head 1.20; access; symbols pkgsrc-2023Q4:1.20.0.10 pkgsrc-2023Q4-base:1.20 pkgsrc-2023Q3:1.20.0.8 pkgsrc-2023Q3-base:1.20 pkgsrc-2023Q2:1.20.0.6 pkgsrc-2023Q2-base:1.20 pkgsrc-2023Q1:1.20.0.4 pkgsrc-2023Q1-base:1.20 pkgsrc-2022Q4:1.20.0.2 pkgsrc-2022Q4-base:1.20 pkgsrc-2022Q3:1.19.0.8 pkgsrc-2022Q3-base:1.19 pkgsrc-2022Q2:1.19.0.6 pkgsrc-2022Q2-base:1.19 pkgsrc-2022Q1:1.19.0.4 pkgsrc-2022Q1-base:1.19 pkgsrc-2021Q4:1.19.0.2 pkgsrc-2021Q4-base:1.19 pkgsrc-2021Q3:1.16.0.4 pkgsrc-2021Q3-base:1.16 pkgsrc-2021Q2:1.16.0.2 pkgsrc-2021Q2-base:1.16 pkgsrc-2021Q1:1.15.0.6 pkgsrc-2021Q1-base:1.15 pkgsrc-2020Q4:1.15.0.4 pkgsrc-2020Q4-base:1.15 pkgsrc-2020Q3:1.15.0.2 pkgsrc-2020Q3-base:1.15 pkgsrc-2020Q2:1.14.0.2 pkgsrc-2020Q2-base:1.14 pkgsrc-2020Q1:1.12.0.4 pkgsrc-2020Q1-base:1.12 pkgsrc-2019Q4:1.12.0.6 pkgsrc-2019Q4-base:1.12 pkgsrc-2019Q3:1.12.0.2 pkgsrc-2019Q3-base:1.12 pkgsrc-2019Q2:1.11.0.2 pkgsrc-2019Q2-base:1.11 pkgsrc-2019Q1:1.10.0.4 pkgsrc-2019Q1-base:1.10 pkgsrc-2018Q4:1.10.0.2 pkgsrc-2018Q4-base:1.10 pkgsrc-2018Q3:1.9.0.24 pkgsrc-2018Q3-base:1.9 pkgsrc-2018Q2:1.9.0.22 pkgsrc-2018Q2-base:1.9 pkgsrc-2018Q1:1.9.0.20 pkgsrc-2018Q1-base:1.9 pkgsrc-2017Q4:1.9.0.18 pkgsrc-2017Q4-base:1.9 pkgsrc-2017Q3:1.9.0.16 pkgsrc-2017Q3-base:1.9 pkgsrc-2017Q2:1.9.0.12 pkgsrc-2017Q2-base:1.9 pkgsrc-2017Q1:1.9.0.10 pkgsrc-2017Q1-base:1.9 pkgsrc-2016Q4:1.9.0.8 pkgsrc-2016Q4-base:1.9 pkgsrc-2016Q3:1.9.0.6 pkgsrc-2016Q3-base:1.9 pkgsrc-2016Q2:1.9.0.4 pkgsrc-2016Q2-base:1.9 pkgsrc-2016Q1:1.9.0.2 pkgsrc-2016Q1-base:1.9 pkgsrc-2015Q4:1.8.0.2 pkgsrc-2015Q4-base:1.8 pkgsrc-2015Q3:1.7.0.20 pkgsrc-2015Q3-base:1.7 pkgsrc-2015Q2:1.7.0.18 pkgsrc-2015Q2-base:1.7 pkgsrc-2015Q1:1.7.0.16 pkgsrc-2015Q1-base:1.7 pkgsrc-2014Q4:1.7.0.14 pkgsrc-2014Q4-base:1.7 pkgsrc-2014Q3:1.7.0.12 pkgsrc-2014Q3-base:1.7 pkgsrc-2014Q2:1.7.0.10 pkgsrc-2014Q2-base:1.7 pkgsrc-2014Q1:1.7.0.8 pkgsrc-2014Q1-base:1.7 pkgsrc-2013Q4:1.7.0.6 pkgsrc-2013Q4-base:1.7 pkgsrc-2013Q3:1.7.0.4 pkgsrc-2013Q3-base:1.7 pkgsrc-2013Q2:1.7.0.2 pkgsrc-2013Q2-base:1.7 pkgsrc-2013Q1:1.6.0.24 pkgsrc-2013Q1-base:1.6 pkgsrc-2012Q4:1.6.0.22 pkgsrc-2012Q4-base:1.6 pkgsrc-2012Q3:1.6.0.20 pkgsrc-2012Q3-base:1.6 pkgsrc-2012Q2:1.6.0.18 pkgsrc-2012Q2-base:1.6 pkgsrc-2012Q1:1.6.0.16 pkgsrc-2012Q1-base:1.6 pkgsrc-2011Q4:1.6.0.14 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q3:1.6.0.12 pkgsrc-2011Q3-base:1.6 pkgsrc-2011Q2:1.6.0.10 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.6.0.8 pkgsrc-2011Q1-base:1.6 pkgsrc-2010Q4:1.6.0.6 pkgsrc-2010Q4-base:1.6 pkgsrc-2010Q3:1.6.0.4 pkgsrc-2010Q3-base:1.6 pkgsrc-2010Q2:1.6.0.2 pkgsrc-2010Q2-base:1.6 pkgsrc-2010Q1:1.4.0.20 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.4.0.18 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.4.0.16 pkgsrc-2009Q3-base:1.4 pkgsrc-2009Q2:1.4.0.14 pkgsrc-2009Q2-base:1.4 pkgsrc-2009Q1:1.4.0.12 pkgsrc-2009Q1-base:1.4 pkgsrc-2008Q4:1.4.0.10 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.8 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.6 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.4 pkgsrc-2008Q2-base:1.4 cwrapper:1.4.0.2 pkgsrc-2008Q1:1.3.0.26 pkgsrc-2008Q1-base:1.3 pkgsrc-2007Q4:1.3.0.24 pkgsrc-2007Q4-base:1.3 pkgsrc-2007Q3:1.3.0.22 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.20 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.3.0.18 pkgsrc-2007Q1-base:1.3 pkgsrc-2006Q4:1.3.0.16 pkgsrc-2006Q4-base:1.3 pkgsrc-2006Q3:1.3.0.14 pkgsrc-2006Q3-base:1.3 pkgsrc-2006Q2:1.3.0.12 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.3.0.10 pkgsrc-2006Q1-base:1.3 pkgsrc-2005Q4:1.3.0.8 pkgsrc-2005Q4-base:1.3 pkgsrc-2005Q3:1.3.0.6 pkgsrc-2005Q3-base:1.3 pkgsrc-2005Q2:1.3.0.4 pkgsrc-2005Q2-base:1.3 pkgsrc-2005Q1:1.3.0.2 pkgsrc-2005Q1-base:1.3 pkgsrc-2004Q4:1.2.0.2 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.1.1.1.0.8 pkgsrc-2004Q3-base:1.1.1.1 pkgsrc-2004Q2:1.1.1.1.0.6 pkgsrc-2004Q2-base:1.1.1.1 pkgsrc-2004Q1:1.1.1.1.0.4 pkgsrc-2004Q1-base:1.1.1.1 pkgsrc-2003Q4:1.1.1.1.0.2 pkgsrc-2003Q4-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.20 date 2022.12.03.10.41.15; author nros; state Exp; branches; next 1.19; commitid ntDrR02R190ef64E; 1.19 date 2021.10.26.11.05.24; author nia; state Exp; branches; next 1.18; commitid G83yJyZF8er6kjeD; 1.18 date 2021.10.17.10.11.20; author nia; state Exp; branches; next 1.17; commitid 6RKifLsOLHzWj9dD; 1.17 date 2021.10.07.14.41.15; author nia; state Exp; branches; next 1.16; commitid EMvsIaZgYm1t8TbD; 