Menu
▾
▴
proftp-docs — List for documentation maintainers
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
(16) |
Apr
(35) |
May
(37) |
Jun
(26) |
Jul
(24) |
Aug
(20) |
Sep
(33) |
Oct
(65) |
Nov
(19) |
Dec
(38) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(43) |
Feb
(20) |
Mar
(31) |
Apr
(17) |
May
(10) |
Jun
(2) |
Jul
(13) |
Aug
(13) |
Sep
(13) |
Oct
(22) |
Nov
(7) |
Dec
(8) |
| 2004 |
Jan
(11) |
Feb
(14) |
Mar
(11) |
Apr
(9) |
May
(11) |
Jun
(8) |
Jul
(8) |
Aug
(3) |
Sep
(11) |
Oct
(10) |
Nov
(4) |
Dec
(7) |
| 2005 |
Jan
(1) |
Feb
(5) |
Mar
(12) |
Apr
(9) |
May
(7) |
Jun
(56) |
Jul
(14) |
Aug
(3) |
Sep
(20) |
Oct
(8) |
Nov
(5) |
Dec
(4) |
| 2006 |
Jan
(4) |
Feb
(1) |
Mar
(31) |
Apr
(12) |
May
(10) |
Jun
(6) |
Jul
(3) |
Aug
(2) |
Sep
(3) |
Oct
(5) |
Nov
(5) |
Dec
(11) |
| 2007 |
Jan
(7) |
Feb
(2) |
Mar
(13) |
Apr
(2) |
May
(2) |
Jun
(2) |
Jul
(6) |
Aug
(10) |
Sep
(4) |
Oct
(14) |
Nov
(2) |
Dec
(3) |
| 2008 |
Jan
(2) |
Feb
|
Mar
(1) |
Apr
(4) |
May
|
Jun
(2) |
Jul
(3) |
Aug
(3) |
Sep
(5) |
Oct
(1) |
Nov
(3) |
Dec
(2) |
| 2009 |
Jan
(9) |
Feb
(13) |
Mar
(3) |
Apr
(11) |
May
(1) |
Jun
(3) |
Jul
(6) |
Aug
(2) |
Sep
(4) |
Oct
(9) |
Nov
(2) |
Dec
(11) |
| 2010 |
Jan
(27) |
Feb
(15) |
Mar
(3) |
Apr
(5) |
May
(1) |
Jun
(3) |
Jul
(3) |
Aug
(2) |
Sep
(6) |
Oct
(6) |
Nov
|
Dec
(11) |
| 2011 |
Jan
(6) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
|
Nov
(6) |
Dec
|
| 2012 |
Jan
(1) |
Feb
(1) |
Mar
(4) |
Apr
|
May
(3) |
Jun
(5) |
Jul
(7) |
Aug
(1) |
Sep
(3) |
Oct
(4) |
Nov
(1) |
Dec
(6) |
|
From: TJ S. <cas...@us...> - 2011-01-05 19:14:31
|
Update of /cvsroot/pdd/www.proftpd.org/docs/howto In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv6384 Modified Files: index.html Added Files: ConnectionACLs.html Log Message: Adding ConnectionACL howto to website. --- NEW FILE --- <!-- $Id: ConnectionACLs.html,v 1.1 2011/01/05 19:14:22 castaglia Exp $ --> <!-- $Source: /cvsroot/pdd/www.proftpd.org/docs/howto/ConnectionACLs.html,v $ --> <html> <head> <title>ProFTPD mini-HOWTO - Connection ACLs</title> </head> <body bgcolor=white> <hr> <center><h2><b>Connection ACLs</b></h2></center> <hr> <p> Many sites running <code>proftpd</code> have the need to limit/reject connections from known bad addresses, or to accept connections only from known good addresses. ProFTPD supports several different mechanisms for implementing FTP connection ACLs. <p> However, there is one important thing to note: <b>ProFTPD is not a firewall.</b> Never forget this. You <b>cannot</b> <i>prevent</i> TCP connections from ever reaching <code>proftpd</code> in the first place by using <code>proftpd</code> itself. This means that for many sites with connection ACL needs, their system's firewall capabilities may be a better mechanism for implementing ACLs. <p> <b><code><Limit LOGIN></code>, and Whitelists versus Blacklists</b><br> The easiest way of accepting/rejecting connections is to use ProFTPD's <a href="Limit.html"><code><Limit></code></a> syntax, particularly <code><Limit LOGIN></code>. <p> For example, you can simply reject all connections to your <code>proftpd</code> instance by using: <pre> <Limit LOGIN> DenyAll </Limit> </pre> A more practical example would look like: <pre> <Limit LOGIN> # These are trusted addresses Allow from 1.2.3.4 5.6.7.8 Allow from trusted-domain.com # Everyone else is denied DenyAll </Limit> </pre> <p> The above configuration demonstrates the concept of a <i>whitelist</i>: known trusted (<i>i.e.</i> "white") addresses are explicitly listed and allowed, and all others are denied. Conversely, you might use a <i>blacklist</i>, where known bad/malicious/untrusted (<i>i.e.</i> "black") addresses are explicitly listed and denied, and all others are allowed: <pre> <Limit LOGIN> Order deny,allow # These are known bad addresses Deny from 1.2.3.4 5.6.7.8 Deny from evil-domain.com # Everyone else is allowed AllowAll </Limit> </pre> <p> It is useful to know about whitelists versus blacklists, as it can affect how large your ACLs become. Sites which run publicly available FTP servers but which need to weed out bad clients tend to use blacklists; over time, these blacklists can become quite large. Sites which know who will be using their FTP server and only want those people to be able to connect will use whitelists; these whitelists tend to remain fairly small/short. <p> <b>Large Blacklists</b><br> Let's assume that you are running a public FTP server, and that you are using a <code><Limit LOGIN></code> section to make a blacklist. Your site may even have some script which detects bad clients, and automatically adds them to your blacklist, <i>e.g.</i>: <pre> <Limit LOGIN> Order deny,allow # -- Add blacklisted addresses here -- Deny from ... Deny from ... # <b>Many</b> more <code>Deny from</code> lines # Allow everyone not explicitly blacklisted AllowAll </Limit> </pre> Over time, your number of blacklisted IP addresses starts to become large and unwieldy. You might have thousands of such addresses; you notice that <code>proftpd</code> starts acting strangely, and starts slowing down. <p> When this happens, you should start looking for ways to make your list shorter. If your list is comprised of entries for each individual IP address, you should think about using glob expressions and netmasks to reduce the number of entries. For example, rather than using something like this: <pre> Deny from 1.2.3.4 Deny from 1.2.3.5 Deny from 1.2.3.6 Deny from 1.2.3.7 Deny from 1.2.3.8 Deny from 1.2.3.9 </pre> you could (as of <code>proftpd-1.3.4rc1</code> and later) use a range: <pre> Deny 1.2.3.[4-9] </pre> or even use a glob wildcard such as this, which makes for even fewer entries in your address lists: <pre> Deny 1.2.3.* </pre> Or you could use netmasks such as: <pre> Deny 1.2.3.0/8 </pre> <p> <b>Using Classes</b><br> Now let's assume that at this point you have used glob ranges and wildcards and netmasks to make your ACL shorter, but it is still large, and <code>proftpd</code> is still slow. It is time for you to use ProFTPD's connection <a href="Classes.html">classes</a>. <p> To do this, you would rewrite your large <code><Limit LOGIN></code> section to look something like this: <pre> <Class blacklist> # Put all of your blacklisted address/range lines here, as <code>From</code> lines From ... From ... From ... </Class> <Limit LOGIN> Order deny,allow # Rejected blacklisted clients DenyClass blacklist # Allow everyone else AllowAll </Limit> </pre> <p> Why does using classes like this make things faster? When using classes, the label (<i>i.e.</i> the class name in the <code><Class></code> section, like "blacklist" in the above example) is determined when the client <i>first</i> connects to <code>proftpd</code>, before any comands are sent. That is when all of the various netmasks and such are checked -- and <i>only</i> at that time. After that, all of the configuration-based ACLs are evaluated just using that label. <p> When you do not use classes, then proftpd scans each configuration, each netmask/address <b><i>for each command</i></b>. That's why things slow down so much. <p> <b>Alternatives</b><br> There are a couple of other ways in which to implement connection ACLs; these alternatives may be more efficient and/or better suited to your site's needs. <p> You can use a module like <a href="../contrib/mod_wrap2.html"><code>mod_wrap2</code></a>, particular its support for storing ACLs in SQL tables. SQL lookups can be very quick, and can easily support large numbers of addresses efficiently. <p> And if you find yourself starting to block large blocks of addresses from countries/regions, you should start thinking about connection ACLs in terms of geolocation information. For this, the<a href="http://www.castaglia.org/proftpd/modules/mod_geoip.html"><code>mod_geoip</code></a> module for proftpd is quite useful. <p><a name="FAQ"> <b>Frequently Asked Questions</b><br> <p> <font color=red>Question</font>: Is there a limit to how many addresses can appear in a single line in the config file?<br> <font color=blue>Answer</font>: No. However, there <i>is</i> a maximum line length, which is determined by the buffer size used by the configuration file parser. That buffer size is usually 1024 bytes (1K). <p> This 1024 byte length limitation can be worked around, however, by breaking a single line in the configuration file into multiple lines using the line continuation syntax, <i>e.g.</i>: <pre> Allow 1.2.3.4 5.6.7.8 9.10.11.12 <pre> can also appear as: <pre> Allow \ 1.2.3.4 \ 5.6.7.8 \ 9.10.11.12 </pre> <p> <hr> Last Updated: <i>$Date: 2011/01/05 19:14:22 $</i><br> <hr> </body> </html> Index: index.html =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/docs/howto/index.html,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -r1.7 -r1.8 *** index.html 11 Dec 2009 04:47:38 -0000 1.7 --- index.html 5 Jan 2011 19:14:22 -0000 1.8 *************** *** 72,80 **** <p> - <dt>On <a href="Upgrade.html">upgrading</a> - <dd>Covers the best way to perform an upgrade of ProFTPD - </dd> - - <p> <dt>On <a href="Vhost.html"><code><VirtualHost></code> sections</a> <dd>Covers how to configure virtual servers, listening on only one IP --- 72,75 ---- *************** *** 91,94 **** --- 86,101 ---- <p> + <dt>On <a href="Directory.html"><code><Directory></code> sections</a> + <dd>Covers how <code><Directory></code> sections should be configured, + and how the configured paths are matched + </dd> + + <p> + <dt>On <a href="Limit.html"><code><Limit></code> sections</a> + <dd>Covers how <code><Limit></code> sections should be configured, + and how different <code><Limit></code>s interact + </dd> + + <p> <dt>On using <code>proftpd</code> in a <a href="NAT.html">firewall/NAT</a> environment</dt> *************** *** 116,119 **** --- 123,131 ---- <p> + <dt>On <a href="Upgrade.html">upgrading</a> + <dd>Covers the best way to perform an upgrade of ProFTPD + </dd> + + <p> <dt>On <a href="DSO.html">DSO modules</a> <dd>Covers what DSO modules are, and how to use them properly *************** *** 121,124 **** --- 133,142 ---- <p> + <dt>On <a href="ConnectionACLs.html">connection ACLs</a> + <dd>Covers implementing connection ACLs, and some of the performance + concerns related to the different mechanisms + </dd> + + <p> <dt>On <a href="ASCII.html">ASCII transfers</a> <dd>Covers ASCII mode for data transfers, and the affected FTP commands *************** *** 137,152 **** <p> - <dt>On <a href="Directory.html"><code><Directory></code> sections</a> - <dd>Covers how <code><Directory></code> sections should be configured, - and how the configured paths are matched - </dd> - - <p> - <dt>On <a href="Limit.html"><code><Limit></code> sections</a> - <dd>Covers how <code><Limit></code> sections should be configured, - and how different <code><Limit></code>s interact - </dd> - - <p> <dt>On <a href="Sendfile.html">sendfile support</a> <dd>Describes what the <code>sendfile(2)</code> function does, and some --- 155,158 ---- |
|
From: John M. <jw...@us...> - 2010-12-22 22:20:29
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv19629/www.proftpd.org Modified Files: download.epl wwwmirror.epl Log Message: automated update Index: download.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/download.epl,v retrieving revision 1.116 retrieving revision 1.117 diff -C2 -r1.116 -r1.117 *** download.epl 22 Dec 2010 20:05:14 -0000 1.116 --- download.epl 22 Dec 2010 22:20:19 -0000 1.117 *************** *** 436,440 **** </p> ! ! #include "footer.epl" ! --- 436,438 ---- </p> ! #include "footer.epl" Index: wwwmirror.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/wwwmirror.epl,v retrieving revision 1.121 retrieving revision 1.122 diff -C2 -r1.121 -r1.122 *** wwwmirror.epl 22 Dec 2010 20:05:15 -0000 1.121 --- wwwmirror.epl 22 Dec 2010 22:20:19 -0000 1.122 *************** *** 329,333 **** </p> ! ! #include "footer.epl" ! --- 329,331 ---- </p> ! #include "footer.epl" |
|
From: John M. <jw...@us...> - 2010-12-22 20:05:25
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv10622/www.proftpd.org Modified Files: download.epl wwwmirror.epl Log Message: automated update Index: download.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/download.epl,v retrieving revision 1.115 retrieving revision 1.116 diff -C2 -r1.115 -r1.116 *** download.epl 13 Jan 2010 22:08:43 -0000 1.115 --- download.epl 22 Dec 2010 20:05:14 -0000 1.116 *************** *** 4,388 **** #include "header.epl" ! <!-- This output is autogenerated, do not edit manually. To update, use the ProFTPD Mirror Maintenance system. --> <h1><: print "$html_title" :></h1> - <p>Please use the mirror that's closest to you. If you would like to - volunteer to be a mirror site, please read the - <a href="/howtomirror.html">Mirroring HOWTO</a> page.