From c8a6c3d09c171536e12f1c2f269ce7a8f4a9764bef8be8fa4170f55669b5cc16 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Mon, 25 Jan 2010 15:41:53 +0000 Subject: [PATCH] Accepting request 30297 from network Copy from network/vsftpd based on submit request 30297 from user msmeissn OBS-URL: https://build.opensuse.org/request/show/30297 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=13 --- vsftpd.changes | 5 + vsftpd.spec | 329 +------------------------------------------------ 2 files changed, 9 insertions(+), 325 deletions(-) diff --git a/vsftpd.changes b/vsftpd.changes index 5049931..1a9d728 100644 --- a/vsftpd.changes +++ b/vsftpd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Jan 20 14:13:49 UTC 2010 - coolo@novell.com + +- fix typo in the package description - and remove authors + ------------------------------------------------------------------- Mon Sep 15 14:52:05 CEST 2008 - hvogel@suse.de diff --git a/vsftpd.spec b/vsftpd.spec index cda5031..0daa4b5 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -1,7 +1,7 @@ # # spec file for package vsftpd (Version 2.0.7) # -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,9 +26,9 @@ BuildRequires: libcap BuildRequires: libcap-devel %endif Version: 2.0.7 -Release: 4 +Release: 5 Summary: Very Secure FTP Daemon - Written from Scratch -License: GPL v2 or later +License: GPLv2+ Group: Productivity/Networking/Ftp/Servers Url: http://vsftpd.beasts.org Source: %name-%version.tar.bz2 @@ -54,7 +54,7 @@ Provides: ftp-server PreReq: %insserv_prereq /usr/sbin/useradd %description -Vsftpd is an FTP server, or dæmon. The "vs" stands for Very Secure. +Vsftpd is an FTP server, or daemon. The "vs" stands for Very Secure. Obviously this is not a guarantee, but the entire codebase was written with security in mind, and carefully designed to be resilient to attack. @@ -64,12 +64,6 @@ is before any explicit performance tuning!). In tests against wu-ftpd, vsftpd was always faster, supporting over twice as many users in some tests. - - -Authors: --------- - Chris Evans - %prep %setup -q %patch1 -p1 @@ -138,318 +132,3 @@ rm -rf $RPM_BUILD_ROOT %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %changelog -* Mon Sep 15 2008 hvogel@suse.de -- limit port range for passv to 30000:30100 to assist firewalling - [bnc#420671] -* Mon Sep 08 2008 hvogel@suse.de -- version 2.0.7 - * Fix man page typo - * Enhance logging for debug_ssl - * Shutdown the SSL data connections properly - * Add option to enforce proper SSL shutdown on uploads - * Add option to delete failed uploads -- limit port range for passv to 1024:2024 to assist firewalling - [bnc#420671] -* Wed Jun 11 2008 hvogel@suse.de -- Fix simultaneous ftp put of the same file [bnc#361559, bnc#273454] -- dont die on EADDRINUSE but try again [bnc#395899] -* Fri May 02 2008 tiwai@suse.de -- fix the link with libcap2 -* Wed Apr 30 2008 hvogel@suse.de -- Make the unpriv bits run as ftpsecure and not as nobody - [bnc#384776] -* Tue Apr 01 2008 mkoenig@suse.de -- remove dir /usr/share/omc/svcinfo.d as it is provided now - by filesystem -* Tue Mar 11 2008 crrodriguez@suse.de -- version 2.0.6 -- Fix delay_failed_login typo. Oops. -- Patch the getcwd and readlink sysutil helpers to reflect that they wouldn't - like a 0-sized buf. No caller is affected. Thanks Ilja van Sprundel - . -- Allow a (fake) reauth as the same user as the logged in user. Should resolve - .NET related report from Sabo Jim . -- Tweak from Lucian Adrian Grijincu to take - unnecessary port calculations out of a loop. -- Fix byte I/O accounting in the error path of do_file_send_rwloop, thanks to - . -- Don't log FireFox's attempts to RETR directories! Reported by - Nixdorf, Tim . -- Fix STOU sending the same 150 status line twice - oops! Reported by - . -- Fix xferlog format for virtual (guest) users, reported by Andy Fletcher - . -- Fix bug with empty user list file and userlist_deny=NO. Reported by - Marcin Zawadzki/GlobalVanet.com . -- Pretend we have