rpms/vsftpd
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f42
rpms:f43
rpms:main
rpms:f39
rpms:f40
rpms:f41
rpms:f36
rpms:f37
rpms:f38
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f28
rpms:f29
rpms:f26
rpms:f27
rpms:f25
rpms:f23
rpms:f24
rpms:f22
rpms:f21
rpms:f18
rpms:f19
rpms:f20
rpms:f17
rpms:f16
rpms:f15
rpms:f13
rpms:f14
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:vsftpd-2_2_2-7_fc13
rpms:vsftpd-2_2_2-7_fc14
rpms:vsftpd-2_2_2-6_fc12
rpms:vsftpd-2_2_2-6_fc13
rpms:vsftpd-2_2_2-5_fc12
rpms:vsftpd-2_2_2-6_fc14
rpms:vsftpd-2_2_2-5_fc14
rpms:vsftpd-2_2_2-4_fc14
rpms:vsftpd-2_2_2-3_fc12
rpms:vsftpd-2_2_2-2_fc12
rpms:vsftpd-2_2_2-3_fc13
rpms:F-13-start
rpms:F-13-split
rpms:vsftpd-2_2_2-1_fc12
rpms:vsftpd-2_2_2-2_fc13
rpms:vsftpd-2_2_2-1_fc13
rpms:vsftpd-2_2_0-6_fc12
rpms:vsftpd-2_2_0-6_fc13
rpms:vsftpd-2_1_2-2_fc11
rpms:vsftpd-2_0_7-3_fc10
rpms:vsftpd-2_2_0-5_fc12
rpms:F-12-start
rpms:F-12-split
rpms:vsftpd-2_2_0-4_fc12
rpms:vsftpd-2_2_0-3_fc12
rpms:vsftpd-2_2_0-2_fc12
rpms:vsftpd-2_2_0-1_fc12
rpms:vsftpd-2_2_0-0_2_pre4_fc12
rpms:vsftpd-2_2_0-0_1_pre4_fc12
rpms:vsftpd-2_1_2-2_fc12
rpms:vsftpd-2_0_7-2_fc10
rpms:vsftpd-2_1_2-1_fc11
rpms:vsftpd-2_1_2-1_fc12
rpms:vsftpd-2_1_1-0_3_pre1_fc12
rpms:vsftpd-2_1_1-0_2_pre1_fc12
rpms:vsftpd-2_1_1-0_1_pre1_fc12
rpms:vsftpd-2_1_0-2_fc11
rpms:F-11-start
rpms:F-11-split
rpms:vsftpd-2_1_0-1_fc11
rpms:vsftpd-2_1_0-0_3_pre4_fc11
rpms:vsftpd-2_1_0-0_2_pre3_fc11
rpms:vsftpd-2_1_0-0_1_pre3_fc11
rpms:vsftpd-2_0_6-6_fc9
rpms:vsftpd-2_0_5-21_fc8
rpms:vsftpd-2_0_7-1_fc10
rpms:F-10-start
rpms:F-10-split
rpms:vsftpd-2_0_6-5_fc10
rpms:vsftpd-2_0_6-5_fc9
rpms:vsftpd-2_0_5-17_fc7
rpms:vsftpd-2_0_5-20_fc8
rpms:vsftpd-2_0_6-4_fc9
rpms:vsftpd-2_0_6-4_fc10
rpms:vsftpd-2_0_6-3_fc9
rpms:F-9-start
rpms:F-9-split
rpms:vsftpd-2_0_6-2_fc9
rpms:vsftpd-2_0_6-1_fc9
rpms:vsftpd-2_0_5-22_fc9
rpms:vsftpd-2_0_5-21_fc9
rpms:vsftpd-2_0_5-20_fc9
rpms:F-8-start
rpms:F-8-split
rpms:vsftpd-2_0_5-19_fc8
rpms:vsftpd-2_0_5-18_fc8
rpms:vsftpd-2_0_5-17_fc8
rpms:vsftpd-2_0_5-16_fc7
rpms:F-7-start
rpms:F-7-split
rpms:vsftpd-2_0_5-15_fc7
rpms:vsftpd-2_0_5-14_fc7
rpms:vsftpd-2_0_5-13_fc7
rpms:vsftpd-2_0_5-12_fc7
rpms:vsftpd-2_0_5-11
rpms:vsftpd-2_0_5-10
rpms:vsftpd-2_0_5-8
rpms:FC-6-split
rpms:vsftpd-2_0_5-7
rpms:vsftpd-2_0_5-6
rpms:vsftpd-2_0_5-5
rpms:vsftpd-2_0_5-4
rpms:vsftpd-2_0_5-3
rpms:vsftpd-2_0_5-2
rpms:vsftpd-2_0_5-1
rpms:vsftpd-2_0_4-1_2_1
rpms:vsftpd-2_0_4-1_2
rpms:FC-5-split
rpms:vsftpd-2_0_4-1_1
rpms:vsftpd-2_0_4-1
rpms:vsftpd-2_0_3-12_1
rpms:vsftpd-2_0_3-12
rpms:vsftpd-2_0_3-11
rpms:vsftpd-2_0_3-10
rpms:vsftpd-2_0_3-9
rpms:vsftpd-2_0_3-8
rpms:vsftpd-2_0_3-7
rpms:vsftpd-2_0_3-6
rpms:vsftpd-2_0_3-5
rpms:vsftpd-2_0_3-4
rpms:vsftpd-2_0_3-3
rpms:vsftpd-2_0_3-2
rpms:FC-4-split
rpms:vsftpd-2_0_3-1
rpms:vsftpd-2_0_3-pre2
rpms:vsftpd-2_0_2-1
rpms:vsftpd-2_0_1-10
rpms:vsftpd-2_0_1-9
rpms:vsftpd-2_0_1-8
rpms:vsftpd-2_0_1-7
rpms:vsftpd-2_0_1-6
rpms:vsftpd-2_0_1-5
rpms:RHEL-4-split
rpms:FC-3-split
rpms:vsftpd-2_0_1-4
rpms:vsftpd-2_0_1-3
rpms:present-on-devel
rpms:vsftpd-2_0_1-2
rpms:vsftpd-2_0_1-1
rpms:vsftpd-1_2_1-7
rpms:vsftpd-1_2_1-6
rpms:vsftpd-1_2_1-5
rpms:vsftpd-1_2_1-2
rpms:scratch-split
rpms:vsftpd-1_2_1-1
rpms:FC-2-split
rpms:vsftpd-1_2_0-5
rpms:FC-1-split
rpms:vsftpd-1_1_3-8
rpms:RHL-9-split
rpms:RHEL-3-split
rpms:vsftpd-1_1_3-7
rpms:RHL-8-split
rpms:vsftpd-1_1_0-2
rpms:vsftpd-1_1_0-1
rpms:vsftpd-1_0_1-7
rpms:vsftpd-1_0_1-5
rpms:RHL-7_3-split
rpms:vsftpd-1_0_1-4
..
compare: rpms:f21
Branches Tags
rpms:f42
rpms:f43
rpms:main
rpms:rawhide
rpms:f39
rpms:f40
rpms:f41
rpms:f36
rpms:f37
rpms:f38
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f28
rpms:f29
rpms:f26
rpms:f27
rpms:f25
rpms:f23
rpms:f24
rpms:f22
rpms:f21
rpms:f18
rpms:f19
rpms:f20
rpms:f17
rpms:f16
rpms:f15
rpms:f13
rpms:f14
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:vsftpd-2_2_2-7_fc13
rpms:vsftpd-2_2_2-7_fc14
rpms:vsftpd-2_2_2-6_fc12
rpms:vsftpd-2_2_2-6_fc13
rpms:vsftpd-2_2_2-5_fc12
rpms:vsftpd-2_2_2-6_fc14
rpms:vsftpd-2_2_2-5_fc14
rpms:vsftpd-2_2_2-4_fc14
rpms:vsftpd-2_2_2-3_fc12
rpms:vsftpd-2_2_2-2_fc12
rpms:vsftpd-2_2_2-3_fc13
rpms:F-13-start
rpms:F-13-split
rpms:vsftpd-2_2_2-1_fc12
rpms:vsftpd-2_2_2-2_fc13
rpms:vsftpd-2_2_2-1_fc13
rpms:vsftpd-2_2_0-6_fc12
rpms:vsftpd-2_2_0-6_fc13
rpms:vsftpd-2_1_2-2_fc11
rpms:vsftpd-2_0_7-3_fc10
rpms:vsftpd-2_2_0-5_fc12
rpms:F-12-start
rpms:F-12-split
rpms:vsftpd-2_2_0-4_fc12
rpms:vsftpd-2_2_0-3_fc12
rpms:vsftpd-2_2_0-2_fc12
rpms:vsftpd-2_2_0-1_fc12
rpms:vsftpd-2_2_0-0_2_pre4_fc12
rpms:vsftpd-2_2_0-0_1_pre4_fc12
rpms:vsftpd-2_1_2-2_fc12
rpms:vsftpd-2_0_7-2_fc10
rpms:vsftpd-2_1_2-1_fc11
rpms:vsftpd-2_1_2-1_fc12
rpms:vsftpd-2_1_1-0_3_pre1_fc12
rpms:vsftpd-2_1_1-0_2_pre1_fc12
rpms:vsftpd-2_1_1-0_1_pre1_fc12
rpms:vsftpd-2_1_0-2_fc11
rpms:F-11-start
rpms:F-11-split
rpms:vsftpd-2_1_0-1_fc11
rpms:vsftpd-2_1_0-0_3_pre4_fc11
rpms:vsftpd-2_1_0-0_2_pre3_fc11
rpms:vsftpd-2_1_0-0_1_pre3_fc11
rpms:vsftpd-2_0_6-6_fc9
rpms:vsftpd-2_0_5-21_fc8
rpms:vsftpd-2_0_7-1_fc10
rpms:F-10-start
rpms:F-10-split
rpms:vsftpd-2_0_6-5_fc10
rpms:vsftpd-2_0_6-5_fc9
rpms:vsftpd-2_0_5-17_fc7
rpms:vsftpd-2_0_5-20_fc8
rpms:vsftpd-2_0_6-4_fc9
rpms:vsftpd-2_0_6-4_fc10
rpms:vsftpd-2_0_6-3_fc9
rpms:F-9-start
rpms:F-9-split
rpms:vsftpd-2_0_6-2_fc9
rpms:vsftpd-2_0_6-1_fc9
rpms:vsftpd-2_0_5-22_fc9
rpms:vsftpd-2_0_5-21_fc9
rpms:vsftpd-2_0_5-20_fc9
rpms:F-8-start
rpms:F-8-split
rpms:vsftpd-2_0_5-19_fc8
rpms:vsftpd-2_0_5-18_fc8
rpms:vsftpd-2_0_5-17_fc8
rpms:vsftpd-2_0_5-16_fc7
rpms:F-7-start
rpms:F-7-split
rpms:vsftpd-2_0_5-15_fc7
rpms:vsftpd-2_0_5-14_fc7
rpms:vsftpd-2_0_5-13_fc7
rpms:vsftpd-2_0_5-12_fc7
rpms:vsftpd-2_0_5-11
rpms:vsftpd-2_0_5-10
rpms:vsftpd-2_0_5-8
rpms:FC-6-split
rpms:vsftpd-2_0_5-7
rpms:vsftpd-2_0_5-6
rpms:vsftpd-2_0_5-5
rpms:vsftpd-2_0_5-4
rpms:vsftpd-2_0_5-3
rpms:vsftpd-2_0_5-2
rpms:vsftpd-2_0_5-1
rpms:vsftpd-2_0_4-1_2_1
rpms:vsftpd-2_0_4-1_2
rpms:FC-5-split
rpms:vsftpd-2_0_4-1_1
rpms:vsftpd-2_0_4-1
rpms:vsftpd-2_0_3-12_1
rpms:vsftpd-2_0_3-12
rpms:vsftpd-2_0_3-11
rpms:vsftpd-2_0_3-10
rpms:vsftpd-2_0_3-9
rpms:vsftpd-2_0_3-8
rpms:vsftpd-2_0_3-7
rpms:vsftpd-2_0_3-6
rpms:vsftpd-2_0_3-5
rpms:vsftpd-2_0_3-4
rpms:vsftpd-2_0_3-3
rpms:vsftpd-2_0_3-2
rpms:FC-4-split
rpms:vsftpd-2_0_3-1
rpms:vsftpd-2_0_3-pre2
rpms:vsftpd-2_0_2-1
rpms:vsftpd-2_0_1-10
rpms:vsftpd-2_0_1-9
rpms:vsftpd-2_0_1-8
rpms:vsftpd-2_0_1-7
rpms:vsftpd-2_0_1-6
rpms:vsftpd-2_0_1-5
rpms:RHEL-4-split
rpms:FC-3-split
rpms:vsftpd-2_0_1-4
rpms:vsftpd-2_0_1-3
rpms:present-on-devel
rpms:vsftpd-2_0_1-2
rpms:vsftpd-2_0_1-1
rpms:vsftpd-1_2_1-7
rpms:vsftpd-1_2_1-6
rpms:vsftpd-1_2_1-5
rpms:vsftpd-1_2_1-2
rpms:scratch-split
rpms:vsftpd-1_2_1-1
rpms:FC-2-split
rpms:vsftpd-1_2_0-5
rpms:FC-1-split
rpms:vsftpd-1_1_3-8
rpms:RHL-9-split
rpms:RHEL-3-split
rpms:vsftpd-1_1_3-7
rpms:RHL-8-split
rpms:vsftpd-1_1_0-2
rpms:vsftpd-1_1_0-1
rpms:vsftpd-1_0_1-7
rpms:vsftpd-1_0_1-5
rpms:RHL-7_3-split
rpms:vsftpd-1_0_1-4

No commits in common. "rawhide" and "f21" have entirely different histories.
rawhide ... f21

93 changed files with 827 additions and 5225 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.fmf/version
View file

@ -1 +0,0 @@
1

2
.gitignore vendored
View file

@ -5,5 +5,3 @@ vsftpd-2.3.2.tar.gz
/vsftpd-3.0.0.tar.gz
/vsftpd-3.0.1.tar.gz
/vsftpd-3.0.2.tar.gz
/vsftpd-3.0.3.tar.gz
/vsftpd-3.0.5.tar.gz

27
0001-Don-t-use-the-provided-script-to-locate-libraries.patch
View file

@ -1,27 +0,0 @@
From 7bd573d76e9c1996ad5a96f0289731a253a24301 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 13:35:51 +0200
Subject: [PATCH 01/59] Don't use the provided script to locate libraries.
This branch is Fedora (RHEL) specific, so we know what
libraries we have and want to use.
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index c63ed1b..98118dc 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
-D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion
-LIBS = `./vsf_findlibs.sh`
+LIBS = -lwrap -lnsl -lpam -lcap -ldl -lcrypto
LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
--
2.14.4

151
0001-Fix-timestamp-handling-in-MDTM.patch
View file

@ -1,151 +0,0 @@
From 6a4dc470e569df38b8a7ea09ee6aace3c73b7353 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Wed, 28 Mar 2018 09:06:34 +0200
Subject: [PATCH 1/2] Fix timestamp handling in MDTM
There were two problems with the timestamp handling with MDTM:
1. In vsf_sysutil_parse_time(), the `the_time.tm_isdst` attribute was
always set to 0, regardless of whether DST (daylight saving time)
is active on the given date or not.
This made glibc shift the timestamp when DST was in fact active on
the given date, in an attempt to correct the discrepancy between
the given timestamp and the `tm_isdst` attribute. The shifting
produced incorrect results however.
We fix this by setting `tm_isdst` to -1 to let glibc decide if DST
is active or not at the time of the timestamp. glibc won't touch
the timestamp then.
2. vsftpd used to record the offset from UTC of the current timezone
in the global variable `s_timezone`. This variable was then
subtracted from the variable `the_time` in vsf_sysutil_setmodtime()
when the config option use_localtime=NO was set. This was done to
compensate for the fact that mktime(), used in
vsf_sysutil_parse_time(), expects a timestamp expressed as local
time, whereas vsftpd is dealing with universal time.
However, this did not work in the case when the offset stored in
`s_timezone` did not match the timezone of the timestamp given to
mktime() - this happens when DST is active at the current time, but
DST is not active at the time of the timestamp, or vice versa.
We fix this by subtracting the real timezone offset directly in
vsf_sysutil_parse_time().
Note that the `tm_gmtoff` attribute, used in this fix, is a
BSD/glic extension. However, using `tm_gmtoff` seems like the
simplest solution and we need to make this work only with glibc
anyway.
The fix was tested in the following way. We checked that the timestamp
given to the MDTM command when setting modification time exactly
matches the timestamp received as response from MDTM when reading back
the modification time. Additionally, we checked that the modification
time was set correctly on the given file on disk.
These two checks were performed under various conditions - all the
combinations of DST/non-DST system time, DST/non-DST modification
time, use_localtime=YES/NO.
Note that (I think) this will still not work if the rules for when DST
is active change. For example, if DST is ever completely cancelled in
the Europe/Prague timezone, and vsftpd is dealing with a timestamp
from a time when DST was active, it will produce incorrect results. I
think we would need the full zone file to fix this, but the zone file
is hard to provide when we're chroot-ed.
Resolves: rhbz#1567855
---
postlogin.c | 5 +++--
sysutil.c | 17 ++++++++++-------
sysutil.h | 4 ++--
3 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/postlogin.c b/postlogin.c
index 7c749ef..8a3d9d2 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -1788,7 +1788,8 @@ handle_mdtm(struct vsf_session* p_sess)
if (do_write != 0)
{
str_split_char(&p_sess->ftp_arg_str, &s_filename_str, ' ');
- modtime = vsf_sysutil_parse_time(str_getbuf(&p_sess->ftp_arg_str));
+ modtime = vsf_sysutil_parse_time(
+ str_getbuf(&p_sess->ftp_arg_str), tunable_use_localtime);
str_copy(&p_sess->ftp_arg_str, &s_filename_str);
}
resolve_tilde(&p_sess->ftp_arg_str, p_sess);
@@ -1809,7 +1810,7 @@ handle_mdtm(struct vsf_session* p_sess)
else
{
retval = vsf_sysutil_setmodtime(
- str_getbuf(&p_sess->ftp_arg_str), modtime, tunable_use_localtime);
+ str_getbuf(&p_sess->ftp_arg_str), modtime);
if (retval != 0)
{
vsf_cmdio_write(p_sess, FTP_FILEFAIL,
diff --git a/sysutil.c b/sysutil.c
index e847650..66d4c5e 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -2819,11 +2819,13 @@ vsf_sysutil_syslog(const char* p_text, int severe)
}
long
-vsf_sysutil_parse_time(const char* p_text)
+vsf_sysutil_parse_time(const char* p_text, int is_localtime)
{
+ long res;
struct tm the_time;
unsigned int len = vsf_sysutil_strlen(p_text);
vsf_sysutil_memclr(&the_time, sizeof(the_time));
+ the_time.tm_isdst = -1;
if (len >= 8)
{
char yr[5];
@@ -2848,17 +2850,18 @@ vsf_sysutil_parse_time(const char* p_text)
the_time.tm_min = vsf_sysutil_atoi(mins);
the_time.tm_sec = vsf_sysutil_atoi(sec);
}
- return mktime(&the_time);
+ res = mktime(&the_time);
+ if (!is_localtime)
+ {
+ res += the_time.tm_gmtoff;
+ }
+ return res;
}
int
-vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime)
+vsf_sysutil_setmodtime(const char* p_file, long the_time)
{
struct utimbuf new_times;
- if (!is_localtime)
- {
- the_time -= s_timezone;
- }
vsf_sysutil_memclr(&new_times, sizeof(new_times));
new_times.actime = the_time;
new_times.modtime = the_time;
diff --git a/sysutil.h b/sysutil.h
index 7a59f13..b90f6ca 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -349,9 +349,9 @@ void vsf_sysutil_chroot(const char* p_root_path);
*/
long vsf_sysutil_get_time_sec(void);
long vsf_sysutil_get_time_usec(void);
-long vsf_sysutil_parse_time(const char* p_text);
+long vsf_sysutil_parse_time(const char* p_text, int is_localtime);
void vsf_sysutil_sleep(double seconds);
-int vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime);
+int vsf_sysutil_setmodtime(const char* p_file, long the_time);
/* Limits */
void vsf_sysutil_set_address_space_limit(unsigned long bytes);
--
2.24.1

46
0001-Move-closing-standard-FDs-after-listen.patch
View file

@ -1,46 +0,0 @@
From 40fea4552377504ce69935149e64e39a595f4600 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Sat, 3 Aug 2019 17:50:14 +0200
Subject: [PATCH 1/2] Move closing standard FDs after listen()
The vsf_sysutil_close() calls need to be moved a bit further so that
die() works properly in case listen() fails.
I see no reason the calls should be placed before listen()
specifically, as they are now. My guess is that the author who added
the calls thought that listen() is a blocking call, which is not the
case. The only thing we need to satisfy is that close() is called
before accept, because that is a blocking call. That's all that is
needed to fix the bug that was fixed by adding the close() calls.
Resolves: rhbz#1666380
---
standalone.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/standalone.c b/standalone.c
index 3f35e9e..b358ca1 100644
--- a/standalone.c
+++ b/standalone.c
@@ -152,15 +152,15 @@ vsf_standalone_main(void)
vsf_sysutil_kill(vsf_sysutil_getppid(), kVSFSysUtilSigUSR1);
}
}
- vsf_sysutil_close(0);
- vsf_sysutil_close(1);
- vsf_sysutil_close(2);
retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
if (vsf_sysutil_retval_is_error(retval))
{
die("could not listen");
}
vsf_sysutil_sockaddr_alloc(&p_accept_addr);
+ vsf_sysutil_close(0);
+ vsf_sysutil_close(1);
+ vsf_sysutil_close(2);
while (1)
{
struct vsf_client_launch child_info;
--
2.20.1

25
0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch
View file

@ -1,25 +0,0 @@
From ab797dcffc855b05c9e7c8db4e5be2fc7510831b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 17 Mar 2020 12:57:36 +0100
Subject: [PATCH] Remove a hint about the ftp_home_dir SELinux boolean
The boolean has been removed from SELinux.
---
vsftpd.conf | 1 -
1 file changed, 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index 6b8eebb..ea20a72 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -12,7 +12,6 @@
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
-# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
--
2.25.1

108
0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch
View file

@ -1,108 +0,0 @@
From 7957425ef5ab365fc96ea0615f99705581c6dbd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Mon, 12 Aug 2019 18:15:36 +0200
Subject: [PATCH] Repeat pututxline() until it succeeds if it fails with EINTR
Since the pututxline() bug rhbz#1749439 is now fixed in glibc in
Fedora and RHEL-8, we can implement a complete solution for the stale
utmp entries issue originally reported as rhbz#1688848.
This patch is a followup to commit 896b3694ca062d7.
Resolves: rhbz#1688852
Resolves: rhbz#1737433
---
sysdeputil.c | 53 +++++++++++++---------------------------------------
1 file changed, 13 insertions(+), 40 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index 4fbcca7..75be680 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1203,7 +1203,7 @@ void
vsf_insert_uwtmp(const struct mystr* p_user_str,
const struct mystr* p_host_str)
{
- int attempts;
+ struct utmpx* p_res;
if (sizeof(s_utent.ut_line) < 16)
{
@@ -1233,34 +1233,21 @@ vsf_insert_uwtmp(const struct mystr* p_user_str,
vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str),
sizeof(s_utent.ut_host));
s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec();
- for (attempts = 2; attempts > 0; --attempts)
+ setutxent();
+ do
{
- struct utmpx* p_res;
- setutxent();
p_res = pututxline(&s_utent);
/* For now we'll ignore errors other than EINTR and EAGAIN */
- if (p_res != NULL || (errno != EINTR && errno != EAGAIN))
- {
- break;
- }
- }
- if (attempts == 0)
- {
- /* This makes us skip pututxline() in vsf_remove_uwtmp() */
- s_uwtmp_inserted = -1;
- }
- else
- {
- s_uwtmp_inserted = 1;
- endutxent();
- }
+ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN));
+ s_uwtmp_inserted = 1;
+ endutxent();
updwtmpx(WTMPX_FILE, &s_utent);
}
void
vsf_remove_uwtmp(void)
{
- int attempts;
+ struct utmpx* p_res;
if (!s_uwtmp_inserted)
{
@@ -1270,27 +1257,13 @@ vsf_remove_uwtmp(void)
vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user));
vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host));
s_utent.ut_tv.tv_sec = 0;
- if (s_uwtmp_inserted == 1)
+ setutxent();
+ do
{
- for (attempts = 2; attempts > 0; --attempts)
- {
- struct utmpx* p_res;
- setutxent();
- p_res = pututxline(&s_utent);
- /* For now we'll ignore errors other than EINTR and EAGAIN */
- if (p_res != NULL || (errno != EINTR && errno != EAGAIN))
- {
- break;
- }
- }
- if (attempts != 0)
- {
- endutxent();
- }
- }
- /* Set s_uwtmp_inserted to 0 regardless of the result of
- * pututxline() to make sure we won't run this function twice.
- */
+ p_res = pututxline(&s_utent);
+ /* For now we'll ignore errors other than EINTR and EAGAIN */
+ } while (p_res == NULL && (errno == EINTR || errno == EAGAIN));
+ endutxent();
s_uwtmp_inserted = 0;
s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec();
updwtmpx(WTMPX_FILE, &s_utent);
--
2.20.1

53
0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch
View file

@ -1,53 +0,0 @@
From 96698a525784ad91cb27b572dd5f871c183fdfa5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Sun, 28 Jul 2019 12:25:35 +0200
Subject: [PATCH 1/2] Set s_uwtmp_inserted only after record insertion/removal
pututxline() is the function that actually inserts the new record, so
setting 's_uwtmp_inserted' before calling pututxline() doesn't make
sense.
We'll need this change for other fixes.
---
sysdeputil.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index 4fe56c2..bd1e8c9 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1224,7 +1224,6 @@ vsf_insert_uwtmp(const struct mystr* p_user_str,
sizeof(s_utent.ut_line));
str_free(&line_str);
}
- s_uwtmp_inserted = 1;
s_utent.ut_type = USER_PROCESS;
s_utent.ut_pid = vsf_sysutil_getpid();
vsf_sysutil_strcpy(s_utent.ut_user, str_getbuf(p_user_str),
@@ -1235,6 +1234,7 @@ vsf_insert_uwtmp(const struct mystr* p_user_str,
setutxent();
(void) pututxline(&s_utent);
endutxent();
+ s_uwtmp_inserted = 1;
updwtmpx(WTMPX_FILE, &s_utent);
}
@@ -1245,7 +1245,6 @@ vsf_remove_uwtmp(void)
{
return;
}
- s_uwtmp_inserted = 0;
s_utent.ut_type = DEAD_PROCESS;
vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user));
vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host));
@@ -1253,6 +1252,7 @@ vsf_remove_uwtmp(void)
setutxent();
(void) pututxline(&s_utent);
endutxent();
+ s_uwtmp_inserted = 0;
s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec();
updwtmpx(WTMPX_FILE, &s_utent);
}
--
2.20.1

56
0002-Drop-an-unused-global-variable.patch
View file

@ -1,56 +0,0 @@
From d0045e35674d64d166d17c3c079ae03e8c2e6361 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 13 Feb 2020 17:29:06 +0100
Subject: [PATCH 2/2] Drop an unused global variable
The global variable `s_timezone` is not used anymore, so we can drop
it.
---
sysutil.c | 17 +++--------------
1 file changed, 3 insertions(+), 14 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index 66d4c5e..0ccf551 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -72,8 +72,6 @@ static struct timeval s_current_time;
static int s_current_pid = -1;
/* Exit function */
static exitfunc_t s_exit_func;
-/* Difference in timezone from GMT in seconds */
-static long s_timezone;
/* Our internal signal handling implementation details */
static struct vsf_sysutil_sig_details
@@ -2661,7 +2659,6 @@ char* vsf_sysutil_get_tz()
void
vsf_sysutil_tzset(void)
{
- int retval;
char *tz=NULL, tzbuf[sizeof("+HHMM!")];
time_t the_time = time(NULL);
struct tm* p_tm;
@@ -2681,17 +2678,9 @@ vsf_sysutil_tzset(void)
{
die("localtime");
}
- retval = strftime(tzbuf, sizeof(tzbuf), "%z", p_tm);
- tzbuf[sizeof(tzbuf) - 1] = '\0';
- if (retval == 5)
- {
- s_timezone = ((tzbuf[1] - '0') * 10 + (tzbuf[2] - '0')) * 60 * 60;
- s_timezone += ((tzbuf[3] - '0') * 10 + (tzbuf[4] - '0')) * 60;
- if (tzbuf[0] == '+')
- {
- s_timezone *= -1;
- }
- }
+ /* Not sure if the following call to strftime() has any desired side
+ effects, so I'm keeping it to be safe. */
+ (void) strftime(tzbuf, sizeof(tzbuf), "%z", p_tm);
/* Call in to the time subsystem again now that TZ is set, trying to force
* caching of the actual zoneinfo for the timezone.
*/
--
2.24.1

25
0002-Enable-build-with-SSL.patch
View file

@ -1,25 +0,0 @@
From 6fe24bc56694808ac7f8038855883a971967f0fb Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 13:40:53 +0200
Subject: [PATCH 02/59] Enable build with SSL.
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index e908352..63cc62b 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -3,7 +3,7 @@
#undef VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
-#undef VSF_BUILD_SSL
+#define VSF_BUILD_SSL
#endif /* VSF_BUILDDEFS_H */
--
2.14.4

