![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / net / wu-ftpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.47, Mon May 25 11:55:51 2020 UTC (3 years, 4 months ago) by nia
Branch: MAIN
CVS Tags: HEAD
Changes since 1.46: +1 -1
lines
FILE REMOVED
net: remove wu-ftpd old insecure version (~2005), fails to build, and upstream is gone plenty of other ftp daemons still exist
Revision 1.46 / (download) - annotate - [select for diffs], Sun Nov 3 11:45:58 2019 UTC (3 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1,
pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored)
net: align variable assignments pkglint -Wall -F --only aligned --only indent -r No manual corrections.
Revision 1.45 / (download) - annotate - [select for diffs], Mon Feb 4 09:34:49 2019 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3,
pkgsrc-2019Q2-base,
pkgsrc-2019Q2,
pkgsrc-2019Q1-base,
pkgsrc-2019Q1
Changes since 1.44: +2 -3
lines
Diff to previous 1.44 (colored)
*: ftp.freenet.de does not provide ftp/http service any longer
Revision 1.44 / (download) - annotate - [select for diffs], Sat Apr 21 13:38:05 2018 UTC (5 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base,
pkgsrc-2018Q4,
pkgsrc-2018Q3-base,
pkgsrc-2018Q3,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.43: +1 -2
lines
Diff to previous 1.43 (colored)
*: gd.tuwien.ac.at/ftp.tuwien.ac.at is gone, remove it from various mastersites
Revision 1.43 / (download) - annotate - [select for diffs], Wed Sep 6 10:40:31 2017 UTC (6 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1,
pkgsrc-2017Q4-base,
pkgsrc-2017Q4,
pkgsrc-2017Q3-base,
pkgsrc-2017Q3
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored)
Comment out dead sites.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Jan 19 18:52:21 2017 UTC (6 years, 8 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base,
pkgsrc-2017Q2,
pkgsrc-2017Q1-base,
pkgsrc-2017Q1
Changes since 1.41: +5 -5
lines
Diff to previous 1.41 (colored)
Convert all occurrences (353 by my count) of MASTER_SITES= site1 \ site2 style continuation lines to be simple repeated MASTER_SITES+= site1 MASTER_SITES+= site2 lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint accordingly.
Revision 1.41 / (download) - annotate - [select for diffs], Sun Apr 24 10:34:44 2016 UTC (7 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base,
pkgsrc-2016Q4,
pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored)
sunet.se stopped mirroring lots of stuff, remove/comment out references to it
Revision 1.40 / (download) - annotate - [select for diffs], Sat Feb 7 22:58:18 2015 UTC (8 years, 7 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base,
pkgsrc-2016Q1,
pkgsrc-2015Q4-base,
pkgsrc-2015Q4,
pkgsrc-2015Q3-base,
pkgsrc-2015Q3,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.39: +2 -3
lines
Diff to previous 1.39 (colored)
The SUNET archive is being decomissioned ( http://ftp.sunet.se/news.html )
Revision 1.39 / (download) - annotate - [select for diffs], Mon Dec 23 11:57:05 2013 UTC (9 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4,
pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2,
pkgsrc-2014Q1-base,
pkgsrc-2014Q1,
pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.38: +3 -2
lines
Diff to previous 1.38 (colored)
Reset maintainer for resigned developers.
Revision 1.38 / (download) - annotate - [select for diffs], Mon Apr 8 11:17:20 2013 UTC (10 years, 5 months ago) by rodent
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base,
pkgsrc-2013Q3,
pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.37: +2 -2
lines
Diff to previous 1.37 (colored)
Remove "Trailing empty lines." and/or "Trailing white-space."
Revision 1.37 / (download) - annotate - [select for diffs], Tue Oct 23 17:19:20 2012 UTC (10 years, 11 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base,
pkgsrc-2013Q1,
pkgsrc-2012Q4-base,
pkgsrc-2012Q4
Changes since 1.36: +1 -3
lines
Diff to previous 1.36 (colored)
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Revision 1.36 / (download) - annotate - [select for diffs], Sat Jan 21 02:38:30 2012 UTC (11 years, 8 months ago) by zafer
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base,
pkgsrc-2012Q3,
pkgsrc-2012Q2-base,
pkgsrc-2012Q2,
pkgsrc-2012Q1-base,
pkgsrc-2012Q1
Changes since 1.35: +3 -4
lines
Diff to previous 1.35 (colored)
update MASTER_SITES. Remove aarnet.edu.au. they stopped mirroring wu-ftp.
