Accepting request 113215 from network

- update to upstream 3.0.0: * Make listen mode the default. * Fix missing "const" in ssl.c * Add seccompsandbox.c to support a seccomp filter sandbox; works against Ubuntu 12.04 ABI. * Rearrange ftppolicy.c a bit so the syscall list is easily comparable with seccompsandbox.c * Rename deprecated "sandbox" to "ptrace_sandbox". * Add a few more state checks to the privileged helper processes. * Add tunable "seccomp_sandbox", default on. * Use hardened build flags. * Retry creating a PASV socket upon port reuse race between bind() and listen(), patch from Ralph Wuerthner <ralph.wuerthner@de.ibm.com>. * Don't die() if recv() indicates a closed remote connection. Problem report on a Windows client from Herbert van den Bergh, <herbert.van.den.bergh@oracle.com>. * Add new config setting "allow_writeable_chroot" to help people in a bit of a spot with the v2.3.5 defensive change. Only applies to non-anonymous. * Remove a couple of fixed things from BUGS. * strlen() trunction fix -- no particular impact. * Apply some tidyups from mmoufid@yorku.ca. * Fix delete_failed_uploads if there is a timeout. Report from Alejandro Hernández Hdez <aalejandrohdez@gmail.com>. * Fix other data channel bugs such as failure to log failure upon timeout. * Use exit codes a bit more consistently. * Fix bad interaction between SSL and trans_chunk_size. * Redo data timeout to fire properly for SSL sessions. * Redo idle timeout to fire properly for SSL sessions. * Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing. * Use 10 minutes as a max linger time just in case an alarm gets lost. OBS-URL: https://build.opensuse.org/request/show/113215 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=29
2012-04-12 07:55:49 +00:00 · 2012-04-12 07:55:49 +00:00 · a6cf2efa47
commit a6cf2efa47
parent c2aa5ce3b4 cf83fc9250
12 changed files with 125 additions and 43 deletions
--- a/README.SUSE
+++ b/README.SUSE
@ -1,10 +1,7 @@
-Starting with 10.1 vsftpd can be configured standalone
+vsftpd-3.0.0 made the listen mode default. In order to maintain backward
-or over the xinetd superdeamon. Default is standalone.
+compatibility, default /etc/vsftpd.conf in SUSE contains
 If you want to run it over xinetd make sure the you enable
 the service in the xinetd configuration (/etc/xinetd.d/vsftp)
 and set the following line in /etc/vsftpd.conf
 listen=NO
 listen_ipv6=YES
-This is needed for vsftpd to over xinetd.
+so no changes for xinetd (/etc/xinetd.d/vsftp) are needed by default.
--- a/vsftpd-2.0.4-dmapi.patch
+++ b/vsftpd-2.0.4-dmapi.patch
@ -1,6 +1,8 @@
--- postlogin.c.orig
+Index: postlogin.c
-+++ postlogin.c
+===================================================================
-@@ -1036,6 +1036,11 @@ handle_upload_common(struct vsf_session*
+--- postlogin.c.orig	2012-04-10 16:09:50.440384915 +0200
 +++ postlogin.c	2012-04-10 16:10:01.193753389 +0200
@@ -1053,6 +1053,11 @@
     {
       do_truncate = 1;