</p> - - <div style="text-align: center;"> - - - <a href="ftp://ftp.ar.proftpd.org/">ar</a> - <a href="ftp://ftp.at.proftpd.org/">at</a> - <a href="ftp://ftp.be.proftpd.org/">be</a> - <a href="ftp://ftp.bg.proftpd.org/">bg</a> - <a href="ftp://ftp.ca.proftpd.org/">ca</a> - <a href="ftp://ftp.ch.proftpd.org/">ch</a> - <a href="ftp://ftp.cz.proftpd.org/">cz</a> - <a href="ftp://ftp.de.proftpd.org/">de</a> - <a href="ftp://ftp.fr.proftpd.org/">fr</a> - <a href="ftp://ftp.ie.proftpd.org/">ie</a> - <a href="ftp://ftp.it.proftpd.org/">it</a> - <a href="ftp://ftp.lv.proftpd.org/">lv</a> - <a href="ftp://ftp.nl.proftpd.org/">nl</a> - <a href="ftp://ftp.no.proftpd.org/">no</a> - <a href="ftp://ftp.pl.proftpd.org/">pl</a> - <a href="ftp://ftp.se.proftpd.org/">se</a> - <a href="ftp://ftp.tr.proftpd.org/">tr</a> - <a href="ftp://ftp.tw.proftpd.org/">tw</a> - <a href="ftp://ftp.uk.proftpd.org/">uk</a> - <a href="ftp://ftp.us.proftpd.org/">us</a> - <a href="ftp://ftp.za.proftpd.org/">za</a> - - </div> - <hr /> - - - <p> - <a href="ftp://ftp1.at.proftpd.org">ftp://ftp1.at.proftpd.org/</a> - <br /> - <a href="ftp://ftp.servus.at/ProFTPD/">ftp://ftp.servus.at/ProFTPD/</a> - <br /> - - Location: Austria <br /> - - Maintained by: Didi Baer<br /> - </p> - <p> - <a href="ftp://ftp1.be.proftpd.org">ftp://ftp1.be.proftpd.org/</a> - <br /> - <a href="ftp://ftp.easynet.be/proftpd/">ftp://ftp.easynet.be/proftpd/</a> - <br /> - - Location: Belgium <br /> - - Maintained by: Bert Vermeulen<br /> - </p> - <p> - <a href="ftp://ftp1.ca.proftpd.org">ftp://ftp1.ca.proftpd.org/</a> - <br /> - <a href="ftp://ftp.samurai.com/pub/proftpd/">ftp://ftp.samurai.com/pub/proftpd/</a> - <br /> - - Location: Canada <br /> - - Maintained by: Bryan Fullerton<br /> - </p> - <p> - <a href="ftp://ftp1.ch.proftpd.org">ftp://ftp1.ch.proftpd.org/</a> - <br /> - <a href="ftp://ftp.solnet.ch/mirror/proftpd.org/">ftp://ftp.solnet.ch/mirror/proftpd.org/</a> - <br /> - - Location: Switzerland <br /> - - Maintained by: Erich Hohermuth<br /> - </p> - <p> - <a href="ftp://ftp2.de.proftpd.org">ftp://ftp2.de.proftpd.org/</a> - <br /> - <a href="ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.proftpd.net/">ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.proftpd.net/</a> - <br /> - - Location: Germany <br /> - - Maintained by: Adrian Reber<br /> - </p> - <p> - <a href="ftp://ftp5.de.proftpd.org">ftp://ftp5.de.proftpd.org/</a> - <br /> - <a href="ftp://ftp.franken.de/pub/Linux/proftpd/">ftp://ftp.franken.de/pub/Linux/proftpd/</a> - <br /> - - Location: Germany <br /> - - Maintained by: Harald Welte<br /> - </p> - <p> - <a href="ftp://ftp1.nl.proftpd.org">ftp://ftp1.nl.proftpd.org/</a> - <br /> - <a href="ftp://ftp.nl.uu.net/pub/unix/ftp/proftpd/ftp/">ftp://ftp.nl.uu.net/pub/unix/ftp/proftpd/ftp/</a> - <br /> - - Location: Netherlands <br /> - - </p> - <p> - <a href="ftp://ftp5.no.proftpd.org">ftp://ftp5.no.proftpd.org/</a> - <br /> - <a href="ftp://ftp.tomt.net/pub/software/proftpd/">ftp://ftp.tomt.net/pub/software/proftpd/</a> - <br /> - - Location: Norway <br /> - - Maintained by: Andre Tomt<br /> - </p> - <p> - <a href="ftp://ftp1.us.proftpd.org">ftp://ftp1.us.proftpd.org/</a> - <br /> - <a href="ftp://ftp.ibiblio.org/pub/mirrors/proftpd/">ftp://ftp.ibiblio.org/pub/mirrors/proftpd/</a> - <br /> - - Location: United States (Chapel Hill, NC) - <br /> - - Maintained by: ibiblio<br /> - </p> - <p> - <a href="ftp://ftp0.ie.proftpd.org">ftp://ftp0.ie.proftpd.org/</a> - <br /> - <a href="ftp://ftp.esat.net/mirrors/ftp.proftpd.org/">ftp://ftp.esat.net/mirrors/ftp.proftpd.org/</a> - <br /> - - Location: Ireland (Dublin, Ireland) - <br /> - - Maintained by: Dave Burke<br /> - </p> - <p> - <a href="ftp://ftp2.at.proftpd.org">ftp://ftp2.at.proftpd.org/</a> - <br /> - <a href="ftp://gd.tuwien.ac.at/infosys/servers/ftp/proftpd/">ftp://gd.tuwien.ac.at/infosys/servers/ftp/proftpd/</a> - <br /> - - Location: Austria (Vienna Univ. of Technology, Austria) - <br /> - - Maintained by: Antonin<br /> - </p> - <p> - <a href="ftp://ftp5.fr.proftpd.org">ftp://ftp5.fr.proftpd.org/</a> - <br /> - <a href="ftp://ftp.crihan.fr/mirrors/ftp.proftpd.org/">ftp://ftp.crihan.fr/mirrors/ftp.proftpd.org/</a> - <br /> - - Location: France (Rouen) - <br /> - - Maintained by: Alain Bidaud<br /> - </p> - <p> - <a href="ftp://ftp2.tr.proftpd.org">ftp://ftp2.tr.proftpd.org/</a> - <br /> - <a href="ftp://ftp.ulak.net.tr/proftpd">ftp://ftp.ulak.net.tr/proftpd</a> - <br /> - - Location: Turkey (Ankara) - <br /> - - Maintained by: Onur BEKTAS<br /> - </p> - <p> - <a href="ftp://ftp24.us.proftpd.org">ftp://ftp24.us.proftpd.org/</a> - <br /> - <a href="ftp://ftp.sourwood.net/pub/ProFTPD/">ftp://ftp.sourwood.net/pub/ProFTPD/</a> - <br /> - - Location: United States (Danvers, Massachusetts USA) - <br /> - - Maintained by: Matt Mozur<br /> - </p> - <p> - <a href="ftp://ftp25.us.proftpd.org">ftp://ftp25.us.proftpd.org/</a> - <br /> - <a href="ftp://mirror.wrpn.net/proftpd/">ftp://mirror.wrpn.net/proftpd/</a> - <br /> - - Location: United States (Columbus, Ohio) - <br /> - - Maintained by: Wesley Haines<br /> - </p> - <p> - <a href="ftp://ftp3.tw.proftpd.org">ftp://ftp3.tw.proftpd.org/</a> - <br /> - <a href="ftp://ftp.ntu.edu.tw/proftpd/">ftp://ftp.ntu.edu.tw/proftpd/</a> - <br /> - - Location: Taiwan (National Taiwan University) - <br /> - - Maintained by: FTP Admin<br /> - </p> - <p> - <a href="ftp://ftp13.de.proftpd.org">ftp://ftp13.de.proftpd.org/</a> - <br /> - <a href="ftp://ftp.fu-berlin.de/unix/ftp/proftpd/">ftp://ftp.fu-berlin.de/unix/ftp/proftpd/</a> - <br /> - - Location: Germany (Berlin, Germany) - <br /> - - Maintained by: Holger Weiss<br /> - </p> - <p> - <a href="ftp://ftp3.it.proftpd.org">ftp://ftp3.it.proftpd.org/</a> - <br /> - <a href="ftp://www.proftpd.topnet.it/pub/mirror/proftpd/">ftp://www.proftpd.topnet.it/pub/mirror/proftpd/</a> - <br /> - - Location: Italy (Rome) - <br /> - - Maintained by: Antonio Prado<br /> - </p> - <p> - <a href="ftp://ftp4.bg.proftpd.org">ftp://ftp4.bg.proftpd.org/</a> - <br /> - <a href="ftp://ftp.proftpd.cbox.biz/proftpd/">ftp://ftp.proftpd.cbox.biz/proftpd/</a> - <br /> - - Location: Bulgaria (Bulgaria) - <br /> - - Maintained by: Alexander Dulgerov<br /> - </p> - <p> - <a href="ftp://ftp2.ar.proftpd.org">ftp://ftp2.ar.proftpd.org/</a> - <br /> - <a href="ftp://proftpd.bairesweb.com/pub/proftpd/">ftp://proftpd.bairesweb.com/pub/proftpd/</a> - <br /> - - Location: Argentina (Buenos Aires, Argentina) - <br /> - - Maintained by: Pablo Arturi<br /> - </p> - <p> - <a href="ftp://ftp2.lv.proftpd.org">ftp://ftp2.lv.proftpd.org/</a> - <br /> - <a href="ftp://ftp.linux.edu.lv/mirrors/ftp.proftpd.org/">ftp://ftp.linux.edu.lv/mirrors/ftp.proftpd.org/</a> - <br /> - - Location: Latvia (Riga, Latvia) - <br /> - - Maintained by: Leo Truksans<br /> - </p> - <p> - <a href="ftp://ftp1.za.proftpd.org">ftp://ftp1.za.proftpd.org/</a> - <br /> - <a href="ftp://ftp.is.co.za/mirror/ftp.proftpd.org">ftp://ftp.is.co.za/mirror/ftp.proftpd.org</a> - <br /> - - Location: South africa (South Africa) - <br /> - - Maintained by: FTP Admin<br /> - </p> - <p> - <a href="ftp://ftp3.cz.proftpd.org">ftp://ftp3.cz.proftpd.org/</a> - <br /> - <a href="ftp://proftpd.kn.vutbr.cz/pub/proftpd">ftp://proftpd.kn.vutbr.cz/pub/proftpd</a> - <br /> - - Location: Czech republic (ftp://mirror.kn.vutbr.cz/pub/ftp.proftpd.org) - <br /> - - Maintained by: Zdenek Bill<br /> - </p> - <p> - <a href="ftp://ftp7.nl.proftpd.org">ftp://ftp7.nl.proftpd.org/</a> - <br /> - <a href="ftp://proftpd.mirrors.webazilla.nl/">ftp://proftpd.mirrors.webazilla.nl/</a> - <br /> - - Location: Netherlands (Amsterdam, Netherlands) - <br /> - - Maintained by: Network Operations Center<br /> - </p> - <p> - <a href="ftp://ftp9.pl.proftpd.org">ftp://ftp9.pl.proftpd.org/</a> - <br /> - <a href="ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.proftpd.org/">ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.proftpd.org/</a> - <br /> - - Location: Poland (Poland) - <br /> - - Maintained by: Piotr Maluty<br /> - </p> - <p> - <a href="ftp://ftp35.us.proftpd.org">ftp://ftp35.us.proftpd.org/</a> - <br /> - <a href="ftp://proftpd.mirrors.tds.net/pub/ProFTPD">ftp://proftpd.mirrors.tds.net/pub/ProFTPD</a> - <br /> - - Location: United States (Madison Wisconsin) - <br /> - - Maintained by: Shane Brath<br /> - </p> - <p> - <a href="ftp://ftp3.be.proftpd.org">ftp://ftp3.be.proftpd.org/</a> - <br /> - <a href="ftp://mirrors.powersource.cx/pub/proftpd">ftp://mirrors.powersource.cx/pub/proftpd</a> - <br /> - - Location: Belgium (Brussels, Belgium) - <br /> - - Maintained by: Tom Laermans<br /> - </p> - <p> - <a href="ftp://ftp12.fr.proftpd.org">ftp://ftp12.fr.proftpd.org/</a> - <br /> - <a href="ftp://mirrors.ircam.fr/pub/proftpd">ftp://mirrors.ircam.fr/pub/proftpd</a> - <br /> - - Location: France (Paris, France) - <br /> - - Maintained by: Arnaud Gomes<br /> - </p> - <p> - <a href="ftp://ftp1.se.proftpd.org">ftp://ftp1.se.proftpd.org/</a> - <br /> - <a href="ftp://mirror2.dataphone.se/pub/ProFTPD">ftp://mirror2.dataphone.se/pub/ProFTPD</a> - <br /> - - Location: Sweden (Sweden) - <br /> - - Maintained by: Mirror Staff<br /> - </p> - <p> - <a href="ftp://ftp11.nl.proftpd.org">ftp://ftp11.nl.proftpd.org/</a> - <br /> - <a href="ftp://mirror.hostfuss.com/proftpd/">ftp://mirror.hostfuss.com/proftpd/</a> - <br /> - - Location: Netherlands (Amsterdam) - <br /> - - Maintained by: Frederik Timmerman<br /> - </p> - <p> - <a href="ftp://ftp1.uk.proftpd.org">ftp://ftp1.uk.proftpd.org/</a> - <br /> - <a href="ftp://proftpd.maytech.net/">ftp://proftpd.maytech.net/</a> - <br /> - - Location: United Kingdom (London) - <br /> - - Maintained by: Mike Futerko<br /> - </p> - <p> - <a href="ftp://ftp1.pl.proftpd.org">ftp://ftp1.pl.proftpd.org/</a> - <br /> - <a href="ftp://ftp.tpnet.pl/pub/linux/proftpd/">ftp://ftp.tpnet.pl/pub/linux/proftpd/</a> - <br /> ! Location: Poland (Poland, Warsaw) ! <br /> ! Maintained by: Ireneusz Weglewski<br /> ! </p> - #include "footer.epl" --- 4,440 ---- #include "header.epl" ! <!-- This output is autogenerated; do not edit manually. To update, use the ProFTPD Mirror Maintenance system. --> <h1><: print "$html_title" :></h1> ! <p>Please use the mirror that's closest to you. If you would like to ! volunteer to be a mirror site, please read the ! <a href="/howtomirror.html">Mirroring HOWTO</a> page.</p> ! ! ! <div style="text-align: center;"> ! ! ! <a href="ftp://ftp.ar.proftpd.org/">ar</a> ! ! ! <a href="ftp://ftp.at.proftpd.org/">at</a> ! ! ! <a href="ftp://ftp.be.proftpd.org/">be</a> ! ! ! <a href="ftp://ftp.bg.proftpd.org/">bg</a> ! ! ! <a href="ftp://ftp.ca.proftpd.org/">ca</a> ! ! ! <a href="ftp://ftp.ch.proftpd.org/">ch</a> ! ! ! <a href="ftp://ftp.cz.proftpd.org/">cz</a> ! ! ! <a href="ftp://ftp.de.proftpd.org/">de</a> ! ! ! <a href="ftp://ftp.fr.proftpd.org/">fr</a> ! ! ! <a href="ftp://ftp.ie.proftpd.org/">ie</a> ! ! ! <a href="ftp://ftp.it.proftpd.org/">it</a> ! ! ! <a href="ftp://ftp.lv.proftpd.org/">lv</a> ! ! ! <a href="ftp://ftp.nl.proftpd.org/">nl</a> ! ! ! <a href="ftp://ftp.no.proftpd.org/">no</a> ! ! ! <a href="ftp://ftp.pl.proftpd.org/">pl</a> ! ! ! <a href="ftp://ftp.se.proftpd.org/">se</a> ! ! ! <a href="ftp://ftp.tr.proftpd.org/">tr</a> ! ! ! <a href="ftp://ftp.tw.proftpd.org/">tw</a> ! ! ! <a href="ftp://ftp.uk.proftpd.org/">uk</a> ! ! ! <a href="ftp://ftp.us.proftpd.org/">us</a> ! ! ! <a href="ftp://ftp.za.proftpd.org/">za</a> ! ! ! </div> ! <hr /> ! ! ! <p> ! <a href="ftp://ftp1.at.proftpd.org">ftp://ftp1.at.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.servus.at/ProFTPD/">ftp://ftp.servus.at/ProFTPD/</a> ! <br /> ! Location: (Austria) ! <br /> ! Maintained by: Didi Baer<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.be.proftpd.org">ftp://ftp1.be.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.easynet.be/proftpd/">ftp://ftp.easynet.be/proftpd/</a> ! <br /> ! Location: (Belgium) ! <br /> ! Maintained by: Bert Vermeulen<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.ca.proftpd.org">ftp://ftp1.ca.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.samurai.com/pub/proftpd/">ftp://ftp.samurai.com/pub/proftpd/</a> ! <br /> ! Location: (Canada) ! <br /> ! Maintained by: Bryan Fullerton<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.ch.proftpd.org">ftp://ftp1.ch.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.solnet.ch/mirror/proftpd.org/">ftp://ftp.solnet.ch/mirror/proftpd.org/</a> ! <br /> ! Location: (Switzerland) ! <br /> ! Maintained by: Erich Hohermuth<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp2.de.proftpd.org">ftp://ftp2.de.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.proftpd.net/">ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.proftpd.net/</a> ! <br /> ! Location: (Germany) ! <br /> ! Maintained by: Adrian Reber<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp5.de.proftpd.org">ftp://ftp5.de.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.franken.de/pub/Linux/proftpd/">ftp://ftp.franken.de/pub/Linux/proftpd/</a> ! <br /> ! Location: (Germany) ! <br /> ! Maintained by: Harald Welte<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.nl.proftpd.org">ftp://ftp1.nl.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.nl.uu.net/pub/unix/ftp/proftpd/ftp/">ftp://ftp.nl.uu.net/pub/unix/ftp/proftpd/ftp/</a> ! <br /> ! Location: (Netherlands) ! <br /> ! ! </p> ! ! ! <p> ! <a href="ftp://ftp5.no.proftpd.org">ftp://ftp5.no.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.tomt.net/pub/software/proftpd/">ftp://ftp.tomt.net/pub/software/proftpd/</a> ! <br /> ! Location: (Norway) ! <br /> ! Maintained by: Andre Tomt<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.us.proftpd.org">ftp://ftp1.us.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.ibiblio.org/pub/mirrors/proftpd/">ftp://ftp.ibiblio.org/pub/mirrors/proftpd/</a> ! <br /> ! Location: (United States) (Chapel Hill, NC) ! <br /> ! Maintained by: ibiblio<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp0.ie.proftpd.org">ftp://ftp0.ie.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.esat.net/mirrors/ftp.proftpd.org/">ftp://ftp.esat.net/mirrors/ftp.proftpd.org/</a> ! <br /> ! Location: (Ireland) (Dublin, Ireland) ! <br /> ! Maintained by: Dave Burke<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp2.at.proftpd.org">ftp://ftp2.at.proftpd.org/</a> ! <br /> ! <a href="ftp://gd.tuwien.ac.at/infosys/servers/ftp/proftpd/">ftp://gd.tuwien.ac.at/infosys/servers/ftp/proftpd/</a> ! <br /> ! Location: (Austria) (Vienna Univ. of Technology, Austria) ! <br /> ! Maintained by: Antonin<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp5.fr.proftpd.org">ftp://ftp5.fr.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.crihan.fr/mirrors/ftp.proftpd.org/">ftp://ftp.crihan.fr/mirrors/ftp.proftpd.org/</a> ! <br /> ! Location: (France) (Rouen) ! <br /> ! Maintained by: Alain Bidaud<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp2.tr.proftpd.org">ftp://ftp2.tr.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.ulak.net.tr/proftpd">ftp://ftp.ulak.net.tr/proftpd</a> ! <br /> ! Location: (Turkey) (Ankara) ! <br /> ! Maintained by: Onur BEKTAS<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp24.us.proftpd.org">ftp://ftp24.us.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.sourwood.net/pub/ProFTPD/">ftp://ftp.sourwood.net/pub/ProFTPD/</a> ! <br /> ! Location: (United States) (Danvers, Massachusetts USA) ! <br /> ! Maintained by: Matt Mozur<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp25.us.proftpd.org">ftp://ftp25.us.proftpd.org/</a> ! <br /> ! <a href="ftp://mirror.wrpn.net/proftpd/">ftp://mirror.wrpn.net/proftpd/</a> ! <br /> ! Location: (United States) (Columbus, Ohio) ! <br /> ! Maintained by: Wesley Haines<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp3.tw.proftpd.org">ftp://ftp3.tw.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.ntu.edu.tw/proftpd/">ftp://ftp.ntu.edu.tw/proftpd/</a> ! <br /> ! Location: (Taiwan) (National Taiwan University) ! <br /> ! Maintained by: FTP Admin<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp13.de.proftpd.org">ftp://ftp13.de.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.fu-berlin.de/unix/ftp/proftpd/">ftp://ftp.fu-berlin.de/unix/ftp/proftpd/</a> ! <br /> ! Location: (Germany) (Berlin, Germany) ! <br /> ! Maintained by: Holger Weiss<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp3.it.proftpd.org">ftp://ftp3.it.proftpd.org/</a> ! <br /> ! <a href="ftp://www.proftpd.topnet.it/pub/mirror/proftpd/">ftp://www.proftpd.topnet.it/pub/mirror/proftpd/</a> ! <br /> ! Location: (Italy) (Rome) ! <br /> ! Maintained by: Antonio Prado<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp4.bg.proftpd.org">ftp://ftp4.bg.