forked from pool/vsftpd
3c1c0c1731
problematic default setting for rsa_cert_file. Upstream initializes that value to "/usr/share/ssl/certs/vsftpd.pem" and vsftpd won't start up if that file does not exist (or if does not contain an RSA certificate). Therefore, users who copy a DSA certificate into that location or properly configure a DSA certificate via dsa_cert_file without explicitly disabling the RSA certificate won't be able to start vsftpd. [bsc#975538] OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=131
19 lines
755 B
Diff
19 lines
755 B
Diff
Index: vsftpd-3.0.3/vsftpd.conf
|
|
===================================================================
|
|
--- vsftpd-3.0.3.orig/vsftpd.conf 2018-06-21 11:01:12.125258812 +0000
|
|
+++ vsftpd-3.0.3/vsftpd.conf 2018-06-21 11:04:43.355979116 +0000
|
|
@@ -188,8 +188,12 @@ listen=NO
|
|
# Make sure, that one of the listen options is commented !!
|
|
listen_ipv6=YES
|
|
#
|
|
-# Set to ssl_enable=YES if you want to enable SSL
|
|
+# Set "ssl_enable=YES" to enable SSL support and configure the location of
|
|
+# your local certificate (RSA, DSA, or both). Note that vsftpd won't start
|
|
+# if either of the "xxx_cert_file" options sets a path that doesn't exist.
|
|
ssl_enable=NO
|
|
+rsa_cert_file=
|
|
+dsa_cert_file=
|
|
#
|
|
# Limit passive ports to this range to assis firewalling
|
|
pasv_min_port=30000
|