X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;ds=sidebyside;f=pure-ftpd-path_to_ssl_cert_in_config.patch;h=ec77d5f9ed608226c865648cbb55c917314a76a3;hb=b458bc639058d44df7f015d9caa0b38469df3a03;hp=2ba44ae520dae2fa4e2f2447cf8fca157238ed11;hpb=6eed5aa76cf67e792acc8cf42c87e56f336c29f3;p=packages%2Fpure-ftpd.git diff --git a/pure-ftpd-path_to_ssl_cert_in_config.patch b/pure-ftpd-path_to_ssl_cert_in_config.patch index 2ba44ae..ec77d5f 100644 --- a/pure-ftpd-path_to_ssl_cert_in_config.patch +++ b/pure-ftpd-path_to_ssl_cert_in_config.patch @@ -1,17 +1,7 @@ -diff -Nura pure-ftpd-1.0.18.bef/configuration-file/pure-config.pl.in pure-ftpd-1.0.18.work/configuration-file/pure-config.pl.in ---- pure-ftpd-1.0.18.bef/configuration-file/pure-config.pl.in 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/configuration-file/pure-config.pl.in 2004-04-27 21:55:08.000000000 +0200 -@@ -10,9 +10,6 @@ - my $PUREFTPD; - -x && ($PUREFTPD=$_, last) for qw( - ${exec_prefix}/sbin/pure-ftpd -- /usr/local/pure-ftpd/sbin/pure-ftpd -- /usr/local/pureftpd/sbin/pure-ftpd -- /usr/local/sbin/pure-ftpd - /usr/sbin/pure-ftpd - ); - -@@ -57,6 +54,7 @@ +diff -Nur b/configuration-file/pure-config.pl.in n/configuration-file/pure-config.pl.in +--- b/configuration-file/pure-config.pl.in 2004-02-29 12:17:00.000000000 +0100 ++++ n/configuration-file/pure-config.pl.in 2004-09-15 17:02:28.545013000 +0200 +@@ -57,6 +57,7 @@ TrustedIP => "-V", AltLog => "-O", PIDFile => "-g", @@ -19,72 +9,97 @@ diff -Nura pure-ftpd-1.0.18.bef/configuration-file/pure-config.pl.in pure-ftpd-1 ); my %numeric_switch_for = ( -diff -Nura pure-ftpd-1.0.18.bef/configuration-file/pure-config.py.in pure-ftpd-1.0.18.work/configuration-file/pure-config.py.in ---- pure-ftpd-1.0.18.bef/configuration-file/pure-config.py.in 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/configuration-file/pure-config.py.in 2004-04-27 21:55:08.000000000 +0200 -@@ -111,7 +111,8 @@ - ["NoTruncate\s+yes", "-0" ], - ["PIDFile\s+(\S+)", "-g", None ], - ["PerUserLimits\s+([:0-9]+)", "-y", None ], -- ["TLSAuth\s+yes", "-Y", None ]) -+ ["TLSAuth\s+yes", "-Y", None ], -+ ["SSLCertFile\s+(\S+)", "-7", None ]) - - for option in option_tuple: - option[0] = re.compile(option[0], re.IGNORECASE) -diff -Nura pure-ftpd-1.0.18.bef/configuration-file/pure-ftpd.conf.in pure-ftpd-1.0.18.work/configuration-file/pure-ftpd.conf.in ---- pure-ftpd-1.0.18.bef/configuration-file/pure-ftpd.conf.in 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/configuration-file/pure-ftpd.conf.in 2004-04-27 21:55:08.000000000 +0200 -@@ -420,7 +420,8 @@ +diff -Nur b/configuration-file/pure-config.py.in n/configuration-file/pure-config.py.in +--- b/configuration-file/pure-config.py.in 2004-02-29 12:17:14.000000000 +0100 ++++ n/configuration-file/pure-config.py.in 2004-09-15 17:02:28.546012000 +0200 +@@ -55,6 +55,7 @@ + option_tuple = ( + ["IPV4Only[\s]+yes", "-4" ], + ["IPV6Only[\s]+yes", "-6" ], ++ ["SSLCertFile\s+(\S+)", "-7", None ], + ["ChrootEveryone[\s]+yes", "-A" ], + ["TrustedGID[\s]+([\d]+)", "-a", None ], + ["BrokenClientsCompatibility[\s]+yes", "-b" ], +diff -Nur b/configuration-file/pure-ftpd.conf.in n/configuration-file/pure-ftpd.conf.in +--- b/configuration-file/pure-ftpd.conf.in 2004-09-15 17:03:04.281580000 +0200 ++++ n/configuration-file/pure-ftpd.conf.in 2004-09-15 17:02:28.547012000 +0200 +@@ -420,7 +420,13 @@ # 3) Only compatible clients will log in. # TLS 1 - -+# SSLCertFile /etc/ssl/private/pure-ftpd.pem -+# or /var/lib/openssl/certs/ftpd.pem (current location in PLD) ++ ++# Path to SSL certificate file. This is non-standard addition ++# and it might disappear in the future. If not present ++# default is /var/lib/openssl/certs/ftpd.pem for PLD. ++# ++# SSLCertFile /etc/ssl/private/pure-ftpd.pem ++# # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6) -diff -Nura pure-ftpd-1.0.18.bef/configure.ac pure-ftpd-1.0.18.work/configure.ac ---- pure-ftpd-1.0.18.bef/configure.ac 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/configure.ac 2004-04-27 20:49:46.000000000 +0200 -@@ -1226,17 +1226,6 @@ - AC_DEFINE(WITH_TLS,,[Enable TLS]) - fi +diff -Nur b/man/pure-ftpd.8 