SHA256
1
0
forked from pool/vsftpd
vsftpd/vsftpd-2.0.4-lib64.diff
Michal Vyskocil cf83fc9250 - update to upstream 3.0.0:
* Make listen mode the default.
  * Fix missing "const" in ssl.c
  * Add seccompsandbox.c to support a seccomp filter sandbox; works against
    Ubuntu 12.04 ABI.
  * Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
    seccompsandbox.c
  * Rename deprecated "sandbox" to "ptrace_sandbox".
  * Add a few more state checks to the privileged helper processes.
  * Add tunable "seccomp_sandbox", default on.
  * Use hardened build flags.
  * Retry creating a PASV socket upon port reuse race between bind() and
    listen(), patch from Ralph Wuerthner <ralph.wuerthner@de.ibm.com>.
  * Don't die() if recv() indicates a closed remote connection. Problem report
    on a Windows client from Herbert van den Bergh,
    <herbert.van.den.bergh@oracle.com>.
  * Add new config setting "allow_writeable_chroot" to help people in a bit of
    a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
  * Remove a couple of fixed things from BUGS.
  * strlen() trunction fix -- no particular impact.
  * Apply some tidyups from mmoufid@yorku.ca.
  * Fix delete_failed_uploads if there is a timeout. Report from Alejandro
    Hernández Hdez <aalejandrohdez@gmail.com>.
  * Fix other data channel bugs such as failure to log failure upon timeout.
  * Use exit codes a bit more consistently.
  * Fix bad interaction between SSL and trans_chunk_size.
  * Redo data timeout to fire properly for SSL sessions.
  * Redo idle timeout to fire properly for SSL sessions.
  * Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
  * Use 10 minutes as a max linger time just in case an alarm gets lost.
  * Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
  * Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
    Unfortunately the default vsftpd SSL confiuration still doesn't fully work with
    FileZilla, because FileZilla has a data connection security problem: no client
    certificate presentation and no session reuse. At least the error message is
    now very clear.
  * Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
    a data transfer is in progress.
  * Fix delete_failed_uploads for anonymous sessions.
  * Don't listen for urgent data if the control connection is SSL, due to possible
    protocol synchronization issues.
- SUSE specific changes:
  * turn off the listen mode (listen=NO) by default and change README.SUSE
  * merge new hardended flags for build and linking
  * fix the wrong Type=forking from systemd service file
  * turn off the seccomp_sandbox off by default as SUSE kernel does not support
    it (yet)

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=38
2012-04-11 12:03:42 +00:00

21 lines
972 B
Diff

Index: vsf_findlibs.sh
===================================================================
--- vsf_findlibs.sh.orig 2012-04-10 16:09:50.571389404 +0200
+++ vsf_findlibs.sh 2012-04-10 16:09:53.709496934 +0200
@@ -14,6 +14,7 @@
# crypt library.
if find_func pam_start sysdeputil.o; then
locate_library /lib/libpam.so.0 && echo "/lib/libpam.so.0";
+ locate_library /lib64/libpam.so.0 && echo "/lib64/libpam.so.0";
locate_library /usr/lib/libpam.so && echo "-lpam";
locate_library /usr/lib64/libpam.so && echo "-lpam";
locate_library /lib/x86_64-linux-gnu/libpam.so.0 && echo "-lpam";
@@ -23,6 +24,7 @@
locate_library /usr/lib/libpam.a && echo "-lpam";
else
locate_library /lib/libcrypt.so && echo "-lcrypt";
+ locate_library /lib64/libcrypt.so && echo "-lcrypt";
locate_library /usr/lib/libcrypt.so && echo "-lcrypt";
locate_library /usr/lib64/libcrypt.so && echo "-lcrypt";
locate_library /lib/x86_64-linux-gnu/libcrypt.so && echo "-lcrypt";