diff options
5 files changed, 0 insertions, 295 deletions
diff --git a/net-ftp/proftpd/files/proftpd-1.3.6-EINTR-like-EAGAIN.patch b/net-ftp/proftpd/files/proftpd-1.3.6-EINTR-like-EAGAIN.patch deleted file mode 100644 index 43608d96492c..000000000000 --- a/net-ftp/proftpd/files/proftpd-1.3.6-EINTR-like-EAGAIN.patch +++ /dev/null @@ -1,54 +0,0 @@ -https://bugs.gentoo.org/695972 -https://github.com/proftpd/proftpd/commit/f09f0c661621eb22cb1ce579194478007ba62866 - -From f09f0c661621eb22cb1ce579194478007ba62866 Mon Sep 17 00:00:00 2001 -From: Justin Maggard <jmaggard@netgear.com> -Date: Tue, 10 Oct 2017 18:20:06 -0700 -Subject: [PATCH] Bug #4319: Treat EINTR like EAGAIN - -This bug described a situation where an ongoing transfer would be -prematurely aborted when one of our timers fired. The timer could have -fired for an unrelated reason, but if we were in the process of reading -or writing with pr_netio_read() or pr_netio_write(), those calls would -be interrupted with errno set to EINTR, and an error would be returned. -Then pr_data_xfer() would abort the transfer. - -EAGAIN was already being handled properly, and we can just use the same -treatment for EINTR so that we only respond to the timers we should -actually care about. ---- - src/data.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - ---- a/src/data.c -+++ b/src/data.c -@@ -1143,7 +1143,7 @@ int pr_data_xfer(char *cl_buf, size_t cl_size) { - while (len < 0) { - int xerrno = errno; - -- if (xerrno == EAGAIN) { -+ if (xerrno == EAGAIN || xerrno == EINTR) { - /* Since our socket is in non-blocking mode, read(2) can return - * EAGAIN if there is no data yet for us. Handle this by - * delaying temporarily, then trying again. -@@ -1265,7 +1265,7 @@ int pr_data_xfer(char *cl_buf, size_t cl_size) { - while (len < 0) { - int xerrno = errno; - -- if (xerrno == EAGAIN) { -+ if (xerrno == EAGAIN || xerrno == EINTR) { - /* Since our socket is in non-blocking mode, read(2) can return - * EAGAIN if there is no data yet for us. Handle this by - * delaying temporarily, then trying again. -@@ -1362,7 +1362,7 @@ int pr_data_xfer(char *cl_buf, size_t cl_size) { - while (bwrote < 0) { - int xerrno = errno; - -- if (xerrno == EAGAIN) { -+ if (xerrno == EAGAIN || xerrno == EINTR) { - /* Since our socket is in non-blocking mode, write(2) can return - * EAGAIN if there is not enough from for our data yet. Handle - * this by delaying temporarily, then trying again. --- -2.23.0 - diff --git a/net-ftp/proftpd/files/proftpd-1.3.6-mod_copy.patch b/net-ftp/proftpd/files/proftpd-1.3.6-mod_copy.patch deleted file mode 100644 index 40d912eb2b50..000000000000 --- a/net-ftp/proftpd/files/proftpd-1.3.6-mod_copy.patch +++ /dev/null @@ -1,96 +0,0 @@ -https://bugs.gentoo.org/690528 -CVE-2019-12815 - -From a73dbfe3b61459e7c2806d5162b12f0957990cb3 Mon Sep 17 00:00:00 2001 -From: TJ Saunders <tj@castaglia.org> -Date: Wed, 17 Jul 2019 09:48:39 -0700 -Subject: [PATCH] Backport of fix for Bug#4372 to the 1.3.6 branch. - ---- - NEWS | 1 + - contrib/mod_copy.c | 36 +++++++++++++++++++++++++++++++++--- - 2 files changed, 34 insertions(+), 3 deletions(-) - ---- a/contrib/mod_copy.c -+++ b/contrib/mod_copy.c -@@ -1,7 +1,7 @@ - /* - * ProFTPD: mod_copy -- a module supporting copying of files on the server - * without transferring the data to the client and back -- * Copyright (c) 2009-2016 TJ Saunders -+ * Copyright (c) 2009-2019 TJ Saunders - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by -@@ -657,7 +657,7 @@ MODRET copy_copy(cmd_rec *cmd) { - MODRET copy_cpfr(cmd_rec *cmd) { - register unsigned int i; - int