107
0002-Prevent-recursion-in-bug.patch
View file

@ -1,107 +0,0 @@
From e679a3ce0f2cf1558da31e0bccd9e2398b89c7e9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 30 Jul 2019 16:07:01 +0200
Subject: [PATCH 2/2] Prevent recursion in bug()
Resolves: rhbz#1666380
---
sysutil.c | 35 +++++++++++++++++++++++++++++++----
sysutil.h | 1 +
utility.c | 12 +++++++-----
3 files changed, 39 insertions(+), 9 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index fd07d99..e2df671 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -774,21 +774,48 @@ vsf_sysutil_deactivate_linger_failok(int fd)
(void) setsockopt(fd, SOL_SOCKET, SO_LINGER, &the_linger, sizeof(the_linger));
}
-void
-vsf_sysutil_activate_noblock(int fd)
+static int
+vsf_sysutil_activate_noblock_internal(int fd, int return_err)
{
int retval;
int curr_flags = fcntl(fd, F_GETFL);
if (vsf_sysutil_retval_is_error(curr_flags))
{
- die("fcntl");
+ if (return_err)
+ {
+ return -1;
+ }
+ else
+ {
+ die("fcntl");
+ }
}
curr_flags |= O_NONBLOCK;
retval = fcntl(fd, F_SETFL, curr_flags);
if (retval != 0)
{
- die("fcntl");
+ if (return_err)
+ {
+ return -1;
+ }
+ else
+ {
+ die("fcntl");
+ }
}
+ return 0;
+}
+
+void
+vsf_sysutil_activate_noblock(int fd)
+{
+ (void) vsf_sysutil_activate_noblock_internal(fd, 0);
+}
+
+int
+vsf_sysutil_activate_noblock_no_die(int fd)
+{
+ return vsf_sysutil_activate_noblock_internal(fd, 1);
}
void
diff --git a/sysutil.h b/sysutil.h
index 2df14ed..0772423 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -281,6 +281,7 @@ void vsf_sysutil_activate_oobinline(int fd);
void vsf_sysutil_activate_linger(int fd);
void vsf_sysutil_deactivate_linger_failok(int fd);
void vsf_sysutil_activate_noblock(int fd);
+int vsf_sysutil_activate_noblock_no_die(int fd);
void vsf_sysutil_deactivate_noblock(int fd);
/* This does SHUT_RDWR */
void vsf_sysutil_shutdown_failok(int fd);
diff --git a/utility.c b/utility.c
index 75e5bdd..5619a04 100644
--- a/utility.c
+++ b/utility.c
@@ -47,11 +47,13 @@ bug(const char* p_text)
{
vsf_log_die(p_text);
}
- vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD);
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10);
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text,
- vsf_sysutil_strlen(p_text));
- (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2);
+ if (vsf_sysutil_activate_noblock_no_die(VSFTP_COMMAND_FD) == 0)
+ {
+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10);
+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text,
+ vsf_sysutil_strlen(p_text));
+ (void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2);
+ }
if (tunable_log_die)
{
/* Workaround for https://github.com/systemd/systemd/issues/2913 */
--
2.20.1

105
0002-Repeat-pututxline-if-it-fails-with-EINTR.patch
View file

@ -1,105 +0,0 @@
From 896b3694ca062d747cd67e9e9ba246adb3fc706b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Mon, 5 Aug 2019 13:55:37 +0200
Subject: [PATCH 2/2] Repeat pututxline() if it fails with EINTR
This is a partial fix for rhbz#1688848. We cannot resolve it
completely until glibc bug rhbz#1734791 is fixed. See
https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c13.
The maximum number of attempts is currently 2, which might seem
low. However setting it to 2 was a decision based on data - see
https://bugzilla.redhat.com/show_bug.cgi?id=1688848#c16.
Resolves: rhbz#1688848
---
sysdeputil.c | 53 +++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 46 insertions(+), 7 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index bd1e8c9..4fbcca7 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1203,6 +1203,8 @@ void
vsf_insert_uwtmp(const struct mystr* p_user_str,
const struct mystr* p_host_str)
{
+ int attempts;
+
if (sizeof(s_utent.ut_line) < 16)
{
return;
@@ -1231,16 +1233,35 @@ vsf_insert_uwtmp(const struct mystr* p_user_str,
vsf_sysutil_strcpy(s_utent.ut_host, str_getbuf(p_host_str),
sizeof(s_utent.ut_host));
s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec();
- setutxent();
- (void) pututxline(&s_utent);
- endutxent();
- s_uwtmp_inserted = 1;
+ for (attempts = 2; attempts > 0; --attempts)
+ {
+ struct utmpx* p_res;
+ setutxent();
+ p_res = pututxline(&s_utent);
+ /* For now we'll ignore errors other than EINTR and EAGAIN */
+ if (p_res != NULL || (errno != EINTR && errno != EAGAIN))
+ {
+ break;
+ }
+ }
+ if (attempts == 0)
+ {
+ /* This makes us skip pututxline() in vsf_remove_uwtmp() */
+ s_uwtmp_inserted = -1;
+ }
+ else
+ {
+ s_uwtmp_inserted = 1;
+ endutxent();
+ }
updwtmpx(WTMPX_FILE, &s_utent);
}
void
vsf_remove_uwtmp(void)
{
+ int attempts;
+
if (!s_uwtmp_inserted)
{
return;
@@ -1249,9 +1270,27 @@ vsf_remove_uwtmp(void)
vsf_sysutil_memclr(s_utent.ut_user, sizeof(s_utent.ut_user));
vsf_sysutil_memclr(s_utent.ut_host, sizeof(s_utent.ut_host));
s_utent.ut_tv.tv_sec = 0;
- setutxent();
- (void) pututxline(&s_utent);
- endutxent();
+ if (s_uwtmp_inserted == 1)
+ {
+ for (attempts = 2; attempts > 0; --attempts)
+ {
+ struct utmpx* p_res;
+ setutxent();
+ p_res = pututxline(&s_utent);
+ /* For now we'll ignore errors other than EINTR and EAGAIN */
+ if (p_res != NULL || (errno != EINTR && errno != EAGAIN))
+ {
+ break;
+ }
+ }
+ if (attempts != 0)
+ {
+ endutxent();
+ }
+ }
+ /* Set s_uwtmp_inserted to 0 regardless of the result of
+ * pututxline() to make sure we won't run this function twice.
+ */
s_uwtmp_inserted = 0;
s_utent.ut_tv.tv_sec = vsf_sysutil_get_time_sec();
updwtmpx(WTMPX_FILE, &s_utent);
--
2.20.1

25
0003-Enable-build-with-TCP-Wrapper.patch
View file

@ -1,25 +0,0 @@
From 1e0e2b13836d40f5a3f4cb20f2b3ea8204115b51 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 13:42:09 +0200
Subject: [PATCH 03/59] Enable build with TCP Wrapper
---
builddefs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/builddefs.h b/builddefs.h
index 63cc62b..83de674 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -1,7 +1,7 @@
#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H
-#undef VSF_BUILD_TCPWRAPPERS
+#define VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
#define VSF_BUILD_SSL
--
2.14.4

35
0006-Close-stdin-out-err-before-listening-for-incoming-co.patch
View file

@ -1,35 +0,0 @@
From 423cbf4ddca6578b87e0f8a3fc425688cd1ca89c Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 16:18:39 +0200
Subject: [PATCH 06/59] Close stdin/out/err before listening for incoming
connections.
When running vsftpd as a stand-alone FTP daemon, vsftpd
did not close stdin/out/err. This caused the start script
to hang waiting for stdin to close. Before this patch was
applied, one had to hit ctrl+c in order to get shell prompt
back. Correct behavior:
$ /etc/init.d/vsftpd start | tee
Starting vsftpd for vsftpd: [ OK ]
$
---
standalone.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/standalone.c b/standalone.c
index ba01ab1..e0f2d5b 100644
--- a/standalone.c
+++ b/standalone.c
@@ -130,6 +130,9 @@ vsf_standalone_main(void)
die("could not bind listening IPv6 socket");
}
}
+ vsf_sysutil_close(0);
+ vsf_sysutil_close(1);
+ vsf_sysutil_close(2);
retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
if (vsf_sysutil_retval_is_error(retval))
{
--
2.14.4

27
0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch
View file

@ -1,27 +0,0 @@
From 048208a4db5d7164d89ba5d7545e281d0a3472d3 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 15:35:59 +0200
Subject: [PATCH 16/59] Increase VSFTP_AS_LIMIT from 200UL to 400UL.
When using a PAM module to get users from LDAP or database the old
limit was insufficient.
---
defs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/defs.h b/defs.h
index ca11eac..bde3232 100644
--- a/defs.h
+++ b/defs.h
@@ -19,7 +19,7 @@
/* Must be at least the size of VSFTP_MAX_COMMAND_LINE, VSFTP_DIR_BUFSIZE and
VSFTP_DATA_BUFSIZE*2 */
#define VSFTP_PRIVSOCK_MAXSTR VSFTP_DATA_BUFSIZE * 2
-#define VSFTP_AS_LIMIT 200UL * 1024 * 1024
+#define VSFTP_AS_LIMIT 400UL * 1024 * 1024
#endif /* VSF_DEFS_H */
--
2.14.4

43
0018-Change-the-default-log-file-in-configuration.patch
View file

@ -1,43 +0,0 @@
From 61dac172bdb14c5a37713078828ea8c8f78c7eb6 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 29 Sep 2016 13:53:16 +0200
Subject: [PATCH 18/59] Change the default log file in configuration.
Previous "default" value was wrong.
tunables.c:262 => install_str_setting("/var/log/xferlog",
&tunable_xferlog_file);
---
RedHat/vsftpd.log | 6 ++++++
vsftpd.conf | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/RedHat/vsftpd.log b/RedHat/vsftpd.log
index d338de8..14731c1 100644
--- a/RedHat/vsftpd.log
+++ b/RedHat/vsftpd.log
@@ -3,3 +3,9 @@
nocompress
missingok
}
+
+/var/log/xferlog {
+ # ftpd doesn't handle SIGHUP properly
+ nocompress
+ missingok
+}
diff --git a/vsftpd.conf b/vsftpd.conf
index ae6c6c9..39d1955 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -50,7 +50,7 @@ connect_from_port_20=YES
#
# You may override where the log file goes if you like. The default is shown
# below.
-#xferlog_file=/var/log/vsftpd.log
+#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
--
2.14.4

164
0021-Introduce-support-for-DHE-based-cipher-suites.patch
View file

@ -1,164 +0,0 @@
From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:48:28 +0100
Subject: [PATCH 21/59] Introduce support for DHE based cipher suites.
---
parseconf.c | 1 +
ssl.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
tunables.c | 5 +++-
tunables.h | 1 +
vsftpd.conf.5 | 6 ++++
5 files changed, 104 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 3e0dba4..38e3182 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -176,6 +176,7 @@ parseconf_str_array[] =
{ "email_password_file", &tunable_email_password_file },
{ "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file },
+ { "dh_param_file", &tunable_dh_param_file },
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff --git a/ssl.c b/ssl.c
index c362983..22b69b3 100644
--- a/ssl.c
+++ b/ssl.c
@@ -28,6 +28,8 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/param_build.h>
#include <errno.h>
#include <limits.h>
@@ -58,6 +60,23 @@
static int ssl_inited;
static struct mystr debug_str;
+EVP_PKEY *
+DH_get_dh()
+{
+ OSSL_PARAM dh_params[2];
+ EVP_PKEY *dh_key = NULL;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);
+
+ dh_params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0);
+ dh_params[1] = OSSL_PARAM_construct_end();
+
+ if (EVP_PKEY_keygen_init(pctx) <= 0 || EVP_PKEY_CTX_set_params(pctx, dh_params) <= 0)
+ return NULL;
+ EVP_PKEY_generate(pctx, &dh_key);
+ EVP_PKEY_CTX_free(pctx);
+ return dh_key;
+}
+
void
ssl_init(struct vsf_session* p_sess)
{
@@ -72,7 +89,7 @@
{
die("SSL: could not allocate SSL context");
}
- options = SSL_OP_ALL;
+ options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
@@ -149,8 +166,27 @@
die("SSL: cannot load DSA private key");
}
}
+ if (tunable_dh_param_file)
+ {
+ BIO *bio;
+ EVP_PKEY *dh_params = NULL;
+ if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL)
+ {
+ die("SSL: cannot load custom DH params");
+ }
+ else
+ {
+ dh_params = PEM_read_bio_Parameters(bio, NULL);
+ BIO_free(bio);
+
+ if (!SSL_CTX_set0_tmp_dh_pkey(p_ctx, dh_params))
+ {
+ die("SSL: setting custom DH params failed");
+ }
+ }
+ }
if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{
die("SSL: could not set cipher list");
}
@@ -184,6 +226,9 @@
/* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
+
+ SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh());
+
/* Set up ALPN to check for FTP protocol intention of client. */
SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess);
/* Set up SNI callback for an optional hostname check. */
diff --git a/tunables.c b/tunables.c
index c737465..1ea7227 100644
--- a/tunables.c
+++ b/tunables.c
@@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file;
+const char* tunable_dh_param_file;
const char* tunable_ssl_ciphers;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -288,7 +289,9 @@ tunables_load_defaults()
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
- install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
+ install_str_setting(0, &tunable_dh_param_file);
+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
+ &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
diff --git a/tunables.h b/tunables.h
index 9553038..3995472 100644
--- a/tunables.h
+++ b/tunables.h
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_token;
extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
+extern const char* tunable_dh_param_file;
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fb6324e..ff94eca 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -893,6 +893,12 @@ to be in the same file as the certificate.
Default: (none)
.TP
+.B dh_param_file
+This option specifies the location of the custom parameters used for
+ephemeral Diffie-Hellman key exchange in SSL.
+
+Default: (none - use built in parameters appropriate for certificate key size)
+.TP
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
--
2.14.4

90
0025-Improve-local_max_rate-option.patch
View file

@ -1,90 +0,0 @@
From 386db86fe865fb552b1867af4bf4b78dbf9080cf Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 12:44:26 +0100
Subject: [PATCH 25/59] Improve local_max_rate option.
Now it should work as expected.
---
ftpdataio.c | 14 +++++++-------
main.c | 2 +-
session.h | 3 ++-
3 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/ftpdataio.c b/ftpdataio.c
index 3e4e9c9..00f9021 100644
--- a/ftpdataio.c
+++ b/ftpdataio.c
@@ -249,7 +249,7 @@ handle_io(int retval, int fd, void* p_private)
{
long curr_sec;
long curr_usec;
- unsigned int bw_rate;
+ unsigned long bw_rate;
double elapsed;
double pause_time;
double rate_ratio;
@@ -276,19 +276,16 @@ handle_io(int retval, int fd, void* p_private)
{
elapsed = (double) 0.01;
}
- bw_rate = (unsigned int) ((double) retval / elapsed);
- if (bw_rate <= p_sess->bw_rate_max)
+ p_sess->bw_retval += retval;
+ bw_rate = (unsigned long) ((double) p_sess->bw_retval / elapsed);
+ if (bw_rate <= p_sess->bw_rate_max || p_sess->bw_retval < (unsigned long)(10*retval))
{
- p_sess->bw_send_start_sec = curr_sec;
- p_sess->bw_send_start_usec = curr_usec;
return;
}
/* Tut! Rate exceeded, calculate a pause to bring things back into line */
rate_ratio = (double) bw_rate / (double) p_sess->bw_rate_max;
pause_time = (rate_ratio - (double) 1) * elapsed;
vsf_sysutil_sleep(pause_time);
- p_sess->bw_send_start_sec = vsf_sysutil_get_time_sec();
- p_sess->bw_send_start_usec = vsf_sysutil_get_time_usec();
}
int
@@ -441,6 +438,9 @@ struct vsf_transfer_ret
vsf_ftpdataio_transfer_file(struct vsf_session* p_sess, int remote_fd,
int file_fd, int is_recv, int is_ascii)
{
+ p_sess->bw_send_start_sec = vsf_sysutil_get_time_sec();
+ p_sess->bw_send_start_usec = vsf_sysutil_get_time_usec();
+ p_sess->bw_retval = 0;
if (!is_recv)
{
if (is_ascii || p_sess->data_use_ssl)
diff --git a/main.c b/main.c
index eaba265..f1e2f69 100644
--- a/main.c
+++ b/main.c
@@ -40,7 +40,7 @@
/* Control connection */
0, 0, 0, 0, 0, 0,
/* Data connection */
- -1, 0, -1, 0, 0, 0, 0,
+ -1, 0, -1, 0, 0, 0, 0, 0,
/* Login */
1, 0, INIT_MYSTR, INIT_MYSTR,
/* Protocol state */
diff --git a/session.h b/session.h
index 956bfb7..3e8fdd5 100644
--- a/session.h
+++ b/session.h
@@ -29,9 +29,10 @@ struct vsf_session
struct vsf_sysutil_sockaddr* p_port_sockaddr;
int data_fd;
int data_progress;
- unsigned int bw_rate_max;
+ unsigned long bw_rate_max;
long bw_send_start_sec;
long bw_send_start_usec;
+ unsigned long bw_retval;
/* Details of the login */
int is_anonymous;
--
2.14.4

81
0026-Prevent-hanging-in-SIGCHLD-handler.patch
View file

@ -1,81 +0,0 @@
From 1e65a0a15f819b8bf1b551bd84f71d0da1f5a00c Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:02:27 +0100
Subject: [PATCH 26/59] Prevent hanging in SIGCHLD handler.
vsftpd can now handle pam_exec.so in pam.d config without hanging
in SIGCHLD handler.
---
sysutil.c | 4 ++--
sysutil.h | 2 +-
twoprocess.c | 13 +++++++++++--
3 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index 6d7cb3f..099748f 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -608,13 +608,13 @@ vsf_sysutil_exit(int exit_code)
}
struct vsf_sysutil_wait_retval
-vsf_sysutil_wait(void)
+vsf_sysutil_wait(int hang)
{
struct vsf_sysutil_wait_retval retval;
vsf_sysutil_memclr(&retval, sizeof(retval));
while (1)
{
- int sys_ret = wait(&retval.exit_status);
+ int sys_ret = waitpid(-1, &retval.exit_status, hang ? 0 : WNOHANG);
if (sys_ret < 0 && errno == EINTR)
{
vsf_sysutil_check_pending_actions(kVSFSysUtilUnknown, 0, 0);
diff --git a/sysutil.h b/sysutil.h
index c145bdf..13153cd 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -177,7 +177,7 @@ struct vsf_sysutil_wait_retval
int PRIVATE_HANDS_OFF_syscall_retval;
int PRIVATE_HANDS_OFF_exit_status;
};
-struct vsf_sysutil_wait_retval vsf_sysutil_wait(void);
+struct vsf_sysutil_wait_retval vsf_sysutil_wait(int hang);
int vsf_sysutil_wait_reap_one(void);
int vsf_sysutil_wait_get_retval(
const struct vsf_sysutil_wait_retval* p_waitret);
diff --git a/twoprocess.c b/twoprocess.c
index 33d84dc..b1891e7 100644
--- a/twoprocess.c
+++ b/twoprocess.c
@@ -47,8 +47,17 @@ static void
handle_sigchld(void* duff)
{
- struct vsf_sysutil_wait_retval wait_retval = vsf_sysutil_wait();
+ struct vsf_sysutil_wait_retval wait_retval = vsf_sysutil_wait(0);
(void) duff;
+ if (!vsf_sysutil_wait_get_exitcode(&wait_retval) &&
+ !vsf_sysutil_wait_get_retval(&wait_retval))
+ /* There was nobody to wait for, possibly caused by underlying library
+ * which created a new process through fork()/vfork() and already picked
+ * it up, e.g. by pam_exec.so or integrity check routines for libraries
+ * when FIPS mode is on (nss freebl), which can lead to calling prelink
+ * if the prelink package is installed.
+ */
+ return;
/* Child died, so we'll do the same! Report it as an error unless the child
* exited normally with zero exit code
*/
@@ -390,7 +399,7 @@ common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str,
priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK);
if (!p_sess->control_use_ssl)
{
- (void) vsf_sysutil_wait();
+ (void) vsf_sysutil_wait(1);
}
else
{
--
2.14.4

138
0027-Delete-files-when-upload-fails.patch
View file

@ -1,138 +0,0 @@
From 6224ecc5ac209323baa775880c0602c3fde3590a Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:10:41 +0100
Subject: [PATCH 27/59] Delete files when upload fails.
Previously the uploaded file wasn't removed when the network was
disconnected. Now it is successfully deleted.
---
ftpcodes.h | 3 ++-
ftpdataio.c | 8 ++++++++
main.c | 2 +-
postlogin.c | 9 ++++++++-
session.h | 1 +
sysutil.c | 10 ++++++++++
sysutil.h | 1 +
7 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/ftpcodes.h b/ftpcodes.h
index 81e25c5..54dfae7 100644
--- a/ftpcodes.h
+++ b/ftpcodes.h
@@ -15,7 +15,8 @@
#define FTP_PBSZOK 200
#define FTP_PROTOK 200
#define FTP_OPTSOK 200
-#define FTP_ALLOOK 202
+#define FTP_ALLOOK 200
+#define FTP_ALLOIGN 202
#define FTP_FEAT 211
#define FTP_STATOK 211
#define FTP_SIZEOK 213
diff --git a/ftpdataio.c b/ftpdataio.c
index 00f9021..c859d80 100644
--- a/ftpdataio.c
+++ b/ftpdataio.c
@@ -242,6 +242,10 @@ init_data_sock_params(struct vsf_session* p_sess, int sock_fd)
/* Start the timeout monitor */
vsf_sysutil_install_io_handler(handle_io, p_sess);
start_data_alarm(p_sess);
+ if(tunable_delete_failed_uploads)
+ {
+ vsf_sysutil_rcvtimeo(sock_fd);
+ }
}
static void
@@ -615,6 +619,10 @@ do_file_recv(struct vsf_session* p_sess, int file_fd, int is_ascii)
else if (retval == 0 && !prev_cr)
{
/* Transfer done, nifty */
+ if (tunable_delete_failed_uploads &&
+ !is_ascii && p_sess->upload_size > 0 &&
+ p_sess->upload_size != ret_struct.transferred)
+ ret_struct.retval = -2;
return ret_struct;
}
num_to_write = (unsigned int) retval;
diff --git a/main.c b/main.c
index f1e2f69..f039081 100644
--- a/main.c
+++ b/main.c
@@ -44,7 +44,7 @@ main(int argc, const char* argv[])
/* Login */
1, 0, INIT_MYSTR, INIT_MYSTR,
/* Protocol state */
- 0, 1, INIT_MYSTR, 0, 0,
+ 0, 0, 1, INIT_MYSTR, 0, 0,
/* HTTP hacks */
0, INIT_MYSTR,
/* Session state */
diff --git a/postlogin.c b/postlogin.c
index 29958c0..e473c34 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -356,7 +356,14 @@ process_post_login(struct vsf_session* p_sess)
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "ALLO"))
{
- vsf_cmdio_write(p_sess, FTP_ALLOOK, "ALLO command ignored.");
+ if (tunable_delete_failed_uploads && !p_sess->is_ascii)
+ {
+ p_sess->upload_size = (filesize_t)vsf_sysutil_atoi(str_getbuf(&p_sess->ftp_cmd_str)+5);
+ vsf_cmdio_write(p_sess, FTP_ALLOOK, "The filesize has been allocated.");
+ }
+ else {
+ vsf_cmdio_write(p_sess, FTP_ALLOIGN, "ALLO command ignored.");
+ }
}
else if (str_equal_text(&p_sess->ftp_cmd_str, "REIN"))
{
diff --git a/session.h b/session.h
index 3e8fdd5..4eccf46 100644
--- a/session.h
+++ b/session.h
@@ -41,6 +41,7 @@ struct vsf_session
struct mystr anon_pass_str;
/* Details of the FTP protocol state */
+ filesize_t upload_size;
filesize_t restart_pos;
int is_ascii;
struct mystr rnfr_filename_str;
diff --git a/sysutil.c b/sysutil.c
index 099748f..42bcdf8 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -680,6 +680,16 @@ vsf_sysutil_activate_keepalive(int fd)
}
}
+void
+vsf_sysutil_rcvtimeo(int fd)
+{
+ struct timeval tv;
+
+ tv.tv_sec = tunable_data_connection_timeout;
+ tv.tv_usec = 0;
+ setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
+}
+
void
vsf_sysutil_activate_reuseaddr(int fd)
{
diff --git a/sysutil.h b/sysutil.h
index 13153cd..2886bbc 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -266,6 +266,7 @@ void vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
const char* p_name);
/* Option setting on sockets */
void vsf_sysutil_activate_keepalive(int fd);
+void vsf_sysutil_rcvtimeo(int fd);
void vsf_sysutil_set_iptos_throughput(int fd);
void vsf_sysutil_activate_reuseaddr(int fd);
void vsf_sysutil_set_nodelay(int fd);
--
2.14.4

26
0028-Fix-man-page-rendering.patch
View file

@ -1,26 +0,0 @@
From ea99be1a7a5973bbe8ed798b65abe5ce3b92f5df Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:12:52 +0100
Subject: [PATCH 28/59] Fix man page rendering.
---
vsftpd.conf.5 | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 31d317f..cf1ae34 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -495,7 +495,8 @@ Default: NO
.TP
.B ssl_request_cert
If enabled, vsftpd will request (but not necessarily require; see
-.BR require_cert) a certificate on incoming SSL connections. Normally this
+.BR require_cert )
+a certificate on incoming SSL connections. Normally this
should not cause any trouble at all, but IBM zOS seems to have issues.
(New in v2.0.7).
--
2.14.4

25
0029-Fix-segfault-in-config-file-parser.patch
View file

@ -1,25 +0,0 @@
From 34b9e1d10c6be736f1b20be8795c655446f38c5e Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:14:55 +0100
Subject: [PATCH 29/59] Fix segfault in config file parser.
---
str.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/str.c b/str.c
index 41b27db..82b8ae4 100644
--- a/str.c
+++ b/str.c
@@ -113,7 +113,7 @@ str_strdup_trimmed(const struct mystr* p_str)
for (h = 0; h < (int)str_getlen(p_str) && vsf_sysutil_isspace(p_trimmed[h]); h++) ;
for (t = str_getlen(p_str) - 1; t >= 0 && vsf_sysutil_isspace(p_trimmed[t]); t--) ;
newlen = t - h + 1;
- return newlen ? vsf_sysutil_strndup(p_trimmed+h, (unsigned int)newlen) : 0L;
+ return (newlen > 0) ? vsf_sysutil_strndup(p_trimmed+h, (unsigned int)newlen) : 0L;
}
void
--
2.14.4

25
0030-Fix-logging-into-syslog-when-enabled-in-config.patch
View file

@ -1,25 +0,0 @@
From 03ff061f18f555d7bec62fa6a597a275b4b3f1c7 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:18:22 +0100
Subject: [PATCH 30/59] Fix logging into syslog when enabled in config.
---
logging.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/logging.c b/logging.c
index 99671b4..c4461f7 100644
--- a/logging.c
+++ b/logging.c
@@ -32,7 +32,7 @@ vsf_log_init(struct vsf_session* p_sess)
{
if (tunable_syslog_enable || tunable_tcp_wrappers)
{
- vsf_sysutil_openlog(1);
+ vsf_sysutil_openlog(0);
}
if (!tunable_xferlog_enable && !tunable_dual_log_enable)
{
--
2.14.4

28
0031-Fix-question-mark-wildcard-withing-a-file-name.patch
View file

@ -1,28 +0,0 @@
From 0da42468ac9518a544aad57d22d7697d6bdfa969 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:25:12 +0100
Subject: [PATCH 31/59] Fix question mark wildcard withing a file name.
Previously '?' worked only at the end of a file name, now it can
be used anywhere.
---
ls.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ls.c b/ls.c
index 3c0988c..35c15c7 100644
--- a/ls.c
+++ b/ls.c
@@ -459,7 +459,8 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
must_match_at_current_pos = 0;
}
} while (locate_result.found &&
- str_getlen(&name_remain_str) > 0 && last_token != '*');
+ str_getlen(&name_remain_str) > 0 &&
+ last_token != '*' && last_token != '?');
}
/* Any incoming string left means no match unless we ended on the correct
* type of wildcard.
--
2.14.4

147
0032-Propagate-errors-from-nfs-with-quota-to-client.patch
View file

@ -1,147 +0,0 @@
From aa9cb48373018502ef99a57aad70b69c0c75ff65 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 13:29:59 +0100
Subject: [PATCH 32/59] Propagate errors from nfs with quota to client.
vsftpd now checks for errors when closing newly uploaded file and
forward errors to the client (e.g. when file system quota was
exceeded)
---
ftpcodes.h | 1 +
postlogin.c | 32 ++++++++++++++++++++++++++++++--
sysutil.c | 21 +++++++++++++++++++++
sysutil.h | 1 +
4 files changed, 53 insertions(+), 2 deletions(-)
diff --git a/ftpcodes.h b/ftpcodes.h
index 54dfae7..97801f3 100644
--- a/ftpcodes.h
+++ b/ftpcodes.h
@@ -74,6 +74,7 @@
#define FTP_NOHANDLEPROT 536
#define FTP_FILEFAIL 550
#define FTP_NOPERM 550
+#define FTP_DISKQUOTA 552
#define FTP_UPLOADFAIL 553
#endif /* VSF_FTPCODES_H */
diff --git a/postlogin.c b/postlogin.c
index e473c34..8363c9c 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -28,6 +28,8 @@
#include "vsftpver.h"
#include "opts.h"
+#include <errno.h>
+
/* Private local functions */
static void handle_pwd(struct vsf_session* p_sess);
static void handle_cwd(struct vsf_session* p_sess);
@@ -1035,8 +1037,10 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
struct vsf_transfer_ret trans_ret;
int new_file_fd;
int remote_fd;
+ int close_errno;
int success = 0;
int created = 0;
+ int closed = 0;
int do_truncate = 0;
filesize_t offset = p_sess->restart_pos;
p_sess->restart_pos = 0;
@@ -1149,6 +1153,18 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
trans_ret = vsf_ftpdataio_transfer_file(p_sess, remote_fd,
new_file_fd, 1, 0);
}
+
+ /* Need to check close operation here because some errors
+ * like EIO, EDQUOT, ENOSPC can be detected only on close
+ * when using NFS
+ */
+ close_errno = vsf_sysutil_close_errno(new_file_fd);
+ closed = 1;
+ if (close_errno != 0)
+ {
+ trans_ret.retval = -1;
+ }
+
if (vsf_ftpdataio_dispose_transfer_fd(p_sess) != 1 && trans_ret.retval == 0)
{
trans_ret.retval = -2;
@@ -1161,7 +1177,16 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
}
if (trans_ret.retval == -1)
{
- vsf_cmdio_write(p_sess, FTP_BADSENDFILE, "Failure writing to local file.");
+ /* Disk quota exceeded */
+ if (close_errno == EDQUOT)
+ {
+ vsf_cmdio_write(p_sess, FTP_DISKQUOTA, "Disk quota exceeded.");
+ }
+ /* any other local error */
+ else
+ {
+ vsf_cmdio_write(p_sess, FTP_BADSENDFILE, "Failure writing to local file.");
+ }
}
else if (trans_ret.retval == -2)
{
@@ -1183,7 +1208,10 @@ port_pasv_cleanup_out:
{
str_unlink(p_filename);
}
- vsf_sysutil_close(new_file_fd);
+ if (!closed)
+ {
+ vsf_sysutil_close(new_file_fd);
+ }
}
static void
diff --git a/sysutil.c b/sysutil.c
index 42bcdf8..1c0422e 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1268,6 +1268,27 @@ vsf_sysutil_close(int fd)
}
}
+int
+vsf_sysutil_close_errno(int fd)
+{
+ while (1)
+ {
+ int retval = close(fd);
+ if (retval != 0)
+ {
+ if (errno == EINTR)
+ {
+ vsf_sysutil_check_pending_actions(kVSFSysUtilUnknown, 0, 0);
+ continue;
+ }
+ else {
+ return errno;
+ }
+ }
+ return 0;
+ }
+}
+
int
vsf_sysutil_close_failok(int fd)
{
diff --git a/sysutil.h b/sysutil.h
index 2886bbc..be727f5 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -92,6 +92,7 @@ int vsf_sysutil_create_or_open_file_append(const char* p_filename,
int vsf_sysutil_create_or_open_file(const char* p_filename, unsigned int mode);
void vsf_sysutil_dupfd2(int old_fd, int new_fd);
void vsf_sysutil_close(int fd);
+int vsf_sysutil_close_errno(int fd);
int vsf_sysutil_close_failok(int fd);
int vsf_sysutil_unlink(const char* p_dead);
int vsf_sysutil_write_access(const char* p_filename);
--
2.14.4

