diff options
| author | tm <tm@pkgsrc.org> | 2021-10-16 19:46:41 +0000 |
|---|---|---|
| committer | tm <tm@pkgsrc.org> | 2021-10-16 19:46:41 +0000 |
| commit | 2af5dd83276e7a86ece1596e8d3fe399837fc544 (patch) | |
| tree | 9f56ba15d24d4d60d16028828639e3618aaab827 /net/proftpd/patches | |
| parent | 163f59d7c7176a6174a3c4f29db98cb160bfbd5e (diff) | |
| download | pkgsrc-2af5dd83276e7a86ece1596e8d3fe399837fc544.tar.gz | |
Update proftpd to 1.3.7c
1.3.7c
+ Fix memory disclosure to RADIUS servers by mod_radius (Issue #1284).
+ PCRE expressions with capture groups were not being handled properly
(Issue #1300).
1.3.7b
+ Fixed occasional segfaults with FTPS data transfers using TLSv1.3, when
session tickets cannot be decrypted (Issue #1063).
+ Passive transfers fail unexpectedly due to use of SO_REUSEPORT socket
option (Issue #1171).
+ Implemented support for Redis 6.x AUTH semantics (Issue #1070).
+ Fixed memory use-after-free issue in mod_sftp which can cause unexpected
login/authentication issues.
+ Fixed SQL syntax regression for some generated SQL statements
(Issue #1149).
+ Fixed "Corrupted MAC on inptut" errors when SFTP uses the
umac-64@openssh.com digest (Issue #1111).
1.3.7a
+ Fix build-time regression when using the --localstatedir configure option.
1.3.7
+ Support the SOURCE_DATE_EPOCH environment variable, for reproducible
builds (Issue #1038).
1.3.7rc4
+ Implemented support for configuring certificate options for LDAP
connections using SSL/TLS.
+ Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).
+ Fixed handling of IPv6 addresses in From directives (Issue #682).
+ Added -b and -n command-line options to ftptop.
+ Ignore supplemental groups when run as non-root user (Issue #808).
+ Use re-entrant versions of time functions where available (Issue #983).
+ New Configuration Directives
BanOptions
The BanOptions directive is used to tune mod_ban behavior, such as
creating ban entries that match/apply to all <VirtualHost> sections.
See doc/contrib/mod_ban.html#BanOptions for more details.
LDAPUseSASL
The LDAPUseSASL directive configures a list of SASL authentication
mechanisms to use, when using the LDAPBindDN to bind to the LDAP
server. See doc/contrib/mod_ldap.html#LDAPUseSASL for details.
LogOptions
The LogOptions directive is used to modify the default logging format
for ProFTPD syslog, debug, and module logging. See
doc/modules/mod_log.html#LogOptions for more information.
SQLKeepAlive
The SQLKeepAlive directive configures a periodic "keepalive" query
for ensuring the connection between mod_sql and the backend database
server. See doc/contrib/mod_sql.html#SQLKeepAlive for more information.
+ Changed Configuration Directives
LDAPServer
The LDAPServer directive now supports configuring the trusted CA
file, client certificate and key files, SSL ciphers, and verification
policies for LDAP connections. See doc/contrib/mod_ldap.html#LDAPServer
for more details.
TraceOptions
The TraceOptions directive now supports a "Timestamp" option, for
disabling inclusion of timestamps in Trace logs.
+ Developer notes
When MaxLoginAttempts is reach, the POST_CMD_ERR/LOG_CMD_ERR command
handler phases will now run. This allows interested modules, such
as mod_exec and others, to react to these events (Issue #718).
1.3.7rc3
+ Fixed regression in directory listing latency (Issue #863).
+ Fixed use-after-free vulnerability during data transfers (Issue #903).
+ Addressed out-of-bounds read in mod_cap by removing bundled libcap, and
relying solely on the system-provided libcap (Issue #902). Note that
building ProFTPD from source will *not* automatically include the
mod_cap module, unless the libcap library is available.
