tunables.h +index 85ea1a8..8a4b8b2 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -96,6 +96,8 @@ extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */ + extern int tunable_better_stou; /* Use better file name generation + * algorithm for the STOU command + */ ++extern int tunable_log_die; /* Log calls to die(), die2() ++ * and bug() */ + + /* Integer/numeric defines */ + extern unsigned int tunable_accept_timeout; +diff --git a/utility.c b/utility.c +index 5fd714d..75e5bdd 100644 +--- a/utility.c ++++ b/utility.c +@@ -9,6 +9,8 @@ + #include "sysutil.h" + #include "str.h" + #include "defs.h" ++#include "logging.h" ++#include "tunables.h" + + #define DIE_DEBUG + +@@ -41,11 +43,20 @@ void + bug(const char* p_text) + { + /* Rats. Try and write the reason to the network for diagnostics */ ++ if (tunable_log_die) ++ { ++ vsf_log_die(p_text); ++ } + vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD); + (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); + (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, + vsf_sysutil_strlen(p_text)); + (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); ++ if (tunable_log_die) ++ { ++ /* Workaround for https://github.com/systemd/systemd/issues/2913 */ ++ vsf_sysutil_sleep(1.0); ++ } + vsf_sysutil_exit(2); + } + +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index e9ae474..f246906 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -358,6 +358,16 @@ wanting to e.g. append a file. + + Default: YES + .TP ++.B log_die ++Log an error to syslog when some error condition occurs and vsftpd decides ++to quit. Internally, the error messages given to the functions die(), die2() ++and bug() are passed to syslog. Currently this functionality requires waiting ++for a short amount of time (1 second is used) after logging the message and ++before exiting. This is a workaround for the following systemd bug: ++https://github.com/systemd/systemd/issues/2913 ++ ++Default: NO ++.TP + .B log_ftp_protocol + When enabled, all FTP requests and responses are logged, providing the option + xferlog_std_format is not enabled. Useful for debugging. +-- +2.14.4 + diff --git a/0002-Improve-error-message-when-max-number-of-bind-attemp.patch b/0002-Improve-error-message-when-max-number-of-bind-attemp.patch new file mode 100644 index 0000000..221a2de --- /dev/null +++ b/0002-Improve-error-message-when-max-number-of-bind-attemp.patch @@ -0,0 +1,27 @@ +From 380e40930661d643c865bace4e1791ca8f9d74cf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Mon, 18 Jun 2018 14:01:46 +0200 +Subject: [PATCH 2/3] Improve error message when max number of bind attempts is + exceeded + +Resolves: rhbz#1318198 +--- + privops.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/privops.c b/privops.c +index e577a27..010d28d 100644 +--- a/privops.c ++++ b/privops.c +@@ -183,7 +183,7 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess) + } + if (!bind_retries) + { +- die("vsf_sysutil_bind"); ++ die("vsf_sysutil_bind, maximum number of attempts to find a listening port exceeded"); + } + return the_port; + } +-- +2.14.4 + diff --git a/0003-Make-the-max-number-of-bind-retries-tunable.patch b/0003-Make-the-max-number-of-bind-retries-tunable.patch new file mode 100644 index 0000000..533bd29 --- /dev/null +++ b/0003-Make-the-max-number-of-bind-retries-tunable.patch @@ -0,0 +1,103 @@ +From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Mon, 18 Jun 2018 10:13:48 +0200 +Subject: [PATCH 3/3] Make the max number of bind retries tunable + +Resolves: rhbz#1318198 +--- + parseconf.c | 1 + + privops.c | 8 ++++++-- + tunables.c | 2 ++ + tunables.h | 1 + + vsftpd.conf.5 | 5 +++++ + 5 files changed, 15 insertions(+), 2 deletions(-) + +diff --git a/parseconf.c b/parseconf.c +index aeb401a..3cfe7da 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -143,6 +143,7 @@ parseconf_uint_array[] = + { "delay_successful_login", &tunable_delay_successful_login }, + { "max_login_fails", &tunable_max_login_fails }, + { "chown_upload_mode", &tunable_chown_upload_mode }, ++ { "bind_retries", &tunable_bind_retries }, + { 0, 0 } + }; + +diff --git a/privops.c b/privops.c +index 010d28d..83b25c7 100644 +--- a/privops.c ++++ b/privops.c +@@ -120,8 +120,8 @@ unsigned short + vsf_privop_pasv_listen(struct vsf_session* p_sess) + { + static struct vsf_sysutil_sockaddr* s_p_sockaddr; +- int bind_retries = 10; +- unsigned short the_port; ++ int bind_retries = tunable_bind_retries + 1; ++ unsigned short the_port = 0; + /* IPPORT_RESERVED */ + unsigned short min_port = 1024; + unsigned short max_port = 65535; +@@ -131,6 +131,10 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess) + die("listed fd already active"); + } + ++ if (bind_retries < 2) ++ { ++ bind_retries = 2; ++ } + if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port) + { + min_port = (unsigned short) tunable_pasv_min_port; +diff --git a/tunables.c b/tunables.c +index 63de8e6..a7ce9c8 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -115,6 +115,7 @@ unsigned int tunable_delay_failed_login; + unsigned int tunable_delay_successful_login; + unsigned int tunable_max_login_fails; + unsigned int tunable_chown_upload_mode; ++unsigned int tunable_bind_retries; + + const char* tunable_secure_chroot_dir; + const char* tunable_ftp_username; +@@ -268,6 +269,7 @@ tunables_load_defaults() + tunable_max_login_fails = 3; + /* -rw------- */ + tunable_chown_upload_mode = 0600; ++ tunable_bind_retries = 9; + + install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); + install_str_setting("ftp", &tunable_ftp_username); +diff --git a/tunables.h b/tunables.h +index 8a4b8b2..029d645 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -120,6 +120,7 @@ extern unsigned int tunable_delay_failed_login; + extern unsigned int tunable_delay_successful_login; + extern unsigned int tunable_max_login_fails; + extern unsigned int tunable_chown_upload_mode; ++extern unsigned int tunable_bind_retries; + + /* String defines */ + extern const char* tunable_secure_chroot_dir; +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index f246906..ce3fba3 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -760,6 +760,11 @@ value will be treated as a base 10 integer! + + Default: 077 + .TP ++.B bind_retries ++Maximum number of attempts to find a free listening port in passive mode. ++ ++Default: 9 ++.TP + .B chown_upload_mode + The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6). + +-- +2.14.4 + diff --git a/vsftpd.spec b/vsftpd.spec index 2ba5f82..bb1afb5 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 24%{?dist} +Release: 25%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -84,6 +84,9 @@ Patch52: 0001-Fix-rDNS-with-IPv6.patch Patch53: 0002-Always-do-chdir-after-chroot.patch Patch54: 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch Patch55: 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch +Patch56: 0001-Log-die-calls-to-syslog.patch +Patch57: 0002-Improve-error-message-when-max-number-of-bind-attemp.patch +Patch58: 0003-Make-the-max-number-of-bind-retries-tunable.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -153,6 +156,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Jun 19 2018 Ondřej Lysoněk - 3.0.3-25 +- Add config option log_die allowing to pass error messages to syslog +- Add config option bind_retries allowing to change the max number +- of attempts to find a listening port for the PASV/EPSV command +- Resolves: rhbz#1318198 + * Fri Jun 01 2018 Ondřej Lysoněk - 3.0.3-24 - Fix filename expansion in vsftpd_conf_migrate.sh ... again From 0f463f3dae5b58dd75f0e515473b9a0764606b8b Mon Sep 17 00:00:00 2001 From: Jason Tibbitts Date: Tue, 10 Jul 2018 01:43:48 -0500 Subject: [PATCH 20/73] Remove needless use of %defattr --- vsftpd.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index bb1afb5..1e52c42 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -138,7 +138,6 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %systemd_postun_with_restart vsftpd.service %files -%defattr(-,root,root,-) %{_unitdir}/* %{_generatorsdir}/* %{_sbindir}/vsftpd From 447ded995884ef496ee46d814d34e63f056aa145 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 14 Jul 2018 08:40:00 +0000 Subject: [PATCH 21/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 1e52c42..5b455a0 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 25%{?dist} +Release: 26%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -155,6 +155,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jul 14 2018 Fedora Release Engineering - 3.0.3-26 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Tue Jun 19 2018 Ondřej Lysoněk - 3.0.3-25 - Add config option log_die allowing to pass error messages to syslog - Add config option bind_retries allowing to change the max number From 7c0626d6c4a7e178e71a4059eeed54bd4690a060 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 25 Jul 2018 13:28:40 +0200 Subject: [PATCH 22/73] Fix a segfault when running as PID 1 Also rebase the patches. --- ...-provided-script-to-locate-libraries.patch | 4 +- 0002-Enable-build-with-SSL.patch | 4 +- 0003-Enable-build-with-TCP-Wrapper.patch | 4 +- ...-dir-for-config-files-instead-of-etc.patch | 4 +- ...en-calling-PAM-authentication-module.patch | 4 +- ...err-before-listening-for-incoming-co.patch | 4 +- 0007-Make-filename-filters-smarter.patch | 4 +- 0008-Write-denied-logins-into-the-log.patch | 18 +++--- ...itespaces-when-reading-configuration.patch | 4 +- 0010-Improve-daemonizing.patch | 4 +- ...-Fix-listing-with-more-than-one-star.patch | 4 +- ...lace-syscall-__NR_clone-.-with-clone.patch | 4 +- 0013-Extend-man-pages-with-systemd-info.patch | 4 +- ...dd-support-for-square-brackets-in-ls.patch | 4 +- 0015-Listen-on-IPv6-by-default.patch | 4 +- ...e-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch | 4 +- ...-an-issue-with-timestamps-during-DST.patch | 4 +- ...he-default-log-file-in-configuration.patch | 4 +- ...troduce-reverse_lookup_enable-option.patch | 18 +++--- ...d-int-for-uid-and-gid-representation.patch | 4 +- ...-support-for-DHE-based-cipher-suites.patch | 4 +- ...upport-for-EDDHE-based-cipher-suites.patch | 4 +- ...n-for-isolate_-options.-Correct-defa.patch | 4 +- 0024-Introduce-new-return-value-450.patch | 4 +- 0025-Improve-local_max_rate-option.patch | 4 +- 0026-Prevent-hanging-in-SIGCHLD-handler.patch | 4 +- 0027-Delete-files-when-upload-fails.patch | 12 ++-- 0028-Fix-man-page-rendering.patch | 4 +- 0029-Fix-segfault-in-config-file-parser.patch | 4 +- ...g-into-syslog-when-enabled-in-config.patch | 4 +- ...on-mark-wildcard-withing-a-file-name.patch | 4 +- ...errors-from-nfs-with-quota-to-client.patch | 12 ++-- ...ntroduce-TLSv1.1-and-TLSv1.2-options.patch | 4 +- ...omp-sandbox-because-it-is-too-strict.patch | 4 +- ...ment-patch-to-build-with-OpenSSL-1.1.patch | 4 +- 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch | 4 +- ...ationship-of-text_userdb_names-and-c.patch | 4 +- ...low_writeable_chroot-in-the-man-page.patch | 4 +- ...tation-of-ASCII-mode-in-the-man-page.patch | 4 +- 0040-Use-system-wide-crypto-policy.patch | 4 +- ...-default-for-ssl_ciphers-in-the-man-.patch | 4 +- ...AT-command-check-ssl_tlsv1_1-and-ssl.patch | 4 +- 0043-Enable-only-TLSv1.2-by-default.patch | 4 +- ...nymous_enable-in-default-config-file.patch | 4 +- ...on-of-ascii_-options-behaviour-in-ma.patch | 4 +- ...r-to-the-man-page-regarding-the-asci.patch | 4 +- 0047-Disable-tcp_wrappers-support.patch | 4 +- ...e-of-strict_ssl_read_eof-in-man-page.patch | 4 +- ...-generation-algorithm-for-STOU-comma.patch | 4 +- 0050-Don-t-link-with-libnsl.patch | 4 +- ...ation-of-better_stou-in-the-man-page.patch | 4 +- ...Pv6.patch => 0052-Fix-rDNS-with-IPv6.patch | 4 +- ...=> 0053-Always-do-chdir-after-chroot.patch | 4 +- ...imeo-Check-return-value-of-setsockop.patch | 4 +- ...tz-Check-the-return-value-of-syscall.patch | 4 +- ...atch => 0056-Log-die-calls-to-syslog.patch | 2 +- ...ssage-when-max-number-of-bind-attemp.patch | 4 +- ...e-max-number-of-bind-retries-tunable.patch | 2 +- ...when-running-in-a-container-as-PID-1.patch | 58 +++++++++++++++++++ vsftpd.spec | 22 ++++--- 60 files changed, 207 insertions(+), 145 deletions(-) rename 0001-Improve-documentation-of-better_stou-in-the-man-page.patch => 0051-Improve-documentation-of-better_stou-in-the-man-page.patch (92%) rename 0001-Fix-rDNS-with-IPv6.patch => 0052-Fix-rDNS-with-IPv6.patch (99%) rename 0002-Always-do-chdir-after-chroot.patch => 0053-Always-do-chdir-after-chroot.patch (91%) rename 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch => 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch (89%) rename 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch => 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch (97%) rename 0001-Log-die-calls-to-syslog.patch => 0056-Log-die-calls-to-syslog.patch (99%) rename 0002-Improve-error-message-when-max-number-of-bind-attemp.patch => 0057-Improve-error-message-when-max-number-of-bind-attemp.patch (87%) rename 0003-Make-the-max-number-of-bind-retries-tunable.patch => 0058-Make-the-max-number-of-bind-retries-tunable.patch (97%) create mode 100644 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch diff --git a/0001-Don-t-use-the-provided-script-to-locate-libraries.patch b/0001-Don-t-use-the-provided-script-to-locate-libraries.patch index fdeb69e..f4a67e3 100644 --- a/0001-Don-t-use-the-provided-script-to-locate-libraries.patch +++ b/0001-Don-t-use-the-provided-script-to-locate-libraries.patch @@ -1,7 +1,7 @@ From 7bd573d76e9c1996ad5a96f0289731a253a24301 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:35:51 +0200 -Subject: [PATCH 01/33] Don't use the provided script to locate libraries. +Subject: [PATCH 01/59] Don't use the provided script to locate libraries. This branch is Fedora (RHEL) specific, so we know what libraries we have and want to use. @@ -23,5 +23,5 @@ index c63ed1b..98118dc 100644 LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now -- -2.7.4 +2.14.4 diff --git a/0002-Enable-build-with-SSL.patch b/0002-Enable-build-with-SSL.patch index 41180fa..e772099 100644 --- a/0002-Enable-build-with-SSL.patch +++ b/0002-Enable-build-with-SSL.patch @@ -1,7 +1,7 @@ From 6fe24bc56694808ac7f8038855883a971967f0fb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:40:53 +0200 -Subject: [PATCH 02/33] Enable build with SSL. +Subject: [PATCH 02/59] Enable build with SSL. --- builddefs.h | 2 +- @@ -21,5 +21,5 @@ index e908352..63cc62b 100644 #endif /* VSF_BUILDDEFS_H */ -- -2.7.4 +2.14.4 diff --git a/0003-Enable-build-with-TCP-Wrapper.patch b/0003-Enable-build-with-TCP-Wrapper.patch index baa8881..e656776 100644 --- a/0003-Enable-build-with-TCP-Wrapper.patch +++ b/0003-Enable-build-with-TCP-Wrapper.patch @@ -1,7 +1,7 @@ From 1e0e2b13836d40f5a3f4cb20f2b3ea8204115b51 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:42:09 +0200 -Subject: [PATCH 03/33] Enable build with TCP Wrapper +Subject: [PATCH 03/59] Enable build with TCP Wrapper --- builddefs.h | 2 +- @@ -21,5 +21,5 @@ index 63cc62b..83de674 100644 #define VSF_BUILD_SSL -- -2.7.4 +2.14.4 diff --git a/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch b/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch index 4380365..e82cd84 100644 --- a/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch +++ b/0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch @@ -1,7 +1,7 @@ From fff93602a4b252be8d674e27083dde68a7acf038 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 13:46:03 +0200 -Subject: [PATCH 04/33] Use /etc/vsftpd/ dir for config files instead of /etc. +Subject: [PATCH 04/59] Use /etc/vsftpd/ dir for config files instead of /etc. --- EXAMPLE/INTERNET_SITE/README | 6 +++--- @@ -479,5 +479,5 @@ index fcc6022..5e46a2f 100644 .B vsftpd_log_file This option is the name of the file to which we write the vsftpd style -- -2.7.4 +2.14.4 diff --git a/0005-Use-hostname-when-calling-PAM-authentication-module.patch b/0005-Use-hostname-when-calling-PAM-authentication-module.patch index 7d8d7de..af842f5 100644 --- a/0005-Use-hostname-when-calling-PAM-authentication-module.patch +++ b/0005-Use-hostname-when-calling-PAM-authentication-module.patch @@ -1,7 +1,7 @@ From 08c49b78942d40c99fae8c40e7668aa73e1bd695 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 15:01:23 +0200 -Subject: [PATCH 05/33] Use hostname when calling PAM authentication module. +Subject: [PATCH 05/59] Use hostname when calling PAM authentication module. Currently the vsftpd passes all logins as IP addresses into PAM. This prevents administrators from setting up @@ -71,5 +71,5 @@ index 06f01f4..b2782da 100644 if (retval != 1) { -- -2.7.4 +2.14.4 diff --git a/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch b/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch index 22af9be..f030f35 100644 --- a/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch +++ b/0006-Close-stdin-out-err-before-listening-for-incoming-co.patch @@ -1,7 +1,7 @@ From 423cbf4ddca6578b87e0f8a3fc425688cd1ca89c Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 6 Sep 2016 16:18:39 +0200 -Subject: [PATCH 06/33] Close stdin/out/err before listening for incoming +Subject: [PATCH 06/59] Close stdin/out/err before listening for incoming connections. When running vsftpd as a stand-alone FTP daemon, vsftpd @@ -31,5 +31,5 @@ index ba01ab1..e0f2d5b 100644 if (vsf_sysutil_retval_is_error(retval)) { -- -2.7.4 +2.14.4 diff --git a/0007-Make-filename-filters-smarter.patch b/0007-Make-filename-filters-smarter.patch index 21c7b78..6db2d1a 100644 --- a/0007-Make-filename-filters-smarter.patch +++ b/0007-Make-filename-filters-smarter.patch @@ -1,7 +1,7 @@ From 548375b2122f83771dc0b8571f16e5b5adabba98 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:04:31 +0200 -Subject: [PATCH 07/33] Make filename filters smarter. +Subject: [PATCH 07/59] Make filename filters smarter. In the original version vsftpd was not able to prevent users from downloading for instance /etc/passwd by @@ -98,5 +98,5 @@ index ab0a9a4..3a21b50 100644 /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string * buffer, starting at character position 'p_pos'. The extracted line will -- -2.7.4 +2.14.4 diff --git a/0008-Write-denied-logins-into-the-log.patch b/0008-Write-denied-logins-into-the-log.patch index 7a927ef..5e16953 100644 --- a/0008-Write-denied-logins-into-the-log.patch +++ b/0008-Write-denied-logins-into-the-log.patch @@ -1,7 +1,7 @@ From 75c172596aa9e7a9f32062579f7f98783341c924 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:17:17 +0200 -Subject: [PATCH 08/33] Write denied logins into the log. +Subject: [PATCH 08/59] Write denied logins into the log. This patch adds a new option 'userlist_log'. If enabled, every login denial based on the user list will be logged. @@ -127,21 +127,21 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index 5e46a2f..9d767b1 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 -@@ -588,6 +588,14 @@ Self-signed certs do not constitute OK validation. (New in v2.0.6). +@@ -586,6 +586,14 @@ Default: NO + If set to yes, all SSL client certificates received must validate OK. + Self-signed certs do not constitute OK validation. (New in v2.0.6). - Default: NO - .TP ++Default: NO ++.TP +.B userlist_log +This option is examined if +.BR userlist_enable +is activated. If enabled, every login denial based on the user list will be +logged. + -+Default: NO -+.TP + Default: NO + .TP .B virtual_use_local_privs - If enabled, virtual users will use the same privileges as local users. By - default, virtual users will use the same privileges as anonymous users, which -- -2.7.4 +2.14.4 diff --git a/0009-Trim-whitespaces-when-reading-configuration.patch b/0009-Trim-whitespaces-when-reading-configuration.patch index 6aa8c70..97f3e4f 100644 --- a/0009-Trim-whitespaces-when-reading-configuration.patch +++ b/0009-Trim-whitespaces-when-reading-configuration.patch @@ -1,7 +1,7 @@ From d024bc27cee40f21e6a3841266062408c44e56fb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 10:35:54 +0200 -Subject: [PATCH 09/33] Trim whitespaces when reading configuration. +Subject: [PATCH 09/59] Trim whitespaces when reading configuration. --- parseconf.c | 2 +- @@ -95,5 +95,5 @@ index c34778c..c2ddd15 100644 void vsf_sysutil_memcpy(void* p_dest, const void* p_src, const unsigned int size); -- -2.7.4 +2.14.4 diff --git a/0010-Improve-daemonizing.patch b/0010-Improve-daemonizing.patch index 366bee6..d2de767 100644 --- a/0010-Improve-daemonizing.patch +++ b/0010-Improve-daemonizing.patch @@ -1,7 +1,7 @@ From 569e7078244470ac0fcc2af3947c2735338555ec Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:29:29 +0200 -Subject: [PATCH 10/33] Improve daemonizing +Subject: [PATCH 10/59] Improve daemonizing Init script gets correct return code if binding fails. --- @@ -205,5 +205,5 @@ index c2ddd15..bfc92cb 100644 /* Various string functions */ unsigned int vsf_sysutil_strlen(const char* p_text); -- -2.7.4 +2.14.4 diff --git a/0011-Fix-listing-with-more-than-one-star.patch b/0011-Fix-listing-with-more-than-one-star.patch index bc56d65..a675978 100644 --- a/0011-Fix-listing-with-more-than-one-star.patch +++ b/0011-Fix-listing-with-more-than-one-star.patch @@ -1,7 +1,7 @@ From 32e6642640635d7305969f808b5badb706a11bff Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:36:17 +0200 -Subject: [PATCH 11/33] Fix listing with more than one star '*'. +Subject: [PATCH 11/59] Fix listing with more than one star '*'. This is a regression introduced by some previous patch. --- @@ -34,5 +34,5 @@ index f489478..616b2d9 100644 str_mid_to_end(&name_remain_str, &temp_str, indexx + str_getlen(&s_match_needed_str)); -- -2.7.4 +2.14.4 diff --git a/0012-Replace-syscall-__NR_clone-.-with-clone.patch b/0012-Replace-syscall-__NR_clone-.-with-clone.patch index de7aba4..84d01e6 100644 --- a/0012-Replace-syscall-__NR_clone-.-with-clone.patch +++ b/0012-Replace-syscall-__NR_clone-.