25
0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch
View file

@ -1,25 +0,0 @@
From 4922e60589326540b2ee4f0bdfd6cb95f645f3d5 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Fri, 18 Nov 2016 10:23:29 +0100
Subject: [PATCH 34/59] Turn off seccomp sandbox, because it is too strict.
---
tunables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tunables.c b/tunables.c
index 78f2bcd..5440c00 100644
--- a/tunables.c
+++ b/tunables.c
@@ -237,7 +237,7 @@ tunables_load_defaults()
tunable_isolate_network = 1;
tunable_ftp_enable = 1;
tunable_http_enable = 0;
- tunable_seccomp_sandbox = 1;
+ tunable_seccomp_sandbox = 0;
tunable_allow_writeable_chroot = 0;
tunable_accept_timeout = 60;
--
2.14.4

29
0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
View file

@ -1,29 +0,0 @@
From 18e0ab25a0d66088728b506cf64f5545637eda26 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 5 Sep 2017 14:26:08 +0200
Subject: [PATCH 36/59] Redefine VSFTP_COMMAND_FD to 1
Redefine VSFTP_COMMAND_FD to 1 (stdout) so that error messages generated
during startup are picked up by systemd.
Resolves: rhbz#1443055
---
defs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/defs.h b/defs.h
index bde3232..315f0f0 100644
--- a/defs.h
+++ b/defs.h
@@ -3,7 +3,7 @@
#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
-#define VSFTP_COMMAND_FD 0
+#define VSFTP_COMMAND_FD 1
#define VSFTP_PASSWORD_MAX 128
#define VSFTP_USERNAME_MAX 128
--
2.14.4

29
0037-Document-the-relationship-of-text_userdb_names-and-c.patch
View file

@ -1,29 +0,0 @@
From 221f35f302d53f5a89f8e79592492e7cb322e81a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 26 Oct 2017 13:08:32 +0200
Subject: [PATCH 37/59] Document the relationship of text_userdb_names and
chroot_local_user
Note in vsftpd.conf(5) that text_userdb_names may not work when
chroot_local_user is set to YES.
---
vsftpd.conf.5 | 3 +++
1 file changed, 3 insertions(+)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index a3d569e..45b3f9c 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -578,6 +578,9 @@ Default: NO
By default, numeric IDs are shown in the user and group fields of directory
listings. You can get textual names by enabling this parameter. It is off
by default for performance reasons.
+Note that textual names are not guaranteed when
+.BR chroot_local_user
+is set to YES.
Default: NO
.TP
--
2.14.4

32
0038-Document-allow_writeable_chroot-in-the-man-page.patch
View file

@ -1,32 +0,0 @@
From 35ec3be5427a54facd5f6299fda2da4c146d4846 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 24 Nov 2017 11:22:43 +0100
Subject: [PATCH 38/59] Document allow_writeable_chroot in the man page
---
vsftpd.conf.5 | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 45b3f9c..d1f0db5 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -56,6 +56,15 @@ Only applies if
is active. If set to YES, anonymous users will be allowed to use secured SSL
connections.
+Default: NO
+.TP
+.B allow_writeable_chroot
+Allow chroot()'ing a user to a directory writable by that user. Note that
+setting this to YES is potentially dangerous. For example, if the user
+creates an 'etc' directory in the new root directory, they could potentially
+trick the C library into loading a user-created configuration file from the
+/etc/ directory.
+
Default: NO
.TP
.B anon_mkdir_write_enable
--
2.14.4

34
0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
View file

@ -1,34 +0,0 @@
From 7d4b76abb437184fa692533cb5537318026a30e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 24 Nov 2017 11:26:37 +0100
Subject: [PATCH 39/59] Improve documentation of ASCII mode in the man page
---
vsftpd.conf.5 | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index d1f0db5..3ca55e4 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -113,11 +113,17 @@ Default: YES
.TP
.B ascii_download_enable
When enabled, ASCII mode data transfers will be honoured on downloads.
+When disabled, the server will pretend to allow ASCII mode but in fact
+ignore the request. Turn this option on to have the server actually do
+ASCII mangling on files when in ASCII mode.
Default: NO
.TP
.B ascii_upload_enable
When enabled, ASCII mode data transfers will be honoured on uploads.
+See also
+.BR ascii_download_enable
+for more details.
Default: NO
.TP
--
2.14.4

27
0040-Use-system-wide-crypto-policy.patch
View file

@ -1,27 +0,0 @@
From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 29 Aug 2017 10:32:16 +0200
Subject: [PATCH 40/59] Use system wide crypto policy
Resolves: rhbz#
---
tunables.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/tunables.c b/tunables.c
index 5440c00..354251c 100644
--- a/tunables.c
+++ b/tunables.c
@@ -297,8 +297,7 @@ tunables_load_defaults()
install_str_setting(0, &tunable_dsa_cert_file);
install_str_setting(0, &tunable_dh_param_file);
install_str_setting(0, &tunable_ecdh_param_file);
- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA",
- &tunable_ssl_ciphers);
+ install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
--
2.14.4

31
0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
View file

@ -1,31 +0,0 @@
From 2369d1ea5144d525d315aba90da528e7d9bfd1cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 21 Dec 2017 14:19:18 +0100
Subject: [PATCH 41/59] Document the new default for ssl_ciphers in the man
page
Related: rhbz#1483970
---
vsftpd.conf.5 | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 3ca55e4..2a7662e 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -1078,7 +1078,11 @@ man page for further details. Note that restricting ciphers can be a useful
security precaution as it prevents malicious remote parties forcing a cipher
which they have found problems with.
-Default: DES-CBC3-SHA
+By default, the system-wide crypto policy is used. See
+.BR update-crypto-policies(8)
+for further details.
+
+Default: PROFILE=SYSTEM
.TP
.B ssl_sni_hostname
If set, SSL connections will be rejected unless the SNI hostname in the
--
2.14.4

32
0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
View file

@ -1,32 +0,0 @@
From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 21 Dec 2017 14:29:25 +0100
Subject: [PATCH 42/59] When handling FEAT command, check ssl_tlsv1_1 and
ssl_tlsv1_2
Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1
or ssl_tlsv1_2 configuration option is enabled.
The patch was written by Martin Sehnoutka.
Resolves: rhbz#1432054
---
features.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/features.c b/features.c
index 1212980..d024366 100644
--- a/features.c
+++ b/features.c
@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess)
{
vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n");
}
- if (tunable_tlsv1)
+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3)
{
vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
}
--
2.14.4

26
0044-Disable-anonymous_enable-in-default-config-file.patch
View file

@ -1,26 +0,0 @@
From ffaeebcfdb56ba75392af21c68c0bac78a226b55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 2 Jan 2018 09:54:43 +0100
Subject: [PATCH 44/59] Disable anonymous_enable in default config file
Resolves: rhbz#1338637
---
vsftpd.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index 39d1955..4626c1b 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -9,7 +9,7 @@
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
-anonymous_enable=YES
+anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
--
2.14.4

52
0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
View file

@ -1,52 +0,0 @@
From 61327320b54a59e319c522151f7a61c74ec94f2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 2 Jan 2018 16:25:55 +0100
Subject: [PATCH 45/59] Expand explanation of ascii_* options behaviour in man
page
---
vsftpd.conf.5 | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index df14027..a5abeb2 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -114,16 +114,30 @@ Default: YES
.B ascii_download_enable
When enabled, ASCII mode data transfers will be honoured on downloads.
When disabled, the server will pretend to allow ASCII mode but in fact
-ignore the request. Turn this option on to have the server actually do
+ignore requests to activate it. So the client will think the ASCII mode
+is active and therefore may still translate any
+.BR <CRLF>
+character sequences in the received file. See the following article for
+a detailed explanation of the behaviour:
+https://access.redhat.com/articles/3250241.
+
+Turn this option on to have the server actually do
ASCII mangling on files when in ASCII mode.
Default: NO
.TP
.B ascii_upload_enable
When enabled, ASCII mode data transfers will be honoured on uploads.
-See also
-.BR ascii_download_enable
-for more details.
+When disabled, the server will pretend to allow ASCII mode but in fact
+ignore requests to activate it. So the client will think the ASCII mode
+is active and will translate native line terminators to the standard
+.BR <CRLF>
+line terminators for transmission, but the server will not do
+any translation. See the following article for a detailed explanation
+of the behaviour: https://access.redhat.com/articles/3250241.
+
+Turn this option on to have the server actually do
+ASCII mangling on files when in ASCII mode.
Default: NO
.TP
--
2.14.4

27
0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
View file

@ -1,27 +0,0 @@
From 446f7c1ec54e06b5da2e890e0cd8fbd7308322c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 2 Jan 2018 16:33:18 +0100
Subject: [PATCH 46/59] vsftpd.conf: Refer to the man page regarding the
ascii_* options
---
vsftpd.conf | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index 4626c1b..e70bc6d 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -73,7 +73,8 @@ xferlog_std_format=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
-# mangling on files when in ASCII mode.
+# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
+# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
--
2.14.4

49
0047-Disable-tcp_wrappers-support.patch
View file

@ -1,49 +0,0 @@
From b383ec42bb750419fea102fccf36af5216145eb2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 5 Jan 2018 09:17:13 +0100
Subject: [PATCH 47/59] Disable tcp_wrappers support
Resolves: rhbz#1518796
---
Makefile | 2 +-
builddefs.h | 1 -
vsftpd.conf | 1 -
3 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/Makefile b/Makefile
index 98118dc..612994e 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
-D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion
-LIBS = -lwrap -lnsl -lpam -lcap -ldl -lcrypto
+LIBS = -lnsl -lpam -lcap -ldl -lcrypto
LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
diff --git a/builddefs.h b/builddefs.h
index 83de674..2aa3a4c 100644
--- a/builddefs.h
+++ b/builddefs.h
@@ -1,7 +1,6 @@
#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H
-#define VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
#define VSF_BUILD_SSL
diff --git a/vsftpd.conf b/vsftpd.conf
index e70bc6d..6b8eebb 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -125,4 +125,3 @@ listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
-tcp_wrappers=YES
--
2.14.4

29
0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
View file

@ -1,29 +0,0 @@
From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 5 Jan 2018 09:40:09 +0100
Subject: [PATCH 48/59] Fix default value of strict_ssl_read_eof in man page
---
vsftpd.conf.5 | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index a5abeb2..43b0435 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -574,10 +574,9 @@ Default: YES
.B strict_ssl_read_eof
If enabled, SSL data uploads are required to terminate via SSL, not an
EOF on the socket. This option is required to be sure that an attacker did
-not terminate an upload prematurely with a faked TCP FIN. Unfortunately, it
-is not enabled by default because so few clients get it right. (New in v2.0.7).
+not terminate an upload prematurely with a faked TCP FIN. (New in v2.0.7).
-Default: NO
+Default: YES
.TP
.B strict_ssl_write_shutdown
If enabled, SSL data downloads are required to terminate via SSL, not an
--
2.14.4

322
0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch
View file

@ -1,322 +0,0 @@
From 1203b943b369651d96d057f8190f14f015e6ff0b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 6 Feb 2018 13:30:44 +0100
Subject: [PATCH 49/59] Add new filename generation algorithm for STOU command
A new configuration option 'better_stou' can be used to enable
a better algorithm for generating unique filenames.
Resolves: rhbz#1479237
---
parseconf.c | 1 +
postlogin.c | 176 +++++++++++++++++++++++++++++++++++++++++++++++++---------
sysutil.c | 3 +
sysutil.h | 3 +-
tunables.c | 2 +
tunables.h | 3 +
vsftpd.conf.5 | 5 ++
7 files changed, 166 insertions(+), 27 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 33a1349..47b54f1 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -111,6 +111,7 @@ parseconf_bool_array[] =
{ "http_enable", &tunable_http_enable },
{ "seccomp_sandbox", &tunable_seccomp_sandbox },
{ "allow_writeable_chroot", &tunable_allow_writeable_chroot },
+ { "better_stou", &tunable_better_stou },
{ 0, 0 }
};
diff --git a/postlogin.c b/postlogin.c
index 8363c9c..7c749ef 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -29,6 +29,7 @@
#include "opts.h"
#include <errno.h>
+#include <stdio.h>
/* Private local functions */
static void handle_pwd(struct vsf_session* p_sess);
@@ -1028,6 +1029,114 @@ handle_stor(struct vsf_session* p_sess)
handle_upload_common(p_sess, 0, 0);
}
+/* Based on __gen_tempname() from glibc - thanks, glibc! Relicensed
+ * from LGPL2.1+ to GPL2.
+ */
+static int
+create_unique_file(struct vsf_session* p_sess, struct mystr* p_outstr,
+ const struct mystr* p_base_str,
+ int (*access_checker)(const struct mystr*))
+{
+ struct mystr s_result = INIT_MYSTR;
+ const int suffix_len = 6;
+ unsigned int count;
+ static unsigned long long int value;
+ unsigned long long int random_time_bits;
+ int fd = -1;
+ /* These are the characters used in temporary file names. */
+ struct mystr s_letters = INIT_MYSTR;
+ unsigned int s_letters_len;
+ int base_len;
+
+ str_alloc_text(&s_letters,
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
+ s_letters_len = str_getlen(&s_letters);
+
+ /* A lower bound on the number of temporary files to attempt to
+ generate. The maximum total number of temporary file names that
+ can exist for a given template is 62**6. It should never be
+ necessary to try all of these combinations. Instead if a reasonable
+ number of names is tried (we define reasonable as 62**3) fail to
+ give the system administrator the chance to remove the problems. */
+#define ATTEMPTS_MIN (62 * 62 * 62)
+
+ /* The number of times to attempt to generate a temporary file. */
+#if ATTEMPTS_MIN < TMP_MAX
+ unsigned int attempts = TMP_MAX;
+#else
+ unsigned int attempts = ATTEMPTS_MIN;
+#endif
+#undef ATTEMPTS_MIN
+
+ {
+ long sec = vsf_sysutil_get_time_sec();
+ long usec = vsf_sysutil_get_time_usec();
+ random_time_bits = ((unsigned long long int) usec << 16) ^ sec;
+ value += random_time_bits ^ vsf_sysutil_getpid();
+ }
+
+ if (str_isempty(p_base_str))
+ {
+ const char *base = "STOU.";
+ base_len = vsf_sysutil_strlen(base);
+ str_reserve(&s_result, base_len + suffix_len);
+ str_alloc_text(&s_result, base);
+ }
+ else
+ {
+ str_reserve(&s_result, str_getlen(p_base_str) + suffix_len + 1);
+ str_copy(&s_result, p_base_str);
+ str_append_char(&s_result, '.');
+ base_len = str_getlen(&s_result);
+ }
+
+ for (count = 0; count < attempts; value += 7777, ++count)
+ {
+ unsigned long long v = value;
+ str_trunc(&s_result, base_len);
+ for (int i = 0; i < suffix_len; ++i)
+ {
+ char c;
+ c = str_get_char_at(&s_letters, v % s_letters_len);
+ v /= s_letters_len;
+ str_append_char(&s_result, c);
+ }
+ if (!access_checker(&s_result))
+ {
+ /* If we generate a filename which is not allowed, we fail immediatelly,
+ * without trying any other possibilities. This is to prevent attackers
+ * from keeping us busy.
+ */
+ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied.");
+ break;
+ }
+ fd = str_create_exclusive(&s_result);
+ if (vsf_sysutil_retval_is_error(fd))
+ {
+ if (kVSFSysUtilErrEXIST == vsf_sysutil_get_error())
+ {
+ continue;
+ }
+ else
+ {
+ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file.");
+ break;
+ }
+ }
+ else
+ {
+ break;
+ }
+ }
+ if (!vsf_sysutil_retval_is_error(fd))
+ {
+ str_copy(p_outstr, &s_result);
+ }
+ str_free(&s_letters);
+ str_free(&s_result);
+ return fd;
+}
+
static void
handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
{
@@ -1049,41 +1158,56 @@ handle_upload_common(struct vsf_session* p_sess, int is_append, int is_unique)
return;
}
resolve_tilde(&p_sess->ftp_arg_str, p_sess);
- p_filename = &p_sess->ftp_arg_str;
- if (is_unique)
- {
- get_unique_filename(&s_filename, p_filename);
- p_filename = &s_filename;
- }
vsf_log_start_entry(p_sess, kVSFLogEntryUpload);
str_copy(&p_sess->log_str, &p_sess->ftp_arg_str);
prepend_path_to_filename(&p_sess->log_str);
- if (!vsf_access_check_file(p_filename))
- {
- vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied.");
- return;
- }
- /* NOTE - actual file permissions will be governed by the tunable umask */
- /* XXX - do we care about race between create and chown() of anonymous
- * upload?
- */
- if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable))
+ p_filename = &p_sess->ftp_arg_str;
+ if (is_unique && tunable_better_stou)
{
- new_file_fd = str_create_exclusive(p_filename);
+ new_file_fd = create_unique_file(p_sess, &s_filename, p_filename,
+ vsf_access_check_file);
+ if (vsf_sysutil_retval_is_error(new_file_fd))
+ {
+ return;
+ }
+ p_filename = &s_filename;
}
else
{
- /* For non-anonymous, allow open() to overwrite or append existing files */
- new_file_fd = str_create(p_filename);
- if (!is_append && offset == 0)
+ if (is_unique)
{
- do_truncate = 1;
+ get_unique_filename(&s_filename, p_filename);
+ p_filename = &s_filename;
+ }
+ if (!vsf_access_check_file(p_filename))
+ {
+ vsf_cmdio_write(p_sess, FTP_NOPERM, "Permission denied.");
+ return;
+ }
+ /* NOTE - actual file permissions will be governed by the tunable umask */
+ /* XXX - do we care about race between create and chown() of anonymous
+ * upload?
+ */
+ if (is_unique || (p_sess->is_anonymous && !tunable_anon_other_write_enable))
+ {
+ new_file_fd = str_create_exclusive(p_filename);
+ }
+ else
+ {
+ /* For non-anonymous, allow open() to overwrite or append existing
+ * files
+ */
+ new_file_fd = str_create(p_filename);
+ if (!is_append && offset == 0)
+ {
+ do_truncate = 1;
+ }
+ }
+ if (vsf_sysutil_retval_is_error(new_file_fd))
+ {
+ vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file.");
+ return;
}
- }
- if (vsf_sysutil_retval_is_error(new_file_fd))
- {
- vsf_cmdio_write(p_sess, FTP_UPLOADFAIL, "Could not create file.");
- return;
}
created = 1;
vsf_sysutil_fstat(new_file_fd, &s_p_statbuf);
diff --git a/sysutil.c b/sysutil.c
index 1c0422e..e847650 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1666,6 +1666,9 @@ vsf_sysutil_get_error(void)
case EAGAIN:
retval = kVSFSysUtilErrAGAIN;
break;
+ case EEXIST:
+ retval = kVSFSysUtilErrEXIST;
+ break;
default:
break;
}
diff --git a/sysutil.h b/sysutil.h
index be727f5..7a59f13 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -19,7 +19,8 @@ enum EVSFSysUtilError
kVSFSysUtilErrOPNOTSUPP,
kVSFSysUtilErrACCES,
kVSFSysUtilErrNOENT,
- kVSFSysUtilErrAGAIN
+ kVSFSysUtilErrAGAIN,
+ kVSFSysUtilErrEXIST
};
enum EVSFSysUtilError vsf_sysutil_get_error(void);
diff --git a/tunables.c b/tunables.c
index 9680528..5ec2bdc 100644
--- a/tunables.c
+++ b/tunables.c
@@ -92,6 +92,7 @@ int tunable_ftp_enable;
int tunable_http_enable;
int tunable_seccomp_sandbox;
int tunable_allow_writeable_chroot;
+int tunable_better_stou;
unsigned int tunable_accept_timeout;
unsigned int tunable_connect_timeout;
@@ -239,6 +240,7 @@ tunables_load_defaults()
tunable_http_enable = 0;
tunable_seccomp_sandbox = 0;
tunable_allow_writeable_chroot = 0;
+ tunable_better_stou = 0;
tunable_accept_timeout = 60;
tunable_connect_timeout = 60;
diff --git a/tunables.h b/tunables.h
index a466427..85ea1a8 100644
--- a/tunables.h
+++ b/tunables.h
@@ -93,6 +93,9 @@ extern int tunable_ftp_enable; /* Allow FTP protocol */
extern int tunable_http_enable; /* Allow HTTP protocol */
extern int tunable_seccomp_sandbox; /* seccomp filter sandbox */
extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */
+extern int tunable_better_stou; /* Use better file name generation
+ * algorithm for the STOU command
+ */
/* Integer/numeric defines */
extern unsigned int tunable_accept_timeout;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 43b0435..6911a73 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -65,6 +65,11 @@ creates an 'etc' directory in the new root directory, they could potentially
trick the C library into loading a user-created configuration file from the
/etc/ directory.
+Default: NO
+.TP
+.B better_stou
+Use better file name generation algorithm for the STOU command.
+
Default: NO
.TP
.B anon_mkdir_write_enable
--
2.14.4

27
0050-Don-t-link-with-libnsl.patch
View file

@ -1,27 +0,0 @@
From f8663f35d5d150f0533bb052e48306b9a5111d87 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 6 Feb 2018 18:04:53 +0100
Subject: [PATCH 50/59] Don't link with libnsl
Don't link with libnsl. It builds just fine without it and
vsf_findlibs.sh enables it only when tcp_wrappers is enabled.
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 612994e..0f7411c 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 \
-D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion
-LIBS = -lnsl -lpam -lcap -ldl -lcrypto
+LIBS = -lpam -lcap -ldl -lcrypto
LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now
--
2.14.4

30
0051-Improve-documentation-of-better_stou-in-the-man-page.patch
View file

@ -1,30 +0,0 @@
From 765f99b26705c8d6fe2be4feb07f4c91e7eb96f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 5 Apr 2018 12:29:03 +0200
Subject: [PATCH 51/59] Improve documentation of better_stou in the man page
---
vsftpd.conf.5 | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 6911a73..e9ae474 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -68,7 +68,12 @@ trick the C library into loading a user-created configuration file from the
Default: NO
.TP
.B better_stou
-Use better file name generation algorithm for the STOU command.
+Use a better file name generation algorithm for the STOU command. The default
+original algorithm simply adds an increasing number suffix to the file name,
+which is prone to race conditions if multiple uploaders use the STOU command
+with the same file name simultaneously, which can result in failure of the
+command. The new algorithm adds a unique random six character suffix to
+the file name, which works much better in face of concurrent uploads.
Default: NO
.TP
--
2.14.4

195
0052-Fix-rDNS-with-IPv6.patch
View file

@ -1,195 +0,0 @@
From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 26 Apr 2018 10:00:19 +0200
Subject: [PATCH 52/59] Fix rDNS with IPv6
Previously IPv6 addresses were not translated to hostnames for PAM to use.
---
privops.c | 3 ++-
sysdeputil.c | 28 +++++++++++++++-------------
sysdeputil.h | 5 ++++-
sysutil.c | 35 +++++++++++++++++++++++++++++++++++
sysutil.h | 4 ++++
5 files changed, 60 insertions(+), 15 deletions(-)
diff --git a/privops.c b/privops.c
index f27c5c4..e577a27 100644
--- a/privops.c
+++ b/privops.c
@@ -383,7 +383,8 @@ handle_local_login(struct vsf_session* p_sess,
struct mystr* p_user_str,
const struct mystr* p_pass_str)
{
- if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str))
+ if (!vsf_sysdep_check_auth(p_sess, p_user_str, p_pass_str,
+ &p_sess->remote_ip_str))
{
return kVSFLoginFail;
}
diff --git a/sysdeputil.c b/sysdeputil.c
index 2063c87..4fe56c2 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -16,10 +16,6 @@
#include "tunables.h"
#include "builddefs.h"
-/* For gethostbyaddr, inet_addr */
-#include <netdb.h>
-#include <arpa/inet.h>
-
/* For Linux, this adds nothing :-) */
#include "port/porting_junk.h"
@@ -242,13 +238,15 @@ void vsf_remove_uwtmp(void);
#ifndef VSF_SYSDEP_HAVE_PAM
int
-vsf_sysdep_check_auth(struct mystr* p_user_str,
+vsf_sysdep_check_auth(struct vsf_session* p_sess,
+ struct mystr* p_user_str,
const struct mystr* p_pass_str,
const struct mystr* p_remote_host)
{
const char* p_crypted;
const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str));
(void) p_remote_host;
+ (void) p_sess;
if (p_pwd == NULL)
{
return 0;
@@ -322,14 +320,14 @@ static int pam_conv_func(int nmsg, const struct pam_message** p_msg,
static void vsf_auth_shutdown(void);
int
-vsf_sysdep_check_auth(struct mystr* p_user_str,
+vsf_sysdep_check_auth(struct vsf_session* p_sess,
+ struct mystr* p_user_str,
const struct mystr* p_pass_str,
const struct mystr* p_remote_host)
{
int retval = -1;
#ifdef PAM_RHOST
- struct sockaddr_in sin;
- struct hostent *host;
+ struct mystr hostname = INIT_MYSTR;
#endif
pam_item_t item;
const char* pam_user_name = 0;
@@ -354,13 +352,17 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
return 0;
}
#ifdef PAM_RHOST
- if (tunable_reverse_lookup_enable) {
- sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host));
- host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET);
- if (host != (struct hostent*)0)
- retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name);
+ if (tunable_reverse_lookup_enable)
+ {
+ if (vsf_sysutil_get_hostname(p_sess->p_remote_addr, &hostname) == 0)
+ {
+ retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(&hostname));
+ str_free(&hostname);
+ }
else
+ {
retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
+ }
} else {
retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
}
diff --git a/sysdeputil.h b/sysdeputil.h
index 3b6b30a..6f2aa0a 100644
--- a/sysdeputil.h
+++ b/sysdeputil.h
@@ -5,6 +5,8 @@
#include "filesize.h"
#endif
+#include "session.h"
+
/* VSF_SYSDEPUTIL_H:
* Support for highly system dependent features, and querying for support
* or lack thereof
@@ -15,7 +17,8 @@ struct mystr;
/* Authentication of local users */
/* Return 0 for fail, 1 for success */
-int vsf_sysdep_check_auth(struct mystr* p_user,
+int vsf_sysdep_check_auth(struct vsf_session* p_sess,
+ struct mystr* p_user,
const struct mystr* p_pass,
const struct mystr* p_remote_host);
diff --git a/sysutil.c b/sysutil.c
index e847650..b68583b 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -2356,6 +2356,41 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
}
}
+int
+vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr,
+ struct mystr* p_str)
+{
+ struct sockaddr *sa;
+ socklen_t sa_len = 0;
+ char hostname[NI_MAXHOST];
+ int res;
+
+ sa = &p_addr->u.u_sockaddr;
+ if (sa->sa_family == AF_INET)
+ {
+ sa_len = sizeof(struct sockaddr_in);
+ }
+ else if (sa->sa_family == AF_INET6)
+ {
+ sa_len = sizeof(struct sockaddr_in6);
+ }
+ else
+ {
+ die("can only support ipv4 and ipv6 currently");
+ }
+ res = getnameinfo(sa, sa_len, hostname, sizeof(hostname), NULL, 0,
+ NI_NAMEREQD);
+ if (res == 0)
+ {
+ str_alloc_text(p_str, hostname);
+ return 0;
+ }
+ else
+ {
+ return -1;
+ }
+}
+
struct vsf_sysutil_user*
vsf_sysutil_getpwuid(const unsigned int uid)
{
diff --git a/sysutil.h b/sysutil.h
index 7a59f13..2df14ed 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -7,6 +7,8 @@
#include "filesize.h"
#endif
+#include "str.h"
+
/* Return value queries */
int vsf_sysutil_retval_is_error(int retval);
enum EVSFSysUtilError
@@ -266,6 +268,8 @@ int vsf_sysutil_connect_timeout(int fd,
unsigned int wait_seconds);
void vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
const char* p_name);
+int vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr,
+ struct mystr* p_str);
/* Option setting on sockets */
void vsf_sysutil_activate_keepalive(int fd);
void vsf_sysutil_rcvtimeo(int fd);
--
2.14.4

32
0053-Always-do-chdir-after-chroot.patch
View file

@ -1,32 +0,0 @@
From 315f9720db94af3319c9550feaf473b9cf09aeac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 3 May 2018 13:20:28 +0200
Subject: [PATCH 53/59] Always do chdir("/") after chroot()
Always do chdir("/") after chroot() to be more sure we'll never get out
of it. This will not affect the working directory after calling
vsf_sysutil_chroot(), because in the current state vsftpd always calls
vsf_sysutil_chroot(".").
---
sysutil.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/sysutil.c b/sysutil.c
index b68583b..3014c05 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -2588,6 +2588,11 @@ vsf_sysutil_chroot(const char* p_root_path)
{
die("chroot");
}
+ retval = chdir("/");
+ if (retval != 0)
+ {
+ die("chdir");
+ }
}
unsigned int
--
2.14.4

33
0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
View file

@ -1,33 +0,0 @@
From ca27e6e34d89fc247a164ed7330735644f97d7d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Wed, 9 May 2018 20:15:29 +0200
Subject: [PATCH 54/59] vsf_sysutil_rcvtimeo: Check return value of setsockopt
---
sysutil.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/sysutil.c b/sysutil.c
index 3014c05..de5f876 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -684,10 +684,15 @@ void
vsf_sysutil_rcvtimeo(int fd)
{
struct timeval tv;
+ int retval;
tv.tv_sec = tunable_data_connection_timeout;
tv.tv_usec = 0;
- setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
+ retval = setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
+ if (retval != 0)
+ {
+ die("setsockopt: rcvtimeo");
+ }
}
void
--
2.14.4