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.proftpd.cbox.biz/proftpd/">ftp://ftp.proftpd.cbox.biz/proftpd/</a> ! <br /> ! Location: (Bulgaria) (Bulgaria) ! <br /> ! Maintained by: Alexander Dulgerov<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp2.ar.proftpd.org">ftp://ftp2.ar.proftpd.org/</a> ! <br /> ! <a href="ftp://proftpd.bairesweb.com/pub/proftpd/">ftp://proftpd.bairesweb.com/pub/proftpd/</a> ! <br /> ! Location: (Argentina) (Buenos Aires, Argentina) ! <br /> ! Maintained by: Pablo Arturi<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp2.lv.proftpd.org">ftp://ftp2.lv.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.linux.edu.lv/mirrors/ftp.proftpd.org/">ftp://ftp.linux.edu.lv/mirrors/ftp.proftpd.org/</a> ! <br /> ! Location: (Latvia) (Riga, Latvia) ! <br /> ! Maintained by: Leo Truksans<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.za.proftpd.org">ftp://ftp1.za.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.is.co.za/mirror/ftp.proftpd.org">ftp://ftp.is.co.za/mirror/ftp.proftpd.org</a> ! <br /> ! Location: (South africa) (South Africa) ! <br /> ! Maintained by: FTP Admin<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp3.cz.proftpd.org">ftp://ftp3.cz.proftpd.org/</a> ! <br /> ! <a href="ftp://proftpd.kn.vutbr.cz/pub/proftpd">ftp://proftpd.kn.vutbr.cz/pub/proftpd</a> ! <br /> ! Location: (Czech republic) (ftp://mirror.kn.vutbr.cz/pub/ftp.proftpd.org) ! <br /> ! Maintained by: Zdenek Bill<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp7.nl.proftpd.org">ftp://ftp7.nl.proftpd.org/</a> ! <br /> ! <a href="ftp://proftpd.mirrors.webazilla.nl/">ftp://proftpd.mirrors.webazilla.nl/</a> ! <br /> ! Location: (Netherlands) (Amsterdam, Netherlands) ! <br /> ! Maintained by: Network Operations Center<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp9.pl.proftpd.org">ftp://ftp9.pl.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.proftpd.org/">ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.proftpd.org/</a> ! <br /> ! Location: (Poland) (Poland) ! <br /> ! Maintained by: Piotr Maluty<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp35.us.proftpd.org">ftp://ftp35.us.proftpd.org/</a> ! <br /> ! <a href="ftp://proftpd.mirrors.tds.net/pub/ProFTPD">ftp://proftpd.mirrors.tds.net/pub/ProFTPD</a> ! <br /> ! Location: (United States) (Madison Wisconsin) ! <br /> ! Maintained by: Shane Brath<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp3.be.proftpd.org">ftp://ftp3.be.proftpd.org/</a> ! <br /> ! <a href="ftp://mirrors.powersource.cx/pub/proftpd">ftp://mirrors.powersource.cx/pub/proftpd</a> ! <br /> ! Location: (Belgium) (Brussels, Belgium) ! <br /> ! Maintained by: Tom Laermans<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp12.fr.proftpd.org">ftp://ftp12.fr.proftpd.org/</a> ! <br /> ! <a href="ftp://mirrors.ircam.fr/pub/proftpd">ftp://mirrors.ircam.fr/pub/proftpd</a> ! <br /> ! Location: (France) (Paris, France) ! <br /> ! Maintained by: Arnaud Gomes<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.se.proftpd.org">ftp://ftp1.se.proftpd.org/</a> ! <br /> ! <a href="ftp://mirror2.dataphone.se/pub/ProFTPD">ftp://mirror2.dataphone.se/pub/ProFTPD</a> ! <br /> ! Location: (Sweden) (Sweden) ! <br /> ! Maintained by: Mirror Staff<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp11.nl.proftpd.org">ftp://ftp11.nl.proftpd.org/</a> ! <br /> ! <a href="ftp://mirror.hostfuss.com/proftpd/">ftp://mirror.hostfuss.com/proftpd/</a> ! <br /> ! Location: (Netherlands) (Amsterdam) ! <br /> ! Maintained by: Frederik Timmerman<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.uk.proftpd.org">ftp://ftp1.uk.proftpd.org/</a> ! <br /> ! <a href="ftp://proftpd.maytech.net/">ftp://proftpd.maytech.net/</a> ! <br /> ! Location: (United Kingdom) (London) ! <br /> ! Maintained by: Mike Futerko<br /> ! </p> ! ! ! <p> ! <a href="ftp://ftp1.pl.proftpd.org">ftp://ftp1.pl.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.tpnet.pl/pub/linux/proftpd/">ftp://ftp.tpnet.pl/pub/linux/proftpd/</a> ! <br /> ! Location: (Poland) (Poland, Warsaw) ! <br /> ! Maintained by: Ireneusz Weglewski<br /> ! </p> ! ! #include "footer.epl" Index: wwwmirror.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/wwwmirror.epl,v retrieving revision 1.120 retrieving revision 1.121 diff -C2 -r1.120 -r1.121 *** wwwmirror.epl 17 Aug 2010 14:07:56 -0000 1.120 --- wwwmirror.epl 22 Dec 2010 20:05:15 -0000 1.121 *************** *** 4,282 **** #include "header.epl" ! <!-- This output is autogenerated, do not edit manually. To update, use the ProFTPD Mirror Maintenance system. --> <h1><: print "$html_title" :></h1> - <p>This is a list of active mirrors of this website; the home site is - <a href="http://www.proftpd.org/">www.proftpd.org</a>. If you wish to - mirror this site, please read our - <a href="/howtomirror.html">Mirroring HOWTO</a> page.</p> - - <p>In addition to the direct links further down this page, a number of - the web mirror sites have been configured to accept connections to - www.<countrycode>.proftpd.org. These can be accessed by visiting - http://www.<isocode>.proftpd.org/.</p> - - <p>The countries which have mirrors are listed below. Please use your - closest geographic mirror to conserve bandwidth.</p> - - <div style="text-align: center;"> - - - <a href="http://www.am.proftpd.org/">am</a> - <a href="http://www.ar.proftpd.org/">ar</a> - <a href="http://www.be.proftpd.org/">be</a> - <a href="http://www.bg.proftpd.org/">bg</a> - <a href="http://www.cz.proftpd.org/">cz</a> - <a href="http://www.ie.proftpd.org/">ie</a> - <a href="http://www.il.proftpd.org/">il</a> - <a href="http://www.it.proftpd.org/">it</a> - <a href="http://www.kr.proftpd.org/">kr</a> - <a href="http://www.li.proftpd.org/">li</a> - <a href="http://www.lv.proftpd.org/">lv</a> - <a href="http://www.nl.proftpd.org/">nl</a> - <a href="http://www.pl.proftpd.org/">pl</a> - <a href="http://www.rs.proftpd.org/">rs</a> - <a href="http://www.se.proftpd.org/">se</a> - <a href="http://www.sg.proftpd.org/">sg</a> - <a href="http://www.tw.proftpd.org/">tw</a> - <a href="http://www.uk.proftpd.org/">uk</a> - <a href="http://www.us.proftpd.org/">us</a> - - </div> - <hr /> - - - <p> - <a href="http://www1.nl.proftpd.org">http://www1.nl.proftpd.org/</a> - <br /> - <a href="http://proftpd.proserve.nl/">http://proftpd.proserve.nl/</a> - <br /> - - Location: Netherlands (Amsterdam) - <br /> - - Maintained by: Peter Batenburg<br /> - </p> - <p> - <a href="http://www1.sg.proftpd.org">http://www1.sg.proftpd.org/</a> - <br /> - <a href="http://proftpd.oss.eznetsols.org/">http://proftpd.oss.eznetsols.org/</a> - <br /> - - Location: Singapore <br /> - - Maintained by: Network Operations Center<br /> - </p> - <p> - <a href="http://www1.bg.proftpd.org">http://www1.bg.proftpd.org/</a> - <br /> - <a href="http://proftpd.fixity.net/">http://proftpd.fixity.net/</a> - <br /> - - Location: Bulgaria (Bulgaria (Varna)) - <br /> - - Maintained by: Krasimir Ganchev<br /> - </p> - <p> - <a href="http://www1.ie.proftpd.org">http://www1.ie.proftpd.org/</a> - <br /> - <a href="http://proftpd.mirrors.esat.net/">http://proftpd.mirrors.esat.net/</a> - <br /> - - Location: Ireland (Dublin, Ireland) - <br /> - - Maintained by: Dave Burke<br /> - </p> - <p> - <a href="http://www1.be.proftpd.org">http://www1.be.proftpd.org/</a> - <br /> - <a href="http://proftpd.mirror.easynet.be/">http://proftpd.mirror.easynet.be/</a> - <br /> - - Location: Belgium (Brussels, BELGIUM) - <br /> - - Maintained by: Iyi Dogan Claude<br /> - </p> - <p> - <a href="http://www2.am.proftpd.org">http://www2.am.proftpd.org/</a> - <br /> - <a href="http://proftpd.mirrors.arminco.com/">http://proftpd.mirrors.arminco.com/</a> - <br /> - - Location: Armenia (Yerevan, Armenia) - <br /> - - Maintained by: Vahan Yerkanian<br /> - </p> - <p> - <a href="http://www21.us.proftpd.org">http://www21.us.proftpd.org/</a> - <br /> - <a href="http://proftpd.sourwood.net/">http://proftpd.sourwood.net/</a> - <br /> - - Location: United States (USA (Danvers, MA)) - <br /> - - Maintained by: Matt Mozur<br /> - </p> - <p> - <a href="http://www1.li.proftpd.org">http://www1.li.proftpd.org/</a> - <br /> - <a href="http://proftpd.lie-comtel.li/">http://proftpd.lie-comtel.li/</a> - <br /> - - Location: Liechtenstein (Vaduz, Liechtenstein) - <br /> - - Maintained by: Roland Guthauser<br /> - </p> - <p> - <a href="http://www27.us.proftpd.org">http://www27.us.proftpd.org/</a> - <br /> - <a href="http://proftpd.mirror.wrpn.net/">http://proftpd.mirror.wrpn.net/</a> - <br /> - - Location: United States (Columbus, Ohio) - <br /> - - Maintained by: Wesley Haines<br /> - </p> - <p> - <a href="http://www4.it.proftpd.org">http://www4.it.proftpd.org/</a> - <br /> - <a href="http://www.proftpd.topnet.it/">http://www.proftpd.topnet.it/</a> - <br /> - - Location: Italy (Rome) - <br /> - - Maintained by: Antonio Prado<br /> - </p> - <p> - <a href="http://www2.cz.proftpd.org">http://www2.cz.proftpd.org/</a> - <br /> - <a href="http://proftpd.kn.vutbr.cz/">http://proftpd.kn.vutbr.cz/</a> - <br /> - - Location: Czech republic (http://proftpd.kn.vutbr.cz) - <br /> - - Maintained by: Zdenek Bill<br /> - </p> - <p> - <a href="http://www3.bg.proftpd.org">http://www3.bg.proftpd.org/</a> - <br /> - <a href="http://proftpd.cbox.biz/">http://proftpd.cbox.biz/</a> - <br /> - - Location: Bulgaria (Bulgaria) - <br /> - - Maintained by: Alexander Dulgerov<br /> - </p> - <p> - <a href="http://www3.ar.proftpd.org">http://www3.ar.proftpd.org/</a> - <br /> - <a href="http://proftpd.bairesweb.com/">http://proftpd.bairesweb.com/</a> - <br /> - - Location: Argentina (Buenos Aires, Argentina) - <br /> - - Maintained by: Pablo Arturi<br /> - </p> - <p> - <a href="http://www3.lv.proftpd.org">http://www3.lv.proftpd.org/</a> - <br /> - <a href="http://proftpd.linux.edu.lv/">http://proftpd.linux.edu.lv/</a> - <br /> - - Location: Latvia (Riga, Latvia) - <br /> - - Maintained by: Leo Truksans<br /> - </p> - <p> - <a href="http://www1.se.proftpd.org">http://www1.se.proftpd.org/</a> - <br /> - <a href="http://www.proftpd.mirror2.dataphone.se">http://www.proftpd.mirror2.dataphone.se</a> - <br /> - - Location: Sweden (Sweden) - <br /> - - Maintained by: Mirror Staff<br /> - </p> - <p> - <a href="http://www1.rs.proftpd.org">http://www1.rs.proftpd.org/</a> - <br /> - <a href="http://proftpd.burina.net">http://proftpd.burina.net</a> - <br /> - - Location: Serbia (Serbia) - <br /> - - Maintained by: Sinisa Burina<br /> - </p> - <p> - <a href="http://www1.pl.proftpd.org">http://www1.pl.proftpd.org/</a> - <br /> - <a href="http://proftpd.piotrkosoft.net/">http://proftpd.piotrkosoft.net/</a> - <br /> - - Location: Poland (Poland) - <br /> - - Maintained by: Piotr Maluty<br /> - </p> - <p> - <a href="http://www2.il.proftpd.org">http://www2.il.proftpd.org/</a> - <br /> - <a href="http://proftpd.interhost.co.il">http://proftpd.interhost.co.il</a> - <br /> - - Location: Israel (ISRAEL) - <br /> - - Maintained by: Dmitry Sherman<br /> - </p> - <p> - <a href="http://www1.tw.proftpd.org">http://www1.tw.proftpd.org/</a> - <br /> - <a href="http://proftpd.cs.pu.edu.tw">http://proftpd.cs.pu.edu.tw</a> - <br /> - - Location: Taiwan (Providence University) - <br /> - - Maintained by: Hsun-Chang Chang<br /> - </p> - <p> - <a href="http://www1.kr.proftpd.org">http://www1.kr.proftpd.org/</a> - <br /> - <a href="http://proftpd.mirror.cdnetworks.com/">http://proftpd.mirror.cdnetworks.com/</a> - <br /> - - Location: Korea (Korea) - <br /> - - Maintained by: Sukbum Hong<br /> - </p> - <p> - <a href="http://www1.uk.proftpd.org">http://www1.uk.proftpd.org/</a> - <br /> - <a href="http://proftpd.maytech.net/">http://proftpd.maytech.net/</a> - <br /> ! Location: United Kingdom (London) ! <br /> ! Maintained by: Mike Futerko<br /> ! </p> - #include "footer.epl" --- 4,333 ---- #include "header.epl" ! <!-- This output is autogenerated; do not edit manually. To update, use the ProFTPD Mirror Maintenance system. --> <h1><: print "$html_title" :></h1> ! <p>This is a list of active mirrors of this website; the home site is ! <a href="http://www.proftpd.org/">www.proftpd.org</a>. If you wish to ! mirror this site, please read our ! <a href="/howtomirror.html">Mirroring HOWTO</a> page.</p> ! ! <p>In addition to the direct links further down this page, a number of ! the web mirror sites have been configured to accept connections to ! www.<countrycode>.proftpd.org. These can be accessed by visiting ! http://www.<isocode>.proftpd.org/.</p> ! ! <p>The countries which have mirrors are listed below. Please use your ! closest geographic mirror to conserve bandwidth.</p> ! ! ! <div style="text-align: center;"> ! ! ! <a href="http://www.am.proftpd.org/">am</a> ! ! ! <a href="http://www.ar.proftpd.org/">ar</a> ! ! ! <a href="http://www.be.proftpd.org/">be</a> ! ! ! <a href="http://www.bg.proftpd.org/">bg</a> ! ! ! <a href="http://www.cz.proftpd.org/">cz</a> ! ! ! <a href="http://www.ie.proftpd.org/">ie</a> ! ! ! <a href="http://www.il.proftpd.org/">il</a> ! ! ! <a href="http://www.it.proftpd.org/">it</a> ! ! ! <a href="http://www.kr.proftpd.org/">kr</a> ! ! ! <a href="http://www.li.proftpd.org/">li</a> ! ! ! <a href="http://www.lv.proftpd.org/">lv</a> ! ! ! <a href="http://www.nl.proftpd.org/">nl</a> ! ! ! <a href="http://www.pl.proftpd.org/">pl</a> ! ! ! <a href="http://www.rs.proftpd.org/">rs</a> ! ! ! <a href="http://www.se.proftpd.org/">se</a> ! ! ! <a href="http://www.sg.proftpd.org/">sg</a> ! ! ! <a href="http://www.tw.proftpd.org/">tw</a> ! ! ! <a href="http://www.uk.proftpd.org/">uk</a> ! ! ! <a href="http://www.us.proftpd.org/">us</a> ! ! ! </div> ! <hr /> ! ! ! <p> ! <a href="http://www1.nl.proftpd.org">http://www1.nl.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.proserve.nl/">http://proftpd.proserve.nl/</a> ! <br /> ! Location: (Netherlands) (Amsterdam) ! <br /> ! Maintained by: Peter Batenburg<br /> ! </p> ! ! ! <p> ! <a href="http://www1.sg.proftpd.org">http://www1.sg.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.oss.eznetsols.org/">http://proftpd.oss.eznetsols.org/</a> ! <br /> ! Location: (Singapore) ! <br /> ! Maintained by: Network Operations Center<br /> ! </p> ! ! ! <p> ! <a href="http://www1.bg.proftpd.org">http://www1.bg.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.fixity.net/">http://proftpd.fixity.net/</a> ! <br /> ! Location: (Bulgaria) (Bulgaria (Varna)) ! <br /> ! Maintained by: Krasimir Ganchev<br /> ! </p> ! ! ! <p> ! <a href="http://www1.ie.proftpd.org">http://www1.ie.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.mirrors.esat.net/">http://proftpd.mirrors.esat.net/</a> ! <br /> ! Location: (Ireland) (Dublin, Ireland) ! <br /> ! Maintained by: Dave Burke<br /> ! </p> ! ! ! <p> ! <a href="http://www1.be.proftpd.org">http://www1.be.