-with-clone.patch @@ -1,7 +1,7 @@ From 0c3a1123c391995ab46cfde603fa025ff180a819 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:43:54 +0200 -Subject: [PATCH 12/33] Replace syscall(__NR_clone ..) with clone () +Subject: [PATCH 12/59] Replace syscall(__NR_clone ..) with clone () in order to fix incorrect order of params on s390 arch --- @@ -31,5 +31,5 @@ index b2782da..3bbabaa 100644 { if (ret == 0) -- -2.7.4 +2.14.4 diff --git a/0013-Extend-man-pages-with-systemd-info.patch b/0013-Extend-man-pages-with-systemd-info.patch index cde58f4..5dcd965 100644 --- a/0013-Extend-man-pages-with-systemd-info.patch +++ b/0013-Extend-man-pages-with-systemd-info.patch @@ -1,7 +1,7 @@ From 813a4bc45d45f4af94c699893cb2d2ba998d5d31 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 11:53:07 +0200 -Subject: [PATCH 13/33] Extend man pages with systemd info. +Subject: [PATCH 13/59] Extend man pages with systemd info. Man pages now reflect how is vsftpd used as systemd service. @@ -82,5 +82,5 @@ index 9d767b1..0744f85 100644 The format of vsftpd.conf is very simple. Each line is either a comment or a directive. Comment lines start with a # and are ignored. A directive line -- -2.7.4 +2.14.4 diff --git a/0014-Add-support-for-square-brackets-in-ls.patch b/0014-Add-support-for-square-brackets-in-ls.patch index b53b9ee..27f5374 100644 --- a/0014-Add-support-for-square-brackets-in-ls.patch +++ b/0014-Add-support-for-square-brackets-in-ls.patch @@ -1,7 +1,7 @@ From ba0520650ae7f9f63e48ba9fb3a94297aebe2d0c Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 14:22:21 +0200 -Subject: [PATCH 14/33] Add support for square brackets in ls. +Subject: [PATCH 14/59] Add support for square brackets in ls. --- ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++---------------------- @@ -273,5 +273,5 @@ index 616b2d9..b840136 100644 /* Any incoming string left means no match unless we ended on the correct * type of wildcard. -- -2.7.4 +2.14.4 diff --git a/0015-Listen-on-IPv6-by-default.patch b/0015-Listen-on-IPv6-by-default.patch index 1e7a7f6..b762b09 100644 --- a/0015-Listen-on-IPv6-by-default.patch +++ b/0015-Listen-on-IPv6-by-default.patch @@ -1,7 +1,7 @@ From c5daaedf1efe23b397a5950f5503f5cbfac871c8 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 14:25:28 +0200 -Subject: [PATCH 15/33] Listen on IPv6 by default. +Subject: [PATCH 15/59] Listen on IPv6 by default. --- vsftpd.conf | 14 +++++++++----- @@ -51,5 +51,5 @@ index 0744f85..72bb86f 100644 Default: NO .TP -- -2.7.4 +2.14.4 diff --git a/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch b/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch index 31779c2..fae6b9c 100644 --- a/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch +++ b/0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch @@ -1,7 +1,7 @@ From 048208a4db5d7164d89ba5d7545e281d0a3472d3 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Wed, 7 Sep 2016 15:35:59 +0200 -Subject: [PATCH 16/33] Increase VSFTP_AS_LIMIT from 200UL to 400UL. +Subject: [PATCH 16/59] Increase VSFTP_AS_LIMIT from 200UL to 400UL. When using a PAM module to get users from LDAP or database the old limit was insufficient. @@ -23,5 +23,5 @@ index ca11eac..bde3232 100644 #endif /* VSF_DEFS_H */ -- -2.7.4 +2.14.4 diff --git a/0017-Fix-an-issue-with-timestamps-during-DST.patch b/0017-Fix-an-issue-with-timestamps-during-DST.patch index ec3af9f..f331433 100644 --- a/0017-Fix-an-issue-with-timestamps-during-DST.patch +++ b/0017-Fix-an-issue-with-timestamps-during-DST.patch @@ -1,7 +1,7 @@ From 5ec0b86e5c1ff060720b5a6cd1af9d93ec993650 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 29 Sep 2016 11:14:03 +0200 -Subject: [PATCH 17/33] Fix an issue with timestamps during DST. +Subject: [PATCH 17/59] Fix an issue with timestamps during DST. vsftpd now checks whether a file was uploaded during DST and adjust the timestamp accordingly. @@ -157,5 +157,5 @@ index c848356..2abdd13 100644 s_timezone *= -1; } -- -2.7.4 +2.14.4 diff --git a/0018-Change-the-default-log-file-in-configuration.patch b/0018-Change-the-default-log-file-in-configuration.patch index 990cf90..369a69c 100644 --- a/0018-Change-the-default-log-file-in-configuration.patch +++ b/0018-Change-the-default-log-file-in-configuration.patch @@ -1,7 +1,7 @@ From 61dac172bdb14c5a37713078828ea8c8f78c7eb6 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 29 Sep 2016 13:53:16 +0200 -Subject: [PATCH 18/33] Change the default log file in configuration. +Subject: [PATCH 18/59] Change the default log file in configuration. Previous "default" value was wrong. tunables.c:262 => install_str_setting("/var/log/xferlog", @@ -39,5 +39,5 @@ index ae6c6c9..39d1955 100644 # If you want, you can have your log file in standard ftpd xferlog format. # Note that the default log file location is /var/log/xferlog in this case. -- -2.7.4 +2.14.4 diff --git a/0019-Introduce-reverse_lookup_enable-option.patch b/0019-Introduce-reverse_lookup_enable-option.patch index dbf01c0..85023c1 100644 --- a/0019-Introduce-reverse_lookup_enable-option.patch +++ b/0019-Introduce-reverse_lookup_enable-option.patch @@ -1,7 +1,7 @@ From 721de88621100f6ed33f1602415bc249f3ed3219 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:22:32 +0100 -Subject: [PATCH 19/33] Introduce reverse_lookup_enable option. +Subject: [PATCH 19/59] Introduce reverse_lookup_enable option. vsftpd can transform IP address into hostname before PAM authentication. You can disable it to prevent @@ -88,10 +88,12 @@ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index 72bb86f..fb6324e 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 -@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html +@@ -423,6 +423,15 @@ so you may want to disable it. For a discussion of the consequences, see + http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html + (Added in v2.1.0). - Default: YES - .TP ++Default: YES ++.TP +.B reverse_lookup_enable +Set to YES if you want vsftpd to transform the ip address into the hostname, +before pam authentication. This is useful if you use pam_access including the @@ -99,11 +101,9 @@ index 72bb86f..fb6324e 100644 +for some hostname is available and the name server doesn't respond for a while, +you should set this to NO to avoid a performance issue. + -+Default: YES -+.TP + Default: YES + .TP .B run_as_launching_user - Set to YES if you want vsftpd to run as the user which launched vsftpd. This is - useful where root access is not available. MASSIVE WARNING! Do NOT enable this -- -2.7.4 +2.14.4 diff --git a/0020-Use-unsigned-int-for-uid-and-gid-representation.patch b/0020-Use-unsigned-int-for-uid-and-gid-representation.patch index f5cd8f0..ac3ac1f 100644 --- a/0020-Use-unsigned-int-for-uid-and-gid-representation.patch +++ b/0020-Use-unsigned-int-for-uid-and-gid-representation.patch @@ -1,7 +1,7 @@ From dcaaf1e0dd3985e229a87de18b83f301d30b6ce9 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:31:39 +0100 -Subject: [PATCH 20/33] Use unsigned int for uid and gid representation. +Subject: [PATCH 20/59] Use unsigned int for uid and gid representation. --- ls.c | 4 ++-- @@ -246,5 +246,5 @@ index bfc92cb..79b5514 100644 void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user); void vsf_sysutil_seteuid_numeric(int uid); -- -2.7.4 +2.14.4 diff --git a/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/0021-Introduce-support-for-DHE-based-cipher-suites.patch index ad7e5ba..1abe1e4 100644 --- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch +++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch @@ -1,7 +1,7 @@ From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:48:28 +0100 -Subject: [PATCH 21/33] Introduce support for DHE based cipher suites. +Subject: [PATCH 21/59] Introduce support for DHE based cipher suites. --- parseconf.c | 1 + @@ -222,5 +222,5 @@ index fb6324e..ff94eca 100644 This option can be used to provide an alternate file for usage by the .BR secure_email_list_enable -- -2.7.4 +2.14.4 diff --git a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch index b4eb574..1428b86 100644 --- a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch +++ b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch @@ -1,7 +1,7 @@ From a6d641a0ccba1033587f6faa0e5e6749fa35f5c4 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:49:22 +0100 -Subject: [PATCH 22/33] Introduce support for EDDHE based cipher suites. +Subject: [PATCH 22/59] Introduce support for EDDHE based cipher suites. --- parseconf.c | 1 + @@ -132,5 +132,5 @@ index ff94eca..e242873 100644 This option can be used to provide an alternate file for usage by the .BR secure_email_list_enable -- -2.7.4 +2.14.4 diff --git a/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch b/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch index 077d261..7cc0bfa 100644 --- a/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch +++ b/0023-Add-documentation-for-isolate_-options.-Correct-defa.patch @@ -1,7 +1,7 @@ From 3d02ef3be17f37baf729e786a8f36af4982f70ad Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 10:52:16 +0100 -Subject: [PATCH 23/33] Add documentation for isolate_* options. Correct +Subject: [PATCH 23/59] Add documentation for isolate_* options. Correct default values of max_clients, max_per_ip. @@ -59,5 +59,5 @@ index e242873..31d317f 100644 .B pasv_max_port The maximum port to allocate for PASV style data connections. Can be used to -- -2.7.4 +2.14.4 diff --git a/0024-Introduce-new-return-value-450.patch b/0024-Introduce-new-return-value-450.patch index f8c7b8c..86c5f8e 100644 --- a/0024-Introduce-new-return-value-450.patch +++ b/0024-Introduce-new-return-value-450.patch @@ -1,7 +1,7 @@ From 1d5cdf309387ff92988ab17d746f015d833a4b92 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 11:08:52 +0100 -Subject: [PATCH 24/33] Introduce new return value 450: +Subject: [PATCH 24/59] Introduce new return value 450: *450 Requested file action not taken. File unavailable (e.g., file busy). @@ -73,5 +73,5 @@ index 79b5514..c145bdf 100644 enum EVSFSysUtilError vsf_sysutil_get_error(void); -- -2.7.4 +2.14.4 diff --git a/0025-Improve-local_max_rate-option.patch b/0025-Improve-local_max_rate-option.patch index 3560d87..e78f825 100644 --- a/0025-Improve-local_max_rate-option.patch +++ b/0025-Improve-local_max_rate-option.patch @@ -1,7 +1,7 @@ From 386db86fe865fb552b1867af4bf4b78dbf9080cf Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 12:44:26 +0100 -Subject: [PATCH 25/33] Improve local_max_rate option. +Subject: [PATCH 25/59] Improve local_max_rate option. Now it should work as expected. --- @@ -86,5 +86,5 @@ index 956bfb7..3e8fdd5 100644 /* Details of the login */ int is_anonymous; -- -2.7.4 +2.14.4 diff --git a/0026-Prevent-hanging-in-SIGCHLD-handler.patch b/0026-Prevent-hanging-in-SIGCHLD-handler.patch index 9b186a8..f928cbc 100644 --- a/0026-Prevent-hanging-in-SIGCHLD-handler.patch +++ b/0026-Prevent-hanging-in-SIGCHLD-handler.patch @@ -1,7 +1,7 @@ From 1e65a0a15f819b8bf1b551bd84f71d0da1f5a00c Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:02:27 +0100 -Subject: [PATCH 26/33] Prevent hanging in SIGCHLD handler. +Subject: [PATCH 26/59] Prevent hanging in SIGCHLD handler. vsftpd can now handle pam_exec.so in pam.d config without hanging in SIGCHLD handler. @@ -77,5 +77,5 @@ index 33d84dc..b1891e7 100644 else { -- -2.7.4 +2.14.4 diff --git a/0027-Delete-files-when-upload-fails.patch b/0027-Delete-files-when-upload-fails.patch index 98222e1..94a00bf 100644 --- a/0027-Delete-files-when-upload-fails.patch +++ b/0027-Delete-files-when-upload-fails.patch @@ -1,7 +1,7 @@ From 6224ecc5ac209323baa775880c0602c3fde3590a Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:10:41 +0100 -Subject: [PATCH 27/33] Delete files when upload fails. +Subject: [PATCH 27/59] Delete files when upload fails. Previously the uploaded file wasn't removed when the network was disconnected. Now it is successfully deleted. @@ -104,10 +104,11 @@ diff --git a/sysutil.c b/sysutil.c index 099748f..42bcdf8 100644 --- a/sysutil.c +++ b/sysutil.c -@@ -681,6 +681,16 @@ vsf_sysutil_activate_keepalive(int fd) +@@ -680,6 +680,16 @@ vsf_sysutil_activate_keepalive(int fd) + } } - void ++void +vsf_sysutil_rcvtimeo(int fd) +{ + struct timeval tv; @@ -117,10 +118,9 @@ index 099748f..42bcdf8 100644 + setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); +} + -+void + void vsf_sysutil_activate_reuseaddr(int fd) { - int reuseaddr = 1; diff --git a/sysutil.h b/sysutil.h index 13153cd..2886bbc 100644 --- a/sysutil.h @@ -134,5 +134,5 @@ index 13153cd..2886bbc 100644 void vsf_sysutil_activate_reuseaddr(int fd); void vsf_sysutil_set_nodelay(int fd); -- -2.7.4 +2.14.4 diff --git a/0028-Fix-man-page-rendering.patch b/0028-Fix-man-page-rendering.patch index 4d6e5e7..e91d6dc 100644 --- a/0028-Fix-man-page-rendering.patch +++ b/0028-Fix-man-page-rendering.patch @@ -1,7 +1,7 @@ From ea99be1a7a5973bbe8ed798b65abe5ce3b92f5df Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:12:52 +0100 -Subject: [PATCH 28/33] Fix man page rendering. +Subject: [PATCH 28/59] Fix man page rendering. --- vsftpd.conf.5 | 3 ++- @@ -22,5 +22,5 @@ index 31d317f..cf1ae34 100644 (New in v2.0.7). -- -2.7.4 +2.14.4 diff --git a/0029-Fix-segfault-in-config-file-parser.patch b/0029-Fix-segfault-in-config-file-parser.patch index 899bbd3..65cb571 100644 --- a/0029-Fix-segfault-in-config-file-parser.patch +++ b/0029-Fix-segfault-in-config-file-parser.patch @@ -1,7 +1,7 @@ From 34b9e1d10c6be736f1b20be8795c655446f38c5e Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:14:55 +0100 -Subject: [PATCH 29/33] Fix segfault in config file parser. +Subject: [PATCH 29/59] Fix segfault in config file parser. --- str.c | 2 +- @@ -21,5 +21,5 @@ index 41b27db..82b8ae4 100644 void -- -2.7.4 +2.14.4 diff --git a/0030-Fix-logging-into-syslog-when-enabled-in-config.patch b/0030-Fix-logging-into-syslog-when-enabled-in-config.patch index c828c27..04669c7 100644 --- a/0030-Fix-logging-into-syslog-when-enabled-in-config.patch +++ b/0030-Fix-logging-into-syslog-when-enabled-in-config.patch @@ -1,7 +1,7 @@ From 03ff061f18f555d7bec62fa6a597a275b4b3f1c7 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:18:22 +0100 -Subject: [PATCH 30/33] Fix logging into syslog when enabled in config. +Subject: [PATCH 30/59] Fix logging into syslog when enabled in config. --- logging.c | 2 +- @@ -21,5 +21,5 @@ index 99671b4..c4461f7 100644 if (!tunable_xferlog_enable && !tunable_dual_log_enable) { -- -2.7.4 +2.14.4 diff --git a/0031-Fix-question-mark-wildcard-withing-a-file-name.patch b/0031-Fix-question-mark-wildcard-withing-a-file-name.patch index 457404b..acc8f6d 100644 --- a/0031-Fix-question-mark-wildcard-withing-a-file-name.patch +++ b/0031-Fix-question-mark-wildcard-withing-a-file-name.patch @@ -1,7 +1,7 @@ From 0da42468ac9518a544aad57d22d7697d6bdfa969 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:25:12 +0100 -Subject: [PATCH 31/33] Fix question mark wildcard withing a file name. +Subject: [PATCH 31/59] Fix question mark wildcard withing a file name. Previously '?' worked only at the end of a file name, now it can be used anywhere. @@ -24,5 +24,5 @@ index 3c0988c..35c15c7 100644 /* Any incoming string left means no match unless we ended on the correct * type of wildcard. -- -2.7.4 +2.14.4 diff --git a/0032-Propagate-errors-from-nfs-with-quota-to-client.patch b/0032-Propagate-errors-from-nfs-with-quota-to-client.patch index 46a60c4..de56aa7 100644 --- a/0032-Propagate-errors-from-nfs-with-quota-to-client.patch +++ b/0032-Propagate-errors-from-nfs-with-quota-to-client.patch @@ -1,7 +1,7 @@ From aa9cb48373018502ef99a57aad70b69c0c75ff65 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:29:59 +0100 -Subject: [PATCH 32/33] Propagate errors from nfs with quota to client. +Subject: [PATCH 32/59] Propagate errors from nfs with quota to client. vsftpd now checks for errors when closing newly uploaded file and forward errors to the client (e.g. when file system quota was @@ -102,10 +102,11 @@ diff --git a/sysutil.c b/sysutil.c index 42bcdf8..1c0422e 100644 --- a/sysutil.c +++ b/sysutil.c -@@ -1269,6 +1269,27 @@ vsf_sysutil_close(int fd) +@@ -1268,6 +1268,27 @@ vsf_sysutil_close(int fd) + } } - int ++int +vsf_sysutil_close_errno(int fd) +{ + while (1) @@ -126,10 +127,9 @@ index 42bcdf8..1c0422e 100644 + } +} + -+int + int vsf_sysutil_close_failok(int fd) { - return close(fd); diff --git a/sysutil.h b/sysutil.h index 2886bbc..be727f5 100644 --- a/sysutil.h @@ -143,5 +143,5 @@ index 2886bbc..be727f5 100644 int vsf_sysutil_unlink(const char* p_dead); int vsf_sysutil_write_access(const char* p_filename); -- -2.7.4 +2.14.4 diff --git a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch index a7254e2..8d6228e 100644 --- a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch +++ b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch @@ -1,7 +1,7 @@ From 01bef55a1987700af3d43cdc5f5be88d3843ab85 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Thu, 17 Nov 2016 13:36:17 +0100 -Subject: [PATCH 33/33] Introduce TLSv1.1 and TLSv1.2 options. +Subject: [PATCH 33/59] Introduce TLSv1.1 and TLSv1.2 options. Users can now enable a specific version of TLS protocol. --- @@ -149,5 +149,5 @@ index cf1ae34..a3d569e 100644 .B user_config_dir This powerful option allows the override of any config option specified in -- -2.7.4 +2.14.4 diff --git a/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch b/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch index 62fb66b..0c0bdb7 100644 --- a/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch +++ b/0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch @@ -1,7 +1,7 @@ From 4922e60589326540b2ee4f0bdfd6cb95f645f3d5 Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Fri, 18 Nov 2016 10:23:29 +0100 -Subject: [PATCH] Turn off seccomp sandbox, because it is too strict. +Subject: [PATCH 34/59] Turn off seccomp sandbox, because it is too strict. --- tunables.c | 2 +- @@ -21,5 +21,5 @@ index 78f2bcd..5440c00 100644 tunable_accept_timeout = 60; -- -2.7.4 +2.14.4 diff --git a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch index ab3f35c..1cebc18 100644 --- a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch +++ b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch @@ -1,7 +1,7 @@ From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Mon, 4 Sep 2017 11:32:03 +0200 -Subject: [PATCH 35/35] Modify DH enablement patch to build with OpenSSL 1.1 +Subject: [PATCH 35/59] Modify DH enablement patch to build with OpenSSL 1.1 --- ssl.c | 41 ++++++++++++++++++++++++++++++++++++++--- @@ -70,5 +70,5 @@ index ba8a613..09ec96a 100644 return NULL; } -- -2.9.5 +2.14.4 diff --git a/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch b/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch index 7f1911a..4299b23 100644 --- a/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch +++ b/0036-Redefine-VSFTP_COMMAND_FD-to-1.patch @@ -1,7 +1,7 @@ From 18e0ab25a0d66088728b506cf64f5545637eda26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 5 Sep 2017 14:26:08 +0200 -Subject: [PATCH 36/36] Redefine VSFTP_COMMAND_FD to 1 +Subject: [PATCH 36/59] Redefine VSFTP_COMMAND_FD to 1 Redefine VSFTP_COMMAND_FD to 1 (stdout) so that error messages generated during startup are picked up by systemd. @@ -25,5 +25,5 @@ index bde3232..315f0f0 100644 #define VSFTP_PASSWORD_MAX 128 #define VSFTP_USERNAME_MAX 128 -- -2.9.5 +2.14.4 diff --git a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch index 7bf92ae..ae188d7 100644 --- a/0037-Document-the-relationship-of-text_userdb_names-and-c.patch +++ b/0037-Document-the-relationship-of-text_userdb_names-and-c.patch @@ -1,7 +1,7 @@ From 221f35f302d53f5a89f8e79592492e7cb322e81a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 26 Oct 2017 13:08:32 +0200 -Subject: [PATCH 37/37] Document the relationship of text_userdb_names and +Subject: [PATCH 37/59] Document the relationship of text_userdb_names and chroot_local_user Note in vsftpd.conf(5) that text_userdb_names may not work when @@ -25,5 +25,5 @@ index a3d569e..45b3f9c 100644 Default: NO .TP -- -2.14.3 +2.14.4 diff --git a/0038-Document-allow_writeable_chroot-in-the-man-page.patch b/0038-Document-allow_writeable_chroot-in-the-man-page.patch index f8d8c1d..ca073d3 100644 --- a/0038-Document-allow_writeable_chroot-in-the-man-page.patch +++ b/0038-Document-allow_writeable_chroot-in-the-man-page.patch @@ -1,7 +1,7 @@ From 35ec3be5427a54facd5f6299fda2da4c146d4846 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 24 Nov 2017 11:22:43 +0100 -Subject: [PATCH 38/38] Document allow_writeable_chroot in the man page +Subject: [PATCH 38/59] Document allow_writeable_chroot in the man page --- vsftpd.conf.5 | 9 +++++++++ @@ -28,5 +28,5 @@ index 45b3f9c..d1f0db5 100644 .TP .B anon_mkdir_write_enable -- -2.14.3 +2.14.4 diff --git a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch index 4b32923..307ce35 100644 --- a/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch +++ b/0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch @@ -1,7 +1,7 @@ From 7d4b76abb437184fa692533cb5537318026a30e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 24 Nov 2017 11:26:37 +0100 -Subject: [PATCH 39/39] Improve documentation of ASCII mode in the man page +Subject: [PATCH 39/59] Improve documentation of ASCII mode in the man page --- vsftpd.conf.5 | 6 ++++++ @@ -30,5 +30,5 @@ index d1f0db5..3ca55e4 100644 Default: NO .TP -- -2.14.3 +2.14.4 diff --git a/0040-Use-system-wide-crypto-policy.patch b/0040-Use-system-wide-crypto-policy.patch index d79530b..f59ba2b 100644 --- a/0040-Use-system-wide-crypto-policy.patch +++ b/0040-Use-system-wide-crypto-policy.patch @@ -1,7 +1,7 @@ From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001 From: Martin Sehnoutka Date: Tue, 29 Aug 2017 10:32:16 +0200 -Subject: [PATCH 40/40] Use system wide crypto policy +Subject: [PATCH 40/59] Use system wide crypto policy Resolves: rhbz#1483970 --- @@ -23,5 +23,5 @@ index 5440c00..354251c 100644 install_str_setting(0, &tunable_dsa_private_key_file); install_str_setting(0, &tunable_ca_certs_file); -- -2.14.3 +2.14.4 diff --git a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch index e004e0f..8b26c7b 100644 --- a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch +++ b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch @@ -1,7 +1,7 @@ From 2369d1ea5144d525d315aba90da528e7d9bfd1cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Dec 2017 14:19:18 +0100 -Subject: [PATCH 41/41] Document the new default for ssl_ciphers in the man +Subject: [PATCH 41/59] Document the new default for ssl_ciphers in the man page Related: rhbz#1483970 @@ -27,5 +27,5 @@ index 3ca55e4..2a7662e 100644 .B user_config_dir This powerful option allows the override of any config option specified in -- -2.14.3 +2.14.4 diff --git a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch index 542cd69..250a44c 100644 --- a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch +++ b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch @@ -1,7 +1,7 @@ From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Dec 2017 14:29:25 +0100 -Subject: [PATCH 42/42] When handling FEAT command, check ssl_tlsv1_1 and +Subject: [PATCH 42/59] When handling FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2 Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1 @@ -28,5 +28,5 @@ index 1212980..d024366 100644 vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); } -- -2.14.3 +2.14.4 diff --git a/0043-Enable-only-TLSv1.2-by-default.patch b/0043-Enable-only-TLSv1.2-by-default.patch index ca8b1d3..eb157f8 100644 --- a/0043-Enable-only-TLSv1.2-by-default.patch +++ b/0043-Enable-only-TLSv1.2-by-default.patch @@ -1,7 +1,7 @@ From 75c942c77aa575143c5b75637e64a925ad12641a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 21 Dec 2017 16:38:40 +0100 -Subject: [PATCH 43/43] Enable only TLSv1.2 by default +Subject: [PATCH 43/59] Enable only TLSv1.2 by default Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default. --- @@ -49,5 +49,5 @@ index 2a7662e..df14027 100644 .B ssl_tlsv1_2 Only applies if -- -2.14.3 +2.14.4 diff --git a/0044-Disable-anonymous_enable-in-default-config-file.patch b/0044-Disable-anonymous_enable-in-default-config-file.patch index cc9eace..4e62d76 100644 --- a/0044-Disable-anonymous_enable-in-default-config-file.patch +++ b/0044-Disable-anonymous_enable-in-default-config-file.patch @@ -1,7 +1,7 @@ From ffaeebcfdb56ba75392af21c68c0bac78a226b55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 09:54:43 +0100 -Subject: [PATCH 44/44] Disable anonymous_enable in default config file +Subject: [PATCH 44/59] Disable anonymous_enable in default config file Resolves: rhbz#1338637 --- @@ -22,5 +22,5 @@ index 39d1955..4626c1b 100644 # Uncomment this to allow local users to log in. # When SELinux is enforcing check for SE bool ftp_home_dir -- -2.14.3 +2.14.4 diff --git a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch index b4a6f59..2243790 100644 --- a/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch +++ b/0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch @@ -1,7 +1,7 @@ From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 16:25:55 +0100 -Subject: [PATCH 45/46] Expand explanation of ascii_* options behaviour in man +Subject: [PATCH 45/59] Expand explanation of ascii_* options behaviour in man page --- @@ -48,5 +48,5 @@ index df14027..a5abeb2 100644 Default: NO .TP -- -2.14.3 +2.14.4 diff --git a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch index 9e8b8ea..61ed691 100644 --- a/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch +++ b/0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch @@ -1,7 +1,7 @@ From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 2 Jan 2018 16:33:18 +0100 -Subject: [PATCH 46/46] vsftpd.conf: Refer to the man page regarding the +Subject: [PATCH 46/59] vsftpd.conf: Refer to the man page regarding the ascii_* options --- @@ -23,5 +23,5 @@ index 4626c1b..e70bc6d 100644 # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the -- -2.14.3 +2.14.4 diff --git a/0047-Disable-tcp_wrappers-support.patch