108
0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
View file

@ -1,108 +0,0 @@
From c7ac05fdf2a7b53d901bfc3afeb9a61916aaaaf1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Wed, 9 May 2018 20:26:37 +0200
Subject: [PATCH 55/59] vsf_sysutil_get_tz: Check the return value of syscalls
Check the return value of syscalls. There's always the possibility that
they'll fail. (Failure of close() is not handled though, apart from EINTR.
The file is open read-only so it shouldn't fail, and even if it does,
it's not tragic.)
We return NULL in case of syscall failure. One might be tempted to simply
call die() when any kind of error occurs when parsing the timezone data,
but I think it's more in line with the behaviour of tzset(3) not to do
anything drastic in such a case (tzset() will silently use UTC when
the value given in the TZ environment variable is invalid).
---
sysutil.c | 46 +++++++++++++++++++++++++++++++++++++---------
1 file changed, 37 insertions(+), 9 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index de5f876..fd07d99 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -2647,12 +2647,12 @@ error:
die("reopening standard file descriptors to /dev/null failed");
}
-char* vsf_sysutil_get_tz()
+char* vsf_sysutil_get_tz(void)
{
char *ret_tz = NULL;
char buff[BUFTZSIZ];
off_t s_pos, e_pos;
- size_t rcnt, rest;
+ ssize_t rcnt, rest;
int fd;
if ((fd = open(F_LOCALTIME, O_RDONLY)) > -1)
@@ -2663,8 +2663,12 @@ char* vsf_sysutil_get_tz()
return NULL;
}
s_pos = e_pos > BUFTZSIZ ? e_pos - BUFTZSIZ : 0;
- lseek(fd, s_pos, SEEK_SET);
- rcnt = read(fd, buff, BUFTZSIZ);
+ if (lseek(fd, s_pos, SEEK_SET) == -1 ||
+ (rcnt = vsf_sysutil_read(fd, buff, BUFTZSIZ)) == -1)
+ {
+ close(fd);
+ return NULL;
+ }
if (rcnt && buff[rcnt-1] == '\n')
{
@@ -2680,10 +2684,25 @@ char* vsf_sysutil_get_tz()
int len = e_pos - s_pos - offset;
if (len)
{
- lseek(fd, s_pos + offset, SEEK_SET);
+ if (lseek(fd, s_pos + offset, SEEK_SET) == -1)
+ {
+ close(fd);
+ return NULL;
+ }
ret_tz = calloc(1, len+4);
+ if (ret_tz == NULL)
+ {
+ close(fd);
+ return NULL;
+ }
memcpy(ret_tz, "TZ=", 3);
- rcnt = read(fd, ret_tz+3, len);
+ rcnt = vsf_sysutil_read(fd, ret_tz+3, len);
+ if (rcnt == -1)
+ {
+ free(ret_tz);
+ close(fd);
+ return NULL;
+ }
}
break;
}
@@ -2693,11 +2712,20 @@ char* vsf_sysutil_get_tz()
}
rest = s_pos > BUFTZSIZ ? s_pos - BUFTZSIZ : 0;
s_pos -= rest;
- lseek(fd, s_pos, SEEK_SET);
- rcnt = read(fd, buff, rest);
+ if (lseek(fd, s_pos, SEEK_SET) == -1)
+ {
+ close(fd);
+ return NULL;
+ }
+ rcnt = vsf_sysutil_read(fd, buff, rest);
+ if (rcnt == -1)
+ {
+ close(fd);
+ return NULL;
+ }
} while (rcnt > 0);
- close (fd);
+ (void) vsf_sysutil_close_errno(fd);
}
return ret_tz;
--
2.14.4

206
0056-Log-die-calls-to-syslog.patch
View file

@ -1,206 +0,0 @@
From ee6af258e8cb1a7fada5e6d3e54429b89f12b158 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 15 Jun 2018 12:02:21 +0200
Subject: [PATCH 56/59] Log die() calls to syslog
Pass messages given to die(), die2() and bug() to syslog. Currently this
functionality requires waiting for a short amount of time (1 second is
used) after logging the message and before exiting. This is a workaround
for the following systemd bug:
https://github.com/systemd/systemd/issues/2913
The need for this workaround is the main reason why I decided not to
enable this functionality by default.
Resolves: rhbz#1318198
Resolves: rhbz#1582672
---
logging.c | 13 +++++++++----
logging.h | 2 ++
main.c | 4 ++++
parseconf.c | 1 +
tcpwrap.c | 3 ---
tunables.c | 2 ++
tunables.h | 2 ++
utility.c | 11 +++++++++++
vsftpd.conf.5 | 10 ++++++++++
9 files changed, 41 insertions(+), 7 deletions(-)
diff --git a/logging.c b/logging.c
index c4461f7..9e86808 100644
--- a/logging.c
+++ b/logging.c
@@ -30,10 +30,6 @@ static void vsf_log_do_log_to_file(int fd, struct mystr* p_str);
void
vsf_log_init(struct vsf_session* p_sess)
{
- if (tunable_syslog_enable || tunable_tcp_wrappers)
- {
- vsf_sysutil_openlog(0);
- }
if (!tunable_xferlog_enable && !tunable_dual_log_enable)
{
return;
@@ -389,3 +385,12 @@ vsf_log_do_log_vsftpd_format(struct vsf_session* p_sess, struct mystr* p_str,
}
}
+void
+vsf_log_die(const char* p_text)
+{
+ struct mystr log_str = INIT_MYSTR;
+
+ str_append_text(&log_str, "ERROR: ");
+ str_append_text(&log_str, p_text);
+ str_syslog(&log_str, 1);
+}
diff --git a/logging.h b/logging.h
index 1ff57d1..75f06c1 100644
--- a/logging.h
+++ b/logging.h
@@ -91,5 +91,7 @@ void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
void vsf_log_failed_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
struct mystr* p_str);
+void vsf_log_die(const char* p_text);
+
#endif /* VSF_LOGGING_H */
diff --git a/main.c b/main.c
index f039081..1178d44 100644
--- a/main.c
+++ b/main.c
@@ -120,6 +120,10 @@ main(int argc, const char* argv[])
}
vsf_sysutil_free(p_statbuf);
}
+ if (tunable_log_die || tunable_syslog_enable || tunable_tcp_wrappers)
+ {
+ vsf_sysutil_openlog(0);
+ }
/* Resolve pasv_address if required */
if (tunable_pasv_address && tunable_pasv_addr_resolve)
{
diff --git a/parseconf.c b/parseconf.c
index 47b54f1..aeb401a 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -112,6 +112,7 @@ parseconf_bool_array[] =
{ "seccomp_sandbox", &tunable_seccomp_sandbox },
{ "allow_writeable_chroot", &tunable_allow_writeable_chroot },
{ "better_stou", &tunable_better_stou },
+ { "log_die", &tunable_log_die },
{ 0, 0 }
};
diff --git a/tcpwrap.c b/tcpwrap.c
index 5bf57d3..132b771 100644
--- a/tcpwrap.c
+++ b/tcpwrap.c
@@ -27,15 +27,12 @@ int
vsf_tcp_wrapper_ok(int remote_fd)
{
struct request_info req;
- vsf_sysutil_openlog(0);
request_init(&req, RQ_DAEMON, "vsftpd", RQ_FILE, remote_fd, 0);
fromhost(&req);
if (!hosts_access(&req))
{
- vsf_sysutil_closelog();
return 0;
}
- vsf_sysutil_closelog();
return 1;
}
diff --git a/tunables.c b/tunables.c
index 5ec2bdc..63de8e6 100644
--- a/tunables.c
+++ b/tunables.c
@@ -93,6 +93,7 @@ int tunable_http_enable;
int tunable_seccomp_sandbox;
int tunable_allow_writeable_chroot;
int tunable_better_stou;
+int tunable_log_die;
unsigned int tunable_accept_timeout;
unsigned int tunable_connect_timeout;
@@ -241,6 +242,7 @@ tunables_load_defaults()
tunable_seccomp_sandbox = 0;
tunable_allow_writeable_chroot = 0;
tunable_better_stou = 0;
+ tunable_log_die = 0;
tunable_accept_timeout = 60;
tunable_connect_timeout = 60;
diff --git a/tunables.h b/tunables.h
index 85ea1a8..8a4b8b2 100644
--- a/tunables.h
+++ b/tunables.h
@@ -96,6 +96,8 @@ extern int tunable_allow_writeable_chroot; /* Allow misconfiguration */
extern int tunable_better_stou; /* Use better file name generation
* algorithm for the STOU command
*/
+extern int tunable_log_die; /* Log calls to die(), die2()
+ * and bug() */
/* Integer/numeric defines */
extern unsigned int tunable_accept_timeout;
diff --git a/utility.c b/utility.c
index 5fd714d..75e5bdd 100644
--- a/utility.c
+++ b/utility.c
@@ -9,6 +9,8 @@
#include "sysutil.h"
#include "str.h"
#include "defs.h"
+#include "logging.h"
+#include "tunables.h"
#define DIE_DEBUG
@@ -41,11 +43,20 @@ void
bug(const char* p_text)
{
/* Rats. Try and write the reason to the network for diagnostics */
+ if (tunable_log_die)
+ {
+ vsf_log_die(p_text);
+ }
vsf_sysutil_activate_noblock(VSFTP_COMMAND_FD);
(void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "500 OOPS: ", 10);
(void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, p_text,
vsf_sysutil_strlen(p_text));
(void) vsf_sysutil_write_loop(VSFTP_COMMAND_FD, "\r\n", 2);
+ if (tunable_log_die)
+ {
+ /* Workaround for https://github.com/systemd/systemd/issues/2913 */
+ vsf_sysutil_sleep(1.0);
+ }
vsf_sysutil_exit(2);
}
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index e9ae474..f246906 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -358,6 +358,16 @@ wanting to e.g. append a file.
Default: YES
.TP
+.B log_die
+Log an error to syslog when some error condition occurs and vsftpd decides
+to quit. Internally, the error messages given to the functions die(), die2()
+and bug() are passed to syslog. Currently this functionality requires waiting
+for a short amount of time (1 second is used) after logging the message and
+before exiting. This is a workaround for the following systemd bug:
+https://github.com/systemd/systemd/issues/2913
+
+Default: NO
+.TP
.B log_ftp_protocol
When enabled, all FTP requests and responses are logged, providing the option
xferlog_std_format is not enabled. Useful for debugging.
--
2.14.4

27
0057-Improve-error-message-when-max-number-of-bind-attemp.patch
View file

@ -1,27 +0,0 @@
From 380e40930661d643c865bace4e1791ca8f9d74cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Mon, 18 Jun 2018 14:01:46 +0200
Subject: [PATCH 57/59] Improve error message when max number of bind attempts
is exceeded
Resolves: rhbz#1318198
---
privops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/privops.c b/privops.c
index e577a27..010d28d 100644
--- a/privops.c
+++ b/privops.c
@@ -183,7 +183,7 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess)
}
if (!bind_retries)
{
- die("vsf_sysutil_bind");
+ die("vsf_sysutil_bind, maximum number of attempts to find a listening port exceeded");
}
return the_port;
}
--
2.14.4

103
0058-Make-the-max-number-of-bind-retries-tunable.patch
View file

@ -1,103 +0,0 @@
From be7c2d639127dd8af0139caf94f8c29f431d3753 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Mon, 18 Jun 2018 10:13:48 +0200
Subject: [PATCH 58/59] Make the max number of bind retries tunable
Resolves: rhbz#1318198
---
parseconf.c | 1 +
privops.c | 8 ++++++--
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 5 +++++
5 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index aeb401a..3cfe7da 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -143,6 +143,7 @@ parseconf_uint_array[] =
{ "delay_successful_login", &tunable_delay_successful_login },
{ "max_login_fails", &tunable_max_login_fails },
{ "chown_upload_mode", &tunable_chown_upload_mode },
+ { "bind_retries", &tunable_bind_retries },
{ 0, 0 }
};
diff --git a/privops.c b/privops.c
index 010d28d..83b25c7 100644
--- a/privops.c
+++ b/privops.c
@@ -120,8 +120,8 @@ unsigned short
vsf_privop_pasv_listen(struct vsf_session* p_sess)
{
static struct vsf_sysutil_sockaddr* s_p_sockaddr;
- int bind_retries = 10;
- unsigned short the_port;
+ int bind_retries = tunable_bind_retries + 1;
+ unsigned short the_port = 0;
/* IPPORT_RESERVED */
unsigned short min_port = 1024;
unsigned short max_port = 65535;
@@ -131,6 +131,10 @@ vsf_privop_pasv_listen(struct vsf_session* p_sess)
die("listed fd already active");
}
+ if (bind_retries < 2)
+ {
+ bind_retries = 2;
+ }
if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port)
{
min_port = (unsigned short) tunable_pasv_min_port;
diff --git a/tunables.c b/tunables.c
index 63de8e6..a7ce9c8 100644
--- a/tunables.c
+++ b/tunables.c
@@ -115,6 +115,7 @@ unsigned int tunable_delay_failed_login;
unsigned int tunable_delay_successful_login;
unsigned int tunable_max_login_fails;
unsigned int tunable_chown_upload_mode;
+unsigned int tunable_bind_retries;
const char* tunable_secure_chroot_dir;
const char* tunable_ftp_username;
@@ -268,6 +269,7 @@ tunables_load_defaults()
tunable_max_login_fails = 3;
/* -rw------- */
tunable_chown_upload_mode = 0600;
+ tunable_bind_retries = 9;
install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
install_str_setting("ftp", &tunable_ftp_username);
diff --git a/tunables.h b/tunables.h
index 8a4b8b2..029d645 100644
--- a/tunables.h
+++ b/tunables.h
@@ -120,6 +120,7 @@ extern unsigned int tunable_delay_failed_login;
extern unsigned int tunable_delay_successful_login;
extern unsigned int tunable_max_login_fails;
extern unsigned int tunable_chown_upload_mode;
+extern unsigned int tunable_bind_retries;
/* String defines */
extern const char* tunable_secure_chroot_dir;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index f246906..ce3fba3 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -760,6 +760,11 @@ value will be treated as a base 10 integer!
Default: 077
.TP
+.B bind_retries
+Maximum number of attempts to find a free listening port in passive mode.
+
+Default: 9
+.TP
.B chown_upload_mode
The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6).
--
2.14.4

58
0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch
View file

@ -1,58 +0,0 @@
From 970711fde95bee3de1e4a5e0b557c3132d0c3e3f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Tue, 6 Feb 2018 11:39:01 +0100
Subject: [PATCH 59/59] Fix SEGFAULT when running in a container as PID 1
When vsftpd is running in a container as PID 1, it is possible
that it will get SIGCHILD for processes, which were not directly
created by it, but by some of its children. These processes will
not be in the s_p_pid_ip_hash hash table, and thus trying to
delete the entry from the hash table in standalone.c:handle_sigchld()
will result in segmentation fault.
I can quite easily reproduce it with the upstream vsftpd and default
configuration, except for isolate=NO and isolate_network=NO being set
(it seems to me that network namespaces take a long time to create
and destroy, which hides the race condition), on a quad-core machine.
When connecting to vsftpd in a loop like this:
$ while true; do echo -en '' | nc localhost 21; done
vsftpd crashes after a couple of seconds.
---
standalone.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/standalone.c b/standalone.c
index 3b65ea2..3f35e9e 100644
--- a/standalone.c
+++ b/standalone.c
@@ -270,13 +270,21 @@ handle_sigchld(void* duff)
if (reap_one)
{
struct vsf_sysutil_ipaddr* p_ip;
- /* Account total number of instances */
- --s_children;
- /* Account per-IP limit */
p_ip = (struct vsf_sysutil_ipaddr*)
hash_lookup_entry(s_p_pid_ip_hash, (void*)&reap_one);
- drop_ip_count(p_ip);
- hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one);
+ /* If we are running in a container as PID 1, it is possible
+ * that we will get SIGCHILD for processes, which were not
+ * created directly by our process and which are not in the
+ * s_p_pid_ip_hash hash table.
+ */
+ if (p_ip)
+ {
+ /* Account total number of instances */
+ --s_children;
+ /* Account per-IP limit */
+ drop_ip_count(p_ip);
+ hash_free_entry(s_p_pid_ip_hash, (void*)&reap_one);
+ }
}
}
}
--
2.14.4

25
0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch
View file

@ -1,25 +0,0 @@
From f3a745be207831ebd07add16e66ac2b43a743dc1 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Fri, 24 Jan 2025 11:42:39 +0100
Subject: [PATCH] Correct the definition of setup_bio_callbacks() in ssl.c
---
ssl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ssl.c b/ssl.c
index e518097..02ed489 100644
--- a/ssl.c
+++ b/ssl.c
@@ -36,7 +36,7 @@
static char* get_ssl_error();
static SSL* get_ssl(struct vsf_session* p_sess, int fd);
static int ssl_session_init(struct vsf_session* p_sess);
-static void setup_bio_callbacks();
+static void setup_bio_callbacks(SSL* p_ssl);
static long bio_callback(
BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed);
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
--
2.48.1

1
ci.fmf
View file

@ -1 +0,0 @@
resultsdb-testcase: separate

27
fix-str_open.patch
View file

@ -1,27 +0,0 @@
--- sysstr-orig.c 2022-07-27 09:44:52.606408000 +0200
+++ sysstr.c 2022-07-27 09:54:24.043081352 +0200
@@ -74,19 +74,11 @@
int
str_open(const struct mystr* p_str, const enum EVSFSysStrOpenMode mode)
{
- enum EVSFSysUtilOpenMode open_mode = kVSFSysUtilOpenUnknown;
- switch (mode)
- {
- case kVSFSysStrOpenReadOnly:
- open_mode = kVSFSysUtilOpenReadOnly;
- break;
- case kVSFSysStrOpenUnknown:
- /* Fall through */
- default:
- bug("unknown mode value in str_open");
- break;
- }
- return vsf_sysutil_open_file(str_getbuf(p_str), open_mode);
+ if (mode == kVSFSysStrOpenReadOnly)
+ return vsf_sysutil_open_file(str_getbuf(p_str), kVSFSysUtilOpenReadOnly);
+
+ bug("unknown mode value in str_open");
+ return -1;
}
int

26
gating.yaml
View file

@ -1,26 +0,0 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#Rawhide
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_stable
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#gating rhel
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}

47
plans.fmf
View file

@ -1,47 +0,0 @@
/tier1-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/tier1/internal
adjust:
enabled: false
when: distro == centos-stream, fedora
because: They don't have access to internal repos.
/tier1-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/tier1/public
/tier2-tier3-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/tier2-tier3/internal
adjust:
enabled: false
when: distro == centos-stream, fedora
because: They don't have access to internal repos.
/tier2-tier3-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/tier2-tier3/public
/others-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/others/internal
adjust:
enabled: false
when: distro == centos-stream, fedora
because: They don't have access to internal repos.
/others-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/vsftpd.git
name: /plans/others/public

2
sources
View file

@ -1 +1 @@
SHA512 (vsftpd-3.0.5.tar.gz) = 9e9f9bde8c460fbc6b1d29ca531327fb2e40e336358f1cc19e1da205ef81b553719a148ad4613ceead25499d1ac3f03301a0ecd3776e5c228acccb7f9461a7ee
8b00c749719089401315bd3c44dddbb2 vsftpd-3.0.2.tar.gz

12
vsftpd-2.1.0-build_ssl.patch Normal file
View file

@ -0,0 +1,12 @@
diff -up vsftpd-2.1.0/builddefs.h.build_ssl vsftpd-2.1.0/builddefs.h
--- vsftpd-2.1.0/builddefs.h.build_ssl 2009-01-08 18:49:33.000000000 +0100
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:49:41.000000000 +0100
@@ -3,7 +3,7 @@
#undef VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
-#undef VSF_BUILD_SSL
+#define VSF_BUILD_SSL
#endif /* VSF_BUILDDEFS_H */

392
0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch → vsftpd-2.1.0-configuration.patch
View file

@ -1,56 +1,18 @@
From fff93602a4b252be8d674e27083dde68a7acf038 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 13:46:03 +0200
Subject: [PATCH 04/59] Use /etc/vsftpd/ dir for config files instead of /etc.
---
EXAMPLE/INTERNET_SITE/README | 6 +++---
EXAMPLE/INTERNET_SITE_NOINETD/README | 4 ++--
EXAMPLE/PER_IP_CONFIG/README | 4 ++--
EXAMPLE/VIRTUAL_USERS/README | 14 +++++++-------
FAQ | 8 ++++----
INSTALL | 10 +++++-----
README | 5 +++++
defs.h | 2 +-
tunables.c | 10 +++++-----
vsftpd.8 | 10 +++++-----
vsftpd.conf | 20 +++++++++++++-------
vsftpd.conf.5 | 22 +++++++++++-----------
12 files changed, 63 insertions(+), 52 deletions(-)
diff --git a/EXAMPLE/INTERNET_SITE/README b/EXAMPLE/INTERNET_SITE/README
index 12b10a5..fe3d7ca 100644
--- a/EXAMPLE/INTERNET_SITE/README
+++ b/EXAMPLE/INTERNET_SITE/README
@@ -41,13 +41,13 @@ no_access = 192.168.1.3
As an example of how to ban certain sites from connecting, 192.168.1.3 will
be denied access.
diff -up vsftpd-2.2.0/defs.h.configuration vsftpd-2.2.0/defs.h
--- vsftpd-2.2.0/defs.h.configuration 2009-01-07 21:22:22.000000000 +0100
+++ vsftpd-2.2.0/defs.h 2009-08-04 07:37:01.000000000 +0200
@@ -1,7 +1,7 @@
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
-banner_fail = /etc/vsftpd.busy_banner
+banner_fail = /etc/vsftpd/busy_banner
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
This is the file to display to users if the connection is refused for whatever
reason (too many users, IP banned).
#define VSFTP_COMMAND_FD 0
Example of how to populate it:
-echo "421 Server busy, please try later." > /etc/vsftpd.busy_banner
+echo "421 Server busy, please try later." > /etc/vsftpd/busy_banner
log_on_success += PID HOST DURATION
log_on_failure += HOST
@@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration file.
An example file is supplied. Install it like this:
-cp vsftpd.conf /etc
+cp vsftpd.conf /etc/vsftpd
Let's example the contents of the file:
diff --git a/EXAMPLE/INTERNET_SITE_NOINETD/README b/EXAMPLE/INTERNET_SITE_NOINETD/README
index ce17af2..9198c5f 100644
--- a/EXAMPLE/INTERNET_SITE_NOINETD/README
+++ b/EXAMPLE/INTERNET_SITE_NOINETD/README
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE_NOINETD/README 2009-08-04 07:37:01.000000000 +0200
@@ -17,7 +17,7 @@ even per-connect-IP configurability.
To use this example config:
@ -67,11 +29,38 @@ index ce17af2..9198c5f 100644
-vsftpd /etc/vsftpd.conf.site1 &
+vsftpd /etc/vsftpd/vsftpd.conf.site1 &
diff --git a/EXAMPLE/PER_IP_CONFIG/README b/EXAMPLE/PER_IP_CONFIG/README
index a9ef352..34924d5 100644
--- a/EXAMPLE/PER_IP_CONFIG/README
+++ b/EXAMPLE/PER_IP_CONFIG/README
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc/hosts.allow.
diff -up vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README
--- vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/INTERNET_SITE/README 2009-08-04 07:37:01.000000000 +0200
@@ -41,13 +41,13 @@ no_access = 192.168.1.3
As an example of how to ban certain sites from connecting, 192.168.1.3 will
be denied access.
-banner_fail = /etc/vsftpd.busy_banner
+banner_fail = /etc/vsftpd/busy_banner
This is the file to display to users if the connection is refused for whatever
reason (too many users, IP banned).
Example of how to populate it:
-echo "421 Server busy, please try later." > /etc/vsftpd.busy_banner
+echo "421 Server busy, please try later." > /etc/vsftpd/busy_banner
log_on_success += PID HOST DURATION
log_on_failure += HOST
@@ -62,7 +62,7 @@ Step 2) Set up your vsftpd configuration
An example file is supplied. Install it like this:
-cp vsftpd.conf /etc
+cp vsftpd.conf /etc/vsftpd
Let's example the contents of the file:
diff -up vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README
--- vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/PER_IP_CONFIG/README 2009-08-04 07:37:01.000000000 +0200
@@ -20,12 +20,12 @@ directory: hosts.allow. It lives at /etc
Let's have a look at the example:
@ -86,11 +75,10 @@ index a9ef352..34924d5 100644
applied ON TOP of the default vsftpd.conf.
This is obviously very powerful. You might use this to apply different
access restrictions for some IPs (e.g. the ability to upload).
diff --git a/EXAMPLE/VIRTUAL_USERS/README b/EXAMPLE/VIRTUAL_USERS/README
index b48995d..72972fa 100644
--- a/EXAMPLE/VIRTUAL_USERS/README
+++ b/EXAMPLE/VIRTUAL_USERS/README
@@ -15,7 +15,7 @@ See example file "logins.txt" - this specifies "tom" with password "foo" and
diff -up vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README
--- vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README.configuration 2008-02-02 02:30:40.000000000 +0100
+++ vsftpd-2.2.0/EXAMPLE/VIRTUAL_USERS/README 2009-08-04 07:37:01.000000000 +0200
@@ -15,7 +15,7 @@ See example file "logins.txt" - this spe
"fred" with password "bar".
Whilst logged in as root, create the actual database file like this:
@ -99,7 +87,7 @@ index b48995d..72972fa 100644
(Requires the Berkeley db program installed).
NOTE: Many systems have multiple versions of "db" installed, so you may
need to use e.g. db3_load for correct operation. This is known to affect
@@ -23,10 +23,10 @@ some Debian systems. The core issue is that pam_userdb expects its login
@@ -23,10 +23,10 @@ some Debian systems. The core issue is t
database to be a specific db version (often db3, whereas db4 may be installed
on your system).
@ -112,7 +100,7 @@ index b48995d..72972fa 100644
For more information on maintaing your login database, look around for
documentation on "Berkeley DB", e.g.
@@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses your new database.
@@ -37,8 +37,8 @@ Step 2) Create a PAM file which uses you
See the example file vsftpd.pam. It contains two lines:
@ -135,11 +123,10 @@ index b48995d..72972fa 100644
Step 5) Start up vsftpd.
diff --git a/FAQ b/FAQ
index 59fe56b..0142a0d 100644
--- a/FAQ
+++ b/FAQ
@@ -35,7 +35,7 @@ needs this user to run bits of itself with no privilege.
diff -up vsftpd-2.2.0/FAQ.configuration vsftpd-2.2.0/FAQ
--- vsftpd-2.2.0/FAQ.configuration 2009-02-18 23:33:04.000000000 +0100
+++ vsftpd-2.2.0/FAQ 2009-08-04 07:37:01.000000000 +0200
@@ -34,7 +34,7 @@ needs this user to run bits of itself wi
Q) Help! Local users cannot log in.
A) There are various possible problems.
A1) By default, vsftpd disables any logins other than anonymous logins. Put
@ -148,7 +135,7 @@ index 59fe56b..0142a0d 100644
A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to
find out whether this has happened or not). If vsftpd links with PAM, then
you will need to have a PAM file installed for the vsftpd service. There is
@@ -47,12 +47,12 @@ system have a "shadow.h" file in the include path?
@@ -46,12 +46,12 @@ system have a "shadow.h" file in the inc
A4) If you are not using PAM, then vsftpd will do its own check for a valid
user shell in /etc/shells. You may need to disable this if you use an invalid
shell to disable logins other than FTP logins. Put check_shell=NO in your
@ -163,7 +150,7 @@ index 59fe56b..0142a0d 100644
Q) Help! What are the security implications referred to in the
"chroot_local_user" option?
@@ -88,7 +88,7 @@ A2) Alternatively, run as many copies as vsftpd as necessary, in standalone
@@ -87,7 +87,7 @@ A2) Alternatively, run as many copies as
mode. Use "listen_address=x.x.x.x" to set the virtual IP.
Q) Help! Does vsftpd support virtual users?
@ -172,10 +159,9 @@ index 59fe56b..0142a0d 100644
has the effect of mapping every non-anonymous successful login to the local
username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb
module to provide authentication against an external (i.e. non-/etc/passwd)
diff --git a/INSTALL b/INSTALL
index 4f811aa..93a8a81 100644
--- a/INSTALL
+++ b/INSTALL
diff -up vsftpd-2.2.0/INSTALL.configuration vsftpd-2.2.0/INSTALL
--- vsftpd-2.2.0/INSTALL.configuration 2008-02-02 02:30:39.000000000 +0100
+++ vsftpd-2.2.0/INSTALL 2009-08-04 07:37:01.000000000 +0200
@@ -56,14 +56,14 @@ cp vsftpd.8 /usr/local/man/man8
"make install" doesn't copy the sample config file. It is recommended you
@ -208,11 +194,10 @@ index 4f811aa..93a8a81 100644
The default configuration allows neither local user logins nor anonymous
uploads. You may wish to change these defaults.
diff --git a/README b/README
index 86643c1..adc7f42 100644
--- a/README
+++ b/README
@@ -37,3 +37,8 @@ All configuration options are documented in the manual page vsftpd.conf.5.
diff -up vsftpd-2.2.0/README.configuration vsftpd-2.2.0/README
--- vsftpd-2.2.0/README.configuration 2009-07-07 22:23:22.000000000 +0200
+++ vsftpd-2.2.0/README 2009-08-04 07:37:01.000000000 +0200
@@ -37,3 +37,8 @@ All configuration options are documented
Various example configurations are discussed in the EXAMPLE directory.
Frequently asked questions are tackled in the FAQ file.
@ -221,24 +206,10 @@ index 86643c1..adc7f42 100644
+The location of configuration files was changed to /etc/vsftpd/. If you want
+to migrate your old conf files from /etc (files vsftpd.xxxx.rpmsave) use
+/etc/vsfptd/vsftpd_conf_migrate.sh
diff --git a/defs.h b/defs.h
index 0ff5864..ca11eac 100644
--- a/defs.h
+++ b/defs.h
@@ -1,7 +1,7 @@
#ifndef VSF_DEFS_H
#define VSF_DEFS_H
-#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd.conf"
+#define VSFTP_DEFAULT_CONFIG "/etc/vsftpd/vsftpd.conf"
#define VSFTP_COMMAND_FD 0
diff --git a/tunables.c b/tunables.c
index 284a10d..0ac4c34 100644
--- a/tunables.c
+++ b/tunables.c
@@ -190,7 +190,7 @@ tunables_load_defaults()
diff -up vsftpd-2.2.0/tunables.c.configuration vsftpd-2.2.0/tunables.c
--- vsftpd-2.2.0/tunables.c.configuration 2009-07-15 22:08:27.000000000 +0200
+++ vsftpd-2.2.0/tunables.c 2009-08-04 07:37:01.000000000 +0200
@@ -186,7 +186,7 @@ tunables_load_defaults()
tunable_listen_ipv6 = 0;
tunable_dual_log_enable = 0;
tunable_syslog_enable = 0;
@ -247,7 +218,7 @@ index 284a10d..0ac4c34 100644
tunable_virtual_use_local_privs = 0;
tunable_session_support = 0;
tunable_download_enable = 1;
@@ -262,11 +262,11 @@ tunables_load_defaults()
@@ -254,11 +254,11 @@ tunables_load_defaults()
install_str_setting(".message", &tunable_message_file);
install_str_setting("nobody", &tunable_nopriv_user);
install_str_setting(0, &tunable_ftpd_banner);
@ -262,7 +233,7 @@ index 284a10d..0ac4c34 100644
install_str_setting(0, &tunable_anon_root);
install_str_setting(0, &tunable_local_root);
install_str_setting(0, &tunable_banner_file);
@@ -279,7 +279,7 @@ tunables_load_defaults()
@@ -271,7 +271,7 @@ tunables_load_defaults()
install_str_setting(0, &tunable_hide_file);
install_str_setting(0, &tunable_deny_file);
install_str_setting(0, &tunable_user_sub_token);
@ -271,11 +242,10 @@ index 284a10d..0ac4c34 100644
&tunable_email_password_file);
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
diff --git a/vsftpd.8 b/vsftpd.8
index 6640b57..c920e7d 100644
--- a/vsftpd.8
+++ b/vsftpd.8
@@ -21,7 +21,7 @@ itself will listen on the network. This latter mode is easier to use, and
diff -up vsftpd-2.2.0/vsftpd.8.configuration vsftpd-2.2.0/vsftpd.8
--- vsftpd-2.2.0/vsftpd.8.configuration 2009-07-17 22:56:23.000000000 +0200
+++ vsftpd-2.2.0/vsftpd.8 2009-08-04 07:40:27.000000000 +0200
@@ -21,7 +21,7 @@ itself will listen on the network. This
recommended. It is activated by setting
.Pa listen=YES
in
@ -284,7 +254,7 @@ index 6640b57..c920e7d 100644
Direct execution of the
.Nm vsftpd
binary will then launch the FTP service ready for immediate client connections.
@@ -33,7 +33,7 @@ as root. Any command line option not starting with a "-" character is treated
@@ -33,7 +33,7 @@ as root. Any command line option not sta
as a config file that will be loaded. Note that config files are loaded in the
strict order that they are encountered on the command line.
If no config files are specified, the default configuration file of
@ -293,7 +263,7 @@ index 6640b57..c920e7d 100644
will be loaded, after all other command line options are processed.
.Pp
Supported options are:
@@ -47,14 +47,14 @@ their appearance on the command line, including intermingling with loading of
@@ -47,14 +47,14 @@ their appearance on the command line, in
config files.
.El
.Sh EXAMPLES
@ -311,10 +281,105 @@ index 6640b57..c920e7d 100644
.Sh SEE ALSO
.Xr vsftpd.conf 5
.end
diff --git a/vsftpd.conf b/vsftpd.conf
index cc1c607..db44170 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
diff -up vsftpd-2.2.0/vsftpd.conf.5.configuration vsftpd-2.2.0/vsftpd.conf.5
--- vsftpd-2.2.0/vsftpd.conf.5.configuration 2009-07-17 22:57:04.000000000 +0200
+++ vsftpd-2.2.0/vsftpd.conf.5 2009-08-04 07:37:01.000000000 +0200
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory up
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless th
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -801,7 +801,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -862,7 +862,7 @@ This option can be used to provide an al
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -985,10 +985,10 @@ the manual page, on a per-user basis. Us
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1024,7 +1024,7 @@ This option is the name of the file load
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--- vsftpd-2.2.2/vsftpd.conf.configuration 2009-10-19 04:04:23.000000000 +0200
+++ vsftpd-2.2.2/vsftpd.conf 2010-08-06 09:28:44.891173995 +0200
@@ -1,4 +1,4 @@
-# Example config file /etc/vsftpd.conf
+# Example config file /etc/vsftpd/vsftpd.conf
@ -345,7 +410,7 @@ index cc1c607..db44170 100644
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
@@ -52,7 +54,7 @@ connect_from_port_20=YES
@@ -52,7 +54,7 @@
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
@ -354,7 +419,7 @@ index cc1c607..db44170 100644
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
@@ -87,7 +89,7 @@ connect_from_port_20=YES
@@ -87,7 +89,7 @@
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
@ -363,7 +428,7 @@ index cc1c607..db44170 100644
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
@@ -98,7 +100,7 @@ connect_from_port_20=YES
@@ -95,7 +97,7 @@
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
@ -372,7 +437,7 @@ index cc1c607..db44170 100644
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
@@ -115,3 +117,7 @@ listen=YES
@@ -112,3 +114,7 @@
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
@ -380,104 +445,3 @@ index cc1c607..db44170 100644
+pam_service_name=vsftpd
+userlist_enable=YES
+tcp_wrappers=YES
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index fcc6022..5e46a2f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -4,7 +4,7 @@ vsftpd.conf \- config file for vsftpd
.SH DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By
default, vsftpd looks for this file at the location
-.BR /etc/vsftpd.conf .
+.BR /etc/vsftpd/vsftpd.conf .
However, you may override this by specifying a command line argument to
vsftpd. The command line argument is the pathname of the configuration file
for vsftpd. This behaviour is useful because you may wish to use an advanced
@@ -110,7 +110,7 @@ When enabled, and vsftpd is started in "listen" mode, vsftpd will background
the listener process. i.e. control will immediately be returned to the shell
which launched vsftpd.
-Default: NO
+Default: YES
.TP
.B check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled,
@@ -138,7 +138,7 @@ chroot() jail in their home directory upon login. The meaning is slightly
different if chroot_local_user is set to YES. In this case, the list becomes
a list of users which are NOT to be placed in a chroot() jail.
By default, the file containing this list is
-/etc/vsftpd.chroot_list, but you may override this with the
+/etc/vsftpd/chroot_list, but you may override this with the
.BR chroot_list_file
setting.
@@ -177,7 +177,7 @@ Default: NO
.B deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses
which cause login to be denied. By default, the file containing this list is
-/etc/vsftpd.banned_emails, but you may override this with the
+/etc/vsftpd/banned_emails, but you may override this with the
.BR banned_email_file
setting.
@@ -433,7 +433,7 @@ anonymous logins are prevented unless the password provided is listed in the
file specified by the
.BR email_password_file
setting. The file format is one password per line, no extra whitespace. The
-default filename is /etc/vsftpd.email_passwords.
+default filename is /etc/vsftpd/email_passwords.
Default: NO
.TP
@@ -764,7 +764,7 @@ passwords which are not permitted. This file is consulted if the option
.BR deny_email_enable
is enabled.
-Default: /etc/vsftpd.banned_emails
+Default: /etc/vsftpd/banned_emails
.TP
.B banner_file
This option is the name of a file containing text to display when someone
@@ -803,7 +803,7 @@ is enabled. If the option
is enabled, then the list file becomes a list of users to NOT place in a
chroot() jail.
-Default: /etc/vsftpd.chroot_list
+Default: /etvsftpd.confc/vsftpd.chroot_list
.TP
.B cmds_allowed
This options specifies a comma separated list of allowed FTP commands (post
@@ -864,7 +864,7 @@ This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
setting.
-Default: /etc/vsftpd.email_passwords
+Default: /etc/vsftpd/email_passwords
.TP
.B ftp_username
This is the name of the user we use for handling anonymous FTP. The home
@@ -987,10 +987,10 @@ the manual page, on a per-user basis. Usage is simple, and is best illustrated
with an example. If you set
.BR user_config_dir
to be
-.BR /etc/vsftpd_user_conf
+.BR /etc/vsftpd/user_conf
and then log on as the user "chris", then vsftpd will apply the settings in
the file
-.BR /etc/vsftpd_user_conf/chris
+.BR /etc/vsftpd/user_conf/chris
for the duration of the session. The format of this file is as detailed in
this manual page! PLEASE NOTE that not all settings are effective on a
per-user basis. For example, many settings only prior to the user's session
@@ -1026,7 +1026,7 @@ This option is the name of the file loaded when the
.BR userlist_enable
option is active.
-Default: /etc/vsftpd.user_list
+Default: /etc/vsftpd/user_list
.TP
.B vsftpd_log_file
This option is the name of the file to which we write the vsftpd style
--
2.14.4

