ftp/Makefile | 2 1 + 1 - 0 !
ftp/cmds.c | 514 329 + 185 - 0 !
ftp/cmds.h | 1 1 + 0 - 0 !
ftp/cmdtab.c | 2 2 + 0 - 0 !
ftp/domacro.c | 41 33 + 8 - 0 !
ftp/ftp.1 | 17 14 + 3 - 0 !
ftp/ftp.c | 614 371 + 243 - 0 !
ftp/ftp_var.h | 7 4 + 3 - 0 !
ftp/main.c | 155 124 + 31 - 0 !
ftp/main.h | 20 20 + 0 - 0 !
ftp/netrc.5 | 4 3 + 1 - 0 !
ftp/ruserpass.c | 10 4 + 6 - 0 !
12 files changed, 906 insertions(+), 481 deletions(-)

 source patches applied to release sarge.
 Multiple patches.

ftp/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 hard coded stripping behaviour.
 Remove explicit stripping from makefile target.
X-Closes: #437615

ftp/main.c | 16 15 + 1 - 0 !
1 file changed, 15 insertions(+), 1 deletion(-)

 buffer overflow caused by long commands.
 Allocate a sufficient amount of memory to handle
 many arguments.
X-Closes: #391207, #407924

ftp/main.c | 30 14 + 16 - 0 !
1 file changed, 14 insertions(+), 16 deletions(-)

 multiple flaws in ftp/main.c.
 There are several flaws in the current code of the makeargv function
 in ftp/main.c. It certainly errs, but not on the side of caution.
 .
 1. The 'count' variable is supposed to count the number of arguments on
 the command line. In fact it counts the number of arguments less one, so
 malloc is often called with an argument of zero.
 .
 2. The argument to malloc is completely wrong. Space needs to be
 reserved for a certain number of pointers; the length of the command
 line string is irrelevant.
 .
 3. The slurpstring parsing function accepts both space and tab as
 delimiters. The 'count' variable is calculated assuming spaces only.
 .
 4. It appears to me that the memory allocated for rargv is never freed,
 leading to a memory leak. I may be wrong about this, and I do not know
 the code well enough to suggest where the free should take place if it
 does not happen already. My patch does not address this.
 .
 Attempting to count parameters in advance is not the best solution in
 my opinion. It is duplicating part of the effort of slurpstring.
 My preference would have been to allocate memory for 20 pointers, as in
 the original code, then realloc() for a larger size if more than 20
 parameters are returned from slurpstring.
X-Closes: Closes #508378, #505533, #510009

ftp/cmds.c | 2 1 + 1 - 0 !
ftp/ftp.1 | 10 5 + 5 - 0 !
2 files changed, 6 insertions(+), 6 deletions(-)

 pedantic complaits by lintian.
 Spelling in ftp/ftp.1 and ftp/cmds.c.
 .
 Incorrect use of hyphenation in ftp/ftp.1.

ftp/ftp.c | 331 252 + 79 - 0 !
1 file changed, 252 insertions(+), 79 deletions(-)

 impose ipv6-capacities on ftp.c.
 Super structure 'struct sockaddr_storage' is replacing 'struct sockaddr_in'
 .
 For peer address strings, a first try aims at IPv4. That failing, next
 try is for IPv6, and ultimatively a host lookup follows as last resort.
 .
 Use a SIGALRM mechanism to decrease the default TCP handshake timeout
 to a value better suited for interactive use. The macro can be set
 externally to change the suggested FTP_CONNECT_TIMEOUT=10
 .
 Use a command EPSV with explicit request for IPv6 address family as soon
 as parsing concluded that the control socket is using IPv6.
 .
 Make IP_TOS conditioned on AF_INET for non-Linux, i.e., GNU/kfreebsd, GNU/Hurd.

ftp/Makefile | 3 3 + 0 - 0 !
ftp/cmds.c | 26 26 + 0 - 0 !
ftp/ftp.1 | 46 46 + 0 - 0 !
ftp/ftp.c | 367 345 + 22 - 0 !
ftp/ftp_var.h | 3 3 + 0 - 0 !
ftp/main.c | 133 133 + 0 - 0 !
ftp/ssl_port.h | 85 85 + 0 - 0 !
ftp/sslapp.c | 186 186 + 0 - 0 !
ftp/sslapp.h | 63 63 + 0 - 0 !
9 files changed, 890 insertions(+), 22 deletions(-)

 base ssl patch
 The original ssl patch, lightly modified to apply to debian's
 netkit-ftp 0.17