b/0047-Disable-tcp_wrappers-support.patch index ce64f2d..f71aab0 100644 --- a/0047-Disable-tcp_wrappers-support.patch +++ b/0047-Disable-tcp_wrappers-support.patch @@ -1,7 +1,7 @@ From b383ec42bb750419fea102fccf36af5216145eb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 5 Jan 2018 09:17:13 +0100 -Subject: [PATCH 47/48] Disable tcp_wrappers support +Subject: [PATCH 47/59] Disable tcp_wrappers support Resolves: rhbz#1518796 --- @@ -45,5 +45,5 @@ index e70bc6d..6b8eebb 100644 userlist_enable=YES -tcp_wrappers=YES -- -2.14.3 +2.14.4 diff --git a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch index 5fbb2cc..513e128 100644 --- a/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch +++ b/0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch @@ -1,7 +1,7 @@ From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 5 Jan 2018 09:40:09 +0100 -Subject: [PATCH 48/48] Fix default value of strict_ssl_read_eof in man page +Subject: [PATCH 48/59] Fix default value of strict_ssl_read_eof in man page --- vsftpd.conf.5 | 5 ++--- @@ -25,5 +25,5 @@ index a5abeb2..43b0435 100644 .B strict_ssl_write_shutdown If enabled, SSL data downloads are required to terminate via SSL, not an -- -2.14.3 +2.14.4 diff --git a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch index bfbb871..22745b5 100644 --- a/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch +++ b/0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch @@ -1,7 +1,7 @@ From 1203b943b369651d96d057f8190f14f015e6ff0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 6 Feb 2018 13:30:44 +0100 -Subject: [PATCH 49/49] Add new filename generation algorithm for STOU command +Subject: [PATCH 49/59] Add new filename generation algorithm for STOU command A new configuration option 'better_stou' can be used to enable a better algorithm for generating unique filenames. @@ -318,5 +318,5 @@ index 43b0435..6911a73 100644 .TP .B anon_mkdir_write_enable -- -2.14.3 +2.14.4 diff --git a/0050-Don-t-link-with-libnsl.patch b/0050-Don-t-link-with-libnsl.patch index c907980..8b626bb 100644 --- a/0050-Don-t-link-with-libnsl.patch +++ b/0050-Don-t-link-with-libnsl.patch @@ -1,7 +1,7 @@ From f8663f35d5d150f0533bb052e48306b9a5111d87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 6 Feb 2018 18:04:53 +0100 -Subject: [PATCH 50/50] Don't link with libnsl +Subject: [PATCH 50/59] Don't link with libnsl Don't link with libnsl. It builds just fine without it and vsf_findlibs.sh enables it only when tcp_wrappers is enabled. @@ -23,5 +23,5 @@ index 612994e..0f7411c 100644 LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now -- -2.14.3 +2.14.4 diff --git a/0001-Improve-documentation-of-better_stou-in-the-man-page.patch b/0051-Improve-documentation-of-better_stou-in-the-man-page.patch similarity index 92% rename from 0001-Improve-documentation-of-better_stou-in-the-man-page.patch rename to 0051-Improve-documentation-of-better_stou-in-the-man-page.patch index e1293ab..c2593be 100644 --- a/0001-Improve-documentation-of-better_stou-in-the-man-page.patch +++ b/0051-Improve-documentation-of-better_stou-in-the-man-page.patch @@ -1,7 +1,7 @@ From 765f99b26705c8d6fe2be4feb07f4c91e7eb96f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 5 Apr 2018 12:29:03 +0200 -Subject: [PATCH] Improve documentation of better_stou in the man page +Subject: [PATCH 51/59] Improve documentation of better_stou in the man page --- vsftpd.conf.5 | 7 ++++++- @@ -26,5 +26,5 @@ index 6911a73..e9ae474 100644 Default: NO .TP -- -2.14.3 +2.14.4 diff --git a/0001-Fix-rDNS-with-IPv6.patch b/0052-Fix-rDNS-with-IPv6.patch similarity index 99% rename from 0001-Fix-rDNS-with-IPv6.patch rename to 0052-Fix-rDNS-with-IPv6.patch index 2328968..eca9474 100644 --- a/0001-Fix-rDNS-with-IPv6.patch +++ b/0052-Fix-rDNS-with-IPv6.patch @@ -1,7 +1,7 @@ From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 26 Apr 2018 10:00:19 +0200 -Subject: [PATCH 1/4] Fix rDNS with IPv6 +Subject: [PATCH 52/59] Fix rDNS with IPv6 Previously IPv6 addresses were not translated to hostnames for PAM to use. --- @@ -191,5 +191,5 @@ index 7a59f13..2df14ed 100644 void vsf_sysutil_activate_keepalive(int fd); void vsf_sysutil_rcvtimeo(int fd); -- -2.14.3 +2.14.4 diff --git a/0002-Always-do-chdir-after-chroot.patch b/0053-Always-do-chdir-after-chroot.patch similarity index 91% rename from 0002-Always-do-chdir-after-chroot.patch rename to 0053-Always-do-chdir-after-chroot.patch index 566ca09..e1c0105 100644 --- a/0002-Always-do-chdir-after-chroot.patch +++ b/0053-Always-do-chdir-after-chroot.patch @@ -1,7 +1,7 @@ From 315f9720db94af3319c9550feaf473b9cf09aeac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 3 May 2018 13:20:28 +0200 -Subject: [PATCH 2/4] Always do chdir("/") after chroot() +Subject: [PATCH 53/59] Always do chdir("/") after chroot() Always do chdir("/") after chroot() to be more sure we'll never get out of it. This will not affect the working directory after calling @@ -28,5 +28,5 @@ index b68583b..3014c05 100644 unsigned int -- -2.14.3 +2.14.4 diff --git a/0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch b/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch similarity index 89% rename from 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch rename to 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch index 337fa28..d67db00 100644 --- a/0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch +++ b/0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch @@ -1,7 +1,7 @@ From ca27e6e34d89fc247a164ed7330735644f97d7d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 9 May 2018 20:15:29 +0200 -Subject: [PATCH 3/4] vsf_sysutil_rcvtimeo: Check return value of setsockopt +Subject: [PATCH 54/59] vsf_sysutil_rcvtimeo: Check return value of setsockopt --- sysutil.c | 7 ++++++- @@ -29,5 +29,5 @@ index 3014c05..de5f876 100644 void -- -2.14.3 +2.14.4 diff --git a/0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch b/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch similarity index 97% rename from 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch rename to 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch index 72f70b1..85d4f2f 100644 --- a/0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch +++ b/0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch @@ -1,7 +1,7 @@ From c7ac05fdf2a7b53d901bfc3afeb9a61916aaaaf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 9 May 2018 20:26:37 +0200 -Subject: [PATCH 4/4] vsf_sysutil_get_tz: Check the return value of syscalls +Subject: [PATCH 55/59] vsf_sysutil_get_tz: Check the return value of syscalls Check the return value of syscalls. There's always the possibility that they'll fail. (Failure of close() is not handled though, apart from EINTR. @@ -104,5 +104,5 @@ index de5f876..fd07d99 100644 return ret_tz; -- -2.14.3 +2.14.4 diff --git a/0001-Log-die-calls-to-syslog.patch b/0056-Log-die-calls-to-syslog.patch similarity index 99% rename from 0001-Log-die-calls-to-syslog.patch rename to 0056-Log-die-calls-to-syslog.patch index d6aa2f8..46b93f6 100644 --- a/0001-Log-die-calls-to-syslog.patch +++ b/0056-Log-die-calls-to-syslog.patch @@ -1,7 +1,7 @@ From ee6af258e8cb1a7fada5e6d3e54429b89f12b158 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 15 Jun 2018 12:02:21 +0200 -Subject: [PATCH 1/3] Log die() calls to syslog +Subject: [PATCH 56/59] Log die() calls to syslog Pass messages given to die(), die2() and bug() to syslog. Currently this functionality requires waiting for a short amount of time (1 second is diff --git a/0002-Improve-error-message-when-max-number-of-bind-attemp.patch b/0057-Improve-error-message-when-max-number-of-bind-attemp.patch similarity index 87% rename from 0002-Improve-error-message-when-max-number-of-bind-attemp.patch rename to 0057-Improve-error-message-when-max-number-of-bind-attemp.patch index 221a2de..3a0effe 100644 --- a/0002-Improve-error-message-when-max-number-of-bind-attemp.patch +++ b/0057-Improve-error-message-when-max-number-of-bind-attemp.patch @@ -1,8 +1,8 @@ From 380e40930661d643c865bace4e1791ca8f9d74cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Mon, 18 Jun 2018 14:01:46 +0200 -Subject: [PATCH 2/3] Improve error message when max number of bind attempts is - exceeded +Subject: [PATCH 57/59] Improve error message when max number of bind attempts + is exceeded Resolves: rhbz#1318198 --- diff --git a/0003-Make-the-max-number-of-bind-retries-tunable.patch b/0058-Make-the-max-number-of-bind-retries-tunable.patch similarity index 97% rename from 0003-Make-the-max-number-of-bind-retries-tunable.patch rename to 0058-Make-the-max-number-of-bind-retries-tunable.patch index 533bd29..1350470 100644 --- a/0003-Make-the-max-number-of-bind-retries-tunable.patch +++ b/0058-Make-the-max-number-of-bind-retries-tunable.patch @@ -1,7 +1,7 @@ From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Mon, 18 Jun 2018 10:13:48 +0200 -Subject: [PATCH 3/3] Make the max number of bind retries tunable +Subject: [PATCH 58/59] Make the max number of bind retries tunable Resolves: rhbz#1318198 --- diff --git a/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch b/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch new file mode 100644 index 0000000..3adbd4c --- /dev/null +++ b/0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch @@ -0,0 +1,58 @@ +From 970711fde95bee3de1e4a5e0b557c3132d0c3e3f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 6 Feb 2018 11:39:01 +0100 +Subject: [PATCH 59/59] Fix SEGFAULT when running in a container as PID 1 + +When vsftpd is running in a container as PID 1, it is possible +that it will get SIGCHILD for processes, which were not directly +created by it, but by some of its children. These processes will +not be in the s_p_pid_ip_hash hash table, and thus trying to +delete the entry from the hash table in standalone.c:handle_sigchld() +will result in segmentation fault. + +I can quite easily reproduce it with the upstream vsftpd and default +configuration, except for isolate=NO and isolate_network=NO being set +(it seems to me that network namespaces take a long time to create +and destroy, which hides the race condition), on a quad-core machine. +When connecting to vsftpd in a loop like this: +$ while true; do echo -en '' | nc localhost 21; done + +vsftpd crashes after a couple of seconds. +--- + standalone.c | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/standalone.c b/standalone.c +index 3b65ea2..3f35e9e 100644 +--- a/standalone.c ++++ b/standalone.c +@@ -270,13 +270,21 @@ handle_sigchld(void* duff) + if (reap_one) + { + struct vsf_sysutil_ipaddr* p_ip; +- /* Account total number of instances */ +- --s_children; +- /* Account per-IP limit */ + p_ip = (struct vsf_sysutil_ipaddr*) + hash_lookup_entry(s_p_pid_ip_hash, (void*)&reap_one); +- drop_ip_count(p_ip); +- hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one); ++ /* If we are running in a container as PID 1, it is possible ++ * that we will get SIGCHILD for processes, which were not ++ * created directly by our process and which are not in the ++ * s_p_pid_ip_hash hash table. ++ */ ++ if (p_ip) ++ { ++ /* Account total number of instances */ ++ --s_children; ++ /* Account per-IP limit */ ++ drop_ip_count(p_ip); ++ hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one); ++ } + } + } + } +-- +2.14.4 + diff --git a/vsftpd.spec b/vsftpd.spec index 5b455a0..e7d687b 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 26%{?dist} +Release: 27%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -79,14 +79,15 @@ Patch47: 0047-Disable-tcp_wrappers-support.patch Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch Patch50: 0050-Don-t-link-with-libnsl.patch -Patch51: 0001-Improve-documentation-of-better_stou-in-the-man-page.patch -Patch52: 0001-Fix-rDNS-with-IPv6.patch -Patch53: 0002-Always-do-chdir-after-chroot.patch -Patch54: 0003-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch -Patch55: 0004-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch -Patch56: 0001-Log-die-calls-to-syslog.patch -Patch57: 0002-Improve-error-message-when-max-number-of-bind-attemp.patch -Patch58: 0003-Make-the-max-number-of-bind-retries-tunable.patch +Patch51: 0051-Improve-documentation-of-better_stou-in-the-man-page.patch +Patch52: 0052-Fix-rDNS-with-IPv6.patch +Patch53: 0053-Always-do-chdir-after-chroot.patch +Patch54: 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch +Patch55: 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch +Patch56: 0056-Log-die-calls-to-syslog.patch +Patch57: 0057-Improve-error-message-when-max-number-of-bind-attemp.patch +Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch +Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -155,6 +156,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-27 +- Fix a segfault when running as PID 1 + * Sat Jul 14 2018 Fedora Release Engineering - 3.0.3-26 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild From 0d51f8f9e86498d6452552d9df2016fccd2ad710 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 25 Jul 2018 14:27:16 +0200 Subject: [PATCH 23/73] Switch to SHA512 source tarball hash --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index b94676e..73f8cf5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -da119d084bd3f98664636ea05b5bb398 vsftpd-3.0.3.tar.gz +SHA512 (vsftpd-3.0.3.tar.gz) = 5a4410a88e72ecf6f60a60a89771bcec300c9f63c2ea83b219bdf65fd9749b9853f9579f7257205b55659aefcd5dab243eba878dbbd4f0ff8532dd6e60884df7 From f6df692943c62c16bdc2a8471f75b1c25bcb5da0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Wed, 25 Jul 2018 15:27:57 +0200 Subject: [PATCH 24/73] Rebuilt, switched to SHA512 source tarball hash --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index e7d687b..da2ee12 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 27%{?dist} +Release: 28%{?dist} Summary: Very Secure Ftp Daemon Group: System Environment/Daemons @@ -156,6 +156,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-28 +- Rebuilt, switched to SHA512 source tarball hash + * Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-27 - Fix a segfault when running as PID 1 From 71c2ae6e77beb3dde20989639b70b815a5eeba67 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Mon, 28 Jan 2019 20:18:30 +0100 Subject: [PATCH 25/73] Remove obsolete Group tag References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag --- vsftpd.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index da2ee12..c395d84 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -5,7 +5,6 @@ Version: 3.0.3 Release: 28%{?dist} Summary: Very Secure Ftp Daemon -Group: System Environment/Daemons # OpenSSL link exception License: GPLv2 with exceptions URL: https://security.appspot.com/vsftpd.html From bb47596e0ad2719ce366c29b550cf5229e95f8f1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sun, 3 Feb 2019 11:27:51 +0000 Subject: [PATCH 26/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index c395d84..a942f1a 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 28%{?dist} +Release: 29%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -155,6 +155,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sun Feb 03 2019 Fedora Release Engineering - 3.0.3-29 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Wed Jul 25 2018 Ondřej Lysoněk - 3.0.3-28 - Rebuilt, switched to SHA512 source tarball hash From 2bc5223ce683850ce0d525589c4c08e3b036296e Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 27 Jul 2019 03:12:02 +0000 Subject: [PATCH 27/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index a942f1a..8c28e00 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 29%{?dist} +Release: 30%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -155,6 +155,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jul 27 2019 Fedora Release Engineering - 3.0.3-30 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Sun Feb 03 2019 Fedora Release Engineering - 3.0.3-29 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild From a0a47ca688760b418729728f80b6cc5d1074f2c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Sat, 3 Aug 2019 20:07:39 +0200 Subject: [PATCH 28/73] Fix segfault when listen() returns an error Resolves: rhbz#1666380 --- ...ve-closing-standard-FDs-after-listen.patch | 46 ++++++++ 0002-Prevent-recursion-in-bug.patch | 107 ++++++++++++++++++ vsftpd.spec | 8 +- 3 files changed, 160 insertions(+), 1 deletion(-) create mode 100644 0001-Move-closing-standard-FDs-after-listen.patch create mode 100644 0002-Prevent-recursion-in-bug.patch diff --git a/0001-Move-closing-standard-FDs-after-listen.patch b/0001-Move-closing-standard-FDs-after-listen.patch new file mode 100644 index 0000000..12511e7 --- /dev/null +++ b/0001-Move-closing-standard-FDs-after-listen.patch @@ -0,0 +1,46 @@ +From 40fea4552377504ce69935149e64e39a595f4600 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Sat, 3 Aug 2019 17:50:14 +0200 +Subject: [PATCH 1/2] Move closing standard FDs after listen() + +The vsf_sysutil_close() calls need to be moved a bit further so that +die() works properly in case listen() fails. + +I see no reason the calls should be placed before listen() +specifically, as they are now. My guess is that the author who added +the calls thought that listen() is a blocking call, which is not the +case. The only thing we need to satisfy is that close() is called +before accept, because that is a blocking call. That's all that is +needed to fix the bug that was fixed by adding the close() calls. + +Resolves: rhbz#1666380 +--- + standalone.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/standalone.c b/standalone.c +index 3f35e9e..b358ca1 100644 +--- a/standalone.c ++++ b/standalone.c +@@ -152,15 +152,15 @@ vsf_standalone_main(void) + vsf_sysutil_kill(vsf_sysutil_getppid(), kVSFSysUtilSigUSR1); + } + } +- vsf_sysutil_close(0); +- vsf_sysutil_close(1); +- vsf_sysutil_close(2); + retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG); + if (vsf_sysutil_retval_is_error(retval)) + { + die("could not listen"); + } + vsf_sysutil_sockaddr_alloc(&p_accept_addr); ++ vsf_sysutil_close(0); ++ vsf_sysutil_close(1); ++ vsf_sysutil_close(2); + while (1) + { + struct vsf_client_launch child_info; +-- +2.20.1 + diff --git a/0002-Prevent-recursion-in-bug.patch b/0002-Prevent-recursion-in-bug.patch new file mode 100644 index 0000000..061fd1e --- /dev/null +++ b/0002-Prevent-recursion-in-bug.patch @@ -0,0 +1,107 @@ +From e679a3ce0f2cf1558da31e0bccd9e2398b89c7e9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 30 Jul 2019 16:07:01 +0200 +Subject: [PATCH 2/2] Prevent recursion in bug() + +Resolves: rhbz#1666380 +--- + sysutil.c | 35 +++++++++++++++++++++++++++++++---- + sysutil.h | 1 + + utility.c | 12 +++++++----- + 3 files changed, 39 insertions(+), 9 deletions(-) + +diff --git a/sysutil.c b/sysutil.c +index fd07d99..e2df671 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -774,21 +774,48 @@ vsf_sysutil_deactivate_linger_failok(int fd) + (void) setsockopt(fd, SOL_SOCKET, SO_LINGER, &the_linger, sizeof(the_linger)); + } + +-void +-vsf_sysutil_activate_noblock(int fd) ++static int ++vsf_sysutil_activate_noblock_internal(int fd, int return_err) + { + int retval; + int curr_flags = fcntl(fd, F_GETFL); + if (vsf_sysutil_retval_is_error(curr_flags)) + { +- die("fcntl"); ++ if (return_err) ++ { ++ return -1; ++ } ++ else ++ { ++ die("fcntl"); ++ } + } + curr_flags |= O_NONBLOCK; + retval = fcntl(fd, F_SETFL, curr_flags); + if (retval != 0) + { +- die("fcntl"); ++ if (return_err) ++ { ++ return -1; ++ } ++ else ++ { ++ die("fcntl"); ++ } + } ++ return 0; ++} ++ ++void ++vsf_sysutil_activate_noblock(int fd) ++{ ++ (void) vsf_sysutil_activate_noblock_internal(fd, 0); ++} ++ ++int ++vsf_sysutil_activate_noblock_no_die(int fd) ++{ ++ return vsf_sysutil_activate_noblock_internal(fd, 1); + } + + void +diff --git a/sysutil.h b/sysutil.h +index 2df14ed..0772423 100644 +--- a/sysutil.h ++++ b/sysutil.h +@@ -281,6 +281,7 @@ void vsf_sysutil_activate_oobinline(int fd); + void vsf_sysutil_activate_linger(int fd); + void vsf_sysutil_deactivate_linger_failok(int fd); + void vsf_sysutil_activate_noblock(int fd); ++int vsf_sysutil_activate_noblock_no_die(int fd); + void vsf_sysutil_deactivate_noblock(int fd); + /* This does SHUT_RDWR */ + void vsf_sysutil_shutdown_failok(int fd); +diff --git a/utility.c b/utility.c +index 75e5bdd..5619a04 100644 +--- a/utility.c ++++ b/utility.c +@@ -47,11 +47,13 @@ bug(const char* p_text) + { + vsf_log_die(p_text); + } +- vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD); +- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); +- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, +- vsf_sysutil_strlen(p_text)); +- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); ++ if (vsf_sysutil_activate_noblock_no_die(VSFTP_COMMAND_FD) == 0) ++ { ++ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10); ++ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text, ++ vsf_sysutil_strlen(p_text)); ++ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2); ++ } + if (tunable_log_die) + { + /* Workaround for https://github.com/systemd/systemd/issues/2913 */ +-- +2.20.1 + diff --git a/vsftpd.spec b/vsftpd.spec index 8c28e00..04a2f74 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 30%{?dist} +Release: 31%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -87,6 +87,8 @@ Patch56: 0056-Log-die-calls-to-syslog.patch Patch57: 0057-Improve-error-message-when-max-number-of-bind-attemp.patch Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch +Patch61: 0001-Move-closing-standard-FDs-after-listen.patch +Patch62: 0002-Prevent-recursion-in-bug.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -155,6 +157,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Aug 03 2019 Ondřej Lysoněk - 3.0.3-31 +- Fix segfault when listen() returns an error +- Resolves: rhbz#1666380 + * Sat Jul 27 2019 Fedora Release Engineering - 3.0.3-30 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild From 6848e2e801f862f48ccd5dfdc3fd33ec9100c875 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Mon, 5 Aug 2019 14:14:50 +0200 Subject: [PATCH 29/73] Partially fix problem with bad utmp entries when pututxline() fails Resolves: rhbz#1688848 --- ...rted-only-after-record-insertion-rem.patch | 53 +++++++++ ...at-pututxline-if-it-fails-with-EINTR.patch | 105 ++++++++++++++++++ vsftpd.spec | 8 +- 3 files changed, 165 insertions(+), 1 deletion(-) create mode 100644 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch create mode 100644 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch diff --git a/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch b/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch new file mode 100644 index 0000000..00bf82c --- /dev/null +++ b/0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch @@ -0,0 +1,53 @@ +From 96698a525784ad91cb27b572dd5f871c183fdfa5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Sun, 28 Jul 2019 12:25:35 +0200 +Subject: [PATCH 1/2] Set s_uwtmp_inserted only after record insertion/removal + +pututxline() is the function that actually inserts the new record, so +setting 's_uwtmp_inserted' before calling pututxline() doesn't make +sense. + +We'll need this change for other fixes. +--- + sysdeputil.