Add "vsftpd-3.0.3-address_space_limit.patch" to create the new configuration option "address_space_limit", which determines the memory limit vsftpd configures for its own process (given in bytes). The previously hard-coded limit (100 MB) may not be sufficient for vsftpd servers running with certain PAM modules enabled, and in such cases administrators may wish to raise the limit to match their system's requirements. [bsc#1042137]
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=118
This commit is contained in:
Peter Simons
Git OBS Bridge
parent
ce43389ac4
commit
6364c36bd6
57
vsftpd-3.0.3-address_space_limit.patch
Normal file
57
vsftpd-3.0.3-address_space_limit.patch
Normal file
@ -0,0 +1,57 @@
|
||||
Index: vsftpd-3.0.3/main.c
|
||||
===================================================================
|
||||
--- vsftpd-3.0.3.orig/main.c
|
||||
+++ vsftpd-3.0.3/main.c
|
||||
@@ -317,7 +317,7 @@ env_init(void)
|
||||
static void
|
||||
limits_init(void)
|
||||
{
|
||||
- unsigned long limit = VSFTP_AS_LIMIT;
|
||||
+ unsigned long limit = tunable_address_space_limit ?: VSFTP_AS_LIMIT;
|
||||
if (tunable_text_userdb_names)
|
||||
{
|
||||
/* Turns out, LDAP lookups for lots of userid -> name mappings can really
|
||||
Index: vsftpd-3.0.3/parseconf.c
|
||||
===================================================================
|
||||
--- vsftpd-3.0.3.orig/parseconf.c
|
||||
+++ vsftpd-3.0.3/parseconf.c
|
||||
@@ -138,6 +138,7 @@ parseconf_uint_array[] =
|
||||
{ "delay_successful_login", &tunable_delay_successful_login },
|
||||
{ "max_login_fails", &tunable_max_login_fails },
|
||||
{ "chown_upload_mode", &tunable_chown_upload_mode },
|
||||
+ { "address_space_limit", &tunable_address_space_limit },
|
||||
{ 0, 0 }
|
||||
};
|
||||
|
||||
Index: vsftpd-3.0.3/tunables.c
|
||||
===================================================================
|
||||
--- vsftpd-3.0.3.orig/tunables.c
|
||||
+++ vsftpd-3.0.3/tunables.c
|
||||
@@ -110,6 +110,7 @@ unsigned int tunable_delay_failed_login;
|
||||
unsigned int tunable_delay_successful_login;
|
||||
unsigned int tunable_max_login_fails;
|
||||
unsigned int tunable_chown_upload_mode;
|
||||
+unsigned int tunable_address_space_limit;
|
||||
|
||||
const char* tunable_secure_chroot_dir;
|
||||
const char* tunable_ftp_username;
|
||||
@@ -255,6 +256,7 @@ tunables_load_defaults()
|
||||
tunable_max_login_fails = 3;
|
||||
/* -rw------- */
|
||||
tunable_chown_upload_mode = 0600;
|
||||
+ tunable_address_space_limit = 0; /* See main.c:limits_init */
|
||||
|
||||
install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);
|
||||
install_str_setting("ftp", &tunable_ftp_username);
|
||||
Index: vsftpd-3.0.3/tunables.h
|
||||
===================================================================
|
||||
--- vsftpd-3.0.3.orig/tunables.h
|
||||
+++ vsftpd-3.0.3/tunables.h
|
||||
@@ -112,6 +112,7 @@ extern unsigned int tunable_delay_failed
|
||||
extern unsigned int tunable_delay_successful_login;
|
||||
extern unsigned int tunable_max_login_fails;
|
||||
extern unsigned int tunable_chown_upload_mode;
|
||||
+extern unsigned int tunable_address_space_limit;
|
||||
|
||||
/* String defines */
|
||||
extern const char* tunable_secure_chroot_dir;
|
||||
@ -1,5 +1,5 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 7 12:24:26 UTC 2017 - tchvatal@suse.com
|
||||
Thu Sep 7 12:24:26 UTC 2017 - psimons@suse.com
|
||||
|
||||
- Add "vsftpd-die-with-session.patch" to fix a bug in vsftpd that
|
||||
would cause SSL protocol errors, aborting the connection, whenever
|
||||
@ -16,6 +16,14 @@ Thu Sep 7 12:24:26 UTC 2017 - tchvatal@suse.com
|
||||
- Add "vsftpd-append-seek-pipe.patch" to allow the FTP server to
|
||||
append to a file system pipe. [bsc#1048427]
|
||||
|
||||
- Add "vsftpd-3.0.3-address_space_limit.patch" to create the new
|
||||
configuration option "address_space_limit", which determines the
|
||||
memory limit vsftpd configures for its own process (given in
|
||||
bytes). The previously hard-coded limit (100 MB) may not be
|
||||
sufficient for vsftpd servers running with certain PAM modules
|
||||
enabled, and in such cases administrators may wish to raise the
|
||||
limit to match their system's requirements. [bsc#1042137]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 14 11:42:26 UTC 2017 - tchvatal@suse.com
|
||||
|
||||
|
||||
@ -75,6 +75,7 @@ Patch26: vsftpd-3.0.3-build-with-openssl-1.1.patch
|
||||
Patch27: vsftpd-mdtm-in-utc.patch
|
||||
Patch28: vsftpd-die-with-session.patch
|
||||
Patch29: vsftpd-append-seek-pipe.patch
|
||||
Patch30: vsftpd-3.0.3-address_space_limit.patch
|
||||
BuildRequires: libcap-devel
|
||||
BuildRequires: libopenssl-devel
|
||||
BuildRequires: pam-devel
|
||||
@ -132,6 +133,7 @@ tests.
|
||||
%patch27 -p1
|
||||
%patch28 -p1
|
||||
%patch29 -p1
|
||||
%patch30 -p1
|
||||
|
||||
%build
|
||||
%define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user