proper UTF8 support and respond positively to OPTS UTF8 ON. - Thanks Stanislav Maslovski . -- Add control over the file permissions used in the chown()ing of anonymous - uploads: chown_upload_mode (default 0600 as before). Suggestion from - An Pham . -- Do a retry getting the active ftp socket in vsf_privop_get_ftp_port_sock(); - should help buggy Solaris systems. Reported by Michael Masterson - . -- Add debug_ssl option to dump out some SSL connection details. -- Use code 522, not 521, to indicate that the server requires an encrypted - data connection. Still does not seem to coax lftp to retry :( -- Recognize OPTS pre-login. -- A whole ton of SSL improvements, including ability to force requirement of - a client cert; data and control channel client cert cross checking. Ability - to require fully valid / authentic client certs. No cert-based auth yet. -* Tue Mar 27 2007 mskibbe@suse.de -- change path to firewall script (#247352) -* Fri Mar 02 2007 mskibbe@suse.de -- change path to firewall script (#247352) -* Wed Feb 28 2007 mskibbe@suse.de -- vsftpd - Support for FATE #300687: Ports for SuSEfirewall added - via packages (#246932) -* Mon Jan 15 2007 mskibbe@suse.de -- fix cryptic symbol in package - description -- build against libcap on suse < 10.1 -* Fri Jan 12 2007 mskibbe@suse.de -- vsftp could not log any file name other then ascii (#229320) -* Thu Jan 11 2007 mskibbe@suse.de -- change path to xml service document (fate #301713) -* Mon Jan 08 2007 mskibbe@suse.de -- fix Bug #230220 - vsftp no debuginfo -* Mon Jan 08 2007 mskibbe@suse.de -- xml document should readable to all (fate #301713) -* Wed Dec 06 2006 mskibbe@suse.de -- add service xml document (fate #301713 ) -* Mon Oct 23 2006 mskibbe@suse.de -- fix Bug 213894 - vsftpd and pam -* Mon Sep 04 2006 kukuk@suse.de -- Include common PAM config files, add pam_loginuid.so -* Fri Jul 14 2006 mskibbe@suse.de -- udpate to version 2.0.5 which - o IE should now show the login dialog again - o configurable login attempt limits and delays were added - o a bad intereaction with DMAPI filesystems was fixed and chained - certs should now work. -* Fri May 26 2006 schwab@suse.de -- Don't strip binaries. -* Thu Apr 20 2006 hvogel@suse.de -- revert the rename to vsftp for the xinetd config file. chkconfig - knows on for init and xinetd. So this wasnt a bug but a misusage - of chkconfig -* Thu Apr 20 2006 hvogel@suse.de -- add support for DMAPI filesystems [#167632] -* Wed Apr 19 2006 hvogel@suse.de -- rename xinetd config from vsftpd to vsftp to avoid name clashes - in chkconfig [#165745] -* Thu Feb 16 2006 hvogel@suse.de -- enable ssl for real [#151453] -* Mon Feb 06 2006 hvogel@suse.de -- The switch to standalone should not happen in update. - Installed xinetd config file again. The configuration file is - marked as noreplace anyway so if you are updating you will - get a xinetd.d/vsftpd.rpmnew and a vsftpd.conf.rpmnew - and everything is working as before and standalone is only used - for new installations. [#148201] -- redirect standalone parent output to /var/log/rcvsftp.log - so the init script can return properly. -* Wed Jan 25 2006 mls@suse.de -- converted neededforbuild to BuildRequires -* Fri Jan 13 2006 hvogel@suse.de -- Make use of Stack Protector -- fix some uninitialized variables -* Wed Jan 11 2006 hvogel@suse.de -- Update to version 2.0.4 including: - o Add explicit "This FTP server does not allow anonymous logins" - message. - o Add paranoid checks to sysutil.c for large values / lengths. - o Load per-IP config files earlier; allows more settings to be - tuned on a per-IP level. - o regex fix so that {*} correctly matches everything. - o Add optional file locking support via lock_upload_files. - o Apply LDFLAGS patch from Mads Martin Joergensen . - o Add pasv_addr_resolve option to allow pasv_address to get - DNS resolved once at startup. - o Apply patch to fix timezone issues (caused by chroot() - interacting badly with newer glibc