From 582bd33c2881ceb2a4be3cf4fadec7fde6480492 Mon Sep 17 00:00:00 2001 From: Markham Date: Sun, 29 May 2022 23:05:09 +0200 Subject: [PATCH] bump version vsftpd-3.0.5 --- ...sftp-Prevent-hang-in-SIGCHLD-handler.patch | 87 +++++++++ archive-patches/vsftp-fix-CVE-2015-1419.patch | 102 +++++++++++ archive-patches/vsftp-utmpx-builddef.patch | 49 +++++ archive-patches/vsftpd-3.0.3.patch | 169 ------------------ .../vsftpd-disable-capabilities.patch | 12 -- archive-patches/vsftpd-fixchroot.patch | 40 ----- .../vsftpd-login-blank-password.patch | 21 --- archive-patches/vsftpd-new.conf | 3 + make/applications.mk | 8 +- make/libraries.mk | 2 +- make/versions.mk | 2 +- 11 files changed, 247 insertions(+), 248 deletions(-) create mode 100644 archive-patches/vsftp-Prevent-hang-in-SIGCHLD-handler.patch create mode 100644 archive-patches/vsftp-fix-CVE-2015-1419.patch create mode 100644 archive-patches/vsftp-utmpx-builddef.patch delete mode 100644 archive-patches/vsftpd-3.0.3.patch delete mode 100644 archive-patches/vsftpd-disable-capabilities.patch delete mode 100644 archive-patches/vsftpd-fixchroot.patch delete mode 100644 archive-patches/vsftpd-login-blank-password.patch diff --git a/archive-patches/vsftp-Prevent-hang-in-SIGCHLD-handler.patch b/archive-patches/vsftp-Prevent-hang-in-SIGCHLD-handler.patch new file mode 100644 index 0000000..6056193 --- /dev/null +++ b/archive-patches/vsftp-Prevent-hang-in-SIGCHLD-handler.patch @@ -0,0 +1,87 @@ +From 1e65a0a15f819b8bf1b551bd84f71d0da1f5a00c Mon Sep 17 00:00:00 2001 +From: Martin Sehnoutka +Date: Thu, 17 Nov 2016 13:02:27 +0100 +Subject: [PATCH] Prevent hanging in SIGCHLD handler. + +vsftpd can now handle pam_exec.so in pam.d config without hanging +in SIGCHLD handler. + +[Abdelmalek: +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1198259 +Fetched from: +https://src.fedoraproject.org/cgit/rpms/vsftpd.git/plain/0026-Prevent-hanging-in-SIGCHLD-handler.patch] +Signed-off-by: Abdelmalek Benelouezzane +--- + sysutil.c | 4 ++-- + sysutil.h | 2 +- + twoprocess.c | 13 +++++++++++-- + 3 files changed, 14 insertions(+), 5 deletions(-) + +diff --git a/sysutil.c b/sysutil.c +index 6d7cb3f..099748f 100644 +--- a/sysutil.c ++++ b/sysutil.c +@@ -592,13 +592,13 @@ vsf_sysutil_exit(int exit_code) + } + + struct vsf_sysutil_wait_retval +-vsf_sysutil_wait(void) ++vsf_sysutil_wait(int hang) + { + struct vsf_sysutil_wait_retval retval; + vsf_sysutil_memclr(&retval, sizeof(retval)); + while (1) + { +- int sys_ret = wait(&retval.exit_status); ++ int sys_ret = waitpid(-1, &retval.exit_status, hang ? 0 : WNOHANG); + if (sys_ret < 0 && errno == EINTR) + { + vsf_sysutil_check_pending_actions(kVSFSysUtilUnknown, 0, 0); +diff --git a/sysutil.h b/sysutil.h +index c145bdf..13153cd 100644 +--- a/sysutil.h ++++ b/sysutil.h +@@ -175,7 +175,7 @@ struct vsf_sysutil_wait_retval + int PRIVATE_HANDS_OFF_syscall_retval; + int PRIVATE_HANDS_OFF_exit_status; + }; +-struct vsf_sysutil_wait_retval vsf_sysutil_wait(void); ++struct vsf_sysutil_wait_retval vsf_sysutil_wait(int hang); + int vsf_sysutil_wait_reap_one(void); + int vsf_sysutil_wait_get_retval( + const struct vsf_sysutil_wait_retval* p_waitret); +diff --git a/twoprocess.c b/twoprocess.c +index 33d84dc..b1891e7 100644 +--- a/twoprocess.c ++++ b/twoprocess.c +@@ -47,8 +47,17 @@ static void + handle_sigchld(void* duff) + { + +- struct