Differences from previous 20100324 version:
Mon Mar 25 03:51:20 UTC 2013 lukem
* Fix incorrect use of test(1) in configure.
Fri Mar 22 09:00:00 UTC 2013 lukem
* Release as "tnftpd 20130322"
* Update build framekwork to autoconf 2.69, automake 1.11.1,
libtool 2.4.2.
* Replace glob with newer copy from NetBSD that does not suffer
from DoS exhaustion attacks.
Fix in NetBSD from Maksymilian Arciemowicz. See CVE-2010-2632
* Update to NetBSD-ftpd 20130321:
* Fix warnings and build issues
* Fix memcpy usage
* Fix remote crash (fix was already pulled up manually to
tnftpd 20100324). PR/43023 from Bruce Cran.
* Reduce priority of syslog message if getpeername returns
ENOTCONN. PR/18934 from Greg A Woods.
pkgsrc changes - use pkgsrc libtool and add LICENSE
* Security fixes for fts in the internal ls.
Received from OpenBSD via US-CERT as VU #590371.
* Portability improvements.
* Add support for Tru64 Security Integration Architecture (SIA) authentication.
* Fix shadow password expiry check for users with large sp_max values.
* Don't split large commands into multiple commands; just fail on them.
This prevents cross-site request forgery (CSRF)-like attacks,
when a web browser is used to access an ftp server.
* Enhance -C to support an optional @host ('-C user[@host]'):
checks whether user as connecting from host would be granted
access by ftpusers(5).
* Support IPv6 in the host directive of ftpusers(5).
* Implement -n to disable hostname lookups.
* Disable SOCKS support; I don't have the ability to test it,
and the autoconf checks were very out of date.
* Add configure --with-pam to enable PAM authentication support.
Defaults to checking for PAM.
* Add configure --with-skey to enable S/Key authentication support.
Incompatible with --with-pam, defaults to no.
* Fix pathnames in the installed manual pages to contain
the appropriate $(prefix) substitution.
* Use fcntl(3) locking instead of flock(3) or lockf(3).
* Various other portability improvements.
requested by <martin>
Changes:
20061217:
=========
- Portability fix: provide a replacement daemon(3) if necessary.
20061204:
=========
- Fix buffer overflow in local version of glob(3). (already fixed in pkgsrc)
- Implement -D to run as a stand-alone daemon.
- Add ftpd.conf(5) options:
hidesymlinks
recvbufsize
- Enforce account expiration, and support shadow password aging where
appropriate.
- Return 450 instead of 550 upon NLST error.
- Portability fixes and improvements.
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
(will be included in the next release) and make the package honour
PKG_SYSCONFDIR.
use CONF_FILES to install the sample configuration ftpd.conf and
ftpusers.
bump PKGREVISION, as the default configuration file location has
changed to ${PKG_SYSCONFDIR}. set PKG_SYSCONFDIR.tnftpd=/etc to get
the previous behaviour.
* Improved portability to Tru64, IRIX, and other LP64 platforms.
(Inbuilt ls works on IRIX now. Thanks to Onno van der Linden
for highlighting the underlying issue!)
* License updates on third party code.
* Update fts(3) code to include fix for possible race condition.