1.16 date 2021.06.12.08.10.52; author nia; state Exp; branches; next 1.15; commitid vuyTNUbxkC3MJOWC; 1.15 date 2020.08.10.13.49.15; author nia; state Exp; branches; next 1.14; commitid MmKewW6cy4XCrwjC; 1.14 date 2020.04.22.05.00.05; author nia; state Exp; branches; next 1.13; commitid sv5Bj9uLcQGm3l5C; 1.13 date 2020.04.01.10.01.29; author nia; state Exp; branches; next 1.12; commitid edY8Wp1JtP0GnF2C; 1.12 date 2019.09.07.13.12.53; author nia; state Exp; branches; next 1.11; commitid BOmkX2AykWHN65CB; 1.11 date 2019.06.22.12.53.47; author nia; state Exp; branches; next 1.10; commitid XHXONnjkyOYGtbsB; 1.10 date 2018.11.24.11.29.15; author nia; state Exp; branches; next 1.9; commitid Hu5EKIKbQ7BXKb1B; 1.9 date 2016.03.06.13.29.34; author nros; state Exp; branches; next 1.8; commitid YuvztVYsd4TtlAXy; 1.8 date 2015.11.04.00.34.53; author agc; state Exp; branches; next 1.7; commitid K5R8pkzReRJy0IHy; 1.7 date 2013.06.01.12.13.04; author shattered; state Exp; branches; next 1.6; commitid EPYa2f41QADTlURw; 1.6 date 2010.06.04.04.30.45; author obache; state Exp; branches; next 1.5; 1.5 date 2010.05.27.14.14.30; author obache; state Exp; branches; next 1.4; 1.4 date 2008.07.10.15.52.03; author joerg; state Exp; branches 1.4.20.1; next 1.3; 1.3 date 2005.02.24.12.13.42; author agc; state Exp; branches; next 1.2; 1.2 date 2004.12.11.08.25.48; author minskim; state Exp; branches; next 1.1; 1.1 date 2003.06.02.13.13.15; author jmmv; state Exp; branches 1.1.1.1; next ; 1.4.20.1 date 2010.06.07.19.06.20; author tron; state Exp; branches; next ; 1.1.1.1 date 2003.06.02.13.13.15; author jmmv; state Exp; branches; next ; desc @@ 1.20 log @Update net/bftpd to version 6.1 Changes from CHANGELOG: - Fixed linking errors on latest complilers GCC/Clang by addressing variable scope. - Make sure we do not rely on argv or argv[0] being valid. Bftpd now exits with an error if arguements are not passed as expected. @ text @$NetBSD: distinfo,v 1.19 2021/10/26 11:05:24 nia Exp $ BLAKE2s (bftpd-6.1.tar.gz) = 31475d50a3b817191b82463acfa149409949352980a959a9d9a2f385ab58c055 SHA512 (bftpd-6.1.tar.gz) = 12af9be4c8995988c9fccfe0d26d928faa551b0b3a58a433a42453a768e28e7fd2711228c8944242483368b5bf4ec6e3adea293e1118b9afeb612d03e4863b42 Size (bftpd-6.1.tar.gz) = 174284 bytes @ 1.19 log @ net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2021/10/17 10:11:20 nia Exp $ d3 3 a5 3 BLAKE2s (bftpd-6.0.tar.gz) = 30f1c34976f68eba71d14883a13134c07d566329d9f5116833fe6ce4ec72779a SHA512 (bftpd-6.0.tar.gz) = 26e5ef3729e0a46737617b2e48dee4c462e5633807206eff8f14df8368b6be758688eca167c3b49c324397761da16c817c022b19cf35966408d9e8c207bc7350 Size (bftpd-6.0.tar.gz) = 167466 bytes @ 1.18 log @bftpd: update to 6.0 Jesse Smith -> 6.0 - Make extended passive mode respect the PASSIVE_PORTS variable in the bftpd configuration file. Previously random ports would be assigned. - Minor code clean-up in mystrings library to avoid calculating string length multiple times. Jesse Smith -> 5.9 - Fixed output of directory listing so that file size is right-justified which makes output look cleaner. Fix suggested by uomo ukko. - Addressed some compiler warnings. Make sure we bail out of situations even if they should never realisticaly return an error. Jesse Smith -> 5.8 - Many spelling errors in source code and documentation found and fixed by Jens of Fossies (fossies.org). Applied spelling corrections. - Removed mark-up and special characters from COPYING, README, and INSTALL files. - Fixed file size reporting on 32-bit ARM architecture when files are large (greater than 2GB). Problem and fix reported by uomo ukko. Jesse Smith -> 5.7 - A malicious client could cause a buffer overflow with a lot of EPSV commands sent in a row. We now close the pasv socket before each new use to avoid accumulating more than 1023. Thanks to Shisong Qin for reporting this issue and suggesting a fix. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2021/10/07 14:41:15 nia Exp $ d3 1 a3 1 RMD160 (bftpd-6.0.tar.gz) = 4107548231723883fede976aedbeff7cf0326640 @ 1.17 log @net: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2021/06/12 08:10:52 nia Exp $ d3 3 a5 3 RMD160 (bftpd-5.7.tar.gz) = 3a532995f02a8484c0f1cf4d216f51200572d4e1 SHA512 (bftpd-5.7.tar.gz) = 8d3cb5e2830abe10f4f38e4e1dce27da8b6ff6224fa3fd89db7b182917ff734aa5761563dc22eb04fcba4195404c205593ab40d4ac3f08d8284c8e15c4731879 Size (bftpd-5.7.tar.gz) = 167174 bytes @ 1.16 log @bftpd: Update to 5.7 This file contains all major changes made during the development of bftpd. The uppermost change is the newest one. Jesse Smith -> 5.7 - A malicious client could cause a buffer overflow with a lot of EPSV commands sent in a row. We now close the pasv socket before each new use to avoid accumulating more than 1023. Thanks to Shisong Qin for reporting this issue and suggesting a fix. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2020/08/10 13:49:15 nia Exp $ a2 1 SHA1 (bftpd-5.7.tar.gz) = ff78e59f13aa55c42a6dc0a777933383211235b1 @ 1.15 log @bftpd: Update to 5.6 Jesse Smith -> 5.6 - When Bftpd is run with the -n flag (no configuration file) default ratio settings prevented files from downloading. Samuel Hsu has patched Bftpd to assume no ratio ("") is treated the same as "none" or no restrictions. - Fixed potential overflow in buffer for directory listing. - Used calloc() and single strlen() call to avoid having a string without a NULL terminator mystring library. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2020/04/22 05:00:05 nia Exp $ d3 4 a6 4 SHA1 (bftpd-5.6.tar.gz) = afbfc7ed0e44a933022a1f861e37b6c89836d53c RMD160 (bftpd-5.6.tar.gz) = c1ae03ae74e81a388cff88c232ccf867908e4a90 SHA512 (bftpd-5.6.tar.gz) = 9904403f22760be328d6a6c84b0b1950656d7695f0d48bff8f7f360ecefcc018452d3571293c9e47961c226ded531d3028667a435ea80727b58c6b354865455a Size (bftpd-5.6.tar.gz) = 167552 bytes @ 1.14 log @bftpd: Update to 5.5 Jesse Smith -> 5.5 - Fixed a file descriptor leak would could cause the Bftpd server to run out of available files it can open when storing/uploading files. Eric Debief provided a patch to correct the issue. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2020/04/01 10:01:29 nia Exp $ d3 4 a6 4 SHA1 (bftpd-5.5.tar.gz) = fdd1fb4ea5928b650c2f428097f3dd5d44e94c94 RMD160 (bftpd-5.5.tar.gz) = e97f1ffd9153a5e175f7ad834340cb8641f81b7c SHA512 (bftpd-5.5.tar.gz) = 1d43efe65bdf764bc67be2fe6183f5a0fc6c17d39c3467978c19f16cd46ae03aad1e58e1baa279660ebe92a016623e3854df79df8f5a1adfd457c794e291fbd9 Size (bftpd-5.5.tar.gz) = 166920 bytes @ 1.13 log @bftpd: Update to 5.4 Jesse Smith -> 5.4 - Fixed potential one-by-one heap issue when reading during transferring files. Issue reported by Antonio Morales. Jesse Smith -> 5.3 - Made the situation where FILE_AUTH more clear, advised against it. Added warning about making sure password file is not readable by another other than the admin. - Updated Makefile.in to use more fine-grained dependency checks. Should speed up compiling when just one source file has been altered. New Makefile.in provided by Vemake. - Fixed out of bounds memory read when fetching options. Issue reported by and solution provided by Antonio Morales. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2019/09/07 13:12:53 nia Exp $ d3 4 a6 4 SHA1 (bftpd-5.4.tar.gz) = 0b669b56faec8c7f717718f124ba12a24b446fd2 RMD160 (bftpd-5.4.tar.gz) = 12da2c7380a970d552a1aeeebd6178406a03da1b SHA512 (bftpd-5.4.tar.gz) = af7536b373a6cf602b5f419203d42e071c3c9d501fe6312169052571fb269c4bf0aaa5288cd5c978db8d0b6d80d3af42bdb14589b248d95841996291aa034dd8 Size (bftpd-5.4.tar.gz) = 166835 bytes @ 1.12 log @bftpd: Update to 5.2 Jesse Smith -> 5.2 - Make sure we do not send extra newline when DENY message is sent to the client. - Fixed some build dependencies in the Makefile so fresh build is triggered by updating config.h. Change provided by Vemake. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2019/06/22 12:53:47 nia Exp $ d3 4 a6 4 SHA1 (bftpd-5.2.tar.gz) = 2f65baccf715a18f98c1ee04a68857432365bc29 RMD160 (bftpd-5.2.tar.gz) = cf044193590914803a2cee86737fb677c4dbd636 SHA512 (bftpd-5.2.tar.gz) = 2f0575e84ad198854d6457357bbddb8132276730431fcb4e2ef13d06f478bb2b100af6ef190ad9fb7b36898f14eeaf5884c8bd9f4cfff3c00af10247f7573f42 Size (bftpd-5.2.tar.gz) = 166047 bytes @ 1.11 log @bftpd: Update to 5.1 Jesse Smith -> 5.1 - Fixed duplicate error message when user tries to sign in with invalid username. - Make sure user can change username before successfully authenticating. - Fix error message when "type" command is not given a parameter. - Make sure we do not return multiple error codes when an account is disabled. - Do not drop connection to client when selected account is disabled. - Make sure when accounts are disabled/denied, they print the proper reason (set in the config file) back to the client @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2018/11/24 