]> git.pld-linux.org Git - packages/pure-ftpd.git/blob - pure-ftpd-path_to_ssl_cert_in_config.patch
projects / packages / pure-ftpd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- fixed (maybe) - don't pass NULL to functions instead char * when
[packages/pure-ftpd.git] / pure-ftpd-path_to_ssl_cert_in_config.patch
1 diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in
2 --- pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in   2004-02-29 12:17:00.000000000 +0100
3 +++ pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in   2004-08-17 02:00:46.000000000 +0200
4 @@ -57,6 +57,7 @@
5         TrustedIP               => "-V",
6         AltLog                  => "-O",
7         PIDFile                 => "-g",
8 +       SSLCertFile             => "-7",
9  );
10  
11  my %numeric_switch_for = (
12 diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in
13 --- pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in   2004-02-29 12:17:14.000000000 +0100
14 +++ pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in   2004-08-17 02:00:46.000000000 +0200
15 @@ -55,6 +55,7 @@
16  option_tuple = (
17      ["IPV4Only[\s]+yes",                   "-4"                  ],
18      ["IPV6Only[\s]+yes",                   "-6"                  ],    
19 +    ["SSLCertFile\s+(\S+)",                "-7", None            ],
20      ["ChrootEveryone[\s]+yes",             "-A"                  ],
21      ["TrustedGID[\s]+([\d]+)",             "-a", None            ],
22      ["BrokenClientsCompatibility[\s]+yes", "-b"                  ],
23 diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in
24 --- pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in   2004-08-17 02:01:13.000000000 +0200
25 +++ pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in   2004-08-17 02:00:46.000000000 +0200
26 @@ -420,7 +420,8 @@
27  # 3) Only compatible clients will log in.
28  
29  # TLS                      1
30 -
31 +# SSLCertFile  /etc/ssl/private/pure-ftpd.pem 
32 +#              or /var/lib/openssl/certs/ftpd.pem (current location in PLD)
33  
34  
35  # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
36 diff -Nur pure-ftpd-1.0.20.bef/configure.ac pure-ftpd-1.0.20.new/configure.ac
37 --- pure-ftpd-1.0.20.bef/configure.ac   2004-06-20 19:41:27.000000000 +0200
38 +++ pure-ftpd-1.0.20.new/configure.ac   2004-08-17 02:00:46.000000000 +0200
39 @@ -1226,17 +1226,6 @@
40    AC_DEFINE(WITH_TLS,,[Enable TLS])
41  fi
42  
43 -AC_ARG_WITH(certfile,
44 -[AS_HELP_STRING(--with-certfile=,certificate file (default: /etc/ssl/private/pure-ftpd.pem))],
45 -[ if test "x$withval" != "x" ; then
46 -    certfile="$withval"
47 -    AC_SUBST(certfile)
48 -    CPPFLAGS="$CPPFLAGS -DTLS_CERTIFICATE_FILE='\"$certfile\"'"
49 -    if test -e "$certfile"; then
50 -      AC_MSG_WARN(No certificate is installed in $certfile yet)
51 -    fi
52 -  fi ])
53 -  
54  AC_ARG_WITH(rendezvous,
55  [AS_HELP_STRING(--with-rendezvous,Enable Rendezvous support on MacOS X (experimental))],
56  [ if test "x$withval" = "xyes" ; then
57 diff -Nur pure-ftpd-1.0.20.bef/man/pure-ftpd.8 pure-ftpd-1.0.20.new/man/pure-ftpd.8
58 --- pure-ftpd-1.0.20.bef/man/pure-ftpd.8        2004-02-29 21:10:06.000000000 +0100
59 +++ pure-ftpd-1.0.20.new/man/pure-ftpd.8        2004-08-17 02:00:46.000000000 +0200
60 @@ -9,7 +9,7 @@
61  pure\-ftpd \- simple File Transfer Protocol server
62  
63  .SH "SYNOPSIS"
64 -.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
65 +.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-7 certificate file] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
66  
67  .br
68  Alternative style :
69 @@ -22,6 +22,8 @@
70  .br
71  \-6 \-\-ipv6only
72  .br
73 +\-7 \-\-sslcertfile
74 +.br
75  \-a \-\-trustedgid
76  .br
77  \-A \-\-chrooteveryone
78 @@ -157,6 +159,9 @@
79  .B \-6
80  Listen only to IPv6 connections.
81  .TP
82 +.B \-7 file
83 +Path to SSL certificate file.
