aiden
/
freshtomato-arm
mirror of https://bitbucket.org/pedro311/freshtomato-arm
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

vsftpd: update to 3.0.5

Browse Source
arm-sdk7
pedro 4 years ago
parent 59aec40c0e
commit fb7462ea5f
6 changed files with 30 additions and 7 deletions
Show Stats Download Patch File Download Diff File

BIN
release/src-rt-6.x.4708/router/vsftpd/.ftpcmdio.h.swp
View File

Binary file not shown.

7
release/src-rt-6.x.4708/router/vsftpd/Changelog
Unescape Escape View File

@ -1387,3 +1387,10 @@ At this point: v3.0.3 released!
At this point: v3.0.4 released! At this point: v3.0.4 released!
=============================== ===============================
- Fix ALPN callback to correctly select the 'ftp' string if present. Works
with FileZilla-3.55.0.
- Fix a couple of seccomp policy issues with Fedora 34.
At this point: v3.0.5 released!
===============================

2
release/src-rt-6.x.4708/router/vsftpd/README
Unescape Escape View File

@ -1,4 +1,4 @@
This is vsftpd, version 3.0.4 This is vsftpd, version 3.0.5
Author: Chris Evans Author: Chris Evans
Contact: scarybeasts@gmail.com Contact: scarybeasts@gmail.com
Website: http://vsftpd.beasts.org/ Website: http://vsftpd.beasts.org/

8
release/src-rt-6.x.4708/router/vsftpd/seccompsandbox.c
Unescape Escape View File

@ -45,6 +45,12 @@
#ifndef __NR_openat #ifndef __NR_openat
#define __NR_openat 257 #define __NR_openat 257
#endif #endif
#ifndef __NR_newfstatat
#define __NR_newfstatat 262
#endif
#ifndef __NR_pselect6
#define __NR_pselect6 270
#endif
#ifndef __NR_getrandom #ifndef __NR_getrandom
#define __NR_getrandom 318 #define __NR_getrandom 318
#endif #endif
@ -270,6 +276,7 @@ seccomp_sandbox_setup_data_connections()
3, IPPROTO_TCP); 3, IPPROTO_TCP);
allow_nr(__NR_bind); allow_nr(__NR_bind);
allow_nr(__NR_select); allow_nr(__NR_select);
allow_nr(__NR_pselect6);
if (tunable_port_enable) if (tunable_port_enable)
{ {
allow_nr(__NR_connect); allow_nr(__NR_connect);
@ -401,6 +408,7 @@ seccomp_sandbox_setup_postlogin(const struct vsf_session* p_sess)
allow_nr_2_arg_match(__NR_setsockopt, 2, SOL_SOCKET, 3, SO_LINGER); allow_nr_2_arg_match(__NR_setsockopt, 2, SOL_SOCKET, 3, SO_LINGER);
allow_nr_2_arg_match(__NR_setsockopt, 2, IPPROTO_IP, 3, IP_TOS); allow_nr_2_arg_match(__NR_setsockopt, 2, IPPROTO_IP, 3, IP_TOS);
allow_nr(__NR_fstat); allow_nr(__NR_fstat);
allow_nr(__NR_newfstatat);
allow_nr(__NR_lseek); allow_nr(__NR_lseek);
/* Since we use chroot() to restrict filesystem access, we can just blanket /* Since we use chroot() to restrict filesystem access, we can just blanket
* allow open(). * allow open().

18
release/src-rt-6.x.4708/router/vsftpd/ssl.c
Unescape Escape View File

@ -740,17 +740,25 @@ ssl_alpn_callback(SSL* p_ssl,
(void) p_ssl; (void) p_ssl;
/* Select everything but return an error if we don't like it. */ /* Initialize just in case. */
*p_out = p_in; *p_out = p_in;
*outlen = inlen; *outlen = 0;
if (inlen == 4) { for (i = 0; i < inlen; ++i) {
if (p_in[0] == 3 && p_in[1] == 'f' && p_in[2] == 't' && p_in[3] == 'p') unsigned int left = (inlen - i);
if (left < 4) {
continue;
}
if (p_in[i] == 3 && p_in[i + 1] == 'f' && p_in[i + 2] == 't' &&
p_in[i + 3] == 'p')
{ {
is_ok = 1; is_ok = 1;
*p_out = &p_in[i + 1];
*outlen = 3;
break;
} }
} }
if (!is_ok) if (!is_ok)
{ {
str_alloc_text(&debug_str, "ALPN rejection"); str_alloc_text(&debug_str, "ALPN rejection");

2
release/src-rt-6.x.4708/router/vsftpd/vsftpver.h
Unescape Escape View File

@ -1,7 +1,7 @@
#ifndef VSF_VERSION_H #ifndef VSF_VERSION_H
#define VSF_VERSION_H #define VSF_VERSION_H
#define VSF_VERSION "3.0.4" #define VSF_VERSION "3.0.5"
#endif /* VSF_VERSION_H */ #endif /* VSF_VERSION_H */

Write Preview
Loading…
Cancel
Save