11:29:15 nia Exp $ d3 4 a6 5 SHA1 (bftpd-5.1.tar.gz) = dd8924e9b6dec4810c4444be9c13781578590d74 RMD160 (bftpd-5.1.tar.gz) = f9692c472444772c64d72dff3d3508bde712cc31 SHA512 (bftpd-5.1.tar.gz) = eb0e8eb24c033c3e8b592cce071639544e37d8ae37e1e29e6f2590e3c0ed25c91cdc554d40066fd2d09aa8ece50a27f054d7103dc1e652af78f576796f574ac1 Size (bftpd-5.1.tar.gz) = 165928 bytes SHA1 (patch-aa) = 3b4444d79533fd8b2ec7bc99eb53c34ca2113350 @ 1.10 log @bftpd: Update to version 5.0 Changes: Jesse Smith -> 5.0 - Added more checks to places where we are mapping a file or checking for symbolic links. Should avoid trying to operating on invalid path names or broken symlinks. Issue reported by Xu. Jesse Smith -> 4.9 - Several checks added to chdir() and other return codes to make sure syscalls are all returning properly. Patch provided by Zhouyang Jia. - Fixed some compiler warnings due to unused or oddly indented code. Jesse Smith -> 4.8 - Fixed potential double-free bug during Bftpd shutdown. - Fixed potential unititalized variable. Thanks to Alex for reporting these bugs. Jesse Smith -> 4.7 - Fixed memory leak in rename function. Thanks to Alex for reporting this bug. Jesse Smith -> 4.6 - Avoid memory corruption when reading config file by initalizing memory. - Make sure CHROOT is default option, even if it is not specified in the config file. Thanks for Anton Yuzhaninov for providing the above two fixes. Jesse Smith -> 4.5 - Avoid potential buffer underflow in main.c Thanks to Andreas for pointing out this problem. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2016/03/06 13:29:34 nros Exp $ d3 4 a6 4 SHA1 (bftpd-5.0.tar.gz) = afed309a12bc97054530e802b778d9de59a19dbd RMD160 (bftpd-5.0.tar.gz) = 577c7752c57e2a2a66ca18e577b5a09a6d65d0de SHA512 (bftpd-5.0.tar.gz) = 99daa36647e98cc78bc2fe79843af73f0862fd21eedf8656d5c3f28cc298ce84c6937fca50b8b40f287bf702cf3f720c7858ea68029d6ba2bc8e281347f6da89 Size (bftpd-5.0.tar.gz) = 165751 bytes @ 1.9 log @Updated bftpd to version 4.4. Build with "on the fly" gzip compression since it's mentioned in DESCR. Changelog: 4.4 - Fixed potential buffer overflow when expanding symbolic link file names. 4.3 - Clarified license (COPYING file) - Fixed compiler warning with regards to pointer-to-integer cast. 4.2 - Improved user checking code to avoid locking out valid users from the system. (Thanks to Lauri Kasanen for reporting this bug and supplying a patch.) 4.1 - Added checks to crypt() calls to prevent operating on NULL pointer. (Thanks to Lauri Kasanen for reporting this bug.) 4.0 - Added patch from Thomas Cort to make Bftpd compile on NetBSD. 3.9 - Adjusted Makefile to allow for easy access to non-default compiler options. Alternative compiler can be used by running "make CC=compilername". - Zhenbo Xu reported several potential memory bugs which could cause Bftpd if the operating system is out of memory. Also reported a memory leak. Checks are now in place to prevent crashes and the memory leak has been plugged. - Added MINIX-specific configuration file which should allow Bftpd to run smoothly and without additional configuration on MINIX. - Merged MINIX porting code into mainline Bftpd so we can work with one, unified code base. 3.8 - Fixed bug in user tracking which could result in corrupted times on 64-bit systems. - When Bftpd is compiled with a "prefix" (which is the default behaviour) the Bftpd will check both /etc/bftpd.conf AND PREFIX/etc/bftpd.conf when trying to find its configuration file. This should avoid requiring the admin to pass the location of the config file on the command line. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2015/11/04 00:34:53 agc Exp $ d3 4 a6 4 SHA1 (bftpd-4.4.tar.gz) = 7852775d98782739b785ebcd1d56b11b65f738c3 RMD160 (bftpd-4.4.tar.gz) = 5fab388cae684c1d34b854999bb4c090c02ad3c8 SHA512 (bftpd-4.4.tar.gz) = 290efff4db849f7a3004a268a78a499b866bd7f9061f7880813a3bf1db2cd63ff508e64bada1b6bcd48ab40732e3fb0da9b29fd49712149f9945cd53920a7d62 Size (bftpd-4.4.tar.gz) = 164940 bytes @ 1.8 log @Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2013/06/01 12:13:04 shattered Exp $ d3 4 a6 4 SHA1 (bftpd-3.7.tar.gz) = 6766232810927db885720792e8d4314942628b8a RMD160 (bftpd-3.7.tar.gz) = 9b56d31c3a087c4fb035657e6479e1ecbfb243b0 SHA512 (bftpd-3.7.tar.gz) = 04365b87c79fccf0463f9b62341cf97decb1f6739488ecd852685aaf75405bd95972bb51ac4ae77309c46d91a3e82db7f47bc68e62fa0d559f8cbf6552097d32 Size (bftpd-3.7.tar.gz) = 155428 bytes @ 1.7 log @Update to 3.7. Notable changes: Default config disables anonymous login. Directory listing no longer hangs if the directory contains a named pipe. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2010/06/04 04:30:45 obache Exp $ d5 1 @ 1.6 log @Update bftpd to 2.9. Jesse Smith -> 2.9 - Bftpdwill attempt to create it's utmp directory if that directory does not exist. Fixes issue on Ubuntu where the direcotry is wiped out at each reboot. - The ROOTDIR option now works properly for anonymous users. Thanks to Paul for reporting this bug. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2010/05/27 14:14:30 obache Exp $ d3 4 a6 5 SHA1 (bftpd-2.9.tar.gz) = 92c7130419e7bf3898d2be9f59cc93133e6de939 RMD160 (bftpd-2.9.tar.gz) = 27d61d8cc63a815c97d53242c9d9d0cc32939c62 Size (bftpd-2.9.tar.gz) = 139639 bytes SHA1 (patch-aa) = a7dfb17cbfc203f497a98abacec4a60ea987cffd SHA1 (patch-ac) = 8e50b2abd98f65ee9421d3f225812f25af8bd438 @ 1.5 log @Update bftpd to 2.8 Based on PR#43352 by Wen Heping. pkgsrc changes: * set LICENSE=gnu-gpl-v2 * simplify patch-aa. * remove patch-ab, replace with SUBST instead, and also replace /etc in manpage. * add patch-ac for fixes standalone mode. XXX: IPv4 only * cosmetics fixes. Upstream ChangeLog: Jesse Smith -> 2.8 - Added patch which will allow client to see hidden files if the "-a" parameter is used in list commands. Hidden files are only shown if SHOW_HIDDEN_FILES is enabled in the config file. Patch provded by Raster. - Swapped out glob function for custom directory search matching. Allows clients to see broken symbolic links if "SHOW_NONREADABLE_FILES" is set to "yes". Patch supplied by Raster. - Added patch to clean up zombies if several children processes all die at the same time. We were cleaning up just one child per signal before. Patch supplied by Raster. - Fixed typo in log error message. - Made sure we can read user config file options even with unusual compile flags. - Fixed anonymous login. - Anonymous login disabled by default in the config file. Jesse Smith -> 2.7 - Added patch from Raster which returns more speicifc error messages to the client when a file or directory cannot be removed. This should avoid confusing some clients when the user attempts to remove a directory. - Added checks for increased security/stability and to remove compiler warnings. Jesse Smith -> 2.6 - Removed some debugging information from the log file. - Made certain that bandwidth log will not over-write itself when multiple users are logged in. - Bandwidth log file is flushed to avoid loss of data. - Bftpd will write to bandwidth log even if client does not disconnect cleanly. Jesse Smith -> 2.5 - Added better UTF support. Clients that check for this will now enable UTF-8. For example, Filezilla. - Made sure remote admin login was disabled. This shouldn't have worked anyway, but disabled the feautre to make sure. - Added additional log file which tracks user bandwidth. See the option in the config file called BANDWIDTH. - Updated README file to contain notes on logging. Jesse Smith -> 2.4 - Fixed a possible security hole which would allow attackers to perform a DoS attack against bftpd. (Thanks to Dazhi for pointing out this problem.) Jesse Smith -> 2.2.1 (aka 2.3) - Bftpd should not attempt to close stdin, stdout and stderr if they do not exist. Fixed this in main.c. (Patch provided by Ivan A-R.) Jesse Smith -> 2.2 - Bftpd does not exit when an incorrect password is given. The server does drop connections in cases where logins are specifically denied, full server or if an error appears in the config file. Jesse Smith -> 2.1.2 - Added option to not show files in a dir list if the file is not readable. Thanks to Eric Woltermann for sending in this patch. By default non-readable files are not listed. See the SHOW_NONREADABLE_FILES config option. - Make the replace() function safer with range checking to avoid buffer over-flow. - Fixed calls to replace() function. - Most string buffers now have a set size of MAX_STRING_LENGTH, rather than some arbitraty size. - Applied patch to allow user specific data to be subsituted into the user MOTD file path. The symbols %u and %h and be used in place of the user's username and home directory in the MOTD_USER config option. Thanks to Eric Woltermann for submitting this patch. - Bftpd now prompts for a password, even on anonymous accounts to help increase compatiblity with some web browsers. Jesse Smith -> 2.1.1 - Fixed directory creation so that the proper umask is used. thanks to Thiemo for pointing out this problem. - Fixed buffer under-size error in options.c Thanks to Athan for reporting this bug. Jesse Smith -> 2.1 - By default, the SITE command is now disabled in the bftpd.conf file. This is to prevent security holes and DoS attacks via "site md5 " Jesse Smith -> 2.0.3 - Added md5 support for amd64 machines. - If no arch is defined for md5, assume little endian. Jesse Smith -> 2.0.2 - Transfer buffer size now defaults to staying the same (max) size for all transfers. To get a variable buffer size, change the config option CHANGE_BUFSIZE to "yes". - Added config file option SHOW_HIDDEN_FILES. When this option is set to "yes", bftpd shows hidden files in directory listings. By default this is set to "no". Jesse Smith -> 2.0.1 - Avoid possible segfault in replace() function in mystring.c - Avoid memory error in main.c using strdup() - Avoid segfault in options.c the create_options() - Added ability to use the SITE command to provide md5 checksums of files. (usage: site md5 filename) Very many thanks to Ulrich Drepper and Gray Watson for the md5 library! - Changed ratio calculations to use double type to allow for larger files and data transfers. - Added HELP option to the SITE command. (usage: site help) - Added config file variable CHANGE_BUFSIZE. This determines whether the transfer buffer changes size. It defaults to "yes". - Removed extra fileno() calles in file receives. Jesse Smith -> 2.0 - Avoid memory error in options.c Jesse Smith -> 1.9.3 - Avoid segfaults in options.c and cwd.c - Added memory checks in options.c Jesse Smith -> 1.9.2 - Avoid segfaults in options.c and dirlist.c Jesse Smith -> 1.9.1 - Avoid segfaults in options.c and main.c Jesse Smith -> 1.9 - Added limits.h entry to main.c and options.c for compatibility with FreeBSD. (All problems with bftpd on FreeBSD were found and corrected by Beech of the FreeBSD team.) Jesse Smith -> 1.8.4 - When printing file sizes for files larger than 4GB the file size is now displayed correctly. - When a FTP client drops a connection without sending an ABORT (ABOR) signal, Bftpd will detect the dropped connection and log it. This prevents stale connections preventing new users from connecting. (Bug found and fixed by: Thorsten) - Added limits.h and signal.h to list of headers used in commands.c, for compatibility with BSD. - Changed sighandler_t in "run_script()" to sig_t for compatibility between Linux and BSD. - Added OpenPAM patch from FreeBSD (login.c) - Added limits.h include to login.c file for compatibility with BSD. Jesse Smith -> 1.8.3 - If Bftpd is unable to create bftpdutmp file, an error should now be written to the log file. - Directory output corrected for when large files (> 2GB) are listed. - Documentation for xinetd config updated. Jesse Smith -> 1.8.2 - Changed bftpd's direcotry name to plain "bftpd" rather than "bftpd-version". This will, hopefully, make it easier to run scripts which build/run bftpd. Jesse Smith -> 1.8.1 - Avoid segfault in getoption() (options.c) Credit to Mats Erik Andersson for finding this bug. - Fixed potential memory leaks in commands.c Jesse Smith -> 1.7.2 - Fixed serious bug which would cause bftpd to crash while sending a file. Double-free error. (Credit to Davide Pozza for reporting these bugs below.) - Prevent buffer over-flow in parsecmd() when forming confstr variable. - Check return values of strtoul() to make sure they do not over-flow an int. Jesse Smith -> 1.7.1 (Credit to Davide Pozza for reporting these bugs.) - Avoid memory over-flow in bftpd_login (login.c) with the str[] variable. Made size 512 + 1. - Avoid buffer over-flow in str[] variable in main(). - Prevent buffer over-flow in check_file_password() when performing fscanf(). - In check_file_password() made calloc() allocate larger buffer to prevent over-flow. - Performed range checking on the number of users on the system to make sure they don't over-flow a 32-bit int. - Make sure malloc calls in commands.c do not allocate too much or too little memory. Jesse Smith -> 1.6.6 - Perform memory allocation check in bftpd_cwd_mappath() - Changed a strcmp() to strcasecmp() in command_retr function. - Performed free(mapped) at end of command_retr. - Performed memory checks and clean-up in various functions. Jesse Smith -> 1.6.5 - The when using the FILE_AUTH option, the text password file can contain