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sysdeputil.c b/sysdeputil.c +index 4fe56c2..bd1e8c9 100644 +--- a/sysdeputil.c ++++ b/sysdeputil.c +@@ -1224,7 +1224,6 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, + sizeof(s_utent.ut_line)); + str_free(&line_str); + } +- s_uwtmp_inserted = 1; + s_utent.ut_type = USER_PROCESS; + s_utent.ut_pid = vsf_sysutil_getpid(); + vsf_sysutil_strcpy(s_utent.ut_user, str_getbuf(p_user_str), +@@ -1235,6 +1234,7 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, + setutxent(); + (void) pututxline(&s_utent); + endutxent(); ++ s_uwtmp_inserted = 1; + updwtmpx(WTMPX_FILE, &s_utent); + } + +@@ -1245,7 +1245,6 @@ vsf_remove_uwtmp(void) + { + return; + } +- s_uwtmp_inserted = 0; + s_utent.ut_type = DEAD_PROCESS; + vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); + vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); +@@ -1253,6 +1252,7 @@ vsf_remove_uwtmp(void) + setutxent(); + (void) pututxline(&s_utent); + endutxent(); ++ s_uwtmp_inserted = 0; + s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); + updwtmpx(WTMPX_FILE, &s_utent); + } +-- +2.20.1 + diff --git a/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch b/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch new file mode 100644 index 0000000..e89efcf --- /dev/null +++ b/0002-Repeat-pututxline-if-it-fails-with-EINTR.patch @@ -0,0 +1,105 @@ +From 896b3694ca062d747cd67e9e9ba246adb3fc706b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Mon, 5 Aug 2019 13:55:37 +0200 +Subject: [PATCH 2/2] Repeat pututxline() if it fails with EINTR + +This is a partial fix for rhbz#1688848. We cannot resolve it +completely until glibc bug rhbz#1734791 is fixed. See +https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c13. + +The maximum number of attempts is currently 2, which might seem +low. However setting it to 2 was a decision based on data - see +https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c16. + +Resolves: rhbz#1688848 +--- + sysdeputil.c | 53 +++++++++++++++++++++++++++++++++++++++++++++------- + 1 file changed, 46 insertions(+), 7 deletions(-) + +diff --git a/sysdeputil.c b/sysdeputil.c +index bd1e8c9..4fbcca7 100644 +--- a/sysdeputil.c ++++ b/sysdeputil.c +@@ -1203,6 +1203,8 @@ void + vsf_insert_uwtmp(const struct mystr* p_user_str, + const struct mystr* p_host_str) + { ++ int attempts; ++ + if (sizeof(s_utent.ut_line) < 16) + { + return; +@@ -1231,16 +1233,35 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, + vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str), + sizeof(s_utent.ut_host)); + s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); +- setutxent(); +- (void) pututxline(&s_utent); +- endutxent(); +- s_uwtmp_inserted = 1; ++ for (attempts = 2; attempts > 0; --attempts) ++ { ++ struct utmpx* p_res; ++ setutxent(); ++ p_res = pututxline(&s_utent); ++ /* For now we'll ignore errors other than EINTR and EAGAIN */ ++ if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) ++ { ++ break; ++ } ++ } ++ if (attempts == 0) ++ { ++ /* This makes us skip pututxline() in vsf_remove_uwtmp() */ ++ s_uwtmp_inserted = -1; ++ } ++ else ++ { ++ s_uwtmp_inserted = 1; ++ endutxent(); ++ } + updwtmpx(WTMPX_FILE, &s_utent); + } + + void + vsf_remove_uwtmp(void) + { ++ int attempts; ++ + if (!s_uwtmp_inserted) + { + return; +@@ -1249,9 +1270,27 @@ vsf_remove_uwtmp(void) + vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); + vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); + s_utent.ut_tv.tv_sec = 0; +- setutxent(); +- (void) pututxline(&s_utent); +- endutxent(); ++ if (s_uwtmp_inserted == 1) ++ { ++ for (attempts = 2; attempts > 0; --attempts) ++ { ++ struct utmpx* p_res; ++ setutxent(); ++ p_res = pututxline(&s_utent); ++ /* For now we'll ignore errors other than EINTR and EAGAIN */ ++ if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) ++ { ++ break; ++ } ++ } ++ if (attempts != 0) ++ { ++ endutxent(); ++ } ++ } ++ /* Set s_uwtmp_inserted to 0 regardless of the result of ++ * pututxline() to make sure we won't run this function twice. ++ */ + s_uwtmp_inserted = 0; + s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); + updwtmpx(WTMPX_FILE, &s_utent); +-- +2.20.1 + diff --git a/vsftpd.spec b/vsftpd.spec index 04a2f74..70b678c 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 31%{?dist} +Release: 32%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -89,6 +89,8 @@ Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch Patch61: 0001-Move-closing-standard-FDs-after-listen.patch Patch62: 0002-Prevent-recursion-in-bug.patch +Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch +Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -157,6 +159,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Mon Aug 05 2019 Ondřej Lysoněk - 3.0.3-32 +- Partially fix problem with bad utmp entries when pututxline() fails +- Resolves: rhbz#1688848 + * Sat Aug 03 2019 Ondřej Lysoněk - 3.0.3-31 - Fix segfault when listen() returns an error - Resolves: rhbz#1666380 From a9d52cf4e1df09e9f229994b1e3d8ea90b5c7786 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 28 Nov 2019 16:00:19 +0100 Subject: [PATCH 30/73] Finish up the fix to the problem with bad utmp entries when pututxline() fails Resolves: rhbz#1688852 Resolves: rhbz#1737433 --- ...e-until-it-succeeds-if-it-fails-with.patch | 108 ++++++++++++++++++ vsftpd.spec | 8 +- 2 files changed, 115 insertions(+), 1 deletion(-) create mode 100644 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch diff --git a/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch b/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch new file mode 100644 index 0000000..63d555e --- /dev/null +++ b/0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch @@ -0,0 +1,108 @@ +From 7957425ef5ab365fc96ea0615f99705581c6dbd8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Mon, 12 Aug 2019 18:15:36 +0200 +Subject: [PATCH] Repeat pututxline() until it succeeds if it fails with EINTR + +Since the pututxline() bug rhbz#1749439 is now fixed in glibc in +Fedora and RHEL-8, we can implement a complete solution for the stale +utmp entries issue originally reported as rhbz#1688848. + +This patch is a followup to commit 896b3694ca062d7. + +Resolves: rhbz#1688852 +Resolves: rhbz#1737433 +--- + sysdeputil.c | 53 +++++++++++++--------------------------------------- + 1 file changed, 13 insertions(+), 40 deletions(-) + +diff --git a/sysdeputil.c b/sysdeputil.c +index 4fbcca7..75be680 100644 +--- a/sysdeputil.c ++++ b/sysdeputil.c +@@ -1203,7 +1203,7 @@ void + vsf_insert_uwtmp(const struct mystr* p_user_str, + const struct mystr* p_host_str) + { +- int attempts; ++ struct utmpx* p_res; + + if (sizeof(s_utent.ut_line) < 16) + { +@@ -1233,34 +1233,21 @@ vsf_insert_uwtmp(const struct mystr* p_user_str, + vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str), + sizeof(s_utent.ut_host)); + s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); +- for (attempts = 2; attempts > 0; --attempts) ++ setutxent(); ++ do + { +- struct utmpx* p_res; +- setutxent(); + p_res = pututxline(&s_utent); + /* For now we'll ignore errors other than EINTR and EAGAIN */ +- if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) +- { +- break; +- } +- } +- if (attempts == 0) +- { +- /* This makes us skip pututxline() in vsf_remove_uwtmp() */ +- s_uwtmp_inserted = -1; +- } +- else +- { +- s_uwtmp_inserted = 1; +- endutxent(); +- } ++ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN)); ++ s_uwtmp_inserted = 1; ++ endutxent(); + updwtmpx(WTMPX_FILE, &s_utent); + } + + void + vsf_remove_uwtmp(void) + { +- int attempts; ++ struct utmpx* p_res; + + if (!s_uwtmp_inserted) + { +@@ -1270,27 +1257,13 @@ vsf_remove_uwtmp(void) + vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user)); + vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host)); + s_utent.ut_tv.tv_sec = 0; +- if (s_uwtmp_inserted == 1) ++ setutxent(); ++ do + { +- for (attempts = 2; attempts > 0; --attempts) +- { +- struct utmpx* p_res; +- setutxent(); +- p_res = pututxline(&s_utent); +- /* For now we'll ignore errors other than EINTR and EAGAIN */ +- if (p_res != NULL || (errno != EINTR && errno != EAGAIN)) +- { +- break; +- } +- } +- if (attempts != 0) +- { +- endutxent(); +- } +- } +- /* Set s_uwtmp_inserted to 0 regardless of the result of +- * pututxline() to make sure we won't run this function twice. +- */ ++ p_res = pututxline(&s_utent); ++ /* For now we'll ignore errors other than EINTR and EAGAIN */ ++ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN)); ++ endutxent(); + s_uwtmp_inserted = 0; + s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec(); + updwtmpx(WTMPX_FILE, &s_utent); +-- +2.20.1 + diff --git a/vsftpd.spec b/vsftpd.spec index 70b678c..e82d557 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 32%{?dist} +Release: 33%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -91,6 +91,7 @@ Patch61: 0001-Move-closing-standard-FDs-after-listen.patch Patch62: 0002-Prevent-recursion-in-bug.patch Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch +Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -159,6 +160,11 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Nov 28 2019 Ondřej Lysoněk - 3.0.3-33 +- Finish up the fix to the problem with bad utmp entries when pututxline() fails +- Resolves: rhbz#1688852 +- Resolves: rhbz#1737433 + * Mon Aug 05 2019 Ondřej Lysoněk - 3.0.3-32 - Partially fix problem with bad utmp entries when pututxline() fails - Resolves: rhbz#1688848 From fddc4aa22f1aa4befc60c34b009d3f5dc7a0a992 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Fri, 17 Jan 2020 22:42:53 +0000 Subject: [PATCH 31/73] Use make_build macro The packaging guide[1] says that the make_build macro should be used. This also makes it possible for a build root to inject arguments to make by overriding the __make macro. [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make --- vsftpd.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/vsftpd.spec b/vsftpd.spec index e82d557..20c3f4f 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 33%{?dist} +Release: 34%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -103,9 +103,9 @@ cp %{SOURCE1} . %build %ifarch s390x sparcv9 sparc64 -make CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ %else -make CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ %endif LINK="-pie -lssl" %{?_smp_mflags} @@ -160,6 +160,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jan 17 2020 Tom Stellard - 3.0.3-34 +- Use make_build macro + * Thu Nov 28 2019 Ondřej Lysoněk - 3.0.3-33 - Finish up the fix to the problem with bad utmp entries when pututxline() fails - Resolves: rhbz#1688852 From b7991404c40bafd2313d37f54ccd41775214ee07 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 31 Jan 2020 03:24:26 +0000 Subject: [PATCH 32/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 20c3f4f..d618978 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 34%{?dist} +Release: 35%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -160,6 +160,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jan 31 2020 Fedora Release Engineering - 3.0.3-35 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Fri Jan 17 2020 Tom Stellard - 3.0.3-34 - Use make_build macro From f5375f041a83e9e4b859ed16e79e3c7146e514e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Fri, 7 Feb 2020 12:02:36 +0100 Subject: [PATCH 33/73] Fix build with gcc 10 Resolves: rhbz#1800239 --- ...of-an-enumerator-of-a-different-type.patch | 33 +++++++++++++++++++ vsftpd.spec | 7 +++- 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch diff --git a/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch b/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch new file mode 100644 index 0000000..e20404a --- /dev/null +++ b/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch @@ -0,0 +1,33 @@ +From 8882c5f7788fc2ea7cae824a7fa09b82782fc81e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Fri, 7 Feb 2020 11:51:46 +0100 +Subject: [PATCH] Fix assignment of an enumerator of a different type + +The kVSFSysStrOpenUnknown enumerator is not part of the +EVSFSysUtilOpenMode enum. The assignment causes a build failure with +gcc 10. + +The open_mode variable need not be initialized, because the switch +statement either sets the variable or causes us to exit. + +Resolves: rhbz#1800239 +--- + sysstr.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysstr.c b/sysstr.c +index d86cdf1..ff2671b 100644 +--- a/sysstr.c ++++ b/sysstr.c +@@ -74,7 +74,7 @@ str_chdir(const struct mystr* p_str) + int + str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) + { +- enum EVSFSysUtilOpenMode open_mode = kVSFSysStrOpenUnknown; ++ enum EVSFSysUtilOpenMode open_mode; + switch (mode) + { + case kVSFSysStrOpenReadOnly: +-- +2.24.1 + diff --git a/vsftpd.spec b/vsftpd.spec index d618978..644221c 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 35%{?dist} +Release: 36%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -92,6 +92,7 @@ Patch62: 0002-Prevent-recursion-in-bug.patch Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch +Patch66: 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -160,6 +161,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Feb 07 2020 Ondřej Lysoněk - 3.0.3-36 +- Fix build with gcc 10 +- Resolves: rhbz#1800239 + * Fri Jan 31 2020 Fedora Release Engineering - 3.0.3-35 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From 9d90ef9e836a4e5206e4958396f0c03d2de33b60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Thu, 13 Feb 2020 17:38:33 +0100 Subject: [PATCH 34/73] Fix timestamp handling in MDTM Resolves: rhbz#1567855 --- 0001-Fix-timestamp-handling-in-MDTM.patch | 151 ++++++++++++++++++++++ 0002-Drop-an-unused-global-variable.patch | 56 ++++++++ vsftpd.spec | 8 +- 3 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 0001-Fix-timestamp-handling-in-MDTM.patch create mode 100644 0002-Drop-an-unused-global-variable.patch diff --git a/0001-Fix-timestamp-handling-in-MDTM.patch b/0001-Fix-timestamp-handling-in-MDTM.patch new file mode 100644 index 0000000..3975bf3 --- /dev/null +++ b/0001-Fix-timestamp-handling-in-MDTM.patch @@ -0,0 +1,151 @@ +From 6a4dc470e569df38b8a7ea09ee6aace3c73b7353 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Wed, 28 Mar 2018 09:06:34 +0200 +Subject: [PATCH 1/2] Fix timestamp handling in MDTM + +There were two problems with the timestamp handling with MDTM: + +1. In vsf_sysutil_parse_time(), the `the_time.tm_isdst` attribute was + always set to 0, regardless of whether DST (daylight saving time) + is active on the given date or not. + + This made glibc shift the timestamp when DST was in fact active on + the given date, in an attempt to correct the discrepancy between + the given timestamp and the `tm_isdst` attribute. The shifting + produced incorrect results however. + + We fix this by setting `tm_isdst` to -1 to let glibc decide if DST + is active or not at the time of the timestamp. glibc won't touch + the timestamp then. + +2. vsftpd used to record the offset from UTC of the current timezone + in the global variable `s_timezone`. This variable was then + subtracted from the variable `the_time` in vsf_sysutil_setmodtime() + when the config option use_localtime=NO was set. This was done to + compensate for the fact that mktime(), used in + vsf_sysutil_parse_time(), expects a timestamp expressed as local + time, whereas vsftpd is dealing with universal time. + + However, this did not work in the case when the offset stored in + `s_timezone` did not match the timezone of the timestamp given to + mktime() - this happens when DST is active at the current time, but + DST is not active at the time of the timestamp, or vice versa. + + We fix this by subtracting the real timezone offset directly in + vsf_sysutil_parse_time(). + + Note that the `tm_gmtoff` attribute, used in this fix, is a + BSD/glic extension. However, using `tm_gmtoff` seems like the + simplest solution and we need to make this work only with glibc + anyway. + +The fix was tested in the following way. We checked that the timestamp +given to the MDTM command when setting modification time exactly +matches the timestamp received as response from MDTM when reading back +the modification time. Additionally, we checked that the modification +time was set correctly on the given file on disk. + +These two checks were performed under various conditions - all the +combinations of DST/non-DST system time, DST/non-DST modification +time, use_localtime=YES/NO. + +Note that (I think) this will still not work if the rules for when DST +is active change. For example, if DST is ever completely cancelled in +the Europe/Prague timezone, and vsftpd is dealing with a timestamp +from a time when DST was active, it will produce incorrect results. I +think we would need the full zone file to fix this, but the zone file +is hard to provide when we're chroot-ed. + +Resolves: rhbz#1567855 +--- + postlogin.c | 5 +++-- + sysutil.c | 17 ++++++++++------- + sysutil.h | 4 ++-- + 3 files changed, 15 insertions(+), 11 deletions(-) + +diff --git a/postlogin.c b/postlogin.c +index 7c749ef..8a3d9d2 100644 +--- a/postlogin.c ++++ b/postlogin.c +@@ -1788,7 +1788,8 @@ handle_mdtm(struct vsf_session* p_sess) + if (do_write != 0) + { + str_split_char(&p_sess->ftp_arg_str, &s_filename_str, ' '); +- modtime = vsf_sysutil_parse_time(str_getbuf(&p_sess->ftp_arg_str)); ++ modtime = vsf_sysutil_parse_time( ++ str_getbuf(&p_sess->ftp_arg_str), tunable_use_localtime); + str_copy(&p_sess->ftp_arg_str, &s_filename_str); + } + resolve_tilde(&p_sess->ftp_arg_str, p_sess); +@@ -1809,7 +1810,7 @@ handle_mdtm(struct vsf_session* p_sess) + else + { + retval = vsf_sysutil_setmodtime( +- str_getbuf(&p_sess->ftp_arg_str), modtime, tunable_use_localtime); ++ str_getbuf(&p_sess->ftp_arg_str), modtime); + if (retval != 0) + { + vsf_cmdio_write(p_sess, FTP_FILEFAIL, +diff --git a/sysutil.c b/sysutil.c +index e847650..66d4c5e 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -2819,11 +2819,13 @@ vsf_sysutil_syslog(const char* p_text, int severe) + } + + long +-vsf_sysutil_parse_time(const char* p_text) ++vsf_sysutil_parse_time(const char* p_text, int is_localtime) + { ++ long res; + struct tm the_time; + unsigned int len = vsf_sysutil_strlen(p_text); + vsf_sysutil_memclr(&the_time, sizeof(the_time)); ++ the_time.tm_isdst = -1; + if (len >= 8) + { + char yr[5]; +@@ -2848,17 +2850,18 @@ vsf_sysutil_parse_time(const char* p_text) + the_time.tm_min = vsf_sysutil_atoi(mins); + the_time.tm_sec = vsf_sysutil_atoi(sec); + } +- return mktime(&the_time); ++ res = mktime(&the_time); ++ if (!is_localtime) ++ { ++ res += the_time.tm_gmtoff; ++ } ++ return res; + } + + int +-vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime) ++vsf_sysutil_setmodtime(const char* p_file, long the_time) + { + struct utimbuf new_times; +- if (!is_localtime) +- { +- the_time -= s_timezone; +- } + vsf_sysutil_memclr(&new_times, sizeof(new_times)); + new_times.actime = the_time; + new_times.modtime = the_time; +diff --git a/sysutil.h b/sysutil.h +index 7a59f13..b90f6ca 100644 +--- a/sysutil.h ++++ b/sysutil.h +@@ -349,9 +349,9 @@ void vsf_sysutil_chroot(const char* p_root_path); + */ + long vsf_sysutil_get_time_sec(void); + long vsf_sysutil_get_time_usec(void); +-long vsf_sysutil_parse_time(const char* p_text); ++long vsf_sysutil_parse_time(const char* p_text, int is_localtime); + void vsf_sysutil_sleep(double seconds); +-int vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime); ++int vsf_sysutil_setmodtime(const char* p_file, long the_time); + + /* Limits */ + void vsf_sysutil_set_address_space_limit(unsigned long bytes); +-- +2.24.1 + diff --git a/0002-Drop-an-unused-global-variable.patch b/0002-Drop-an-unused-global-variable.patch new file mode 100644 index 0000000..53af589 --- /dev/null +++ b/0002-Drop-an-unused-global-variable.patch @@ -0,0 +1,56 @@ +From d0045e35674d64d166d17c3c079ae03e8c2e6361 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Thu, 13 Feb 2020 17:29:06 +0100 +Subject: [PATCH 2/2] Drop an unused global variable + +The global variable `s_timezone` is not used anymore, so we can drop +it. +--- + sysutil.c | 17 +++-------------- + 1 file changed, 3 insertions(+), 14 deletions(-) + +diff --git a/sysutil.c b/sysutil.c +index 66d4c5e..0ccf551 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -72,8 +72,6 @@ static struct timeval s_current_time; + static int s_current_pid = -1; + /* Exit function */ + static exitfunc_t s_exit_func; +-/* Difference in timezone from GMT in seconds */ +-static long s_timezone; + + /* Our internal signal handling implementation details */ + static struct vsf_sysutil_sig_details +@@ -2661,7 +2659,6 @@ char* vsf_sysutil_get_tz() + void + vsf_sysutil_tzset(void) + { +- int retval; + char *tz=NULL, tzbuf[sizeof("+HHMM!")]; + time_t the_time = time(NULL); + struct tm* p_tm; +@@ -2681,17 +2678,9 @@ vsf_sysutil_tzset(void) + { + die("localtime"); + } +- retval = strftime(tzbuf, sizeof(tzbuf), "%z", p_tm); +- tzbuf[sizeof(tzbuf) - 1] = '\0'; +- if (retval == 5) +- { +- s_timezone = ((tzbuf[1] - '0') * 10 + (tzbuf[2] - '0')) * 60 * 60; +- s_timezone += ((tzbuf[3] - '0') * 10 + (tzbuf[4] - '0')) * 60; +- if (tzbuf[0] == '+') +- { +- s_timezone *= -1; +- } +- } ++ /* Not sure if the following call to strftime() has any desired side ++ effects, so I'm keeping it to be safe. */ ++ (void) strftime(tzbuf, sizeof(tzbuf), "%z", p_tm); + /* Call in to the time subsystem again now that TZ is set, trying to force + * caching of the actual zoneinfo for the timezone. + */ +-- +2.24.1 + diff --git a/vsftpd.spec b/vsftpd.spec index 644221c..f81c2f8 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 36%{?dist} +Release: 37%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -93,6 +93,8 @@ Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch Patch66: 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch +Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch +Patch68: 0002-Drop-an-unused-global-variable.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -161,6 +163,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Feb 13 2020 Ondřej Lysoněk - 3.0.3-37 +- Fix timestamp handling in MDTM +- Resolves: rhbz#1567855 + * Fri Feb 07 2020 Ondřej Lysoněk - 3.0.3-36 - Fix build with gcc 10 - Resolves: rhbz#1800239 From d37bca598d7a7925579b9dcfcd9c221f42d0a936 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= Date: Tue, 17 Mar 2020 13:02:58 +0100 Subject: [PATCH 35/73] Remove a hint about the ftp_home_dir SELinux boolean from the config file Resolves: rhbz#1623424 --- ...out-the-ftp_home_dir-SELinux-boolean.patch | 25 +++++++++++++++++++ vsftpd.spec | 7 +++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch diff --git a/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch b/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch new file mode 100644 index 0000000..88640ac --- /dev/null +++ b/0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch @@ -0,0 +1,25 @@ +From ab797dcffc855b05c9e7c8db4e5be2fc7510831b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= +Date: Tue, 17 Mar 2020 12:57:36 +0100 +Subject: [PATCH] Remove a hint about the ftp_home_dir SELinux boolean + +The boolean has been removed from SELinux. +--- + vsftpd.conf | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/vsftpd.conf b/vsftpd.conf +index 6b8eebb..ea20a72 100644 +--- a/vsftpd.conf ++++ b/vsftpd.conf +@@ -12,7 +12,6 @@ + anonymous_enable=NO + # + # Uncomment this to allow local users to log in. +-# When SELinux is enforcing check for SE bool ftp_home_dir + local_enable=YES + # + # Uncomment this to enable any form of FTP write command. +-- +2.25.1 + diff --git a/vsftpd.spec b/vsftpd.spec index f81c2f8..b878bdb 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 37%{?dist} +Release: 38%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -95,6 +95,7 @@ Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch Patch66: 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch Patch68: 0002-Drop-an-unused-global-variable.patch +Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -163,6 +164,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Mar 17 2020 Ondřej Lysoněk - 3.0.3-38 +- Removed a hint about the ftp_home_dir SELinux boolean from the config file +- Resolves: rhbz#1623424 + * Thu Feb 13 2020 Ondřej Lysoněk - 3.0.3-37 - Fix timestamp handling in MDTM - Resolves: rhbz#1567855 From 2526a74ac732414d31a20591f7b3e3e94a970363 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 29 Jul 2020 13:54:09 +0000 Subject: [PATCH 36/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index b878bdb..d605550 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 38%{?dist} +Release: 39%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -164,6 +164,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Jul 29 2020 Fedora Release Engineering - 3.0.3-39 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Tue Mar 17 2020 Ondřej Lysoněk - 3.0.3-38 - Removed a hint about the ftp_home_dir SELinux boolean from the config file - Resolves: rhbz#1623424 From a745964126c155fa6083c67a3ebc7588f476c3d9 Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Tue, 3 Nov 2020 17:45:54 +0100 Subject: [PATCH 37/73] Unit files fixed "After=network-online.target" --- vsftpd.service | 2 +- vsftpd.spec | 5 ++++- vsftpd.target | 2 +- vsftpd@.service | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/vsftpd.service b/vsftpd.service index 8ebae44..4a41b72 100644 --- a/vsftpd.service +++ b/vsftpd.service @@ -1,6 +1,6 @@ [Unit] Description=Vsftpd ftp daemon -After=network.target +After=network-online.target [Service] Type=forking diff --git a/vsftpd.spec b/vsftpd.spec index d605550..b0556d4 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 39%{?dist} +Release: 40%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -164,6 +164,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Mon Nov 02 2020 Artem Egorenkov - 3.0.3-40 +- Unit files fixed "After=network-online.target" + * Wed Jul 29 2020 Fedora Release Engineering - 3.0.3-39 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/vsftpd.target b/vsftpd.target index 3f0a942..3828bf8 100644 --- a/vsftpd.target +++ b/vsftpd.target @@ -1,6 +1,6 @@ [Unit] Description=FTP daemon -After=network.target +After=network-online.target [Install] WantedBy=multi-user.target diff --git a/vsftpd@.service b/vsftpd@.service index f3a7a16..b063f8f 100644 --- a/vsftpd@.service +++ b/vsftpd@.service @@ -1,6 +1,6 @@ [Unit] Description=Vsftpd ftp daemon -After=network.target +After=network-online.target PartOf=vsftpd.target [Service] From a93b3655b0694e1c45b216da31583778be348253 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timm=20B=C3=A4der?