All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
* Version 1.0.49:
- This version fixes a regression introduced in version 1.0.48 that broke
the external authentication feature. Reported by Peter Hudec, thanks!
- Sockets from `pure-authd` and `pure-extauth` are now always owned by
`root` in order to cope with the absence of `CAP_DAC_OVERRIDE` on Linux.
Suggested by Arkadiusz MiÅkiewicz, thanks!
* Version 1.0.48:
- SNI support has been added. A new service, `pure-certd`, can run
external code written in any language in order to map SNI names to TLS certificates.
- External authentication handlers get a new
`AUTHD_CLIENT_SNI_NAME` environment variable set when the client uses SNI.
- TLS certificates and keys can now be in different files.
- `make install` does not overwrite existing configuration files any
more. The example files layout has changed.
- TLS 1.3 is enabled when using OpenSSL 1.1.x.
- TLS < 1.2 is disabled by default.
- Quirks for obsolete OpenSSL versions have been removed.
- Username _ftp can be used as an alternative to ftp everywhere.
- Password hashing parameters are now chosen according to locally
available resources. The `pure-pw` command gets to new switches: `-C` (as
a hint regarding the number of simultaneous login attempts) and `-M`
(total memory, in MB, to reserve for password hashing).
- New translation: Albanian, thanks to Moisi Xhaferaj.
- The `PRET` command has been added. It can avoid opening useless data
connections for nonexistent content.
- Dot-files are always displayed. We don't lie any more in some
commands while not lying in other commands to respect the protocol.
- Support for RFC 2640 has been removed from the free version, as it
was early, experimental, slow, mostly broken and unmaintained code.
- The `NLST` command doesn't perform globbing any more.
- The `MLSD` command now prepends the path to file names.
* Version 1.0.47:
- Unlike other directory listing commands, the STAT command should
use TLS on the control channel even if TLS has been disabled on the data
channel. It wasn't the case; this has been fixed. Thanks to Carlo
Cannas.
- Return a 451 error code instead of 226 on aborted uploads.
- The system user "_ftp" can be used as an alternative to "ftp" for
anonymous sessions.
- Compatibility with libsodium > 1.0.12 was added (including minimal
mode).
* Version 1.0.46:
- The server can now be linked against OpenSSL 1.1.x with the strict API.
- Unmaintained contributions have been removed.
- Globbing: the number of * in an expression has been limited to 3.
* Version 1.0.45:
- TLS v1.0 sessions are now refused.
- Version 1.0.44 didn't properly parse the TLSCipherSuite directive.
This has been fixed.
* Version 1.0.44:
- The Perl and Python wrappers are gone. The daemon can now use a
configuration file without requiring external dependencies.
- Pure-FTPd can now be linked against OpenSSL 1.1.x
- The QUIT command didn't work properly when the server was compiled
without support for RFC2640. This has been fixed.
- 3DES was removed from the default cipher suite.
* Version 1.0.43:
- Passwords can now be hashed using Argon2.
- The -J switch didn't work any more in 1.0.42. This has been fixed.
- The default cipher suite was simplified.
- Authentication against system accounts is compatible with OpenBSD 6.0.
- Fixed: protocol conformance when TLS sessions are refused.
- Altlog records can now be sent to `stdout`/`stderr`.
* Version 1.0.42:
- Compilation fix for OpenBSD and Bitrig when Pure-FTPd is not
compiled with libsodium.
- The connection is now dropped if HTTP commands are received.
- LDAP force_default_gid and force_default_uid now work as documented.
- The ONLY_ACCEPT_REUSED_SSL_SESSIONS switch (introduced in Pure-FTPd
1.0.22 circa 2009, but disabled back then due to client compatibility
concerns) is now on by default, except in broken clients compatibility mode.
* Version 1.0.41:
- libmariadb is looked for in addition to libmysqlclient
- MySQL: my_make_scrambled_password() is not always an exported
symbol any more, so pure-ftpd now ships a reimplementation.
- openssl/ec.h is not available on some Linux distributions that
disable EC in OpenSSL. This is being tested by autoconf.
- New command-line switch: -2/--certfile= to set the path to the
certificate file when using TLS.
* Version 1.0.40:
- Support for TCP_FASTOPEN added on Linux
- The LDAP configuration file didn't allow a default gid without also
defining a default uid. This is no longer the case.
- OpenBSD's glob() left the glob_t structure uninitialized if the
pattern was larger than PATH_MAX, causing globfree() to free() an
unwanted pointer. The bug was introduced in Pure-FTPd 1.0.34.
* Version 1.0.39:
- Explicitly include openssl/ec.h for OpenSSL 0.9.8 (CentOS 5)
- Retry if SSL_shutdown() returns -1 and SSL_ERROR_WANT_(READ|WRITE)
* Version 1.0.38:
- The default cipher suite is now ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SH
- TLS forward secrecy support was added. DH parameters are loaded from
TLS_DHPARAMS_FILE, if present. ECDH is also supported - Default curve
is prime256v1 (TLS_DEFAULT_ECDH_CURVE). The best curve is automatically
selected when using LibreSSL.