anonymous users. That is, users who do not require passwords. THIS IS DANGEROUS ON MOST SYSTEMS. A entry with the password field set to a * (star) does not require a password. See the config file option FILE_AUTH for more information. Jesse Smith -> 1.6.4 - Allow ANONYMOUS_USER config file option to be used with the FILE_AUTH option. This basically allows anyone to login to the system without a password if both options are used! - When a chroot fails during login the server will no longer tell the client which directory it was trying to chroot to. - When the config.h file contains a definition for NO_GETPWNAM then the getpwnam() function is not used. Also, this forces the use of the FILE_AUTH option. If NO_GETPWNAM is defined and FILE_AUTH is not used, all connections are dropped. Jesse Smith -> 1.6.3 - Introduced option to over-ride the local/LAN IP address assigned to the host computer. This option takes a 4-number IP address in the format of "127.0.3.101". See OVERRIDE_IP in bftpd.conf for more information. - Removed description-pak file from source tree. - The options PRE_WRITE_SCRIPT and POST_WRITE_SCRIPT have been added to the bftpd.conf file. These options let you run scripts before and after any command writes to the file system. Handy if you want to re-mount. Please see the bftpd.conf file for details. Jesse Smith -> 1.6.2 - When using FILE_AUTH to login, check DO_CHROOT option before performing a chroot(). Jesse Smith -> 1.6.1 - Removed code which uses sendfile(). The sendfile code appears to cause a conflict on some systems when used with 64-bit file size variables. Jesse Smith -> 1.6 - Released bftpd without code changes, but with updated Polish documentation. Jesse Smith -> 1.5 - Added Polish documentation to website. Jesse Smith -> 1.4.1 - Added ability to use a plain text file for authentication. See config file option FILE_AUTH for details. Jesse Smith -> 1.4 - Fixed default configuration. - Fixed compile warnings for vanilla config. Jesse Smith -> 1.3.2 - Fixed Makefile to erase config.cache file during "make clean" - Added ability to uncompress files on the fly during downloads. Any file with the extension ".gz" can be decompressed during transfer to the client with the use of the GZ_DOWNLOAD in the config file. This option requires bftpd be configured (pre-compile time) with the flag --enable-libz. Jesse Smith -> 1.3.1 - Changed ratio values to unsigned long variables to support large files. - Editted Makefile to allow bftpd to handle large files (2GB+). Jesse Smith -> 1.2.2 - Added ability to upload files and compress them into .gz files on the fly. See bftpd.conf file for the option. This option requires --enable-libz be used when running the configure script. - Cleaned up code to avoid compiler warnings from gcc 4.0.2. Files changed: main.c commands.c Jesse Smith -> 1.2.1 - When the config file is re-read, global are changed only. Files changes: options.c options.h Jesse Smith -> 1.2 - Made re-reable options be able to hold larger values. Up to 256 bytes/characters long. - Replaced old rpm spec file with one from Joe, which will be used from now on for rpm builds. Jesse Smith -> 1.1.3 - When a child/client dies, the parent process will now attempt to remove the client's log entry from the bftpdutmp file. This should prevent stale entries. - Changed some default values to constants in options.h - Fixed typo(s) in bftpd.conf - Set delete/over-write for global users to be disabled by default in bftpd.conf. - Added the XFER_DELAY option to the bftpd.conf file. This allows the admin to set a time delay between data transfer bursts. This aid in bandwidth throttling. Please see bftpd.conf for more details on this feature. - Added more re-read options when catching signal SIGHUP. The re-readable options are now: HELLO_STRING, QUIT_MSG, XFERBUFSIZE, DATA_TIMEOUT, CONTROL_TIMEOUT, USERLIMIT_GLOBAL, USERLIMIT_SINGLEUSER, USERLIMIT_HOST, DENY_LOGIN and XFER_DELAY. Jesse Smith -> 1.1.2 - Program now catches signal SIGHUP. - When bftpd catches the SIGHUP (hang up) it re-reads the config file. It looks for some config values, but not all. At this time, the values which are re-read are: HELLO_STRING, QUIT_MSG and XFERBUFSIZE Jesse Smith -> 1.1.1 - Added rpm spec file to redhat directory. - Changed numberic string length (512) to a defined string length (MAXCMD). Makes code more compatible with main.c and uses less stack memory. File changed: commands.c - When receiving files, the transfer buffer (XFER_BUFSIZE) is divided by the number of connected clients. This should prevent bandwidth being sucked back by multiple connections. - Minor fixes, checking for malloc errors, freeing memory and closing sockets. File changed: commands.c - When sending files, the transfer buffer (XFER_BUFSIZE) is divided by the number of connected clients. This should prevent bandwidth being taken over by multiple connections. - Changed Makefile so bftpd.8 gets installed as a manual page in the proper location. Also updated rpm spec file to include man page. Jesse Smith -> 1.1.0 - Changed some bftpdutmp_log(0) lines to calls to bftpdutmp_end(). This should be safer. - Made sure that clients cannot write or append to files if the "delete" command is disabled. I think if they cannot delete the file they shouldn't be allowed to truncate it to zero bytes either. - Added reason for login failure to log file. - Removed logging of getting user count from temp file. Just seems to be taking up space. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2008/07/10 15:52:03 joerg Exp $ d3 3 a5 3 SHA1 (bftpd-2.8.tar.gz) = 91ae280010006c46719a1cad89b3bbb2872b645d RMD160 (bftpd-2.8.tar.gz) = 63166339ed8365d2b36c634c6816f9b25e82a597 Size (bftpd-2.8.tar.gz) = 139341 bytes @ 1.4 log @Move /var/log/bftpd.log and /var/run/bftpd creation to install time. Bump revision. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2005/02/24 12:13:42 agc Exp $ d3 5 a7 5 SHA1 (bftpd-1.0.24.tar.gz) = 4a047778e9435fc9221d02c1093f040186bb88d7 RMD160 (bftpd-1.0.24.tar.gz) = 6eb162a5d692c5df2811c24fd07d40193e77d095 Size (bftpd-1.0.24.tar.gz) = 75995 bytes SHA1 (patch-aa) = 5ddab875688e1c2b7ba82171a3a776503ffd7af7 SHA1 (patch-ab) = faef48266dd0fb7b095738207be2b26ee34e9359 @ 1.4.20.1 log @Pullup ticket #3140 - requested by kefren net/bftpd: security update Revisions pulled up: - net/bftpd/Makefile 1.11-1.12 - net/bftpd/distinfo 1.5-1.6 - net/bftpd/patches/patch-aa 1.4 - net/bftpd/patches/patch-ab delete - net/bftpd/patches/patch-ac 1.1 --- Module Name: pkgsrc Committed By: obache Date: Thu May 27 14:14:30 UTC 2010 Modified Files: pkgsrc/net/bftpd: Makefile distinfo pkgsrc/net/bftpd/patches: patch-aa Added Files: pkgsrc/net/bftpd/patches: patch-ac Removed Files: pkgsrc/net/bftpd/patches: patch-ab Log Message: Update bftpd to 2.8 Based on PR#43352 by Wen Heping. pkgsrc changes: * set LICENSE=gnu-gpl-v2 * simplify patch-aa. * remove patch-ab, replace with SUBST instead, and also replace /etc in manpage. * add patch-ac for fixes standalone mode. XXX: IPv4 only * cosmetics fixes. --- Module Name: pkgsrc Committed By: obache Date: Fri Jun 4 04:30:45 UTC 2010 Modified Files: pkgsrc/net/bftpd: Makefile distinfo Log Message: Update bftpd to 2.9. Jesse Smith -> 2.9 - Bftpdwill attempt to create it's utmp directory if that directory does not exist. Fixes issue on Ubuntu where the direcotry is wiped out at each reboot. - The ROOTDIR option now works properly for anonymous users. Thanks to Paul for reporting this bug. @ text @d1 1 a1 1 $NetBSD$ d3 5 a7 5 SHA1 (bftpd-2.9.tar.gz) = 92c7130419e7bf3898d2be9f59cc93133e6de939 RMD160 (bftpd-2.9.tar.gz) = 27d61d8cc63a815c97d53242c9d9d0cc32939c62 Size (bftpd-2.9.tar.gz) = 139639 bytes SHA1 (patch-aa) = a7dfb17cbfc203f497a98abacec4a60ea987cffd SHA1 (patch-ac) = 8e50b2abd98f65ee9421d3f225812f25af8bd438 @ 1.3 log @Add RMD160 digests. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2004/12/11 08:25:48 minskim Exp $ d6 1 a6 1 SHA1 (patch-aa) = e8114ee69380fcf1d765abe8fadfba2b2d4ee248 @ 1.2 log @- Use VARBASE instead of hardcoding /var. - Do not override file ownership. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2003/06/02 13:13:15 jmmv Exp $ d4 1 @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d5 1 a5 1 SHA1 (patch-aa) = 3f02301b2ca9290dd7188b39859877f11108b001 @ 1.1.1.1 log @Initial import of bftpd, version 1.0.24: bftpd is a FTP server that tries to be very configurable while being fast and small. Its features include: * Easy configuration. * Speed. * Support for most RFC FTP commands. * tar.gz on-the-fly compression/archiving. * Security with chroot without special setup. * No need for extra files (sh, ls..) in a chroot environment. * Logging to wtmp and to logfile or syslog. * PAM and passwd/shadow support. * Support for SITE CHOWN/CHMOD. Package provided by virtus@@wanadoo.nl in pkgsrc-wip with several changes by me. @ text @@