Commit Graph

22 Commits

Author SHA1 Message Date
Simon L. B. Nielsen
8978d9e7ef Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
2009-01-07 20:17:55 +00:00
David E. O'Brien
67f52b8478 Pull vendor file to HEAD. 2006-08-31 17:11:46 +00:00
David E. O'Brien
c731f591cc Merge in OPIE support, and MAC support.
Our PAM and LOGIN_CAP support is now in the stock sources.
2006-08-31 17:08:21 +00:00
David E. O'Brien
0b2314893a This commit was generated by cvs2svn to compensate for changes in r161764,
which included commits to RCS files with non-trunk default branches.
2006-08-31 16:55:08 +00:00
David E. O'Brien
a5a1d5d318 Import of LukeM's ftpd taken from the NetBSD CVS repo on 31-Aug-2006.
+ Add PAM and LOGIN_CAP support. Mostly from FreeBSD.
+ Implement option "-D", for running ftpd in standalone mode (daemon).
+ NLST should return 450 instead of 550 upon error, per RFC 959.
+ Add recvbufsize configuration option
+ Remove unreachable code (res could never be NULL here), Coverity CID 712.
+ Set file to NULL after calling fclose(), Coverity CID 2669.
+ Make sure that "su" is initialized before dereferencing it, Coverity CID 1075.
+ Cleanup utmp and utmpx support.
2006-08-31 16:55:08 +00:00
David E. O'Brien
abbf5f5f8f NetBSD has updated their groff to a version that handles .Nm the same
way ours does.  So use the vendor files now.
2004-08-18 06:41:13 +00:00
David E. O'Brien
5bf06d869f Merge rev 1.2 (OPIE, login user capabilities database, PAM) support
into 'nbsd_20040809'.
2004-08-18 06:34:20 +00:00
David E. O'Brien
3a802515c6 Import of LukeM's ftpd taken from the NetBSD CVS repo on 9-Aug-2004.
This closes the remotely exploitable vulnerability documented at
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc
http://www.vuxml.org/freebsd/c4b025bb-f05d-11d8-9837-000c41e2cdad.html
2004-08-18 06:29:48 +00:00
David E. O'Brien
07539dd5d7 This commit was generated by cvs2svn to compensate for changes in r133936,
which included commits to RCS files with non-trunk default branches.
2004-08-18 06:29:48 +00:00
David E. O'Brien
b06b4b9181 Merge our rev 1.2 PAM support into 'nbsd_20030122'. 2003-02-02 21:03:28 +00:00
David E. O'Brien
fc25b5d977 Import of LukeM's ftpd taken from the NetBSD CVS repo on 22-Jan-2003.
This includes the DoS fix of rev 1.133 libexec/ftpd/ftpd.c.
2003-02-02 20:58:44 +00:00
David E. O'Brien
2b0ee2c16b This commit was generated by cvs2svn to compensate for changes in r110242,
which included commits to RCS files with non-trunk default branches.
2003-02-02 20:58:44 +00:00
David E. O'Brien
259ebc0c95 Add support for OPIE and PAM.
Submitted by:	mikeh (reworked by me)
2003-01-07 17:31:23 +00:00
David E. O'Brien
750bd71121 NetBSD files needed to build LukeM's ftpd src as taken from the NetBSD CVS repo.
The "portable" release of this is just lagging way too far behind
what is in NetBSD's base.
2003-01-06 02:26:00 +00:00
David E. O'Brien
94ded79a43 This commit was generated by cvs2svn to compensate for changes in r108760,
which included commits to RCS files with non-trunk default branches.
2003-01-06 02:26:00 +00:00
David E. O'Brien
7832db1b05 Merge our .Nm changes into the nbsd_20030105 import. 2003-01-06 00:20:26 +00:00
David E. O'Brien
33bc027019 Import of LukeM's ftpd taken from the NetBSD CVS repo on 5-Jan-2003.
The "portable" release of this is just lagging way too far behind
what is in NetBSD's base.
2003-01-06 00:06:49 +00:00
David E. O'Brien
d76fabf464 This commit was generated by cvs2svn to compensate for changes in r108746,
which included commits to RCS files with non-trunk default branches.
2003-01-06 00:06:49 +00:00
Giorgos Keramidas
21fd5cbc92 NetBSD manpages use .Nm "" to typeset the `name' of the manpage, but
this doesn't work quite right with our groff.  They have an older
groff version in the base system, but no real plans to update both
groff and manpages.  Fix the .Nm usage locally in our manpages.

PR:		docs/41972
Submitted by:	Yoshiteru Kageyama <yt-kage@cb3.so-net.ne.jp>
Discussed with: ru and obrien
2002-12-14 23:45:54 +00:00
David E. O'Brien
3d982f73f3 Import of LukeM's ftpd version 1.2 Beta 2. 2002-11-12 06:42:39 +00:00
David E. O'Brien
4ac46041bb Import of LukeM's ftpd version 1.2 Beta 1. 2002-03-14 19:25:32 +00:00
David E. O'Brien
299281efb0 Import of LukeM's ftpd version 1.1. 2001-07-19 16:25:08 +00:00