Revision 1.35 / (download) - annotate - [select for diffs], Sat Jan 21 02:25:48 2012 UTC (11 years, 8 months ago) by zafer
Branch: MAIN
Changes since 1.34: +1 -3
lines
Diff to previous 1.34 (colored)
update MASTER_SITES. Aarnet.edu.au has stopped mirroring wu-ftp.
Revision 1.34 / (download) - annotate - [select for diffs], Thu Feb 11 23:14:14 2010 UTC (13 years, 7 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1
Changes since 1.33: +3 -1
lines
Diff to previous 1.33 (colored)
DESTDIR support
Revision 1.33 / (download) - annotate - [select for diffs], Fri May 1 13:21:51 2009 UTC (14 years, 5 months ago) by zafer
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2
Changes since 1.32: +5 -7
lines
Diff to previous 1.32 (colored)
update mirrors.
Revision 1.32 / (download) - annotate - [select for diffs], Sun Dec 2 12:18:09 2007 UTC (15 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
cwrapper,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.31: +2 -12
lines
Diff to previous 1.31 (colored)
Remove Ex-MASTER_SITEs. From Zafer Aydogan.
Revision 1.31 / (download) - annotate - [select for diffs], Mon Nov 12 00:00:49 2007 UTC (15 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.30: +1 -2
lines
Diff to previous 1.30 (colored)
Remove ftp.bitcon.no from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37326.
Revision 1.30 / (download) - annotate - [select for diffs], Thu Feb 22 19:27:01 2007 UTC (16 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored)
Whitespace cleanup, courtesy of pkglint. Patch provided by Sergey Svishchev in private mail.
Revision 1.29 / (download) - annotate - [select for diffs], Tue Jun 20 22:20:10 2006 UTC (17 years, 3 months ago) by minskim
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3,
pkgsrc-2006Q2-base,
pkgsrc-2006Q2
Changes since 1.28: +3 -1
lines
Diff to previous 1.28 (colored)
USE_TOOLS+=yacc
Revision 1.28 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:50 2005 UTC (17 years, 10 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base,
pkgsrc-2006Q1,
pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Changes since 1.27: +5 -5
lines
Diff to previous 1.27 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.27 / (download) - annotate - [select for diffs], Thu Mar 24 21:12:59 2005 UTC (18 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3,
pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.26: +1 -3
lines
Diff to previous 1.26 (colored)
Remove FreeBSD RCS Ids. pkgsrc has diverged too much for syncing to be useful.
Revision 1.25.8.1 / (download) - annotate - [select for diffs], Tue Mar 1 20:47:50 2005 UTC (18 years, 7 months ago) by snj
Branch: pkgsrc-2004Q4
Changes since 1.25: +2 -2
lines
Diff to previous 1.25 (colored) next main 1.26 (colored)
Pullup ticket 324 - requested by Thomas Klausner
security fix for wu-ftpd
Revisions pulled up:
- pkgsrc/net/wu-ftpd/Makefile 1.26
- pkgsrc/net/wu-ftpd/distinfo 1.13
- pkgsrc/net/wu-ftpd/patches/patch-ak 1.4
Module Name: pkgsrc
Committed By: wiz
Date: Tue Mar 1 16:06:37 UTC 2005
Modified Files:
pkgsrc/net/wu-ftpd: Makefile distinfo
Added Files:
pkgsrc/net/wu-ftpd/patches: patch-ak
Log Message:
Apply patch from Rainer Schoepf in
http://marc.theaimsgroup.com/?l=bugtraq&m=110960890901497&w=2
to fix
http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities
Bump PKGREVISION.
Revision 1.26 / (download) - annotate - [select for diffs], Tue Mar 1 16:06:37 2005 UTC (18 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base,
pkgsrc-2005Q1
Changes since 1.25: +2 -2
lines
Diff to previous 1.25 (colored)
Apply patch from Rainer Schoepf in http://marc.theaimsgroup.com/?l=bugtraq&m=110960890901497&w=2 to fix http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities Bump PKGREVISION.