     }
--- a/vsftpd-2.0.4-lib64.diff
+++ b/vsftpd-2.0.4-lib64.diff
@ -1,18 +1,20 @@
--- vsf_findlibs.sh.orig
+Index: vsf_findlibs.sh
-+++ vsf_findlibs.sh
+===================================================================
-@@ -14,6 +14,7 @@ fi
+--- vsf_findlibs.sh.orig	2012-04-10 16:09:50.571389404 +0200
 +++ vsf_findlibs.sh	2012-04-10 16:09:53.709496934 +0200
@@ -14,6 +14,7 @@
 # crypt library.
 if find_func pam_start sysdeputil.o; then
   locate_library /lib/libpam.so.0 && echo "/lib/libpam.so.0";
 +  locate_library /lib64/libpam.so.0 && echo "/lib64/libpam.so.0";
   locate_library /usr/lib/libpam.so && echo "-lpam";
   locate_library /usr/lib64/libpam.so && echo "-lpam";
-   # HP-UX ends shared libraries with .sl
+   locate_library /lib/x86_64-linux-gnu/libpam.so.0 && echo "-lpam";
-@@ -22,6 +23,7 @@ if find_func pam_start sysdeputil.o; the
+@@ -23,6 +24,7 @@
   locate_library /usr/lib/libpam.a && echo "-lpam";
 else
   locate_library /lib/libcrypt.so && echo "-lcrypt";
 +  locate_library /lib64/libcrypt.so && echo "-lcrypt";
   locate_library /usr/lib/libcrypt.so && echo "-lcrypt";
   locate_library /usr/lib64/libcrypt.so && echo "-lcrypt";
- fi
+   locate_library /lib/x86_64-linux-gnu/libcrypt.so && echo "-lcrypt";
--- a/vsftpd-2.0.5-enable-debuginfo.patch
+++ b/vsftpd-2.0.5-enable-debuginfo.patch
@ -1,11 +1,21 @@
--- Makefile.orig
+Index: Makefile
-+++ Makefile
+===================================================================
-@@ -6,7 +6,7 @@ IFLAGS  = -idirafter dummyinc
+--- Makefile.orig	2012-04-03 09:21:18.000000000 +0200
- CFLAGS	=	-O2 -Wall -W -Wshadow #-pedantic -Werror -Wconversion
+++ Makefile	2012-04-10 16:10:53.545547162 +0200
@@ -9,7 +9,6 @@
 	#-pedantic -Wconversion
 LIBS	=	`./vsf_findlibs.sh`
 -LINK	=	-Wl,-s
-+#LINK	=	-Wl,-s
+ LDFLAGS	=	-fPIE -pie -Wl,-z,relro -Wl,-z,now
 OBJS	=	main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o \
- 		tunables.o ftpdataio.o secbuf.o ls.o \
+@@ -26,7 +25,7 @@
 	$(CC) -c $*.c $(CFLAGS) $(IFLAGS)
 vsftpd: $(OBJS) 
 -	$(CC) -o vsftpd $(OBJS) $(LINK) $(LDFLAGS) $(LIBS)
 +	$(CC) -o vsftpd $(OBJS) $(LDFLAGS) $(LIBS)
 install:
 	if [ -x /usr/local/sbin ]; then \
--- a/vsftpd-2.0.5-utf8-log-names.patch
+++ b/vsftpd-2.0.5-utf8-log-names.patch
@ -1,6 +1,8 @@
--- str.c.orig
+Index: str.c
-+++ str.c
+===================================================================
-@@ -27,6 +27,24 @@ static int str_equal_internal(const char
+--- str.c.orig	2012-03-28 17:25:40.000000000 +0200
 +++ str.c	2012-04-10 16:10:59.965767345 +0200
@@ -27,6 +27,24 @@
                               const char* p_buf2, unsigned int buf2_len);
 /* Private functions */
@ -25,7 +27,7 @@
 static void
 s_setbuf(struct mystr* p_str, char* p_newbuf)
 {
-@@ -158,6 +176,45 @@ str_reserve(struct mystr* p_str, unsigne
+@@ -181,6 +199,45 @@
   p_str->p_buf[res_len - 1] = '\0';
 }
@ -71,7 +73,7 @@
 int
 str_isempty(const struct mystr* p_str)
 {
-@@ -671,11 +728,13 @@ void
+@@ -702,11 +759,13 @@
 str_replace_unprintable(struct mystr* p_str, char new_char)
 {
   unsigned int i;
@ -89,9 +91,11 @@
     }
   }
 }
--- str.h.orig
+Index: str.h
-+++ str.h
+===================================================================
-@@ -36,6 +36,7 @@ void str_free(struct mystr* p_str);
+--- str.h.orig	2008-12-17 06:53:23.000000000 +0100
 +++ str.h	2012-04-10 16:10:59.965767345 +0200
@@ -36,6 +36,7 @@
 void str_trunc(struct mystr* p_str, unsigned int trunc_len);
 void str_reserve(struct mystr* p_str, unsigned int res_len);