res; -- char *path = ""; -+ char *cmd_name, *path = ""; - unsigned char *authenticated = NULL; - - if (copy_engine == FALSE) { -@@ -705,6 +705,21 @@ MODRET copy_cpfr(cmd_rec *cmd) { - path = pstrcat(cmd->tmp_pool, path, *path ? " " : "", decoded_path, NULL); - } - -+ cmd_name = cmd->argv[0]; -+ pr_cmd_set_name(cmd, "SITE_CPFR"); -+ if (!dir_check(cmd->tmp_pool, cmd, G_READ, path, NULL)) { -+ int xerrno = EPERM; -+ -+ pr_cmd_set_name(cmd, cmd_name); -+ pr_response_add_err(R_550, "%s: %s", (char *) cmd->argv[3], -+ strerror(xerrno)); -+ -+ pr_cmd_set_errno(cmd, xerrno); -+ errno = xerrno; -+ return PR_ERROR(cmd); -+ } -+ pr_cmd_set_name(cmd, cmd_name); -+ - res = pr_filter_allow_path(CURRENT_CONF, path); - switch (res) { - case 0: -@@ -758,6 +773,7 @@ MODRET copy_cpfr(cmd_rec *cmd) { - MODRET copy_cpto(cmd_rec *cmd) { - register unsigned int i; - const char *from, *to = ""; -+ char *cmd_name; - unsigned char *authenticated = NULL; - - if (copy_engine == FALSE) { -@@ -816,6 +832,20 @@ MODRET copy_cpto(cmd_rec *cmd) { - - to = dir_canonical_vpath(cmd->tmp_pool, to); - -+ cmd_name = cmd->argv[0]; -+ pr_cmd_set_name(cmd, "SITE_CPTO"); -+ if (!dir_check(cmd->tmp_pool, cmd, G_WRITE, to, NULL)) { -+ int xerrno = EPERM; -+ -+ pr_cmd_set_name(cmd, cmd_name); -+ pr_response_add_err(R_550, "%s: %s", to, strerror(xerrno)); -+ -+ pr_cmd_set_errno(cmd, xerrno); -+ errno = xerrno; -+ return PR_ERROR(cmd); -+ } -+ pr_cmd_set_name(cmd, cmd_name); -+ - if (copy_paths(cmd->tmp_pool, from, to) < 0) { - int xerrno = errno; - const char *err_code = R_550; -@@ -940,7 +970,7 @@ static conftable copy_conftab[] = { - - static cmdtable copy_cmdtab[] = { - { CMD, C_SITE, G_WRITE, copy_copy, FALSE, FALSE, CL_MISC }, -- { CMD, C_SITE, G_DIRS, copy_cpfr, FALSE, FALSE, CL_MISC }, -+ { CMD, C_SITE, G_READ, copy_cpfr, FALSE, FALSE, CL_MISC }, - { CMD, C_SITE, G_WRITE, copy_cpto, FALSE, FALSE, CL_MISC }, - { POST_CMD, C_PASS, G_NONE, copy_post_pass, FALSE, FALSE }, - { LOG_CMD, C_SITE, G_NONE, copy_log_site, FALSE, FALSE }, --- -2.22.0 - diff --git a/net-ftp/proftpd/files/proftpd-1.3.6-mysql-8.patch b/net-ftp/proftpd/files/proftpd-1.3.6-mysql-8.patch deleted file mode 100644 index 4149a6540595..000000000000 --- a/net-ftp/proftpd/files/proftpd-1.3.6-mysql-8.patch +++ /dev/null @@ -1,24 +0,0 @@ -https://bugs.gentoo.org/692434 -https://github.com/proftpd/proftpd/issues/824 ---- a/contrib/mod_sql_mysql.c -+++ b/contrib/mod_sql_mysql.c -@@ -132,6 +132,7 @@ - #include "../contrib/mod_sql.h" - - #include <mysql.h> -+#include <stdbool.h> - - /* The my_make_scrambled_password{,_323} functions are not part of the public - * MySQL API and are not declared in any of the MySQL header files. But the -@@ -495,7 +495,11 @@ MODRET cmd_open(cmd_rec *cmd) { - * http://dev.mysql.com/doc/refman/5.0/en/auto-reconnect.html - */ - if (!(pr_sql_opts & SQL_OPT_NO_RECONNECT)) { -+#if MYSQL_VERSION_ID >= 80000 -+ bool reconnect = true; -+#else - my_bool reconnect = TRUE; -+#endif - mysql_options(conn->mysql, MYSQL_OPT_RECONNECT, &reconnect); - } - #endif diff --git a/net-ftp/proftpd/files/proftpd-1.3.6-sighup-crash.patch b/net-ftp/proftpd/files/proftpd-1.3.6-sighup-crash.patch deleted file mode 100644 index cca550405e11..000000000000 --- a/net-ftp/proftpd/files/proftpd-1.3.6-sighup-crash.patch +++ /dev/null @@ -1,81 +0,0 @@ -https://bugs.gentoo.org/678490 - -From 345aa19ee2a98a3612d9b64a49107461455031a0 Mon Sep 17 00:00:00 2001 -From: TJ Saunders <tj@castaglia.org> -Date: Tue, 18 Jul 2017 23:00:22 -0700 -Subject: [PATCH] Bug#4310: Use of mod_facl as static module causes ProFTPD to - die on