diff --git a/vsftpd/.footprint b/vsftpd/.footprint index 8696753c0..ac9af3407 100644 --- a/vsftpd/.footprint +++ b/vsftpd/.footprint @@ -3,7 +3,9 @@ drwxr-xr-x root/root etc/rc.d/ -rwxr-xr-x root/root etc/rc.d/vsftpd drwxr-xr-x root/root etc/ssl/ drwxr-xr-x root/root etc/ssl/certs/ --rw------- root/root etc/ssl/certs/vsftpd.pem (EMPTY) +-rw------- root/root etc/ssl/certs/vsftpd.crt (EMPTY) +drwxr-xr-x root/root etc/ssl/keys/ +-rw------- root/root etc/ssl/keys/vsftpd.key (EMPTY) -rw------- root/root etc/vsftpd.conf drwxr-xr-x root/root usr/ drwxr-xr-x root/root usr/man/ diff --git a/vsftpd/.md5sum b/vsftpd/.md5sum index b46f9de03..e239db404 100644 --- a/vsftpd/.md5sum +++ b/vsftpd/.md5sum @@ -1,3 +1,3 @@ -a8e256321a01b4001f967f8ad67a7e99 vsftpd -59ad6f663e9a51d8a6ca1d07118dddaa vsftpd-2.0.4.patch -c0bf8c7b8e15ab15827172786fc56115 vsftpd-2.0.4.tar.gz +7a0ece0af8aefad4313270a8786e041e vsftpd +146062e8b2f93af43ff6c2c770feea94 vsftpd-2.0.5.tar.gz +3376ee576fefef23d07b79ac1995710d vsftpd-config.patch diff --git a/vsftpd/Pkgfile b/vsftpd/Pkgfile index 7325b187d..d311813d2 100644 --- a/vsftpd/Pkgfile +++ b/vsftpd/Pkgfile @@ -4,20 +4,20 @@ # Depends on: openssl name=vsftpd -version=2.0.4 -release=2 +version=2.0.5 +release=1 source=(ftp://vsftpd.beasts.org/users/cevans/$name-$version.tar.gz \ - $name-$version.patch vsftpd) + $name-config.patch vsftpd) build () { cd $name-$version - patch -p1 < $SRC/$name-$version.patch + patch -p1 < $SRC/$name-config.patch make make DESTDIR=$PKG install - install -d $PKG/{etc/{rc.d,ssl/certs},var/log} + install -d $PKG/{etc/{rc.d,ssl/{certs,keys}},var/log} install -m 755 $SRC/vsftpd $PKG/etc/rc.d - touch $PKG/etc/ssl/certs/$name.pem - chmod 600 $PKG/etc/ssl/certs/$name.pem + touch $PKG/etc/ssl/{certs/$name.crt,keys/$name.key} + chmod 600 $PKG/etc/ssl/{certs/$name.crt,keys/$name.key} touch $PKG/var/log/vsftpd.log } diff --git a/vsftpd/vsftpd b/vsftpd/vsftpd index 6152a2247..16c5d4a82 100644 --- a/vsftpd/vsftpd +++ b/vsftpd/vsftpd @@ -3,14 +3,15 @@ # /etc/rc.d/vsftpd: start/stop vsftpd daemon # -CRT=/etc/ssl/certs/vsftpd.pem +CRT=/etc/ssl/certs/vsftpd.crt +KEY=/etc/ssl/keys/vsftpd.key case $1 in start) if [ ! -s $CRT ]; then - /usr/bin/mksslcert $CRT $CRT + /usr/bin/mksslcert $KEY $CRT fi - setsid /usr/sbin/vsftpd & + /usr/sbin/vsftpd ;; stop) killall -q /usr/sbin/vsftpd diff --git a/vsftpd/vsftpd-2.0.4.patch b/vsftpd/vsftpd-config.patch similarity index 64% rename from vsftpd/vsftpd-2.0.4.patch rename to vsftpd/vsftpd-config.patch index fdcb1eb17..7039aede9 100644 --- a/vsftpd/vsftpd-2.0.4.patch +++ b/vsftpd/vsftpd-config.patch @@ -1,6 +1,6 @@ -diff -Nru vsftpd-2.0.4.orig/Makefile vsftpd-2.0.4/Makefile ---- vsftpd-2.0.4.orig/Makefile 2006-01-10 19:25:18.000000000 +0100 -+++ vsftpd-2.0.4/Makefile 2006-01-10 19:25:36.000000000 +0100 +diff -Nru vsftpd-2.0.5.orig/Makefile vsftpd-2.0.5/Makefile +--- vsftpd-2.0.5.orig/Makefile 2006-07-04 08:34:30.000000000 +0200 ++++ vsftpd-2.0.5/Makefile 2006-07-04 08:34:48.000000000 +0200 @@ -3,7 +3,7 @@ INSTALL = install IFLAGS = -idirafter dummyinc @@ -36,9 +36,9 @@ diff -Nru vsftpd-2.0.4.orig/Makefile vsftpd-2.0.4/Makefile clean: rm -f *.o *.swp vsftpd -diff -Nru vsftpd-2.0.4.orig/builddefs.h vsftpd-2.0.4/builddefs.h ---- vsftpd-2.0.4.orig/builddefs.h 2006-01-10 19:25:18.000000000 +0100 -+++ vsftpd-2.0.4/builddefs.h 2006-01-10 19:25:36.000000000 +0100 +diff -Nru vsftpd-2.0.5.orig/builddefs.h vsftpd-2.0.5/builddefs.h +--- vsftpd-2.0.5.orig/builddefs.h 2006-07-04 08:34:30.000000000 +0200 ++++ vsftpd-2.0.5/builddefs.h 2006-07-04 08:34:48.000000000 +0200 @@ -1,9 +1,9 @@ #ifndef VSF_BUILDDEFS_H #define VSF_BUILDDEFS_H @@ -52,44 +52,48 @@ diff -Nru vsftpd-2.0.4.orig/builddefs.h vsftpd-2.0.4/builddefs.h #endif /* VSF_BUILDDEFS_H */ -diff -Nru vsftpd-2.0.4.orig/tunables.c