diff options
author | mrxx | 2019-01-28 13:07:26 +0100 |
---|---|---|
committer | mrxx | 2019-01-28 13:07:26 +0100 |
commit | ba071814e7f9b4bf8b14dfd4f09b34de6107babc (patch) | |
tree | 170e317b2bf58fdfb79baeef2ae56472b601e0c0 | |
parent | bc47a819c74dad3d0eb2b094c6283cb8f8ed1e1f (diff) | |
download | aur-ba071814e7f9b4bf8b14dfd4f09b34de6107babc.tar.gz |
Include TLS 1.3 patch, set upstream url to https, update dependency
-rw-r--r-- | .SRCINFO | 12 | ||||
-rw-r--r-- | PKGBUILD | 17 | ||||
-rw-r--r-- | tls1_3.patch | 43 |
3 files changed, 61 insertions, 11 deletions
@@ -1,27 +1,27 @@ -# Generated by mksrcinfo v8 -# Sat Nov 4 23:28:43 UTC 2017 pkgbase = pure-ftpd pkgdesc = A secure, production-quality and standard-conformant FTP server, focused on efficiency and ease of use. pkgver = 1.0.47 - pkgrel = 2 - url = http://www.pureftpd.org/ + pkgrel = 3 + url = https://www.pureftpd.org/ install = pure-ftpd.install arch = i686 arch = x86_64 license = custom depends = openssl - depends = libmariadbclient + depends = mariadb-libs conflicts = pure-ftpd-db backup = etc/pure-ftpd/pure-ftpd.conf - source = http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.47.tar.bz2 + source = https://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.47.tar.bz2 source = pure-ftpd.service source = pure-ftpd.logrotate source = welcome.msg + source = tls1_3.patch source = pure-ftpd.install md5sums = a41fa531c0d21bd3416dd524d75495ae md5sums = 0d0845e17607ffb212eae0112c58e9ff md5sums = 37a45c88a0f038de37b4a87c6c447534 md5sums = 7e91835f7e7975bd0536648fc99e5a22 + md5sums = 85799b3cce0ca37b035269fef6939c2b md5sums = c80cbd3ae1f9915f686f84149f6293e5 pkgname = pure-ftpd @@ -1,6 +1,6 @@ # Maintainer: mrxx <mrxx at cyberhome dot at> +# Contributor: kleph <kleph at kleph dot info> # Contributor: spapanik21 -# Contributor: kleph # Contributor: fila pruda.com # Contributor: tuxce <tuxce.net@gmail.com> # Contributor: Tom Newsom <Jeepster@gmx.co.uk> @@ -9,27 +9,34 @@ pkgname=pure-ftpd pkgver=1.0.47 -pkgrel=2 +pkgrel=3 pkgdesc="A secure, production-quality and standard-conformant FTP server, focused on efficiency and ease of use." arch=('i686' 'x86_64') -url="http://www.pureftpd.org/" +url="https://www.pureftpd.org/" license=('custom') -depends=('openssl' 'libmariadbclient') +depends=('openssl' 'mariadb-libs') conflicts=('pure-ftpd-db') backup=('etc/pure-ftpd/pure-ftpd.conf') install=pure-ftpd.install -source=("http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-${pkgver}.tar.bz2" +source=("https://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-${pkgver}.tar.bz2" 'pure-ftpd.service' 'pure-ftpd.logrotate' 'welcome.msg' + 'tls1_3.patch' 'pure-ftpd.install' ) md5sums=('a41fa531c0d21bd3416dd524d75495ae' '0d0845e17607ffb212eae0112c58e9ff' '37a45c88a0f038de37b4a87c6c447534' '7e91835f7e7975bd0536648fc99e5a22' + '85799b3cce0ca37b035269fef6939c2b' 'c80cbd3ae1f9915f686f84149f6293e5') +prepare() { + cd $pkgname-$pkgver + patch -Np0 -i "${srcdir}/tls1_3.patch" +} + build() { cd ${srcdir}/${pkgname}-${pkgver} ./configure --prefix=/usr \ diff --git a/tls1_3.patch b/tls1_3.patch new file mode 100644 index 000000000000..8dc143175d72 --- /dev/null +++ b/tls1_3.patch @@ -0,0 +1,43 @@ +--- src/tls.c.orig 2019-01-27 16:51:46.453334095 +0100 ++++ src/tls.c 2019-01-27 16:50:38.150000769 +0100 +@@ -228,7 +228,16 @@ + if ((where & SSL_CB_HANDSHAKE_START) != 0) { + if ((cnx == tls_cnx && tls_cnx_handshook != 0) || + (cnx == tls_data_cnx && tls_data_cnx_handshook != 0)) { +- die(400, LOG_ERR, "TLS renegociation"); ++ const SSL_CIPHER *cipher; ++ const char *cipher_version; ++ if ((cipher = SSL_get_current_cipher(cnx)) == NULL || ++ (cipher_version = SSL_CIPHER_get_version(cipher)) == NULL) { ++ die(400, LOG_ERR, "No cipher"); ++ } ++ if (strcmp(cipher_version, "TLSv1.3") != 0) { ++ die(400, LOG_ERR, "TLS renegociation"); ++ return; ++ } + } + return; + } +@@ -264,10 +273,10 @@ + OpenSSL_add_all_algorithms(); + # else + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | +- OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); ++ OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | +- OPENSSL_INIT_ADD_ALL_DIGESTS | +- OPENSSL_INIT_LOAD_CONFIG, NULL); ++ OPENSSL_INIT_ADD_ALL_DIGESTS | ++ OPENSSL_INIT_LOAD_CONFIG, NULL); + # endif + while (RAND_status() == 0) { + rnd = zrand(); +@@ -288,7 +297,7 @@ + SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1); + # endif + # ifdef SSL_OP_NO_TLSv1_1 +- SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_1); ++ SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1_1); + # endif + # ifdef SSL_OP_NO_TLSv1_2 + SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2);
\ No newline at end of file |