]> git.pld-linux.org Git - packages/pure-ftpd.git/blame - pure-ftpd-path_to_ssl_cert_in_config.patch
projects / packages / pure-ftpd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- added bcond_with extra (default off) for my patches:
[packages/pure-ftpd.git] / pure-ftpd-path_to_ssl_cert_in_config.patch
CommitLineData
92cc7555 1diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in pure-ftpd-1.0.20.new1/configuration-file/pure-config.pl.in
7797313a 2--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in 2004-02-29 12:17:00.000000000 +0100
92cc7555 3+++ pure-ftpd-1.0.20.new1/configuration-file/pure-config.pl.in 2004-08-17 10:42:26.000000000 +0200
fe6666d1 4@@ -57,6 +57,7 @@
6eed5aa7 5 TrustedIP => "-V",
6 AltLog => "-O",
7 PIDFile => "-g",
8+ SSLCertFile => "-7",
9 );
10
11 my %numeric_switch_for = (
92cc7555 12diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in pure-ftpd-1.0.20.new1/configuration-file/pure-config.py.in
7797313a 13--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in 2004-02-29 12:17:14.000000000 +0100
92cc7555 14+++ pure-ftpd-1.0.20.new1/configuration-file/pure-config.py.in 2004-08-17 10:42:26.000000000 +0200
fe6666d1 15@@ -55,6 +55,7 @@
16 option_tuple = (
17 ["IPV4Only[\s]+yes", "-4" ],
18 ["IPV6Only[\s]+yes", "-6" ],
19+ ["SSLCertFile\s+(\S+)", "-7", None ],
20 ["ChrootEveryone[\s]+yes", "-A" ],
21 ["TrustedGID[\s]+([\d]+)", "-a", None ],
22 ["BrokenClientsCompatibility[\s]+yes", "-b" ],
92cc7555 23diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in pure-ftpd-1.0.20.new1/configuration-file/pure-ftpd.conf.in
24--- pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in 2004-08-17 10:27:33.000000000 +0200
25+++ pure-ftpd-1.0.20.new1/configuration-file/pure-ftpd.conf.in 2004-08-17 10:42:26.000000000 +0200
6eed5aa7 26@@ -420,7 +420,8 @@
27 # 3) Only compatible clients will log in.
28
29 # TLS 1
30-
31+# SSLCertFile /etc/ssl/private/pure-ftpd.pem
32+# or /var/lib/openssl/certs/ftpd.pem (current location in PLD)
33
34
35 # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
92cc7555 36diff -Nur pure-ftpd-1.0.20.bef/man/pure-ftpd.8 pure-ftpd-1.0.20.new1/man/pure-ftpd.8
7797313a 37--- pure-ftpd-1.0.20.bef/man/pure-ftpd.8 2004-02-29 21:10:06.000000000 +0100
92cc7555 38+++ pure-ftpd-1.0.20.new1/man/pure-ftpd.8 2004-08-17 10:42:26.000000000 +0200
fe6666d1 39@@ -9,7 +9,7 @@
40 pure\-ftpd \- simple File Transfer Protocol server
41
42 .SH "SYNOPSIS"
43-.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
44+.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-7 certificate file] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
45
46 .br
47 Alternative style :
48@@ -22,6 +22,8 @@
49 .br
50 \-6 \-\-ipv6only
51 .br
52+\-7 \-\-sslcertfile
53+.br
54 \-a \-\-trustedgid
55 .br
56 \-A \-\-chrooteveryone
57@@ -157,6 +159,9 @@
58 .B \-6
59 Listen only to IPv6 connections.
60 .TP
61+.B \-7 file
62+Path to SSL certificate file.