vsftpd-2.0.4/tunables.c ---- vsftpd-2.0.4.orig/tunables.c 2006-01-10 19:25:18.000000000 +0100 -+++ vsftpd-2.0.4/tunables.c 2006-01-10 19:25:36.000000000 +0100 -@@ -92,7 +92,7 @@ - unsigned int tunable_max_per_ip = 0; - unsigned int tunable_trans_chunk_size = 0; +diff -Nru vsftpd-2.0.5.orig/tunables.c vsftpd-2.0.5/tunables.c +--- vsftpd-2.0.5.orig/tunables.c 2006-07-04 08:34:30.000000000 +0200 ++++ vsftpd-2.0.5/tunables.c 2006-07-04 08:42:45.000000000 +0200 +@@ -95,7 +95,7 @@ + unsigned int tunable_delay_successful_login = 0; + unsigned int tunable_max_login_fails = 3; -const char* tunable_secure_chroot_dir = "/usr/share/empty"; +const char* tunable_secure_chroot_dir = "/var/empty"; const char* tunable_ftp_username = "ftp"; const char* tunable_chown_username = "root"; const char* tunable_xferlog_file = "/var/log/xferlog"; -@@ -117,7 +117,7 @@ +@@ -120,9 +120,9 @@ const char* tunable_deny_file = 0; const char* tunable_user_sub_token = 0; const char* tunable_email_password_file = "/etc/vsftpd.email_passwords"; -const char* tunable_rsa_cert_file = "/usr/share/ssl/certs/vsftpd.pem"; -+const char* tunable_rsa_cert_file = "/etc/ssl/certs/vsftpd.pem"; ++const char* tunable_rsa_cert_file = "/etc/ssl/certs/vsftpd.crt"; const char* tunable_dsa_cert_file = 0; const char* tunable_ssl_ciphers = "DES-CBC3-SHA"; - const char* tunable_rsa_private_key_file = 0; -diff -Nru vsftpd-2.0.4.orig/vsftpd.conf vsftpd-2.0.4/vsftpd.conf ---- vsftpd-2.0.4.orig/vsftpd.conf 2006-01-10 19:25:18.000000000 +0100 -+++ vsftpd-2.0.4/vsftpd.conf 2006-01-10 19:25:36.000000000 +0100 -@@ -8,11 +8,23 @@ +-const char* tunable_rsa_private_key_file = 0; ++const char* tunable_rsa_private_key_file = "/etc/ssl/keys/vsftpd.key"; + const char* tunable_dsa_private_key_file = 0; + +diff -Nru vsftpd-2.0.5.orig/vsftpd.conf vsftpd-2.0.5/vsftpd.conf +--- vsftpd-2.0.5.orig/vsftpd.conf 2006-07-04 08:34:30.000000000 +0200 ++++ vsftpd-2.0.5/vsftpd.conf 2006-07-04 08:39:27.000000000 +0200 +@@ -8,11 +8,25 @@ # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # +# +# Run standalone +listen=YES ++background=YES +# +# Use tcp_wrappers library +tcp_wrappers=YES +# +# Enable SSL support -+ssl_enable=YES -+ssl_sslv3=YES ++#ssl_enable=YES ++#ssl_sslv3=YES +# # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES @@ -97,22 +101,30 @@ diff -Nru vsftpd-2.0.4.orig/vsftpd.conf vsftpd-2.0.4/vsftpd.conf # Uncomment this to allow local users to log in. #local_enable=YES +#force_local_logins_ssl=YES ++#force_local_data_ssl=YES # # Uncomment this to enable any form of FTP write command. #write_enable=YES -diff -Nru vsftpd-2.0.4.orig/vsftpd.conf.5 vsftpd-2.0.4/vsftpd.conf.5 ---- vsftpd-2.0.4.orig/vsftpd.conf.5 2006-01-10 19:25:18.000000000 +0100 -+++ vsftpd-2.0.4/vsftpd.conf.5 2006-01-10 19:25:36.000000000 +0100 -@@ -844,7 +844,7 @@ +diff -Nru vsftpd-2.0.5.orig/vsftpd.conf.5 vsftpd-2.0.5/vsftpd.conf.5 +--- vsftpd-2.0.5.orig/vsftpd.conf.5 2006-07-04 08:34:30.000000000 +0200 ++++ vsftpd-2.0.5/vsftpd.conf.5 2006-07-04 08:44:07.000000000 +0200 +@@ -863,21 +863,21 @@ This option specifies the location of the RSA certificate to use for SSL encrypted connections. -Default: /usr/share/ssl/certs/vsftpd.pem -+Default: /etc/ssl/certs/vsftpd.pem ++Default: /etc/ssl/certs/vsftpd.crt .TP .B rsa_private_key_file This option specifies the location of the RSA private key to use for SSL -@@ -858,7 +858,7 @@ + encrypted connections. If this option is not set, the private key is expected + to be in the same file as the certificate. + +-Default: (none) ++Default: /etc/ssl/keys/vsftpd.key + .TP + .B secure_chroot_dir + This option should be the name of a directory which is empty. Also, the directory should not be writable by the ftp user. This directory is used as a secure chroot() jail at times vsftpd does not require filesystem access.