+ mod_sftp now supports OpenSSH-specific private host keys (Issue #793).
Newer versions of OpenSSH ssh-keygen(1) automatically generate private
keys formatted with this OpenSSH-specific format.
+ mod_sftp now supports Ed25519 keys (Bug #4221).
+ mod_sftp now supports RSA SHA-2 publickey signatures, per RFC 8332
(Issue #907).
+ mod_tls now honors client-provided SNI as part of the TLS handshake,
for implementing name-based virtual hosts via TLS SNI.
+ Changed Configuration Directives
LogFormat %{transfer-port}
The LogFormat directive supports a %{transfer-port} variable for
logging the selected data transfer port.
SFTPOptions NoExtensionNegotiation
The mod_sftp module now supports SSH extension negotations (RFC 8332).
If there any issues with this support, it can be disabled using:
SFTPOptions NoExtensionNegotiation
SQLAuthTypes bcrypt
The mod_sql_passwd module now supports bcrypt-encrypted passwords.
This can be enabled using:
SQLAuthTypes bcrypt
in your mod_sql configuration. See doc/contrib/mod_sql_password.html
for more information.
TLSOption IgnoreSNI
The TLSOption directive now supports an "IgnoreSNI" setting, to
tell mod_tls to ignore/not use any SNI, provided by the client in the
TLS handshake, for determining any name-based virtual hosts. See
doc/contrib/mod_tls.html#TLSOption for more details.
+ Added API
FSIO pread(2), pwrite(2) (Issue#317)
1.3.7rc2
+ Fixed pre-authentication remote denial-of-service issue (Issue #846,
CVE-2019-18217).
1.3.7rc1
+ RootRevoke is now on by default, meaning that once authentication succeeds,
all root privileges are dropped by default, unless the UserOwner directive
(which requires root privileges) is used (Bug#4241).
+ The mod_ident module is no longer automatically built by default.
To include the mod_ident module in the build, it must be explicitly
requested via --enable-ident or --with-shared=mod_ident.
This means that configuration files using the IdentLookups directive
will now want to using an enclosing <IfModule> section, like so:
<IfModule mod_ident.c>
IdentLookups off
</IfModule>
+ The mod_tls module now performs basic sanity checks of configured TLS
files on startup (Issue#491).
+ The mod_deflate module now supports MODE Z data transfers when TLS
is used (Issue#505).
+ The mod_xfer module now supports the RANG FTP command; see
https://tools.ietf.org/html/draft-bryan-ftp-range-08 (Issue#351).
+ The ftpasswd script now supports a --change-home option, for changing
the home directory of a user in an AuthUserFile (Issue#566).
+ The ftpasswd script supports deleting a user from a group (Issue#620).
+ Refactored the LogFormat handling code so that it is not longer
duplicated by mod_log, mod_sql, etc. The new Jot API is the common API
to be used by modules for LogFormat variables and logging.
+ Generated new DH parameters for mod_sftp, mod_tls.
+ New Configuration Directives
AuthFileOptions
The mod_auth_file module supports a configuration directive for disabling
its requirement for secure permissions on configured
AuthUserFile/AuthGroupFile. See
doc/modules/mod_auth_file.html#AuthFileOptions for information.
RedisLogOnEvent
The mod_redis module can be configured to log JSON messages based on
specified events (Issue#392). See the
doc/modules/mod_redis.html#RedisLogOnEvent documentation for details.
RedisOptions
The mod_redis module now implements a RedisOptions directive, for tuning
some of the module behavior (Issue#477). The
doc/modules/mod_redis.html#RedisOptions documentation has more details.
RedisSentinel
The mod_redis module now supports use of Redis Sentinels (Issue#396);
see doc/modules/mod_redis.html#RedisSentinel.