Revision 1.25 / (download) - annotate - [select for diffs], Sat Feb 14 00:54:45 2004 UTC (19 years, 7 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base,
pkgsrc-2004Q3-base,
pkgsrc-2004Q3,
pkgsrc-2004Q2-base,
pkgsrc-2004Q2,
pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Branch point for: pkgsrc-2004Q4
Changes since 1.24: +1 -4
lines
Diff to previous 1.24 (colored)
remove unneeded CONFIG_{GUESS,SUB}_OVERRIDE, as bsd.pkg.mk does this
automatically now.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Sep 23 10:42:09 2003 UTC (20 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored)
Use vsnprintf instead of vsprintf in one place where user supplies part of the string. Bump PKGREVISION.
Revision 1.23 / (download) - annotate - [select for diffs], Fri Sep 5 09:09:25 2003 UTC (20 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.22: +5 -1
lines
Diff to previous 1.22 (colored)
Add two patches for vulnerabilities (realpath, and a DOS) from the official site. Bump PKGREVISION.
Revision 1.22 / (download) - annotate - [select for diffs], Thu Jul 17 22:52:03 2003 UTC (20 years, 2 months ago) by grant
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
s/netbsd.org/NetBSD.org/
Revision 1.21 / (download) - annotate - [select for diffs], Sun Sep 29 12:04:30 2002 UTC (21 years ago) by cjep
Branch: MAIN
CVS Tags: netbsd-1-6-1-base,
netbsd-1-6-1
Changes since 1.20: +4 -1
lines
Diff to previous 1.20 (colored)
Use CONFIG_{GUESS,SUB}_OVERRIDE so that this builds on mipsel (and probably
others).
Revision 1.20 / (download) - annotate - [select for diffs], Mon Dec 3 09:30:36 2001 UTC (21 years, 10 months ago) by abs
Branch: MAIN
CVS Tags: pkgviews-base,
pkgviews,
netbsd-1-6-RELEASE-base,
netbsd-1-6,
netbsd-1-5-PATCH003,
buildlink2-base,
buildlink2
Changes since 1.19: +2 -8
lines
Diff to previous 1.19 (colored)
Update wu-ftpd to 2.6.2.
Changes since 2.6.1 (several of which where in the 2.6.1nb1 version)
o Added checks for missing "]" and "}" in filename globs, this completes
the file globbing heap corruption vulnerability fix.
o Added checks to the globbing code for overflow of restbuf, and additional
globerr setting and checking to speed up return on error.
o Changed the globbing code to use qsort, much faster when sorting a large
number of strings.
o Handle ftpglob() returning a vector containing just a NULL string, fixes
problems caused by CWD ~{
o Somehow the fix for pasv-allow didn't actually make it into 2.6.1
o Provide a compile-time option to revert NLST to showing directories.
o Fix missing format strings in debugging code.
Revision 1.19 / (download) - annotate - [select for diffs], Fri Nov 30 11:39:58 2001 UTC (21 years, 10 months ago) by abs
Branch: MAIN
Changes since 1.18: +9 -1
lines
Diff to previous 1.18 (colored)
Update net/wu-ftpd to 2.6.1nb1
Adds the following wu-ftpd.org post 2.6.1 patches:
- ftpglob
- missing_format_strings
- nlst-shows-dirs
- pasv-port-allow-correction
The first (ftpglob) covers a potential root compromise.
Revision 1.18 / (download) - annotate - [select for diffs], Thu Sep 27 23:18:33 2001 UTC (22 years ago) by jlam
Branch: MAIN
Changes since 1.17: +5 -5
lines
Diff to previous 1.17 (colored)
Mechanical changes to 375 files to change dependency patterns of the form foo-* to foo-[0-9]*. This is to cause the dependencies to match only the packages whose base package name is "foo", and not those named "foo-bar". A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also change dependency examples in Packages.txt to reflect this.
Revision 1.17 / (download) - annotate - [select for diffs], Thu Apr 12 09:26:15 2001 UTC (22 years, 5 months ago) by wennmach
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.16: +4 -2
lines
Diff to previous 1.16 (colored)
Add a CONFLICTS entry for lukemftpd Detected by pkgconflict.