76
0007-Make-filename-filters-smarter.patch → vsftpd-2.1.0-filter.patch
View file

@ -1,56 +1,24 @@
From 548375b2122f83771dc0b8571f16e5b5adabba98 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 10:04:31 +0200
Subject: [PATCH 07/59] Make filename filters smarter.
In the original version vsftpd was not able to prevent
users from downloading for instance /etc/passwd by
defining filters such as deny_file=/etc/passwd or /etc*
or passwd. Example of erroneous behavior:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /
250 Directory successfully changed.
ftp> cd /etc
550 Permission denied.
ftp> cd etc
250 Directory successfully changed.
ftp> get passwd
local: passwd remote: passwd
227 Entering Passive Mode (127,0,0,1,99,251)
150 Opening BINARY mode data connection for passwd (2813 bytes).
226 File send OK.
2813 bytes received in 0.00016 seconds (1.7e+04 Kbytes/s)
ftp> quit
221 Goodbye.
---
ls.c | 24 +++++++++++++++++++++++-
str.c | 11 +++++++++++
str.h | 1 +
3 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/ls.c b/ls.c
index 7e1376d..f489478 100644
--- a/ls.c
+++ b/ls.c
@@ -246,8 +246,30 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c
--- vsftpd-2.1.0/ls.c.filter 2008-02-02 02:30:41.000000000 +0100
+++ vsftpd-2.1.0/ls.c 2009-01-08 19:31:15.000000000 +0100
@@ -239,9 +239,31 @@ vsf_filename_passes_filter(const struct
int ret = 0;
char last_token = 0;
int must_match_at_current_pos = 1;
+
+
+
+
str_copy(&filter_remain_str, p_filter_str);
- str_copy(&name_remain_str, p_filename_str);
+
-
+
+ if (!str_isempty (&filter_remain_str) && !str_isempty(p_filename_str)) {
+ if (str_get_char_at(p_filter_str, 0) == '/') {
+ if (str_get_char_at(p_filename_str, 0) != '/') {
+ str_getcwd (&name_remain_str);
+
+
+ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */
+ str_append_char (&name_remain_str, '/');
+
+
+ str_append_str (&name_remain_str, p_filename_str);
+ }
+ else
@ -63,14 +31,14 @@ index 7e1376d..f489478 100644
+ }
+ } else
+ str_copy(&name_remain_str, p_filename_str);
+
while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
{
diff --git a/str.c b/str.c
index 6596204..ba4b92a 100644
--- a/str.c
+++ b/str.c
@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
static struct mystr s_match_needed_str;
diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c
--- vsftpd-2.1.0/str.c.filter 2008-12-17 06:54:16.000000000 +0100
+++ vsftpd-2.1.0/str.c 2009-01-08 19:31:15.000000000 +0100
@@ -680,3 +680,14 @@ str_replace_unprintable(struct mystr* p_
}
}
@ -85,11 +53,10 @@ index 6596204..ba4b92a 100644
+ if (str_isempty(d_str))
+ str_copy (d_str, path);
+}
diff --git a/str.h b/str.h
index ab0a9a4..3a21b50 100644
--- a/str.h
+++ b/str.h
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct mystr* p_str, char new_char);
diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h
--- vsftpd-2.1.0/str.h.filter 2008-12-17 06:53:23.000000000 +0100
+++ vsftpd-2.1.0/str.h 2009-01-08 19:32:14.000000000 +0100
@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst
int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str);
@ -97,6 +64,3 @@ index ab0a9a4..3a21b50 100644
/* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
* buffer, starting at character position 'p_pos'. The extracted line will
--
2.14.4

12
vsftpd-2.1.0-libs.patch Normal file
View file

@ -0,0 +1,12 @@
diff -up vsftpd-3.0.0/Makefile.libs vsftpd-3.0.0/Makefile
--- vsftpd-3.0.0/Makefile.libs 2012-04-03 09:21:18.000000000 +0200
+++ vsftpd-3.0.0/Makefile 2012-04-10 21:20:39.377248990 +0200
@@ -8,7 +8,7 @@ CFLAGS = -O2 -fPIE -fstack-protector --p
-D_FORTIFY_SOURCE=2 \
#-pedantic -Wconversion
-LIBS = `./vsf_findlibs.sh`
+LIBS = -lwrap -lnsl -lpam -lcap -ldl -lcrypto
LINK = -Wl,-s
LDFLAGS = -fPIE -pie -Wl,-z,relro -Wl,-z,now

32
0005-Use-hostname-when-calling-PAM-authentication-module.patch → vsftpd-2.1.0-pam_hostname.patch
View file

@ -1,21 +1,6 @@
From 08c49b78942d40c99fae8c40e7668aa73e1bd695 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Tue, 6 Sep 2016 15:01:23 +0200
Subject: [PATCH 05/59] Use hostname when calling PAM authentication module.
Currently the vsftpd passes all logins as IP addresses
into PAM. This prevents administrators from setting up
ACLs based on domain (e.g. .example.com). This patch
enables reverse host lookup and use hostname instead
of address if there is one.
---
sysdeputil.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index 06f01f4..b2782da 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
diff -up vsftpd-2.2.0/sysdeputil.c.pam_hostname vsftpd-2.2.0/sysdeputil.c
--- vsftpd-2.2.0/sysdeputil.c.pam_hostname 2009-08-08 03:51:10.000000000 +0200
+++ vsftpd-2.2.0/sysdeputil.c 2009-08-24 12:24:07.220623773 +0200
@@ -16,6 +16,10 @@
#include "tunables.h"
#include "builddefs.h"
@ -27,7 +12,7 @@ index 06f01f4..b2782da 100644
/* For Linux, this adds nothing :-) */
#include "port/porting_junk.h"
@@ -323,6 +327,10 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
@@ -325,6 +329,10 @@ vsf_sysdep_check_auth(struct mystr* p_us
const struct mystr* p_remote_host)
{
int retval = -1;
@ -38,7 +23,7 @@ index 06f01f4..b2782da 100644
pam_item_t item;
const char* pam_user_name = 0;
struct pam_conv the_conv =
@@ -346,7 +354,12 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
@@ -345,7 +353,12 @@ vsf_sysdep_check_auth(struct mystr* p_us
return 0;
}
#ifdef PAM_RHOST
@ -52,7 +37,7 @@ index 06f01f4..b2782da 100644
if (retval != PAM_SUCCESS)
{
(void) pam_end(s_pamh, retval);
@@ -559,7 +572,7 @@ vsf_sysdep_has_capabilities(void)
@@ -558,7 +571,7 @@ vsf_sysdep_has_capabilities(void)
}
return s_runtime_has_caps;
}
@ -61,7 +46,7 @@ index 06f01f4..b2782da 100644
#ifndef VSF_SYSDEP_HAVE_LIBCAP
static int
do_checkcap(void)
@@ -1081,7 +1094,7 @@ vsf_sysutil_recv_fd(const int sock_fd)
@@ -1080,7 +1093,7 @@ vsf_sysutil_recv_fd(const int sock_fd)
msg.msg_flags = 0;
/* In case something goes wrong, set the fd to -1 before the syscall */
p_fd = (int*)CMSG_DATA(CMSG_FIRSTHDR(&msg));
@ -70,6 +55,3 @@ index 06f01f4..b2782da 100644
retval = recvmsg(sock_fd, &msg, 0);
if (retval != 1)
{
--
2.14.4

12
vsftpd-2.1.0-tcp_wrappers.patch Normal file
View file

@ -0,0 +1,12 @@
diff -up vsftpd-2.1.0/builddefs.h.tcp_wrappers vsftpd-2.1.0/builddefs.h
--- vsftpd-2.1.0/builddefs.h.tcp_wrappers 2009-01-08 18:52:46.000000000 +0100
+++ vsftpd-2.1.0/builddefs.h 2009-01-08 18:52:56.000000000 +0100
@@ -1,7 +1,7 @@
#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H
-#undef VSF_BUILD_TCPWRAPPERS
+#define VSF_BUILD_TCPWRAPPERS
#define VSF_BUILD_PAM
#define VSF_BUILD_SSL

59
0009-Trim-whitespaces-when-reading-configuration.patch → vsftpd-2.1.0-trim.patch
View file

@ -1,21 +1,7 @@
From d024bc27cee40f21e6a3841266062408c44e56fb Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 10:35:54 +0200
Subject: [PATCH 09/59] Trim whitespaces when reading configuration.
---
parseconf.c | 2 +-
str.c | 12 ++++++++++++
str.h | 1 +
sysutil.c | 12 ++++++++++++
sysutil.h | 1 +
5 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/parseconf.c b/parseconf.c
index 385afd2..30df598 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -280,7 +280,7 @@ vsf_parseconf_load_setting(const char* p_setting, int errs_fatal)
diff -up vsftpd-2.2.0/parseconf.c.trim vsftpd-2.2.0/parseconf.c
--- vsftpd-2.2.0/parseconf.c.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/parseconf.c 2009-08-04 08:10:49.000000000 +0200
@@ -275,7 +275,7 @@ vsf_parseconf_load_setting(const char* p
}
else
{
@ -24,11 +10,10 @@ index 385afd2..30df598 100644
}
return;
}
diff --git a/str.c b/str.c
index ba4b92a..41b27db 100644
--- a/str.c
+++ b/str.c
@@ -104,6 +104,18 @@ str_strdup(const struct mystr* p_str)
diff -up vsftpd-2.2.0/str.c.trim vsftpd-2.2.0/str.c
--- vsftpd-2.2.0/str.c.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/str.c 2009-08-04 08:01:10.000000000 +0200
@@ -89,6 +89,18 @@ str_strdup(const struct mystr* p_str)
return vsf_sysutil_strdup(str_getbuf(p_str));
}
@ -47,11 +32,10 @@ index ba4b92a..41b27db 100644
void
str_alloc_alt_term(struct mystr* p_str, const char* p_src, char term)
{
diff --git a/str.h b/str.h
index 3a21b50..44270da 100644
--- a/str.h
+++ b/str.h
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str, unsigned long the_ulong);
diff -up vsftpd-2.2.0/str.h.trim vsftpd-2.2.0/str.h
--- vsftpd-2.2.0/str.h.trim 2009-08-04 08:01:10.000000000 +0200
+++ vsftpd-2.2.0/str.h 2009-08-04 08:01:10.000000000 +0200
@@ -31,6 +31,7 @@ void str_alloc_ulong(struct mystr* p_str
void str_alloc_filesize_t(struct mystr* p_str, filesize_t the_filesize);
void str_copy(struct mystr* p_dest, const struct mystr* p_src);
const char* str_strdup(const struct mystr* p_str);
@ -59,11 +43,10 @@ index 3a21b50..44270da 100644
void str_empty(struct mystr* p_str);
void str_free(struct mystr* p_str);
void str_trunc(struct mystr* p_str, unsigned int trunc_len);
diff --git a/sysutil.c b/sysutil.c
index 5cdb6ef..428a34a 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1035,6 +1035,18 @@ vsf_sysutil_strdup(const char* p_str)
diff -up vsftpd-2.2.0/sysutil.c.trim vsftpd-2.2.0/sysutil.c
--- vsftpd-2.2.0/sysutil.c.trim 2009-07-16 05:32:21.000000000 +0200
+++ vsftpd-2.2.0/sysutil.c 2009-08-04 08:01:10.000000000 +0200
@@ -1032,6 +1032,18 @@ vsf_sysutil_strdup(const char* p_str)
return strdup(p_str);
}
@ -82,10 +65,9 @@ index 5cdb6ef..428a34a 100644
void
vsf_sysutil_memclr(void* p_dest, unsigned int size)
{
diff --git a/sysutil.h b/sysutil.h
index c34778c..c2ddd15 100644
--- a/sysutil.h
+++ b/sysutil.h
diff -up vsftpd-2.2.0/sysutil.h.trim vsftpd-2.2.0/sysutil.h
--- vsftpd-2.2.0/sysutil.h.trim 2009-07-16 05:31:53.000000000 +0200
+++ vsftpd-2.2.0/sysutil.h 2009-08-04 08:01:10.000000000 +0200
@@ -186,6 +186,7 @@ int vsf_sysutil_wait_get_exitcode(
/* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text);
@ -94,6 +76,3 @@ index c34778c..c2ddd15 100644
void vsf_sysutil_memclr(void* p_dest, unsigned int size);
void vsf_sysutil_memcpy(void* p_dest, const void* p_src,
const unsigned int size);
--
2.14.4

95
0008-Write-denied-logins-into-the-log.patch → vsftpd-2.1.0-userlist_log.patch
View file

@ -1,25 +1,7 @@
From 75c172596aa9e7a9f32062579f7f98783341c924 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 10:17:17 +0200
Subject: [PATCH 08/59] Write denied logins into the log.
This patch adds a new option 'userlist_log'. If enabled,
every login denial based on the user list will be logged.
---
logging.c | 7 +++++++
logging.h | 11 +++++++++++
parseconf.c | 1 +
prelogin.c | 14 ++++++++++++++
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
7 files changed, 44 insertions(+)
diff --git a/logging.c b/logging.c
index ad531d6..99671b4 100644
--- a/logging.c
+++ b/logging.c
@@ -103,6 +103,13 @@ vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
diff -up vsftpd-2.1.0/logging.c.userlist_log vsftpd-2.1.0/logging.c
--- vsftpd-2.1.0/logging.c.userlist_log 2008-12-17 20:56:45.000000000 +0100
+++ vsftpd-2.1.0/logging.c 2009-02-24 09:12:42.000000000 +0100
@@ -95,6 +95,13 @@ vsf_log_line(struct vsf_session* p_sess,
vsf_log_common(p_sess, 1, what, p_str);
}
@ -33,11 +15,10 @@ index ad531d6..99671b4 100644
int
vsf_log_entry_pending(struct vsf_session* p_sess)
{
diff --git a/logging.h b/logging.h
index 48f88ec..1ff57d1 100644
--- a/logging.h
+++ b/logging.h
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session* p_sess, int succeeded);
diff -up vsftpd-2.1.0/logging.h.userlist_log vsftpd-2.1.0/logging.h
--- vsftpd-2.1.0/logging.h.userlist_log 2008-07-30 03:29:21.000000000 +0200
+++ vsftpd-2.1.0/logging.h 2009-02-24 09:12:42.000000000 +0100
@@ -80,5 +80,16 @@ void vsf_log_do_log(struct vsf_session*
void vsf_log_line(struct vsf_session* p_sess, enum EVSFLogEntryType what,
struct mystr* p_str);
@ -54,11 +35,10 @@ index 48f88ec..1ff57d1 100644
+
#endif /* VSF_LOGGING_H */
diff --git a/parseconf.c b/parseconf.c
index ea2242b..385afd2 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -91,6 +91,7 @@ parseconf_bool_array[] =
diff -up vsftpd-2.1.0/parseconf.c.userlist_log vsftpd-2.1.0/parseconf.c
--- vsftpd-2.1.0/parseconf.c.userlist_log 2008-12-18 07:21:41.000000000 +0100
+++ vsftpd-2.1.0/parseconf.c 2009-02-24 09:12:42.000000000 +0100
@@ -96,6 +96,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files },
{ "pasv_addr_resolve", &tunable_pasv_addr_resolve },
@ -66,11 +46,10 @@ index ea2242b..385afd2 100644
{ "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert },
{ "validate_cert", &tunable_validate_cert },
diff --git a/prelogin.c b/prelogin.c
index df4aade..1588bc1 100644
--- a/prelogin.c
+++ b/prelogin.c
@@ -246,6 +246,20 @@ handle_user_command(struct vsf_session* p_sess)
diff -up vsftpd-2.1.0/prelogin.c.userlist_log vsftpd-2.1.0/prelogin.c
--- vsftpd-2.1.0/prelogin.c.userlist_log 2009-02-18 23:23:53.000000000 +0100
+++ vsftpd-2.1.0/prelogin.c 2009-02-24 09:17:41.000000000 +0100
@@ -220,6 +220,20 @@ handle_user_command(struct vsf_session*
check_login_delay();
vsf_cmdio_write(p_sess, FTP_LOGINERR, "Permission denied.");
check_login_fails(p_sess);
@ -91,10 +70,9 @@ index df4aade..1588bc1 100644
str_empty(&p_sess->user_str);
return;
}
diff --git a/tunables.c b/tunables.c
index 0ac4c34..b30fca1 100644
--- a/tunables.c
+++ b/tunables.c
diff -up vsftpd-2.1.0/tunables.c.userlist_log vsftpd-2.1.0/tunables.c
--- vsftpd-2.1.0/tunables.c.userlist_log 2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/tunables.c 2009-02-24 09:12:42.000000000 +0100
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write;
int tunable_lock_upload_files;
@ -103,7 +81,7 @@ index 0ac4c34..b30fca1 100644
int tunable_debug_ssl;
int tunable_require_cert;
int tunable_validate_cert;
@@ -212,6 +213,7 @@ tunables_load_defaults()
@@ -206,6 +207,7 @@ tunables_load_defaults()
tunable_mdtm_write = 1;
tunable_lock_upload_files = 1;
tunable_pasv_addr_resolve = 0;
@ -111,11 +89,10 @@ index 0ac4c34..b30fca1 100644
tunable_debug_ssl = 0;
tunable_require_cert = 0;
tunable_validate_cert = 0;
diff --git a/tunables.h b/tunables.h
index 05d2456..e44d64c 100644
--- a/tunables.h
+++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
diff -up vsftpd-2.1.0/tunables.h.userlist_log vsftpd-2.1.0/tunables.h
--- vsftpd-2.1.0/tunables.h.userlist_log 2008-12-17 06:47:11.000000000 +0100
+++ vsftpd-2.1.0/tunables.h 2009-02-24 09:12:42.000000000 +0100
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl;
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -123,25 +100,21 @@ index 05d2456..e44d64c 100644
extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */
extern int tunable_validate_cert; /* SSL certs must be valid */
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 5e46a2f..9d767b1 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -586,6 +586,14 @@ Default: NO
If set to yes, all SSL client certificates received must validate OK.
Self-signed certs do not constitute OK validation. (New in v2.0.6).
diff -up vsftpd-2.1.0/vsftpd.conf.5.userlist_log vsftpd-2.1.0/vsftpd.conf.5
--- vsftpd-2.1.0/vsftpd.conf.5.userlist_log 2009-02-24 09:12:42.000000000 +0100
+++ vsftpd-2.1.0/vsftpd.conf.5 2009-02-24 09:12:42.000000000 +0100
@@ -585,6 +585,14 @@ Self-signed certs do not constitute OK v
+Default: NO
+.TP
Default: NO
.TP
+.B userlist_log
+This option is examined if
+.BR userlist_enable
+is activated. If enabled, every login denial based on the user list will be
+logged.
+
Default: NO
.TP
+Default: NO
+.TP
.B virtual_use_local_privs
--
2.14.4
If enabled, virtual users will use the same privileges as local users. By
default, virtual users will use the same privileges as anonymous users, which

52
0010-Improve-daemonizing.patch → vsftpd-2.1.1-daemonize_plus.patch
View file

@ -1,19 +1,6 @@
From 569e7078244470ac0fcc2af3947c2735338555ec Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 11:29:29 +0200
Subject: [PATCH 10/59] Improve daemonizing
Init script gets correct return code if binding fails.
---
standalone.c | 38 +++++++++++++++++++++++++++++++++++++-
sysutil.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sysutil.h | 7 ++++++-
3 files changed, 102 insertions(+), 2 deletions(-)
diff --git a/standalone.c b/standalone.c
index e0f2d5b..3b65ea2 100644
--- a/standalone.c
+++ b/standalone.c
diff -up vsftpd-2.1.1/standalone.c.daemonize_plus vsftpd-2.1.1/standalone.c
--- vsftpd-2.1.1/standalone.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/standalone.c 2009-05-10 22:11:24.000000000 +0200
@@ -26,6 +26,8 @@ static unsigned int s_ipaddr_size;
static void handle_sigchld(void* duff);
@ -48,7 +35,7 @@ index e0f2d5b..3b65ea2 100644
}
/* Son, close standard FDs to avoid SSH hang-on-exit */
vsf_sysutil_reopen_standard_fds();
@@ -99,6 +113,10 @@ vsf_standalone_main(void)
@@ -98,6 +112,10 @@ vsf_standalone_main(void)
{
die("could not bind listening IPv4 socket");
}
@ -59,7 +46,7 @@ index e0f2d5b..3b65ea2 100644
}
else
{
@@ -129,6 +147,10 @@ vsf_standalone_main(void)
@@ -127,6 +145,10 @@ vsf_standalone_main(void)
{
die("could not bind listening IPv6 socket");
}
@ -70,7 +57,7 @@ index e0f2d5b..3b65ea2 100644
}
vsf_sysutil_close(0);
vsf_sysutil_close(1);
@@ -268,6 +290,20 @@ handle_sighup(void* duff)
@@ -252,6 +274,20 @@ handle_sighup(void* duff)
vsf_parseconf_load_file(0, 0);
}
@ -91,11 +78,10 @@ index e0f2d5b..3b65ea2 100644
static unsigned int
hash_ip(unsigned int buckets, void* p_key)
{
diff --git a/sysutil.c b/sysutil.c
index 428a34a..c848356 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -201,6 +201,9 @@ vsf_sysutil_translate_sig(const enum EVSFSysUtilSignal sig)
diff -up vsftpd-2.1.1/sysutil.c.daemonize_plus vsftpd-2.1.1/sysutil.c
--- vsftpd-2.1.1/sysutil.c.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/sysutil.c 2009-05-10 22:11:59.000000000 +0200
@@ -202,6 +202,9 @@ vsf_sysutil_translate_sig(const enum EVS
case kVSFSysUtilSigHUP:
realsig = SIGHUP;
break;
@ -105,7 +91,7 @@ index 428a34a..c848356 100644
default:
bug("unknown signal in vsf_sysutil_translate_sig");
break;
@@ -549,6 +552,12 @@ vsf_sysutil_getpid(void)
@@ -539,6 +542,12 @@ vsf_sysutil_getpid(void)
return (unsigned int) s_current_pid;
}
@ -118,7 +104,7 @@ index 428a34a..c848356 100644
int
vsf_sysutil_fork(void)
{
@@ -2871,3 +2880,53 @@ vsf_sysutil_post_fork()
@@ -2807,3 +2816,53 @@ vsf_sysutil_set_no_fds()
s_sig_details[i].pending = 0;
}
}
@ -172,11 +158,10 @@ index 428a34a..c848356 100644
+{
+ return pause();
+}
diff --git a/sysutil.h b/sysutil.h
index c2ddd15..bfc92cb 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -30,7 +30,8 @@ enum EVSFSysUtilSignal
diff -up vsftpd-2.1.1/sysutil.h.daemonize_plus vsftpd-2.1.1/sysutil.h
--- vsftpd-2.1.1/sysutil.h.daemonize_plus 2009-05-10 22:11:24.000000000 +0200
+++ vsftpd-2.1.1/sysutil.h 2009-05-10 22:11:24.000000000 +0200
@@ -29,7 +29,8 @@ enum EVSFSysUtilSignal
kVSFSysUtilSigCHLD,
kVSFSysUtilSigPIPE,
kVSFSysUtilSigURG,
@ -186,7 +171,7 @@ index c2ddd15..bfc92cb 100644
};
enum EVSFSysUtilInterruptContext
{
@@ -165,6 +166,7 @@ void vsf_sysutil_free(void* p_ptr);
@@ -165,6 +165,7 @@ void vsf_sysutil_free(void* p_ptr);
/* Process creation/exit/process handling */
unsigned int vsf_sysutil_getpid(void);
@ -204,6 +189,3 @@ index c2ddd15..bfc92cb 100644
/* Various string functions */
unsigned int vsf_sysutil_strlen(const char* p_text);
--
2.14.4

22
0011-Fix-listing-with-more-than-one-star.patch → vsftpd-2.2.0-wildchar.patch
View file