SIGHUP/restart. - ---- - modules/mod_facl.c | 35 +++++++++++++++++++++++++++++++---- - 1 file changed, 31 insertions(+), 4 deletions(-) - -diff --git a/modules/mod_facl.c b/modules/mod_facl.c -index b3ac42b7b..258708cf5 100644 ---- a/modules/mod_facl.c -+++ b/modules/mod_facl.c -@@ -1260,16 +1260,34 @@ MODRET set_faclengine(cmd_rec *cmd) { - return PR_HANDLED(cmd); - } - -+/* Event listeners -+ */ -+ -+static void unmount_facl(void) { -+ pr_fs_t *fs; -+ -+ fs = pr_unmount_fs("/", "facl"); -+ if (fs != NULL) { -+ destroy_pool(fs->fs_pool); -+ fs->fs_pool = NULL; -+ return; -+ } -+ -+ if (errno != ENOENT) { -+ pr_log_debug(DEBUG0, MOD_FACL_VERSION -+ ": error unmounting 'facl' FS: %s", strerror(errno)); -+ } -+} -+ - #if defined(PR_SHARED_MODULE) && \ - defined(PR_USE_FACL) && \ - defined(HAVE_POSIX_ACL) - static void facl_mod_unload_ev(const void *event_data, void *user_data) { - if (strcmp("mod_facl.c", (const char *) event_data) == 0) { -+ pr_fs_t *fs; -+ - pr_event_unregister(&facl_module, NULL, NULL); -- if (pr_unregister_fs("/") < 0) { -- pr_log_debug(DEBUG0, MOD_FACL_VERSION -- ": error unregistering 'facl' FS: %s", strerror(errno)); -- } -+ unmount_facl(); - } - } - #endif /* !PR_SHARED_MODULE */ -@@ -1303,6 +1321,14 @@ static void facl_postparse_ev(const void *event_data, void *user_data) { - #endif /* PR_USE_FACL and HAVE_POSIX_ACL */ - } - -+static void facl_restart_ev(const void *event_data, void *user_data) { -+ if (facl_engine == FALSE) { -+ return; -+ } -+ -+ unmount_facl(); -+} -+ - /* Initialization routines - */ - -@@ -1315,6 +1341,7 @@ static int facl_init(void) { - # endif /* !PR_SHARED_MODULE */ - #endif /* PR_USE_FACL and HAVE_POSIX_ACL */ - pr_event_register(&facl_module, "core.postparse", facl_postparse_ev, NULL); -+ pr_event_register(&facl_module, "core.restart", facl_restart_ev, NULL); - - return 0; - } --- -2.20.1 - diff --git a/net-ftp/proftpd/files/proftpd-1.3.6b-tls-crl-crash.patch b/net-ftp/proftpd/files/proftpd-1.3.6b-tls-crl-crash.patch deleted file mode 100644 index 3cfd81867215..000000000000 --- a/net-ftp/proftpd/files/proftpd-1.3.6b-tls-crl-crash.patch +++ /dev/null @@ -1,40 +0,0 @@ -https://bugs.gentoo.org/701814 -https://github.com/proftpd/proftpd/commit/be8e1687819cb665359bd62b4c896ff4b1a09c3f - -From be8e1687819cb665359bd62b4c896ff4b1a09c3f Mon Sep 17 00:00:00 2001 -From: TJ Saunders <tj@castaglia.org> -Date: Sun, 24 Nov 2019 14:03:54 -0800 -Subject: [PATCH] Issue #859, #861: Fix handling of CRL lookups by properly - using issuer for lookups, and guarding against null pointers. - ---- - contrib/mod_tls.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - ---- a/contrib/mod_tls.c -+++ b/contrib/mod_tls.c -@@ -9066,10 +9066,10 @@ static int tls_verify_crl(int ok, X509_STORE_CTX *ctx) { - - #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ - !defined(HAVE_LIBRESSL) -- crls = X509_STORE_CTX_get1_crls(store_ctx, subject); -+ crls = X509_STORE_CTX_get1_crls(store_ctx, issuer); - #elif OPENSSL_VERSION_NUMBER >= 0x10000000L && \ - !defined(HAVE_LIBRESSL) -- crls = X509_STORE_get1_crls(store_ctx, subject); -+ crls = X509_STORE_get1_crls(store_ctx, issuer); - #else - /* Your OpenSSL is before 1.0.0. You really need to upgrade. */ - crls = NULL; -@@ -9088,6 +9088,9 @@ static int tls_verify_crl(int ok, X509_STORE_CTX *ctx) { - ASN1_INTEGER *sn; - - revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), j); -+ if (revoked == NULL) { -+ continue; -+ } - #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ - !defined(HAVE_LIBRESSL) - sn = X509_REVOKED_get0_serialNumber(revoked); --- -2.24.0 |