Revision 1.16 / (download) - annotate - [select for diffs], Thu Mar 29 20:08:49 2001 UTC (22 years, 6 months ago) by kim
Branch: MAIN
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored)
This conflicts with kth-krb4
Revision 1.15 / (download) - annotate - [select for diffs], Sat Feb 17 18:19:57 2001 UTC (22 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.14: +2 -1
lines
Diff to previous 1.14 (colored)
Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jul 8 16:52:04 2000 UTC (23 years, 3 months ago) by rh
Branch: MAIN
CVS Tags: netbsd-1-5-RELEASE,
netbsd-1-4-PATCH003
Changes since 1.13: +2 -3
lines
Diff to previous 1.13 (colored)
Update wu-ftpd to 2.6.1
Changes to 2.6.0 include:
o Fix security leaks that could result in a root shell compromise.
o Fix memory leaks in internal ls (this feature still needs more testing;
you should probably not use it on high-traffic production servers yet.)
o Fix up the port-allow command in ftpaccess.
o Merge in the virtual passwd/virtual shadow features of BeroFTPD.
o Some fixes to the configure script.
o SITE MINFO was missed in 2.6.0 when disabling SITE NEWER.
o Fix documentation of data-limit.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Jun 26 20:09:33 2000 UTC (23 years, 3 months ago) by rh
Branch: MAIN
Changes since 1.12: +4 -3
lines
Diff to previous 1.12 (colored)
Add patches to fix a possible buffer overflow attacks with the "SITE EXEC" command. Bump revision to 2.6.0nb1
Revision 1.12 / (download) - annotate - [select for diffs], Thu Apr 27 03:53:49 2000 UTC (23 years, 5 months ago) by kim
Branch: MAIN
Changes since 1.11: +8 -1
lines
Diff to previous 1.11 (colored)
Make %F work in messages.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Dec 27 12:13:04 1999 UTC (23 years, 9 months ago) by rh
Branch: MAIN
CVS Tags: netbsd-1-4-PATCH002
Changes since 1.10: +25 -12
lines
Diff to previous 1.10 (colored)
Update wu-ftpd to 2.6.0.
Changes in 2.6.0:
o On sigpipe, always log a lost connection.
o Added a log message on attempts to download files marked unretrievable.
o The SITE NEWER feature has been disabled. A compile-time option has been
added to re-enable it. See config.h.noac for more information on this.
o With restricted-uid/gid, CWD to a non-existant directory would display the
full pathname rather than just relative to the user's home. Actually, the
fix catches most cases where this could occur, not just the CWD verb.
o Fixed a bug in the restricted-uid/gid feature which could allow access
outside the user's home directory in some cases.
o Bumped MAXHST (max. hosts allowed on a line) for ftphosts from 10 to 12.
Fixed a bug related to this which can cause the server to crash checking
host access.
o The internal ls (see below) was judged to be unready. It has been disabled
by default but can be enabled with a compile-time option for those who wish
to attempt to debug it (be warned, it has a lot of problems).
o Split the "bad shell or user not in ftpusers" syslog message into two
messages to prevent confusion.
o Filename globs for LIST, NLST and SITE EXEC, as well as a few internal
uses, are cleaned up before processing. For example: */./../* becomes
just *. This prevents certain memory starvation DoS attacks.
o Corrections for RFC compliance can break some clients. If possible, the
broken client should be updated, but a compile-time option has been
added. See the config.h.noac for more information on this.
o Created doc/HOWTO directory and moved VIRTUAL.FTP.SUPPORT and
upload.configuration.HOWTO there.
o Add a README.AUTOCONF file describing the autoconf build in detail.
o UC, Berkeley, has removed the requirement that all advertising material
must include credit to them. Removed the clause from the LICENSE and
the historical licenses in the COPYRIGHT file.
o Added the email-on-upload feature from BeroFTPD. See the ftpaccess man
page for defaults on these added ftpaccess clauses:
mailserver <hostname>
incmail <emailaddress>
mailfrom <emailaddress>
virtual <address> incmail <emailaddress>
virtual <address> mailfrom <emailaddress>
defaultserver incmail <emailaddress>
defaultserver mailfrom <emailaddress>
o Redhat added the -I option to disable RFC931 (AUTH/ident). Added to
the baseline so Redhat users don't see a loss of a feature. Setting
the timeout for rfc931 to zero will do the same thing in the ftpaccess
file.
o The test for whether restricted-uid/restricted-gid applied should have
been done before the chroot so it used the system /etc/passwd and
/etc/group files.
o CDUP when you were already at the home directory, would complain about
you being restricted (if you were). Instead it should give a positive
reply, and do nothing. This makes it behave more like CDUP when you're
not restricted to your home directory.
o deny-uid and deny-gid were being tested for anonymous users. Bad move,
it's too easy to forget to allow them. Use 'defaultserver private' to
keep anonymous users away.
o Correct the operation of the NLST command. Finally. mget should now
work as users expect it to.
o Prevent buffer overruns when processing message files.
o Correct a reference through a NULL pointer when doing S/Key
authentication and the user is not in the passwd file.
o Check the return code from select() when setting up a data connection.