@ -1,18 +1,7 @@
From 32e6642640635d7305969f808b5badb706a11bff Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 11:36:17 +0200
Subject: [PATCH 11/59] Fix listing with more than one star '*'.
This is a regression introduced by some previous patch.
---
ls.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/ls.c b/ls.c
index f489478..616b2d9 100644
--- a/ls.c
+++ b/ls.c
@@ -311,6 +311,20 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
diff -up vsftpd-2.3.2/ls.c.tmp vsftpd-2.3.2/ls.c
--- vsftpd-2.3.2/ls.c.tmp 2010-08-20 13:18:54.397583558 +0200
+++ vsftpd-2.3.2/ls.c 2010-08-20 13:14:59.047831385 +0200
@@ -305,6 +305,20 @@ vsf_filename_passes_filter(const struct
{
goto out;
}
@ -33,6 +22,3 @@ index f489478..616b2d9 100644
/* Chop matched string out of remainder */
str_mid_to_end(&name_remain_str, &temp_str,
indexx + str_getlen(&s_match_needed_str));
--
2.14.4

24
0012-Replace-syscall-__NR_clone-.-with-clone.patch → vsftpd-2.2.2-clone.patch
View file

@ -1,18 +1,7 @@
From 0c3a1123c391995ab46cfde603fa025ff180a819 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 11:43:54 +0200
Subject: [PATCH 12/59] Replace syscall(__NR_clone ..) with clone ()
in order to fix incorrect order of params on s390 arch
---
sysdeputil.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysdeputil.c b/sysdeputil.c
index b2782da..3bbabaa 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -1306,7 +1306,7 @@ vsf_sysutil_fork_isolate_failok()
diff -up vsftpd-2.2.2/sysdeputil.c.clone vsftpd-2.2.2/sysdeputil.c
--- vsftpd-2.2.2/sysdeputil.c.clone 2010-05-13 13:26:32.099358732 +0200
+++ vsftpd-2.2.2/sysdeputil.c 2010-05-13 13:26:43.894359985 +0200
@@ -1279,7 +1279,7 @@ vsf_sysutil_fork_isolate_failok()
static int cloneflags_work = 1;
if (cloneflags_work)
{
@ -21,7 +10,7 @@ index b2782da..3bbabaa 100644
if (ret != -1 || (errno != EINVAL && errno != EPERM))
{
if (ret == 0)
@@ -1328,7 +1328,7 @@ vsf_sysutil_fork_newnet()
@@ -1301,7 +1301,7 @@ vsf_sysutil_fork_newnet()
static int cloneflags_work = 1;
if (cloneflags_work)
{
@ -30,6 +19,3 @@ index b2782da..3bbabaa 100644
if (ret != -1 || (errno != EINVAL && errno != EPERM))
{
if (ret == 0)
--
2.14.4

34
0015-Listen-on-IPv6-by-default.patch → vsftpd-2.3.4-listen_ipv6.patch
View file

@ -1,27 +1,14 @@
From c5daaedf1efe23b397a5950f5503f5cbfac871c8 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 14:25:28 +0200
Subject: [PATCH 15/59] Listen on IPv6 by default.
---
vsftpd.conf | 14 +++++++++-----
vsftpd.conf.5 | 5 +++--
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/vsftpd.conf b/vsftpd.conf
index db44170..ae6c6c9 100644
--- a/vsftpd.conf
+++ b/vsftpd.conf
@@ -111,12 +111,16 @@ xferlog_std_format=YES
--- vsftpd-2.3.4/vsftpd.conf~ 2011-11-21 13:15:03.888357116 +0000
+++ vsftpd-2.3.4/vsftpd.conf 2011-11-21 13:17:43.676136602 +0000
@@ -108,12 +108,16 @@ xferlog_std_format=YES
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
-listen=YES
-#
+listen=NO
#
-# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
-# sockets, you must run two copies of vsftpd with two configuration files.
+listen=NO
+#
+# This directive enables listening on IPv6 sockets. By default, listening
+# on the IPv6 "any" address (::) will accept connections from both IPv6
+# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
@ -34,11 +21,9 @@ index db44170..ae6c6c9 100644
pam_service_name=vsftpd
userlist_enable=YES
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 0744f85..72bb86f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -297,8 +297,9 @@ Default: NO
--- vsftpd-2.3.4/vsftpd.conf.5~ 2011-11-21 13:15:03.905357305 +0000
+++ vsftpd-2.3.4/vsftpd.conf.5 2011-11-21 13:18:31.771672385 +0000
@@ -281,8 +281,9 @@ Default: NO
.TP
.B listen_ipv6
Like the listen parameter, except vsftpd will listen on an IPv6 socket instead
@ -50,6 +35,3 @@ index 0744f85..72bb86f 100644
Default: NO
.TP
--
2.14.4

31
0013-Extend-man-pages-with-systemd-info.patch → vsftpd-2.3.4-sd.patch
View file

@ -1,19 +1,6 @@
From 813a4bc45d45f4af94c699893cb2d2ba998d5d31 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Wed, 7 Sep 2016 11:53:07 +0200
Subject: [PATCH 13/59] Extend man pages with systemd info.
Man pages now reflect how is vsftpd used as
systemd service.
---
vsftpd.8 | 24 ++++++++++++++++++++++++
vsftpd.conf.5 | 18 +++++++++++++++++-
2 files changed, 41 insertions(+), 1 deletion(-)
diff --git a/vsftpd.8 b/vsftpd.8
index c920e7d..fbeb1a2 100644
--- a/vsftpd.8
+++ b/vsftpd.8
diff -up vsftpd-3.0.2/vsftpd.8.sd vsftpd-3.0.2/vsftpd.8
--- vsftpd-3.0.2/vsftpd.8.sd 2013-09-04 13:04:40.383348837 +0200
+++ vsftpd-3.0.2/vsftpd.8 2013-09-04 13:45:00.370277842 +0200
@@ -25,6 +25,23 @@ in
Direct execution of the
.Nm vsftpd
@ -38,7 +25,7 @@ index c920e7d..fbeb1a2 100644
.Sh OPTIONS
An optional
configuration file or files
@@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd
@@ -55,6 +72,13 @@ the "ftpd_banner" setting is set to "bla
setting and any identical setting that was in the config file.
.Sh FILES
.Pa /etc/vsftpd/vsftpd.conf
@ -52,10 +39,9 @@ index c920e7d..fbeb1a2 100644
.Xr vsftpd.conf 5
+.Xr systemd.unit 5
.end
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 9d767b1..0744f85 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
diff -up vsftpd-3.0.2/vsftpd.conf.5.sd vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.sd 2013-09-04 13:04:40.391348915 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2013-09-04 13:44:57.573250302 +0200
@@ -12,7 +12,23 @@ inetd such as
.BR xinetd
to launch vsftpd with different configuration files on a per virtual host
@ -81,6 +67,3 @@ index 9d767b1..0744f85 100644
.SH FORMAT
The format of vsftpd.conf is very simple. Each line is either a comment or
a directive. Comment lines start with a # and are ignored. A directive line
--
2.14.4

41
0014-Add-support-for-square-brackets-in-ls.patch → vsftpd-2.3.4-sqb.patch
View file

@ -1,23 +1,16 @@
commit de556b2643b5da622f501b435740c651b9f82554
Author: Tomas Korbar <tkorbar@redhat.com>
Date: Mon Dec 15 02:00:00 2025 +0200
Add support for square brackets in ls.
diff --git a/ls.c b/ls.c
index 616b2d9..ab69af9 100644
--- a/ls.c
+++ b/ls.c
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
diff -up vsftpd-3.0.2/ls.c.sqb vsftpd-3.0.2/ls.c
--- vsftpd-3.0.2/ls.c.sqb 2014-07-04 09:55:57.899506894 +0200
+++ vsftpd-3.0.2/ls.c 2014-07-04 09:58:02.187569017 +0200
@@ -246,7 +246,7 @@ vsf_filename_passes_filter(const struct
int ret = 0;
char last_token = 0;
int must_match_at_current_pos = 1;
-
-
+ int matched = 0;
str_copy(&filter_remain_str, p_filter_str);
@@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
@@ -276,7 +276,7 @@ vsf_filename_passes_filter(const struct
static struct mystr s_match_needed_str;
/* Locate next special token */
struct str_locate_result locate_result =
@ -26,7 +19,7 @@ index 616b2d9..ab69af9 100644
(*iters)++;
/* Isolate text leading up to token (if any) - needs to be matched */
if (locate_result.found)
@@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct mystr* p_filename_str,
@@ -294,94 +294,172 @@ vsf_filename_passes_filter(const struct
str_empty(&filter_remain_str);
last_token = 0;
}
@ -178,17 +171,18 @@ index 616b2d9..ab69af9 100644
- str_copy(&filter_remain_str, &temp_str);
- str_split_char(&brace_list_str, &temp_str, ',');
- while (!str_isempty(&brace_list_str))
+ struct str_locate_result end_sqb =
+ str_locate_char(&filter_remain_str, ']');
+ must_match_at_current_pos = 1;
+ if (end_sqb.found)
{
- {
- str_copy(&new_filter_str, &brace_list_str);
- str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
- iters))
+ struct str_locate_result end_sqb =
+ str_locate_char(&filter_remain_str, ']');
+ must_match_at_current_pos = 1;
+ if (end_sqb.found)
+ {
+ unsigned int cur_pos;
+ unsigned char stch, ench;
+ char stch, ench;
+ const char *p_brace;
+
+ str_split_char(&filter_remain_str, &temp_str, ']');
@ -213,7 +207,7 @@ index 616b2d9..ab69af9 100644
+ cur_pos++;
+ }
+ // expand char[s]
+ for (;stch <= ench && !str_isempty(&brace_list_str) && stch != 0; stch++)
+ for (;stch <= ench && !str_isempty(&brace_list_str); stch++)
+ {
+ str_empty(&new_filter_str);
+ if (!matched)
@ -269,4 +263,3 @@ index 616b2d9..ab69af9 100644
}
/* Any incoming string left means no match unless we ended on the correct
* type of wildcard.

12
vsftpd-2.3.5-aslim.patch Normal file
View file

@ -0,0 +1,12 @@
diff -up vsftpd-2.3.5/defs.h.aslim vsftpd-2.3.5/defs.h
--- vsftpd-2.3.5/defs.h.aslim 2012-02-09 07:40:04.916658587 +0100
+++ vsftpd-2.3.5/defs.h 2012-02-09 07:50:18.365278392 +0100
@@ -19,7 +19,7 @@
/* Must be at least the size of VSFTP_MAX_COMMAND_LINE, VSFTP_DIR_BUFSIZE and
VSFTP_DATA_BUFSIZE*2 */
#define VSFTP_PRIVSOCK_MAXSTR VSFTP_DATA_BUFSIZE * 2
-#define VSFTP_AS_LIMIT 100UL * 1024 * 1024
+#define VSFTP_AS_LIMIT 400UL * 1024 * 1024
#endif /* VSF_DEFS_H */

13
vsftpd-3.0.0-logrotate.patch Normal file
View file

@ -0,0 +1,13 @@
diff -up vsftpd-3.0.0/RedHat/vsftpd.log.logrotate vsftpd-3.0.0/RedHat/vsftpd.log
--- vsftpd-3.0.0/RedHat/vsftpd.log.logrotate 2012-07-17 11:08:28.484061640 +0200
+++ vsftpd-3.0.0/RedHat/vsftpd.log 2012-07-17 11:09:08.000020510 +0200
@@ -3,3 +3,9 @@
nocompress
missingok
}
+
+/var/log/xferlog {
+ # ftpd doesn't handle SIGHUP properly
+ nocompress
+ missingok
+}

31
0017-Fix-an-issue-with-timestamps-during-DST.patch → vsftpd-3.0.0-tz.patch
View file

@ -1,18 +1,6 @@
From 5ec0b86e5c1ff060720b5a6cd1af9d93ec993650 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 29 Sep 2016 11:14:03 +0200
Subject: [PATCH 17/59] Fix an issue with timestamps during DST.
vsftpd now checks whether a file was uploaded during DST and
adjust the timestamp accordingly.
---
sysutil.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++----------------
1 file changed, 77 insertions(+), 27 deletions(-)
diff --git a/sysutil.c b/sysutil.c
index c848356..2abdd13 100644
--- a/sysutil.c
+++ b/sysutil.c
diff -up vsftpd-2.2.2/sysutil.c.tz vsftpd-2.2.2/sysutil.c
--- vsftpd-2.2.2/sysutil.c.tz 2012-04-26 12:45:21.095145878 +0200
+++ vsftpd-2.2.2/sysutil.c 2012-04-26 12:48:08.729618686 +0200
@@ -26,8 +26,10 @@
/* For Linux, this adds nothing :-) */
#include "port/porting_junk.h"
@ -25,19 +13,19 @@ index c848356..2abdd13 100644
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
@@ -56,6 +58,11 @@
@@ -55,6 +57,11 @@
#include <utime.h>
#include <netdb.h>
#include <sys/resource.h>
+
+#ifndef __USE_GNU
+ #define __USE_GNU
+#endif
+#include <string.h>
+
/* Private variables to this file */
/* Current umask() */
static unsigned int s_current_umask;
@@ -2574,49 +2581,92 @@ error:
@@ -2558,49 +2565,92 @@ error:
die("reopening standard file descriptors to /dev/null failed");
}
@ -156,6 +144,3 @@ index c848356..2abdd13 100644
{
s_timezone *= -1;
}
--
2.14.4

12
vsftpd-3.0.0-xferlog.patch Normal file
View file

@ -0,0 +1,12 @@
diff -up vsftpd-3.0.0/vsftpd.conf.xferlog vsftpd-3.0.0/vsftpd.conf
--- vsftpd-3.0.0/vsftpd.conf.xferlog 2012-07-17 10:38:14.022601998 +0200
+++ vsftpd-3.0.0/vsftpd.conf 2012-07-17 10:41:09.311073484 +0200
@@ -50,7 +50,7 @@ connect_from_port_20=YES
#
# You may override where the log file goes if you like. The default is shown
# below.
-#xferlog_file=/var/log/vsftpd.log
+#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.

202
vsftpd-3.0.2-dh.patch Normal file
View file

@ -0,0 +1,202 @@
diff -up vsftpd-3.0.2/parseconf.c.dh vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.dh 2014-06-04 09:54:43.364747051 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-06-04 09:54:43.368747052 +0200
@@ -176,6 +176,7 @@ parseconf_str_array[] =
{ "email_password_file", &tunable_email_password_file },
{ "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file },
+ { "dh_param_file", &tunable_dh_param_file },
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -up vsftpd-3.0.2/ssl.c.dh vsftpd-3.0.2/ssl.c
--- vsftpd-3.0.2/ssl.c.dh 2012-04-03 02:23:42.000000000 +0200
+++ vsftpd-3.0.2/ssl.c 2014-06-04 09:55:59.443770325 +0200
@@ -28,6 +28,8 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
#include <errno.h>
#include <limits.h>
@@ -38,6 +40,7 @@ static void setup_bio_callbacks();
static long bio_callback(
BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
+static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength);
static int ssl_cert_digest(
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
static void maybe_log_shutdown_state(struct vsf_session* p_sess);
@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_se
static int ssl_inited;
static struct mystr debug_str;
+
+// Grab prime number from OpenSSL; <openssl/bn.h>
+// (get_rfc*) for all available primes.
+// wraps selection of comparable algorithm strength
+#if !defined(match_dh_bits)
+ #define match_dh_bits(keylen) \
+ keylen >= 8191 ? 8192 : \
+ keylen >= 6143 ? 6144 : \
+ keylen >= 4095 ? 4096 : \
+ keylen >= 3071 ? 3072 : \
+ keylen >= 2047 ? 2048 : \
+ keylen >= 1535 ? 1536 : \
+ keylen >= 1023 ? 1024 : 768
+#endif
+
+#if !defined(DH_get_prime)
+ BIGNUM *
+ DH_get_prime(int bits)
+ {
+ switch (bits) {
+ case 768: return get_rfc2409_prime_768(NULL);
+ case 1024: return get_rfc2409_prime_1024(NULL);
+ case 1536: return get_rfc3526_prime_1536(NULL);
+ case 2048: return get_rfc3526_prime_2048(NULL);
+ case 3072: return get_rfc3526_prime_3072(NULL);
+ case 4096: return get_rfc3526_prime_4096(NULL);
+ case 6144: return get_rfc3526_prime_6144(NULL);
+ case 8192: return get_rfc3526_prime_8192(NULL);
+ // shouldn't happen when used match_dh_bits; strict compiler
+ default: return NULL;
+ }
+}
+#endif
+
+#if !defined(DH_get_dh)
+ // Grab DH parameters
+ DH *
+ DH_get_dh(int size)
+ {
+ DH *dh = DH_new();
+ if (!dh) {
+ return NULL;
+ }
+ dh->p = DH_get_prime(match_dh_bits(size));
+ BN_dec2bn(&dh->g, "2");
+ if (!dh->p || !dh->g)
+ {
+ DH_free(dh);
+ return NULL;
+ }
+ return dh;
+ }
+#endif
+
void
ssl_init(struct vsf_session* p_sess)
{
@@ -65,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
{
die("SSL: could not allocate SSL context");
}
- options = SSL_OP_ALL;
+ options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
@@ -111,6 +168,25 @@ ssl_init(struct vsf_session* p_sess)
die("SSL: cannot load DSA private key");
}
}
+ if (tunable_dh_param_file)
+ {
+ BIO *bio;
+ DH *dhparams = NULL;
+ if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL)
+ {
+ die("SSL: cannot load custom DH params");
+ }
+ else
+ {
+ dhparams = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
+ BIO_free(bio);
+
+ if (!SSL_CTX_set_tmp_dh(p_ctx, dhparams))
+ {
+ die("SSL: setting custom DH params failed");
+ }
+ }
+ }
if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{
@@ -156,6 +232,9 @@ ssl_init(struct vsf_session* p_sess)
/* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
+
+ SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
+
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
@@ -675,6 +754,18 @@ ssl_verify_callback(int verify_ok, X509_
return 1;
}
+#define UNUSED(x) ( (void)(x) )
+
+static DH *
+ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
+{
+ // strict compiler bypassing
+ UNUSED(ssl);
+ UNUSED(is_export);
+
+ return DH_get_dh(keylength);
+}
+
void
ssl_add_entropy(struct vsf_session* p_sess)
{
diff -up vsftpd-3.0.2/tunables.c.dh vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.dh 2014-06-04 09:54:43.364747051 +0200
+++ vsftpd-3.0.2/tunables.c 2014-06-04 09:54:43.369747052 +0200
@@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file;
+const char* tunable_dh_param_file;
const char* tunable_ssl_ciphers;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -288,6 +289,7 @@ tunables_load_defaults()
install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
+ install_str_setting(0, &tunable_dh_param_file);
install_str_setting("AES128-SHA:DES-CBC3-SHA", &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
diff -up vsftpd-3.0.2/tunables.h.dh vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.dh 2014-06-04 09:54:43.364747051 +0200
+++ vsftpd-3.0.2/tunables.h 2014-06-04 09:54:43.369747052 +0200
@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_toke
extern const char* tunable_email_password_file;
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
+extern const char* tunable_dh_param_file;
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff -up vsftpd-3.0.2/vsftpd.conf.5.dh vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.dh 2014-06-04 09:54:43.364747051 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-06-04 09:54:43.369747052 +0200
@@ -893,6 +893,12 @@ to be in the same file as the certificat
Default: (none)
.TP
+.B dh_param_file
+This option specifies the location of the custom parameters used for
+ephemeral Diffie-Hellman key exchange in SSL.
+
+Default: (none - use built in parameters appropriate for certificate key size)
+.TP
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable

23
0023-Add-documentation-for-isolate_-options.-Correct-defa.patch → vsftpd-3.0.2-docupd.patch
View file

@ -1,18 +1,6 @@
From 3d02ef3be17f37baf729e786a8f36af4982f70ad Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:52:16 +0100
Subject: [PATCH 23/59] Add documentation for isolate_* options. Correct
default
values of max_clients, max_per_ip.
---
vsftpd.conf.5 | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index e242873..31d317f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
diff -up vsftpd-3.0.2/vsftpd.conf.5.docupd vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.docupd 2014-06-05 09:47:27.987876849 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-06-05 09:47:27.989876848 +0200
@@ -652,6 +652,21 @@ change it with the setting
.BR xferlog_file .
@ -22,7 +10,7 @@ index e242873..31d317f 100644
+If enabled, use CLONE_NEWNET to isolate the untrusted processes so that
+they can't do arbitrary connect() and instead have to ask the privileged
+process for sockets (
+.BR port_promiscuous
+.BR port_promiscuous
+have to be disabled).
+
+Default: YES
@ -58,6 +46,3 @@ index e242873..31d317f 100644
.TP
.B pasv_max_port
The maximum port to allocate for PASV style data connections. Can be used to
--
2.14.4

97
0022-Introduce-support-for-EDDHE-based-cipher-suites.patch → vsftpd-3.0.2-ecdh.patch
View file

@ -1,20 +1,6 @@
From a6d641a0ccba1033587f6faa0e5e6749fa35f5c4 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:49:22 +0100
Subject: [PATCH 22/59] Introduce support for EDDHE based cipher suites.
---
parseconf.c | 1 +
ssl.c | 37 ++++++++++++++++++++++++++++++++++++-
tunables.c | 4 +++-
tunables.h | 1 +
vsftpd.conf.5 | 8 ++++++++
5 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 38e3182..a2c715b 100644
--- a/parseconf.c
+++ b/parseconf.c
diff -up vsftpd-3.0.2/parseconf.c.ecdh vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.ecdh 2014-06-04 09:56:56.358788746 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-06-04 09:56:56.360788747 +0200
@@ -177,6 +177,7 @@ parseconf_str_array[] =
{ "rsa_cert_file", &tunable_rsa_cert_file },
{ "dsa_cert_file", &tunable_dsa_cert_file },
@ -23,10 +9,9 @@ index 38e3182..a2c715b 100644
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff --git a/ssl.c b/ssl.c
index 22b69b3..96bf8ad 100644
--- a/ssl.c
+++ b/ssl.c
diff -up vsftpd-3.0.2/ssl.c.ecdh vsftpd-3.0.2/ssl.c
--- vsftpd-3.0.2/ssl.c.ecdh 2014-06-04 09:56:56.358788746 +0200
+++ vsftpd-3.0.2/ssl.c 2014-06-04 09:56:56.360788747 +0200
@@ -122,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
{
die("SSL: could not allocate SSL context");
@ -36,44 +21,51 @@ index 22b69b3..96bf8ad 100644
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
@@ -244,6 +244,33 @@
SSL_CTX_set0_tmp_dh_pkey(p_ctx, DH_get_dh());
@@ -235,6 +235,41 @@ ssl_init(struct vsf_session* p_sess)
SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
+ if (tunable_ecdh_param_file)
+ {
+ BIO *bio;
+ EVP_PKEY *ec_params = NULL;
+ int nid;
+ EC_GROUP *ecparams = NULL;
+ EC_KEY *eckey;
+
+ if ((bio = BIO_new_file(tunable_ecdh_param_file, "r")) == NULL)
+ die("SSL: cannot load custom ec params");
+ else
+ {
+ ec_params = PEM_read_bio_Parameters(bio, NULL);
+ ecparams = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL);
+ BIO_free(bio);
+
+ if (ec_params != NULL)
+ if (ecparams && (nid = EC_GROUP_get_curve_name(ecparams)) &&
+ (eckey = EC_KEY_new_by_curve_name(nid)))
+ {
+ if (!SSL_CTX_set1_groups_list(p_ctx, ec_params))
+ if (!SSL_CTX_set_tmp_ecdh(p_ctx, eckey))
+ die("SSL: setting custom EC params failed");
+ }
+ else
+ }
+ else
+ {
+ die("SSL: getting ec group or key failed");
+ }
+ }
+ }
+ }
+ else
+ {
+ SSL_CTX_set1_groups_list(p_ctx, "P-256");
+#if defined(SSL_CTX_set_ecdh_auto)
+ SSL_CTX_set_ecdh_auto(p_ctx, 1);
+#else
+ SSL_CTX_set_tmp_ecdh(p_ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+#endif
+ }
/* Set up ALPN to check for FTP protocol intention of client. */
SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess);
/* Set up SNI callback for an optional hostname check. */
diff --git a/tunables.c b/tunables.c
index 1ea7227..93f85b1 100644
--- a/tunables.c
+++ b/tunables.c
+
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
diff -up vsftpd-3.0.2/tunables.c.ecdh vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.ecdh 2014-06-04 09:56:56.358788746 +0200
+++ vsftpd-3.0.2/tunables.c 2014-06-04 09:56:56.361788747 +0200
@@ -141,6 +141,7 @@ const char* tunable_email_password_file;
const char* tunable_rsa_cert_file;
const char* tunable_dsa_cert_file;
@ -82,21 +74,18 @@ index 1ea7227..93f85b1 100644
const char* tunable_ssl_ciphers;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -290,7 +291,8 @@ tunables_load_defaults()
@@ -290,6 +291,7 @@ tunables_load_defaults()
&tunable_rsa_cert_file);
install_str_setting(0, &tunable_dsa_cert_file);
install_str_setting(0, &tunable_dh_param_file);
- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
+ install_str_setting(0, &tunable_ecdh_param_file);
+ install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA",
&tunable_ssl_ciphers);
install_str_setting("AES128-SHA:DES-CBC3-SHA", &tunable_ssl_ciphers);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
diff --git a/tunables.h b/tunables.h
index 3995472..3e2d40c 100644
--- a/tunables.h
+++ b/tunables.h
@@ -143,6 +143,7 @@ extern const char* tunable_email_password_file;
diff -up vsftpd-3.0.2/tunables.h.ecdh vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.ecdh 2014-06-04 09:56:56.359788746 +0200
+++ vsftpd-3.0.2/tunables.h 2014-06-04 09:56:56.361788747 +0200
@@ -143,6 +143,7 @@ extern const char* tunable_email_passwor
extern const char* tunable_rsa_cert_file;
extern const char* tunable_dsa_cert_file;
extern const char* tunable_dh_param_file;
@ -104,11 +93,10 @@ index 3995472..3e2d40c 100644
extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index ff94eca..e242873 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -899,6 +899,14 @@ ephemeral Diffie-Hellman key exchange in SSL.
diff -up vsftpd-3.0.2/vsftpd.conf.5.ecdh vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.ecdh 2014-06-04 09:56:56.359788746 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-06-04 09:56:56.361788747 +0200
@@ -899,6 +899,14 @@ ephemeral Diffie-Hellman key exchange in
Default: (none - use built in parameters appropriate for certificate key size)
.TP
@ -123,6 +111,3 @@ index ff94eca..e242873 100644
.B email_password_file
This option can be used to provide an alternate file for usage by the
.BR secure_email_list_enable
--
2.14.4

72
0019-Introduce-reverse_lookup_enable-option.patch → vsftpd-3.0.2-lookup.patch
View file

@ -1,23 +1,6 @@
From 721de88621100f6ed33f1602415bc249f3ed3219 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:22:32 +0100
Subject: [PATCH 19/59] Introduce reverse_lookup_enable option.
vsftpd can transform IP address into hostname before
PAM authentication. You can disable it to prevent
performance issues.
---
parseconf.c | 1 +
sysdeputil.c | 14 +++++++++-----
tunables.c | 2 ++
tunables.h | 1 +
vsftpd.conf.5 | 9 +++++++++
5 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/parseconf.c b/parseconf.c
index 30df598..3e0dba4 100644
--- a/parseconf.c
+++ b/parseconf.c
diff -up vsftpd-3.0.2/parseconf.c.lookup vsftpd-3.0.2/parseconf.c
--- vsftpd-3.0.2/parseconf.c.lookup 2014-04-17 10:01:50.862951491 +0200
+++ vsftpd-3.0.2/parseconf.c 2014-04-17 10:02:42.343955443 +0200
@@ -91,6 +91,7 @@ parseconf_bool_array[] =
{ "mdtm_write", &tunable_mdtm_write },
{ "lock_upload_files", &tunable_lock_upload_files },
@ -26,11 +9,10 @@ index 30df598..3e0dba4 100644
{ "userlist_log", &tunable_userlist_log },
{ "debug_ssl", &tunable_debug_ssl },
{ "require_cert", &tunable_require_cert },
diff --git a/sysdeputil.c b/sysdeputil.c
index 3bbabaa..2063c87 100644
--- a/sysdeputil.c
+++ b/sysdeputil.c
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
diff -up vsftpd-3.0.2/sysdeputil.c.lookup vsftpd-3.0.2/sysdeputil.c
--- vsftpd-3.0.2/sysdeputil.c.lookup 2014-04-17 09:57:02.111933144 +0200
+++ vsftpd-3.0.2/sysdeputil.c 2014-04-17 10:01:31.069950498 +0200
@@ -354,12 +354,16 @@ vsf_sysdep_check_auth(struct mystr* p_us
return 0;
}
#ifdef PAM_RHOST
@ -52,10 +34,9 @@ index 3bbabaa..2063c87 100644
if (retval != PAM_SUCCESS)
{
(void) pam_end(s_pamh, retval);
diff --git a/tunables.c b/tunables.c
index b30fca1..c737465 100644
--- a/tunables.c
+++ b/tunables.c
diff -up vsftpd-3.0.2/tunables.c.lookup vsftpd-3.0.2/tunables.c
--- vsftpd-3.0.2/tunables.c.lookup 2014-04-17 10:03:22.766958324 +0200
+++ vsftpd-3.0.2/tunables.c 2014-04-17 10:04:52.004964675 +0200
@@ -72,6 +72,7 @@ int tunable_force_anon_data_ssl;
int tunable_mdtm_write;
int tunable_lock_upload_files;
@ -72,11 +53,10 @@ index b30fca1..c737465 100644
tunable_userlist_log = 0;
tunable_debug_ssl = 0;
tunable_require_cert = 0;
diff --git a/tunables.h b/tunables.h
index e44d64c..9553038 100644
--- a/tunables.h
+++ b/tunables.h
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
diff -up vsftpd-3.0.2/tunables.h.lookup vsftpd-3.0.2/tunables.h
--- vsftpd-3.0.2/tunables.h.lookup 2014-04-17 10:03:27.405958676 +0200
+++ vsftpd-3.0.2/tunables.h 2014-04-17 10:04:22.763963824 +0200
@@ -73,6 +73,7 @@ extern int tunable_force_anon_data_ssl;
extern int tunable_mdtm_write; /* Allow MDTM to set timestamps */
extern int tunable_lock_upload_files; /* Lock uploading files */
extern int tunable_pasv_addr_resolve; /* DNS resolve pasv_addr */
@ -84,16 +64,13 @@ index e44d64c..9553038 100644
extern int tunable_userlist_log; /* Log every failed login attempt */
extern int tunable_debug_ssl; /* Verbose SSL logging */
extern int tunable_require_cert; /* SSL client cert required */
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 72bb86f..fb6324e 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -423,6 +423,15 @@ so you may want to disable it. For a discussion of the consequences, see
http://scarybeastsecurity.blogspot.com/2009/02/vsftpd-210-released.html
(Added in v2.1.0).
diff -up vsftpd-3.0.2/vsftpd.conf.5.lookup vsftpd-3.0.2/vsftpd.conf.5
--- vsftpd-3.0.2/vsftpd.conf.5.lookup 2014-04-17 10:05:30.956969003 +0200
+++ vsftpd-3.0.2/vsftpd.conf.5 2014-04-17 10:06:36.586971828 +0200
@@ -425,6 +425,15 @@ http://scarybeastsecurity.blogspot.com/2
+Default: YES
+.TP
Default: YES
.TP
+.B reverse_lookup_enable
+Set to YES if you want vsftpd to transform the ip address into the hostname,
+before pam authentication. This is useful if you use pam_access including the
@ -101,9 +78,8 @@ index 72bb86f..fb6324e 100644
+for some hostname is available and the name server doesn't respond for a while,
+you should set this to NO to avoid a performance issue.
+
Default: YES
.TP
+Default: YES
+.TP
.B run_as_launching_user
--
2.14.4
Set to YES if you want vsftpd to run as the user which launched vsftpd. This is
useful where root access is not available. MASSIVE WARNING! Do NOT enable this