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.mirror.easynet.be/">http://proftpd.mirror.easynet.be/</a> ! <br /> ! Location: (Belgium) (Brussels, BELGIUM) ! <br /> ! Maintained by: Iyi Dogan Claude<br /> ! </p> ! ! ! <p> ! <a href="http://www2.am.proftpd.org">http://www2.am.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.mirrors.arminco.com/">http://proftpd.mirrors.arminco.com/</a> ! <br /> ! Location: (Armenia) (Yerevan, Armenia) ! <br /> ! Maintained by: Vahan Yerkanian<br /> ! </p> ! ! ! <p> ! <a href="http://www21.us.proftpd.org">http://www21.us.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.sourwood.net/">http://proftpd.sourwood.net/</a> ! <br /> ! Location: (United States) (USA (Danvers, MA)) ! <br /> ! Maintained by: Matt Mozur<br /> ! </p> ! ! ! <p> ! <a href="http://www1.li.proftpd.org">http://www1.li.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.lie-comtel.li/">http://proftpd.lie-comtel.li/</a> ! <br /> ! Location: (Liechtenstein) (Vaduz, Liechtenstein) ! <br /> ! Maintained by: Roland Guthauser<br /> ! </p> ! ! ! <p> ! <a href="http://www27.us.proftpd.org">http://www27.us.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.mirror.wrpn.net/">http://proftpd.mirror.wrpn.net/</a> ! <br /> ! Location: (United States) (Columbus, Ohio) ! <br /> ! Maintained by: Wesley Haines<br /> ! </p> ! ! ! <p> ! <a href="http://www4.it.proftpd.org">http://www4.it.proftpd.org/</a> ! <br /> ! <a href="http://www.proftpd.topnet.it/">http://www.proftpd.topnet.it/</a> ! <br /> ! Location: (Italy) (Rome) ! <br /> ! Maintained by: Antonio Prado<br /> ! </p> ! ! ! <p> ! <a href="http://www2.cz.proftpd.org">http://www2.cz.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.kn.vutbr.cz/">http://proftpd.kn.vutbr.cz/</a> ! <br /> ! Location: (Czech republic) (http://proftpd.kn.vutbr.cz) ! <br /> ! Maintained by: Zdenek Bill<br /> ! </p> ! ! ! <p> ! <a href="http://www3.bg.proftpd.org">http://www3.bg.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.cbox.biz/">http://proftpd.cbox.biz/</a> ! <br /> ! Location: (Bulgaria) (Bulgaria) ! <br /> ! Maintained by: Alexander Dulgerov<br /> ! </p> ! ! ! <p> ! <a href="http://www3.ar.proftpd.org">http://www3.ar.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.bairesweb.com/">http://proftpd.bairesweb.com/</a> ! <br /> ! Location: (Argentina) (Buenos Aires, Argentina) ! <br /> ! Maintained by: Pablo Arturi<br /> ! </p> ! ! ! <p> ! <a href="http://www3.lv.proftpd.org">http://www3.lv.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.linux.edu.lv/">http://proftpd.linux.edu.lv/</a> ! <br /> ! Location: (Latvia) (Riga, Latvia) ! <br /> ! Maintained by: Leo Truksans<br /> ! </p> ! ! ! <p> ! <a href="http://www1.se.proftpd.org">http://www1.se.proftpd.org/</a> ! <br /> ! <a href="http://www.proftpd.mirror2.dataphone.se">http://www.proftpd.mirror2.dataphone.se</a> ! <br /> ! Location: (Sweden) (Sweden) ! <br /> ! Maintained by: Mirror Staff<br /> ! </p> ! ! ! <p> ! <a href="http://www1.rs.proftpd.org">http://www1.rs.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.burina.net">http://proftpd.burina.net</a> ! <br /> ! Location: (Serbia) (Serbia) ! <br /> ! Maintained by: Sinisa Burina<br /> ! </p> ! ! ! <p> ! <a href="http://www1.pl.proftpd.org">http://www1.pl.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.piotrkosoft.net/">http://proftpd.piotrkosoft.net/</a> ! <br /> ! Location: (Poland) (Poland) ! <br /> ! Maintained by: Piotr Maluty<br /> ! </p> ! ! ! <p> ! <a href="http://www2.il.proftpd.org">http://www2.il.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.interhost.co.il">http://proftpd.interhost.co.il</a> ! <br /> ! Location: (Israel) (ISRAEL) ! <br /> ! Maintained by: Dmitry Sherman<br /> ! </p> ! ! ! <p> ! <a href="http://www1.tw.proftpd.org">http://www1.tw.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.cs.pu.edu.tw">http://proftpd.cs.pu.edu.tw</a> ! <br /> ! Location: (Taiwan) (Providence University) ! <br /> ! Maintained by: Hsun-Chang Chang<br /> ! </p> ! ! ! <p> ! <a href="http://www1.kr.proftpd.org">http://www1.kr.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.mirror.cdnetworks.com/">http://proftpd.mirror.cdnetworks.com/</a> ! <br /> ! Location: (Korea) (Korea) ! <br /> ! Maintained by: Sukbum Hong<br /> ! </p> ! ! ! <p> ! <a href="http://www1.uk.proftpd.org">http://www1.uk.proftpd.org/</a> ! <br /> ! <a href="http://proftpd.maytech.net/">http://proftpd.maytech.net/</a> ! <br /> ! Location: (United Kingdom) (London) ! <br /> ! Maintained by: Mike Futerko<br /> ! </p> ! ! ! <p> ! <a href="http://www2.uk.proftpd.org">http://www2.uk.proftpd.org/</a> ! <br /> ! <a href="ftp://ftp.proftpd.co.uk/">ftp://ftp.proftpd.co.uk/</a> ! <br /> ! Location: (United Kingdom) (Bolton, United Kingdom) ! <br /> ! Maintained by: Daniel Austin<br /> ! </p> ! ! #include "footer.epl" |
|
From: TJ S. <cas...@us...> - 2010-12-18 01:06:30
|
Update of /cvsroot/pdd/www.proftpd.org/docs In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv24155/docs Added Files: NEWS-1.3.3d NEWS-1.3.4rc1 RELEASE_NOTES-1.3.3d RELEASE_NOTES-1.3.4rc1 Log Message: Updating website for release of 1.3.3d, 1.3.4rc1. --- NEW FILE --- $Id: NEWS-1.3.3d,v 1.1 2010/12/18 01:06:20 castaglia Exp $ ----------------------------------------------------------------------------- More details on the bugs listed below can be found by using the bug number indicated in the following URL: http://bugs.proftpd.org/show_bug.cgi?id=N where `N' is the bug number. ----------------------------------------------------------------------------- 1.3.3d - Released 17-Dec-2010 -------------------------------- - Bug 3522 - Error when handling SSH DISCONNECT messages with no language tag. - Bug 3525 - Default syslog logging causes logging to the wrong syslog facilities. - Bug 3528 - ExtendedLog %s variable not expanded properly for successful PASS commands. - Bug 3529 - "LIST /*" now lists more than the expected directory. [...2322 lines suppressed...] - sendfile() deprecates politely on Linux 2.0.x. - AuthPAMAuthoritative now defaults to False. This should clear up any confusion on using PAM with AuthUserFile and friends. - Removed Bandwidth from the documentation. - Fixed a rare segfault in mod_auth. - Logging has changed slightly to be more informative and more consistent. All messages that get logged are now preceded with <virtualhost> (remote host[remote ip]). - mod_ldap for authentication against LDAP directories is now in place. - ftpwho/ftpcount -- a grammatical error corrected, and they now build as seperate binaries. - Fixed the 'no names, just UIDs' bug. - Added genuser.pl to facilitate AuthUserFile entry creation. - Umask now takes an optional second argument, specifying a directory umask. - Work around FreeBSD's broken setpassent(), and a new option to override this in fixed versions of FreeBSD's libc (--enable-force-setpassent). - Generate RPMs for both inetd and standalone versions of ProFTPD. - Added AuthUsingAlias to allow for more fine-grain control of anonymous logins. - Added support for 'TYPE L 8' and 'TYPE L 7' per RFC 959. --- NEW FILE --- $Id: NEWS-1.3.4rc1,v 1.1 2010/12/18 01:06:20 castaglia Exp $ ----------------------------------------------------------------------------- More details on the bugs listed below can be found by using the bug number indicated in the following URL: http://bugs.proftpd.org/show_bug.cgi?id=N where `N' is the bug number. ----------------------------------------------------------------------------- 1.3.4rc1 - Released 17-Dec-2010 -------------------------------- - Bug 3399 - <Limit> statement does not restore access to MFMT commands. - Bug 3365 - First certificate in TLSCertificateChainFile is skipped. - Bug 3302 - MLST response should include full path name. - Bug 3400 - Add Japanese translation. - Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL. - Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349. [...2395 lines suppressed...] - sendfile() deprecates politely on Linux 2.0.x. - AuthPAMAuthoritative now defaults to False. This should clear up any confusion on using PAM with AuthUserFile and friends. - Removed Bandwidth from the documentation. - Fixed a rare segfault in mod_auth. - Logging has changed slightly to be more informative and more consistent. All messages that get logged are now preceded with <virtualhost> (remote host[remote ip]). - mod_ldap for authentication against LDAP directories is now in place. - ftpwho/ftpcount -- a grammatical error corrected, and they now build as seperate binaries. - Fixed the 'no names, just UIDs' bug. - Added genuser.pl to facilitate AuthUserFile entry creation. - Umask now takes an optional second argument, specifying a directory umask. - Work around FreeBSD's broken setpassent(), and a new option to override this in fixed versions of FreeBSD's libc (--enable-force-setpassent). - Generate RPMs for both inetd and standalone versions of ProFTPD. - Added AuthUsingAlias to allow for more fine-grain control of anonymous logins. - Added support for 'TYPE L 8' and 'TYPE L 7' per RFC 959. --- NEW FILE --- 1.3.3 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.3 release cycle, from the 1.3.3rc1 release to the 1.3.3 maintenance releases. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.3d --------- + Fixed sql_prepare_where() buffer overflow (Bug#3536) + Fixed CPU spike when handling .ftpaccess files. + Fixed handling of SFTP uploads when compression is used. 1.3.3c --------- + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925) + Fixed directory traversal bug in mod_site_misc + Fixed SQLite authentications using "SQLAuthType Backend" 1.3.3b --------- + Fixed SFTP directory listing bug + Avoid corrupting utmpx databases on FreeBSD + Avoid null pointer dereferences during data transfers + Fixed "AuthAliasOnly on" anonymous logins 1.3.3a --------- + Added Japanese translation + Many mod_sftp bugfixes + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later + Fixed handling of utmp/utmpx format changes on FreeBSD 1.3.3 --------- + Fixed mod_ban whitelisting using mod_ifsession. + Fixed per-user/group/class "HideFiles none" configurations. 1.3.3rc4 --------- + Fixed mod_tls compilation using OpenSSL installations older than 0.9.7. + Fixed mod_sftp compilation on AIX. + Fixed RADIUS authentication on 64-bit platforms + Fixed memory leak in SCP downloads. + New configuration directives SQLPasswordUserSalt The SQLPasswordUserSalt directive can be used to configure per-user salt data to be added to the encrypted password for a user. The salt can be the user name, or it can be the result of a SQL query. More information can be found in doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt. 1.3.3rc3 --------- + Added Taiwan translation. + Added support in mod_sftp for the following SFTP extensions: check-file copy-file vendor-id version-select pos...@op... fst...@op... st...@op... + Added a workaround in mod_tls to deal with the vulnerability found in SSL/TLS protocol during renegotiation (CVE-2009-3555). Good descriptions of this vulnerability can be found here: http://extendedsubset.com/?p=8 http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html The workaround implemented in mod_tls (Bug#3324) is one of the suggested mitigation approaches: the server now refuses all client-initiated SSL/TLS session renegotiations. + Updated to the bundled libtool to 2.2.4 (plus patch) to deal with a libtool vulnerability (CVE-2009-3736). + Added support for SHA256 and SHA512 passwords to the mod_sql_passwd module. + New configuration directives SFTPExtensions The SFTPExtensions directive can be used to selectively enable/disable mod_sftp's support for specific SFTP extensions. See doc/contrib/mod_sftp.html#SFTPExtensions for more details. + Changed configuration directives CapabilitiesSet The CAP_FOWNER capability can now be explicitly requested when using the mod_cap module: <IfModule mod_cap.c> CapabilitiesSet +CAP_FOWNER </IfModule> For operations allowed on files, this capability overrides the restriction that the file owner ID must match the process user ID. 1.3.3rc2 --------- + When handling .ftpaccess files, proftpd was merging them into the main configuration such that the .ftpaccess files configurations would override the main configuration. This was never the intended behavior, and has been fixed (Bug#3279). However, this does mean that sites which use .ftpaccess files may see a change in the behavior of their proftpd. + Changed scoreboard format (Bug#3286), need for "ServerType inetd" server to manually delete their old ScoreboardFiles. Otherwise they will see "error opening scoreboard: bad version (too old)" errors. + Changed SQL connection policy (Bug#3290). Important for clients which connect but don't authenticate (e.g. mod_ban, mod_dnsbl, mod_wrap2_sql, etc which will reject connected clients prior to authentication); saves on unnecessary database connections in such cases. For sites which require the old behavior, there is a new "PERCONNECTION" connection policy. NOTE: If you are using mod_sql for logging purposes only, e.g. you have the following in your mod_sql config: SQLEngine log then this connection policy change may affect you. If the database connection is opened after a chroot has occurred (via DefaultRoot or <Anonymous> login), the database connection may fail. And since now the connection is delayed until first use, and the first use for logging may occur after the chroot, the logging may fail. For such sites, then, you will need to use the "PERCONNECTION" connection policy explicitly. + Support for "implicit" FTPS. To enable this, use: TLSOptions UseImplicitSSL WARNING: Using this setting will cause mod_tls to handle ALL connections to the vhost as implicit FTPS connections. It is NOT possible to support both plain FTP (or explicit FTPS) clients AND implicit FTPS clients on the same address/port. Therefore this setting should ONLY ever be used in order to support braindead/broken FTPS clients, and then only for as long as it takes to fix/replace those broken clients. Note that "implicit" FTPS was explicitly DROPPED from the RFC which defines FTP over SSL/TLS; the only clients which use this feature are outdated clients based on older, now-invalidated versions of the specification. Please update your FTPS clients to one which uses explicit FTPS as soon as possible. + Re-enable turning off the Nagle algorithm; this drastically helps speed up transfers of multiple small files. + New modules mod_sql_passwd This module supports MD5 and SHA1 passwords, encoding using base64 or hex, from SQL tables. See doc/contrib/mod_sql_passwd.html for details. + New configuration directives AuthUnixOptions In Bug#1896, support for checking some AIX-specific functions for whether a login should be accepted was added; this happens only on AIX server, of course. However, some AIX admins like to configure "rlogin=false", yet still want to allow FTP logins. To enable this specific behavior, a new AuthUnixOptions directive was added, with a setting which is only honored on AIX: AuthUnixOptions aixNoRLogin If this setting is used on any other server, it is silently ignored. Bug#3300 has the full details. + Changed configuration directives ExtendedLog You can now disable logging in an <Anonymous> section to an ExtendedLog which was opened outside of the <Anonymous> section, i.e.: ExtendedLog /path/to/ext.log ALL <Anonymous /path/to/anon> ... ExtendedLog /path/to/anon-ext.log ALL # Disable the logging to the higher-level ExtendedLog by # configuring again here, but changing the command class to 'NONE' ExtendedLog /path/to/ext.log NONE ... </Anonymous> HiddenStores The HiddenStores directive can now be used to customize and change the prefix which is prepended to the HiddenStore files. The default prefix is ".in.", but if you wish to use a different prefix for any reason, you can use something like: HiddenStores foo This will cause the prefix to be ".foo.". SQLOptions When the connection to the database is lost, mod_sql now will try only once to automatically reconnect (if such reconnect functionality is supported by the database, e.g. MySQL or Postgres). To disable this reconnect behavior, there is a new "noReconnect" SQLOptions setting: SQLOptions noReconnect See Bug#3270 for the full details of this behavior change. It should be transparent for most sites. 