--- a/vsftpd-2.3.5-conf.patch
+++ b/vsftpd-2.3.5-conf.patch
@ -1,7 +1,7 @@
 Index: vsftpd.conf
 ===================================================================
--- vsftpd.conf.orig	2011-12-17 18:24:40.000000000 +0000
+--- vsftpd.conf.orig	2011-12-17 19:24:40.000000000 +0100
-+++ vsftpd.conf	2011-12-23 17:16:43.000000000 +0000
+++ vsftpd.conf	2012-04-11 10:19:06.192238657 +0200
@@ -4,23 +4,89 @@
 # loosens things up a bit, to make the ftp daemon more usable.
 # Please see vsftpd.conf.5 for all compiled in defaults.
@ -98,7 +98,7 @@ Index: vsftpd.conf
 # Uncomment this to allow the anonymous FTP user to upload files. This only
 # has an effect if the above global write enable is activated. Also, you will
 # obviously need to create a directory writable by the FTP user.
-@@ -30,15 +96,9 @@ anonymous_enable=YES
+@@ -30,15 +96,9 @@
 # new directories.
 #anon_mkdir_write_enable=YES
 #
@ -117,7 +117,7 @@ Index: vsftpd.conf
 #
 # If you want, you can arrange for uploaded anonymous files to be owned by
 # a different user. Note! Using "root" for uploaded files is not
-@@ -46,24 +106,51 @@ connect_from_port_20=YES
+@@ -46,24 +106,51 @@
 #chown_uploads=YES
 #chown_username=whoever
 #
@ -174,7 +174,7 @@ Index: vsftpd.conf
 # Enable this and the server will recognise asynchronous ABOR requests. Not
 # recommended for security (the code is non-trivial). Not enabling it,
 # however, may confuse older FTP clients.
-@@ -77,41 +164,29 @@ connect_from_port_20=YES
+@@ -77,41 +164,29 @@
 # predicted this attack and has always been safe, reporting the size of the
 # raw file.
 # ASCII mangling is a horrible feature of the protocol.
@ -217,7 +217,7 @@ Index: vsftpd.conf
 # listens on IPv4 sockets. This directive cannot be used in conjunction
 # with the listen_ipv6 directive.
 -listen=YES
-+#listen=YES
+listen=NO
 #
 # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
 # sockets, you must run two copies of vsftpd with two configuration files.
--- a/vsftpd-2.3.5.tar.gz
+++ b/vsftpd-2.3.5.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:d87ee2987df8f03e1dbe294905f7907b2798deb89c67ca965f6e2f60879e54f1
 size 187691
--- a/vsftpd-3.0.0-turn-seccomp-sandbox-off.patch
+++ b/vsftpd-3.0.0-turn-seccomp-sandbox-off.patch
@ -0,0 +1,13 @@
 Index: vsftpd-3.0.0/tunables.c
 ===================================================================
 --- vsftpd-3.0.0.orig/tunables.c	2012-04-05 00:29:50.000000000 +0200
 +++ vsftpd-3.0.0/tunables.c	2012-04-11 13:50:39.538712522 +0200
@@ -226,7 +226,7 @@
   tunable_isolate_network = 1;
   tunable_ftp_enable = 1;
   tunable_http_enable = 0;
 -  tunable_seccomp_sandbox = 1;
 +  tunable_seccomp_sandbox = 0;
   tunable_allow_writeable_chroot = 0;
   tunable_accept_timeout = 60;
--- a/vsftpd-3.0.0.tar.gz
+++ b/vsftpd-3.0.0.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:ef70205dcd0c7f03b008b9578fb44c0cbe31e66daab8cfafb9904747c17fc2a8
 size 193166
--- a/vsftpd.changes
+++ b/vsftpd.changes
@ -1,3 +1,54 @@
 -------------------------------------------------------------------
 Tue Apr 10 14:13:12 UTC 2012 - mvyskocil@suse.cz
 - update to upstream 3.0.0:
  * Make listen mode the default.
  * Fix missing "const" in ssl.c
  * Add seccompsandbox.c to support a seccomp filter sandbox; works against
    Ubuntu 12.04 ABI.
  * Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
    seccompsandbox.c
  * Rename deprecated "sandbox" to "ptrace_sandbox".
  * Add a few more state checks to the privileged helper processes.
  * Add tunable "seccomp_sandbox", default on.
  * Use hardened build flags.
  * Retry creating a PASV socket upon port reuse race between bind() and
    listen(), patch from Ralph Wuerthner <ralph.wuerthner@de.ibm.com>.
  * Don't die() if recv() indicates a closed remote connection. Problem report
    on a Windows client from Herbert van den Bergh,
    <herbert.van.den.bergh@oracle.com>.
  * Add new config setting "allow_writeable_chroot" to help people in a bit of
    a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
  * Remove a couple of fixed things from BUGS.
  * strlen() trunction fix -- no particular impact.
  * Apply some tidyups from mmoufid@yorku.ca.
  * Fix delete_failed_uploads if there is a timeout. Report from Alejandro
    Hernández Hdez <aalejandrohdez@gmail.com>.
  * Fix other data channel bugs such as failure to log failure upon timeout.
  * Use exit codes a bit more consistently.
  * Fix bad interaction between SSL and trans_chunk_size.
  * Redo data timeout to fire properly for SSL sessions.
  * Redo idle timeout to fire properly for SSL sessions.
  * Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
  * Use 10 minutes as a max linger time just in case an alarm gets lost.
  * Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
  * Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
    Unfortunately the default vsftpd SSL confiuration still doesn't fully work with
    FileZilla, because FileZilla has a data connection security problem: no client
    certificate presentation and no session reuse. At least the error message is
    now very clear.
  * Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
    a data transfer is in progress.
  * Fix delete_failed_uploads for anonymous sessions.
  * Don't listen for urgent data if the control connection is SSL, due to possible
    protocol synchronization issues.
 - SUSE specific changes:
  * turn off the listen mode (listen=NO) by default and change README.SUSE
  * merge new hardended flags for build and linking
  * fix the wrong Type=forking from systemd service file
  * turn off the seccomp_sandbox off by default as SUSE kernel does not support
    it (yet)
 -------------------------------------------------------------------
 Tue Feb 21 10:51:51 UTC 2012 - mvyskocil@suse.cz
--- a/vsftpd.service
+++ b/vsftpd.service
@ -3,7 +3,6 @@ Description=Vsftpd ftp daemon
 After=network.target
 [Service]
 Type=forking
 ExecStart=/usr/sbin/vsftpd /etc/vsftpd.conf
 [Install]
--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -27,7 +27,7 @@ BuildRequires:  libcap-devel
 %if 0%{?suse_version} > 1140
 BuildRequires:  systemd
 %endif
-Version:        2.3.5
+Version:        3.0.0
 Release:        0
 Summary:        Very Secure FTP Daemon - Written from Scratch
 License:        GPL-2.0+
@ -49,6 +49,9 @@ Patch6:         vsftpd-2.0.5-vuser.patch
 Patch7:         vsftpd-2.0.5-enable-debuginfo.patch
 Patch8:         vsftpd-2.0.5-utf8-log-names.patch
 Patch9:         vsftpd-2.3.5-conf.patch
 #PATCH-FIX-OPENSUSE: turn the seccomp_sanbox feature off by default
 # revert it when seccomp feature will be in suse/vanilla kernel
 Patch10:        vsftpd-3.0.0-turn-seccomp-sandbox-off.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Provides:       ftp-server
 PreReq:         %insserv_prereq /usr/sbin/useradd
@ -76,11 +79,12 @@ tests.
 %patch7
 %patch8
 %patch9
 %patch10 -p1
 %build
 rm -f dummyinc/sys/capability.h
-make CFLAGS="$RPM_OPT_FLAGS -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector" \
+make CFLAGS="$RPM_OPT_FLAGS -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -fstack-protector --param=ssp-buffer-size=4" \
-     LDFLAGS="-pie" LINK=
+     LDFLAGS="-fPIE -pie -Wl,-z,relro -Wl,-z,now" LINK=
 %install
 mkdir -p $RPM_BUILD_ROOT/usr/share/empty