vsf_sysutil_wait_retval wait_retval = vsf_sysutil_wait(); ++ struct vsf_sysutil_wait_retval wait_retval = vsf_sysutil_wait(0); + (void) duff; ++ if (!vsf_sysutil_wait_get_exitcode(&wait_retval) && ++ !vsf_sysutil_wait_get_retval(&wait_retval)) ++ /* There was nobody to wait for, possibly caused by underlying library ++ * which created a new process through fork()/vfork() and already picked ++ * it up, e.g. by pam_exec.so or integrity check routines for libraries ++ * when FIPS mode is on (nss freebl), which can lead to calling prelink ++ * if the prelink package is installed. ++ */ ++ return; + /* Child died, so we'll do the same! Report it as an error unless the child + * exited normally with zero exit code + */ +@@ -390,7 +399,7 @@ common_do_login(struct vsf_session* p_sess, const struct mystr* p_user_str, + priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK); + if (!p_sess->control_use_ssl) + { +- (void) vsf_sysutil_wait(); ++ (void) vsf_sysutil_wait(1); + } + else + { +-- +2.14.4 + diff --git a/archive-patches/vsftp-fix-CVE-2015-1419.patch b/archive-patches/vsftp-fix-CVE-2015-1419.patch new file mode 100644 index 0000000..657af28 --- /dev/null +++ b/archive-patches/vsftp-fix-CVE-2015-1419.patch @@ -0,0 +1,102 @@ +Fix CVE-2015-1419 - config option deny_file is not handled correctly. +From SUSE: https://bugzilla.suse.com/show_bug.cgi?id=915522 + +Signed-off-by: Gustavo Zacarias + +Index: vsftpd-3.0.2/ls.c +=================================================================== +--- vsftpd-3.0.2.orig/ls.c ++++ vsftpd-3.0.2/ls.c +@@ -7,6 +7,7 @@ + * Would you believe, code to handle directory listing. + */ + ++#include + #include "ls.h" + #include "access.h" + #include "defs.h" +@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct + struct mystr temp_str = INIT_MYSTR; + struct mystr brace_list_str = INIT_MYSTR; + struct mystr new_filter_str = INIT_MYSTR; ++ struct mystr normalize_filename_str = INIT_MYSTR; ++ const char *normname; ++ const char *path; + int ret = 0; + char last_token = 0; + int must_match_at_current_pos = 1; ++ + str_copy(&filter_remain_str, p_filter_str); +- str_copy(&name_remain_str, p_filename_str); ++ ++ /* normalize filepath */ ++ path = str_strdup(p_filename_str); ++ normname = realpath(path, NULL); ++ if (normname == NULL) ++ goto out; ++ str_alloc_text(&normalize_filename_str, normname); ++ ++ if (!str_isempty (&filter_remain_str) && !str_isempty(&normalize_filename_str)) { ++ if (str_get_char_at(p_filter_str, 0) == '/') { ++ if (str_get_char_at(&normalize_filename_str, 0) != '/') { ++ str_getcwd (&name_remain_str); ++ ++ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */ ++ str_append_char (&name_remain_str, '/'); ++ ++ str_append_str (&name_remain_str, &normalize_filename_str); ++ } ++ else ++ str_copy (&name_remain_str, &normalize_filename_str); ++ } else { ++ if (str_get_char_at(p_filter_str, 0) != '{') ++ str_basename (&name_remain_str, &normalize_filename_str); ++ else ++ str_copy (&name_remain_str, &normalize_filename_str); ++ } ++ } else ++ str_copy(&name_remain_str, &normalize_filename_str); + + while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX) + { +@@ -360,6 +392,9 @@ vsf_filename_passes_filter(const struct + ret = 0; + } + out: ++ free(normname); ++ free(path); ++ str_free(&normalize_filename_str); + str_free(&filter_remain_str); + str_free(&name_remain_str); + str_free(&temp_str); +Index: vsftpd-3.0.2/str.c +=================================================================== +--- vsftpd-3.0.2.orig/str.c ++++ vsftpd-3.0.2/str.c +@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_ + } + } + ++void ++str_basename (struct mystr* d_str, const struct mystr* path) ++{ ++ static struct mystr tmp; ++ ++ str_copy (&tmp, path); ++ str_split_char_reverse(&tmp, d_str, '/'); ++ ++ if (str_isempty(d_str)) ++ str_copy (d_str, path); ++} +Index: vsftpd-3.0.2/str.h +=================================================================== +--- vsftpd-3.0.2.orig/str.h ++++ vsftpd-3.0.2/str.h +@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst + int str_atoi(const struct mystr* p_str); + filesize_t str_a_to_filesize_t(const struct mystr* p_str); + unsigned int str_octal_to_uint(const struct mystr* p_str); ++void str_basename (struct mystr* d_str, const struct mystr* path); + + /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string + * buffer, starting at character position 'p_pos'. The extracted line will diff --git a/archive-patches/vsftp-utmpx-builddef.patch b/archive-patches/vsftp-utmpx-builddef.patch new file mode 100644 index 0000000..07bf13c --- /dev/null +++ b/archive-patches/vsftp-utmpx-builddef.patch @@ -0,0 +1,49 @@ +Add build option to disable utmpx update code + +On some embedded systems the libc may have utmpx support, but the +feature would be redundant. So add a build switch to disable utmpx +updating, similar to compiling on systems without utmpx support. + +Signed-off-by: Maarten ter Huurne + +diff -ru vsftpd-3.0.2.orig/builddefs.h vsftpd-3.0.2/builddefs.h +--- vsftpd-3.0.2.orig/builddefs.h 2012-04-05 05:24:56.000000000 +0200 ++++ vsftpd-3.0.2/builddefs.h 2014-09-16 14:23:36.128003245 +0200 +@@ -4,6 +4,7 @@ + #undef VSF_BUILD_TCPWRAPPERS + #define VSF_BUILD_PAM + #undef VSF_BUILD_SSL ++#define VSF_BUILD_UTMPX + + #endif /* VSF_BUILDDEFS_H */ + +diff -ru vsftpd-3.0.2.orig/sysdeputil.c vsftpd-3.0.2/sysdeputil.c +--- vsftpd-3.0.2.orig/sysdeputil.c 2012-09-16 06:18:04.000000000 +0200 ++++ vsftpd-3.0.2/sysdeputil.c 2014-09-16 14:26:42.686887724 +0200 +@@ -1158,7 +1158,7 @@ + + #endif /* !VSF_SYSDEP_NEED_OLD_FD_PASSING */ + +-#ifndef VSF_SYSDEP_HAVE_UTMPX ++#if !defined(VSF_BUILD_UTMPX) || !defined(VSF_SYSDEP_HAVE_UTMPX) + + void + vsf_insert_uwtmp(const struct mystr* p_user_str, +@@ -1173,7 +1173,7 @@ + { + } + +-#else /* !VSF_SYSDEP_HAVE_UTMPX */ ++#else /* !VSF_BUILD_UTMPX || !VSF_SYSDEP_HAVE_UTMPX */ + + /* IMHO, the pam_unix module REALLY should be doing this in its SM component */ + /* Statics */ +@@ -1238,7 +1238,7 @@ + updwtmpx(WTMPX_FILE, &s_utent); + } + +-#endif /* !VSF_SYSDEP_HAVE_UTMPX */ ++#endif /* !VSF_BUILD_UTMPX || !VSF_SYSDEP_HAVE_UTMPX */ + + void + vsf_set_die_if_parent_dies() diff --git a/archive-patches/vsftpd-3.0.3.patch b/archive-patches/vsftpd-3.0.3.patch deleted file mode 100644 index f1c5609..0000000 --- a/archive-patches/vsftpd-3.0.3.patch +++ /dev/null @@ -1,169 +0,0 @@ ---- vsftpd-3.0.0-org/parseconf.c -+++ vsftpd-3.0.0/parseconf.c -@@ -227,7 +227,6 @@ - * race conditions. - */ - if (vsf_sysutil_retval_is_error(retval) || -- vsf_sysutil_statbuf_get_uid(p_statbuf) != vsf_sysutil_getuid() || - !vsf_sysutil_statbuf_is_regfile(p_statbuf)) - { - die("config file not owned by correct user, or not a file"); ---- vsftpd-3.0.2-org/secutil.c -+++ vsftpd-3.0.2/secutil.c -@@ -132,13 +132,13 @@ - /* Misconfiguration check: don't ever chroot() to a directory writable by - * the current user. - */ -- if ((options & VSF_SECUTIL_OPTION_CHROOT) && -+/* if ((options & VSF_SECUTIL_OPTION_CHROOT) && - !