+ Changed Configuration Directives
AllowForeignAddress class-name
The AllowForeignAddress directive supports a Class name, for finer-grained
control over which clients are allowed to use foreign/mismatching IP
addresses for transfers. See
doc/modules/mod_core.html#AllowForeignAddress for more information.
ExecEnviron %b
The ExecEnviron directive has been fixed to properly resolve the %b
LogFormat variable (Issue#515).
RedisServer db-index (Issue#550)
The mod_redis module can now be configured to select a database index
via the RedisServer directive (Issue#550). See the
doc/modules/mod_redis.html#RedisServer documentation for details.
RewriteMap idnatrans
The mod_rewrite module can now support rewriting `idn` to `idna`
formats (Issue#231). See the doc/modules/mod_rewrite#RewriteMap for
details on how to do so.
RootRevoke on
The RootRevoke directive is now enabled by default (Bug#4241). This
makes for more secure configurations/sessions out-of-the-box. See
doc/modules/mod_auth.html#RootRevoke for more information.
SFTPCiphers, SFTPDigests
Some weak algorithms are now disabled by default in mod_sftp (Bug#4279).
These algorithms, if need be, can be explicitly enabled by configuration;
they are just not enabled automatically. For list of the algorithms
affected, see doc/contrib/mod_sftp.html#SFTPCiphers,
doc/contrib/mod_sftp.html#SFTPDigests.
SFTPOptions IncludeSFTPTimes
The SFTOptions directive of mod_sftp now supports an option for explicitly
including the timestamps of files when SFTP protocol 4 and higher are
used, even if the SFTP client did not request these timestamps. This
works around a bug in the popular Rebex SFTP library; see
doc/contrib/mod_sftp.html#SFTPOptions for details.
TLSProtocol TLSv1.3
The mod_tls module, and its TLSProtocol directive, now support TLSv1.3
(Issue#536). See doc/contrib/mod_tls.html#TLSProtocol for more
information.
TLSServerCipherPreference
The TLSServerCipherPreference directive is now enabled by default.
See doc/contrib/mod_tls.html#TLSServerCipherPrefrence.
TLSStaplingOptions NoFakeTryLater
Some TLS clients have trouble with the "fake" OCSP response that mod_tls
might stable, when the client requested stapled OCSP responses and
mod_tls is unable to contact the OCSP responder. Use this option to
disable such fake responses (Issue#518):
TLSStaplingOptions NoFakeTryLater
See doc/contrib/mod_tls.html#TLSStaplingOptions for details.
+ Removed Configuration Directives
The following directives have been removed:
GroupPassword
LoginPasswordPrompt
TransferPriority
Diffstat (limited to 'net/proftpd/patches')