ftp/ftp.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix auth ssl response handling
 Accept COMPLETE (234) as well as CONTINUE (334)
 See Debian bug #168762 for full details.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=168762

ftp/ftp.c | 8 8 + 0 - 0 !
1 file changed, 8 insertions(+)

 check return code of ssl_new()
  Origin unknown, comes from netkit-ftp-ssl 0.17.12+0.2-6 or earlier

ftp/main.c | 16 8 + 8 - 0 !
1 file changed, 8 insertions(+), 8 deletions(-)

 install interrupt handler before initializing ssl
  Origin unknown, comes from netkit-ftp-ssl 0.17.12+0.2-6 or earlier

ftp/ftp.c | 16 16 + 0 - 0 !
1 file changed, 16 insertions(+)

 support tls authentication and (optional) data connection encryption
 Netkit-ftp-ssl now supports TLS authentication and (optional) data
 connection encryption according to
 http://www.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-16.txt .
 .
 The default is to fall back to insecure authentication if AUTH TLS is not
 supported by the server to match the current behaviour of the AUTH SSL code.
 .
 If you specify "-z secure", then encryption of both the control and the data
 connection are required.

ftp/ftp.1 | 44 32 + 12 - 0 !
1 file changed, 32 insertions(+), 12 deletions(-)

 man page improvements
 Document SSL options in synopsis, and fix groff errors.
 For groff error report (only), see #250587.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250587

ftp/ftp_var.h | 4 4 + 0 - 0 !
ftp/main.h | 13 13 + 0 - 0 !
2 files changed, 17 insertions(+)

 definitions needed by hurd port
 There is no PATH_MAX, MAXPATHLEN or MAXHOSTNAMELEN in GNU/Hurd, so
 this package does not compile from source.
 .
 The "right" fix for this would be to modify the program so that no
 PATH_MAX is assumed (doing dynamic allocation of the required space),
 but for now this patch should be enough:
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=218336

ftp/ftp.c | 12 10 + 2 - 0 !
ftp/main.c | 23 14 + 9 - 0 !
ftp/ssl_port.h | 1 1 + 0 - 0 !
ftp/sslapp.c | 4 2 + 2 - 0 !
ftp/sslapp.h | 1 1 + 0 - 0 !
5 files changed, 28 insertions(+), 13 deletions(-)

 fix various warnings
  some trivial, some (like the sprintf fix) are actual bugs

ftp/ftp.c | 18 10 + 8 - 0 !
1 file changed, 10 insertions(+), 8 deletions(-)

 use ssl-specific macros to wrap fflush and putc
  Origin unknown, first appeared in netkit-ftp-ssl 0.17.12+0.2
  somewhere between -1 and -6
  Author unknown, probably Christoph Martin <christoph.martin@uni-mainz.de>

ftp/cmds.c | 4 4 + 0 - 0 !
ftp/ftp.c | 34 19 + 15 - 0 !
ftp/sslapp.h | 1 1 + 0 - 0 !
3 files changed, 24 insertions(+), 15 deletions(-)

 fix ssl without autologin (-n)
 Initialize SSL even when -n is used.
 Also enforce -z secure when logging in with USER command.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450723

ftp/ftp.c | 35 17 + 18 - 0 !
1 file changed, 17 insertions(+), 18 deletions(-)

 fix passive mode when ssl is enabled
  Origin/Author unknown. From netkit-telnet-ssl 0.17.9+0.2-3:
  * fix broken passive mode while SSL is enabled (thanks to Stefan Esser
    <sesser@php.net>)

ftp/main.c | 34 25 + 9 - 0 !
1 file changed, 25 insertions(+), 9 deletions(-)

 include ssl options in ftp -h output

ftp/cmds.c | 6 6 + 0 - 0 !
ftp/ftp.c | 5 4 + 1 - 0 !
ftp/sslapp.h | 2 2 + 0 - 0 !
3 files changed, 12 insertions(+), 1 deletion(-)

 enforce -z secure when logging in with user command

ftp/main.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 fix segfault when -z is given with no following args
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506137
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/netkit-ftp-ssl/+bug/184626

configure | 30 28 + 2 - 0 !
ftp/Makefile | 5 5 + 0 - 0 !
ftp/cmds.c | 8 6 + 2 - 0 !
ftp/main.c | 8 6 + 2 - 0 !
ftp/main.h | 8 8 + 0 - 0 !
5 files changed, 53 insertions(+), 6 deletions(-)

 use editline instead of readline
 netkit-ftp-ssl links against openssl, which is incompatible with
 the GPL. Unfortunately readline is GPLed, so link to editline
 (BSD licensed) instead.
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531822