47
0024-Introduce-new-return-value-450.patch → vsftpd-3.0.2-rc450.patch
View file

@ -1,21 +1,6 @@
From 1d5cdf309387ff92988ab17d746f015d833a4b92 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 11:08:52 +0100
Subject: [PATCH 24/59] Introduce new return value 450:
*450 Requested file action not taken.
File unavailable (e.g., file busy).
---
ftpcodes.h | 1 +
postlogin.c | 9 ++++++++-
sysutil.c | 3 +++
sysutil.h | 3 ++-
4 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/ftpcodes.h b/ftpcodes.h
index 93290c0..81e25c5 100644
--- a/ftpcodes.h
+++ b/ftpcodes.h
diff -up vsftpd-3.0.2/ftpcodes.h.rc450 vsftpd-3.0.2/ftpcodes.h
--- vsftpd-3.0.2/ftpcodes.h.rc450 2008-02-12 01:30:46.000000000 +0100
+++ vsftpd-3.0.2/ftpcodes.h 2014-06-18 13:41:02.238821708 +0200
@@ -52,6 +52,7 @@
#define FTP_TLS_FAIL 421
#define FTP_BADSENDCONN 425
@ -24,11 +9,10 @@ index 93290c0..81e25c5 100644
#define FTP_BADSENDFILE 451
#define FTP_BADCMD 500
diff --git a/postlogin.c b/postlogin.c
index bf12970..29958c0 100644
--- a/postlogin.c
+++ b/postlogin.c
@@ -679,7 +679,14 @@ handle_retr(struct vsf_session* p_sess, int is_http)
diff -up vsftpd-3.0.2/postlogin.c.rc450 vsftpd-3.0.2/postlogin.c
--- vsftpd-3.0.2/postlogin.c.rc450 2012-09-18 11:59:37.000000000 +0200
+++ vsftpd-3.0.2/postlogin.c 2014-06-18 13:41:02.238821708 +0200
@@ -670,7 +670,14 @@ handle_retr(struct vsf_session* p_sess,
opened_file = str_open(&p_sess->ftp_arg_str, kVSFSysStrOpenReadOnly);
if (vsf_sysutil_retval_is_error(opened_file))
{
@ -44,10 +28,9 @@ index bf12970..29958c0 100644
return;
}
/* Lock file if required */
diff --git a/sysutil.c b/sysutil.c
index 9881a66..6d7cb3f 100644
--- a/sysutil.c
+++ b/sysutil.c
diff -up vsftpd-3.0.2/sysutil.c.rc450 vsftpd-3.0.2/sysutil.c
--- vsftpd-3.0.2/sysutil.c.rc450 2014-06-18 13:41:02.231821807 +0200
+++ vsftpd-3.0.2/sysutil.c 2014-06-18 13:41:02.238821708 +0200
@@ -1632,6 +1632,9 @@ vsf_sysutil_get_error(void)
case ENOENT:
retval = kVSFSysUtilErrNOENT;
@ -58,10 +41,9 @@ index 9881a66..6d7cb3f 100644
default:
break;
}
diff --git a/sysutil.h b/sysutil.h
index 79b5514..c145bdf 100644
--- a/sysutil.h
+++ b/sysutil.h
diff -up vsftpd-3.0.2/sysutil.h.rc450 vsftpd-3.0.2/sysutil.h
--- vsftpd-3.0.2/sysutil.h.rc450 2014-06-18 13:41:02.231821807 +0200
+++ vsftpd-3.0.2/sysutil.h 2014-06-18 13:41:02.239821694 +0200
@@ -18,7 +18,8 @@ enum EVSFSysUtilError
kVSFSysUtilErrINVAL,
kVSFSysUtilErrOPNOTSUPP,
@ -72,6 +54,3 @@ index 79b5514..c145bdf 100644
};
enum EVSFSysUtilError vsf_sysutil_get_error(void);
--
2.14.4

71
0020-Use-unsigned-int-for-uid-and-gid-representation.patch → vsftpd-3.0.2-uint-uidgid.patch
View file

@ -1,21 +1,7 @@
From dcaaf1e0dd3985e229a87de18b83f301d30b6ce9 Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Thu, 17 Nov 2016 10:31:39 +0100
Subject: [PATCH 20/59] Use unsigned int for uid and gid representation.
---
ls.c | 4 ++--
privops.c | 3 +--
session.h | 6 +++---
sysutil.c | 44 ++++++++++++++------------------------------
sysutil.h | 20 ++++++++++----------
5 files changed, 30 insertions(+), 47 deletions(-)
diff --git a/ls.c b/ls.c
index b840136..3c0988c 100644
--- a/ls.c
+++ b/ls.c
@@ -503,7 +503,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
diff -up vsftpd-3.0.2/ls.c.uint-uidgid vsftpd-3.0.2/ls.c
--- vsftpd-3.0.2/ls.c.uint-uidgid 2014-04-17 13:47:01.835114063 +0200
+++ vsftpd-3.0.2/ls.c 2014-04-17 13:47:01.845114063 +0200
@@ -501,7 +501,7 @@ build_dir_line(struct mystr* p_str, cons
}
else
{
@ -24,7 +10,7 @@ index b840136..3c0988c 100644
struct vsf_sysutil_user* p_user = 0;
if (tunable_text_userdb_names)
{
@@ -528,7 +528,7 @@ build_dir_line(struct mystr* p_str, const struct mystr* p_filename_str,
@@ -526,7 +526,7 @@ build_dir_line(struct mystr* p_str, cons
}
else
{
@ -33,11 +19,10 @@ index b840136..3c0988c 100644
struct vsf_sysutil_group* p_group = 0;
if (tunable_text_userdb_names)
{
diff --git a/privops.c b/privops.c
index 21d7267..f27c5c4 100644
--- a/privops.c
+++ b/privops.c
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_session* p_sess, int fd)
diff -up vsftpd-3.0.2/privops.c.uint-uidgid vsftpd-3.0.2/privops.c
--- vsftpd-3.0.2/privops.c.uint-uidgid 2012-09-16 09:21:24.000000000 +0200
+++ vsftpd-3.0.2/privops.c 2014-04-17 13:48:26.431113895 +0200
@@ -236,8 +236,7 @@ vsf_privop_do_file_chown(struct vsf_sess
/* Drop it like a hot potato unless it's a regular file owned by
* the the anonymous ftp user
*/
@ -47,10 +32,9 @@ index 21d7267..f27c5c4 100644
(vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->anon_ftp_uid &&
vsf_sysutil_statbuf_get_uid(s_p_statbuf) != p_sess->guest_user_uid))
{
diff --git a/session.h b/session.h
index 27a488f..956bfb7 100644
--- a/session.h
+++ b/session.h
diff -up vsftpd-3.0.2/session.h.uint-uidgid vsftpd-3.0.2/session.h
--- vsftpd-3.0.2/session.h.uint-uidgid 2012-04-05 03:27:19.000000000 +0200
+++ vsftpd-3.0.2/session.h 2014-04-17 13:47:01.845114063 +0200
@@ -54,9 +54,9 @@ struct vsf_session
struct mystr_list* p_visited_dir_list;
@ -64,11 +48,10 @@ index 27a488f..956bfb7 100644
/* Things we need to cache before we chroot() */
struct mystr banned_email_str;
diff --git a/sysutil.c b/sysutil.c
index 2abdd13..9881a66 100644
--- a/sysutil.c
+++ b/sysutil.c
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struct vsf_sysutil_statbuf* p_statbuf)
diff -up vsftpd-3.0.2/sysutil.c.uint-uidgid vsftpd-3.0.2/sysutil.c
--- vsftpd-3.0.2/sysutil.c.uint-uidgid 2014-04-17 13:47:01.839114063 +0200
+++ vsftpd-3.0.2/sysutil.c 2014-04-17 13:47:01.846114063 +0200
@@ -1454,14 +1454,14 @@ vsf_sysutil_statbuf_get_size(const struc
return p_stat->st_size;
}
@ -94,7 +77,7 @@ index 2abdd13..9881a66 100644
{
if (fchown(fd, uid, gid) != 0)
{
@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
@@ -2320,13 +2320,9 @@ vsf_sysutil_dns_resolve(struct vsf_sysut
}
struct vsf_sysutil_user*
@ -110,7 +93,7 @@ index 2abdd13..9881a66 100644
}
struct vsf_sysutil_user*
@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struct vsf_sysutil_user* p_user)
@@ -2349,14 +2345,14 @@ vsf_sysutil_user_get_homedir(const struc
return p_passwd->pw_dir;
}
@ -127,7 +110,7 @@ index 2abdd13..9881a66 100644
vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
{
const struct passwd* p_passwd = (const struct passwd*) p_user;
@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf_sysutil_user* p_user)
@@ -2364,13 +2360,9 @@ vsf_sysutil_user_getgid(const struct vsf
}
struct vsf_sysutil_group*
@ -182,11 +165,10 @@ index 2abdd13..9881a66 100644
vsf_sysutil_getuid(void)
{
return getuid();
diff --git a/sysutil.h b/sysutil.h
index bfc92cb..79b5514 100644
--- a/sysutil.h
+++ b/sysutil.h
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_numeric_date(
diff -up vsftpd-3.0.2/sysutil.h.uint-uidgid vsftpd-3.0.2/sysutil.h
--- vsftpd-3.0.2/sysutil.h.uint-uidgid 2014-04-17 13:47:01.827114063 +0200
+++ vsftpd-3.0.2/sysutil.h 2014-04-17 13:47:01.846114063 +0200
@@ -129,15 +129,15 @@ const char* vsf_sysutil_statbuf_get_nume
const struct vsf_sysutil_statbuf* p_stat, int use_localtime);
unsigned int vsf_sysutil_statbuf_get_links(
const struct vsf_sysutil_statbuf* p_stat);
@ -225,7 +207,7 @@ index bfc92cb..79b5514 100644
const char* vsf_sysutil_group_getname(const struct vsf_sysutil_group* p_group);
/* More random things */
@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, unsigned int num_elem,
@@ -316,7 +316,7 @@ void vsf_sysutil_qsort(void* p_base, uns
char* vsf_sysutil_getenv(const char* p_var);
typedef void (*exitfunc_t)(void);
void vsf_sysutil_set_exit_func(exitfunc_t exitfunc);
@ -234,7 +216,7 @@ index bfc92cb..79b5514 100644
/* Syslogging (bah) */
void vsf_sysutil_openlog(int force);
@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf_sysutil_user* p_user);
@@ -329,8 +329,8 @@ void vsf_sysutil_setuid(const struct vsf
void vsf_sysutil_setgid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setuid_numeric(int uid);
void vsf_sysutil_setgid_numeric(int gid);
@ -245,6 +227,3 @@ index bfc92cb..79b5514 100644
void vsf_sysutil_seteuid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_setegid(const struct vsf_sysutil_user* p_user);
void vsf_sysutil_seteuid_numeric(int uid);
--
2.14.4

225
vsftpd-3.0.3-ALPACA.patch
View file

@ -1,225 +0,0 @@
diff --git a/parseconf.c b/parseconf.c
index 3729818..ee1b8b4 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -188,6 +188,7 @@ parseconf_str_array[] =
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
{ "ca_certs_file", &tunable_ca_certs_file },
+ { "ssl_sni_hostname", &tunable_ssl_sni_hostname },
{ "cmds_denied", &tunable_cmds_denied },
{ 0, 0 }
};
diff --git a/ssl.c b/ssl.c
index 09ec96a..b622347 100644
--- a/ssl.c
+++ b/ssl.c
@@ -41,6 +41,13 @@ static long bio_callback(
BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength);
+static int ssl_alpn_callback(SSL* p_ssl,
+ const unsigned char** p_out,
+ unsigned char* outlen,
+ const unsigned char* p_in,
+ unsigned int inlen,
+ void* p_arg);
+static long ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg);
static int ssl_cert_digest(
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
static void maybe_log_shutdown_state(struct vsf_session* p_sess);
@@ -285,6 +292,11 @@ ssl_init(struct vsf_session* p_sess)
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
+ /* Set up ALPN to check for FTP protocol intention of client. */
+ SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess);
+ /* Set up SNI callback for an optional hostname check. */
+ SSL_CTX_set_tlsext_servername_callback(p_ctx, ssl_sni_callback);
+ SSL_CTX_set_tlsext_servername_arg(p_ctx, p_sess);
SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
if (tunable_ecdh_param_file)
@@ -871,6 +883,133 @@ ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
return DH_get_dh(keylength);
}
+static int
+ssl_alpn_callback(SSL* p_ssl,
+ const unsigned char** p_out,
+ unsigned char* outlen,
+ const unsigned char* p_in,
+ unsigned int inlen,
+ void* p_arg) {
+ unsigned int i;
+ struct vsf_session* p_sess = (struct vsf_session*) p_arg;
+ int is_ok = 0;
+
+ (void) p_ssl;
+
+ /* Initialize just in case. */
+ *p_out = p_in;
+ *outlen = 0;
+
+ for (i = 0; i < inlen; ++i) {
+ unsigned int left = (inlen - i);
+ if (left < 4) {
+ continue;
+ }
+ if (p_in[i] == 3 && p_in[i + 1] == 'f' && p_in[i + 2] == 't' &&
+ p_in[i + 3] == 'p')
+ {
+ is_ok = 1;
+ *p_out = &p_in[i + 1];
+ *outlen = 3;
+ break;
+ }
+ }
+
+ if (!is_ok)
+ {
+ str_alloc_text(&debug_str, "ALPN rejection");
+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
+ }
+ if (!is_ok || tunable_debug_ssl)
+ {
+ str_alloc_text(&debug_str, "ALPN data: ");
+ for (i = 0; i < inlen; ++i) {
+ str_append_char(&debug_str, p_in[i]);
+ }
+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
+ }
+
+ if (is_ok)
+ {
+ return SSL_TLSEXT_ERR_OK;
+ }
+ else
+ {
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+}
+
+static long
+ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg)
+{
+ static struct mystr s_sni_expected_hostname;
+ static struct mystr s_sni_received_hostname;
+
+ int servername_type;
+ const char* p_sni_servername;
+ struct vsf_session* p_sess = (struct vsf_session*) p_arg;
+ int is_ok = 0;
+
+ (void) p_ssl;
+ (void) p_arg;
+
+ if (tunable_ssl_sni_hostname)
+ {
+ str_alloc_text(&s_sni_expected_hostname, tunable_ssl_sni_hostname);
+ }
+
+ /* The OpenSSL documentation says it is pre-initialized like this, but set
+ * it just in case.
+ */
+ *p_al = SSL_AD_UNRECOGNIZED_NAME;
+
+ servername_type = SSL_get_servername_type(p_ssl);
+ p_sni_servername = SSL_get_servername(p_ssl, TLSEXT_NAMETYPE_host_name);
+ if (p_sni_servername != NULL) {
+ str_alloc_text(&s_sni_received_hostname, p_sni_servername);
+ }
+
+ if (str_isempty(&s_sni_expected_hostname))
+ {
+ is_ok = 1;
+ }
+ else if (servername_type != TLSEXT_NAMETYPE_host_name)
+ {
+ /* Fail. */
+ str_alloc_text(&debug_str, "SNI bad type: ");
+ str_append_ulong(&debug_str, servername_type);
+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
+ }
+ else
+ {
+ if (!str_strcmp(&s_sni_expected_hostname, &s_sni_received_hostname))
+ {
+ is_ok = 1;
+ }
+ else
+ {
+ str_alloc_text(&debug_str, "SNI rejection");
+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
+ }
+ }
+
+ if (!is_ok || tunable_debug_ssl)
+ {
+ str_alloc_text(&debug_str, "SNI hostname: ");
+ str_append_str(&debug_str, &s_sni_received_hostname);
+ vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
+ }
+
+ if (is_ok)
+ {
+ return SSL_TLSEXT_ERR_OK;
+ }
+ else
+ {
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+}
+
void
ssl_add_entropy(struct vsf_session* p_sess)
{
diff --git a/tunables.c b/tunables.c
index c96c1ac..d8dfcde 100644
--- a/tunables.c
+++ b/tunables.c
@@ -152,6 +152,7 @@ const char* tunable_ssl_ciphers;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
const char* tunable_ca_certs_file;
+const char* tunable_ssl_sni_hostname;
static void install_str_setting(const char* p_value, const char** p_storage);
@@ -309,6 +310,7 @@ tunables_load_defaults()
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
+ install_str_setting(0, &tunable_ssl_sni_hostname);
}
void
diff --git a/tunables.h b/tunables.h
index 8d50150..de6cab0 100644
--- a/tunables.h
+++ b/tunables.h
@@ -157,6 +157,7 @@ extern const char* tunable_ssl_ciphers;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
extern const char* tunable_ca_certs_file;
+extern const char* tunable_ssl_sni_hostname;
extern const char* tunable_cmds_denied;
#endif /* VSF_TUNABLES_H */
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 815773f..7006287 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -1128,6 +1128,12 @@ for further details.
Default: PROFILE=SYSTEM
.TP
+.B ssl_sni_hostname
+If set, SSL connections will be rejected unless the SNI hostname in the
+incoming handshakes matches this value.
+
+Default: (none)
+.TP
.B user_config_dir
This powerful option allows the override of any config option specified in
the manual page, on a per-user basis. Usage is simple, and is best illustrated

96
vsftpd-3.0.3-option_to_disable_TLSv1_3.patch
View file

@ -1,96 +0,0 @@
diff --git a/features.c b/features.c
index d024366..3a60b88 100644
--- a/features.c
+++ b/features.c
@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess)
{
vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n");
}
- if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2)
+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3)
{
vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
}
diff --git a/parseconf.c b/parseconf.c
index ee1b8b4..5188088 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -87,6 +87,7 @@ parseconf_bool_array[] =
{ "ssl_tlsv1", &tunable_tlsv1 },
{ "ssl_tlsv1_1", &tunable_tlsv1_1 },
{ "ssl_tlsv1_2", &tunable_tlsv1_2 },
+ { "ssl_tlsv1_3", &tunable_tlsv1_3 },
{ "tilde_user_enable", &tunable_tilde_user_enable },
{ "force_anon_logins_ssl", &tunable_force_anon_logins_ssl },
{ "force_anon_data_ssl", &tunable_force_anon_data_ssl },
diff --git a/ssl.c b/ssl.c
index b622347..3af67ad 100644
--- a/ssl.c
+++ b/ssl.c
@@ -185,6 +185,10 @@ ssl_init(struct vsf_session* p_sess)
{
options |= SSL_OP_NO_TLSv1_2;
}
+ if (!tunable_tlsv1_3)
+ {
+ options |= SSL_OP_NO_TLSv1_3;
+ }
SSL_CTX_set_options(p_ctx, options);
if (tunable_rsa_cert_file)
{
diff --git a/tunables.c b/tunables.c
index d8dfcde..dc001ac 100644
--- a/tunables.c
+++ b/tunables.c
@@ -68,6 +68,7 @@ int tunable_sslv3;
int tunable_tlsv1;
int tunable_tlsv1_1;
int tunable_tlsv1_2;
+int tunable_tlsv1_3;
int tunable_tilde_user_enable;
int tunable_force_anon_logins_ssl;
int tunable_force_anon_data_ssl;
@@ -218,8 +219,9 @@ tunables_load_defaults()
tunable_sslv3 = 0;
tunable_tlsv1 = 0;
tunable_tlsv1_1 = 0;
- /* Only TLSv1.2 is enabled by default */
+ /* Only TLSv1.2 and TLSv1.3 are enabled by default */
tunable_tlsv1_2 = 1;
+ tunable_tlsv1_3 = 1;
tunable_tilde_user_enable = 0;
tunable_force_anon_logins_ssl = 0;
tunable_force_anon_data_ssl = 0;
diff --git a/tunables.h b/tunables.h
index de6cab0..ff0eebc 100644
--- a/tunables.h
+++ b/tunables.h
@@ -69,6 +69,7 @@ extern int tunable_sslv3; /* Allow SSLv3 */
extern int tunable_tlsv1; /* Allow TLSv1 */
extern int tunable_tlsv1_1; /* Allow TLSv1.1 */
extern int tunable_tlsv1_2; /* Allow TLSv1.2 */
+extern int tunable_tlsv1_3; /* Allow TLSv1.3 */
extern int tunable_tilde_user_enable; /* Support e.g. ~chris */
extern int tunable_force_anon_logins_ssl; /* Require anon logins use SSL */
extern int tunable_force_anon_data_ssl; /* Require anon data uses SSL */
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index 7006287..d181e50 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -587,7 +587,15 @@ Default: NO
Only applies if
.BR ssl_enable
is activated. If enabled, this option will permit TLS v1.2 protocol connections.
-TLS v1.2 connections are preferred.
+TLS v1.2 and TLS v1.3 connections are preferred.
+
+Default: YES
+.TP
+.B ssl_tlsv1_3
+Only applies if
+.BR ssl_enable
+is activated. If enabled, this option will permit TLS v1.3 protocol connections.
+TLS v1.2 and TLS v1.3 connections are preferred.
Default: YES
.TP

79
vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch
View file

@ -1,79 +0,0 @@
diff -urN a/parseconf.c b/parseconf.c
--- a/parseconf.c 2021-05-29 23:39:19.000000000 +0200
+++ b/parseconf.c 2023-03-03 10:22:38.256439634 +0100
@@ -185,6 +185,7 @@
{ "dsa_cert_file", &tunable_dsa_cert_file },
{ "dh_param_file", &tunable_dh_param_file },
{ "ecdh_param_file", &tunable_ecdh_param_file },
+ { "ssl_ciphersuites", &tunable_ssl_ciphersuites },
{ "ssl_ciphers", &tunable_ssl_ciphers },
{ "rsa_private_key_file", &tunable_rsa_private_key_file },
{ "dsa_private_key_file", &tunable_dsa_private_key_file },
diff -urN a/ssl.c b/ssl.c
--- a/ssl.c 2021-08-02 08:24:35.000000000 +0200
+++ b/ssl.c 2023-03-03 10:28:05.989757655 +0100
@@ -135,6 +135,11 @@
{
die("SSL: could not set cipher list");
}
+ if (tunable_ssl_ciphersuites &&
+ SSL_CTX_set_ciphersuites(p_ctx, tunable_ssl_ciphersuites) != 1)
+ {
+ die("SSL: could not set ciphersuites");
+ }
if (RAND_status() != 1)
{
die("SSL: RNG is not seeded");
diff -urN a/tunables.c b/tunables.c
--- a/tunables.c 2021-05-29 23:39:00.000000000 +0200
+++ b/tunables.c 2023-03-03 10:13:30.566868026 +0100
@@ -154,6 +154,7 @@
const char* tunable_dsa_cert_file;
const char* tunable_dh_param_file;
const char* tunable_ecdh_param_file;
const char* tunable_ssl_ciphers;
+const char* tunable_ssl_ciphersuites;
const char* tunable_rsa_private_key_file;
const char* tunable_dsa_private_key_file;
@@ -293,6 +293,7 @@
install_str_setting(0, &tunable_dh_param_file);
install_str_setting(0, &tunable_ecdh_param_file);
install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers);
+ install_str_setting("TLS_AES_256_GCM_SHA384", &tunable_ssl_ciphersuites);
install_str_setting(0, &tunable_rsa_private_key_file);
install_str_setting(0, &tunable_dsa_private_key_file);
install_str_setting(0, &tunable_ca_certs_file);
diff -urN a/tunables.h b/tunables.h
--- a/tunables.h
+++ b/tunables.h
@@ -144,6 +144,7 @@
extern const char* tunable_dsa_cert_file;
extern const char* tunable_dh_param_file;
extern const char* tunable_ecdh_param_file;
extern const char* tunable_ssl_ciphers;
+extern const char* tunable_ssl_ciphersuites;
extern const char* tunable_rsa_private_key_file;
extern const char* tunable_dsa_private_key_file;
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -1009,6 +1009,20 @@
Default: PROFILE=SYSTEM
.TP
+.B ssl_ciphersuites
+This option can be used to select which SSL cipher suites vsftpd will allow for
+encrypted SSL connections with TLSv1.3. See the
+.BR ciphers
+man page for further details. Note that restricting ciphers can be a useful
+security precaution as it prevents malicious remote parties forcing a cipher
+which they have found problems with.
+
+By default, the system-wide crypto policy is used. See
+.BR update-crypto-policies(8)
+for further details.
+
+Default: TLS_AES_256_GCM_SHA384
+.TP
.B ssl_sni_hostname
If set, SSL connections will be rejected unless the SNI hostname in the
incoming handshakes matches this value.

215
vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch
View file

@ -1,215 +0,0 @@
diff --git a/logging.c b/logging.c
index 9e86808..613ff4b 100644
--- a/logging.c
+++ b/logging.c
@@ -171,7 +171,14 @@ vsf_log_do_log_to_file(int fd, struct mystr* p_str)
return;
}
}
- str_replace_unprintable(p_str, '?');
+ if (tunable_wc_logs_enable)
+ {
+ str_replace_unprintable_with_hex_wc(p_str);
+ }
+ else
+ {
+ str_replace_unprintable_with_hex(p_str);
+ }
str_append_char(p_str, '\n');
/* Ignore write failure; maybe the disk filled etc. */
(void) str_write_loop(p_str, fd);
diff --git a/parseconf.c b/parseconf.c
index 3cfe7da..3729818 100644
--- a/parseconf.c
+++ b/parseconf.c
@@ -113,6 +113,7 @@ parseconf_bool_array[] =
{ "allow_writeable_chroot", &tunable_allow_writeable_chroot },
{ "better_stou", &tunable_better_stou },
{ "log_die", &tunable_log_die },
+ { "wc_logs_enable", &tunable_wc_logs_enable },
{ 0, 0 }
};
diff --git a/str.c b/str.c
index 82b8ae4..c03e7d8 100644
--- a/str.c
+++ b/str.c
@@ -20,6 +20,11 @@
#include "utility.h"
#include "sysutil.h"
+#include <stdio.h>
+#include <string.h>
+#include <wchar.h>
+#include <wctype.h>
+
/* File local functions */
static void str_split_text_common(struct mystr* p_src, struct mystr* p_rhs,
const char* p_text, int is_reverse);
@@ -723,6 +728,102 @@ str_replace_unprintable(struct mystr* p_str, char new_char)
}
}
+void
+str_replace_unprintable_with_hex(struct mystr* p_str)
+{
+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len);
+ if (ups_size < p_str->len)
+ {
+ str_replace_unprintable(p_str, '?');
+ str_append_text(p_str, ": BUG: string is too long");
+ bug(p_str->p_buf);
+ }
+ unsigned int* ups = vsf_sysutil_malloc(ups_size);
+ unsigned int up_count = 0;
+ for (unsigned int i=0; i < p_str->len; i++)
+ {
+ if (!vsf_sysutil_isprint(p_str->p_buf[i]))
+ {
+ ups[up_count++] = i;
+ }
+ }
+ str_replace_positions_with_hex(p_str, ups, up_count);
+ vsf_sysutil_free(ups);
+}
+
+void str_replace_unprintable_with_hex_wc(struct mystr* p_str)
+{
+ unsigned int ups_size = sizeof(unsigned int) * (p_str->len);
+ if (ups_size < p_str->len)
+ {
+ str_replace_unprintable(p_str, '?');
+ str_append_text(p_str, ": BUG: string is too long");
+ bug(p_str->p_buf);
+ }
+ unsigned int* ups = vsf_sysutil_malloc(ups_size);
+ unsigned int up_count = 0;
+
+ size_t current = 0;
+ wchar_t pwc;
+ mbstate_t ps;
+ memset(&ps, 0, sizeof(ps));
+ ssize_t len = 0;
+ while ((len = mbrtowc(&pwc, p_str->p_buf, p_str->len - current, &ps)) > 0)
+ {
+ if (!iswprint(pwc))
+ {
+ for (int i = 0; i < len; i++)
+ {
+ ups[up_count++] = current++;
+ }
+ }
+ else
+ {
+ current += len;
+ }
+ }
+ if (len < 0)
+ {
+ while (current < p_str->len)
+ {
+ ups[up_count++] = current++;
+ }
+ }
+ str_replace_positions_with_hex(p_str, ups, up_count);
+ vsf_sysutil_free(ups);
+}
+
+void
+str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss, const unsigned int pos_count)
+{
+ if (pos_count == 0)
+ return;
+
+ struct mystr tmp_str = INIT_MYSTR;
+ str_reserve(&tmp_str, p_str->len + 3 * pos_count);
+ unsigned int current = 0;
+
+ for (unsigned int i=0; i < pos_count; i++)
+ {
+ unsigned int pos = poss[i];
+
+ if (current < pos)
+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, pos - current);
+
+ char hex_buf[5];
+ memset(hex_buf, 0, sizeof(hex_buf));
+ sprintf(hex_buf, "\\x%02X", (unsigned char) p_str->p_buf[pos]);
+ str_append_text(&tmp_str, hex_buf);
+ current = pos + 1;
+ }
+
+ if (current < p_str->len)
+ private_str_append_memchunk(&tmp_str, p_str->p_buf + current, p_str->len - current);
+
+ str_copy(p_str, &tmp_str);
+ str_free(&tmp_str);
+}
+
void
str_basename (struct mystr* d_str, const struct mystr* path)
{
diff --git a/str.h b/str.h
index 44270da..95a83b5 100644
--- a/str.h
+++ b/str.h
@@ -98,6 +98,10 @@ int str_contains_space(const struct mystr* p_str);
int str_all_space(const struct mystr* p_str);
int str_contains_unprintable(const struct mystr* p_str);
void str_replace_unprintable(struct mystr* p_str, char new_char);
+void str_replace_unprintable_with_hex(struct mystr* p_str);
+void str_replace_unprintable_with_hex_wc(struct mystr* p_str);
+void str_replace_positions_with_hex(struct mystr* p_str, const unsigned int* poss,
+ const unsigned int pos_count);
int str_atoi(const struct mystr* p_str);
filesize_t str_a_to_filesize_t(const struct mystr* p_str);
unsigned int str_octal_to_uint(const struct mystr* p_str);
diff --git a/tunables.c b/tunables.c
index a7ce9c8..c96c1ac 100644
--- a/tunables.c
+++ b/tunables.c
@@ -94,6 +94,7 @@ int tunable_seccomp_sandbox;
int tunable_allow_writeable_chroot;
int tunable_better_stou;
int tunable_log_die;
+int tunable_wc_logs_enable;
unsigned int tunable_accept_timeout;
unsigned int tunable_connect_timeout;
@@ -244,6 +245,7 @@ tunables_load_defaults()
tunable_allow_writeable_chroot = 0;
tunable_better_stou = 0;
tunable_log_die = 0;
+ tunable_wc_logs_enable = 0;
tunable_accept_timeout = 60;
tunable_connect_timeout = 60;
diff --git a/tunables.h b/tunables.h
index 029d645..8d50150 100644
--- a/tunables.h
+++ b/tunables.h
@@ -98,6 +98,7 @@ extern int tunable_better_stou; /* Use better file name generation
*/
extern int tunable_log_die; /* Log calls to die(), die2()
* and bug() */
+extern int tunable_wc_logs_enable; /* Allow non ASCII characters in logs */
/* Integer/numeric defines */
extern unsigned int tunable_accept_timeout;
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index ce3fba3..815773f 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -735,6 +735,12 @@ If enabled, use CLONE_NEWPID and CLONE_NEWIPC to isolate processes to their
ipc and pid namespaces. So separated processes can not interact with each other.
Default: YES
+.TP
+.B wc_logs_enable
+If enabled, logs will be treated as wide-character strings and not just
+ASCII strings when filtering out non-printable characters.
+
+Default: NO
.SH NUMERIC OPTIONS
Below is a list of numeric options. A numeric option must be set to a non