- scrypt hashed passwords can be used in the MySQL, PostgreSQL and
LDAP backends.
* Version 1.0.37:
- The -C: prefix can be added to the cipher suite in order to make valid
client certificates mandatory. This is no longer a compile-time option.
- The Clear Command Channel (CCC) command is now supported.
- pure-config.py is compatible with Python 3.
- SSL (v2, v3) is refused by default.
- The PureDB backend supports the scrypt function in order to hash
passwords. This is the preferred algorithm, but requires the presence
of libsodium.
- DES-hashed passwords are not supported any more.
- LDAP uid and gid values can over overridden in the LDAP configuration file.
- New LDAPUseTLS directive for LDAP.
- RC4 was killed.
* Version 1.0.36:
- The safe_write()/safe_read() factorization broke extauth. Using
safe_read_partial() to read from the extauth pipe wasn't enough.
Bug reported by Rasmus Fauske.
- Improved autoconf detection of -fstack-protector and -fPIE
- If 10 digits are not enough to print the size of a file in an
ls-like output, bump the max number of digits to 18. This adds support for
files up to 1 exabyte.
- Pure-FTPd can be compiled with Cygwin, ASLR/DEP is enabled by
default on Windows, and ASCII downloads on Windows have been fixed.
- A new undocumented macro, ALLOW_EVERYTHING_IN_FILE_NAMES, allows
any characters in a file name. Disabled by default.
- Don't display dot files (except . and ..) if dot_read_ok is 0 in
donlist() - but not in sglob() yet. This change is purely cosmetic. There are
many ways to figure out if a file exists.
Email address seems no longer deliverable (if you are the maintainer and
reading that and/or if the problem was just temporary please let me
know and I will update it!).
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
Changes since 1.0.30:
- An old-standing bug has been fixed: when a file was renamed and overwrote an existing file, the quota wasn't properly updated.
- SITE UTIME now supports the 2-arguments syntax in addition to the 5-arguments syntax.
- Support for the MFMT command has been implemented.
- A default directory can now be specified when using the LDAP backend.
- Support SHA1 password hashing in MySQL and PostgreSQL backends
- Support for braces expansion in directory listings has been disabled - Cf. CVE-2011-0418
- The list of allowed ciphers for SSL/TLS connections can now be specified (--tlsciphersuite / -J).
- Shell-like escaping is now partially handled when emulating the "ls" command in order to improve compatibility with legacy clients.
- Linking issues with MySQL support on Fedora have been solved.
* Version 1.0.30:
- pure-quotacheck can now work with a large number of files.
- OPTS UTF-8 is now an alias to OPTS UTF8.
- Fix a STARTTLS flaw similar to Postfix's CVE-2011-0411.
Changelog:
Version 1.0.29:
* Fixed corruption when downloading files larger than 4 Gb on a 32-bits arch.
* Fixed error on exit on Linux.
* Downloading should be slightly faster.
Version 1.0.28:
* When —autorename is enabled, an upload script will now get the final file name instead of the original one.
* The ALLO command now checks for the actual disk space in addition to the virtual quota.
* ABOR on OSX has been fixed.
* Fixed the virtual quota computation after an atomic upload has been resumed.
* Fixed AUTH_ENCRYPTED.
* A workaround against spurious disconnections with ncftp has been implemented.
Based on PR#42711 by Fredrik Pettai.
Pkgsrc changes:
Honor VARBASE.
* Version 1.0.27:
- IPv6 connections are accepted again (regression from version 1.0.26)
- SSLv3 renegociation has been disabled
- .pureftpd-upload-* files can be deleted by users with no quota.
- The server can be forced to shut down on iPhone.
* Version 1.0.26:
- Fix incompatibilities with Cyberduck and dramatically speed up directory
listings and transfers when TLS is enabled with some other clients like LFTP.
- Allow authentication of non-chrooted users again. It was a regression
from version 1.0.25. Spotted by Juergen Daubert.
* Version 1.0.25:
- The FTP server can now be built as a library for iPhone and iPod Touch.
- Display symbolic links in the MSLD command as symbolic links, unless the
broken clients mode is enabled, just like STAT/LIST/NLST.
- Enhanced compatibility with gcc 2.x and with custom installation paths.
- Fix packaging issues, especially when the server isn't installed in the
default paths
- Downloads now require less CPU and less memory.
- Fix an infinite loop that could lead to a client process burning a CPU
core if the client didn't disconnect properly. Reported by Thomas Min and
Margus Kaidja.
- Handle fake download resumes the traditional way for the sake of being
compatible with weird clients that insist on doing that.
- The group name is now always displayed instead of the gid when it matches the
primary user group.
* Version 1.0.24:
- When using LDAP in BIND mode, empty passwords are refused. Reported by
Henning Brauer.
* Version 1.0.23:
- The LDAP schema has been fixed.
- LDAP authentication through binding is now possible in addition to
passwords. This allows for the FTP server to run with an unprivileged LDAP
account.