Under some rare conditions it is possible that the select was called
for an fd_set which has no members, hanging the daemon.
o Ensure a pattern of "*" matches everything. The new path_compare (used
on upload and throughput clauses in the ftpaccess file) sets the option
FNM_PATHNAME, so:
* matches everything
/* matches everything
/*/* matches /dogs/toto and /dogs/toto/photos but not /dogs
o setproctitle() support added for UnixWare.
o Removed all FIXES files. Merged their contents into this CHANGES file
(the one you're reading now). The old doc/FIXES directory has been
tar'd and will be placed in the attic when 2.6.0 releases.
o Corrected an error in the MAPPING_CHDIR feature which could be used to
gain root privileges on the server.
o Added -V command-line option to View the copyright and exit.
o Added the privatepw command and documentation.
o Port for FreeBSD corrected.
o Adding the LICENSE file to the baseline.
o Added print_copyright function so our copyright is embedded in the
executables.
o WU-FTPD Development Group copyright headers added. Original Copyright
headers moved into the COPYRIGHT file.
o RCS Ids from 2.4.x removed and new templates added for wu-ftpd.org
usage.
o Make sure the signal context is restored when jumping out of signal
handlers. This was causing signal 11 on some systems.
o Cleaned up the how-to of setting up virtual hosting support.
o Corrected header file dependencies.
o Changed NLST to nlst, necessary as ftpcmd.c #defines NLST.
o Tidied up virtual variables.
o Changed so compiles cleanly on SCO OpenServer 5, UnixWare 2 and
UnixWare 7.
o Anonymous users could get in even though no class was defined for them.
o Support for non-ANSI/ISO compilers has been removed. You MUST have and
ANSI/ISO C compiler. This has been true for some time, all that has
changed is the (incomplete) support for older (K&R) compilers has been
removed.
o Added Kent Landfield's NEWVIRT scheme for extensive virutal hosting.
See the updated documentation on virtual hosting for details.
o ftprestart has been added to the base daemon kit.
o A buffer overrun in the ftpshut command has been corrected. Since, on
most sites, the ftpshut command is only usable by the superuser, this
is not considered a security issue. If you have installed ftpshut with
suid-root permissions (not the default), then there is the possibility
this overrun could be used to leverage root permissions.
o Several new ftpaccess clauses have been added. These allow control of
the various timeouts used within the daemon. The new clauses are:
timeout accept <seconds>
timeout connect <seconds>
timeout data <seconds>
timeout idle <seconds>
timeout maxidle <seconds>
timeout RFC931 <seconds>
o Myriad places where inactivity timeouts were not being properly
detected or handled have been corrected.
The built-in directory listings, both the original NLST and the
build-in LIST (ls), now detect inactivity. The original NLST did
not which could lead to hanging daemons.
C FILE handles for data connections are now always flushed, then
the socket is shutdown cleanly before being closed.
As a side effect, the daemon now more often properly detects
incomplete transfers. This can lead, though, to the xferlog
showing the correct byte count (meaning the daemon read or wrote
that many bytes over the data connection), but still log the
transfer as incomplete (meaning the socket did not properly
shutdown so the client probably missed some data).
o The daemon no longer attempts to replace the system's <arpa/ftp.h>
header when compiling. Instead, it uses its own local copy at all
times.
o The daemon will now wait for the transfer to complete before sending
'Transfer complete' or similar messages. This improves the daemon's
reliability for poorly written clients which take recipt of the message
as indication the transfer has completed rather than reading until the
connection closes.
o Guest and anonymous logout was not recorded on Linux. Removed call to
updwtmp and returned to old method of updating the lastlog.
o Script "vr.sh" is no longer needed. The Development Group will not be
releasing patches to upgrade; they can be obtained from CVS if needed.
o "realpath_on_steroids" is no longer needed. Removed.
o Use a custom version of fnmatch() which changes the rules for matching
file and directory names. The most visible result of this is
noretrieve and allow-retrieve are now much more flexible. See the
ftpaccess manpage for examples.
o Use the correct SPT_TYPE for FreeBSD 2.0 or later.
o Correct the class= logic on the allow-retrieve clause.
o Enhanced DNS extensions. This adds three ftpaccess clauses:
dns refuse_mismatch <filename> [override]
dns refuse_no_reverse <filename> [override]
dns resolveroptions [options]
o Corrected a reference in the manpage for ftpconversions to ftpd.
o The string 'path-filter' is now used in the system logs to describe
problems resulting from failing a path-filter check. The daemon used
to just say 'bad filename' which was misleading to some people.
o Added instruction on how to support PAM on Solaris. Right now this
means hand editing src/config/config.sol and
src/makefiles/Makefile.sol.
o Checking that all platforms use config.h, src/config/config.isc was
found to have forgotten to include the file.
o A security deficency on SunOS 4.1, not having a working getcwd()
function, has been corrected by using the provided function.
