* Increase VSFTP_AS_LIMIT to 200MB; various reports.
* Make the PWD response more RFC compliant; report from Barry Kelly
<barry@modeltwozero.com>.
* Remove the trailing period from EPSV response to work around BT Internet
issues; report from Tim Bishop <tdb@mirrorservice.org>.
* Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
<mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
* Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
probably have a different distro / libc / etc. and there are multiple reports.
* Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
this case gracefully. Report from Vasily Averin <vvs@odin.com>.
* List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
* Make some compile-time SSL defaults (such as correct client shutdown
handling) stricter.
* Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
* Kill the FTP session if we see HTTP protocol commands, to avoid
cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
* Kill the FTP session if we see session re-use failure. A report from
Tim Kosse <tim.kosse@filezilla-project.org>.
* Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
* Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
* Minor SSL logging improvements.
* Un-default tunable_strict_ssl_write_shutdown again. We still have
tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
upload integrity.
- Drop patch vsftpd-allow-dev-log-socket.patch should be included
upstream, se above bullet with mvyskocil's email
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=89
- Move the enabling of timeofday and alarm one level deeper to
be sure it is whitelisted everytime.
Also should possibly fix bnc#872215.
- Updated patch:
* vsftpd-enable-gettimeofday-sec.patch
- Remove forking from service type as it hangs in endless loop.
- Fix warning about dangling symlink on rcvsftpd from rpmlint and
remove also clean section while at it.
- Add patch to allow gettimeofday and alarm calls with seccomp
enabled. bnc#870122
- Added patch:
* vsftpd-enable-gettimeofday-sec.patch
- Specify that the service type is forking
- changed license to SUSE-GPL-2.0-with-openssl-exception
* suggested by legal team
- add allow_root_squashed_chroot option to enable chroot on nsf
mounted with squash_root option (fate#311051)
* vsftpd-root-squashed-chroot.patch
OBS-URL: https://build.opensuse.org/request/show/229627
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=59
- add vsftpd-enable-dev-log-sendto.patch (bnc#812406#c1)
* this enabled a sendto on /dev/log socket when syslog is enabled
- provide more verbose explanation about isolate_network and seccomp_sanbox in
config file template
- don't install init file on openSUSE 13.1+
- drop a build support for SL 10 and older
- add vsftpd-drop-newpid-from-clone.patch (bnc#786024#c38)
* drop CLONE_NEWPID from clone to enable audit system
- add vsftpd-enable-fcntl-f_setfl.patch (bnc#812406)
* unconditionally enable F_SETFL patch - might be safe to do
OBS-URL: https://build.opensuse.org/request/show/162590
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=55
Verify GPG signature: Perform build-time offline GPG verification.
Please verify that included keyring matches your needs.
For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System.
See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO.
If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO:
you can link or aggregate gpg-offline from
devel:tools:building or use following trick with "osc meta prjconf":
--- Cut here ----
%if 0%{?suse_version} <= 1220
Substitute: gpg-offline
%endif
Macros:
%gpg_verify(dnf) \
%if 0%{?suse_version} > 1220\
echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\
gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\
%else\
echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\
%endif\
%nil
-----------------
OBS-URL: https://build.opensuse.org/request/show/143938
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=49
* Fix some seccomp related build errors on certain CentOS and Debian versions.
* Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
opens and maps /proc/meminfo but only for larger item counts?
* Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
* Fix various NULL crashes with nonsensical config settings. Noted by Tianyin
Xu <tixu@cs.ucsd.edu>.
* Force cast to unsigned char in is* char functions.
* Fix harmless integer issues in strlist.c.
* Started on a (possibly ill-advised?) crusade to compile cleanly with
Wconversion. Decided to suspend the effort half-way through.
* One more seccomp policy fix: mremap (denied).
* Support STOU with no filename, uses a STOU. prefix.
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=45
* Make listen mode the default.
* Fix missing "const" in ssl.c
* Add seccompsandbox.c to support a seccomp filter sandbox; works against
Ubuntu 12.04 ABI.
* Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
seccompsandbox.c
* Rename deprecated "sandbox" to "ptrace_sandbox".
* Add a few more state checks to the privileged helper processes.
* Add tunable "seccomp_sandbox", default on.
* Use hardened build flags.
* Retry creating a PASV socket upon port reuse race between bind() and
listen(), patch from Ralph Wuerthner <ralph.wuerthner@de.ibm.com>.
* Don't die() if recv() indicates a closed remote connection. Problem report
on a Windows client from Herbert van den Bergh,
<herbert.van.den.bergh@oracle.com>.
* Add new config setting "allow_writeable_chroot" to help people in a bit of
a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
* Remove a couple of fixed things from BUGS.
* strlen() trunction fix -- no particular impact.
* Apply some tidyups from mmoufid@yorku.ca.
* Fix delete_failed_uploads if there is a timeout. Report from Alejandro
Hernández Hdez <aalejandrohdez@gmail.com>.
* Fix other data channel bugs such as failure to log failure upon timeout.
* Use exit codes a bit more consistently.
* Fix bad interaction between SSL and trans_chunk_size.
* Redo data timeout to fire properly for SSL sessions.
* Redo idle timeout to fire properly for SSL sessions.
* Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
* Use 10 minutes as a max linger time just in case an alarm gets lost.
* Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
* Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
Unfortunately the default vsftpd SSL confiuration still doesn't fully work with
FileZilla, because FileZilla has a data connection security problem: no client
certificate presentation and no session reuse. At least the error message is
now very clear.
* Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
a data transfer is in progress.
* Fix delete_failed_uploads for anonymous sessions.
* Don't listen for urgent data if the control connection is SSL, due to possible
protocol synchronization issues.
- SUSE specific changes:
* turn off the listen mode (listen=NO) by default and change README.SUSE
* merge new hardended flags for build and linking
* fix the wrong Type=forking from systemd service file
* turn off the seccomp_sandbox off by default as SUSE kernel does not support
it (yet)
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=38