= Date: Tue, 17 Nov 2020 10:16:57 +0100 Subject: [PATCH 38/73] Fix str_open() in a different way The original patch tried to fix it by not assigning anything to open_mode. That only works if the compiler is able to deduce that bug() will abort the process however (or just not warn about the uninitialized use of open_mode). clang does warn about open_mode being used uninitialized in this function. Solve this by rewriting the function to simply only consider one case, the mode == kVSFSysStrOpenReadOnly one. Otherwise, don't call vsf_sysutil_open_file() and just return -1 after calling bug(). --- ...of-an-enumerator-of-a-different-type.patch | 33 ------------------- fix-str_open.patch | 28 ++++++++++++++++ vsftpd.spec | 2 +- 3 files changed, 29 insertions(+), 34 deletions(-) delete mode 100644 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch create mode 100644 fix-str_open.patch diff --git a/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch b/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch deleted file mode 100644 index e20404a..0000000 --- a/0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 8882c5f7788fc2ea7cae824a7fa09b82782fc81e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Fri, 7 Feb 2020 11:51:46 +0100 -Subject: [PATCH] Fix assignment of an enumerator of a different type - -The kVSFSysStrOpenUnknown enumerator is not part of the -EVSFSysUtilOpenMode enum. The assignment causes a build failure with -gcc 10. - -The open_mode variable need not be initialized, because the switch -statement either sets the variable or causes us to exit. - -Resolves: rhbz#1800239 ---- - sysstr.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysstr.c b/sysstr.c -index d86cdf1..ff2671b 100644 ---- a/sysstr.c -+++ b/sysstr.c -@@ -74,7 +74,7 @@ str_chdir(const struct mystr* p_str) - int - str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) - { -- enum EVSFSysUtilOpenMode open_mode = kVSFSysStrOpenUnknown; -+ enum EVSFSysUtilOpenMode open_mode; - switch (mode) - { - case kVSFSysStrOpenReadOnly: --- -2.24.1 - diff --git a/fix-str_open.patch b/fix-str_open.patch new file mode 100644 index 0000000..eef52ec --- /dev/null +++ b/fix-str_open.patch @@ -0,0 +1,28 @@ +diff -ruN vsftpd-3.0.3.orig/sysstr.c vsftpd-3.0.3/sysstr.c +--- vsftpd-3.0.3.orig/sysstr.c 2020-11-17 09:47:03.872923383 +0100 ++++ vsftpd-3.0.3/sysstr.c 2020-11-17 09:48:41.219754145 +0100 +@@ -74,19 +74,11 @@ + int + str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) + { +- enum EVSFSysUtilOpenMode open_mode = kVSFSysStrOpenUnknown; +- switch (mode) +- { +- case kVSFSysStrOpenReadOnly: +- open_mode = kVSFSysUtilOpenReadOnly; +- break; +- case kVSFSysStrOpenUnknown: +- /* Fall through */ +- default: +- bug("unknown mode value in str_open"); +- break; +- } +- return vsf_sysutil_open_file(str_getbuf(p_str), open_mode); ++ if (mode == kVSFSysStrOpenReadOnly) ++ return vsf_sysutil_open_file(str_getbuf(p_str), kVSFSysUtilOpenReadOnly); ++ ++ bug("unknown mode value in str_open"); ++ return -1; + } + + int diff --git a/vsftpd.spec b/vsftpd.spec index b0556d4..9bb18a5 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -92,10 +92,10 @@ Patch62: 0002-Prevent-recursion-in-bug.patch Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch -Patch66: 0001-Fix-assignment-of-an-enumerator-of-a-different-type.patch Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch Patch68: 0002-Drop-an-unused-global-variable.patch Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch +Patch70: fix-str_open.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from From 9c2c73019c8236c5e6643ca5d846bb5ebe24867d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timm=20B=C3=A4der?= Date: Tue, 17 Nov 2020 10:19:59 +0100 Subject: [PATCH 39/73] spec: Pass $RPM_LD_FLAGS to LINK --- vsftpd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 9bb18a5..b79ccff 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -111,7 +111,7 @@ cp %{SOURCE1} . %else %make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ %endif - LINK="-pie -lssl" %{?_smp_mflags} + LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags} %install mkdir -p $RPM_BUILD_ROOT%{_sbindir} From eac39c3fbaa53849920beb57ea7c9b5b1810ecbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timm=20B=C3=A4der?= Date: Fri, 27 Nov 2020 16:13:07 +0100 Subject: [PATCH 40/73] Update changelog --- vsftpd.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vsftpd.spec b/vsftpd.spec index b79ccff..c5bc898 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -164,6 +164,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Nov 27 2020 Timm Bäder - 3.0.3-41 +- Fix str_open() so it doesn't warn when compiled with clang +- Pass $RPM_LD_FLAGS when linking + * Mon Nov 02 2020 Artem Egorenkov - 3.0.3-40 - Unit files fixed "After=network-online.target" From ed85881b79c0d9edd57f3eb857161e7c7af68105 Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Mon, 30 Nov 2020 14:48:45 +0100 Subject: [PATCH 41/73] - Release bumped - Changelog date fixed --- vsftpd.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vsftpd.spec b/vsftpd.spec index c5bc898..5c42478 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 40%{?dist} +Release: 41%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -164,7 +164,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog -* Wed Nov 27 2020 Timm Bäder - 3.0.3-41 +* Fri Nov 27 2020 Timm Bäder - 3.0.3-41 - Fix str_open() so it doesn't warn when compiled with clang - Pass $RPM_LD_FLAGS when linking From 2b0cc8cb30e916ca0ea159107dcd2275155a4ac1 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Sat, 9 Jan 2021 00:47:59 +0000 Subject: [PATCH 42/73] Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot --- vsftpd.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/vsftpd.spec b/vsftpd.spec index 5c42478..6933a11 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -19,6 +19,7 @@ Source8: vsftpd@.service Source9: vsftpd.target Source10: vsftpd-generator +BuildRequires: make BuildRequires: pam-devel BuildRequires: libcap-devel BuildRequires: openssl-devel From ba82eb63b783c0f54d46ad9114b7be94f1dbc4b7 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 27 Jan 2021 23:15:33 +0000 Subject: [PATCH 43/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 6933a11..7d1fc6f 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 41%{?dist} +Release: 42%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -165,6 +165,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Jan 27 2021 Fedora Release Engineering - 3.0.3-42 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Fri Nov 27 2020 Timm Bäder - 3.0.3-41 - Fix str_open() so it doesn't warn when compiled with clang - Pass $RPM_LD_FLAGS when linking From 87915b320db3de54f10142f32a4471532c9672ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 2 Mar 2021 16:12:03 +0100 Subject: [PATCH 44/73] Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. --- vsftpd.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 7d1fc6f..5d3b9ea 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 42%{?dist} +Release: 43%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -165,6 +165,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.0.3-43 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + * Wed Jan 27 2021 Fedora Release Engineering - 3.0.3-42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From d48775fd3a55a4468c43a9558bfcb2ba52a4cca5 Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Thu, 8 Apr 2021 15:11:14 +0200 Subject: [PATCH 45/73] Enable wide-character support in logs --- ...wc_logs-replace_unprintable_with_hex.patch | 215 ++++++++++++++++++ vsftpd.spec | 8 +- 2 files changed, 222 insertions(+), 1 deletion(-) create mode 100644 vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch diff --git a/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch b/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch new file mode 100644 index 0000000..38de8f3 --- /dev/null +++ b/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch @@ -0,0 +1,215 @@ +diff --git a/logging.c b/logging.c +index 9e86808..613ff4b 100644 +--- a/logging.c ++++ b/logging.c +@@ -171,7 +171,14 @@ vsf_log_do_log_to_file(int fd, struct mystr* p_str) + return; + } + } +- str_replace_unprintable(p_str, '?'); ++ if (tunable_wc_logs_enable) ++ { ++ str_replace_unprintable_with_hex_wc(p_str); ++ } ++ else ++ { ++ str_replace_unprintable_with_hex(p_str); ++ } + str_append_char(p_str, '\n'); + /* Ignore write failure; maybe the disk filled etc. */ + (void) str_write_loop(p_str, fd); +diff --git a/parseconf.c b/parseconf.c +index 3cfe7da..3729818 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -113,6 +113,7 @@ parseconf_bool_array[] = + { "allow_writeable_chroot", &tunable_allow_writeable_chroot }, + { "better_stou", &tunable_better_stou }, + { "log_die", &tunable_log_die }, ++ { "wc_logs_enable", &tunable_wc_logs_enable }, + { 0, 0 } + }; + +diff --git a/str.c b/str.c +index 82b8ae4..a4e81d6 100644 +--- a/str.c ++++ b/str.c +@@ -20,6 +20,11 @@ + #include "utility.h" + #include "sysutil.h" + ++#include ++#include ++#include ++#include ++ + /* File local functions */ + static void str_split_text_common(struct mystr* p_src, struct mystr* p_rhs, + const char* p_text, int is_reverse); +@@ -723,6 +728,102 @@ str_replace_unprintable(struct mystr* p_str, char new_char) + } + } + ++void ++str_replace_unprintable_with_hex(struct mystr* p_str) ++{ ++ unsigned int ups_size = sizeof(unsigned int) * (p_str->len); ++ if (ups_size < p_str->len) ++ { ++ str_replace_unprintable(p_str, '?'); ++ str_append_text(p_str, ": BUG: string is too long"); ++ bug(p_str->p_buf); ++ } ++ unsigned int* ups = vsf_sysutil_malloc(ups_size); ++ unsigned int up_count = 0; ++ for (unsigned int i=0; i < p_str->len; i++) ++ { ++ if (!vsf_sysutil_isprint(p_str->p_buf[i])) ++ { ++ ups[up_count++] = i; ++ } ++ } ++ str_replace_positions_with_hex(p_str, ups, up_count); ++ vsf_sysutil_free(ups); ++} ++ ++void str_replace_unprintable_with_hex_wc(struct mystr* p_str) ++{ ++ unsigned int ups_size = sizeof(unsigned int) * (p_str->len); ++ if (ups_size < p_str->len) ++ { ++ str_replace_unprintable(p_str, '?'); ++ str_append_text(p_str, ": BUG: string is too long"); ++ bug(p_str->p_buf); ++ } ++ unsigned int* ups = vsf_sysutil_malloc(ups_size); ++ unsigned int up_count = 0; ++ ++ size_t current = 0; ++ wchar_t pwc; ++ mbstate_t ps; ++ memset(&ps, 0, sizeof(ps)); ++ ssize_t len = 0; ++ while ((len = mbrtowc(&pwc, p_str->p_buf, p_str->len - current, &ps)) > 0) ++ { ++ if (!iswprint(pwc)) ++ { ++ for (unsigned int i = 0; i < len; i++) ++ { ++ ups[up_count++] = current++; ++ } ++ } ++ else ++ { ++ current += len; ++ } ++ } ++ if (len < 0) ++ { ++ while (current < p_str->len) ++ { ++ ups[up_count++] = current++; ++ } ++ } ++ str_replace_positions_with_hex(p_str, ups, up_count); ++ vsf_sysutil_free(ups); ++} ++ ++void ++str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, const unsigned int pos_count) ++{ ++ if (pos_count == 0) ++ return; ++ ++ struct mystr tmp_str = INIT_MYSTR; ++ str_reserve(&tmp_str, p_str->len + 3 * pos_count); ++ unsigned int current = 0; ++ ++ for (unsigned int i=0; i < pos_count; i++) ++ { ++ unsigned int pos = poss[i]; ++ ++ if (current < pos) ++ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, pos - current); ++ ++ char hex_buf[5]; ++ memset(hex_buf, 0, sizeof(hex_buf)); ++ sprintf(hex_buf, "\\x%02X", (unsigned char) p_str->p_buf[pos]); ++ str_append_text(&tmp_str, hex_buf); ++ current = pos + 1; ++ } ++ ++ if (current < p_str->len) ++ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, p_str->len - current); ++ ++ str_copy(p_str, &tmp_str); ++ str_free(&tmp_str); ++} ++ + void + str_basename (struct mystr* d_str, const struct mystr* path) + { +diff --git a/str.h b/str.h +index 44270da..95a83b5 100644 +--- a/str.h ++++ b/str.h +@@ -98,6 +98,10 @@ int str_contains_space(const struct mystr* p_str); + int str_all_space(const struct mystr* p_str); + int str_contains_unprintable(const struct mystr* p_str); + void str_replace_unprintable(struct mystr* p_str, char new_char); ++void str_replace_unprintable_with_hex(struct mystr* p_str); ++void str_replace_unprintable_with_hex_wc(struct mystr* p_str); ++void str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, ++ const unsigned int pos_count); + int str_atoi(const struct mystr* p_str); + filesize_t str_a_to_filesize_t(const struct mystr* p_str); + unsigned int str_octal_to_uint(const struct mystr* p_str); +diff --git a/tunables.c b/tunables.c +index a7ce9c8..c96c1ac 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -94,6 +94,7 @@ int tunable_seccomp_sandbox; + int tunable_allow_writeable_chroot; + int tunable_better_stou; + int tunable_log_die; ++int tunable_wc_logs_enable; + + unsigned int tunable_accept_timeout; + unsigned int tunable_connect_timeout; +@@ -244,6 +245,7 @@ tunables_load_defaults() + tunable_allow_writeable_chroot = 0; + tunable_better_stou = 0; + tunable_log_die = 0; ++ tunable_wc_logs_enable = 0; + + tunable_accept_timeout = 60; + tunable_connect_timeout = 60; +diff --git a/tunables.h b/tunables.h +index 029d645..8d50150 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -98,6 +98,7 @@ extern int tunable_better_stou; /* Use better file name generation + */ + extern int tunable_log_die; /* Log calls to die(), die2() + * and bug() */ ++extern int tunable_wc_logs_enable; /* Allow non ASCII characters in logs */ + + /* Integer/numeric defines */ + extern unsigned int tunable_accept_timeout; +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index ce3fba3..815773f 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -735,6 +735,12 @@ If enabled, use CLONE_NEWPID and CLONE_NEWIPC to isolate processes to their + ipc and pid namespaces. So separated processes can not interact with each other. + + Default: YES ++.TP ++.B wc_logs_enable ++If enabled, logs will be treated as wide-character strings and not just ++ASCII strings when filtering out non-printable characters. ++ ++Default: NO + + .SH NUMERIC OPTIONS + Below is a list of numeric options. A numeric option must be set to a non diff --git a/vsftpd.spec b/vsftpd.spec index 5d3b9ea..63f6a74 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 43%{?dist} +Release: 44%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -97,6 +97,8 @@ Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch Patch68: 0002-Drop-an-unused-global-variable.patch Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch Patch70: fix-str_open.patch +# upstream commits 56402c0, 8b82e73 +Patch71: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -165,6 +167,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Apr 8 2021 Artem Egorenkov - 3.0.3-44 +- Enable support for wide-character strings in logs +- Replace unprintables with HEX code, not question marks + * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.0.3-43 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. From 52a06d89792b58c4dbb8e783d293c328323fa375 Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Thu, 8 Apr 2021 16:22:32 +0200 Subject: [PATCH 46/73] failed build fixed --- ...pd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch | 4 ++-- vsftpd.spec | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch b/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch index 38de8f3..914aebd 100644 --- a/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch +++ b/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch @@ -31,7 +31,7 @@ index 3cfe7da..3729818 100644 }; diff --git a/str.c b/str.c -index 82b8ae4..a4e81d6 100644 +index 82b8ae4..c03e7d8 100644 --- a/str.c +++ b/str.c @@ -20,6 +20,11 @@ @@ -94,7 +94,7 @@ index 82b8ae4..a4e81d6 100644 + { + if (!iswprint(pwc)) + { -+ for (unsigned int i = 0; i < len; i++) ++ for (int i = 0; i < len; i++) + { + ups[up_count++] = current++; + } diff --git a/vsftpd.spec b/vsftpd.spec index 63f6a74..69923a1 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -167,7 +167,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog -* Wed Apr 8 2021 Artem Egorenkov - 3.0.3-44 +* Thu Apr 8 2021 Artem Egorenkov - 3.0.3-44 - Enable support for wide-character strings in logs - Replace unprintables with HEX code, not question marks From 18928bb25ec3e20e013fb55206d10251a59a60bc Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 23 Jul 2021 20:41:02 +0000 Subject: [PATCH 47/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 69923a1..d340249 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 44%{?dist} +Release: 45%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -167,6 +167,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jul 23 2021 Fedora Release Engineering - 3.0.3-45 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Thu Apr 8 2021 Artem Egorenkov - 3.0.3-44 - Enable support for wide-character strings in logs - Replace unprintables with HEX code, not question marks From 6e276bfedb9bc01bfd4964f4c518a60cdedb608d Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 14 Sep 2021 19:17:40 +0200 Subject: [PATCH 48/73] Rebuilt with OpenSSL 3.0.0 --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index d340249..8fe341f 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 45%{?dist} +Release: 46%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -167,6 +167,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Sep 14 2021 Sahana Prasad - 3.0.3-46 +- Rebuilt with OpenSSL 3.0.0 + * Fri Jul 23 2021 Fedora Release Engineering - 3.0.3-45 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild From 1fd680f423c46b8718ee2dd43e31b8c7e325d976 Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Wed, 22 Sep 2021 18:00:52 +0200 Subject: [PATCH 49/73] Adding fmf plan --- .fmf/version | 1 + plans/ci.fmf | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 .fmf/version create mode 100644 plans/ci.fmf diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/plans/ci.fmf b/plans/ci.fmf new file mode 100644 index 0000000..3eeb9e9 --- /dev/null +++ b/plans/ci.fmf @@ -0,0 +1,6 @@ +summary: Test plan that runs all tests from tests repo. +discover: + how: fmf + url: https://src.fedoraproject.org/tests/vsftpd.git +execute: + how: tmt From ebaec574529e0220ee94569780d0bd6ca3ae7721 Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Wed, 13 Oct 2021 14:25:25 +0200 Subject: [PATCH 50/73] Temporary pass -Wno-deprecated-declarations to gcc to ignore deprecated warnings to be able to build against OpenSSL-3.0 Resolves: rhbz#1962603 --- vsftpd.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/vsftpd.spec b/vsftpd.spec index 8fe341f..1b8fdfe 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -109,10 +109,13 @@ scratch. cp %{SOURCE1} . %build +# temporary ignore deprecated warnings to be able to build against OpenSSL 3.0 +%define ignore_deprecated -Wno-deprecated-declarations + %ifarch s390x sparcv9 sparc64 -%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror %ignore_deprecated" \ %else -%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror %ignore_deprecated" \ %endif LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags} From eb81361da08585e78208800030f5955b399f951c Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Wed, 13 Oct 2021 14:49:10 +0200 Subject: [PATCH 51/73] release bump --- vsftpd.