(options & VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT)) - { - if (vsf_sysutil_write_access("/")) - { - die("vsftpd: refusing to run with writable root inside chroot()"); - } -- } -+ } */ - } - ---- vsftpd.orig/str.c -+++ vsftpd/str.c -@@ -104,6 +104,18 @@ - return vsf_sysutil_strdup(str_getbuf(p_str)); - } - -+const char* -+str_strdup_trimmed(const struct mystr* p_str) -+{ -+ const char* p_trimmed = str_getbuf(p_str); -+ int h, t, newlen; -+ -+ for (h = 0; h < (int)str_getlen(p_str) && vsf_sysutil_isspace(p_trimmed[h]); h++) ; -+ for (t = str_getlen(p_str) - 1; t >= 0 && vsf_sysutil_isspace(p_trimmed[t]); t--) ; -+ newlen = t - h + 1; -+ return newlen ? vsf_sysutil_strndup(p_trimmed+h, (unsigned int)newlen) : 0L; -+} -+ - void - str_alloc_alt_term(struct mystr* p_str, const char* p_src, char term) - { ---- vsftpd.orig/str.h -+++ vsftpd/str.h -@@ -31,6 +31,7 @@ - void str_alloc_filesize_t(struct mystr* p_str, filesize_t the_filesize); - void str_copy(struct mystr* p_dest, const struct mystr* p_src); - const char* str_strdup(const struct mystr* p_str); -+const char* str_strdup_trimmed(const struct mystr* p_str); - void str_empty(struct mystr* p_str); - void str_free(struct mystr* p_str); - void str_trunc(struct mystr* p_str, unsigned int trunc_len); ---- vsftpd.orig/sysutil.c 2009-10-02 14:15:18.000000000 +0200 -+++ vsftpd/sysutil.c 2009-10-18 11:28:31.000000000 +0200 -@@ -1035,6 +1035,18 @@ - return strdup(p_str); - } - -+char* -+vsf_sysutil_strndup(const char* p_str, unsigned int p_len) -+{ -+ char *new = (char *)malloc(p_len+1); -+ -+ if (new == NULL) -+ return NULL; -+ -+ new[p_len]='\0'; -+ return (char *)memcpy(new, p_str, p_len); -+} -+ - void - vsf_sysutil_memclr(void* p_dest, unsigned int size) - { ---- vsftpd.orig/sysutil.h -+++ vsftpd/sysutil.h -@@ -186,6 +186,7 @@ - /* Various string functions */ - unsigned int vsf_sysutil_strlen(const char* p_text); - char* vsf_sysutil_strdup(const char* p_str); -+char* vsf_sysutil_strndup(const char* p_str, unsigned int p_len); - void vsf_sysutil_memclr(void* p_dest, unsigned int size); - void vsf_sysutil_memcpy(void* p_dest, const void* p_src, - const unsigned int size); ---- vsftpd.orig/ls.c 2009-10-02 14:15:18.000000000 +0200 -+++ vsftpd/ls.c 2009-10-18 11:48:29.000000000 +0200 -@@ -289,6 +289,25 @@ - { - goto out; - } -+ if (!must_match_at_current_pos) -+ { -+ struct mystr scan_fwd = INIT_MYSTR; -+ -+ str_mid_to_end(&name_remain_str, &scan_fwd, -+ indexx + str_getlen(&s_match_needed_str)); -+ /* We're allowed to be greedy, test if it match further along -+ * keep advancing indexx while we can still match. -+ */ -+ while( (locate_result = str_locate_str(&scan_fwd, &s_match_needed_str)), -+ locate_result.found ) -+ { -+ indexx += locate_result.index + str_getlen(&s_match_needed_str); -+ str_mid_to_end(&scan_fwd, &temp_str, -+ locate_result.index + str_getlen(&s_match_needed_str)); -+ str_copy(&scan_fwd, &temp_str); -+ } -+ str_free(&scan_fwd); -+ } - /* Chop matched string out