head 1.6; access; symbols pkgsrc-2013Q2:1.6.0.12 pkgsrc-2013Q2-base:1.6 pkgsrc-2012Q4:1.6.0.10 pkgsrc-2012Q4-base:1.6 pkgsrc-2011Q4:1.6.0.8 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q2:1.6.0.6 pkgsrc-2011Q2-base:1.6 pkgsrc-2009Q4:1.6.0.4 pkgsrc-2009Q4-base:1.6 pkgsrc-2008Q4:1.6.0.2 pkgsrc-2008Q4-base:1.6 pkgsrc-2008Q3:1.5.0.18 pkgsrc-2008Q3-base:1.5 cube-native-xorg:1.5.0.16 cube-native-xorg-base:1.5 pkgsrc-2008Q2:1.5.0.14 pkgsrc-2008Q2-base:1.5 cwrapper:1.5.0.12 pkgsrc-2008Q1:1.5.0.10 pkgsrc-2008Q1-base:1.5 pkgsrc-2007Q4:1.5.0.8 pkgsrc-2007Q4-base:1.5 pkgsrc-2007Q3:1.5.0.6 pkgsrc-2007Q3-base:1.5 pkgsrc-2007Q2:1.5.0.4 pkgsrc-2007Q2-base:1.5 pkgsrc-2007Q1:1.5.0.2 pkgsrc-2007Q1-base:1.5 pkgsrc-2006Q4:1.3.0.2 pkgsrc-2006Q4-base:1.3 pkgsrc-2006Q3:1.2.0.18 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.16 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.14 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.12 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.10 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.8 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.6 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.4 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.2 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.1.0.4 pkgsrc-2004Q2-base:1.1 pkgsrc-2004Q1:1.1.0.2 pkgsrc-2004Q1-base:1.1; locks; strict; comment @# @; 1.6 date 2008.10.09.04.14.29; author lukem; state dead; branches; next 1.5; 1.5 date 2007.03.07.17.56.37; author joerg; state Exp; branches 1.5.18.1; next 1.4; 1.4 date 2007.03.01.14.01.21; author salo; state dead; branches; next 1.3; 1.3 date 2006.12.02.23.00.04; author adrianp; state Exp; branches; next 1.2; 1.2 date 2004.08.10.01.58.12; author lukem; state dead; branches 1.2.18.1; next 1.1; 1.1 date 2003.12.20.13.38.37; author grant; state Exp; branches; next ; 1.5.18.1 date 2008.10.09.11.50.35; author tron; state dead; branches; next ; 1.2.18.1 date 2006.12.09.10.37.30; author salo; state Exp; branches; next ; desc @@ 1.6 log @Update to tnftpd 20081009. Notable changes since 20061217: * Don't split large commands into multiple commands; just fail on them. This prevents cross-site request forgery (CSRF)-like attacks, when a web browser is used to access an ftp server. * Enhance -C to support an optional @@host ('-C user[@@host]'): checks whether user as connecting from host would be granted access by ftpusers(5). * Support IPv6 in the host directive of ftpusers(5). * Implement -n to disable hostname lookups. * Disable SOCKS support; I don't have the ability to test it, and the autoconf checks were very out of date. * Add configure --with-pam to enable PAM authentication support. Defaults to checking for PAM. * Add configure --with-skey to enable S/Key authentication support. Incompatible with --with-pam, defaults to no. * Fix pathnames in the installed manual pages to contain the appropriate $(prefix) substitution. * Use fcntl(3) locking instead of flock(3) or lockf(3). * Various other portability improvements. @ text @$NetBSD: patch-aa,v 1.5 2007/03/07 17:56:37 joerg Exp $ --- src/ftpd.c.orig 2007-03-07 17:23:16.000000000 +0000 +++ src/ftpd.c @@@@ -3744,7 +3744,11 @@@@ checkpassword(const struct passwd *pwent expire = pwent->pw_expire; #endif #if HAVE_PW_CHANGE +#ifdef _PASSWORD_CHGNOW change = (pwent->pw_change == _PASSWORD_CHGNOW)? now : pwent->pw_change; +#else + change = pwent->pw_change; +#endif #endif #endif @ 1.5 log @Fix build on systems which have pw_change but not _PASSWORD_CHGNOW. @ text @d1 1 a1 1 $NetBSD$ @ 1.5.18.1 log @Pullup ticket #2549 - requested by lukem tnftpd: security update Revisions pulled up: - net/tnftpd/Makefile 1.18 - net/tnftpd/PLIST 1.3 - net/tnftpd/distinfo 1.10 - net/tnftpd/options.mk 1.2 - net/tnftpd/patches/patch-aa delete --- Module Name: pkgsrc Committed By: lukem Date: Thu Oct 9 04:14:29 UTC 2008 Modified Files: pkgsrc/net/tnftpd: Makefile PLIST distinfo options.mk Removed Files: pkgsrc/net/tnftpd/patches: patch-aa Log Message: Update to tnftpd 20081009. Notable changes since 20061217: * Don't split large commands into multiple commands; just fail on them. This prevents cross-site request forgery (CSRF)-like attacks, when a web browser is used to access an ftp server. * Enhance -C to support an optional @@host ('-C user[@@host]'): checks