summaryrefslogtreecommitdiffstats
path: root/source/n/vsftpd
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2016-06-30 20:26:57 +0000
committer Eric Hameleers <alien@slackware.com>2018-05-31 23:31:18 +0200
commitd31c50870d0bee042ce660e445c9294a59a3a65b (patch)
tree6bfc0de3c95267b401b620c2c67859557dc60f97 /source/n/vsftpd
parent76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (diff)
downloadcurrent-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.gz
current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.xz
Slackware 14.2slackware-14.2
Thu Jun 30 20:26:57 UTC 2016 Slackware 14.2 x86_64 stable is released! The long development cycle (the Linux community has lately been living in "interesting times", as they say) is finally behind us, and we're proud to announce the release of Slackware 14.2. The new release brings many updates and modern tools, has switched from udev to eudev (no systemd), and adds well over a hundred new packages to the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-)
Diffstat (limited to 'source/n/vsftpd')
-rw-r--r--source/n/vsftpd/slack-desc2
-rwxr-xr-xsource/n/vsftpd/vsftpd.SlackBuild7
-rw-r--r--source/n/vsftpd/vsftpd.conf.diff18
-rw-r--r--source/n/vsftpd/vsftpd.crypt.diff20
4 files changed, 39 insertions, 8 deletions
diff --git a/source/n/vsftpd/slack-desc b/source/n/vsftpd/slack-desc
index 82b9f521e..cc4b231ea 100644
--- a/source/n/vsftpd/slack-desc
+++ b/source/n/vsftpd/slack-desc
@@ -13,7 +13,7 @@ vsftpd: Obviously this is not a guarantee, but a reflection that the entire
vsftpd: codebase was written with security in mind, and carefully designed to
vsftpd: be resilient to attack (as well as extremely fast and scalable).
vsftpd:
-vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/
+vsftpd: The vsftpd homepage is https://security.appspot.com/vsftpd.html
vsftpd:
vsftpd: The Very Secure FTP Daemon was written by Chris Evans.
vsftpd:
diff --git a/source/n/vsftpd/vsftpd.SlackBuild b/source/n/vsftpd/vsftpd.SlackBuild
index 9a2e7fc88..f03206b67 100755
--- a/source/n/vsftpd/vsftpd.SlackBuild
+++ b/source/n/vsftpd/vsftpd.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -22,14 +22,14 @@
PKGNAM=vsftpd
VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
NUMJOBS=${NUMJOBS:-" -j7 "}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
- i?86) export ARCH=i486 ;;
+ i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
@@ -62,6 +62,7 @@ find . \
zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1
zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1
make $NUMJOBS || make || exit 1
diff --git a/source/n/vsftpd/vsftpd.conf.diff b/source/n/vsftpd/vsftpd.conf.diff
index 1f410a7ac..ac3c6ab24 100644
--- a/source/n/vsftpd/vsftpd.conf.diff
+++ b/source/n/vsftpd/vsftpd.conf.diff
@@ -1,6 +1,5 @@
-diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf
---- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500
-+++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500
+--- ./vsftpd.conf.orig 2011-12-17 12:24:40.000000000 -0600
++++ ./vsftpd.conf 2016-04-11 18:34:26.772862375 -0500
@@ -19,7 +19,7 @@
#
# Default umask for local users is 077. You may wish to change this to 022,
@@ -24,7 +23,7 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
-@@ -101,12 +101,13 @@
+@@ -104,14 +104,24 @@
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
@@ -43,3 +42,14 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd with two configuration files.
+ # Make sure, that one of the listen options is commented !!
+ #listen_ipv6=YES
++#
++# The seccomp sandbox feature adds an additional layer of security, but has
++# been known to cause various problems depending on the kernel version.
++# Problems may include kernel audit warnings in the system logs, or even
++# failure to get a directory listing (or do much of anything in directories
++# with enough files to trigger the issue).
++# If you see errors like "OOPS: priv_sock_get_cmd" make sure this option is
++# set to NO. We'll set it to NO by default since we want a reliable ftpd.
++seccomp_sandbox=NO
diff --git a/source/n/vsftpd/vsftpd.crypt.diff b/source/n/vsftpd/vsftpd.crypt.diff
new file mode 100644
index 000000000..87503d578
--- /dev/null
+++ b/source/n/vsftpd/vsftpd.crypt.diff
@@ -0,0 +1,20 @@
+--- ./sysdeputil.c.orig 2012-09-15 23:18:04.000000000 -0500
++++ ./sysdeputil.c 2016-06-12 23:49:19.539253144 -0500
+@@ -285,7 +285,7 @@
+ return 0;
+ }
+ p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp);
+- if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp))
++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp))
+ {
+ return 1;
+ }
+@@ -293,7 +293,7 @@
+ }
+ #endif /* VSF_SYSDEP_HAVE_SHADOW */
+ p_crypted = crypt(str_getbuf(p_pass_str), p_pwd->pw_passwd);
+- if (!vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd))
++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd))
+ {
+ return 1;
+ }