| -rw-r--r-- | net/proftpd/patches/patch-Make.rules.in | 12 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-Makefile.in | 16 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-configure.in | 19 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-contrib_mod__load_configure.in | 16 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-contrib_mod__load_mod__load.c | 6 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-contrib_mod__load_mod__load.h.in | 6 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-contrib_mod__sftp_Makefile.in | 14 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-include_pfilter.h | 10 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-src_main.c | 18 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-src_pfilter.c | 10 | ||||
| -rw-r--r-- | net/proftpd/patches/patch-src_pidfile.c | 30 |
11 files changed, 105 insertions, 52 deletions
diff --git a/net/proftpd/patches/patch-Make.rules.in b/net/proftpd/patches/patch-Make.rules.in index f9225f14720..85692fca7f2 100644 --- a/net/proftpd/patches/patch-Make.rules.in +++ b/net/proftpd/patches/patch-Make.rules.in @@ -1,8 +1,10 @@ ---- Make.rules.in.orig 2015-05-27 20:25:54.000000000 -0400 -+++ Make.rules.in 2016-01-25 21:48:47.000000000 -0500 ---- Make.rules.in.orig 2017-04-10 02:31:02.000000000 +0000 -+++ Make.rules.in -@@ -113,3 +113,6 @@ BUILD_FTPTOP_OBJS=utils/ftptop.o utils/s +$NetBSD: patch-Make.rules.in,v 1.3 2021/10/16 19:46:42 tm Exp $ + +Add pfilter objects. + +--- Make.rules.in.orig Mon Aug 30 00:22:56 2021 ++++ Make.rules.in Fri Oct 15 10:32:05 2021 +@@ -114,3 +114,6 @@ FTPWHO_OBJS=ftpwho.o scoreboard.o misc.o BUILD_FTPWHO_OBJS=utils/ftpwho.o utils/scoreboard.o utils/misc.o diff --git a/net/proftpd/patches/patch-Makefile.in b/net/proftpd/patches/patch-Makefile.in index 01434382bdb..28dad4201f9 100644 --- a/net/proftpd/patches/patch-Makefile.in +++ b/net/proftpd/patches/patch-Makefile.in @@ -1,13 +1,13 @@ -$NetBSD: patch-Makefile.in,v 1.1 2015/07/13 15:39:27 he Exp $ +$NetBSD: patch-Makefile.in,v 1.2 2021/10/16 19:46:42 tm Exp $ Make this pkgsrc friendly. Linking ftpdctl does not (seem to) require all the libraries needed for various proftpd modules. It definitely cannot include -lwrap. ---- Makefile.in.orig 2015-05-28 00:25:54.000000000 +0000 -+++ Makefile.in -@@ -59,7 +59,7 @@ ftpcount$(EXEEXT): lib utils +--- Makefile.in.orig Tue Jul 21 17:25:51 2020 ++++ Makefile.in Fri Oct 15 09:18:04 2021 +@@ -77,7 +77,7 @@ $(CC) $(LDFLAGS) -o $@ $(BUILD_FTPCOUNT_OBJS) $(UTILS_LIBS) ftpdctl$(EXEEXT): lib src @@ -16,12 +16,12 @@ various proftpd modules. It definitely cannot include -lwrap. ftpscrub$(EXEEXT): lib utils $(CC) $(LDFLAGS) -o $@ $(BUILD_FTPSCRUB_OBJS) $(UTILS_LIBS) -@@ -178,7 +178,7 @@ install-man: $(DESTDIR)$(mandir) $(DESTD - $(INSTALL_MAN) $(top_srcdir)/src/proftpd.conf.5 $(DESTDIR)$(mandir)/man5 - $(INSTALL_MAN) $(top_srcdir)/src/xferlog.5 $(DESTDIR)$(mandir)/man5 +@@ -196,7 +196,7 @@ + $(INSTALL_MAN) $(top_builddir)/src/proftpd.conf.5 $(DESTDIR)$(mandir)/man5 + $(INSTALL_MAN) $(top_builddir)/src/xferlog.5 $(DESTDIR)$(mandir)/man5 -install-all: install-proftpd install-modules install-utils install-conf install-man install-libs install-headers install-pkgconfig install-locales $(INSTALL_DEPS) +install-all: install-proftpd install-modules install-utils install-man install-libs