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 1b8fdfe..15c23a2 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 46%{?dist} +Release: 47%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -170,6 +170,11 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Oct 13 2021 Artem Egorenkov - 3.0.3-47 +- Temporary pass -Wno-deprecated-declarations to gcc to ignore + deprecated warnings to be able to build against OpenSSL-3.0 +- Resolves: rhbz#1962603 + * Tue Sep 14 2021 Sahana Prasad - 3.0.3-46 - Rebuilt with OpenSSL 3.0.0 From 28071690cee23a4500a70958bca509d535298dff Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Wed, 13 Oct 2021 16:52:15 +0200 Subject: [PATCH 52/73] ALPACA fix backported from upstram 3.0.5 version Related: rhbz#1975648 --- vsftpd-3.0.3-ALPACA.patch | 225 ++++++++++++++++++++++++++++++++++++++ vsftpd.spec | 7 +- 2 files changed, 231 insertions(+), 1 deletion(-) create mode 100644 vsftpd-3.0.3-ALPACA.patch diff --git a/vsftpd-3.0.3-ALPACA.patch b/vsftpd-3.0.3-ALPACA.patch new file mode 100644 index 0000000..336a1de --- /dev/null +++ b/vsftpd-3.0.3-ALPACA.patch @@ -0,0 +1,225 @@ +diff --git a/parseconf.c b/parseconf.c +index 3729818..ee1b8b4 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -188,6 +188,7 @@ parseconf_str_array[] = + { "rsa_private_key_file", &tunable_rsa_private_key_file }, + { "dsa_private_key_file", &tunable_dsa_private_key_file }, + { "ca_certs_file", &tunable_ca_certs_file }, ++ { "ssl_sni_hostname", &tunable_ssl_sni_hostname }, + { "cmds_denied", &tunable_cmds_denied }, + { 0, 0 } + }; +diff --git a/ssl.c b/ssl.c +index 09ec96a..b622347 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -41,6 +41,13 @@ static long bio_callback( + BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); + static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); + static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); ++static int ssl_alpn_callback(SSL* p_ssl, ++ const unsigned char** p_out, ++ unsigned char* outlen, ++ const unsigned char* p_in, ++ unsigned int inlen, ++ void* p_arg); ++static long ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg); + static int ssl_cert_digest( + SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); + static void maybe_log_shutdown_state(struct vsf_session* p_sess); +@@ -285,6 +292,11 @@ ssl_init(struct vsf_session* p_sess) + SSL_CTX_set_timeout(p_ctx, INT_MAX); + } + ++ /* Set up ALPN to check for FTP protocol intention of client. */ ++ SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); ++ /* Set up SNI callback for an optional hostname check. */ ++ SSL_CTX_set_tlsext_servername_callback(p_ctx, ssl_sni_callback); ++ SSL_CTX_set_tlsext_servername_arg(p_ctx, p_sess); + SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + + if (tunable_ecdh_param_file) +@@ -871,6 +883,133 @@ ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) + return DH_get_dh(keylength); + } + ++static int ++ssl_alpn_callback(SSL* p_ssl, ++ const unsigned char** p_out, ++ unsigned char* outlen, ++ const unsigned char* p_in, ++ unsigned int inlen, ++ void* p_arg) { ++ unsigned int i; ++ struct vsf_session* p_sess = (struct vsf_session*) p_arg; ++ int is_ok = 0; ++ ++ (void) p_ssl; ++ ++ /* Initialize just in case. */ ++ *p_out = p_in; ++ *outlen = 0; ++ ++ for (i = 0; i < inlen; ++i) { ++ unsigned int left = (inlen - i); ++ if (left < 4) { ++ continue; ++ } ++ if (p_in[i] == 3 && p_in[i + 1] == 'f' && p_in[i + 2] == 't' && ++ p_in[i + 3] == 'p') ++ { ++ is_ok = 1; ++ *p_out = &p_in[i + 1]; ++ *outlen = 3; ++ break; ++ } ++ } ++ ++ if (!is_ok) ++ { ++ str_alloc_text(&debug_str, "ALPN rejection"); ++ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); ++ } ++ if (!is_ok || tunable_debug_ssl) ++ { ++ str_alloc_text(&debug_str, "ALPN data: "); ++ for (i = 0; i < inlen; ++i) { ++ str_append_char(&debug_str, p_in[i]); ++ } ++ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); ++ } ++ ++ if (is_ok) ++ { ++ return SSL_TLSEXT_ERR_OK; ++ } ++ else ++ { ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++} ++ ++static long ++ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg) ++{ ++ static struct mystr s_sni_expected_hostname; ++ static struct mystr s_sni_received_hostname; ++ ++ int servername_type; ++ const char* p_sni_servername; ++ struct vsf_session* p_sess = (struct vsf_session*) p_arg; ++ int is_ok = 0; ++ ++ (void) p_ssl; ++ (void) p_arg; ++ ++ if (tunable_ssl_sni_hostname) ++ { ++ str_alloc_text(&s_sni_expected_hostname, tunable_ssl_sni_hostname); ++ } ++ ++ /* The OpenSSL documentation says it is pre-initialized like this, but set ++ * it just in case. ++ */ ++ *p_al = SSL_AD_UNRECOGNIZED_NAME; ++ ++ servername_type = SSL_get_servername_type(p_ssl); ++ p_sni_servername = SSL_get_servername(p_ssl, TLSEXT_NAMETYPE_host_name); ++ if (p_sni_servername != NULL) { ++ str_alloc_text(&s_sni_received_hostname, p_sni_servername); ++ } ++ ++ if (str_isempty(&s_sni_expected_hostname)) ++ { ++ is_ok = 1; ++ } ++ else if (servername_type != TLSEXT_NAMETYPE_host_name) ++ { ++ /* Fail. */ ++ str_alloc_text(&debug_str, "SNI bad type: "); ++ str_append_ulong(&debug_str, servername_type); ++ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); ++ } ++ else ++ { ++ if (!str_strcmp(&s_sni_expected_hostname, &s_sni_received_hostname)) ++ { ++ is_ok = 1; ++ } ++ else ++ { ++ str_alloc_text(&debug_str, "SNI rejection"); ++ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); ++ } ++ } ++ ++ if (!is_ok || tunable_debug_ssl) ++ { ++ str_alloc_text(&debug_str, "SNI hostname: "); ++ str_append_str(&debug_str, &s_sni_received_hostname); ++ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); ++ } ++ ++ if (is_ok) ++ { ++ return SSL_TLSEXT_ERR_OK; ++ } ++ else ++ { ++ return SSL_TLSEXT_ERR_ALERT_FATAL; ++ } ++} ++ + void + ssl_add_entropy(struct vsf_session* p_sess) + { +diff --git a/tunables.c b/tunables.c +index c96c1ac..d8dfcde 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -152,6 +152,7 @@ const char* tunable_ssl_ciphers; + const char* tunable_rsa_private_key_file; + const char* tunable_dsa_private_key_file; + const char* tunable_ca_certs_file; ++const char* tunable_ssl_sni_hostname; + + static void install_str_setting(const char* p_value, const char** p_storage); + +@@ -309,6 +310,7 @@ tunables_load_defaults() + install_str_setting(0, &tunable_rsa_private_key_file); + install_str_setting(0, &tunable_dsa_private_key_file); + install_str_setting(0, &tunable_ca_certs_file); ++ install_str_setting(0, &tunable_ssl_sni_hostname); + } + + void +diff --git a/tunables.h b/tunables.h +index 8d50150..de6cab0 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -157,6 +157,7 @@ extern const char* tunable_ssl_ciphers; + extern const char* tunable_rsa_private_key_file; + extern const char* tunable_dsa_private_key_file; + extern const char* tunable_ca_certs_file; ++extern const char* tunable_ssl_sni_hostname; + extern const char* tunable_cmds_denied; + + #endif /* VSF_TUNABLES_H */ +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 815773f..7006287 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -1128,6 +1128,12 @@ for further details. + + Default: PROFILE=SYSTEM + .TP ++.B ssl_sni_hostname ++If set, SSL connections will be rejected unless the SNI hostname in the ++incoming handshakes matches this value. ++ ++Default: (none) ++.TP + .B user_config_dir + This powerful option allows the override of any config option specified in + the manual page, on a per-user basis. Usage is simple, and is best illustrated diff --git a/vsftpd.spec b/vsftpd.spec index 15c23a2..be7f17f 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 47%{?dist} +Release: 48%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -99,6 +99,7 @@ Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch Patch70: fix-str_open.patch # upstream commits 56402c0, 8b82e73 Patch71: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch +Patch72: vsftpd-3.0.3-ALPACA.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -170,6 +171,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Oct 13 2021 Artem Egorenkov - 3.0.3-48 +- ALPACA fix backported from upstram 3.0.5 version +- Resolves: rhbz#1975648 + * Wed Oct 13 2021 Artem Egorenkov - 3.0.3-47 - Temporary pass -Wno-deprecated-declarations to gcc to ignore deprecated warnings to be able to build against OpenSSL-3.0 From 70e712403f9e6f92511307f81280db76d840e5db Mon Sep 17 00:00:00 2001 From: Artem Egorenkov Date: Wed, 27 Oct 2021 14:51:18 +0200 Subject: [PATCH 53/73] - add option to disable TLSv1.3 - Resolves: rhbz#2017705 --- vsftpd-3.0.3-option_to_disable_TLSv1_3.patch | 96 ++++++++++++++++++++ vsftpd.spec | 7 +- 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 vsftpd-3.0.3-option_to_disable_TLSv1_3.patch diff --git a/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch b/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch new file mode 100644 index 0000000..b215273 --- /dev/null +++ b/vsftpd-3.0.3-option_to_disable_TLSv1_3.patch @@ -0,0 +1,96 @@ +diff --git a/features.c b/features.c +index d024366..3a60b88 100644 +--- a/features.c ++++ b/features.c +@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess) + { + vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); + } +- if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2) ++ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3) + { + vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); + } +diff --git a/parseconf.c b/parseconf.c +index ee1b8b4..5188088 100644 +--- a/parseconf.c ++++ b/parseconf.c +@@ -87,6 +87,7 @@ parseconf_bool_array[] = + { "ssl_tlsv1", &tunable_tlsv1 }, + { "ssl_tlsv1_1", &tunable_tlsv1_1 }, + { "ssl_tlsv1_2", &tunable_tlsv1_2 }, ++ { "ssl_tlsv1_3", &tunable_tlsv1_3 }, + { "tilde_user_enable", &tunable_tilde_user_enable }, + { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, + { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, +diff --git a/ssl.c b/ssl.c +index b622347..3af67ad 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -185,6 +185,10 @@ ssl_init(struct vsf_session* p_sess) + { + options |= SSL_OP_NO_TLSv1_2; + } ++ if (!tunable_tlsv1_3) ++ { ++ options |= SSL_OP_NO_TLSv1_3; ++ } + SSL_CTX_set_options(p_ctx, options); + if (tunable_rsa_cert_file) + { +diff --git a/tunables.c b/tunables.c +index d8dfcde..dc001ac 100644 +--- a/tunables.c ++++ b/tunables.c +@@ -68,6 +68,7 @@ int tunable_sslv3; + int tunable_tlsv1; + int tunable_tlsv1_1; + int tunable_tlsv1_2; ++int tunable_tlsv1_3; + int tunable_tilde_user_enable; + int tunable_force_anon_logins_ssl; + int tunable_force_anon_data_ssl; +@@ -218,8 +219,9 @@ tunables_load_defaults() + tunable_sslv3 = 0; + tunable_tlsv1 = 0; + tunable_tlsv1_1 = 0; +- /* Only TLSv1.2 is enabled by default */ ++ /* Only TLSv1.2 and TLSv1.3 are enabled by default */ + tunable_tlsv1_2 = 1; ++ tunable_tlsv1_3 = 1; + tunable_tilde_user_enable = 0; + tunable_force_anon_logins_ssl = 0; + tunable_force_anon_data_ssl = 0; +diff --git a/tunables.h b/tunables.h +index de6cab0..ff0eebc 100644 +--- a/tunables.h ++++ b/tunables.h +@@ -69,6 +69,7 @@ extern int tunable_sslv3; /* Allow SSLv3 */ + extern int tunable_tlsv1; /* Allow TLSv1 */ + extern int tunable_tlsv1_1; /* Allow TLSv1.1 */ + extern int tunable_tlsv1_2; /* Allow TLSv1.2 */ ++extern int tunable_tlsv1_3; /* Allow TLSv1.3 */ + extern int tunable_tilde_user_enable; /* Support e.g. ~chris */ + extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */ + extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */ +diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 +index 7006287..d181e50 100644 +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -587,7 +587,15 @@ Default: NO + Only applies if + .BR ssl_enable + is activated. If enabled, this option will permit TLS v1.2 protocol connections. +-TLS v1.2 connections are preferred. ++TLS v1.2 and TLS v1.3 connections are preferred. ++ ++Default: YES ++.TP ++.B ssl_tlsv1_3 ++Only applies if ++.BR ssl_enable ++is activated. If enabled, this option will permit TLS v1.3 protocol connections. ++TLS v1.2 and TLS v1.3 connections are preferred. + + Default: YES + .TP diff --git a/vsftpd.spec b/vsftpd.spec index be7f17f..b34672d 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 48%{?dist} +Release: 49%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -100,6 +100,7 @@ Patch70: fix-str_open.patch # upstream commits 56402c0, 8b82e73 Patch71: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch Patch72: vsftpd-3.0.3-ALPACA.patch +Patch73: vsftpd-3.0.3-option_to_disable_TLSv1_3.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -171,6 +172,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Wed Oct 27 2021 Artem Egorenkov - 3.0.3-49 +- add option to disable TLSv1.3 +- Resolves: rhbz#2017705 + * Wed Oct 13 2021 Artem Egorenkov - 3.0.3-48 - ALPACA fix backported from upstram 3.0.5 version - Resolves: rhbz#1975648 From 729620f9a2db253803f2974ace4115781d7401fe Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Wed, 15 Dec 2021 11:48:23 +0100 Subject: [PATCH 54/73] adding gating yaml --- gating.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 gating.yaml diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..ce1b655 --- /dev/null +++ b/gating.yaml @@ -0,0 +1,16 @@ +--- !Policy +product_versions: + - fedora-* +decision_contexts: [bodhi_update_push_testing] +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + +#gating rawhide +--- !Policy +product_versions: + - fedora-* +decision_contexts: [bodhi_update_push_stable] +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} From 44f20150044d239c8dbd150be6d8046f592aebb6 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 22 Jan 2022 04:11:34 +0000 Subject: [PATCH 55/73] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index b34672d..61b890b 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 49%{?dist} +Release: 50%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -172,6 +172,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jan 22 2022 Fedora Release Engineering - 3.0.3-50 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Wed Oct 27 2021 Artem Egorenkov - 3.0.3-49 - add option to disable TLSv1.3 - Resolves: rhbz#2017705 From b7d0384436ee83513ec4e1444ac559b10efedfeb Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 23 Jul 2022 12:07:25 +0000 Subject: [PATCH 56/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 61b890b..ab63318 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.3 -Release: 50%{?dist} +Release: 51%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -172,6 +172,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jul 23 2022 Fedora Release Engineering - 3.0.3-51 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Sat Jan 22 2022 Fedora Release Engineering - 3.0.3-50 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild From 63f4fa04b225188aed90f98db682c86858d2cbdc Mon Sep 17 00:00:00 2001 From: Richard Lescak Date: Fri, 29 Jul 2022 20:10:46 +0200 Subject: [PATCH 57/73] rebase to version 3.0.5 --- .gitignore | 1 + ...-support-for-DHE-based-cipher-suites.patch | 26 +++++++++---------- ...upport-for-EDDHE-based-cipher-suites.patch | 10 +++---- 0025-Improve-local_max_rate-option.patch | 4 +-- 0040-Use-system-wide-crypto-policy.patch | 6 ++--- ...-default-for-ssl_ciphers-in-the-man-.patch | 6 ++--- fix-str_open.patch | 7 +++-- sources | 2 +- ...wc_logs-replace_unprintable_with_hex.patch | 0 vsftpd.spec | 17 ++++++------ 10 files changed, 40 insertions(+), 39 deletions(-) rename vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch => vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch (100%) diff --git a/.gitignore b/.gitignore index 811254b..d4e96bd 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ vsftpd-2.3.2.tar.gz /vsftpd-3.0.1.tar.gz /vsftpd-3.0.2.tar.gz /vsftpd-3.0.3.tar.gz +/vsftpd-3.0.5.tar.gz diff --git a/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/0021-Introduce-support-for-DHE-based-cipher-suites.patch index 1abe1e4..cfa23bb 100644 --- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch +++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch @@ -36,14 +36,14 @@ index c362983..22b69b3 100644 #include #include -@@ -38,6 +40,7 @@ static void setup_bio_callbacks(); +@@ -38,6 +40,7 @@ + static char* get_ssl_error(); + static SSL* get_ssl(struct vsf_session* p_sess, int fd); + static int ssl_session_init(struct vsf_session* p_sess); ++static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); + static void setup_bio_callbacks(); static long bio_callback( BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); - static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); -+static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); - static int ssl_cert_digest( - SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); - static void maybe_log_shutdown_state(struct vsf_session* p_sess); @@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess, static int ssl_inited; static struct mystr debug_str; @@ -140,18 +140,18 @@ index c362983..22b69b3 100644 if (tunable_ssl_ciphers && SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1) { -@@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess) +@@ -184,6 +260,9 @@ /* Ensure cached session doesn't expire */ SSL_CTX_set_timeout(p_ctx, INT_MAX); } -+ ++ + SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + - p_sess->p_ssl_ctx = p_ctx; - ssl_inited = 1; + /* Set up ALPN to check for FTP protocol intention of client. */ + SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); + /* Set up SNI callback for an optional hostname check. */ +@@ -854,6 +933,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx) } -@@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx) - return 1; } +#define UNUSED(x) ( (void)(x) ) @@ -162,7 +162,7 @@ index c362983..22b69b3 100644 + // strict compiler bypassing + UNUSED(ssl); + UNUSED(is_export); -+ ++ + return DH_get_dh(keylength); +} + diff --git a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch index 1428b86..9cb56cd 100644 --- a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch +++ b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch @@ -36,8 +36,8 @@ index 22b69b3..96bf8ad 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -244,6 +244,41 @@ ssl_init(struct vsf_session* p_sess) - +@@ -244,6 +244,41 @@ + SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + if (tunable_ecdh_param_file) @@ -75,9 +75,9 @@ index 22b69b3..96bf8ad 100644 +#endif + } + - p_sess->p_ssl_ctx = p_ctx; - ssl_inited = 1; - } + /* Set up ALPN to check for FTP protocol intention of client. */ + SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); + /* Set up SNI callback for an optional hostname check. */ diff --git a/tunables.c b/tunables.c index 1ea7227..93f85b1 100644 --- a/tunables.c diff --git a/0025-Improve-local_max_rate-option.patch b/0025-Improve-local_max_rate-option.patch index e78f825..2c74c7a 100644 --- a/0025-Improve-local_max_rate-option.patch +++ b/0025-Improve-local_max_rate-option.patch @@ -60,9 +60,9 @@ diff --git a/main.c b/main.c index eaba265..f1e2f69 100644 --- a/main.c +++ b/main.c -@@ -40,7 +40,7 @@ main(int argc, const char* argv[]) +@@ -40,7 +40,7 @@ /* Control connection */ - 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, /* Data connection */ - -1, 0, -1, 0, 0, 0, 0, + -1, 0, -1, 0, 0, 0, 0, 0, diff --git a/0040-Use-system-wide-crypto-policy.patch b/0040-Use-system-wide-crypto-policy.patch index f59ba2b..940a5b2 100644 --- a/0040-Use-system-wide-crypto-policy.patch +++ b/0040-Use-system-wide-crypto-policy.patch @@ -3,7 +3,7 @@ From: Martin Sehnoutka Date: Tue, 29 Aug 2017 10:32:16 +0200 Subject: [PATCH 40/59] Use system wide crypto policy -Resolves: rhbz#1483970 +Resolves: rhbz# --- tunables.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) @@ -16,8 +16,8 @@ index 5440c00..354251c 100644 install_str_setting(0, &tunable_dsa_cert_file); install_str_setting(0, &tunable_dh_param_file); install_str_setting(0, &tunable_ecdh_param_file); -- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384", -- &tunable_ssl_ciphers); +- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA", +- &tunable_ssl_ciphers); + install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers); install_str_setting(0, &tunable_rsa_private_key_file); install_str_setting(0, &tunable_dsa_private_key_file); diff --git a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch index 8b26c7b..93e2ce8 100644 --- a/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch +++ b/0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch @@ -17,15 +17,15 @@ index 3ca55e4..2a7662e 100644 security precaution as it prevents malicious remote parties forcing a cipher which they have found problems with. --Default: AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384 +-Default: DES-CBC3-SHA +By default, the system-wide crypto policy is used. See +.BR update-crypto-policies(8) +for further details. + +Default: PROFILE=SYSTEM .TP - .B user_config_dir - This powerful option allows the override of any config option specified in + .B ssl_sni_hostname + If set, SSL connections will be rejected unless the SNI hostname in the -- 2.14.4 diff --git a/fix-str_open.patch b/fix-str_open.patch index eef52ec..e5d5bd9 100644 --- a/fix-str_open.patch +++ b/fix-str_open.patch @@ -1,11 +1,10 @@ -diff -ruN vsftpd-3.0.3.orig/sysstr.c vsftpd-3.0.3/sysstr.c ---- vsftpd-3.0.3.orig/sysstr.c 2020-11-17 09:47:03.872923383 +0100 -+++ vsftpd-3.0.3/sysstr.c 2020-11-17 09:48:41.219754145 +0100 +--- sysstr-orig.c 2022-07-27 09:44:52.606408000 +0200 ++++ sysstr.c 2022-07-27 09:54:24.043081352 +0200 @@ -74,19 +74,11 @@ int str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode) { -- enum EVSFSysUtilOpenMode open_mode = kVSFSysStrOpenUnknown; +- enum EVSFSysUtilOpenMode open_mode = kVSFSysUtilOpenUnknown; - switch (mode) - { - case kVSFSysStrOpenReadOnly: diff --git a/sources b/sources index 73f8cf5..e0f928f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (vsftpd-3.0.3.tar.gz) = 5a4410a88e72ecf6f60a60a89771bcec300c9f63c2ea83b219bdf65fd9749b9853f9579f7257205b55659aefcd5dab243eba878dbbd4f0ff8532dd6e60884df7 +SHA512 (vsftpd-3.0.5.tar.gz) = 9e9f9bde8c460fbc6b1d29ca531327fb2e40e336358f1cc19e1da205ef81b553719a148ad4613ceead25499d1ac3f03301a0ecd3776e5c228acccb7f9461a7ee diff --git a/vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch b/vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch similarity index 100% rename from vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch rename to vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch diff --git a/vsftpd.spec b/vsftpd.spec index ab63318..18f9361 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -1,8 +1,8 @@ %global _generatorsdir %{_prefix}/lib/systemd/system-generators Name: vsftpd -Version: 3.0.3 -Release: 51%{?dist} +Version: 3.0.5 +Release: 1%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -61,7 +61,7 @@ Patch29: 0029-Fix-segfault-in-config-file-parser.patch Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch -Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch +#Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch @@ -70,8 +70,8 @@ Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch Patch40: 0040-Use-system-wide-crypto-policy.patch Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch -Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch -Patch43: 0043-Enable-only-TLSv1.2-by-default.patch +#Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch +#Patch43: 0043-Enable-only-TLSv1.2-by-default.patch Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch @@ -97,10 +97,8 @@ Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch Patch68: 0002-Drop-an-unused-global-variable.patch Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch Patch70: fix-str_open.patch +Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch # upstream commits 56402c0, 8b82e73 -Patch71: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch -Patch72: vsftpd-3.0.3-ALPACA.patch -Patch73: vsftpd-3.0.3-option_to_disable_TLSv1_3.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -172,6 +170,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu Jul 28 2022 Richard Lescak 3.0.5-1 +- rebase to version 3.0.5 + * Sat Jul 23 2022 Fedora Release Engineering - 3.0.3-51 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild From 8ce1361c8ca80c4fe35b4c99094d21bfd57c5efa Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 21 Jan 2023 06:31:03 +0000 Subject: [PATCH 58/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 18f9361..7efc847 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -170,6 +170,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jan 21 2023 Fedora Release Engineering - 3.0.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Thu Jul 28 2022 Richard Lescak 3.0.5-1 - rebase to version 3.0.5 From 57c94df2dcebe0b75f65519fac394b377237234c Mon Sep 17 00:00:00 2001 From: Richard Lescak Date: Fri, 17 Feb 2023 16:32:19 +0100 Subject: [PATCH 59/73] make vsftpd compatible with Openssl 3.0+ replace old network functions --- ...-support-for-DHE-based-cipher-suites.patch | 112 +++----------- ...upport-for-EDDHE-based-cipher-suites.patch | 28 ++-- ...ment-patch-to-build-with-OpenSSL-1.1.patch | 74 ---------- ...replace-deprecated-openssl-functions.patch | 70 +++++++++ ...5-replace-old-network-addr-functions.patch | 139 ++++++++++++++++++ vsftpd.spec | 16 +- 6 files changed, 252 insertions(+), 187 deletions(-) delete mode 100644 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch create mode 100644 vsftpd-3.0.5-replace-deprecated-openssl-functions.patch create mode 100644 vsftpd-3.0.5-replace-old-network-addr-functions.patch diff --git a/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/0021-Introduce-support-for-DHE-based-cipher-suites.patch index cfa23bb..bbf99a8 100644 --- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch +++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch @@ -31,81 +31,36 @@ index c362983..22b69b3 100644 #include #include #include -+#include +#include ++#include #include #include -@@ -38,6 +40,7 @@ - static char* get_ssl_error(); - static SSL* get_ssl(struct vsf_session* p_sess, int fd); - static int ssl_session_init(struct vsf_session* p_sess); -+static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); - static void setup_bio_callbacks(); - static long bio_callback( - BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); -@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess, +@@ -58,6 +60,23 @@ static int ssl_inited; static struct mystr debug_str; ++EVP_PKEY * ++DH_get_dh() ++{ ++ OSSL_PARAM dh_params[2]; ++ EVP_PKEY *dh_key = NULL; ++ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL); + -+// Grab prime number from OpenSSL; -+// (get_rfc*) for all available primes. -+// wraps selection of comparable algorithm strength -+#if !defined(match_dh_bits) -+ #define match_dh_bits(keylen) \ -+ keylen >= 8191 ? 