63+.TP
64 .B \-a gid
65 Regular users will be chrooted to their home directories, unless
66 they belong to the specified gid. Note that root is always trusted,
92cc7555 67diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.c pure-ftpd-1.0.20.new1/src/ftpd.c
7797313a 68--- pure-ftpd-1.0.20.bef/src/ftpd.c 2004-07-17 15:28:22.000000000 +0200
92cc7555 69+++ pure-ftpd-1.0.20.new1/src/ftpd.c 2004-08-17 12:59:11.000000000 +0200
70@@ -5097,8 +5097,19 @@
7797313a 71 enforce_tls_auth > 2) {
6eed5aa7 72 die(421, LOG_ERR, MSG_CONF_ERR ": TLS");
73 }
92cc7555 74+ if ((tlscert_file = strdup(TLS_CERTIFICATE_FILE)) == NULL)
7797313a 75+ die_mem();
6eed5aa7 76 break;
77- }
78+ }
92cc7555 79+ case '7': {
80+ if (tlscert_file != NULL) {
81+ if (strlen(tlscert_file) > (size_t)0)
82+ free(tlscert_file);
83+ }
84+ if ((tlscert_file = strdup(optarg)) == NULL)
7797313a 85+ die_mem();
92cc7555 86+ break;
6eed5aa7 87+ }
88 #endif
89 case 'e': {
90 anon_only = 1;
92cc7555 91diff -Nur pure-ftpd-1.0.20.bef/src/ftpd_p.h pure-ftpd-1.0.20.new1/src/ftpd_p.h
7797313a 92--- pure-ftpd-1.0.20.bef/src/ftpd_p.h 2004-02-29 22:49:28.000000000 +0100
92cc7555 93+++ pure-ftpd-1.0.20.new1/src/ftpd_p.h 2004-08-17 10:42:26.000000000 +0200
6eed5aa7 94@@ -101,6 +101,7 @@
95 #endif
96 #ifdef WITH_TLS
97 "Y:"
98+ "7:"
99 #endif
100 "zZ";
101
102@@ -180,6 +181,7 @@
103 # endif
104 # ifdef WITH_TLS
105 { "tls", 1, NULL, 'Y' },
106+ { "sslcertfile", 1, NULL, '7'},
107 # endif
108 { "allowdotfiles", 0, NULL, 'z' },
109 { "customerproof", 0, NULL, 'Z' },
92cc7555 110diff -Nur pure-ftpd-1.0.20.bef/src/globals.h pure-ftpd-1.0.20.new1/src/globals.h
7797313a 111--- pure-ftpd-1.0.20.bef/src/globals.h 2004-02-29 22:49:28.000000000 +0100
92cc7555 112+++ pure-ftpd-1.0.20.new1/src/globals.h 2004-08-17 10:42:26.000000000 +0200
6eed5aa7 113@@ -167,6 +167,7 @@
114
115 #ifdef WITH_TLS
116 GLOBAL0(signed char enforce_tls_auth);
117+GLOBAL0(char *tlscert_file);
118 #endif
119
120 GLOBAL0(char *atomic_prefix);
92cc7555 121diff -Nur pure-ftpd-1.0.20.bef/src/tls.c pure-ftpd-1.0.20.new1/src/tls.c
7797313a 122--- pure-ftpd-1.0.20.bef/src/tls.c 2004-02-29 22:49:27.000000000 +0100
92cc7555 123+++ pure-ftpd-1.0.20.new1/src/tls.c 2004-08-17 10:42:26.000000000 +0200
6eed5aa7 124@@ -9,11 +9,12 @@
125 # include "tls.h"
126 # include "ftpwho-update.h"
127 # include "messages.h"
128+# include "globals.h"
129
130 static void tls_error(void)
131 {
132 logfile(LOG_ERR, "SSL/TLS [%s]: %s",
133- TLS_CERTIFICATE_FILE,
134+ tlscert_file,
135 ERR_error_string(ERR_get_error(), NULL));
136 _EXIT(EXIT_FAILURE);
137 }
138@@ -23,7 +24,7 @@
139 DH *dh;
140 BIO *bio;
141
142- if ((bio = BIO_new_file(TLS_CERTIFICATE_FILE, "r")) == NULL) {
143+ if ((bio = BIO_new_file(tlscert_file, "r")) == NULL) {
144 return -1;
145 }
146 if ((dh = PEM_read_bio_DHparams(bio, NULL, NULL
147@@ -65,11 +66,11 @@
148 tls_init_cache();
149 SSL_CTX_set_options(tls_ctx, SSL_OP_ALL);
150 if (SSL_CTX_use_certificate_chain_file
151- (tls_ctx, TLS_CERTIFICATE_FILE) != 1) {
152+ (tls_ctx, tlscert_file) != 1) {
153 die(421, LOG_ERR,
154- MSG_FILE_DOESNT_EXIST ": [%s]", TLS_CERTIFICATE_FILE);
155+ MSG_FILE_DOESNT_EXIST ": [%s]", tlscert_file);
156 }
157- if (SSL_CTX_use_PrivateKey_file(tls_ctx, TLS_CERTIFICATE_FILE,
158+ if (SSL_CTX_use_PrivateKey_file(tls_ctx, tlscert_file,
159 SSL_FILETYPE_PEM) != 1) {
160 tls_error();
161 }
Small, fast and secure FTP server
This page took 0.885545 seconds and 4 git commands to generate.