versions). -* Wed Sep 28 2005 mmj@suse.de -- Add init script, and make it standalone -* Sun Sep 18 2005 kukuk@suse.de -- Add libcap-devel to nfb -* Tue Aug 09 2005 mmj@suse.de -- Document that /etc/xinet.d/vsftpd is for xinetd conf [#102953] -* Mon Aug 08 2005 uli@suse.de -- build with -fPIE, not -fpie (fixes s390x) -* Mon Jun 27 2005 ro@suse.de -- use libcap -* Fri Jun 17 2005 mmj@suse.de -- Compile with -fpie, link with -pie -* Tue Apr 19 2005 mmj@suse.de -- Update to 2.0.3 including: - o Document what regex expressions are supported in the man page. - o New settings rsa_private_key_file and dsa_private_key_file to - allow separate files for the certificates and private keys. - o Initial, simple fix for timed out processes not exiting when - SSL is in use. Better fix (which reports timeout to client - properly) to follow. - o Add which setsockopt option failed to die("setsockopt") calls. - o Fix error with IPv4 connections to IPv6 listeners and PORT - type data connections when connect_from_port_20 is set. - o Remove vsf_sysutil_sockaddr_same_family (unused). - o Support protocol 1 (IPv4) in EPRT. - o Add ssl.c to AUDIT. - o Allow config file to use "ssl_ciphers=" to use default - OpenSSL cipher list. - o Allow "EPSV 1" to mean IPv4 EPSV. - o Report dummy IP but correct port with IPv6 / PASV. - o Handle SSL_WANT_READ and SSL_WANT_WRITE retries in SSL_read - and SSL_write; fixes SSL upload failures when data timeouts are - in use with some clients. - o Implicitly disable connect_from_port_20 and chown_uploads - when a non-root user is using run_as_launching_user. - o Add force_anon_logins_ssl and force_anon_data_ssl for a fully - SSL secure anonymous oonly solution (useful when you don't - have root access and a range of acceptable anonymous - passwords as credentials). - o Use SSL BIO callbacks to fix data connection timeout checks; - the checks weren't all occurring promply. -* Thu Mar 03 2005 mmj@suse.de -- Update to 2.0.2 including: - o Emit data transfer status messages (success / failure) - after flushing and waiting for the full data transfer to - reach the client. This should help work around buggy FTP - clients such as FlashFXP, which is known to truncate files - incorrectly. - o Make str_empty actually allocate an empty string. - o Change the ASCII receive code to ONLY rip out \r if it is - just before a \n; someone finally complained about this. - o Enable AIX Large File Support - o Add a couple of FAQ entries. - o Fix time delta code areas to cope with negative deltas, - which will occur if the clock is adjusted backwards. - o Fix "errno" checks to be robust in multiple places; - previously, calls to failing library calls could be made - inbetween the original library call and the "errno" reads. - o Make bandwidth limiter work with SSL data connections. - o Note that the SSL / bandwidth limiter bug fixed a much more - serious bug: SSL data connection dropouts after - data_connection_timeout seconds. -* Fri Feb 18 2005 mmj@suse.de -- Glibc doesn't cache the timezone as much as it used to, so export - the TZ variable after doing chroot. [#49878] -* Thu Aug 12 2004 mmj@suse.de -- Update to 2.0.1 including: - o Add -lcrypto for the SSL build; needed for some systems - o Oops; fix session bale out if an empty length password is given. - o Fix build on Fedora Core 2 (-lcap cannot seem to find /lib/libcap.so). - o Fix vsftpd.conf.5 man page error in "ssl_sslv3" - o Clarify licensing: I allow linking of my GPL software with the OpenSSL - libraries. - o Fix build where PAM build is enabled but PAM headers are missing. -* Fri Jul 02 2004 mmj@suse.de -- Update to 2.0.0 including: - o Improve logging (log deletes, renames, chmods, etc. as - requested by users). - o Add no_log_lock to work around Solaris / Veritas locking - hangs. - o Add EPRT, EPSV, PASV and TVFS to FEAT response. - o Implement use of MDTM to set timestamps. - o Recognize FEAT prior to login. - o Add OpenSSL (AUTH TLS / SSL) support for encrypted