8192 : \ -+ keylen >= 6143 ? 6144 : \ -+ keylen >= 4095 ? 4096 : \ -+ keylen >= 3071 ? 3072 : \ -+ keylen >= 2047 ? 2048 : \ -+ keylen >= 1535 ? 1536 : \ -+ keylen >= 1023 ? 1024 : 768 -+#endif ++ dh_params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0); ++ dh_params[1] = OSSL_PARAM_construct_end(); + -+#if !defined(DH_get_prime) -+ BIGNUM * -+ DH_get_prime(int bits) -+ { -+ switch (bits) { -+ case 768: return get_rfc2409_prime_768(NULL); -+ case 1024: return get_rfc2409_prime_1024(NULL); -+ case 1536: return get_rfc3526_prime_1536(NULL); -+ case 2048: return get_rfc3526_prime_2048(NULL); -+ case 3072: return get_rfc3526_prime_3072(NULL); -+ case 4096: return get_rfc3526_prime_4096(NULL); -+ case 6144: return get_rfc3526_prime_6144(NULL); -+ case 8192: return get_rfc3526_prime_8192(NULL); -+ // shouldn't happen when used match_dh_bits; strict compiler -+ default: return NULL; -+ } ++ if (EVP_PKEY_keygen_init(pctx) <= 0 || EVP_PKEY_CTX_set_params(pctx, dh_params) <= 0) ++ return NULL; ++ EVP_PKEY_generate(pctx, &dh_key); ++ EVP_PKEY_CTX_free(pctx); ++ return dh_key; +} -+#endif -+ -+#if !defined(DH_get_dh) -+ // Grab DH parameters -+ DH * -+ DH_get_dh(int size) -+ { -+ DH *dh = DH_new(); -+ if (!dh) { -+ return NULL; -+ } -+ dh->p = DH_get_prime(match_dh_bits(size)); -+ BN_dec2bn(&dh->g, "2"); -+ if (!dh->p || !dh->g) -+ { -+ DH_free(dh); -+ return NULL; -+ } -+ return dh; -+ } -+#endif + void ssl_init(struct vsf_session* p_sess) { -@@ -65,7 +122,7 @@ ssl_init(struct vsf_session* p_sess) +@@ -72,7 +89,7 @@ { die("SSL: could not allocate SSL context"); } @@ -114,61 +69,42 @@ index c362983..22b69b3 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -111,6 +168,25 @@ ssl_init(struct vsf_session* p_sess) +@@ -130,6 +147,25 @@ die("SSL: cannot load DSA private key"); } } + if (tunable_dh_param_file) + { + BIO *bio; -+ DH *dhparams = NULL; ++ EVP_PKEY *dh_params = NULL; + if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL) + { + die("SSL: cannot load custom DH params"); + } + else + { -+ dhparams = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); ++ dh_params = PEM_read_bio_Parameters(bio, NULL); + BIO_free(bio); + -+ if (!SSL_CTX_set_tmp_dh(p_ctx, dhparams)) -+ { ++ if (!SSL_CTX_set0_tmp_dh_pkey(p_ctx, dh_params)) ++ { + die("SSL: setting custom DH params failed"); -+ } ++ } + } + } if (tunable_ssl_ciphers && SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1) { -@@ -184,6 +260,9 @@ +@@ -184,6 +226,9 @@ /* Ensure cached session doesn't expire */ SSL_CTX_set_timeout(p_ctx, INT_MAX); } + -+ SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); ++ SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh()); + /* Set up ALPN to check for FTP protocol intention of client. */ SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); /* Set up SNI callback for an optional hostname check. */ -@@ -854,6 +933,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx) - } - } - -+#define UNUSED(x) ( (void)(x) ) -+ -+static DH * -+ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) -+{ -+ // strict compiler bypassing -+ UNUSED(ssl); -+ UNUSED(is_export); -+ -+ return DH_get_dh(keylength); -+} -+ - void - ssl_add_entropy(struct vsf_session* p_sess) - { diff --git a/tunables.c b/tunables.c index c737465..1ea7227 100644 --- a/tunables.c diff --git a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch index 9cb56cd..0a09a2c 100644 --- a/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch +++ b/0022-Introduce-support-for-EDDHE-based-cipher-suites.patch @@ -36,45 +36,37 @@ index 22b69b3..96bf8ad 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -244,6 +244,41 @@ +@@ -244,6 +244,33 @@ - SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh()); + if (tunable_ecdh_param_file) + { + BIO *bio; -+ int nid; -+ EC_GROUP *ecparams = NULL; -+ EC_KEY *eckey; ++ EVP_PKEY *ec_params = NULL; + + if ((bio = BIO_new_file(tunable_ecdh_param_file, "r")) == NULL) + die("SSL: cannot load custom ec params"); + else + { -+ ecparams = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL); ++ ec_params = PEM_read_bio_Parameters(bio, NULL); + BIO_free(bio); + -+ if (ecparams && (nid = EC_GROUP_get_curve_name(ecparams)) && -+ (eckey = EC_KEY_new_by_curve_name(nid))) ++ if (ec_params != NULL) + { -+ if (!SSL_CTX_set_tmp_ecdh(p_ctx, eckey)) ++ if (!SSL_CTX_set1_groups_list(p_ctx, ec_params)) + die("SSL: setting custom EC params failed"); -+ } -+ else ++ } ++ else + { + die("SSL: getting ec group or key failed"); -+ } ++ } + } + } + else + { -+#if defined(SSL_CTX_set_ecdh_auto) -+ SSL_CTX_set_ecdh_auto(p_ctx, 1); -+#else -+ SSL_CTX_set_tmp_ecdh(p_ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); -+#endif ++ SSL_CTX_set1_groups_list(p_ctx, "P-256"); + } -+ /* Set up ALPN to check for FTP protocol intention of client. */ SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); /* Set up SNI callback for an optional hostname check. */ diff --git a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch b/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch deleted file mode 100644 index 1cebc18..0000000 --- a/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Mon, 4 Sep 2017 11:32:03 +0200 -Subject: [PATCH 35/59] Modify DH enablement patch to build with OpenSSL 1.1 - ---- - ssl.c | 41 ++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 38 insertions(+), 3 deletions(-) - -diff --git a/ssl.c b/ssl.c -index ba8a613..09ec96a 100644 ---- a/ssl.c -+++ b/ssl.c -@@ -88,19 +88,54 @@ static struct mystr debug_str; - } - #endif - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_free(dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_free(dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_free(dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits(q); -+ } -+ -+ return 1; -+} -+#endif -+ - #if !defined(DH_get_dh) - // Grab DH parameters - DH * - DH_get_dh(int size) - { -+ BIGNUM *g = NULL; -+ BIGNUM *p = NULL; - DH *dh = DH_new(); - if (!dh) { - return NULL; - } -- dh->p = DH_get_prime(match_dh_bits(size)); -- BN_dec2bn(&dh->g, "2"); -- if (!dh->p || !dh->g) -+ p = DH_get_prime(match_dh_bits(size)); -+ BN_dec2bn(&g, "2"); -+ if (!p || !g || !DH_set0_pqg(dh, p, NULL, g)) - { -+ BN_free(g); -+ BN_free(p); - DH_free(dh); - return NULL; - } --- -2.14.4 - diff --git a/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch b/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch new file mode 100644 index 0000000..c6f8f7d --- /dev/null +++ b/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch @@ -0,0 +1,70 @@ +diff --git a/ssl.c b/ssl.c +--- ssl.c ++++ ssl.c +@@ -28,17 +28,17 @@ + #include + #include + #include + #include + #include + #include + #include + + static char* get_ssl_error(); + static SSL* get_ssl(struct vsf_session* p_sess, int fd); + static int ssl_session_init(struct vsf_session* p_sess); + static void setup_bio_callbacks(); + static long bio_callback( +- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); ++ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed); + static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); + static int ssl_alpn_callback(SSL* p_ssl, + const unsigned char** p_out, +@@ -88,7 +88,7 @@ + long options; + int verify_option = 0; + SSL_library_init(); +- p_ctx = SSL_CTX_new(SSLv23_server_method()); ++ p_ctx = SSL_CTX_new_ex(NULL, NULL, SSLv23_server_method()); + if (p_ctx == NULL) + { + die("SSL: could not allocate SSL context"); +@@ -180,13 +180,10 @@ + die("SSL: RNG is not seeded"); + } + { +- EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); +- if (key == NULL) ++ if (!SSL_CTX_set1_groups_list(p_ctx, "P-256")) + { + die("SSL: failed to get curve p256"); + } +- SSL_CTX_set_tmp_ecdh(p_ctx, key); +- EC_KEY_free(key); + } + if (tunable_ssl_request_cert) + { +@@ -692,17 +689,19 @@ + static void setup_bio_callbacks(SSL* p_ssl) + { + BIO* p_bio = SSL_get_rbio(p_ssl); +- BIO_set_callback(p_bio, bio_callback); ++ BIO_set_callback_ex(p_bio, bio_callback); + p_bio = SSL_get_wbio(p_ssl); +- BIO_set_callback(p_bio, bio_callback); ++ BIO_set_callback_ex(p_bio, bio_callback); + } + + static long + bio_callback( +- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long ret) ++ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed) + { + int retval = 0; + int fd = 0; ++ (void) len; ++ (void) processed; + (void) p_arg; + (void) argi; + (void) argl; + diff --git a/vsftpd-3.0.5-replace-old-network-addr-functions.patch b/vsftpd-3.0.5-replace-old-network-addr-functions.patch new file mode 100644 index 0000000..89e6257 --- /dev/null +++ b/vsftpd-3.0.5-replace-old-network-addr-functions.patch @@ -0,0 +1,139 @@ +diff -urN vsftpd-3.0.5-orig/postlogin.c vsftpd-3.0.5/postlogin.c +--- vsftpd-3.0.5-orig/postlogin.c 2015-07-22 21:03:22.000000000 +0200 ++++ vsftpd-3.0.5/postlogin.c 2023-02-13 16:34:05.244467476 +0100 +@@ -27,4 +27,6 @@ + #include "ssl.h" + #include "vsftpver.h" ++#include ++#include + #include "opts.h" + +@@ -628,9 +629,10 @@ + else + { + const void* p_v4addr = vsf_sysutil_sockaddr_ipv6_v4(s_p_sockaddr); ++ static char result[INET_ADDRSTRLEN]; + if (p_v4addr) + { +- str_append_text(&s_pasv_res_str, vsf_sysutil_inet_ntoa(p_v4addr)); ++ str_append_text(&s_pasv_res_str, inet_ntop(AF_INET, p_v4addr, result, INET_ADDRSTRLEN)); + } + else + { +diff -urN vsftpd-3.0.5-orig/sysutil.c vsftpd-3.0.5/sysutil.c +--- vsftpd-3.0.5-orig/sysutil.c 2012-09-16 09:07:38.000000000 +0200 ++++ vsftpd-3.0.5/sysutil.c 2023-02-13 16:08:58.557153109 +0100 +@@ -2205,20 +2205,13 @@ + const struct sockaddr* p_sockaddr = &p_sockptr->u.u_sockaddr; + if (p_sockaddr->sa_family == AF_INET) + { +- return inet_ntoa(p_sockptr->u.u_sockaddr_in.sin_addr); ++ static char result[INET_ADDRSTRLEN]; ++ return inet_ntop(AF_INET, &p_sockptr->u.u_sockaddr_in.sin_addr, result, INET_ADDRSTRLEN); + } + else if (p_sockaddr->sa_family == AF_INET6) + { +- static char inaddr_buf[64]; +- const char* p_ret = inet_ntop(AF_INET6, +- &p_sockptr->u.u_sockaddr_in6.sin6_addr, +- inaddr_buf, sizeof(inaddr_buf)); +- inaddr_buf[sizeof(inaddr_buf) - 1] = '\0'; +- if (p_ret == NULL) +- { +- inaddr_buf[0] = '\0'; +- } +- return inaddr_buf; ++ static char result[INET6_ADDRSTRLEN]; ++ return inet_ntop(AF_INET6, &p_sockptr->u.u_sockaddr_in6.sin6_addr, result, INET6_ADDRSTRLEN); + } + else + { +@@ -2227,12 +2220,6 @@ + } + } + +-const char* +-vsf_sysutil_inet_ntoa(const void* p_raw_addr) +-{ +- return inet_ntoa(*((struct in_addr*)p_raw_addr)); +-} +- + int + vsf_sysutil_inet_aton(const char* p_text, struct vsf_sysutil_sockaddr* p_addr) + { +@@ -2241,7 +2228,7 @@ + { + bug("bad family"); + } +- if (inet_aton(p_text, &sin_addr)) ++ if (inet_pton(AF_INET, p_text, &sin_addr)) + { + vsf_sysutil_memcpy(&p_addr->u.u_sockaddr_in.sin_addr, + &sin_addr, sizeof(p_addr->u.u_sockaddr_in.sin_addr)); +@@ -2257,37 +2244,46 @@ + vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr, + const char* p_name) + { +- struct hostent* hent = gethostbyname(p_name); +- if (hent == NULL) ++ struct addrinfo *result; ++ struct addrinfo hints; ++ int ret; ++ ++ memset(&hints, 0, sizeof(struct addrinfo)); ++ hints.ai_family = AF_UNSPEC; ++ ++ if ((ret = getaddrinfo(p_name, NULL, &hints, &result)) != 0) + { ++ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(ret)); + die2("cannot resolve host:", p_name); + } + vsf_sysutil_sockaddr_clear(p_sockptr); +- if (hent->h_addrtype == AF_INET) ++ if (result->ai_family == AF_INET) + { +- unsigned int len = hent->h_length; ++ unsigned int len = result->ai_addrlen; + if (len > sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr)) + { + len = sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr); + } + vsf_sysutil_sockaddr_alloc_ipv4(p_sockptr); + vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in.sin_addr, +- hent->h_addr_list[0], len); ++ &result->ai_addrlen, len); + } +- else if (hent->h_addrtype == AF_INET6) ++ else if (result->ai_family == AF_INET6) + { +- unsigned int len = hent->h_length; ++ unsigned int len = result->ai_addrlen; + if (len > sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr)) + { + len = sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr); + } + vsf_sysutil_sockaddr_alloc_ipv6(p_sockptr); + vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in6.sin6_addr, +- hent->h_addr_list[0], len); ++ &result->ai_addrlen, len); + } + else + { +- die("gethostbyname(): neither IPv4 nor IPv6"); ++ freeaddrinfo(result); ++ die("getaddrinfo(): neither IPv4 nor IPv6"); + } ++ freeaddrinfo(result); + } + +diff -urN vsftpd-3.0.5-orig/sysutil.h vsftpd-3.0.5/sysutil.h +--- vsftpd-3.0.5-orig/sysutil.h 2021-05-18 08:50:21.000000000 +0200 ++++ vsftpd-3.0.5/sysutil.h 2023-02-13 15:59:22.088331075 +0100 +@@ -277,7 +277,6 @@ + + const char* vsf_sysutil_inet_ntop( + const struct vsf_sysutil_sockaddr* p_sockptr); +-const char* vsf_sysutil_inet_ntoa(const void* p_raw_addr); + int vsf_sysutil_inet_aton( + const char* p_text, struct vsf_sysutil_sockaddr* p_addr); + diff --git a/vsftpd.spec b/vsftpd.spec index 7efc847..72ce764 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -63,7 +63,6 @@ Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch #Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch -Patch35: 0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch @@ -98,7 +97,8 @@ Patch68: 0002-Drop-an-unused-global-variable.patch Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch Patch70: fix-str_open.patch Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch -# upstream commits 56402c0, 8b82e73 +Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch +Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -109,13 +109,11 @@ scratch. cp %{SOURCE1} . %build -# temporary ignore deprecated warnings to be able to build against OpenSSL 3.0 -%define ignore_deprecated -Wno-deprecated-declarations %ifarch s390x sparcv9 sparc64 -%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror %ignore_deprecated" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \ %else -%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror %ignore_deprecated" \ +%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \ %endif LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags} @@ -170,6 +168,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Feb 17 2023 Richard Lescak - 3.0.5-3 +- make vsftpd compatible with Openssl 3.0+ +- replace old network functions + * Sat Jan 21 2023 Fedora Release Engineering - 3.0.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild From 9f310a0dd2a73294b1f1bcc81c3c245d2549c225 Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Tue, 18 Apr 2023 12:45:29 +0200 Subject: [PATCH 60/73] Adding fmf plans and gating --- ci.fmf | 1 + gating.yaml | 23 +++++++++++++++++------ plans/ci.fmf | 6 ------ plans/public.fmf | 6 ++++++ plans/tier1-internal.fmf | 12 ++++++++++++ 5 files changed, 36 insertions(+), 12 deletions(-) create mode 100644 ci.fmf delete mode 100644 plans/ci.fmf create mode 100644 plans/public.fmf create mode 100644 plans/tier1-internal.fmf diff --git a/ci.fmf b/ci.fmf new file mode 100644 index 0000000..c5aa0e0 --- /dev/null +++ b/ci.fmf @@ -0,0 +1 @@ +resultsdb-testcase: separate diff --git a/gating.yaml b/gating.yaml index ce1b655..de5c323 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,16 +1,27 @@ --- !Policy product_versions: - fedora-* -decision_contexts: [bodhi_update_push_testing] +decision_context: bodhi_update_push_testing subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - -#gating rawhide + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} + +#Rawhide --- !Policy product_versions: - fedora-* -decision_contexts: [bodhi_update_push_stable] +decision_context: bodhi_update_push_stable subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} + +#gating rhel +--- !Policy +product_versions: + - rhel-* +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} + - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional} diff --git a/plans/ci.fmf b/plans/ci.fmf deleted file mode 100644 index 3eeb9e9..0000000 --- a/plans/ci.fmf +++ /dev/null @@ -1,6 +0,0 @@ -summary: Test plan that runs all tests from tests repo. -discover: - how: fmf - url: https://src.fedoraproject.org/tests/vsftpd.git -execute: - how: tmt diff --git a/plans/public.fmf b/plans/public.fmf new file mode 100644 index 0000000..95682f5 --- /dev/null +++ b/plans/public.fmf @@ -0,0 +1,6 @@ +summary: Test plan with all Fedora tests +discover: + how: fmf + url: https://src.fedoraproject.org/tests/vsftpd.git +execute: + how: tmt diff --git a/plans/tier1-internal.fmf b/plans/tier1-internal.fmf new file mode 100644 index 0000000..d1dd032 --- /dev/null +++ b/plans/tier1-internal.fmf @@ -0,0 +1,12 @@ +summary: CI plan, picks internal Tier1 tests, runs in beakerlib. +discover: + - name: rhel + how: fmf + filter: 'tier: 1' + url: git://pkgs.devel.redhat.com/tests/vsftpd +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. From 17a18d5fda02aca5d33e681a51fb3c4ba4bbd33a Mon Sep 17 00:00:00 2001 From: Richard Lescak Date: Fri, 5 May 2023 14:50:38 +0200 Subject: [PATCH 61/73] add option for TLSv1.3 ciphersuites SPDX migration --- ...-support-for-DHE-based-cipher-suites.patch | 4 +- ...-add-option-for-tlsv1.3-ciphersuites.patch | 79 +++++++++++++++++++ ...replace-deprecated-openssl-functions.patch | 2 +- vsftpd-3.0.5-use-old-tlsv-options.patch | 15 ++++ vsftpd.spec | 10 ++- 5 files changed, 106 insertions(+), 4 deletions(-) create mode 100644 vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch create mode 100644 vsftpd-3.0.5-use-old-tlsv-options.patch diff --git a/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/0021-Introduce-support-for-DHE-based-cipher-suites.patch index bbf99a8..3460c2a 100644 --- a/0021-Introduce-support-for-DHE-based-cipher-suites.patch +++ b/0021-Introduce-support-for-DHE-based-cipher-suites.patch @@ -69,7 +69,7 @@ index c362983..22b69b3 100644 if (!tunable_sslv2) { options |= SSL_OP_NO_SSLv2; -@@ -130,6 +147,25 @@ +@@ -149,8 +166,27 @@ die("SSL: cannot load DSA private key"); } } @@ -95,6 +95,8 @@ index c362983..22b69b3 100644 if (tunable_ssl_ciphers && SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1) { + die("SSL: could not set cipher list"); + } @@ -184,6 +226,9 @@ /* Ensure cached session doesn't expire */ SSL_CTX_set_timeout(p_ctx, INT_MAX); diff --git a/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch b/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch new file mode 100644 index 0000000..1f1925e --- /dev/null +++ b/vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch @@ -0,0 +1,79 @@ +diff -urN a/parseconf.c b/parseconf.c +--- a/parseconf.c 2021-05-29 23:39:19.000000000 +0200 ++++ b/parseconf.c 2023-03-03 10:22:38.256439634 +0100 +@@ -185,6 +185,7 @@ + { "dsa_cert_file", &tunable_dsa_cert_file }, + { "dh_param_file", &tunable_dh_param_file }, + { "ecdh_param_file", &tunable_ecdh_param_file }, ++ { "ssl_ciphersuites", &tunable_ssl_ciphersuites }, + { "ssl_ciphers", &tunable_ssl_ciphers }, + { "rsa_private_key_file", &tunable_rsa_private_key_file }, + { "dsa_private_key_file", &tunable_dsa_private_key_file }, +diff -urN a/ssl.c b/ssl.c +--- a/ssl.c 2021-08-02 08:24:35.000000000 +0200 ++++ b/ssl.c 2023-03-03 10:28:05.989757655 +0100 +@@ -135,6 +135,11 @@ + { + die("SSL: could not set cipher list"); + } ++ if (tunable_ssl_ciphersuites && ++ SSL_CTX_set_ciphersuites(p_ctx, tunable_ssl_ciphersuites) != 1) ++ { ++ die("SSL: could not set ciphersuites"); ++ } + if (RAND_status() != 1) + { + die("SSL: RNG is not seeded"); +diff -urN a/tunables.c b/tunables.c +--- a/tunables.c 2021-05-29 23:39:00.000000000 +0200 ++++ b/tunables.c 2023-03-03 10:13:30.566868026 +0100 +@@ -154,6 +154,7 @@ + const char* tunable_dsa_cert_file; + const char* tunable_dh_param_file; + const char* tunable_ecdh_param_file; + const char* tunable_ssl_ciphers; ++const char* tunable_ssl_ciphersuites; + const char* tunable_rsa_private_key_file; + const char* tunable_dsa_private_key_file; +@@ -293,6 +293,7 @@ + install_str_setting(0, &tunable_dh_param_file); + install_str_setting(0, &tunable_ecdh_param_file); + install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers); ++ install_str_setting("TLS_AES_256_GCM_SHA384", &tunable_ssl_ciphersuites); + install_str_setting(0, &tunable_rsa_private_key_file); + install_str_setting(0, &tunable_dsa_private_key_file); + install_str_setting(0, &tunable_ca_certs_file); +diff -urN a/tunables.h b/tunables.h +--- a/tunables.h ++++ b/tunables.h +@@ -144,6 +144,7 @@ + extern const char* tunable_dsa_cert_file; + extern const char* tunable_dh_param_file; + extern const char* tunable_ecdh_param_file; + extern const char* tunable_ssl_ciphers; ++extern const char* tunable_ssl_ciphersuites; + extern const char* tunable_rsa_private_key_file; + extern const char* tunable_dsa_private_key_file; +--- a/vsftpd.conf.5 ++++ b/vsftpd.conf.5 +@@ -1009,6 +1009,20 @@ + + Default: PROFILE=SYSTEM + .TP ++.B ssl_ciphersuites ++This option can be used to select which SSL cipher suites vsftpd will allow for ++encrypted SSL connections with TLSv1.3. See the ++.BR ciphers ++man page for further details. Note that restricting ciphers can be a useful ++security precaution as it prevents malicious remote parties forcing a cipher ++which they have found problems with. ++ ++By default, the system-wide crypto policy is used. See ++.BR update-crypto-policies(8) ++for further details. ++ ++Default: TLS_AES_256_GCM_SHA384 ++.TP + .B ssl_sni_hostname + If set, SSL connections will be rejected unless the SNI hostname in the + incoming handshakes matches this value. diff --git a/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch b/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch index c6f8f7d..8e3792b 100644 --- a/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch +++ b/vsftpd-3.0.5-replace-deprecated-openssl-functions.patch @@ -25,7 +25,7 @@ diff --git a/ssl.c b/ssl.c int verify_option = 0; SSL_library_init(); - p_ctx = SSL_CTX_new(SSLv23_server_method()); -+ p_ctx = SSL_CTX_new_ex(NULL, NULL, SSLv23_server_method()); ++ p_ctx = SSL_CTX_new_ex(NULL, NULL, TLS_server_method()); if (p_ctx == NULL) { die("SSL: could not allocate SSL context"); diff --git a/vsftpd-3.0.5-use-old-tlsv-options.patch b/vsftpd-3.0.5-use-old-tlsv-options.patch new file mode 100644 index 0000000..7c37ce9 --- /dev/null +++ b/vsftpd-3.0.5-use-old-tlsv-options.patch @@ -0,0 +1,15 @@ +--- parseconf-orig.c 2022-10-25 15:17:18.990701984 +0200 ++++ parseconf.c 2022-10-25 15:12:44.213480000 +0200 +@@ -85,9 +85,9 @@ + { "ssl_sslv2", &tunable_sslv2 }, + { "ssl_sslv3", &tunable_sslv3 }, + { "ssl_tlsv1", &tunable_tlsv1 }, +- { "ssl_tlsv11", &tunable_tlsv1_1 }, +- { "ssl_tlsv12", &tunable_tlsv1_2 }, +- { "ssl_tlsv13", &tunable_tlsv1_3 }, ++ { "ssl_tlsv1_1", &tunable_tlsv1_1 }, ++ { "ssl_tlsv1_2", &tunable_tlsv1_2 }, ++ { "ssl_tlsv1_3", &tunable_tlsv1_3 }, + { "tilde_user_enable", &tunable_tilde_user_enable }, + { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, + { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, diff --git a/vsftpd.spec b/vsftpd.spec index 72ce764..3df6d73 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,11 +2,11 @@ Name: vsftpd Version: 3.0.5 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception -License: GPLv2 with exceptions +License: GPL-2.0-only WITH vsftpd-openssl-exception URL: https://security.appspot.com/vsftpd.html Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz Source1: vsftpd.xinetd @@ -99,6 +99,8 @@ Patch70: fix-str_open.patch Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch +Patch74: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch +Patch75: vsftpd-3.0.5-use-old-tlsv-options.