1.3.3rc1 --------- + Added French, Bulgarian, Korean translations. + RPM 4.2 or later is required by the proftpd.spec file provided in the distribution. + If the --localstatedir configure option is used, proftpd's build system used to automatically append "/proftpd" to the configured path. This behavior has been fixed; proftpd's build system will now use the configured --localstatedir path as is. Note that this may cause issues if you have an existing build script for compling proftpd; the expected locations of files under the --localstatedir path will change. + New command-line options: The -S, --serveraddr command-line option has been added. This option can be used to specify the IP address of the host machine. By default, proftpd attempts to resolve the host IP address by using DNS resolution of the hostname. However, in cases where DNS is not configured for the host machine, this approach does not work. To specify the desired IP address, use -S when starting proftpd, e.g.: /usr/local/sbin/proftpd -S 1.2.3.4 ... And if you want proftpd to listen on all interfaces, you can specify a wildcard socket using an IP address of 0.0.0.0: /usr/local/sbin/proftpd -S 0.0.0.0 ... + New modules: mod_exec This module enables execution of external scripts based on actions/events during a session. See doc/contrib/mod_exec.html for details. mod_sftp This module implements the SSH2, SFTP, and SCP protocols. See doc/contrib/mod_sftp.html for more information. mod_sftp_pam This module uses PAM to provide a 'keyboard-interactive' SSH2 authentication method for mod_sftp. More information can be found in the documentation for mod_sftp_pam, in doc/contrib/mod_sftp_pam.html. mod_sftp_sql This module uses SQL (via mod_sql) for looking up authorized SSH2 public keys for user and hostbased authentication. More information is available in doc/contrib/mod_sftp_sql.html. mod_shaper This module can be used to provide data transfer rate "shaping" across the entire server. See the documentation at doc/contrib/mod_shaper.html. mod_tls_shmcache This module provides an external SSL session cache using shared memory; see the TLSSessionCache configuration directive. More information on this module can be found in doc/contrib/mod_tls_shmcache.html. + New configuration directives: RewriteHome The RewriteHome directive can be used to support rewriting the home directory for a user, based on regular expression rules. One such use case is where some portion of the home directory is retrieved e.g. from an LDAP directory, but you need to apply some custom prefix to the LDAP attribute. To enable this feature, first you need to add the following to your proftpd.conf: RewriteHome on Next, you need to configure the mod_rewrite rules for rewriting your home directory; this feature depends on mod_rewrite for the rewriting. The pseudo-command used by mod_rewrite for rewriting home directories is "REWRITE_HOME". Thus would you use: <IfModule mod_rewrite.c> RewriteEngine on RewrlteLog /path/to/rewrite.log RewriteCondition %m REWRITE_HOME RewriteRule (.*) /my/new/prefix$1 </IfModule> ScoreboardScrub The ScoreboardScrub directive can be used to turn on/off proftpd's periodic "scrubbing" of its ScoreboardFile, where the ScoreboardFile is scanned for entries of dead sessions: ScoreboardScrub on|off|secs Note that if scoreboard scrubbing is turned off, the ScoreboardFile can still be scrubbed on demand, either by using mod_ctrls_admin's "ftpdctl scoreboard scrub" action, or by using the new ftpscrub command-line utility. TLSControlsACLs With the addition of support for external session caches, the mod_tls module now supports some ftpdctl actions for interacting with those session caches. The TLSControlsACLs directive can be used to configure ACLs for the ftpdctl actions supported by mod_tls, and is analogous to other ACLs directives for other modules which support ftpdctl actions. TLSPKCS12File The TLSPKCS12File directive of the mod_tls module is used to configure mod_tls to use the certificate and private key contained in the indicated PKCS#12 file. Some sites already use PKCS#12 files for containing their other certificates, and thus find it useful to have PKCS#12 support in mod_tls. TLSSessionCache The TLSSessionCache directive configures an external SSL session cache, which can be used for storing and shared SSL sessions across multiple processes. An external SSL session cache is an optional facility which speeds up parallel FTPS session connections. See doc/contrib/mod_tls.html#TLSSessionCache for more information. + Changed configuration directives: AllowOverride This directive no longer supports the optional user/group/class parameters. If you wish to have per-user/group/class conditional use of the AllowOverride directive, you will need to use the mod_ifsession module. For example, instead of: AllowOverride off user !admin you will need to use: <IfUser admin> AllowOverride on </IfUser> <IfUser !admin> AllowOverride off </IfUser> Note that the "!admin" section is necessary. If you set "AllowOverride off" unconditionally, then use a mod_ifsession context, you would end up with two AllowOverride settings, and the code might not be able to distinguish properly which setting to use. Thus you need to make both the "on" and "off" cases conditional, and mutually exclusive. Configurations which use the user/group/class conditional parameters to AllowOverride will now generate configuration errors. BanOnEvent The BanOnEvent directive of the mod_ban module now supports TimeoutLogin events. <VirtualHost> You can now specify an IP address of "0.0.0.0" in a <VirtualHost> definition. IdentLookups The default IdentLookups value is now 'off'. The RFC1413 IDENT lookup adds latency to the login process, so much so that it is a FAQ to configure "IdentLookups off". In addition, the IDENT protocol is not secure; it can easily be spoofed using man-in-the-middle attacks. Sites that require IDENT lookups must now explicitly configure "IdentLookups on". Note that in order to use IdentLookups, you must compile proftpd with the mod_ident module. If you use the --disable-ident configure option, then proftpd will not recognize the IdentLookups directive. Thus in your proftpd.conf, you should use something like: <IfModule mod_ident.c> IdentLookups on </IfModule> if you want to use RFC1413 lookups. LogFormat, SQLNamedQuery There is a new variable, %{protocol}, which describes the protocol that the client is using. This variable can have values of "ftp", "ftps", "ssh2", "sftp", and "scp". Note that for SSH2 connections, the value will be "ssh2" until SFTP or SCP channels are opened; this means that during login, the %{protocol} value will be "ssh2". There is also a new %w variable which is only valid for RNTO commands. The %w value will be the original name of the file being renamed (mnemonic: "whence" a renamed file comes). RewriteCondition, RewriteRule Use of environment variables in mod_rewrite rules is now supported via the "%{ENV:var}" syntax. SQLGroupInfo The SQLGroupInfo now supports custom queries for retrieve group information. Note that instead of a single custom query, several different queries are needed; different lookups are called for depending on the situation and configuration of mod_sql (e.g. using the 'groupset' or 'groupsetfast' SQLAuthenticate parameters). See doc/contrib/mod_sql.html#SQLGroupInfo and doc/howto/SQL.html#SQLUsersetfast for more details. SQLUserInfo The support for custom SQLUserInfo queries has been extended to support custom queries to be used when the 'userset' or 'usersetfast' SQLAuthenticate parameters are used. For more information, see doc/contrib/mod_sql.html#SQLUserInfo and doc/howto/SQL.html#SQLUsersetfast. TLSOptions The NoSessionReuseRequired option has been added. As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse the SSL session of the control connection, as a security measure. Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions. To relax the requirement that the SSL session from the control connection be reused for data connections, use the following in the proftpd.conf: <IfModule mod_tls.c> ... TLSOptions NoSessionReuseRequired ... </IfModule> TLSRequired The TLSRequired directive can now be used in <Directory> sections and in .ftpaccess files. When used in these configuration contexts, only the TLSRequired values that require SSL/TLS protection on data transfers are honored. With this, it is now possible to mark specific files or directories as requiring SSL/TLS protection to be accessed via data transfer. TransferLog The "service-name" field of the TransferLog usually contains just "ftp". In order to support TransferLogs for SFTP and SCP transfers, the service-name field of the TransferLog format may now show "sftp" or "scp". It may also show "ftps" instead of "ftp", if the data transfer occurred while the client is using FTP over SSL/TLS. NOTE: This change, while correct, may cause issues for log parsers. + Deprecated configuration directives: AnonymousGroup Support for this directive has been removed. + Developer Notes If you are a module developer, then you will want to know of the following API/internals changes: * The original USER value sent by the client is no longer stored in the config tree. That is, the following no longer works: user = get_param_ptr(main_server->conf, C_USER, FALSE); Instead, the original USER value is stashes in the session.notes table. Thus the above line of code can be replaced with: user = pr_table_get(session.notes, "mod_auth.orig-user", NULL); A similar change occurred for the anonymous "password" sent, but this will probably not apply to most modules. Last Updated: $Date: 2010/12/18 01:06:20 $ --- NEW FILE --- 1.3.4 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.4 release cycle, from the 1.3.4rc1 release to the 1.3.4 maintenance releases. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.4rc1 --------- + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925) + Fixed directory traversal bug in mod_site_misc (CVE-2010-3867) + Fixed sql_prepare_where() buffer overflow (Bug#3536) + Added Japanese translation + Many mod_sftp bugfixes + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later + Fixed handling of utmp/utmpx format changes on FreeBSD + Automatic detection of MySQL, Postgres library and header file locations + Added support for SMTP authentication in ftpmail script + Updated fnmatch implementation, using glibc-2.9 version. + New modules: mod_copy This module provides the SITE CPFR and SITE CPTO commands, for allowing a client to copy files from one location to another on the server, without requiring downloads/uploads. See doc/contrib/mod_copy.html for details. mod_deflate This module provides support for MODE Z, which uses compression to reduce the number of bytes required for data transfers and directory lists. See doc/contrib/mod_deflate.html for more information. Depending on the data being transferred, clients can see quite a difference in the speed; see: http://www.smartftp.com/support/kb/file.php?f=192 for some performance numbers. mod_ifversion This module allows for version-specific configuration sections of the proftpd config file. It is useful for using the same proftpd config across multiple servers where different proftpd versions may be in use. See doc/contrib/mod_ifversion.html for examples. mod_qos This module allows administrators to set networking-specific "Quality of Service" (QoS) bits on the packets used by the server. More information can be found in doc/contrib/mod_qos.html + New configuration directives: Protocols This directive can be used to specify which protocols can be used by a connecting client. It is designed to work with mod_ifsession, so that it can be set on a per-user/group/class basis. See doc/modules/mod_core.html#Protocols for details. ScoreboardMutex This directive is used to explicitly configure the patch to a "mutex" file used for scoreboard locking; this file is used to increase proftpd's performance under load. See: http://bugs.proftpd.org/show_bug.cgi?id=3208 for more information. SFTPClientAlive This directive is used to enable a protocol-level "keep alive" check for mod_sftp SSH connections. More details can be found in doc/contrib/mod_sftp.html#SFTPClientAlive. WrapOptions The mod_wrap2 module has additional behaviors such as checking the allow/deny rules at client connect time (versus after login), and checking the allow/deny rules using all of a client's DNS names. The WrapOptions directive is used to configure these behaviors; see doc/contrib/mod_wrap2.html#WrapOptions for more information. + Changed configuration directives: BanOnEvent The BanOnEvent directive of the mod_ban module now supports LoginRate events; see doc/contrib/mod_ban.html#BanOnEvent. This lets mod_ban reject clients which are logging in too quickly. ListOptions The mod_ls module now supports the -c and -u options for the LIST command. The ListOptions directive handles these options as well. See the ls(1) man page for more details on these options. In addition, the NoErrorIfAbsent ListOption can be used to configure whether mod_ls returns a 226 response code, rather than the default 450 response code, for a LIST/NLST command for a path which does not exist. Some clients are sensitive to this use case. LogFormat The LogFormat directive now supports two additional variables: %I for logging the total number of bytes read from the network, and %O for logging the total number of bytes written to the network. Note that these values do NOT include any bytes for the TCP packet overhead. The mod_sql module's SQLLog directive also supports these variables. These variables can be used to get a better idea of network traffic per session/client, as well as for comparing the relative network traffic of e.g. FTPS versus SFTP. SFTPOptions The mod_sftp module did not interoperate well with old ssh.com or with Tectia SSH clients. Support for these clients was added to mod_sftp via the OldProtocolCompat SFTPOption (Bug#3480). See doc/contrib/mod_sftp.html#SFTPOptions for more information. TLSOptions When verifying a client's certificate, the mod_tls module could be configured to check the iPAddress and/or dNSName portions of the SubjectAltName section of the client certificate, via the TLSOptions directive. A new CommonNamedRequired TLSOptions is now supported, which tells mod_tls to check the CommonName (CN) section of the client certificate. See doc/contrib/mod_tls.html#TLSOptions for details. UseSendfile The UseSendfile directive can now be used in <Directory> sections and .ftpaccess files. This means that sendfile(2) support can be disabled on filesystems which do not support it, while still be used on other parts of the filesystem which can support it. The UseSendfile directive can now also configure how many bytes of a file to send via sendfile(2) at a time; this can be either in number of bytes, or in percentage of the file size. The advantage of this is that now the ScoreboardFile (and ftptop/ftpwho) can show download progress rates when UseSendfile is enabled. See doc/howto/Sendfile.html for the full details. + Deprecated configuration directives: DisplayGoAway Support for this directive has been removed. Last Updated: $Date: 2010/12/18 01:06:20 $ |