- In LDAP objects, the "enabled" value is accepted again as a FTPStatus
property.
- Privilege separation is now enabled by default.
- The server should now properly compile on Solaris with privsep.
- Charset conversions are properly made on directory names.
- Transfers now handle every kind of disconnection.
- More informative log messages for errors and activity reporting.
- Virtual quotas are way more reliable and uploads are interrupted as soon as
quotas are exceeded.
- Atomic uploads are only used when necessary and only if --notruncate is
enabled.
- Dangling .pureftpd-upload files should be a thing of past.
- Enhanced conformance with RFCs and better compatibility with FTP clients.
- Improved SSL performance, compatibility and commands support.
- By default, up to 10000 files per directory can be listed instead of 2000.
- ALLO can now tell clients whether an upload would blow quotas before the
upload actually starts.
- PAM is now enabled by default on OSX.
- Switch euid to the _pure-ftpd account (unless it's nonexistent) in the
privsep process.
- --without-banner is not necessary any more. Having a cookie file
(--fortunefile=...) automatically disables the default banner, thus allowing
full customization of the welcome banner.
- ./configure --localstatedir is now honored in order to change the
run-time directory.
- Support for building a FTPS (implicit SSL/TLS) server, using
--with-implicittls
* Version 1.0.22:
- the LDAP authentication backend now supports TLS encryption.
- TLS encryption is supported on data channels.
- downloads require way less CPU time on platforms with slow mmap() calls.
- MySQL 5+ stored procedures can now be used in the authentication process.
- time zones issues should be fixed for good.
- on-demand directories can now be created with any set of permissions.
- password scrambling of MySQL 5+ is now supported.
- a catalan translation has been contributed.
- spurious disconnections due to some clients keepalive tricks have
been fixed.
- custom authentication handlers are now informed about the encryption
status of the session.
- standard-conformance and compatibility with several clients have improved.
- large files are now supported by default.
- enhanced support for Solaris.
- a bunch of bug fixes, optimizations and compatibility with newer
libraries and operating system versions.
- "ftp" and "anonymous" user names can have passwords if the -E switch (no
anonymous logins) is specified.
- in compatibility mode, non-dangling symbolic links are now displayed as
if they were regular files/directories.
- --with-everything now includes privsep.
support, from unex@linija.org via PR pkg/32901.
Changes:
* When SHA1HANDSOFF is defined, we shouldn't cast a pointer to a large union to
a char buffer, because of alignment required by some architectures.
* WITH_THROTTLING should actually be THROTTLING in src/log_extauth.c . It fixes
throttling with extauth. Reported and fixed by Marcus Merighi <mcmer@tor.at>
through Brad our beloved OpenBSD maintainer.
* Rendezvous has been renamed Bonjour.
* A double-close in the CHMOD command has been fixed.
* The old PAM sample has been removed.
* -F option added to pure-pw.
* MAX_USER_LENGTH has been bumped to 127 due to popular demand.
* pam/* can now be used if security/* doesn't exist. Fixes PAM detection on
MacOS X.
* Call tzset() in chrooted apps in order to get correct time zones in syslog
messages.
* simplify() simplifies paths ending by /. and /..
* MySQL's hash_password() needs 3 arguments since mySQL 4.1.
* Experimental support for RFC2640 (UTF-8 filename encoding) has been added,
derived from code by Jui-Nan Lin ===> added as "utf8" pkgsrc option.
* The LDAP schema has been changed: FTPStatus should be a boolean.
* New switch: -p (--pidfile=) for pure-authd and pure-uploadscript, by Old
Sparky.
* By popular request, even non-chrooted users are now denied access if their
home directory is not mounted.
* If die() is called during a TLS-enabled session, encrypt the death message.
Contributed by Cynix.
* Don't wrongly abort transfer during file upload. Fix by Patrick Gosling.
* WITH_LARGE_FILES is now defined by default.
* sendfile64() support on Linux.
* privsep and main processes were swapped out so that pure-ftpwho displays the
right pid.
* OPTS MLST has been implemented.
* SITE UTIME has been implemented.
* TCP_CORK is on by default again. A new configure switch, --without-cork, can
disable it.
* Correctly format %c and %% in fakesprintf().
* The connection socket is now created with the Nagle algorithm disabled. It
was the trick to dramatically improve performance when transfering a lot of
small files.
* Updated getopt_long() and realpath() substitutes.
* Allow logging to named pipes (thanks to Steve Marple).
* Use CLIENT_MULTI_STATEMENTS while connecting to a MySQL server.
* Documentation updates.
* MySQL errors are now logged.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
pkgsrc changes:
o move to bsd.options.mk framework
o add ldap options
package changes:
o On MacOS X Panther and Tiger, clients were sometimes rejected when they
has no reverse DNS entry and DNS resolution was enabled. This has been
fixed. Thanks to Yann Thomas Gerard <inside@parasiterecords.com> .
o The command-line parser was broken on FreeBSD and Solaris in version
1.0.19. This has also been fixed.
