pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/net/vsftpd

Module Name:    pkgsrc
Committed By:   abs
Date:           Mon Sep 22 11:02:21 UTC 2008

Modified Files:
        pkgsrc/net/vsftpd: Makefile distinfo
        pkgsrc/net/vsftpd/patches: patch-ad patch-af
Removed Files:
        pkgsrc/net/vsftpd/patches: patch-ag

Log Message:
Updated net/vsftpd to 2.0.7 - needed for recent FileZilla to with with SSL


- Apply fix for O_NONBLOCK vs. XFS DMAPI filesystem. Thanks to Sudha Srinivasan
- Fix build warnings exposed by my upgrade to Fedora Core 5 / GCC4.1.1.
- Be more honest in FEAT response if PORT or PASV are disabled! Reported by
Charles Honton <>. Allows MS Explorer to get the 
transfer mode
- -> in example PAM file. Thanks to
Rhodes, Colin <>.
- Add FAQ issue regarding "chroot fails with SSL" - in fact, sshd is being hit
here instead ;-)
- Minor man page doc tweaks.
- Tiny bit of paranoia in privops.c.
- Revert change to reject anonymous logins before asking for password. This
fixes complaints about IE not showing the FTP login dialog.
- Change SSL certificate load to cater for chaining too.
- Added delay_failed_login and delay_successful_login to help limit resources
taken by brute force attacks.
- Kick session after a few login fails. Allows IP blocking solutions to be more
immediately effective.
- Replace setenv() with more portable putenv(). First part of Solaris fix.
- Replace tm_gmtoff usage with timezone and daylight. Second part of Solaris
- Set PAM items TTY and RUSER if possible.
- OpenBSD build warning fixes.
- So, timezone and daylight are not available on BSD, so redo the whole TZ
thing again. Should use only very portable constructs now.


- Fix delay_failed_login typo. Oops.
- Patch the getcwd and readlink sysutil helpers to reflect that they wouldn't
like a 0-sized buf. No caller is affected. Thanks Ilja van Sprundel
- Allow a (fake) reauth as the same user as the logged in user. Should resolve
.NET related report from Sabo Jim <>.
- Tweak from Lucian Adrian Grijincu <> to 
unnecessary port calculations out of a loop.
- Fix byte I/O accounting in the error path of do_file_send_rwloop, thanks to
- Don't log FireFox's attempts to RETR directories! Reported by
Nixdorf, Tim <>.
- Fix STOU sending the same 150 status line twice - oops! Reported by
- Fix xferlog format for virtual (guest) users, reported by Andy Fletcher
- Fix bug with empty user list file and userlist_deny=NO. Reported by
Marcin Zawadzki/ <>.
- Pretend we have proper UTF8 support and respond positively to OPTS UTF8 ON.
Thanks Stanislav Maslovski <>.
- Add control over the file permissions used in the chown()ing of anonymous
uploads: chown_upload_mode (default 0600 as before). Suggestion from
An Pham <>.
- Do a retry getting the active ftp socket in vsf_privop_get_ftp_port_sock();
should help buggy Solaris systems. Reported by Michael Masterson
- Add debug_ssl option to dump out some SSL connection details.
- Use code 522, not 521, to indicate that the server requires an encrypted
data connection. Still does not seem to coax lftp to retry :(
- Recognize OPTS pre-login.
- A whole ton of SSL improvements, including ability to force requirement of
a client cert; data and control channel client cert cross checking. Ability
to require fully valid / authentic client certs. No cert-based auth yet.
- Change my e-mail to my GMail account.


- Fix finding libcap for the link on Slackware systems, thanks to Roman
Kravchenko <>.
- Fix build on Solaris 2.8 due to non-standard C, thanks to IIDA Yosiaki
- Fix man page typo, thanks Matt Selsky <>.
- Bring the PASV listen() into the bind() retry loop to resolve a race under
extreme load. Thanks to Curtis Taylor <>.
- Enhance logging for debug_ssl.
- Shutdown the SSL data connections properly. This prevents clients such as
recent FileZilla from complaining. Reported by various people.
- Add option to enforce proper SSL shutdown on uploads. Left it off after much
agonizing because clients are so broken in this area.
- Add option to delete failed uploads.

To generate a diff of this commit:
cvs rdiff -r1.28 -r1.29 pkgsrc/net/vsftpd/Makefile
cvs rdiff -r1.9 -r1.10 pkgsrc/net/vsftpd/distinfo
cvs rdiff -r1.5 -r1.6 pkgsrc/net/vsftpd/
cvs rdiff -r1.3 -r1.4 pkgsrc/net/vsftpd/patches/patch-ad
cvs rdiff -r1.4 -r1.5 pkgsrc/net/vsftpd/patches/patch-af
cvs rdiff -r1.3 -r0 pkgsrc/net/vsftpd/patches/patch-ag

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index