install-headers install-pkgconfig install-locales $(INSTALL_DEPS) - install: all install-all + install: $(BUILD_BIN) install-all diff --git a/net/proftpd/patches/patch-configure.in b/net/proftpd/patches/patch-configure.in index 44c8d05ab84..5c2d7f55742 100644 --- a/net/proftpd/patches/patch-configure.in +++ b/net/proftpd/patches/patch-configure.in @@ -1,8 +1,19 @@ -$NetBSD: patch-configure.in,v 1.1 2019/10/13 19:52:47 maya Exp $ +$NetBSD: patch-configure.in,v 1.2 2021/10/16 19:46:42 tm Exp $ ---- configure.in.orig 2017-04-10 02:31:02.000000000 +0000 -+++ configure.in -@@ -2836,6 +2836,12 @@ AC_TRY_RUN( +Test if blacklistd supported. + +--- configure.in.orig Tue Jul 21 17:25:51 2020 ++++ configure.in Fri Oct 15 09:41:18 2021 +@@ -2800,7 +2800,7 @@ + AC_DEFINE(PR_USE_NONBLOCKING_LOG_OPEN, 1, [Define if using nonblocking open of log files]) + fi + +-if test x"$enable_ident" == xyes ; then ++if test x"$enable_ident" = xyes ; then + ac_static_modules="mod_ident.o $ac_static_modules" + ac_build_static_modules="modules/mod_ident.o $ac_build_static_modules" + fi +@@ -2949,6 +2949,12 @@ AC_MSG_RESULT(cross-compiling); AC_DEFINE(HAVE_LU, 1, [Define if you have %lu support]) ) diff --git a/net/proftpd/patches/patch-contrib_mod__load_configure.in b/net/proftpd/patches/patch-contrib_mod__load_configure.in index 4dd739f0c2f..346284022bc 100644 --- a/net/proftpd/patches/patch-contrib_mod__load_configure.in +++ b/net/proftpd/patches/patch-contrib_mod__load_configure.in @@ -1,13 +1,15 @@ -$NetBSD: patch-contrib_mod__load_configure.in,v 1.1 2019/12/09 19:22:57 nros Exp $ -* solaris and derivates has loadavg in sys/loadavg.h ---- contrib/mod_load/configure.in.orig 2019-12-09 18:12:06.479685628 +0000 -+++ contrib/mod_load/configure.in -@@ -63,7 +63,7 @@ AC_ARG_WITH(libraries, +$NetBSD: patch-contrib_mod__load_configure.in,v 1.2 2021/10/16 19:46:42 tm Exp $ + +Solaris and derivates has loadavg in sys/loadavg.h + +--- contrib/mod_load/configure.in.orig Tue Jul 21 17:25:51 2020 ++++ contrib/mod_load/configure.in Fri Oct 15 09:22:45 2021 +@@ -63,7 +63,7 @@ ]) AC_HEADER_STDC -AC_CHECK_HEADERS(stdlib.h unistd.h limits.h fcntl.h) +AC_CHECK_HEADERS(stdlib.h unistd.h limits.h fcntl.h sys/loadavg.h) - AC_SUBST(LDFLAGS) - + dnl _Must_ come before AC_FUNC_GETLOADAVG + AC_CHECK_LIB(kstat, kstat_open) diff --git a/net/proftpd/patches/patch-contrib_mod__load_mod__load.c b/net/proftpd/patches/patch-contrib_mod__load_mod__load.c index 8cc4251e0e5..8cd8a94e00b 100644 --- a/net/proftpd/patches/patch-contrib_mod__load_mod__load.c +++ b/net/proftpd/patches/patch-contrib_mod__load_mod__load.c @@ -1,5 +1,7 @@ -$NetBSD: patch-contrib_mod__load_mod__load.c,v 1.2 2019/12/19 12:52:28 nros Exp $ -* solaris and derivates has loadavg in sys/loadavg.h +$NetBSD: patch-contrib_mod__load_mod__load.c,v 1.3 2021/10/16 19:46:42 tm Exp $ + +Solaris and derivates has loadavg in sys/loadavg.h + --- contrib/mod_load/mod_load.c.orig 2017-04-10 02:31:02.000000000 +0000 +++ contrib/mod_load/mod_load.c @@ -49,6 +49,10 @@ diff --git a/net/proftpd/patches/patch-contrib_mod__load_mod__load.h.in b/net/proftpd/patches/patch-contrib_mod__load_mod__load.h.in index 15eb6fb9c0c..ceba3734917 100644 --- a/net/proftpd/patches/patch-contrib_mod__load_mod__load.h.in +++ b/net/proftpd/patches/patch-contrib_mod__load_mod__load.h.in @@ -1,5 +1,7 @@ -$NetBSD: patch-contrib_mod__load_mod__load.h.in,v 1.1 2019/12/09 19:22:57 nros Exp $ -* solaris and derivates has loadavg in sys/loadavg.h +$NetBSD: patch-contrib_mod__load_mod__load.h.in,v 1.2 2021/10/16 19:46:42 tm Exp $ + +Solaris and derivates has loadavg in sys/loadavg.h + --- contrib/mod_load/mod_load.h.in.orig 2019-12-09 18:10:43.656037132 +0000 +++ contrib/mod_load/mod_load.h.in @@ -51,6 +51,9 @@ diff --git a/net/proftpd/patches/patch-contrib_mod__sftp_Makefile.in b/net/proftpd/patches/patch-contrib_mod__sftp_Makefile.in index 77b1af80a21..496e509ab14 100644 --- a/net/proftpd/patches/patch-contrib_mod__sftp_Makefile.in +++ b/net/proftpd/patches/patch-contrib_mod__sftp_Makefile.in @@ -1,15 +1,15 @@ -$NetBSD: patch-contrib_mod__sftp_Makefile.in,v 1.1 2015/09/25 10:01:37 wiedi Exp $ +$NetBSD: patch-contrib_mod__sftp_Makefile.in,v 1.2 2021/10/16 19:46:42 tm Exp $ Install mod_sftp misc files into examples folder ---- contrib/mod_sftp/Makefile.in.orig 2015-05-28 00:25:54.000000000 +0000 -+++ contrib/mod_sftp/Makefile.in -@@ -46,8 +46,9 @@ install: install-misc - fi +--- contrib/mod_sftp/Makefile.in.orig Tue Jul 21 17:25:51 2020 ++++ contrib/mod_sftp/Makefile.in Fri Oct 15 09:25:08 2021 +@@ -73,8 +73,9 @@ + $(INSTALL_MAN) $(MODULE_NAME).h $(DESTDIR)$(includedir)/proftpd/$(MODULE_NAME).h install-misc: -- $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 dhparams.pem $(DESTDIR)$(sysconfdir)/dhparams.pem -- $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 blacklist.dat $(DESTDIR)$(sysconfdir)/blacklist.dat +- $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 $(top_srcdir)/dhparams.pem $(DESTDIR)$(sysconfdir)/dhparams.pem +- $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 $(top_srcdir)/blacklist.dat $(DESTDIR)$(sysconfdir)/blacklist.dat + $(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/share/examples/proftpd + $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 dhparams.pem $(DESTDIR)$(PREFIX)/share/examples/proftpd/dhparams.pem + $(INSTALL) -o $(INSTALL_USER) -g $(INSTALL_GROUP) -m 0644 blacklist.dat $(DESTDIR)$(PREFIX)/share/examples/proftpd/blacklist.dat diff --git a/net/proftpd/patches/patch-include_pfilter.h b/net/proftpd/patches/patch-include_pfilter.h index 9cd2087ba3d..866fe7bbee3 100644 --- a/net/proftpd/patches/patch-include_pfilter.h +++ b/net/proftpd/patches/patch-include_pfilter.h @@ -1,7 +1,9 @@ ---- /dev/null 2016-01-22 17:30:55.000000000 -0500 -+++ include/pfilter.h 2016-01-22 16:18:33.000000000 -0500 ---- include/pfilter.h.orig 2019-10-13 19:47:58.412725364 +0000 -+++ include/pfilter.h +$NetBSD: patch-include_pfilter.h,v 