Compilation bugs in the portable getcwd() function have been corrected.
o The daemon will no longer hang attempting to close the RFC931 socket
when the remote end is firewalled and does not respond to traffic for
this protocol. This was determined to be inappropriate handling of
SIGALRM; handling for this signal has been cleaned up throughout the
daemon.
o The daemon may now be built using GNU autoconf. This is in the early
stages and not all platforms may be supported. The old build system
will be maintained for at least the 2.6.0 release; until the major
platforms are all known to be supported.
o Two new ftpaccess clauses have been added. These allows the site admin
to selectively allow PORT and PASV data connections where the remote IP
address does not match the remote IP address on the control connection.
The new clauses are:
port-allow <class> [<addrglob> ...]
pasv-allow <class> [<addrglob> ...]
o The daemon now includes an internal 'ls' command.
o Ported to Mac OS/X.
0 Added (limited) support for AFS and DCE user authentication. This is
only know to work on AIX, and needs porting to other platforms. For
now, this requires hand work to enable.
o Added an ftpaccess clause to enable TCP keepalives. This clause is:
keepalive <yes|no>
o You can now specify the xferlog filename for the default server just as
you can for the virtual hosts; in the ftpaccess file. The new clause
is:
xferlog <absolute path>
o ftpaccess manpage cleaned up. Many typos corrected, some techincal
changes. Indentation should now be correct.
o Apache's .indent.pro to the src and support directories. Ran all *.c
and *.h files through it. ftpcmd.y has been indented by hand. The
code is now a lot more readable!
o A bug in the parsing for the deny !nameserved ftpaccess clause has been
corrected.
o Technical corrections in the ftpd manpage.
o Add util/recompress.c as a more generic version of gzip2cmp.c
###########################################################################
Changes in 2.5.0:
o Change the handling of wtmp for GNU libc to use the Os-provided
function updwtmp().
o Prevent some buffer overruns.
o Fix permissions on some files installed by RPM, add the log rotation
control file.
o Change the seteuid() calls for fchown() and chown() for POSIXLY_CORRECT
systems.
o pid file locking in ftpcount (ftpwho) is now consistent with the way
the daemon locks these files.
o Cancel any pending alarm request to stop acl_remove() from being
interrupted then called again via the SIGALRM handler, this should fix
the flock on a bad file descriptor looping problem.
o Use %m in syslog format strings in place of %s and strerror(), this
simplifies #ifdefs.
o For SCO, link ftpcount with libsocket, necessary as it now calls
syslog().
o Added Redhat's RPM SPEC file for building RPMs.
o English corrections in ftpaccess manpage. Technical correction: the
noretrieve/allow-retrieve clauses do NOT support regular expressions.
o Move where ftpglob stuff is defined to avoid compilation errors on some
systems.
o Port to SGI Irix version 4 corrected.
o Overwrite behavior on uploads has been made consistent with shell
usage. The daemon does not change ownership or permissions on
overwrite.
o Corrected the PASV command to bind to the correct interface (local IP
address).
o Removed the OVERWRITE and UPLOAD defines from platform config files;
they are defined in the main config.h header.
o Issuing CWD without any parameters caused a signal 11, crashing the
daemon.
o Port to HP/UX corrected.
o Added ERRATA file to discuss problems with getcwd().
o Added a portable version of the getcwd() function for systems which do
not have it or imcorrectly implement it. NextStep 3 uses this new
function.
o OPIE support was being disabled even though the proper command-line
switches were being set. Corrected the use of opieverify().
o The fatal() function was not declared void; this was causing problems
with some compilers.
o Port to Hitachi HI-UX corrected.
o Some calls to fnmatch() were missing parameters.
o Corrected the 'restricted' user feature. It now works well with most
FTP clients.
