diff --git a/net/vsftpd/Makefile b/net/vsftpd/Makefile index fdd045e29..696ad3602 100644 --- a/net/vsftpd/Makefile +++ b/net/vsftpd/Makefile @@ -9,15 +9,17 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vsftpd PKG_VERSION:=3.0.3 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://security.appspot.com/downloads/ PKG_HASH:=9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7 -PKG_LICENSE:=GPLv2 - PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) +PKG_MAINTAINER:=Cezary Jackiewicz +PKG_LICENSE:=GPLv2 +PKG_CPE_ID:=cpe:/a:beasts:vsftpd + include $(INCLUDE_DIR)/package.mk define Package/vsftpd/Default @@ -26,7 +28,6 @@ define Package/vsftpd/Default CATEGORY:=Network TITLE:=Fast and secure FTP server URL:=https://security.appspot.com/vsftpd.html - MAINTAINER:=Cezary Jackiewicz endef diff --git a/net/vsftpd/patches/010-openssl-deprecated.patch b/net/vsftpd/patches/010-openssl-deprecated.patch new file mode 100644 index 000000000..bbbfbe8e7 --- /dev/null +++ b/net/vsftpd/patches/010-openssl-deprecated.patch @@ -0,0 +1,66 @@ +From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001 +From: Rosen Penev +Date: Fri, 23 Nov 2018 18:03:32 -0800 +Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support + +Signed-off-by: Rosen Penev +--- + ssl.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/ssl.c b/ssl.c +index c362983..845f77b 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -28,6 +28,9 @@ + #include + #include + #include ++#ifndef OPENSSL_NO_EC ++#include ++#endif + #include + #include + +@@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess) + SSL_CTX* p_ctx; + long options; + int verify_option = 0; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); + p_ctx = SSL_CTX_new(SSLv23_server_method()); ++#else ++ p_ctx = SSL_CTX_new(TLS_server_method()); ++#endif + if (p_ctx == NULL) + { + die("SSL: could not allocate SSL context"); +@@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess) + { + die("SSL: RNG is not seeded"); + } ++#ifndef OPENSSL_NO_EC + { + EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + if (key == NULL) +@@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess) + SSL_CTX_set_tmp_ecdh(p_ctx, key); + EC_KEY_free(key); + } ++#endif + if (tunable_ssl_request_cert) + { + verify_option |= SSL_VERIFY_PEER; +@@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str) + static char* + get_ssl_error() + { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_load_error_strings(); ++#endif + return ERR_error_string(ERR_get_error(), NULL); + } + +-- +2.19.1 +