1.3 2021/10/16 19:46:42 tm Exp $ + +Add packet filter + +--- /dev/null Fri Oct 15 10:32:05 2021 ++++ include/pfilter.h Fri Oct 15 10:32:05 2021 @@ -0,0 +1,3 @@ + +void pfilter_notify(int); diff --git a/net/proftpd/patches/patch-src_main.c b/net/proftpd/patches/patch-src_main.c index cf34663b161..91a4c0ad335 100644 --- a/net/proftpd/patches/patch-src_main.c +++ b/net/proftpd/patches/patch-src_main.c @@ -1,18 +1,18 @@ -$NetBSD: patch-src_main.c,v 1.1 2019/10/07 19:29:47 christos Exp $ +$NetBSD: patch-src_main.c,v 1.2 2021/10/16 19:46:42 tm Exp $ Add packet filter ---- src/main.c.orig 2017-04-09 22:31:02.000000000 -0400 -+++ src/main.c 2019-10-07 15:09:12.516004304 -0400 +--- src/main.c.orig Tue Jul 21 17:25:51 2020 ++++ src/main.c Fri Oct 15 09:29:42 2021 @@ -41,6 +41,7 @@ #endif #include "privs.h" +#include "pfilter.h" - int (*cmd_auth_chk)(cmd_rec *); - void (*cmd_handler)(server_rec *, conn_t *); -@@ -1089,6 +1090,7 @@ + #ifdef PR_USE_OPENSSL + # include <openssl/opensslv.h> +@@ -1116,6 +1117,7 @@ pid_t pid; sigset_t sig_set; @@ -20,13 +20,13 @@ Add packet filter if (no_fork == FALSE) { /* A race condition exists on heavily loaded servers where the parent -@@ -1206,7 +1208,8 @@ +@@ -1233,7 +1235,8 @@ /* Reseed pseudo-randoms */ - srand((unsigned int) (time(NULL) * getpid())); + pr_random_init(); - +#else -+ pfilter_init(); ++ pfilter_init(); #endif /* PR_DEVEL_NO_FORK */ /* Child is running here */ diff --git a/net/proftpd/patches/patch-src_pfilter.c b/net/proftpd/patches/patch-src_pfilter.c index 0c77b28f38c..9168a96a9ee 100644 --- a/net/proftpd/patches/patch-src_pfilter.c +++ b/net/proftpd/patches/patch-src_pfilter.c @@ -1,7 +1,9 @@ ---- /dev/null 2016-01-22 17:30:55.000000000 -0500 -+++ src/pfilter.c 2016-01-22 16:37:55.000000000 -0500 ---- src/pfilter.c.orig 2019-10-13 19:47:58.437871822 +0000 -+++ src/pfilter.c +$NetBSD: patch-src_pfilter.c,v 1.3 2021/10/16 19:46:42 tm Exp $ + +Add pfilter objects. + +--- /dev/null Fri Oct 15 10:32:05 2021 ++++ src/pfilter.c Fri Oct 15 10:32:05 2021 @@ -0,0 +1,41 @@ +#include "pfilter.h" +#include "conf.h" diff --git a/net/proftpd/patches/patch-src_pidfile.c b/net/proftpd/patches/patch-src_pidfile.c new file mode 100644 index 00000000000..fd4245f303a --- /dev/null +++ b/net/proftpd/patches/patch-src_pidfile.c @@ -0,0 +1,30 @@ +$NetBSD: patch-src_pidfile.c,v 1.1 2021/10/16 19:46:42 tm Exp $ + +dprintf is not availble on SunOS (illumos) + +--- src/pidfile.c.orig Fri Oct 15 10:11:49 2021 ++++ src/pidfile.c Fri Oct 15 10:11:58 2021 +@@ -29,6 +29,23 @@ + + static const char *pidfile_path = PR_PID_FILE_PATH; + ++#if defined(__sun) ++#include <stdarg.h> ++ ++int dprintf(int fd, const char *restrict format, ...) { ++ va_list ap; ++ FILE *f = fdopen(fd, "w"); ++ if (!f) { ++ return -1; ++ } ++ va_start(ap, format); ++ int result = fprintf(f, format, ap); ++ va_end(ap); ++ ++ return result; ++} ++#endif ++ + const char *pr_pidfile_get(void) { + return pidfile_path; + } |