Package: netkit-ftp-ssl / 0.17.23+0.2-1
Metadata
Package | Version | Patches format |
---|---|---|
netkit-ftp-ssl | 0.17.23+0.2-1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
010_patches_in_sarge.diff | (download) |
ftp/Makefile |
2 1 + 1 - 0 ! |
source patches applied to release sarge. Multiple patches. |
020_optional_stripping.diff | (download) |
ftp/Makefile |
2 1 + 1 - 0 ! |
hard coded stripping behaviour. Remove explicit stripping from makefile target. X-Closes: #437615 |
025_long_cmd_overflow.diff | (download) |
ftp/main.c |
16 15 + 1 - 0 ! |
buffer overflow caused by long commands. Allocate a sufficient amount of memory to handle many arguments. X-Closes: #391207, #407924 |
030_argv_handling.diff | (download) |
ftp/main.c |
30 14 + 16 - 0 ! |
multiple flaws in ftp/main.c. There are several flaws in the current code of the makeargv function in ftp/main.c. It certainly errs, but not on the side of caution. . 1. The 'count' variable is supposed to count the number of arguments on the command line. In fact it counts the number of arguments less one, so malloc is often called with an argument of zero. . 2. The argument to malloc is completely wrong. Space needs to be reserved for a certain number of pointers; the length of the command line string is irrelevant. . 3. The slurpstring parsing function accepts both space and tab as delimiters. The 'count' variable is calculated assuming spaces only. . 4. It appears to me that the memory allocated for rargv is never freed, leading to a memory leak. I may be wrong about this, and I do not know the code well enough to suggest where the free should take place if it does not happen already. My patch does not address this. . Attempting to count parameters in advance is not the best solution in my opinion. It is duplicating part of the effort of slurpstring. My preference would have been to allocate memory for 20 pointers, as in the original code, then realloc() for a larger size if more than 20 parameters are returned from slurpstring. X-Closes: Closes #508378, #505533, #510009 |
035_lintian_pedantic.diff | (download) |
ftp/cmds.c |
2 1 + 1 - 0 ! |
pedantic complaits by lintian. Spelling in ftp/ftp.1 and ftp/cmds.c. . Incorrect use of hyphenation in ftp/ftp.1. |
040_ipv6_ftp_c.diff | (download) |
ftp/ftp.c |
331 252 + 79 - 0 ! |
impose ipv6-capacities on ftp.c. Super structure 'struct sockaddr_storage' is replacing 'struct sockaddr_in' . For peer address strings, a first try aims at IPv4. That failing, next try is for IPv6, and ultimatively a host lookup follows as last resort. . Use a SIGALRM mechanism to decrease the default TCP handshake timeout to a value better suited for interactive use. The macro can be set externally to change the suggested FTP_CONNECT_TIMEOUT=10 . Use a command EPSV with explicit request for IPv6 address family as soon as parsing concluded that the control socket is using IPv6. . Make IP_TOS conditioned on AF_INET for non-Linux, i.e., GNU/kfreebsd, GNU/Hurd. |
500_ssl.diff | (download) |
ftp/Makefile |
3 3 + 0 - 0 ! |
base ssl patch The original ssl patch, lightly modified to apply to debian's netkit-ftp 0.17 |
510_fix_ssl_auth_response.diff | (download) |
ftp/ftp.c |
2 1 + 1 - 0 ! |
fix auth ssl response handling Accept COMPLETE (234) as well as CONTINUE (334) See Debian bug #168762 for full details. Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=168762 |
520_check_ssl_new.diff | (download) |
ftp/ftp.c |
8 8 + 0 - 0 ! |
check return code of ssl_new() Origin unknown, comes from netkit-ftp-ssl 0.17.12+0.2-6 or earlier |
530_move_interrupt_handler.diff | (download) |
ftp/main.c |
16 8 + 8 - 0 ! |
install interrupt handler before initializing ssl Origin unknown, comes from netkit-ftp-ssl 0.17.12+0.2-6 or earlier |
540_tls.diff | (download) |
ftp/ftp.c |
16 16 + 0 - 0 ! |
support tls authentication and (optional) data connection encryption Netkit-ftp-ssl now supports TLS authentication and (optional) data connection encryption according to http://www.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-16.txt . . The default is to fall back to insecure authentication if AUTH TLS is not supported by the server to match the current behaviour of the AUTH SSL code. . If you specify "-z secure", then encryption of both the control and the data connection are required. |
550_doc_fixes.diff | (download) |
ftp/ftp.1 |
44 32 + 12 - 0 ! |
man page improvements Document SSL options in synopsis, and fix groff errors. For groff error report (only), see #250587. Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250587 |
560_hurd.diff | (download) |
ftp/ftp_var.h |
4 4 + 0 - 0 ! |
definitions needed by hurd port There is no PATH_MAX, MAXPATHLEN or MAXHOSTNAMELEN in GNU/Hurd, so this package does not compile from source. . The "right" fix for this would be to modify the program so that no PATH_MAX is assumed (doing dynamic allocation of the required space), but for now this patch should be enough: Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=218336 |
570_fix_warnings.diff | (download) |
ftp/ftp.c |
12 10 + 2 - 0 ! |
fix various warnings some trivial, some (like the sprintf fix) are actual bugs |
580_ssl_fflush.diff | (download) |
ftp/ftp.c |
18 10 + 8 - 0 ! |
use ssl-specific macros to wrap fflush and putc Origin unknown, first appeared in netkit-ftp-ssl 0.17.12+0.2 somewhere between -1 and -6 Author unknown, probably Christoph Martin <christoph.martin@uni-mainz.de> |
590_fix_ssl_without_autologin.diff | (download) |
ftp/cmds.c |
4 4 + 0 - 0 ! |
fix ssl without autologin (-n) Initialize SSL even when -n is used. Also enforce -z secure when logging in with USER command. Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450723 |
600_fix_passive_mode.diff | (download) |
ftp/ftp.c |
35 17 + 18 - 0 ! |
fix passive mode when ssl is enabled Origin/Author unknown. From netkit-telnet-ssl 0.17.9+0.2-3: * fix broken passive mode while SSL is enabled (thanks to Stefan Esser <sesser@php.net>) |
610_usage.diff | (download) |
ftp/main.c |
34 25 + 9 - 0 ! |
include ssl options in ftp -h output |
620_enforce_ssl_in_user_cmd.diff | (download) |
ftp/cmds.c |
6 6 + 0 - 0 ! |
enforce -z secure when logging in with user command |
630_fix_ z_segfault.diff | (download) |
ftp/main.c |
5 5 + 0 - 0 ! |
fix segfault when -z is given with no following args Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506137 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/netkit-ftp-ssl/+bug/184626 |
640_use_editline.diff | (download) |
configure |
30 28 + 2 - 0 ! |
use editline instead of readline netkit-ftp-ssl links against openssl, which is incompatible with the GPL. Unfortunately readline is GPLed, so link to editline (BSD licensed) instead. Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531822 |