n/man/pure-ftpd.8 +--- b/man/pure-ftpd.8 2004-02-29 21:10:06.000000000 +0100 ++++ n/man/pure-ftpd.8 2004-09-15 17:02:28.548012000 +0200 +@@ -9,7 +9,7 @@ + pure\-ftpd \- simple File Transfer Protocol server --AC_ARG_WITH(certfile, --[AS_HELP_STRING(--with-certfile=,certificate file (default: /etc/ssl/private/pure-ftpd.pem))], --[ if test "x$withval" != "x" ; then -- certfile="$withval" -- AC_SUBST(certfile) -- CPPFLAGS="$CPPFLAGS -DTLS_CERTIFICATE_FILE='\"$certfile\"'" -- if test -e "$certfile"; then -- AC_MSG_WARN(No certificate is installed in $certfile yet) -- fi -- fi ]) -- - AC_ARG_WITH(rendezvous, - [AS_HELP_STRING(--with-rendezvous,Enable Rendezvous support on MacOS X (experimental))], - [ if test "x$withval" = "xyes" ; then -diff -Nura pure-ftpd-1.0.18.bef/src/ftpd.c pure-ftpd-1.0.18.work/src/ftpd.c ---- pure-ftpd-1.0.18.bef/src/ftpd.c 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/src/ftpd.c 2004-04-27 22:46:14.000000000 +0200 -@@ -5092,7 +5092,11 @@ + .SH "SYNOPSIS" +-.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z] ++.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-7 certificate file] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z] + + .br + Alternative style : +@@ -22,6 +22,8 @@ + .br + \-6 \-\-ipv6only + .br ++\-7 \-\-sslcertfile ++.br + \-a \-\-trustedgid + .br + \-A \-\-chrooteveryone +@@ -157,6 +159,9 @@ + .B \-6 + Listen only to IPv6 connections. + .TP ++.B \-7 SSL certificate file ++Path to SSL certificate file. If option \-7 is not present default value is /var/lib/openssl/certs/ftpd.pem for PLD. This is non\-standard addition. It might disappear in the future and meaning of \-7 option is not guaranted. ++.TP + .B \-a gid + Regular users will be chrooted to their home directories, unless + they belong to the specified gid. Note that root is always trusted, +diff -Nur b/src/ftpd.c n/src/ftpd.c +--- b/src/ftpd.c 2004-09-15 18:05:29.951069216 +0200 ++++ n/src/ftpd.c 2004-09-15 18:03:14.172710664 +0200 +@@ -4830,7 +4830,7 @@ + int fodder; + int bypass_ipv6 = 0; + struct passwd *pw; +- ++ + #ifdef PROBE_RANDOM_AT_RUNTIME + pw_zrand_probe(); + #endif +@@ -5097,6 +5097,15 @@ + enforce_tls_auth > 2) { die(421, LOG_ERR, MSG_CONF_ERR ": TLS"); } - break; -- } -+ } -+ case '7': { -+ tlscert_file = strdup(optarg); -+ break; ++ if (!tlscert_file) ++ if ((tlscert_file = strdup(TLS_CERTIFICATE_FILE)) == NULL) ++ die_mem(); ++ break; + } ++ case '7': { ++ free(tlscert_file); ++ if ((tlscert_file = strdup(optarg)) == NULL) ++ die_mem(); + break; + } #endif - case 'e': { - anon_only = 1; -diff -Nura pure-ftpd-1.0.18.bef/src/ftpd_p.h pure-ftpd-1.0.18.work/src/ftpd_p.h ---- pure-ftpd-1.0.18.bef/src/ftpd_p.h 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/src/ftpd_p.h 2004-04-27 21:55:58.000000000 +0200 +diff -Nur b/src/ftpd_p.h n/src/ftpd_p.h +--- b/src/ftpd_p.h 2004-02-29 22:49:28.000000000 +0100 ++++ n/src/ftpd_p.h 2004-09-15 17:02:28.561010000 +0200 @@ -101,6 +101,7 @@ #endif #ifdef WITH_TLS @@ -101,9 +116,9 @@ diff -Nura pure-ftpd-1.0.18.bef/src/ftpd_p.h pure-ftpd-1.0.18.work/src/ftpd_p.h # endif { "allowdotfiles", 0, NULL, 'z' }, { "customerproof", 0, NULL, 'Z' }, -diff -Nura pure-ftpd-1.0.18.bef/src/globals.h pure-ftpd-1.0.18.work/src/globals.h ---- pure-ftpd-1.0.18.bef/src/globals.h 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/src/globals.h 2004-04-27 22:48:38.000000000 +0200 +diff -Nur b/src/globals.h n/src/globals.h +--- b/src/globals.h 2004-02-29 22:49:28.000000000 +0100 ++++ n/src/globals.h 2004-09-15 17:02:28.561010000 +0200 @@ -167,6 +167,7 @@ #ifdef WITH_TLS @@ -112,9 +127,9 @@ diff -Nura pure-ftpd-1.0.18.bef/src/globals.h pure-ftpd-1.0.18.work/src/globals. #endif GLOBAL0(char *atomic_prefix); -diff -Nura pure-ftpd-1.0.18.bef/src/tls.c pure-ftpd-1.0.18.work/src/tls.c ---- pure-ftpd-1.0.18.bef/src/tls.c 2004-04-27 20:32:42.000000000 +0200 -+++ pure-ftpd-1.0.18.work/src/tls.c 2004-04-27 22:56:00.000000000 +0200 +diff -Nur b/src/tls.c n/src/tls.c +--- b/src/tls.c 2004-02-29 22:49:27.000000000 +0100 ++++ n/src/tls.c 2004-09-15 17:02:28.562010000 +0200 @@ -9,11 +9,12 @@ # include "tls.h" # include "ftpwho-update.h"