|
From: TJ S. <cas...@us...> - 2010-12-18 01:06:29
|
Update of /cvsroot/pdd/www.proftpd.org/include In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv24155/include Modified Files: header.epl Log Message: Updating website for release of 1.3.3d, 1.3.4rc1. Index: header.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/include/header.epl,v retrieving revision 1.44 retrieving revision 1.45 diff -C2 -r1.44 -r1.45 *** header.epl 29 Oct 2010 17:29:34 -0000 1.44 --- header.epl 18 Dec 2010 01:06:20 -0000 1.45 *************** *** 18,32 **** <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3c</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3c">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3c">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.bz2">bz2</a> ]</span> </div> ! Release Candidate: <strong>None</strong> <div class="indent"> </div> --- 18,38 ---- <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3d</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3d">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3d">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3d.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3d.tar.bz2">bz2</a> ]</span> </div> ! Release Candidate: <strong>1.3.4rc1</strong> <div class="indent"> + <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.4rc1">RELEASE_NOTES</a> ]</span> + </div> + <div class="indent"> + <span class="nowrap">[ <a href="/docs/NEWS-1.3.4rc1">NEWS</a> ]</span> + <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4rc1.tar.gz">gz</a> ]</span> + <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4rc1.tar.bz2">bz2</a> ]</span> </div> |
|
From: TJ S. <cas...@us...> - 2010-12-18 01:06:29
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv24155 Modified Files: index.epl md5_pgp.epl Log Message: Updating website for release of 1.3.3d, 1.3.4rc1. Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.113 retrieving revision 1.114 diff -C2 -r1.113 -r1.114 *** index.epl 2 Dec 2010 18:43:54 -0000 1.113 --- index.epl 18 Dec 2010 01:06:20 -0000 1.114 *************** *** 4,7 **** --- 4,22 ---- #include "header.epl" + <h1>1.3.3d, 1.3.4rc1 released</h1> + [<i>17/Dec/2010</i>] + <p>The ProFTPD Project team is happy to release 1.3.3d to the community. + This is a maintenance release, containing backported fixes for bugs found + in the 1.3.3 release. The <a href="docs/RELEASE_NOTES-1.3.3d">RELEASE_NOTES</a> + and <a href="docs/NEWS-1.3.3d">NEWS</a> files contain the full details.</p> + + <p>We are also pleased to release 1.3.4rc1 to the community. This is the + first release candidate of the 1.3.4 development cycle, and contains + numerous new features, including the <code>mod_deflate</code>, + <code>mod_qos</code>, and <code>mod_ifversion</code> modules and + many <code>mod_sftp</code> bugfixes. The + <a href="docs/RELEASE_NOTES-1.3.4rc1">RELEASE_NOTES</a> + and <a href="docs/NEWS-1.3.4rc1">NEWS</a> files contain the full details.</p> + <h1>ftp.proftpd.org compromised</h1> [<i>01/Dec/2010</i>] Index: md5_pgp.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/md5_pgp.epl,v retrieving revision 1.56 retrieving revision 1.57 diff -C2 -r1.56 -r1.57 *** md5_pgp.epl 2 Dec 2010 19:03:47 -0000 1.56 --- md5_pgp.epl 18 Dec 2010 01:06:20 -0000 1.57 *************** *** 9,16 **** <pre> ! 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> ! 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 8571bd78874b557e98480ed48e2df1d2 <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.bz2">proftpd-1.3.3c.tar.bz2</a> ! 4f2c554d6273b8145095837913ba9e5d <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.gz">proftpd-1.3.3c.tar.gz</a> </pre> --- 9,16 ---- <pre> ! 69650e91e05b3a10fa3ac54ee261679b <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3d.tar.bz2">proftpd-1.3.3d.tar.bz2</a> ! 72c8368b947500995c3e5fc098d0241d <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3d.tar.gz">proftpd-1.3.3d.tar.gz</a> ! 3472f7a8fb760f549daf485642277024 <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4rc1.tar.bz2">proftpd-1.3.4rc1.tar.bz2</a> ! a60891f0700f617c1e5d7317bd3396dc <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4rc1.tar.gz">proftpd-1.3.4rc1.tar.gz</a> </pre> *************** *** 18,61 **** <pre> ! <strong>proftpd-1.3.2e.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkuFYtsACgkQt46JP6URl2rqVACgzefr58XHVoh2ARERbkW5qPzb ! Qj4AoOwwH55FlS7OM8sBjELT0OhrN0jQ ! =E6hR -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.2e.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkuFYuAACgkQt46JP6URl2pTVQCeJ7HM7ltLwJwb4TQ3AwT9j36n ! /ywAn3rB6HRVDGTF2WuOJgn/dss7VWeV ! =G553 -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3c.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkzLAWYACgkQt46JP6URl2qu3QCcDGXD+fRPOdKMp8fHyHI5d12E ! 83gAoPHBrjTFCz4MKYLhH8qqxmGslR2k ! =aLli -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3c.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkzLAW0ACgkQt46JP6URl2ojfQCfXy/hWE8G5mhdhdLpaPUZsofK ! pO8Anj+uP0hQcn1E/CEUddI0mezlSCmg ! =e8el -----END PGP SIGNATURE----- </pre> --- 18,61 ---- <pre> ! <strong>proftpd-1.3.3d.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAk0MBwIACgkQt46JP6URl2q5WgCfYrhQrxRvvCLOx+IuYjA0YdNW ! vXYAoJEGHdRl8BPDqAUahZGcSx3Znpru ! =Wy/N -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3d.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAk0MBwcACgkQt46JP6URl2rdkgCgu88S30olDrmuYgfDiQdvOthh ! VJYAoN436UroBHYRYyMtbB9KOpg/NtGK ! =Fc2V -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.4rc1.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAk0MAe0ACgkQt46JP6URl2pbsgCg1686DNlQ2m2eMnZmnnTEZTiJ ! U7cAoNFCfDtM7ic1SEXfusSsOupf3EuX ! =c6tJ -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.4rc1.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAk0MAfMACgkQt46JP6URl2qwuQCg6mr1KfkypmMYZ7LiAWdO46u2 ! C3oAoLFH+5fV4NuqabDcvGJLiHl1Xyv4 ! =wj2N -----END PGP SIGNATURE----- </pre> |
|
From: TJ S. <cas...@us...> - 2010-12-10 02:04:29
|
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv11748 Modified Files: TimeoutStalled Log Message: Thankfully TimeoutStalled applies to all data transfers (but not directory listings), not just uploads. Index: TimeoutStalled =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/TimeoutStalled,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -r1.10 -r1.11 *** TimeoutStalled 10 Dec 2010 00:49:55 -0000 1.10 --- TimeoutStalled 10 Dec 2010 02:04:20 -0000 1.11 *************** *** 16,20 **** <refnamediv> <refname>TimeoutStalled</refname> ! <refpurpose>Sets the timeout on stalled uploads</refpurpose> </refnamediv> --- 16,20 ---- <refnamediv> <refname>TimeoutStalled</refname> ! <refpurpose>Sets the timeout on stalled data transfers</refpurpose> </refnamediv> |
|
From: TJ S. <cas...@us...> - 2010-12-10 00:50:05
|
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv25170 Modified Files: TimeoutStalled Log Message: The TimeoutStalled directive is more stalled uploads than for stalled downloads. Index: TimeoutStalled =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/TimeoutStalled,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -r1.9 -r1.10 *** TimeoutStalled 31 Dec 2007 22:39:44 -0000 1.9 --- TimeoutStalled 10 Dec 2010 00:49:55 -0000 1.10 *************** *** 16,20 **** <refnamediv> <refname>TimeoutStalled</refname> ! <refpurpose>Sets the timeout on stalled downloads</refpurpose> </refnamediv> --- 16,20 ---- <refnamediv> <refname>TimeoutStalled</refname> ! <refpurpose>Sets the timeout on stalled uploads</refpurpose> </refnamediv> *************** *** 59,67 **** <title>Description</title> <para> ! The TimeoutStalled directive sets the maximum number of seconds a data connection ! between the proftpd server and an FTP client can exist but have no actual ! data transferred (i.e. "stalled"). If the seconds ! argument is set to 0, data transfers are allowed to stall ! indefinitely.</para> </refsect1> --- 59,66 ---- <title>Description</title> <para> ! The TimeoutStalled directive sets the maximum number of seconds a data ! connection between the proftpd server and an FTP client can exist but have no ! actual data transferred (i.e. "stalled"). If the seconds argument is ! set to 0, data transfers are allowed to stall indefinitely.</para> </refsect1> |
|
From: TJ S. <cas...@us...> - 2010-12-02 19:03:57
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv7965 Modified Files: md5_pgp.epl Log Message: Change "sources" to "source"; apparently no one really noticed this discrepancy before now. Index: md5_pgp.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/md5_pgp.epl,v retrieving revision 1.55 retrieving revision 1.56 diff -C2 -r1.55 -r1.56 *** md5_pgp.epl 29 Oct 2010 17:29:34 -0000 1.55 --- md5_pgp.epl 2 Dec 2010 19:03:47 -0000 1.56 *************** *** 9,16 **** <pre> ! 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> ! 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 8571bd78874b557e98480ed48e2df1d2 <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3c.tar.bz2">proftpd-1.3.3c.tar.bz2</a> ! 4f2c554d6273b8145095837913ba9e5d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3c.tar.gz">proftpd-1.3.3c.tar.gz</a> </pre> --- 9,16 ---- <pre> ! 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> ! 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 8571bd78874b557e98480ed48e2df1d2 <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.bz2">proftpd-1.3.3c.tar.bz2</a> ! 4f2c554d6273b8145095837913ba9e5d <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.gz">proftpd-1.3.3c.tar.gz</a> </pre> |
|
From: TJ S. <cas...@us...> - 2010-12-02 18:44:03
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv1859 Modified Files: index.epl Log Message: Mention that the source code in CVS was not affected. Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.112 retrieving revision 1.113 diff -C2 -r1.112 -r1.113 *** index.epl 2 Dec 2010 00:47:51 -0000 1.112 --- index.epl 2 Dec 2010 18:43:54 -0000 1.113 *************** *** 16,19 **** --- 16,21 ---- can be found <a href="md5_pgp.html">here</a> as well as on the FTP servers. + <p>The source code in <a href="cvs.html">CVS</a> was <b>not</b> affected. + <h1>1.3.3c released</h1> [<i>29/Oct/2010</i>] |
|
From: TJ S. <cas...@us...> - 2010-12-02 00:48:00
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv9315 Modified Files: index.epl Log Message: Fix formatting. Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.111 retrieving revision 1.112 diff -C2 -r1.111 -r1.112 *** index.epl 1 Dec 2010 23:48:40 -0000 1.111 --- index.epl 2 Dec 2010 00:47:51 -0000 1.112 *************** *** 6,10 **** <h1>ftp.proftpd.org compromised</h1> [<i>01/Dec/2010</i>] ! The ProFTPD Project team is sorry to announce that the Project's main FTP server, as well as all of the mirror servers, have carried compromised versions of the ProFTPD 1.3.3c source code, from the November 28 2010 to --- 6,10 ---- <h1>ftp.proftpd.org compromised</h1> [<i>01/Dec/2010</i>] ! <p>The ProFTPD Project team is sorry to announce that the Project's main FTP server, as well as all of the mirror servers, have carried compromised versions of the ProFTPD 1.3.3c source code, from the November 28 2010 to *************** *** 13,18 **** systems for security compromises and install unmodified versions of ProFTPD. ! To verify the integrity of your source files, use the PGP signatures which can ! be found <a href="md5_pgp.html">here</a> as well as on the FTP servers. <h1>1.3.3c released</h1> --- 13,18 ---- systems for security compromises and install unmodified versions of ProFTPD. ! <p>To verify the integrity of your source files, use the PGP signatures which ! can be found <a href="md5_pgp.html">here</a> as well as on the FTP servers. <h1>1.3.3c released</h1> |
|
From: TJ S. <cas...@us...> - 2010-12-01 23:48:51
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv27809 Modified Files: index.epl Log Message: Updating website with announcement of ftp.proftpd.org compromise. Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.110 retrieving revision 1.111 diff -C2 -r1.110 -r1.111 *** index.epl 29 Oct 2010 17:29:34 -0000 1.110 --- index.epl 1 Dec 2010 23:48:40 -0000 1.111 *************** *** 4,7 **** --- 4,19 ---- #include "header.epl" + <h1>ftp.proftpd.org compromised</h1> + [<i>01/Dec/2010</i>] + The ProFTPD Project team is sorry to announce that the Project's main FTP + server, as well as all of the mirror servers, have carried compromised + versions of the ProFTPD 1.3.3c source code, from the November 28 2010 to + December 2 2010. All users who run versions of ProFTPD which have been + downloaded and compiled in this time window are strongly advised to check their + systems for security compromises and install unmodified versions of ProFTPD. + + To verify the integrity of your source files, use the PGP signatures which can + be found <a href="md5_pgp.html">here</a> as well as on the FTP servers. + <h1>1.3.3c released</h1> [<i>29/Oct/2010</i>] |
