I just noticed this version has been released. A very important fix presented in this version is the proper handling of SSL/TLS session shutdowns on data connections. This issue was causing problems for users of recent FileZilla versions which insisted on proper SSL/TLS session shutdowns. I've tried to just rename a previous ebuild, but it didn't work. Reproducible: Always
Please add this security bug which exist in 1.3.2_rc2: http://secunia.com/Advisories/31930/ http://bugs.proftpd.org/show_bug.cgi?id=3115
I think I have this all working, the security patch included. Basically I looked at some related bugs, checked the proftpd docs and put it all together. I will attach it all here for more to test. When this one is fixed it could also close #221275 #212763 #234003
Created attachment 167914 [details] proftpd-1.3.2_rc2.ebuild ebuild based on an ebuild from #219404 including a fix for the libtool 2.2 problem. Removed the bug218850 patch as no longer apply and doesn't seem to be needed (no compile problems at least). Also removed the faulty assumption that mysql and postgres can't both be compiled in and also added support for sqlite3 (not tested yet). the new patches will be attached separately.
Created attachment 167916 [details, diff] Cross-site request forgery patch 1 Cross-site request forgery patch, 1 of 2, for proftpd-1.3.2_rc2.ebuild
Created attachment 167918 [details, diff] Cross-site request forgery patch 2 Cross-site request forgery patch, 2 of 2, for proftpd-1.3.2_rc2.ebuild
could you please save the file with UNIX line endings next time and not with DOS ones? portage doesn't seem to like that :)
*** Bug 242306 has been marked as a duplicate of this bug. ***
I bumped to _rc2 including the patch for security reasons (bug 238762), but as I'm not the maintainer and I did not want to break anything, I didn't use your (probably) way better ebuild. As such, I'll rename this bug and leave it open.
(In reply to comment #3) > Created an attachment (id=167914) [edit] > proftpd-1.3.2_rc2.ebuild > > ebuild based on an ebuild from #219404 including a fix for the libtool 2.2 > problem. =proftpd-1.3.1-r1 and =proftpd-1.3.2_rc2-r2 should work flawlessly with regards to libtool-2.2. I took your fix as a base and replaced it by a version which does not hardcode the line number. Thanks.
Ops! Sorry about the dos line endings, apparently did this from my win box months back. However, now I have problem to get this babe to compile again, it complains about something with the mod_rewrite code. x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -I/usr/include/mysql -march=nocona -O2 -pipe -DHAVE_OPENSSL -Wall -c mod_rewrite.c In function 'open', inlined from 'rewrite_subst_maps_fifo' at mod_rewrite.c:907, inlined from 'rewrite_subst_maps' at mod_rewrite.c:836, inlined from 'rewrite_subst' at mod_rewrite.c:736: /usr/include/bits/fcntl2.h:51: error: call to '__open_missing_mode' declared with attribute error: open with O_CREAT in second argument needs 3 arguments make[1]: *** [mod_rewrite.o] Error 1 make[1]: Leaving directory `/var/tmp/portage/net-ftp/proftpd-1.3.2_rc2-r2/work/proftpd-1.3.2rc2/modules' make: *** [modules] Error 2 * * ERROR: net-ftp/proftpd-1.3.2_rc2-r2 failed. * Call stack: * ebuild.sh, line 49: Called src_compile * environment, line 2988: Called die Ok to run this here or should I open a new bug?
As for this bugreport, 1.3.2-r1 is in portage and allows multiple SQL backends. Upstream bug 3115 was fixed in 1.3.2_rc3, so it's also included. So it looks like all improvements from here are included, thanks! As for your compilation failure, please try with 1.3.2 and indeed open a new bug if you still have the problem
