Compare commits

...

No commits in common. 'c9' and 'cs10' have entirely different histories.
c9 ... cs10

@ -0,0 +1,32 @@
From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 21 Dec 2017 14:29:25 +0100
Subject: [PATCH 42/59] When handling FEAT command, check ssl_tlsv1_1 and
ssl_tlsv1_2
Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1
or ssl_tlsv1_2 configuration option is enabled.
The patch was written by Martin Sehnoutka.
Resolves: rhbz#1432054
---
features.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/features.c b/features.c
index 1212980..d024366 100644
--- a/features.c
+++ b/features.c
@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess)
{
vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n");
}
- if (tunable_tlsv1)
+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2 || tunable_tlsv1_3)
{
vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
}
--
2.14.4

@ -2,11 +2,11 @@
Name: vsftpd Name: vsftpd
Version: 3.0.5 Version: 3.0.5
Release: 5%{?dist} Release: 9%{?dist}
Summary: Very Secure Ftp Daemon Summary: Very Secure Ftp Daemon
# OpenSSL link exception # OpenSSL link exception
License: GPLv2 with exceptions License: GPL-2.0-only WITH vsftpd-openssl-exception
URL: https://security.appspot.com/vsftpd.html URL: https://security.appspot.com/vsftpd.html
Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz
Source1: vsftpd.xinetd Source1: vsftpd.xinetd
@ -61,7 +61,6 @@ Patch29: 0029-Fix-segfault-in-config-file-parser.patch
Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch Patch30: 0030-Fix-logging-into-syslog-when-enabled-in-config.patch
Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch Patch31: 0031-Fix-question-mark-wildcard-withing-a-file-name.patch
Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch Patch32: 0032-Propagate-errors-from-nfs-with-quota-to-client.patch
#Patch33: 0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch
Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch Patch34: 0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch
Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch
@ -69,8 +68,7 @@ Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch
Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
Patch40: 0040-Use-system-wide-crypto-policy.patch Patch40: 0040-Use-system-wide-crypto-policy.patch
Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch Patch41: 0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch
#Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch Patch42: 0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
#Patch43: 0043-Enable-only-TLSv1.2-by-default.patch
Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch Patch44: 0044-Disable-anonymous_enable-in-default-config-file.patch
Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch Patch45: 0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch
Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch Patch46: 0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch
@ -96,11 +94,11 @@ Patch67: 0001-Fix-timestamp-handling-in-MDTM.patch
Patch68: 0002-Drop-an-unused-global-variable.patch Patch68: 0002-Drop-an-unused-global-variable.patch
Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch Patch69: 0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch
Patch70: fix-str_open.patch Patch70: fix-str_open.patch
Patch71: vsftpd-3.0.3-enable_wc_logs-replace_unprintable_with_hex.patch Patch71: vsftpd-3.0.5-enable_wc_logs-replace_unprintable_with_hex.patch
Patch72: vsftpd-3.0.5-use-old-tlsv-options.patch Patch72: vsftpd-3.0.5-replace-old-network-addr-functions.patch
Patch73: vsftpd-3.0.5-replace-old-network-addr-functions.patch Patch73: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch
Patch74: vsftpd-3.0.5-replace-deprecated-openssl-functions.patch Patch74: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch
Patch75: vsftpd-3.0.5-add-option-for-tlsv1.3-ciphersuites.patch Patch75: vsftpd-3.0.5-use-old-tlsv-options.patch
%description %description
vsftpd is a Very Secure FTP daemon. It was written completely from vsftpd is a Very Secure FTP daemon. It was written completely from
@ -170,54 +168,69 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
%{_var}/ftp %{_var}/ftp
%changelog %changelog
* Thu Apr 27 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-5 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.0.5-9
- add option for TLSv1.3 ciphersuites - Bump release for October 2024 mass rebuild:
- Resolves: rhbz#2188296 Resolves: RHEL-64018
* Tue Aug 20 2024 Tomas Korbar <tkorbar@redhat.com> - 3.0.5-8
- Fix FEAT command to list AUTH TLS when TLSv1.3 is enabled
- Resolves: RHEL-54726
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 3.0.5-7
- Bump release for June 2024 mass rebuild
* Mon Feb 13 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-4 * Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-6
- add patch to replace deprecated Openssl functions - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
- Resolves: rhbz#1981411
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 04 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-4
- add option for TLSv1.3 ciphersuites
- SPDX migration
* Mon Feb 06 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-3 * Fri Feb 17 2023 Richard Lescak <rlescak@redhat.com> - 3.0.5-3
- add patch to replace old network functions - make vsftpd compatible with Openssl 3.0+
- Resolves: rhbz#1951545 - replace old network functions
* Fri Nov 11 2022 Richard Lescak <rlescak@redhat.com> - 3.0.5-2 * Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-2
- reintroduce patch for support of wide-character strings in logs - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
- Related: rhbz#2018284
* Wed Oct 26 2022 Richard Lescak <rlescak@redhat.com> - 3.0.5-1 * Thu Jul 28 2022 Richard Lescak <rlescak@redhat.com> 3.0.5-1
- rebase to version 3.0.5 - rebase to version 3.0.5
- Resolves: rhbz#2018284
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-51
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Oct 27 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-49 * Wed Oct 27 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-49
- add option to disable TLSv1.3 - add option to disable TLSv1.3
- Resolves: rhbz#1954682 - Resolves: rhbz#2017705
* Wed Oct 13 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-48 * Wed Oct 13 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-48
- ALPACA fix backported from upstram 3.0.5 version - ALPACA fix backported from upstram 3.0.5 version
- Resolves: rhbz#1975647 - Resolves: rhbz#1975648
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.3-47
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.3-46 * Wed Oct 13 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-47
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Thu May 20 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-45
- Temporary pass -Wno-deprecated-declarations to gcc to ignore - Temporary pass -Wno-deprecated-declarations to gcc to ignore
deprecated warnings to be able to build against OpenSSL-3.0 deprecated warnings to be able to build against OpenSSL-3.0
- Resolves: rhbz#1958028 - Resolves: rhbz#1962603
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 3.0.3-46
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Apr 16 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-44 * Thu Apr 8 2021 Artem Egorenkov <aegorenk@redhat.com> - 3.0.3-44
- Enable support for wide-character strings in logs - Enable support for wide-character strings in logs
- Replace unprintables with HEX code, not question marks - Replace unprintables with HEX code, not question marks
- Resolves: rhbz#1948570
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.3-43 * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.0.3-43
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 - Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-42 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.3-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

Loading…
Cancel
Save