|
From: TJ S. <cas...@us...> - 2010-10-29 18:16:10
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv17021 Modified Files: module_news.epl Log Message: Mention the new mod_geoip module in the "Module News" section of the website. Index: module_news.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/module_news.epl,v retrieving revision 1.39 retrieving revision 1.40 diff -C2 -r1.39 -r1.40 *** module_news.epl 20 Dec 2009 20:23:35 -0000 1.39 --- module_news.epl 29 Oct 2010 18:16:00 -0000 1.40 *************** *** 6,9 **** --- 6,20 ---- <h1><: print "$html_title" :></h1> + <h2>Geolocation module</h2> + <i>Maintainer: TJ Saunders</i> + <br /><a href="http://www.castaglia.org/proftpd/modules/mod_geoip.html">http://www.castaglia.org/proftpd/modules/mod_geoip.html</a> + + <p>The <code>mod_geoip</code> module allows sites to quickly look up + geolocation information such as country, continent, region, timezone, + <i>etc</i> based on the connecting client's IP address. This information can + be logged for tracking purposes, and used to configure access controls in + order to reduce/prevent connections from locations unauthorized by site policy. + + <h2>Versioning module</h2> <i>Maintainer: TJ Saunders</i> |
|
From: TJ S. <cas...@us...> - 2010-10-29 17:29:43
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv8962 Modified Files: md5_pgp.epl index.epl Log Message: Updating website for 1.3.3c release. Index: md5_pgp.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/md5_pgp.epl,v retrieving revision 1.54 retrieving revision 1.55 diff -C2 -r1.54 -r1.55 *** md5_pgp.epl 9 Sep 2010 22:56:19 -0000 1.54 --- md5_pgp.epl 29 Oct 2010 17:29:34 -0000 1.55 *************** *** 11,16 **** 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 721b8232fcac36317a6a1d29fa86250e <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3b.tar.bz2">proftpd-1.3.3b.tar.bz2</a> ! 5758599043a5424607dd00a3b8f5b5b9 <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3b.tar.gz">proftpd-1.3.3b.tar.gz</a> </pre> --- 11,16 ---- 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 8571bd78874b557e98480ed48e2df1d2 <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3c.tar.bz2">proftpd-1.3.3c.tar.bz2</a> ! 4f2c554d6273b8145095837913ba9e5d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3c.tar.gz">proftpd-1.3.3c.tar.gz</a> </pre> *************** *** 40,61 **** <pre> ! <strong>proftpd-1.3.3b.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkyJY1cACgkQt46JP6URl2rvYACdHPrghqqc+GSjzbYSIaQ4L6jU ! f6cAn2WgGfjoV0iB8QFGGGcBl6CFcfQM ! =IX0b -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3b.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkyJY0wACgkQt46JP6URl2pyvgCaAkxHCa1CCgCnzSDsKQITxoF3 ! M+kAniHIRyQYtkvRqz05KiUN2leAGJYU ! =gVbK -----END PGP SIGNATURE----- </pre> --- 40,61 ---- <pre> ! <strong>proftpd-1.3.3c.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkzLAWYACgkQt46JP6URl2qu3QCcDGXD+fRPOdKMp8fHyHI5d12E ! 83gAoPHBrjTFCz4MKYLhH8qqxmGslR2k ! =aLli -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3c.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkzLAW0ACgkQt46JP6URl2ojfQCfXy/hWE8G5mhdhdLpaPUZsofK ! pO8Anj+uP0hQcn1E/CEUddI0mezlSCmg ! =e8el -----END PGP SIGNATURE----- </pre> Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.109 retrieving revision 1.110 diff -C2 -r1.109 -r1.110 *** index.epl 9 Sep 2010 22:56:19 -0000 1.109 --- index.epl 29 Oct 2010 17:29:34 -0000 1.110 *************** *** 4,7 **** --- 4,15 ---- #include "header.epl" + <h1>1.3.3c released</h1> + [<i>29/Oct/2010</i>] + <p>The ProFTPD Project team has released 1.3.3c to the community. + This is an <b>important security release</b>, containing fixes for a Telnet + IAC handling vulnerability and a directory traversal vulnerability in the + mod_site_misc module. The <a href="docs/RELEASE_NOTES-1.3.3c">RELEASE_NOTES</a> + and <a href="docs/NEWS-1.3.3c">NEWS</a> files contain the full details.</p> + <h1>1.3.3b released</h1> [<i>09/Sep/2010</i>] |
|
From: TJ S. <cas...@us...> - 2010-10-29 17:29:43
|
Update of /cvsroot/pdd/www.proftpd.org/include In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv8962/include Modified Files: header.epl Log Message: Updating website for 1.3.3c release. Index: header.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/include/header.epl,v retrieving revision 1.43 retrieving revision 1.44 diff -C2 -r1.43 -r1.44 *** header.epl 9 Sep 2010 22:56:19 -0000 1.43 --- header.epl 29 Oct 2010 17:29:34 -0000 1.44 *************** *** 18,29 **** <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3b</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3b">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3b">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3b.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3b.tar.bz2">bz2</a> ]</span> </div> Release Candidate: <strong>None</strong> --- 18,29 ---- <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3c</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3c">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3c">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3c.tar.bz2">bz2</a> ]</span> </div> Release Candidate: <strong>None</strong> |
|
From: TJ S. <cas...@us...> - 2010-10-29 17:29:43
|
Update of /cvsroot/pdd/www.proftpd.org/docs In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv8962/docs Added Files: NEWS-1.3.3c RELEASE_NOTES-1.3.3c Log Message: Updating website for 1.3.3c release. --- NEW FILE --- $Id: NEWS-1.3.3c,v 1.1 2010/10/29 17:29:34 castaglia Exp $ ----------------------------------------------------------------------------- More details on the bugs listed below can be found by using the bug number indicated in the following URL: http://bugs.proftpd.org/show_bug.cgi?id=N where `N' is the bug number. ----------------------------------------------------------------------------- 1.3.3c - Released 29-Oct-2010 -------------------------------- - Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite. - Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux. - Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE commands. - Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc functionality via proftpd.conf. [...2298 lines suppressed...] - sendfile() deprecates politely on Linux 2.0.x. - AuthPAMAuthoritative now defaults to False. This should clear up any confusion on using PAM with AuthUserFile and friends. - Removed Bandwidth from the documentation. - Fixed a rare segfault in mod_auth. - Logging has changed slightly to be more informative and more consistent. All messages that get logged are now preceded with <virtualhost> (remote host[remote ip]). - mod_ldap for authentication against LDAP directories is now in place. - ftpwho/ftpcount -- a grammatical error corrected, and they now build as seperate binaries. - Fixed the 'no names, just UIDs' bug. - Added genuser.pl to facilitate AuthUserFile entry creation. - Umask now takes an optional second argument, specifying a directory umask. - Work around FreeBSD's broken setpassent(), and a new option to override this in fixed versions of FreeBSD's libc (--enable-force-setpassent). - Generate RPMs for both inetd and standalone versions of ProFTPD. - Added AuthUsingAlias to allow for more fine-grain control of anonymous logins. - Added support for 'TYPE L 8' and 'TYPE L 7' per RFC 959. --- NEW FILE --- 1.3.3 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.3 release cycle, from the 1.3.3rc1 release to the 1.3.3 maintenance releases. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.3c --------- + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925) + Fixed directory traversal bug in mod_site_misc + Fixed SQLite authentications using "SQLAuthType Backend" 1.3.3b --------- + Fixed SFTP directory listing bug + Avoid corrupting utmpx databases on FreeBSD + Avoid null pointer dereferences during data transfers + Fixed "AuthAliasOnly on" anonymous logins 1.3.3a --------- + Added Japanese translation + Many mod_sftp bugfixes + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later + Fixed handling of utmp/utmpx format changes on FreeBSD 1.3.3 --------- + Fixed mod_ban whitelisting using mod_ifsession. + Fixed per-user/group/class "HideFiles none" configurations. 1.3.3rc4 --------- + Fixed mod_tls compilation using OpenSSL installations older than 0.9.7. + Fixed mod_sftp compilation on AIX. + Fixed RADIUS authentication on 64-bit platforms + Fixed memory leak in SCP downloads. + New configuration directives SQLPasswordUserSalt The SQLPasswordUserSalt directive can be used to configure per-user salt data to be added to the encrypted password for a user. The salt can be the user name, or it can be the result of a SQL query. More information can be found in doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt. 1.3.3rc3 --------- + Added Taiwan translation. + Added support in mod_sftp for the following SFTP extensions: check-file copy-file vendor-id version-select pos...@op... fst...@op... st...@op... + Added a workaround in mod_tls to deal with the vulnerability found in SSL/TLS protocol during renegotiation (CVE-2009-3555). Good descriptions of this vulnerability can be found here: http://extendedsubset.com/?p=8 http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html The workaround implemented in mod_tls (Bug#3324) is one of the suggested mitigation approaches: the server now refuses all client-initiated SSL/TLS session renegotiations. + Updated to the bundled libtool to 2.2.4 (plus patch) to deal with a libtool vulnerability (CVE-2009-3736). + Added support for SHA256 and SHA512 passwords to the mod_sql_passwd module. + New configuration directives SFTPExtensions The SFTPExtensions directive can be used to selectively enable/disable mod_sftp's support for specific SFTP extensions. See doc/contrib/mod_sftp.html#SFTPExtensions for more details. + Changed configuration directives CapabilitiesSet The CAP_FOWNER capability can now be explicitly requested when using the mod_cap module: <IfModule mod_cap.c> CapabilitiesSet +CAP_FOWNER </IfModule> For operations allowed on files, this capability overrides the restriction that the file owner ID must match the process user ID. 1.3.3rc2 --------- + When handling .ftpaccess files, proftpd was merging them into the main configuration such that the .ftpaccess files configurations would override the main configuration. This was never the intended behavior, and has been fixed (Bug#3279). However, this does mean that sites which use .ftpaccess files may see a change in the behavior of their proftpd. + Changed scoreboard format (Bug#3286), need for "ServerType inetd" server to manually delete their old ScoreboardFiles. Otherwise they will see "error opening scoreboard: bad version (too old)" errors. + Changed SQL connection policy (Bug#3290). Important for clients which connect but don't authenticate (e.g. mod_ban, mod_dnsbl, mod_wrap2_sql, etc which will reject connected clients prior to authentication); saves on unnecessary database connections in such cases. For sites which require the old behavior, there is a new "PERCONNECTION" connection policy. NOTE: If you are using mod_sql for logging purposes only, e.g. you have the following in your mod_sql config: SQLEngine log then this connection policy change may affect you. If the database connection is opened after a chroot has occurred (via DefaultRoot or <Anonymous> login), the database connection may fail. And since now the connection is delayed until first use, and the first use for logging may occur after the chroot, the logging may fail. For such sites, then, you will need to use the "PERCONNECTION" connection policy explicitly. + Support for "implicit" FTPS. To enable this, use: TLSOptions UseImplicitSSL WARNING: Using this setting will cause mod_tls to handle ALL connections to the vhost as implicit FTPS connections. It is NOT possible to support both plain FTP (or explicit FTPS) clients AND implicit FTPS clients on the same address/port. Therefore this setting should ONLY ever be used in order to support braindead/broken FTPS clients, and then only for as long as it takes to fix/replace those broken clients. Note that "implicit" FTPS was explicitly DROPPED from the RFC which defines FTP over SSL/TLS; the only clients which use this feature are outdated clients based on older, now-invalidated versions of the specification. Please update your FTPS clients to one which uses explicit FTPS as soon as possible. + Re-enable turning off the Nagle algorithm; this drastically helps speed up transfers of multiple small files. + New modules mod_sql_passwd This module supports MD5 and SHA1 passwords, encoding using base64 or hex, from SQL tables. See doc/contrib/mod_sql_passwd.html for details. + New configuration directives AuthUnixOptions In Bug#1896, support for checking some AIX-specific functions for whether a login should be accepted was added; this happens only on AIX server, of course. However, some AIX admins like to configure "rlogin=false", yet still want to allow FTP logins. To enable this specific behavior, a new AuthUnixOptions directive was added, with a setting which is only honored on AIX: AuthUnixOptions aixNoRLogin If this setting is used on any other server, it is silently ignored. Bug#3300 has the full details. + Changed configuration directives ExtendedLog You can now disable logging in an <Anonymous> section to an ExtendedLog which was opened outside of the <Anonymous> section, i.e.: ExtendedLog /path/to/ext.log ALL <Anonymous /path/to/anon> ... ExtendedLog /path/to/anon-ext.log ALL # Disable the logging to the higher-level ExtendedLog by # configuring again here, but changing the command class to 'NONE' ExtendedLog /path/to/ext.log NONE ... </Anonymous> HiddenStores The HiddenStores directive can now be used to customize and change the prefix which is prepended to the HiddenStore files. The default prefix is ".in.", but if you wish to use a different prefix for any reason, you can use something like: HiddenStores foo This will cause the prefix to be ".foo.". SQLOptions When the connection to the database is lost, mod_sql now will try only once to automatically reconnect (if such reconnect functionality is supported by the database, e.g. MySQL or Postgres). To disable this reconnect behavior, there is a new "noReconnect" SQLOptions setting: SQLOptions noReconnect See Bug#3270 for the full details of this behavior change. It should be transparent for most sites. 