84 +.TP
85  .B \-a gid
86  Regular users will be chrooted to their home directories, unless
87  they belong to the specified gid. Note that root is always trusted,
88 diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.c pure-ftpd-1.0.20.new/src/ftpd.c
89 --- pure-ftpd-1.0.20.bef/src/ftpd.c     2004-07-17 15:28:22.000000000 +0200
90 +++ pure-ftpd-1.0.20.new/src/ftpd.c     2004-08-17 02:46:00.000000000 +0200
91 @@ -5097,8 +5097,15 @@
92                  enforce_tls_auth > 2) {
93                  die(421, LOG_ERR, MSG_CONF_ERR ": TLS");
94              }
95 +           if ((tlscert_file = strdup("")) == NULL)
96 +                die_mem();
97              break;
98 -        }            
99 +        }
100 +       case '7': {
101 +           if ((tlscert_file = strdup(optarg)) == NULL)
102 +                die_mem();
103 +           break;
104 +        }
105  #endif
106          case 'e': {
107              anon_only = 1;
108 diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.h pure-ftpd-1.0.20.new/src/ftpd.h
109 --- pure-ftpd-1.0.20.bef/src/ftpd.h     2004-03-02 20:08:59.000000000 +0100
110 +++ pure-ftpd-1.0.20.new/src/ftpd.h     2004-08-17 02:00:46.000000000 +0200
111 @@ -396,12 +396,6 @@
112  # define VHOST_PATH CONFDIR "/pure-ftpd"
113  #endif
114  
115 -#ifdef WITH_TLS
116 -# ifndef TLS_CERTIFICATE_FILE
117 -#  define TLS_CERTIFICATE_FILE "/etc/ssl/private/pure-ftpd.pem"
118 -# endif
119 -#endif
120 -
121  #define FAKE_SHELL "ftp"
122  
123  #ifndef PID_FILE
124 diff -Nur pure-ftpd-1.0.20.bef/src/ftpd_p.h pure-ftpd-1.0.20.new/src/ftpd_p.h
125 --- pure-ftpd-1.0.20.bef/src/ftpd_p.h   2004-02-29 22:49:28.000000000 +0100
126 +++ pure-ftpd-1.0.20.new/src/ftpd_p.h   2004-08-17 02:00:46.000000000 +0200
127 @@ -101,6 +101,7 @@
128  #endif
129  #ifdef WITH_TLS
130      "Y:"
131 +    "7:"
132  #endif    
133      "zZ";
134  
135 @@ -180,6 +181,7 @@
136  # endif
137  # ifdef WITH_TLS
138      { "tls", 1, NULL, 'Y' },
139 +    { "sslcertfile", 1, NULL, '7'},
140  # endif
141      { "allowdotfiles", 0, NULL, 'z' },
142      { "customerproof", 0, NULL, 'Z' },
143 diff -Nur pure-ftpd-1.0.20.bef/src/globals.h pure-ftpd-1.0.20.new/src/globals.h
144 --- pure-ftpd-1.0.20.bef/src/globals.h  2004-02-29 22:49:28.000000000 +0100
145 +++ pure-ftpd-1.0.20.new/src/globals.h  2004-08-17 02:00:46.000000000 +0200
146 @@ -167,6 +167,7 @@
147  
148  #ifdef WITH_TLS
149  GLOBAL0(signed char enforce_tls_auth);
150 +GLOBAL0(char *tlscert_file);
151  #endif
152  
153  GLOBAL0(char *atomic_prefix);
154 diff -Nur pure-ftpd-1.0.20.bef/src/tls.c pure-ftpd-1.0.20.new/src/tls.c
155 --- pure-ftpd-1.0.20.bef/src/tls.c      2004-02-29 22:49:27.000000000 +0100
156 +++ pure-ftpd-1.0.20.new/src/tls.c      2004-08-17 02:00:46.000000000 +0200
157 @@ -9,11 +9,12 @@
158  # include "tls.h"
159  # include "ftpwho-update.h"
160  # include "messages.h"
161 +# include "globals.h"
162  
163  static void tls_error(void) 
164  {
165      logfile(LOG_ERR, "SSL/TLS [%s]: %s", 
166 -            TLS_CERTIFICATE_FILE,
167 +            tlscert_file,
168              ERR_error_string(ERR_get_error(), NULL));
169      _EXIT(EXIT_FAILURE);
170  }
171 @@ -23,7 +24,7 @@
172      DH *dh;
173      BIO *bio;
174  
175 -    if ((bio = BIO_new_file(TLS_CERTIFICATE_FILE, "r")) == NULL) {
176 +    if ((bio = BIO_new_file(tlscert_file, "r")) == NULL) {
177          return -1;
178      }
179      if ((dh = PEM_read_bio_DHparams(bio, NULL, NULL
180 @@ -65,11 +66,11 @@
181      tls_init_cache();
182      SSL_CTX_set_options(tls_ctx, SSL_OP_ALL);    
183      if (SSL_CTX_use_certificate_chain_file
184 -        (tls_ctx, TLS_CERTIFICATE_FILE) != 1) {
185 +        (tls_ctx, tlscert_file) != 1) {
186          die(421, LOG_ERR,
187 -            MSG_FILE_DOESNT_EXIST ": [%s]", TLS_CERTIFICATE_FILE);
188 +            MSG_FILE_DOESNT_EXIST ": [%s]", tlscert_file);
189      }
190 -    if (SSL_CTX_use_PrivateKey_file(tls_ctx, TLS_CERTIFICATE_FILE,
191 +    if (SSL_CTX_use_PrivateKey_file(tls_ctx, tlscert_file,
192                                      SSL_FILETYPE_PEM) != 1) {
193          tls_error();
194      }
Small, fast and secure FTP server
This page took 0.047215 seconds and 4 git commands to generate.