70
vsftpd-3.0.5-replace-deprecated-openssl-functions.patch
View file

@ -1,70 +0,0 @@
diff --git a/ssl.c b/ssl.c
--- ssl.c
+++ ssl.c
@@ -28,17 +28,17 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/param_build.h>
#include <errno.h>
#include <limits.h>
static char* get_ssl_error();
static SSL* get_ssl(struct vsf_session* p_sess, int fd);
static int ssl_session_init(struct vsf_session* p_sess);
static void setup_bio_callbacks();
static long bio_callback(
- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
+ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed);
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
static int ssl_alpn_callback(SSL* p_ssl,
const unsigned char** p_out,
@@ -88,7 +88,7 @@
long options;
int verify_option = 0;
SSL_library_init();
- p_ctx = SSL_CTX_new(SSLv23_server_method());
+ p_ctx = SSL_CTX_new_ex(NULL, NULL, TLS_server_method());
if (p_ctx == NULL)
{
die("SSL: could not allocate SSL context");
@@ -180,13 +180,10 @@
die("SSL: RNG is not seeded");
}
{
- EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- if (key == NULL)
+ if (!SSL_CTX_set1_groups_list(p_ctx, "P-256"))
{
die("SSL: failed to get curve p256");
}
- SSL_CTX_set_tmp_ecdh(p_ctx, key);
- EC_KEY_free(key);
}
if (tunable_ssl_request_cert)
{
@@ -692,17 +689,19 @@
static void setup_bio_callbacks(SSL* p_ssl)
{
BIO* p_bio = SSL_get_rbio(p_ssl);
- BIO_set_callback(p_bio, bio_callback);
+ BIO_set_callback_ex(p_bio, bio_callback);
p_bio = SSL_get_wbio(p_ssl);
- BIO_set_callback(p_bio, bio_callback);
+ BIO_set_callback_ex(p_bio, bio_callback);
}
static long
bio_callback(
- BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long ret)
+ BIO* p_bio, int oper, const char* p_arg, size_t len, int argi, long argl, int ret, size_t *processed)
{
int retval = 0;
int fd = 0;
+ (void) len;
+ (void) processed;
(void) p_arg;
(void) argi;
(void) argl;

139
vsftpd-3.0.5-replace-old-network-addr-functions.patch
View file

@ -1,139 +0,0 @@
diff -urN vsftpd-3.0.5-orig/postlogin.c vsftpd-3.0.5/postlogin.c
--- vsftpd-3.0.5-orig/postlogin.c 2015-07-22 21:03:22.000000000 +0200
+++ vsftpd-3.0.5/postlogin.c 2023-02-13 16:34:05.244467476 +0100
@@ -27,4 +27,6 @@
#include "ssl.h"
#include "vsftpver.h"
+#include <netdb.h>
+#include <arpa/inet.h>
#include "opts.h"
@@ -628,9 +629,10 @@
else
{
const void* p_v4addr = vsf_sysutil_sockaddr_ipv6_v4(s_p_sockaddr);
+ static char result[INET_ADDRSTRLEN];
if (p_v4addr)
{
- str_append_text(&s_pasv_res_str, vsf_sysutil_inet_ntoa(p_v4addr));
+ str_append_text(&s_pasv_res_str, inet_ntop(AF_INET, p_v4addr, result, INET_ADDRSTRLEN));
}
else
{
diff -urN vsftpd-3.0.5-orig/sysutil.c vsftpd-3.0.5/sysutil.c
--- vsftpd-3.0.5-orig/sysutil.c 2012-09-16 09:07:38.000000000 +0200
+++ vsftpd-3.0.5/sysutil.c 2023-02-13 16:08:58.557153109 +0100
@@ -2205,20 +2205,13 @@
const struct sockaddr* p_sockaddr = &p_sockptr->u.u_sockaddr;
if (p_sockaddr->sa_family == AF_INET)
{
- return inet_ntoa(p_sockptr->u.u_sockaddr_in.sin_addr);
+ static char result[INET_ADDRSTRLEN];
+ return inet_ntop(AF_INET, &p_sockptr->u.u_sockaddr_in.sin_addr, result, INET_ADDRSTRLEN);
}
else if (p_sockaddr->sa_family == AF_INET6)
{
- static char inaddr_buf[64];
- const char* p_ret = inet_ntop(AF_INET6,
- &p_sockptr->u.u_sockaddr_in6.sin6_addr,
- inaddr_buf, sizeof(inaddr_buf));
- inaddr_buf[sizeof(inaddr_buf) - 1] = '\0';
- if (p_ret == NULL)
- {
- inaddr_buf[0] = '\0';
- }
- return inaddr_buf;
+ static char result[INET6_ADDRSTRLEN];
+ return inet_ntop(AF_INET6, &p_sockptr->u.u_sockaddr_in6.sin6_addr, result, INET6_ADDRSTRLEN);
}
else
{
@@ -2227,12 +2220,6 @@
}
}
-const char*
-vsf_sysutil_inet_ntoa(const void* p_raw_addr)
-{
- return inet_ntoa(*((struct in_addr*)p_raw_addr));
-}
-
int
vsf_sysutil_inet_aton(const char* p_text, struct vsf_sysutil_sockaddr* p_addr)
{
@@ -2241,7 +2228,7 @@
{
bug("bad family");
}
- if (inet_aton(p_text, &sin_addr))
+ if (inet_pton(AF_INET, p_text, &sin_addr))
{
vsf_sysutil_memcpy(&p_addr->u.u_sockaddr_in.sin_addr,
&sin_addr, sizeof(p_addr->u.u_sockaddr_in.sin_addr));
@@ -2257,37 +2244,46 @@
vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
const char* p_name)
{
- struct hostent* hent = gethostbyname(p_name);
- if (hent == NULL)
+ struct addrinfo *result;
+ struct addrinfo hints;
+ int ret;
+
+ memset(&hints, 0, sizeof(struct addrinfo));
+ hints.ai_family = AF_UNSPEC;
+
+ if ((ret = getaddrinfo(p_name, NULL, &hints, &result)) != 0)
{
+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(ret));
die2("cannot resolve host:", p_name);
}
vsf_sysutil_sockaddr_clear(p_sockptr);
- if (hent->h_addrtype == AF_INET)
+ if (result->ai_family == AF_INET)
{
- unsigned int len = hent->h_length;
+ unsigned int len = result->ai_addrlen;
if (len > sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr))
{
len = sizeof((*p_sockptr)->u.u_sockaddr_in.sin_addr);
}
vsf_sysutil_sockaddr_alloc_ipv4(p_sockptr);
vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in.sin_addr,
- hent->h_addr_list[0], len);
+ &result->ai_addrlen, len);
}
- else if (hent->h_addrtype == AF_INET6)
+ else if (result->ai_family == AF_INET6)
{
- unsigned int len = hent->h_length;
+ unsigned int len = result->ai_addrlen;
if (len > sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr))
{
len = sizeof((*p_sockptr)->u.u_sockaddr_in6.sin6_addr);
}
vsf_sysutil_sockaddr_alloc_ipv6(p_sockptr);
vsf_sysutil_memcpy(&(*p_sockptr)->u.u_sockaddr_in6.sin6_addr,
- hent->h_addr_list[0], len);
+ &result->ai_addrlen, len);
}
else
{
- die("gethostbyname(): neither IPv4 nor IPv6");
+ freeaddrinfo(result);
+ die("getaddrinfo(): neither IPv4 nor IPv6");
}
+ freeaddrinfo(result);
}
diff -urN vsftpd-3.0.5-orig/sysutil.h vsftpd-3.0.5/sysutil.h
--- vsftpd-3.0.5-orig/sysutil.h 2021-05-18 08:50:21.000000000 +0200
+++ vsftpd-3.0.5/sysutil.h 2023-02-13 15:59:22.088331075 +0100
@@ -277,7 +277,6 @@
const char* vsf_sysutil_inet_ntop(
const struct vsf_sysutil_sockaddr* p_sockptr);
-const char* vsf_sysutil_inet_ntoa(const void* p_raw_addr);
int vsf_sysutil_inet_aton(
const char* p_text, struct vsf_sysutil_sockaddr* p_addr);

15
vsftpd-3.0.5-use-old-tlsv-options.patch
View file

@ -1,15 +0,0 @@
--- parseconf-orig.c 2022-10-25 15:17:18.990701984 +0200
+++ parseconf.c 2022-10-25 15:12:44.213480000 +0200
@@ -85,9 +85,9 @@
{ "ssl_sslv2", &tunable_sslv2 },
{ "ssl_sslv3", &tunable_sslv3 },
{ "ssl_tlsv1", &tunable_tlsv1 },
- { "ssl_tlsv11", &tunable_tlsv1_1 },
- { "ssl_tlsv12", &tunable_tlsv1_2 },
- { "ssl_tlsv13", &tunable_tlsv1_3 },
+ { "ssl_tlsv1_1", &tunable_tlsv1_1 },
+ { "ssl_tlsv1_2", &tunable_tlsv1_2 },
+ { "ssl_tlsv1_3", &tunable_tlsv1_3 },
{ "tilde_user_enable", &tunable_tilde_user_enable },
{ "force_anon_logins_ssl", &tunable_force_anon_logins_ssl },
{ "force_anon_data_ssl", &tunable_force_anon_data_ssl },

13
vsftpd-close-std-fds.patch Normal file
View file

@ -0,0 +1,13 @@
diff -up vsftpd-2.0.7/standalone.c.close-fds vsftpd-2.0.7/standalone.c
--- vsftpd-2.0.7/standalone.c.close-fds 2008-09-08 23:36:32.000000000 -0400
+++ vsftpd-2.0.7/standalone.c 2008-09-08 23:37:53.000000000 -0400
@@ -131,6 +131,9 @@ vsf_standalone_main(void)
die("could not bind listening IPv6 socket");
}
}
+ vsf_sysutil_close(0);
+ vsf_sysutil_close(1);
+ vsf_sysutil_close(2);
retval = vsf_sysutil_listen(listen_sock, VSFTP_LISTEN_BACKLOG);
if (vsf_sysutil_retval_is_error(retval))
{

2
vsftpd-tmpfiles.conf
View file

@ -1,2 +0,0 @@
d /var/ftp 0755 root root -
d /var/ftp/pub 0755 root root -

2
vsftpd.service
View file

@ -1,6 +1,6 @@
[Unit]
Description=Vsftpd ftp daemon
After=network-online.target
After=network.target
[Service]
Type=forking

464
vsftpd.spec
View file

@ -1,132 +1,125 @@
%global _generatorsdir %{_prefix}/lib/systemd/system-generators
%{!?tcp_wrappers:%define tcp_wrappers 1}
%define _generatorsdir %{_prefix}/lib/systemd/system-generators
Name: vsftpd
Version: 3.0.5
Release: 14%{?dist}
Name: vsftpd
Version: 3.0.2
Release: 12%{?dist}
Summary: Very Secure Ftp Daemon
Group: System Environment/Daemons
# OpenSSL link exception
License: GPL-2.0-only WITH vsftpd-openssl-exception
URL: https://security.appspot.com/vsftpd.html
Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz
Source1: vsftpd.xinetd
Source2: vsftpd.pam
Source3: vsftpd.ftpusers
Source4: vsftpd.user_list
Source6: vsftpd_conf_migrate.sh
Source7: vsftpd.service
Source8: vsftpd@.service
Source9: vsftpd.target
License: GPLv2 with exceptions
URL: https://security.appspot.com/vsftpd.html
Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz
Source1: vsftpd.xinetd
Source2: vsftpd.pam
Source3: vsftpd.ftpusers
Source4: vsftpd.user_list
Source6: vsftpd_conf_migrate.sh
Source7: vsftpd.service
Source8: vsftpd@.service
Source9: vsftpd.target
Source10: vsftpd-generator
Source11: vsftpd-tmpfiles.conf
BuildRequires: make
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pam-devel
BuildRequires: libcap-devel
BuildRequires: openssl-devel
BuildRequires: systemd
BuildRequires: git
BuildRequires: gcc
%if %{tcp_wrappers}
BuildRequires: tcp_wrappers-devel
%endif
Requires: logrotate
Patch1: 0001-Don-t-use-the-provided-script-to-locate-libraries.patch
Patch2: 0002-Enable-build-with-SSL.patch
Patch3: 0003-Enable-build-with-TCP-Wrapper.patch
Patch4: 0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch
Patch5: 0005-Use-hostname-when-calling-PAM-authentication-module.patch
Patch6: 0006-Close-stdin-out-err-before-listening-for-incoming-co.patch
Patch7: 0007-Make-filename-filters-smarter.patch
Patch8: 0008-Write-denied-logins-into-the-log.patch
Patch9: 0009-Trim-whitespaces-when-reading-configuration.patch
Patch10: 0010-Improve-daemonizing.patch
Patch11: 0011-Fix-listing-with-more-than-one-star.patch
Patch12: 0012-Replace-syscall-__NR_clone-.-with-clone.patch
Patch13: 0013-Extend-man-pages-with-systemd-info.patch
Patch14: 0014-Add-support-for-square-brackets-in-ls.patch
Patch15: 0015-Listen-on-IPv6-by-default.patch
Patch16: 0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch
Patch17: 0017-Fix-an-issue-with-timestamps-during-DST.patch
Patch18: 0018-Change-the-default-log-file-in-configuration.patch
Patch19: 0019-Introduce-reverse_lookup_enable-option.patch
Patch20: 0020-Use-unsigned-int-for-uid-and-gid-representation.patch
Patch21: 0021-Introduce-support-for-DHE-based-cipher-suites.patch
Patch22: 0022-Introduce-support-for-EDDHE-based-cipher-suites.patch
Patch23: 0023-Add-documentation-for-isolate_-options.-Correct-defa.patch
Patch24: 0024-Introduce-new-return-value-450.patch
Patch25: 0025-Improve-local_max_rate-option.patch
Patch26: 0026-Prevent-hanging-in-SIGCHLD-handler.patch
Patch27: 0027-Delete-files-when-upload-fails.patch
Patch28: 0028-Fix-man-page-rendering.patch
Patch29: 0029-Fix-segfault-in-config-file-parser.patch
Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch
Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch
Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch
Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch
Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch
Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch
Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
Patch40: 0040-Use-system-wide-crypto-policy.patch
Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch
Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
Patch47: 0047-Disable-tcp_wrappers-support.patch
Patch48: 0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
Patch49: 0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch
Patch50: 0050-Don-t-link-with-libnsl.patch
Patch51: 0051-Improve-documentation-of-better_stou-in-the-man-page.patch
Patch52: 0052-Fix-rDNS-with-IPv6.patch
Patch53: 0053-Always-do-chdir-after-chroot.patch
Patch54: 0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch
Patch55: 0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch
Patch56: 0056-Log-die-calls-to-syslog.patch
Patch57: 0057-Improve-error-message-when-max-number-of-bind-attemp.patch
Patch58: 0058-Make-the-max-number-of-bind-retries-tunable.patch
Patch59: 0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch
Patch61: 0001-Move-closing-standard-FDs-after-listen.patch
Patch62: 0002-Prevent-recursion-in-bug.patch
Patch63: 0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch
Patch64: 0002-Repeat-pututxline-if-it-fails-with-EINTR.patch
Patch65: 0001-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch
Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch
Patch68: 0002-Drop-an-unused-global-variable.patch
Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch
Patch70: fix-str_open.patch
Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch
Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch
Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch
Patch74: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch
Patch75: vsftpd-3.0.5-use-old-tlsv-options.patch
Patch76: 0076-Correct-the-definition-of-setup_bio_callbacks-in-ssl.patch
# Build patches
Patch1: vsftpd-2.1.0-libs.patch
Patch2: vsftpd-2.1.0-build_ssl.patch
Patch3: vsftpd-2.1.0-tcp_wrappers.patch
# Use /etc/vsftpd/ instead of /etc/
Patch4: vsftpd-2.1.0-configuration.patch
# These need review
Patch5: vsftpd-2.1.0-pam_hostname.patch
Patch6: vsftpd-close-std-fds.patch
Patch7: vsftpd-2.1.0-filter.patch
Patch9: vsftpd-2.1.0-userlist_log.patch
Patch10: vsftpd-2.1.0-trim.patch
Patch12: vsftpd-2.1.1-daemonize_plus.patch
Patch14: vsftpd-2.2.0-wildchar.patch
Patch16: vsftpd-2.2.2-clone.patch
Patch19: vsftpd-2.3.4-sd.patch
Patch20: vsftpd-2.3.4-sqb.patch
Patch21: vsftpd-2.3.4-listen_ipv6.patch
Patch22: vsftpd-2.3.5-aslim.patch
Patch23: vsftpd-3.0.0-tz.patch
Patch24: vsftpd-3.0.0-xferlog.patch
Patch25: vsftpd-3.0.0-logrotate.patch
Patch26: vsftpd-3.0.2-lookup.patch
Patch27: vsftpd-3.0.2-uint-uidgid.patch
Patch28: vsftpd-3.0.2-dh.patch
Patch29: vsftpd-3.0.2-ecdh.patch
Patch30: vsftpd-3.0.2-docupd.patch
Patch31: vsftpd-3.0.2-rc450.patch
%description
vsftpd is a Very Secure FTP daemon. It was written completely from
scratch.
%prep
%autosetup -S git
%setup -q -n %{name}-%{version}
cp %{SOURCE1} .
%build
%ifarch s390x sparcv9 sparc64
%make_build CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \
%else
%make_build CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \
%patch1 -p1 -b .libs
%patch2 -p1 -b .build_ssl
%if %{tcp_wrappers}
%patch3 -p1 -b .tcp_wrappers
%endif
LINK="-pie -lssl $RPM_LD_FLAGS" %{?_smp_mflags}
%patch4 -p1 -b .configuration
%patch5 -p1 -b .pam_hostname
%patch6 -p1 -b .close_fds
%patch7 -p1 -b .filter
%patch9 -p1 -b .userlist_log
%patch10 -p1 -b .trim
%patch12 -p1 -b .daemonize_plus
%patch14 -p1 -b .wildchar
%patch16 -p1 -b .clone
%patch19 -p1 -b .sd
%patch20 -p1 -b .sqb
%patch21 -p1 -b .listen_ipv6
%patch22 -p1 -b .aslim
%patch23 -p1 -b .tz
%patch24 -p1 -b .xferlog
%patch25 -p1 -b .logrotate
%patch26 -p1 -b .lookup
%patch27 -p1 -b .uint-uidgid
%patch28 -p1 -b .dh
%patch29 -p1 -b .ecdh
%patch30 -p1 -b .docupd
%patch31 -p1 -b .rc450
%build
%ifarch s390x sparcv9 sparc64
make CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe -Wextra -Werror" \
%else
make CFLAGS="$RPM_OPT_FLAGS -fpie -pipe -Wextra -Werror" \
%endif
LINK="-pie -lssl" %{?_smp_mflags}
%install
mkdir -p $RPM_BUILD_ROOT%{_bindir}
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{vsftpd,pam.d,logrotate.d}
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man{5,8}
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
mkdir -p $RPM_BUILD_ROOT%{_generatorsdir}
install -m 755 vsftpd $RPM_BUILD_ROOT%{_bindir}/vsftpd
install -m 755 vsftpd $RPM_BUILD_ROOT%{_sbindir}/vsftpd
install -m 600 vsftpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/vsftpd/vsftpd.conf
install -m 644 vsftpd.conf.5 $RPM_BUILD_ROOT/%{_mandir}/man5/
install -m 644 vsftpd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
@ -139,10 +132,12 @@ install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_unitdir}
install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_unitdir}
install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir}
install -m 755 %{SOURCE10} $RPM_BUILD_ROOT%{_generatorsdir}
install -Dpm 644 %{SOURCE11} $RPM_BUILD_ROOT%{_tmpfilesdir}/vsftpd.conf
mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
%clean
rm -rf $RPM_BUILD_ROOT
%post
%systemd_post vsftpd.service
@ -154,9 +149,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
%systemd_postun_with_restart vsftpd.service
%files
%defattr(-,root,root,-)
%{_unitdir}/*
%{_generatorsdir}/*
%{_bindir}/vsftpd
%{_sbindir}/vsftpd
%dir %{_sysconfdir}/vsftpd
%{_sysconfdir}/vsftpd/vsftpd_conf_migrate.sh
%config(noreplace) %{_sysconfdir}/vsftpd/ftpusers
@ -169,262 +165,8 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
%{_mandir}/man5/vsftpd.conf.*
%{_mandir}/man8/vsftpd.*
%{_var}/ftp
%{_tmpfilesdir}/vsftpd.conf
%changelog
* Wed Jan 14 2026 Tomas Korbar <tkorbar@redhat.com> - 3.0.5-14
- Resolve CVE-2025-14242
* Thu Dec 18 2025 Fedor Vorobev <fvorobev@redhat.com> - 3.0.5-13
- Add a tmpfiles.d config. (image mode support)
* Fri Jul 25 2025 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Apr 15 2025 Tomas Korbar <tkorbar@redhat.com> - 3.0.5-11
- Move executable to bindir
* Fri Jan 24 2025 Stepan Broz <sbroz@redhat.com> - 3.0.5-10
- Correct the definition of setup_bio_callbacks() in ssl.c
* Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Mon Aug 19 2024 Tomas Korbar <tkorbar@redhat.com> - 3.0.5-8
- Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled
* Sat Jul 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 04 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-4
- add option for TLSv1.3 ciphersuites
- SPDX migration
* Fri Feb 17 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-3
- make vsftpd compatible with Openssl 3.0+
- replace old network functions
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 28 2022 Richard Lescak <rlescak@redhat.com> 3.0.5-1
- rebase to version 3.0.5
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-51
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Oct 27 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-49
- add option to disable TLSv1.3
- Resolves: rhbz#2017705
* Wed Oct 13 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-48
- ALPACA fix backported from upstram 3.0.5 version
- Resolves: rhbz#1975648
* Wed Oct 13 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-47
- Temporary pass -Wno-deprecated-declarations to gcc to ignore
deprecated warnings to be able to build against OpenSSL-3.0
- Resolves: rhbz#1962603
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 3.0.3-46
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Apr 8 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-44
- Enable support for wide-character strings in logs
- Replace unprintables with HEX code, not question marks
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.0.3-43
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Nov 27 2020 Timm Bäder<tbaeder@redhat.com> - 3.0.3-41
- Fix str_open() so it doesn't warn when compiled with clang
- Pass $RPM_LD_FLAGS when linking
* Mon Nov 02 2020 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-40
- Unit files fixed "After=network-online.target"
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-39
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Mar 17 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-38
- Removed a hint about the ftp_home_dir SELinux boolean from the config file
- Resolves: rhbz#1623424
* Thu Feb 13 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-37
- Fix timestamp handling in MDTM
- Resolves: rhbz#1567855
* Fri Feb 07 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-36
- Fix build with gcc 10
- Resolves: rhbz#1800239
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-35
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jan 17 2020 Tom Stellard <tstellar@redhat.com> - 3.0.3-34
- Use make_build macro
* Thu Nov 28 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-33
- Finish up the fix to the problem with bad utmp entries when pututxline() fails
- Resolves: rhbz#1688852
- Resolves: rhbz#1737433
* Mon Aug 05 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-32
- Partially fix problem with bad utmp entries when pututxline() fails
- Resolves: rhbz#1688848
* Sat Aug 03 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-31
- Fix segfault when listen() returns an error
- Resolves: rhbz#1666380
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-30
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-29
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jul 25 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-28
- Rebuilt, switched to SHA512 source tarball hash
* Wed Jul 25 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-27
- Fix a segfault when running as PID 1
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-25
- Add config option log_die allowing to pass error messages to syslog
- Add config option bind_retries allowing to change the max number
- of attempts to find a listening port for the PASV/EPSV command
- Resolves: rhbz#1318198
* Fri Jun 01 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-24
- Fix filename expansion in vsftpd_conf_migrate.sh ... again
* Thu May 10 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-23
- Fix issues found by Coverity Scan
* Fri Apr 27 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-22
- Fix filename expansion in vsftpd_conf_migrate.sh
* Thu Apr 05 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-21
- Improve documentation of better_stou in the man page
* Mon Feb 19 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-20
- Add gcc to BuildRequires
* Tue Feb 06 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-19
- Don't link with libnsl
* Tue Feb 06 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-18
- Add a new config option 'better_stou', which can be used to enable
a better algorithm for generating unique filenames for the STOU command.
- Resolves: rhbz#1479237
* Wed Jan 10 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-17
- Add BuildRequires: libnsl2-devel
- https://fedoraproject.org/wiki/Changes/NISIPv6
* Fri Jan 05 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-16
- Disable tcp_wrappers support
- Resolves: rhbz#1518796
- Fix default value of strict_ssl_read_eof in man page
* Tue Jan 02 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-15
- Expand the explanation of the ascii_* options behaviour
* Tue Jan 02 2018 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-14
- Disable anonymous_enable in default config file
- Resolves: rhbz#1338637
* Thu Dec 21 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-13
- Document the new default for ssl_ciphers in the man page
- Related: rhbz#1483970
- When handling FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2
- Patch was written by Martin Sehnoutka
- Resolves: rhbz#1432054
- Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default
* Thu Dec 21 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-12
- Use system wide crypto policy
- Resolves: rhbz#1483970
* Fri Nov 24 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-11
- Improve documentation of ASCII mode in the man page
- Resolves: rhbz#1139409
* Tue Oct 31 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-10
- Document allow_writeable_chroot in the man page
- Resolves: rhbz#1507143
* Thu Oct 26 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-9
- Document the relationship of text_userdb_names and chroot_local_user
- Resolves: rhbz#1439724
* Tue Sep 05 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-8
- Build against OpenSSL 1.1
- Redefine VSFTP_COMMAND_FD to 1 to get errors generated during
- startup picked up by systemd
- Resolves: rhbz#1443055
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Dec 01 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-4
- Use OpenSSL compat library on rawhide
* Thu Nov 17 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-3
- Review patches
- Add TLSv1.{1,2} options
- Fix question mark wildcard within a file name
- Seccomp patch removed
* Fri Apr 08 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-2
- Applied patches:
- Readd seccomp disabled by default
- vsftpd local_max_rate option doesn't work as expected
- The vsftpd hangs in a SIGCHLD handler when the pam_exec.so is used in pam.d
- configuration
- The vsftpd doesn't remove failed upload when the delete_failed_uploads is
- enabled and the network cable is unplagged
- man pages bug
- vsftpd segfaults in vsf_sysutil_strndup
- Fix logging when syslog is used
* Thu Mar 17 2016 Martin Sehnoutka <msehnout@redhat.com> - 3.0.3-1
- Update to 3.0.3 version
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.0.2-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue Sep 16 2014 Jiri Skala <jskala@redhat.com> - 3.0.2-13
- added appropriate values to ssl_ciphers (dh and ecdh patches)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.0.2-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
@ -569,7 +311,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
* Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.0-2
- rebuilt with new openssl
* Mon Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1
* Tue Aug 24 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-1
- update to latest upstream release 2.2.0
* Tue Aug 04 2009 Martin Nagy <mnagy@redhat.com> - 2.2.0-0.1.pre4
@ -733,7 +475,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
* Tue Aug 08 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-5
- option to change listening to IPv6 protocol
* Tue Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4
* Thu Aug 01 2006 Maros Barabas <mbarabas@redhat.com> - 2.0.5-4
- listen to IPv4 connections in default conf file
* Mon Jul 17 2006 Radek Vokal <rvokal@redhat.com> - 2.0.5-3
@ -818,7 +560,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
* Tue Dec 14 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-7
- fixing directory in vsftpd.pam file (#142805)
* Thu Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6
* Mon Nov 11 2004 Radek Vokal <rvokal@redhat.com> 2.0.1-6
- vsftpd. files moved to /etc/vsftpd
- added vsftpd_conf_migrate.sh script for moving conf files
@ -958,10 +700,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
* Wed Feb 7 2001 Seth Vidal <skvidal@phy.duke.edu>
- updated to 0.0.11
* Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- Update to 0.0.10
* Thu Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
* Fri Feb 1 2001 Seth Vidal <skvidal@phy.duke.edu>
- First RPM packaging
- Stolen items from wu-ftpd's pam setup
- Separated rh 7 and rh 6.X's packages

2
vsftpd.target
View file

@ -1,6 +1,6 @@
[Unit]
Description=FTP daemon
After=network-online.target
After=network.target
[Install]
WantedBy=multi-user.target

2
vsftpd@.service
View file

@ -1,6 +1,6 @@
[Unit]
Description=Vsftpd ftp daemon
After=network-online.target
After=network.target
PartOf=vsftpd.target
[Service]

3
vsftpd_conf_migrate.sh
View file

@ -1,9 +1,8 @@
#!/bin/bash
#move old config files and symlink them
#shipped with vsftpd-2.0.1-6
shopt -s nullglob
PREFIX="vsftpd"
for file in /etc/${PREFIX}.*; do
for file in $( ls /etc/${PREFIX}.* ); do
if [ ! -L $file ]; then
new=`echo $file | sed s/${PREFIX}\./${PREFIX}\\\\//g | sed s/\.rpmsave//g`
mv -f ${file} ${new}