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -168,6 +170,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Thu May 04 2023 Richard Lescak - 3.0.5-4 +- add option for TLSv1.3 ciphersuites +- SPDX migration + * Fri Feb 17 2023 Richard Lescak - 3.0.5-3 - make vsftpd compatible with Openssl 3.0+ - replace old network functions From e4f583e81fda55cd092b506fc61b02874ec24e15 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 22 Jul 2023 17:53:13 +0000 Subject: [PATCH 62/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 3df6d73..e76e3b7 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -170,6 +170,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jul 22 2023 Fedora Release Engineering - 3.0.5-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Thu May 04 2023 Richard Lescak - 3.0.5-4 - add option for TLSv1.3 ciphersuites - SPDX migration From bbcf7c122fa17ea053fb8967d03a555ebd64bb0c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 27 Jan 2024 08:14:07 +0000 Subject: [PATCH 63/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index e76e3b7..a05c3f7 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -170,6 +170,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jan 27 2024 Fedora Release Engineering - 3.0.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Sat Jul 22 2023 Fedora Release Engineering - 3.0.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild From 4b2c95303c888c07d7ebbd069e4f2fac597da46b Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 20 Jul 2024 09:02:01 +0000 Subject: [PATCH 64/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index a05c3f7..397535d 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -170,6 +170,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sat Jul 20 2024 Fedora Release Engineering - 3.0.5-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Sat Jan 27 2024 Fedora Release Engineering - 3.0.5-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From dff0329ff427009514de510649f81d7d600f85e4 Mon Sep 17 00:00:00 2001 From: Tomas Korbar Date: Mon, 19 Aug 2024 14:09:20 +0200 Subject: [PATCH 65/73] Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled --- ...ntroduce-TLSv1.1-and-TLSv1.2-options.patch | 153 ------------------ ...AT-command-check-ssl_tlsv1_1-and-ssl.patch | 2 +- 0043-Enable-only-TLSv1.2-by-default.patch | 53 ------ vsftpd.spec | 9 +- 4 files changed, 6 insertions(+), 211 deletions(-) delete mode 100644 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch delete mode 100644 0043-Enable-only-TLSv1.2-by-default.patch diff --git a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch b/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch deleted file mode 100644 index 8d6228e..0000000 --- a/0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch +++ /dev/null @@ -1,153 +0,0 @@ -From 01bef55a1987700af3d43cdc5f5be88d3843ab85 Mon Sep 17 00:00:00 2001 -From: Martin Sehnoutka -Date: Thu, 17 Nov 2016 13:36:17 +0100 -Subject: [PATCH 33/59] Introduce TLSv1.1 and TLSv1.2 options. - -Users can now enable a specific version of TLS protocol. ---- - parseconf.c | 2 ++ - ssl.c | 8 ++++++++ - tunables.c | 9 +++++++-- - tunables.h | 2 ++ - vsftpd.conf.5 | 24 ++++++++++++++++++++---- - 5 files changed, 39 insertions(+), 6 deletions(-) - -diff --git a/parseconf.c b/parseconf.c -index a2c715b..33a1349 100644 ---- a/parseconf.c -+++ b/parseconf.c -@@ -85,6 +85,8 @@ parseconf_bool_array[] = - { "ssl_sslv2", &tunable_sslv2 }, - { "ssl_sslv3", &tunable_sslv3 }, - { "ssl_tlsv1", &tunable_tlsv1 }, -+ { "ssl_tlsv1_1", &tunable_tlsv1_1 }, -+ { "ssl_tlsv1_2", &tunable_tlsv1_2 }, - { "tilde_user_enable", &tunable_tilde_user_enable }, - { "force_anon_logins_ssl", &tunable_force_anon_logins_ssl }, - { "force_anon_data_ssl", &tunable_force_anon_data_ssl }, -diff --git a/ssl.c b/ssl.c -index 96bf8ad..ba8a613 100644 ---- a/ssl.c -+++ b/ssl.c -@@ -135,6 +135,14 @@ ssl_init(struct vsf_session* p_sess) - { - options |= SSL_OP_NO_TLSv1; - } -+ if (!tunable_tlsv1_1) -+ { -+ options |= SSL_OP_NO_TLSv1_1; -+ } -+ if (!tunable_tlsv1_2) -+ { -+ options |= SSL_OP_NO_TLSv1_2; -+ } - SSL_CTX_set_options(p_ctx, options); - if (tunable_rsa_cert_file) - { -diff --git a/tunables.c b/tunables.c -index 93f85b1..78f2bcd 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -66,6 +66,8 @@ int tunable_force_local_data_ssl; - int tunable_sslv2; - int tunable_sslv3; - int tunable_tlsv1; -+int tunable_tlsv1_1; -+int tunable_tlsv1_2; - int tunable_tilde_user_enable; - int tunable_force_anon_logins_ssl; - int tunable_force_anon_data_ssl; -@@ -209,7 +211,10 @@ tunables_load_defaults() - tunable_force_local_data_ssl = 1; - tunable_sslv2 = 0; - tunable_sslv3 = 0; -+ /* TLSv1 up to TLSv1.2 is enabled by default */ - tunable_tlsv1 = 1; -+ tunable_tlsv1_1 = 1; -+ tunable_tlsv1_2 = 1; - tunable_tilde_user_enable = 0; - tunable_force_anon_logins_ssl = 0; - tunable_force_anon_data_ssl = 0; -@@ -292,8 +297,8 @@ tunables_load_defaults() - install_str_setting(0, &tunable_dsa_cert_file); - install_str_setting(0, &tunable_dh_param_file); - install_str_setting(0, &tunable_ecdh_param_file); -- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA", -- &tunable_ssl_ciphers); -+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384", -+ &tunable_ssl_ciphers); - install_str_setting(0, &tunable_rsa_private_key_file); - install_str_setting(0, &tunable_dsa_private_key_file); - install_str_setting(0, &tunable_ca_certs_file); -diff --git a/tunables.h b/tunables.h -index 3e2d40c..a466427 100644 ---- a/tunables.h -+++ b/tunables.h -@@ -67,6 +67,8 @@ extern int tunable_force_local_data_ssl; /* Require local data uses SSL */ - extern int tunable_sslv2; /* Allow SSLv2 */ - extern int tunable_sslv3; /* Allow SSLv3 */ - extern int tunable_tlsv1; /* Allow TLSv1 */ -+extern int tunable_tlsv1_1; /* Allow TLSv1.1 */ -+extern int tunable_tlsv1_2; /* Allow TLSv1.2 */ - extern int tunable_tilde_user_enable; /* Support e.g. ~chris */ - extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */ - extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */ -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index cf1ae34..a3d569e 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -506,7 +506,7 @@ Default: YES - Only applies if - .BR ssl_enable - is activated. If enabled, this option will permit SSL v2 protocol connections. --TLS v1 connections are preferred. -+TLS v1.2 connections are preferred. - - Default: NO - .TP -@@ -514,7 +514,7 @@ Default: NO - Only applies if - .BR ssl_enable - is activated. If enabled, this option will permit SSL v3 protocol connections. --TLS v1 connections are preferred. -+TLS v1.2 connections are preferred. - - Default: NO - .TP -@@ -522,7 +522,23 @@ Default: NO - Only applies if - .BR ssl_enable - is activated. If enabled, this option will permit TLS v1 protocol connections. --TLS v1 connections are preferred. -+TLS v1.2 connections are preferred. -+ -+Default: YES -+.TP -+.B ssl_tlsv1_1 -+Only applies if -+.BR ssl_enable -+is activated. If enabled, this option will permit TLS v1.1 protocol connections. -+TLS v1.2 connections are preferred. -+ -+Default: YES -+.TP -+.B ssl_tlsv1_2 -+Only applies if -+.BR ssl_enable -+is activated. If enabled, this option will permit TLS v1.2 protocol connections. -+TLS v1.2 connections are preferred. - - Default: YES - .TP -@@ -1044,7 +1060,7 @@ man page for further details. Note that restricting ciphers can be a useful - security precaution as it prevents malicious remote parties forcing a cipher - which they have found problems with. - --Default: DES-CBC3-SHA -+Default: AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384 - .TP - .B user_config_dir - This powerful option allows the override of any config option specified in --- -2.14.4 - diff --git a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch index 250a44c..1e14813 100644 --- a/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch +++ b/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch @@ -23,7 +23,7 @@ index 1212980..d024366 100644 vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n"); } - if (tunable_tlsv1) -+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2) ++ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3) { vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); } diff --git a/0043-Enable-only-TLSv1.2-by-default.patch b/0043-Enable-only-TLSv1.2-by-default.patch deleted file mode 100644 index eb157f8..0000000 --- a/0043-Enable-only-TLSv1.2-by-default.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 75c942c77aa575143c5b75637e64a925ad12641a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= -Date: Thu, 21 Dec 2017 16:38:40 +0100 -Subject: [PATCH 43/59] Enable only TLSv1.2 by default - -Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default. ---- - tunables.c | 6 +++--- - vsftpd.conf.5 | 4 ++-- - 2 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/tunables.c b/tunables.c -index 354251c..9680528 100644 ---- a/tunables.c -+++ b/tunables.c -@@ -211,9 +211,9 @@ tunables_load_defaults() - tunable_force_local_data_ssl = 1; - tunable_sslv2 = 0; - tunable_sslv3 = 0; -- /* TLSv1 up to TLSv1.2 is enabled by default */ -- tunable_tlsv1 = 1; -- tunable_tlsv1_1 = 1; -+ tunable_tlsv1 = 0; -+ tunable_tlsv1_1 = 0; -+ /* Only TLSv1.2 is enabled by default */ - tunable_tlsv1_2 = 1; - tunable_tilde_user_enable = 0; - tunable_force_anon_logins_ssl = 0; -diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 -index 2a7662e..df14027 100644 ---- a/vsftpd.conf.5 -+++ b/vsftpd.conf.5 -@@ -539,7 +539,7 @@ Only applies if - is activated. If enabled, this option will permit TLS v1 protocol connections. - TLS v1.2 connections are preferred. - --Default: YES -+Default: NO - .TP - .B ssl_tlsv1_1 - Only applies if -@@ -547,7 +547,7 @@ Only applies if - is activated. If enabled, this option will permit TLS v1.1 protocol connections. - TLS v1.2 connections are preferred. - --Default: YES -+Default: NO - .TP - .B ssl_tlsv1_2 - Only applies if --- -2.14.4 - diff --git a/vsftpd.spec b/vsftpd.spec index 397535d..668b321 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -61,7 +61,6 @@ Patch29: 0029-Fix-segfault-in-config-file-parser.patch Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch -#Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch @@ -69,8 +68,7 @@ Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch Patch40: 0040-Use-system-wide-crypto-policy.patch Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch -#Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch -#Patch43: 0043-Enable-only-TLSv1.2-by-default.patch +Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch @@ -170,6 +168,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Mon Aug 19 2024 Tomas Korbar - 3.0.5-8 +- Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled + * Sat Jul 20 2024 Fedora Release Engineering - 3.0.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From 3c842e7696eeb3786e7f97d365a66928b0f5dc0a Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Mon, 14 Oct 2024 10:28:43 +0200 Subject: [PATCH 66/73] Update plans and gating --- gating.yaml | 13 +++++------ plans.fmf | 47 ++++++++++++++++++++++++++++++++++++++++ plans/public.fmf | 6 ----- plans/tier1-internal.fmf | 12 ---------- 4 files changed, 53 insertions(+), 25 deletions(-) create mode 100644 plans.fmf delete mode 100644 plans/public.fmf delete mode 100644 plans/tier1-internal.fmf diff --git a/gating.yaml b/gating.yaml index de5c323..9b2646f 100644 --- a/gating.yaml +++ b/gating.yaml @@ -4,8 +4,8 @@ product_versions: decision_context: bodhi_update_push_testing subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} - + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} + #Rawhide --- !Policy product_versions: @@ -13,15 +13,14 @@ product_versions: decision_context: bodhi_update_push_stable subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} - + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} + #gating rhel --- !Policy product_versions: - rhel-* decision_context: osci_compose_gate rules: - - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} - - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional} - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} - - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional} + diff --git a/plans.fmf b/plans.fmf new file mode 100644 index 0000000..a2a8046 --- /dev/null +++ b/plans.fmf @@ -0,0 +1,47 @@ +/tier1-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/tier1/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/tier1-public: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/tier1/public + +/tier2-tier3-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/tier2-tier3/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/tier2-tier3-public: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/tier2-tier3/public + +/others-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/others/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/others-public: + plan: + import: + url: https://src.fedoraproject.org/tests/vsftpd.git + name: /plans/others/public diff --git a/plans/public.fmf b/plans/public.fmf deleted file mode 100644 index 95682f5..0000000 --- a/plans/public.fmf +++ /dev/null @@ -1,6 +0,0 @@ -summary: Test plan with all Fedora tests -discover: - how: fmf - url: https://src.fedoraproject.org/tests/vsftpd.git -execute: - how: tmt diff --git a/plans/tier1-internal.fmf b/plans/tier1-internal.fmf deleted file mode 100644 index d1dd032..0000000 --- a/plans/tier1-internal.fmf +++ /dev/null @@ -1,12 +0,0 @@ -summary: CI plan, picks internal Tier1 tests, runs in beakerlib. -discover: - - name: rhel - how: fmf - filter: 'tier: 1' - url: git://pkgs.devel.redhat.com/tests/vsftpd -execute: - how: tmt -adjust: - enabled: false - when: distro == centos-stream, fedora - because: They don't have access to internal repos. From 3c9948ba72339fa187099c3f5cfe1208d380b99c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sun, 19 Jan 2025 14:38:47 +0000 Subject: [PATCH 67/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 668b321..8147c6c 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -168,6 +168,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Sun Jan 19 2025 Fedora Release Engineering - 3.0.5-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Mon Aug 19 2024 Tomas Korbar - 3.0.5-8 - Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled From c31087744900967ff4d572706a296bf6c8c4a68e Mon Sep 17 00:00:00 2001 From: Stepan Broz Date: Fri, 24 Jan 2025 12:47:37 +0100 Subject: [PATCH 68/73] Correct the definition of setup_bio_callbacks() in ssl.c. --- ...nition-of-setup_bio_callbacks-in-ssl.patch | 25 +++++++++++++++++++ vsftpd.spec | 6 ++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch diff --git a/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch b/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch new file mode 100644 index 0000000..4fb8420 --- /dev/null +++ b/0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch @@ -0,0 +1,25 @@ +From f3a745be207831ebd07add16e66ac2b43a743dc1 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 24 Jan 2025 11:42:39 +0100 +Subject: [PATCH] Correct the definition of setup_bio_callbacks() in ssl.c + +--- + ssl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl.c b/ssl.c +index e518097..02ed489 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -36,7 +36,7 @@ + static char* get_ssl_error(); + static SSL* get_ssl(struct vsf_session* p_sess, int fd); + static int ssl_session_init(struct vsf_session* p_sess); +-static void setup_bio_callbacks(); ++static void setup_bio_callbacks(SSL* p_ssl); + static long bio_callback( + BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed); + static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); +-- +2.48.1 + diff --git a/vsftpd.spec b/vsftpd.spec index 8147c6c..c60435d 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -99,6 +99,7 @@ Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch Patch74: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch Patch75: vsftpd-3.0.5-use-old-tlsv-options.patch +Patch76: 0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch %description vsftpd is a Very Secure FTP daemon. It was written completely from @@ -168,6 +169,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jan 24 2025 Stepan Broz - 3.0.5-10 +- Correct the definition of setup_bio_callbacks() in ssl.c + * Sun Jan 19 2025 Fedora Release Engineering - 3.0.5-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From be372735b51e078f9eefc212382bd8a6ae477edb Mon Sep 17 00:00:00 2001 From: Tomas Korbar Date: Tue, 15 Apr 2025 13:26:28 +0200 Subject: [PATCH 69/73] Move executable to bindir --- vsftpd.spec | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/vsftpd.spec b/vsftpd.spec index c60435d..74e6b37 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 10%{?dist} +Release: 11%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -119,13 +119,13 @@ cp %{SOURCE1} . LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags} %install -mkdir -p $RPM_BUILD_ROOT%{_sbindir} +mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{vsftpd,pam.d,logrotate.d} mkdir -p $RPM_BUILD_ROOT%{_mandir}/man{5,8} mkdir -p $RPM_BUILD_ROOT%{_unitdir} mkdir -p $RPM_BUILD_ROOT%{_generatorsdir} -install -m 755 vsftpd $RPM_BUILD_ROOT%{_sbindir}/vsftpd +install -m 755 vsftpd $RPM_BUILD_ROOT%{_bindir}/vsftpd install -m 600 vsftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/vsftpd.conf install -m 644 vsftpd.conf.5 $RPM_BUILD_ROOT/%{_mandir}/man5/ install -m 644 vsftpd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/ @@ -154,7 +154,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %files %{_unitdir}/* %{_generatorsdir}/* -%{_sbindir}/vsftpd +%{_bindir}/vsftpd %dir %{_sysconfdir}/vsftpd %{_sysconfdir}/vsftpd/vsftpd_conf_migrate.sh %config(noreplace) %{_sysconfdir}/vsftpd/ftpusers @@ -169,6 +169,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Tue Apr 15 2025 Tomas Korbar - 3.0.5-11 +- Move executable to bindir + * Fri Jan 24 2025 Stepan Broz - 3.0.5-10 - Correct the definition of setup_bio_callbacks() in ssl.c From 09634b741a0eea01a67484408ed979d159bc269f Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Wed, 18 Jun 2025 20:46:58 +0200 Subject: [PATCH 70/73] Testing moves to RH gitlab centos-stream space --- plans.fmf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/plans.fmf b/plans.fmf index a2a8046..900f2e5 100644 --- a/plans.fmf +++ b/plans.fmf @@ -1,7 +1,7 @@ /tier1-internal: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/tier1/internal adjust: enabled: false @@ -11,13 +11,13 @@ /tier1-public: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/tier1/public /tier2-tier3-internal: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/tier2-tier3/internal adjust: enabled: false @@ -27,13 +27,13 @@ /tier2-tier3-public: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/tier2-tier3/public /others-internal: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/others/internal adjust: enabled: false @@ -43,5 +43,5 @@ /others-public: plan: import: - url: https://src.fedoraproject.org/tests/vsftpd.git + url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git name: /plans/others/public From 42db2f076b51cb83a54a5b422fe6ea8e5672250f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 25 Jul 2025 20:14:23 +0000 Subject: [PATCH 71/73] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- vsftpd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/vsftpd.spec b/vsftpd.spec index 74e6b37..dbea734 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 11%{?dist} +Release: 12%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -169,6 +169,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_var}/ftp %changelog +* Fri Jul 25 2025 Fedora Release Engineering - 3.0.5-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Tue Apr 15 2025 Tomas Korbar - 3.0.5-11 - Move executable to bindir From 67e7d68dac924c323dd54546cc35435d9828d810 Mon Sep 17 00:00:00 2001 From: Fedor Vorobev Date: Wed, 17 Dec 2025 14:11:37 +0100 Subject: [PATCH 72/73] Add a tmpfiles.d config. (image mode support) --- vsftpd-tmpfiles.conf | 2 ++ vsftpd.spec | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 vsftpd-tmpfiles.conf diff --git a/vsftpd-tmpfiles.conf b/vsftpd-tmpfiles.conf new file mode 100644 index 0000000..f1a385c --- /dev/null +++ b/vsftpd-tmpfiles.conf @@ -0,0 +1,2 @@ +d /var/ftp 0755 root root - +d /var/ftp/pub 0755 root root - diff --git a/vsftpd.spec b/vsftpd.spec index dbea734..d06c02d 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 12%{?dist} +Release: 13%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -18,6 +18,7 @@ Source7: vsftpd.service Source8: vsftpd@.service Source9: vsftpd.target Source10: vsftpd-generator +Source11: vsftpd-tmpfiles.conf BuildRequires: make BuildRequires: pam-devel @@ -138,6 +139,7 @@ install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_unitdir} install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_unitdir} install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir} install -m 755 %{SOURCE10} $RPM_BUILD_ROOT%{_generatorsdir} +install -Dpm 644 %{SOURCE11} $RPM_BUILD_ROOT%{_tmpfilesdir}/vsftpd.conf mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub @@ -167,8 +169,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_mandir}/man5/vsftpd.conf.* %{_mandir}/man8/vsftpd.* %{_var}/ftp +%{_tmpfilesdir}/vsftpd.conf %changelog +* Thu Dec 18 2025 Fedor Vorobev - 3.0.5-13 +- Add a tmpfiles.d config. (image mode support) + * Fri Jul 25 2025 Fedora Release Engineering - 3.0.5-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild From 2ed5ba6e77f1c3e365fb4b0028945f762c456131 Mon Sep 17 00:00:00 2001 From: Tomas Korbar Date: Wed, 14 Jan 2026 15:58:44 +0100 Subject: [PATCH 73/73] Resolve CVE-2025-14242 --- ...dd-support-for-square-brackets-in-ls.patch | 19 +++++++------------ vsftpd.spec | 5 ++++- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/0014-Add-support-for-square-brackets-in-ls.patch b/0014-Add-support-for-square-brackets-in-ls.patch index 27f5374..5035675 100644 --- a/0014-Add-support-for-square-brackets-in-ls.patch +++ b/0014-Add-support-for-square-brackets-in-ls.patch @@ -1,14 +1,11 @@ -From ba0520650ae7f9f63e48ba9fb3a94297aebe2d0c Mon Sep 17 00:00:00 2001 -From: Martin Sehnoutka -Date: Wed, 7 Sep 2016 14:22:21 +0200 -Subject: [PATCH 14/59] Add support for square brackets in ls. +commit de556b2643b5da622f501b435740c651b9f82554 +Author: Tomas Korbar +Date: Mon Dec 15 02:00:00 2025 +0200 ---- - ls.c | 222 +++++++++++++++++++++++++++++++++++++++++++++---------------------- - 1 file changed, 150 insertions(+), 72 deletions(-) + Add support for square brackets in ls. diff --git a/ls.c b/ls.c -index 616b2d9..b840136 100644 +index 616b2d9..ab69af9 100644 --- a/ls.c +++ b/ls.c @@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str, @@ -191,7 +188,7 @@ index 616b2d9..b840136 100644 - if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str, - iters)) + unsigned int cur_pos; -+ char stch, ench; ++ unsigned char stch, ench; + const char *p_brace; + + str_split_char(&filter_remain_str, &temp_str, ']'); @@ -216,7 +213,7 @@ index 616b2d9..b840136 100644 + cur_pos++; + } + // expand char[s] -+ for (;stch <= ench && !str_isempty(&brace_list_str); stch++) ++ for (;stch <= ench && !str_isempty(&brace_list_str) && stch != 0; stch++) + { + str_empty(&new_filter_str); + if (!matched) @@ -272,6 +269,4 @@ index 616b2d9..b840136 100644 } /* Any incoming string left means no match unless we ended on the correct * type of wildcard. --- -2.14.4 diff --git a/vsftpd.spec b/vsftpd.spec index d06c02d..d8e0a58 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -2,7 +2,7 @@ Name: vsftpd Version: 3.0.5 -Release: 13%{?dist} +Release: 14%{?dist} Summary: Very Secure Ftp Daemon # OpenSSL link exception @@ -172,6 +172,9 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub %{_tmpfilesdir}/vsftpd.conf %changelog +* Wed Jan 14 2026 Tomas Korbar - 3.0.5-14 +- Resolve CVE-2025-14242 + * Thu Dec 18 2025 Fedor Vorobev - 3.0.5-13 - Add a tmpfiles.d config. (image mode support)