of remainder */ - str_mid_to_end(&name_remain_str, &temp_str, - indexx + str_getlen(&s_match_needed_str)); ---- vsftpd.orig/features.c -+++ vsftpd/features.c -@@ -27,6 +27,10 @@ - vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n"); - } - } -+ if (tunable_utf8_filesystem) -+ { -+ vsf_cmdio_write_raw(p_sess, " UTF8\r\n"); -+ } - if (tunable_port_enable) - { - vsf_cmdio_write_raw(p_sess, " EPRT\r\n"); ---- vsftpd.orig/parseconf.c 2009-08-07 18:46:40.000000000 +0000 -+++ vsftpd/parseconf.c 2010-02-25 13:28:06.000000000 +0000 -@@ -28,6 +28,7 @@ - parseconf_bool_array[] = - { - { "anonymous_enable", &tunable_anonymous_enable }, -+ { "utf8_filesystem", &tunable_utf8_filesystem }, - { "local_enable", &tunable_local_enable }, - { "pasv_enable", &tunable_pasv_enable }, - { "port_enable", &tunable_port_enable }, ---- vsftpd.orig/tunables.c -+++ vsftpd/tunables.c -@@ -10,6 +10,7 @@ - - int tunable_anonymous_enable; - int tunable_local_enable; -+int tunable_utf8_filesystem; - int tunable_pasv_enable; - int tunable_port_enable; - int tunable_chroot_local_user; -@@ -150,6 +151,7 @@ - { - tunable_anonymous_enable = 1; - tunable_local_enable = 0; -+ tunable_utf8_filesystem = 0; - tunable_pasv_enable = 1; - tunable_port_enable = 1; - tunable_chroot_local_user = 0; ---- vsftpd.orig/tunables.h -+++ vsftpd/tunables.h -@@ -11,6 +11,7 @@ - /* Booleans */ - extern int tunable_anonymous_enable; /* Allow anon logins */ - extern int tunable_local_enable; /* Allow local logins */ -+extern int tunable_utf8_filesystem; /* Server uses UTF8 Filesystem */ - extern int tunable_pasv_enable; /* Allow PASV */ - extern int tunable_port_enable; /* Allow PORT */ - extern int tunable_chroot_local_user; /* Restrict local to home dir */ diff --git a/archive-patches/vsftpd-disable-capabilities.patch b/archive-patches/vsftpd-disable-capabilities.patch deleted file mode 100644 index 7aa6330..0000000 --- a/archive-patches/vsftpd-disable-capabilities.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -165,6 +165,9 @@ - #endif - /* END config */ - -+#undef VSF_SYSDEP_HAVE_CAPABILITIES -+#undef VSF_SYSDEP_HAVE_LIBCAP -+ - /* PAM support - we include our own dummy version if the system lacks this */ - #include - diff --git a/archive-patches/vsftpd-fixchroot.patch b/archive-patches/vsftpd-fixchroot.patch deleted file mode 100644 index 4214c45..0000000 --- a/archive-patches/vsftpd-fixchroot.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- a/twoprocess.c -+++ b/twoprocess.c -@@ -41,7 +41,8 @@ - struct mystr* p_chroot_str, - struct mystr* p_chdir_str, - const struct mystr* p_user_str, -- const struct mystr* p_orig_user_str); -+ const struct mystr* p_orig_user_str, -+ int do_chroot); - - static void - handle_sigchld(void* duff) -@@ -454,7 +455,7 @@ - secutil_option |= VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT; - } - calculate_chdir_dir(was_anon, &userdir_str, &chroot_str, &chdir_str, -- p_user_str, p_orig_user_str); -+ p_user_str, p_orig_user_str, do_chroot); - vsf_secutil_change_credentials(p_user_str, &userdir_str, &chroot_str, - 0, secutil_option); - if (!str_isempty(&chdir_str)) -@@ -522,7 +523,8 @@ - struct mystr* p_chroot_str, - struct mystr* p_chdir_str, - const struct mystr* p_user_str, -- const struct mystr* p_orig_user_str) -+ const struct mystr* p_orig_user_str, -+ int do_chroot) - { - if (!anon_login) - { -@@ -542,7 +544,7 @@ - { - str_alloc_text(p_chroot_str, tunable_anon_root); - } -- else if (!anon_login && tunable_local_root) -+ else if (!anon_login && tunable_local_root && !do_chroot) - { - str_alloc_text(p_chroot_str, tunable_local_root); - if (tunable_user_sub_token) diff --git a/archive-patches/vsftpd-login-blank-password.patch b/archive-patches/vsftpd-login-blank-password.patch deleted file mode 100644 index 27c84b7..0000000 --- a/archive-patches/vsftpd-login-blank-password.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/sysdeputil.c -+++ b/sysdeputil.c -@@ -270,6 +270,9 @@ - } - } - #endif -+ /* Blank entry = anyone can login. Now what was that "s" in vsftpd? */ -+ if (!p_pwd->pw_passwd || !(*p_pwd->pw_passwd)) -+ return 1; - #ifdef VSF_SYSDEP_HAVE_SHADOW - { - const struct spwd* p_spwd = getspnam(str_getbuf(p_user_str)); -@@ -287,6 +290,8 @@ - { - return 0; - } -+ if (!p_spwd->sp_pwdp || !(*p_spwd->sp_pwdp)) -+ return 1; /* blank = everything goes */ - p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp); - if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp)) - { diff --git a/archive-patches/vsftpd-new.conf b/archive-patches/vsftpd-new.conf index f4d4dce..df57ea3 100644 --- a/archive-patches/vsftpd-new.conf +++ b/archive-patches/vsftpd-new.conf @@ -4,6 +4,8 @@ connect_from_port_20=YES dirmessage_enable=YES hide_ids=YES local_enable=YES +local_root=/ +use_localtime=YES ls_recurse_enable=YES write_enable=YES xferlog_enable=NO @@ -13,3 +15,4 @@ vsftpd_log_file=/dev/null ftpd_banner="Enjoy the flavour" listen=YES background=YES +seccomp_sandbox=NO diff --git a/make/applications.mk b/make/applications.mk index 77ae47a..1cf9a31 100755 --- a/make/applications.mk +++ b/make/applications.mk @@ -221,10 +221,9 @@ $(D)/ntp: $(D)/openssl $(ARCHIVE)/ntp-$(NTP_VER).tar.gz | $(TARGETPREFIX) $(REMOVE)/ntp-$(NTP_VER) $(TOUCH) -VSFTPD_PATCH = vsftpd-3.0.3.patch -VSFTPD_PATCH += vsftpd-disable-capabilities.patch -VSFTPD_PATCH += vsftpd-fixchroot.patch -VSFTPD_PATCH += vsftpd-login-blank-password.patch +VSFTPD_PATCH = vsftp-utmpx-builddef.patch +VSFTPD_PATCH += vsftp-fix-CVE-2015-1419.patch +VSFTPD_PATCH += vsftp-Prevent-hang-in-SIGCHLD-handler.patch $(D)/vsftpd: $(ARCHIVE)/vsftpd-$(VSFTPD_VER).tar.gz | $(TARGETPREFIX) $(REMOVE)/vsftpd-$(VSFTPD_VER) @@ -242,6 +241,7 @@ $(D)/vsftpd: $(ARCHIVE)/vsftpd-$(VSFTPD_VER).tar.gz | $(TARGETPREFIX) $(REMOVE)/vsftpd-$(VSFTPD_VER) $(TOUCH) + $(D)/strace: $(ARCHIVE)/strace-4.6.tar.xz | $(TARGETPREFIX) $(START_BUILD) $(UNTAR)/strace-4.6.tar.xz diff --git a/make/libraries.mk b/make/libraries.mk index 0992e05..ca18eb5 100755 --- a/make/libraries.mk +++ b/make/libraries.mk @@ -442,7 +442,7 @@ $(D)/giflib: $(ARCHIVE)/giflib-$(GIFLIB_VER).tar.gz | $(TARGETPREFIX) $(TOUCH) OPENSSL_ASYNC = -ifeq ($(BOXSERIES), (filter $(BOXMODEL), hd2)) +ifeq ($(BOXSERIES), hd2) OPENSSL_ASYNC = no-async endif OPENSSL_COMPATIBILITY_VERSIONS = 0.9.7 0.9.8 1.0.0 1.0.2 1.1.0 diff --git a/make/versions.mk b/make/versions.mk index 0da4b71..44b8758 100644 --- a/make/versions.mk +++ b/make/versions.mk @@ -276,7 +276,7 @@ UTIL_LINUX_MINOR = 2 UTIL_LINUX_VER = $(UTIL_LINUX_MAJOR).$(UTIL_LINUX_MINOR) # Very secure ftp-Server -VSFTPD_VER = 3.0.3 +VSFTPD_VER = 3.0.5 # GNU Wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols WGET_VER = 1.19.2 -- 2.39.5