ftpd/ftpcmd.y | 27 14 + 13 - 0 !
ftpd/ftpd.8 | 19 18 + 1 - 0 !
ftpd/ftpd.c | 478 353 + 125 - 0 !
ftpd/logwtmp.c | 2 1 + 1 - 0 !
support/Makefile | 3 1 + 2 - 0 !
support/setproctitle.c | 2 1 + 1 - 0 !
6 files changed, 388 insertions(+), 143 deletions(-)

 patching recovered from linux-ftpd_0.17-13.diff.gz

ftpd/ftpcmd.y | 9 5 + 4 - 0 !
ftpd/ftpd.8 | 20 12 + 8 - 0 !
ftpd/ftpd.c | 43 29 + 14 - 0 !
ftpd/popen.c | 9 7 + 2 - 0 !
4 files changed, 53 insertions(+), 28 deletions(-)

 patches taken from linux-ftpd_0.17-20sarge2.diff.gz.

ftpd/ftpcmd.y | 17 8 + 9 - 0 !
ftpd/popen.c | 2 1 + 1 - 0 !
2 files changed, 9 insertions(+), 10 deletions(-)

 patches recovered from linux-ftpd_0.17-23.diff.gz.

ftpd/extern.h | 2 1 + 1 - 0 !
ftpd/ftpcmd.y | 32 24 + 8 - 0 !
ftpd/ftpd.c | 7 6 + 1 - 0 !
3 files changed, 31 insertions(+), 10 deletions(-)

 fix cross-site request forgery (csrf) attacks.

ftpd/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 corrections to infrastructure for builds.
 Insert harmless omission that eases tailored builds.

ftpd/ftpcmd.y | 68 54 + 14 - 0 !
ftpd/ftpd.c | 300 206 + 94 - 0 !
2 files changed, 260 insertions(+), 108 deletions(-)

 make the tcp transport code independent of address family.
 Make sure to eliminate as much outdated dependency on AF_INET,
 even before migrating to true support for AF_INET6.
 .
 1. Rewrite dolog() and check_host().
 .
 2. Eliminate inet_ntoa(), gethostbyname(), gethostbyaddr().
 .
 3. Introduce helper functions get_port() and set_port()
    in order to hide family dependency, as well as representation
    in network byte order. This isolates use of ntohs() and htons()
    to the above two functions, with a single exception.
 .
 4. Make sure that the daemon initialization depends only on
    a single AF_INET used for getaddrinfo(). This will later
    be replaced by AF_UNSPEC.
 .
 5. Make name and address lookup in main() independent of
    address family.
 .
 6. Reconstruct passive() to inherit address family from the
    controlling socket, then building the listening socket
    in an address independent manner.
 .
 7. Let statcmd() and passive() report on IPv6 sockets
    using the EPSV semantics '(|||portnum|)'.
 .
 8. Let the parser in ftpcmd.y use getaddrinfo() with NI_NUMERICHOST
    when constructing the IP-address, instead of manipulating byte
    fields. Likewise, hide port extraction in get_port().

ftpd/extern.h | 5 4 + 1 - 0 !
ftpd/ftpcmd.y | 76 70 + 6 - 0 !
ftpd/ftpd.8 | 6 6 + 0 - 0 !
ftpd/ftpd.c | 183 164 + 19 - 0 !
ftpd/logwtmp.c | 32 30 + 2 - 0 !
5 files changed, 274 insertions(+), 28 deletions(-)

 activate support for ipv6 transport.
 This patch supplies working services for:
 .
 1. Mixed IPv4 and IPv6 in inetd mode.
 .
 2. Mixed IPv4 and IPv6 in standalone daemon mode.
 .
 3. Selectable options '-4' and '-6' to activate a
    single address family.
 .
 4. Registration in wtmp of the caller's address structure.
    This field in 'struct utmp' was earlier ignored, as it
    it an extension particular to Linux.
 .
 5. Implementation of ABOR for use in idle state.
 .
 6. Conversion of second time length in case a compatibility
    layer between 32 bits and 64 bits are in effect.
 .
 Testing was performed using xinetd and net.ipv6.bindv6only=1,
 on architectures i386 and amd64.

ftpd/ftpd.c | 14 14 + 0 - 0 !
1 file changed, 14 insertions(+)

 reinitialize variable argument list for vsyslog().
 The use of vprintf(fmt, ap) leaves the second argument in an
 undefined state after execution. On a system using the amd64
 architecture, this leads consistently to segmentation faults.
 The solution is to insert the required initialization before
 the call to vsyslog().

ftpd/extern.h | 2 1 + 1 - 0 !
ftpd/ftpcmd.y | 4 2 + 2 - 0 !
ftpd/ftpd.c | 49 35 + 14 - 0 !
ftpd/logutmp.c | 8 4 + 4 - 0 !
ftpd/popen.c | 4 2 + 2 - 0 !
support/vis.c | 2 1 + 1 - 0 !
6 files changed, 45 insertions(+), 24 deletions(-)

 implement changes to support gnu/hurd and gnu/kfreebsd.
 Several conditionals on '__linux__' are altered to react identical
 to '__GLIBC__' and '__GNU__'. This should produce working code
 also for the Debian ports GNU/kfreebsd and GNU/Hurd.
 .
 GNU/kfreebsd uses distinct options IP_PORTRANGE and IPV6_PORTRANGE
 depending on address family.
 .
 Use IP_TOS only for IPv4 when compiling for non-Linux.

ftpd/ftpd.8 | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---

ftpd/Makefile | 4 2 + 2 - 0 !
ftpd/ftpcmd.y | 96 84 + 12 - 0 !
ftpd/ftpd.c | 737 726 + 11 - 0 !
ftpd/ssl_port.h | 85 85 + 0 - 0 !
ftpd/sslapp.c | 186 186 + 0 - 0 !
ftpd/sslapp.h | 63 63 + 0 - 0 !
6 files changed, 1146 insertions(+), 25 deletions(-)

 base ssl patch
 The original ssl patch, modified to apply to debian's linux-ftpd package.

ftpd/ftpcmd.y | 2 1 + 1 - 0 !
ftpd/ftpd.8 | 47 47 + 0 - 0 !
ftpd/ftpd.c | 22 12 + 10 - 0 !
3 files changed, 60 insertions(+), 11 deletions(-)

 patches up to linux-ftpd-ssl 0.17.18+0.3-3

ftpd/ftpd.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix cve-2005-3524 - a remotely exploitable buffer overflow.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339074

ftpd/ftpd.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 fix cve-2007-6263 - remote denial of service
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454733

ftpd/ftpd.8 | 10 9 + 1 - 0 !
1 file changed, 9 insertions(+), 1 deletion(-)

 document ssl options in manpage, fix typo

ftpd/ftpcmd.y | 1 1 + 0 - 0 !
ftpd/ftpd.c | 2 2 + 0 - 0 !
ftpd/ssl_port.h | 1 1 + 0 - 0 !
ftpd/sslapp.c | 4 2 + 2 - 0 !
4 files changed, 6 insertions(+), 2 deletions(-)

 fix all warnings in source

ftpd/ftpd.c | 11 4 + 7 - 0 !
1 file changed, 4 insertions(+), 7 deletions(-)

 set default ssl key/cert file to /etc/ftpd-ssl/ftpd.pem