control - and data connections. - o Increase max size of .message files to 4000 characters - o Add easy builddefs.h ability to disable PAM builds even when - PAM is installed. - o Report vsftpd version in STAT output. - o Add REFS file. - o Change parent<->child socket comms from DGRAM to STREAM for - increased reliability. The main benefit is should the parent - be killed (or crash out) then the child won't block on a - read() that will never return. - o Make str_reserve reserve space for the trailing zero as well, - so we don't cause a reallocation if we exactly fill the buffer. - o Optimize the sending of strings over the parent<->child comms links. - o Improve the build system so tcp_wrappers, PAM and OpenSSL can - be forcibly compiled out. - o Fix vsftpd.conf.5 typos - o If trans_chunk_size is between 1 and 4096, use 4096 rather - than ignoring totally. - o Add SSL / TLS info to SECURITY texts. - o Add README.ssl - o Add documentation for new SSL options to vsftpd.conf.5. - o Add support for CWD ~ - o Fix compile warnings. -* Sun May 30 2004 mmj@suse.de -- Add logrotate file [#41432] -* Tue Apr 27 2004 mmj@suse.de -- Update to 1.2.2 including: - o Fix nasty issue resulting in listener instability under - extreme load (root cause was re-entering malloc/free). - o Fix build with modern glibc-2.3 and no libcap on Linux. - o Add initial support for running as the user which launched - vsftpd, i.e. no root needed. Warning - easy to create - insecurity if you use this without knowing what you are - doing. - o For above run-as-launching-user support: make CDUP re-use CWD - code so that deny_file of *..* is useful. -* Mon Jan 26 2004 hvogel@suse.de -- reworked the log part of the conf file patch. - Enabled syslog as default log destination, clarify xferlog - settings. -* Mon Jan 19 2004 mmj@suse.de -- -D_LARGEFILE_SOURCE to get LFS support. Also make sure the - offset bits are set correct. -* Fri Jan 16 2004 kukuk@suse.de -- Add pam-devel to neededforbuild -* Thu Nov 13 2003 mmj@suse.de -- Update to 1.2.1 -* Wed Oct 15 2003 mmj@suse.de -- Don't build as root -* Mon Jul 28 2003 mmj@suse.de -- Add EXAMPLE/ and FAQ -- Don't strip explicitly -* Fri May 30 2003 mmj@suse.de -- Update to vsftpd-1.2.0 including: - · IPv6 support, so drop our patch - · Many bugfixes and tunings - · Build fixes -* Thu Mar 06 2003 mmj@suse.de -- Fix the xinetd conf file [#24774] -* Fri Feb 07 2003 kukuk@suse.de -- Use pam_unix2.so instead of pam_unix.so -* Fri Jan 24 2003 mmj@suse.de -- Correct xinetd conffile -* Tue Jan 14 2003 mmj@suse.de -- Install xinetd.d/vsftpd -* Sat Oct 26 2002 mmj@suse.de -- Use better configuration defaults, thanks henne. -* Fri Oct 25 2002 mmj@suse.de -- Add $RPM_OPT_FLAGS to CFLAGS when building -* Thu Oct 24 2002 mmj@suse.de -- Update to 1.1.2 including: - o Addition of per-IP connection limits in standalone mode. - o Add logging of refused connect due to global or IP connection limits. - o Make connection limit exceeded messages nonblocking. - o Don't exit the listener if fork fails. -* Tue Oct 08 2002 mmj@suse.de -- Update to 1.1.1 -* Fri Aug 02 2002 mmj@suse.de -- Update to 1.1.0 -* Tue Jul 09 2002 okir@suse.de -- Added a patch to get rid of lots of warnings caused by -Wshadow -- Added a patch to implement IPv6 support -* Tue Apr 30 2002 mmj@suse.de -- And now without detection of pam in /lib/libpam.so.0, which is - bogus. -* Sun Feb 17 2002 mmj@suse.de -- Added a patch to the vsftpd library detection function to make - it build with /usr/lib64. Fixes build on S/390. -* Tue Feb 12 2002 mmj@suse.de -- Remove Requires: ftpdir -* Mon Feb 04 2002 choeger@suse.de -- do not set e(x)ecute bit on textfiles -* Fri Feb 01 2002 choeger@suse.de -- declare config file as %%config(noreplace) -* Thu Jan 17 2002 mmj@suse.de -- Update to version 1.0.1 -* Fri Nov 30 2001 mmj@suse.de -- Use /etc/pam.d/vsftpd -* Tue Nov 13 2001 mmj@suse.de -- Updated to version 1.0.0 -* Mon Oct 22 2001 mmj@suse.de -- Initial package