o Correct usage of -d vs -e in the install Makefile for a number of
platforms.
o You can now use negated hostnames/addresses on the class ftpaccess
clause.
o Added an ftpaccess clause to specify random text for the initial
greeting:
greeting text <message>
o Corrected password encryption/checking for Digital Unix with C2
security (SECUREOSF).
o Merged the TODO file from the VR series with Stan's TODO file for the
Academ betas.
o Changed the various permission denial messages sent by the daemon to
the client to make it clear the message originated from the server.
o Ports to SCO, Solaris, uxw, ptx and isc corrected.
o Use the newer SEEK_ defines in place of the old BSD L_ defines and
removed the global definition of entry, each function should define it
locally.
o Removed an unnecessary lseek(L_SET) in ftpcount (ftpwho).
o Link ftpcount and ftpshut with ${XXLIBS}.
o Made strsep() definition consistent with BSD and Linux. Add strsep()
definition to conversions.c.
o Added #include <string.h> to ckconfig.c.
o Replaced the _PATH_DEVNULL define with a #include of "pathnames.h" in
popen.c.
o Support long group access passwords if SecureWare or HPUX_10_TRUSTED
are defined (using bigcrypt()).
o Fixed a memory leak in restrict.c.
o Digital Unix version 4 has a working getcwd(); use it instead of
getwd().
o Stop restrict_list_check() from walking off the end of name.
o Added -x command-line option to mean 'log syslog+xferlog'.
o Changed the log ftpaccess clause to allow logging transfers to both the
syslog and xferlog. The log ftpaccess clauses now include:
log syslog
log xferlog
log syslog+xferlog
o Formation of the WU-FTPD Development Group on 1 April, 1999.
2.4.2-VR17 chosen as initial baseline for the daemon.
###########################################################################
Changes in 2.4.2-VR17:
o Gregory A Lundberg resigns as the de-facto maintainer of WU-FTPD. "And
you thought I was joking."
o VIRTUAL is now the default for Solaris; all Solaris systems support
multiple interfaces (IP addresses).
o Fixed complaints involving virtual_len reported by several beta
testers.
o Some of the 'C' source code in ftpcmd.y depended upon a particular
behavior when ANSI/ISO does not define it. Corrected so all compilers
will properly interpret the code.
o Corrected the support for QUOTA on Solaris.
o The GNU EGCS 'C' compiler is broken. A quick check and we can avoid
the brokenness.
o Port to Ultrix corrected.
o The default shell on NextStep wants -d instead of -e. Changed to test
instead of [] since that's more portable; will probably do the same to
other systems in a future release.
o MNTMAXSTR was possibly undefined on Digital Unix 4.0 even when not
using QUOTA_DEVICE, causing compilation errors.
o Added daemonaddress to the ftpaccess manpage.
o Added a note from Chad Price <cprice@molbio.unmc.edu> in src/logwtmp.c
about the brokenness of Solaris' last command.
o It turns out that not all SunOS 4.1 boxes actually have a getcwd()
function.
o The labels unix and __unix__ are depricated on BSD, effecting the logic
for the reponse to the SYST command.
o Added an appnote about OPIE. See src/makefiles/Makefile.lnx for a way
to automatically have the daemon use OPIE. Send your Makefile if you
do something similar for your system.
o Added an appnote about a problem experienced with Trusted Solaris.
o Added doc/misc directory to start collecting interesting tidbits which
may help people get their servers going.
o The FIXES files were really cluttering up the base directory. Moved
them to a directory under doc.
o The 'log security' ftpaccess clause covered all but a few messages
about filesystem operations. It now covers the few it missed.
o Under some conditions _PATH_WTMP was not being set in pathnames.h
o QUOTA is now supported for Solaris.
o Trusted Solaris needed additional functionality in ftpcount (ftpwho).
o File locking in ftpcount (ftpwho) was never completed.
o Port to HP/UX corrected.
o 'make install' now accepts DESTDIR to install into a directory
structure other than the root file system. A number of other optional
parameters are available to override the default ownership of the
installed files. Missing directories are automatically created. File
permisssions were reduced to the minimum necessary.
o Dead code removed.
o The Makefile for Linux now automatically detects if PAM is installed
and compiles the daemon to use it.
o Fix an uninitialized variable in ftpshut which could effect the way the
command works with default values.
o Suppress trailing blanks from the output of a wide 'ps' in the ftpcount
(ftpwho) command. Just making things pretty.
o Updated upload.configuration.HOWTO to describe more of the
configuration having to do with class= rules and overwrite, delete and
rename clauses.
o Added vers.c and edit to 'make cleandir' in the src directory. These
files are automatically created during the build process.
o Added a restrict_check(".") in the LIST command for consistency with
the remainder of the code in ftpcmd.y.
o Corrected the 'restricted' users feature so it would play nicely with
web clients and the way some of them mis-interpret FTP URLs.