whether user as connecting from host would be granted access by ftpusers(5). * Support IPv6 in the host directive of ftpusers(5). * Implement -n to disable hostname lookups. * Disable SOCKS support; I don't have the ability to test it, and the autoconf checks were very out of date. * Add configure --with-pam to enable PAM authentication support. Defaults to checking for PAM. * Add configure --with-skey to enable S/Key authentication support. Incompatible with --with-pam, defaults to no. * Fix pathnames in the installed manual pages to contain the appropriate $(prefix) substitution. * Use fcntl(3) locking instead of flock(3) or lockf(3). * Various other portability improvements. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.5 2007/03/07 17:56:37 joerg Exp $ @ 1.4 log @Update to version 20061217. requested by Changes: 20061217: ========= - Portability fix: provide a replacement daemon(3) if necessary. 20061204: ========= - Fix buffer overflow in local version of glob(3). (already fixed in pkgsrc) - Implement -D to run as a stand-alone daemon. - Add ftpd.conf(5) options: hidesymlinks recvbufsize - Enforce account expiration, and support shadow password aging where appropriate. - Return 450 instead of 550 upon NLST error. - Portability fixes and improvements. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.3 2006/12/02 23:00:04 adrianp Exp $ d3 13 a15 12 --- libnetbsd/glob.c.orig 2003-12-15 12:18:43.000000000 +0000 +++ libnetbsd/glob.c @@@@ -497,7 +497,9 @@@@ glob1(Char *pattern, glob_t *pglob, size * we save one character so that we can use ptr >= limit, * in the general case when we are appending non nul chars only. */ - return(glob2(pathbuf, pathbuf, pathbuf + sizeof(pathbuf) - 1, pattern, + return(glob2(pathbuf, pathbuf, + pathbuf + (sizeof(pathbuf) / sizeof(*pathbuf)) - 1, + pattern, pglob, limit)); } @ 1.3 log @Add a patch for: http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html Bumb to nb1 @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Update to tnftpd 20040810. Notable changes: * remove use of setjmp/longjmp * improve safety of signal handlers * fix minor memory leaks * improve portability to BSD/OS 3.0 @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1 2003/12/20 13:38:37 grant Exp $ d3 12 a14 16 --- src/Makefile.in.orig 2002-12-09 00:05:36.000000000 +1100 +++ src/Makefile.in @@@@ -10,12 +10,13 @@@@ exec_prefix = @@exec_prefix@@ bindir = @@bindir@@ mandir = @@mandir@@ sbindir = @@sbindir@@ +sysconfdir = @@sysconfdir@@ mandircat5 = ${mandir}/cat5 mandircat8 = ${mandir}/cat8 CC = @@CC@@ -CFLAGS = -I${srcdir} -I${srcdir}/.. -I. -I.. @@INCLUDES@@ -DHAVE_TNFTPD_H=1 @@CFLAGS@@ +CFLAGS = -I${srcdir} -I${srcdir}/.. -I. -I.. @@INCLUDES@@ -DHAVE_TNFTPD_H=1 @@CFLAGS@@ -D_DEFAULT_CONFDIR=\"${sysconfdir}\" LIBS = @@LIBS@@ LDFLAGS = @@LDFLAGS@@ @ 1.2.18.1 log @Pullup ticket 1949 - requested by wiz security fix for tnftpd Revisions pulled up: - pkgsrc/net/tnftpd/Makefile 1.15 - pkgsrc/net/tnftpd/distinfo 1.7 - pkgsrc/net/tnftpd/patches/patch-aa 1.3 Module Name: pkgsrc Committed By: adrianp Date: Sat Dec 2 23:00:05 UTC 2006 Modified Files: pkgsrc/net/tnftpd: Makefile distinfo Added Files: pkgsrc/net/tnftpd/patches: patch-aa Log Message: Add a patch for: http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html Bumb to nb1 @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.3 2006/12/02 23:00:04 adrianp Exp $ d3 16 a18 12 --- libnetbsd/glob.c.orig 2003-12-15 12:18:43.000000000 +0000 +++ libnetbsd/glob.c @@@@ -497,7 +497,9 @@@@ glob1(Char *pattern, glob_t *pglob, size * we save one character so that we can use ptr >= limit, * in the general case when we are appending non nul chars only. */ - return(glob2(pathbuf, pathbuf, pathbuf + sizeof(pathbuf) - 1, pattern, + return(glob2(pathbuf, pathbuf, + pathbuf + (sizeof(pathbuf) / sizeof(*pathbuf)) - 1, + pattern, pglob, limit)); } @ 1.1 log @incorporate patch from othersrc/libexec/tnftpd to honour --sysconfdir (will be included in the next release) and make the package honour PKG_SYSCONFDIR. use CONF_FILES to install the sample configuration ftpd.conf and ftpusers. bump PKGREVISION, as the default configuration file location has changed to ${PKG_SYSCONFDIR}. set PKG_SYSCONFDIR.tnftpd=/etc to get the previous behaviour. @ text @d1 1 a1 1 $NetBSD$ @