Revision 1.10 / (download) - annotate - [select for diffs], Sun Mar 7 16:31:59 1999 UTC (24 years, 7 months ago) by rh
Branch: MAIN
CVS Tags: netbsd-1-4-RELEASE,
netbsd-1-4-PATCH001,
comdex-fall-1999
Changes since 1.9: +5 -4
lines
Diff to previous 1.9 (colored)
Update to wu-ftpd-2.4.2 (non-beta) Add conflicts with beroftpd and renamed wu-ftpd-vr packages
Revision 1.9 / (download) - annotate - [select for diffs], Sat Feb 20 22:48:37 1999 UTC (24 years, 7 months ago) by hubertf
Branch: MAIN
Changes since 1.8: +1 -3
lines
Diff to previous 1.8 (colored)
Fix CONFLICTS (remove redundancy, mostly)
Revision 1.8 / (download) - annotate - [select for diffs], Sun Feb 14 15:27:50 1999 UTC (24 years, 7 months ago) by rh
Branch: MAIN
Changes since 1.7: +3 -3
lines
Diff to previous 1.7 (colored)
Fix some more buffer overflow vulnerabilities described on bugtraq and http://www.cert.org/advisories/CA-99-03-FTP-Buffer-Overflows.html, but not covered by the RedHat patch. Remove dependency on deprecated unix define.
Revision 1.7 / (download) - annotate - [select for diffs], Sat Feb 13 09:05:02 1999 UTC (24 years, 7 months ago) by rh
Branch: MAIN
Changes since 1.6: +13 -5
lines
Diff to previous 1.6 (colored)
Update wu-ftpd to version 2.4.2-beta-18
Fix long dirname security vulnerability reported on redhat-watch-list@redhat.com
Use ${INSTALL_xxx} variables from pkg system instead of internal defaults
Revision 1.6 / (download) - annotate - [select for diffs], Thu Aug 20 15:17:21 1998 UTC (25 years, 1 month ago) by tsarna
Branch: MAIN
CVS Tags: netbsd-1-3-PATCH003
Changes since 1.5: +2 -1
lines
Diff to previous 1.5 (colored)
The Grand Homepagification: - New, optional Makefile variable HOMEPAGE, specifies a URL for the home page of the software if it has one. - The value of HOMEPAGE is used to add a link from the README.html files. - pkglint updated to know about it. The "correct" location for HOMEPAGE in the Makefile is after MAINTAINER, in that same section.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Jun 22 12:58:36 1998 UTC (25 years, 3 months ago) by agc
Branch: MAIN
Changes since 1.4: +1 -5
lines
Diff to previous 1.4 (colored)
Update package Makefiles for automatic manual page handling.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Apr 15 10:38:41 1998 UTC (25 years, 5 months ago) by agc
Branch: MAIN
CVS Tags: netbsd-1-3-PATCH002
Changes since 1.3: +2 -7
lines
Diff to previous 1.3 (colored)
Use the bsd.pkg.mk and bsd.pkg.subdir.mk files in the pkgsrc tree. Remove redundant (and sometimes erroneous) comments.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Mar 30 18:40:25 1998 UTC (25 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.2: +3 -10
lines
Diff to previous 1.2 (colored)
Remove broken "pre-patch" target, let "pathnames.h" use a macro "PREFIX" and make sure it gets defined.
Revision 1.2 / (download) - annotate - [select for diffs], Sun Mar 29 21:45:26 1998 UTC (25 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.1: +12 -4
lines
Diff to previous 1.1 (colored)
Adapt this package to NetBSD using the modifications supplied by Rene Hexel in PR pkg/5098.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Mar 29 20:40:20 1998 UTC (25 years, 6 months ago) by tron
Branch: FREEBSD
CVS Tags: FreeBSD-current-1998-03-29
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Initial import of FreeBSD's "wu-ftpd-2.4.2-beta-16" port.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Mar 29 20:40:20 1998 UTC (25 years, 6 months ago) by tron
Branch: MAIN
Initial revision