1.3.3rc1 --------- + Added French, Bulgarian, Korean translations. + RPM 4.2 or later is required by the proftpd.spec file provided in the distribution. + If the --localstatedir configure option is used, proftpd's build system used to automatically append "/proftpd" to the configured path. This behavior has been fixed; proftpd's build system will now use the configured --localstatedir path as is. Note that this may cause issues if you have an existing build script for compling proftpd; the expected locations of files under the --localstatedir path will change. + New command-line options: The -S, --serveraddr command-line option has been added. This option can be used to specify the IP address of the host machine. By default, proftpd attempts to resolve the host IP address by using DNS resolution of the hostname. However, in cases where DNS is not configured for the host machine, this approach does not work. To specify the desired IP address, use -S when starting proftpd, e.g.: /usr/local/sbin/proftpd -S 1.2.3.4 ... And if you want proftpd to listen on all interfaces, you can specify a wildcard socket using an IP address of 0.0.0.0: /usr/local/sbin/proftpd -S 0.0.0.0 ... + New modules: mod_exec This module enables execution of external scripts based on actions/events during a session. See doc/contrib/mod_exec.html for details. mod_sftp This module implements the SSH2, SFTP, and SCP protocols. See doc/contrib/mod_sftp.html for more information. mod_sftp_pam This module uses PAM to provide a 'keyboard-interactive' SSH2 authentication method for mod_sftp. More information can be found in the documentation for mod_sftp_pam, in doc/contrib/mod_sftp_pam.html. mod_sftp_sql This module uses SQL (via mod_sql) for looking up authorized SSH2 public keys for user and hostbased authentication. More information is available in doc/contrib/mod_sftp_sql.html. mod_shaper This module can be used to provide data transfer rate "shaping" across the entire server. See the documentation at doc/contrib/mod_shaper.html. mod_tls_shmcache This module provides an external SSL session cache using shared memory; see the TLSSessionCache configuration directive. More information on this module can be found in doc/contrib/mod_tls_shmcache.html. + New configuration directives: RewriteHome The RewriteHome directive can be used to support rewriting the home directory for a user, based on regular expression rules. One such use case is where some portion of the home directory is retrieved e.g. from an LDAP directory, but you need to apply some custom prefix to the LDAP attribute. To enable this feature, first you need to add the following to your proftpd.conf: RewriteHome on Next, you need to configure the mod_rewrite rules for rewriting your home directory; this feature depends on mod_rewrite for the rewriting. The pseudo-command used by mod_rewrite for rewriting home directories is "REWRITE_HOME". Thus would you use: <IfModule mod_rewrite.c> RewriteEngine on RewrlteLog /path/to/rewrite.log RewriteCondition %m REWRITE_HOME RewriteRule (.*) /my/new/prefix$1 </IfModule> ScoreboardScrub The ScoreboardScrub directive can be used to turn on/off proftpd's periodic "scrubbing" of its ScoreboardFile, where the ScoreboardFile is scanned for entries of dead sessions: ScoreboardScrub on|off|secs Note that if scoreboard scrubbing is turned off, the ScoreboardFile can still be scrubbed on demand, either by using mod_ctrls_admin's "ftpdctl scoreboard scrub" action, or by using the new ftpscrub command-line utility. TLSControlsACLs With the addition of support for external session caches, the mod_tls module now supports some ftpdctl actions for interacting with those session caches. The TLSControlsACLs directive can be used to configure ACLs for the ftpdctl actions supported by mod_tls, and is analogous to other ACLs directives for other modules which support ftpdctl actions. TLSPKCS12File The TLSPKCS12File directive of the mod_tls module is used to configure mod_tls to use the certificate and private key contained in the indicated PKCS#12 file. Some sites already use PKCS#12 files for containing their other certificates, and thus find it useful to have PKCS#12 support in mod_tls. TLSSessionCache The TLSSessionCache directive configures an external SSL session cache, which can be used for storing and shared SSL sessions across multiple processes. An external SSL session cache is an optional facility which speeds up parallel FTPS session connections. See doc/contrib/mod_tls.html#TLSSessionCache for more information. + Changed configuration directives: AllowOverride This directive no longer supports the optional user/group/class parameters. If you wish to have per-user/group/class conditional use of the AllowOverride directive, you will need to use the mod_ifsession module. For example, instead of: AllowOverride off user !admin you will need to use: <IfUser admin> AllowOverride on </IfUser> <IfUser !admin> AllowOverride off </IfUser> Note that the "!admin" section is necessary. If you set "AllowOverride off" unconditionally, then use a mod_ifsession context, you would end up with two AllowOverride settings, and the code might not be able to distinguish properly which setting to use. Thus you need to make both the "on" and "off" cases conditional, and mutually exclusive. Configurations which use the user/group/class conditional parameters to AllowOverride will now generate configuration errors. BanOnEvent The BanOnEvent directive of the mod_ban module now supports TimeoutLogin events. <VirtualHost> You can now specify an IP address of "0.0.0.0" in a <VirtualHost> definition. IdentLookups The default IdentLookups value is now 'off'. The RFC1413 IDENT lookup adds latency to the login process, so much so that it is a FAQ to configure "IdentLookups off". In addition, the IDENT protocol is not secure; it can easily be spoofed using man-in-the-middle attacks. Sites that require IDENT lookups must now explicitly configure "IdentLookups on". Note that in order to use IdentLookups, you must compile proftpd with the mod_ident module. If you use the --disable-ident configure option, then proftpd will not recognize the IdentLookups directive. Thus in your proftpd.conf, you should use something like: <IfModule mod_ident.c> IdentLookups on </IfModule> if you want to use RFC1413 lookups. LogFormat, SQLNamedQuery There is a new variable, %{protocol}, which describes the protocol that the client is using. This variable can have values of "ftp", "ftps", "ssh2", "sftp", and "scp". Note that for SSH2 connections, the value will be "ssh2" until SFTP or SCP channels are opened; this means that during login, the %{protocol} value will be "ssh2". There is also a new %w variable which is only valid for RNTO commands. The %w value will be the original name of the file being renamed (mnemonic: "whence" a renamed file comes). RewriteCondition, RewriteRule Use of environment variables in mod_rewrite rules is now supported via the "%{ENV:var}" syntax. SQLGroupInfo The SQLGroupInfo now supports custom queries for retrieve group information. Note that instead of a single custom query, several different queries are needed; different lookups are called for depending on the situation and configuration of mod_sql (e.g. using the 'groupset' or 'groupsetfast' SQLAuthenticate parameters). See doc/contrib/mod_sql.html#SQLGroupInfo and doc/howto/SQL.html#SQLUsersetfast for more details. SQLUserInfo The support for custom SQLUserInfo queries has been extended to support custom queries to be used when the 'userset' or 'usersetfast' SQLAuthenticate parameters are used. For more information, see doc/contrib/mod_sql.html#SQLUserInfo and doc/howto/SQL.html#SQLUsersetfast. TLSOptions The NoSessionReuseRequired option has been added. As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse the SSL session of the control connection, as a security measure. Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions. To relax the requirement that the SSL session from the control connection be reused for data connections, use the following in the proftpd.conf: <IfModule mod_tls.c> ... TLSOptions NoSessionReuseRequired ... </IfModule> TLSRequired The TLSRequired directive can now be used in <Directory> sections and in .ftpaccess files. When used in these configuration contexts, only the TLSRequired values that require SSL/TLS protection on data transfers are honored. With this, it is now possible to mark specific files or directories as requiring SSL/TLS protection to be accessed via data transfer. TransferLog The "service-name" field of the TransferLog usually contains just "ftp". In order to support TransferLogs for SFTP and SCP transfers, the service-name field of the TransferLog format may now show "sftp" or "scp". It may also show "ftps" instead of "ftp", if the data transfer occurred while the client is using FTP over SSL/TLS. NOTE: This change, while correct, may cause issues for log parsers. + Deprecated configuration directives: AnonymousGroup Support for this directive has been removed. + Developer Notes If you are a module developer, then you will want to know of the following API/internals changes: * The original USER value sent by the client is no longer stored in the config tree. That is, the following no longer works: user = get_param_ptr(main_server->conf, C_USER, FALSE); Instead, the original USER value is stashes in the session.notes table. Thus the above line of code can be replaced with: user = pr_table_get(session.notes, "mod_auth.orig-user", NULL); A similar change occurred for the anonymous "password" sent, but this will probably not apply to most modules. Last Updated: $Date: 2010/10/29 17:29:34 $ |
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv12119 Modified Files: LDAPDoAuth LDAPDoGIDLookups LDAPDoQuotaLookups LDAPDoUIDLookups LDAPNegativeCache Added Files: LDAPGroups LDAPUsers Log Message: update for directive changes in mod_ldap 2.9.0 --- NEW FILE --- <refentry id="LDAPGroups"> <?dbhtml filename="config_ref_LDAPGroups.html"> <refentryinfo> <keywordset> <keyword> mod_ldap </keyword> </keywordset> </refentryinfo> <refmeta> <refentrytitle> <indexterm><primary>LDAPGroups</primary></indexterm> LDAPGroups </refentrytitle> </refmeta> <refnamediv> <refname>LDAPGroups</refname> <refpurpose> Enable LDAP lookups for user group membership and GIDs in directory listings </refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> <command>LDAPGroups</command> <arg choice="opt"> <option>"group-base-dn"</option> </arg> <arg choice="opt"> <option>"group-name-filter-template"</option> </arg> <arg choice="opt"> <option>"gid-number-filter-template"</option> </arg> <arg choice="opt"> <option>"member-user-filter-template"</option> </arg> </cmdsynopsis> <variablelist> <title></title> <varlistentry> <term><synopsis>Default</synopsis></term> <listitem><para> disabled </para></listitem> </varlistentry> <varlistentry> <term><synopsis>Context</synopsis></term> <listitem><para> server config, <VirtualHost>, <Global> </para></listitem> </varlistentry> <varlistentry> <term><synopsis>Module</synopsis></term> <listitem><para>mod_ldap</para></listitem> </varlistentry> <varlistentry> <term><synopsis>Compatibility</synopsis></term> <listitem><para> mod_ldap v2.9.0 and later </para></listitem> </varlistentry> </variablelist> </refsynopsisdiv> <refsect1> <title>Description</title> <para>Activates LDAP group membership lookups and GID to name mappings in directory listings.</para> <para>The first argument to this directive is the LDAP base DN to use for group lookups. The second through fourth arguments are templates to be used for the search filter; %u will be replaced with the group name, GID number, or group member username that is being looked up, respectively.</para> <para>By default, the search filter templates look like this:</para> <para> group-name-filter-template: "(&(LDAPAttr_cn=%u)(objectclass=posixGroup))", gid-number-filter-template: "(&(LDAPAttr_gidNumber=%u)(objectclass=posixGroup))", member-user-filter-template: "(&(LDAPAttr_memberUid=%u)(objectclass=posixGroup))". </para> <para>The attribute names used in the default search filters are taken from the <link linkend="LDAPAttr">LDAPAttr</link> directive.</para> </refsect1> <refsect1> <title>See also</title> <para> <link linkend="LDAPAttr">LDAPAttr</link> </para> </refsect1> <refsect1> <title>Examples</title> <para></para> </refsect1> </refentry> --- NEW FILE --- <refentry id="LDAPUsers"> <?dbhtml filename="config_ref_LDAPUsers.html"> <refentryinfo> <keywordset> <keyword> mod_ldap </keyword> </keywordset> </refentryinfo> <refmeta> <refentrytitle> <indexterm><primary>LDAPUsers</primary></indexterm> LDAPUsers </refentrytitle> </refmeta> <refnamediv> <refname>LDAPUsers</refname> <refpurpose>Enable LDAP authentication/user lookups</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> <command>LDAPUsers</command> <arg choice="opt"> <option>"user-base-dn"</option> </arg> <arg choice="opt"> <option>"username-filter-template"</option> </arg> <arg choice="opt"> <option>"uid-number-filter-template"</option> </arg> </cmdsynopsis> <variablelist> <title></title> <varlistentry> <term><synopsis>Default</synopsis></term> <listitem><para> disabled </para></listitem> </varlistentry> <varlistentry> <term><synopsis>Context</synopsis></term> <listitem><para> server config, <VirtualHost>, <Global> </para></listitem> </varlistentry> <varlistentry> <term><synopsis>Module</synopsis></term> <listitem><para>mod_ldap</para></listitem> </varlistentry> <varlistentry> <term><synopsis>Compatibility</synopsis></term> <listitem><para> mod_ldap v2.9.0 and later </para></listitem> </varlistentry> </variablelist> </refsynopsisdiv> <refsect1> <title>Description</title> <para>Activates LDAP authentication and UID to name mappings in directory listings.</para> <para>The first argument to this directive is the LDAP base DN to use for authentication. The second argument is a template to be used for the search filter when looking up users by username; %u will be replaced with the username that is being authenticated. The third argument is a template to be used for the search filter when looking up users by UID number; %u will be replaced with the UID number that is being looked up.</para> <para>By default, the search filter templates look like this:</para> <para> username-filter-template: "(&(LDAPAttr_uid=%u)(objectclass=posixAccount))", uid-number-filter-template: "(&(LDAPAttr_uidNumber=%u)(objectclass=posixAccount))", </para> <para>The attribute names used in the default search filters are taken from the <link linkend="LDAPAttr">LDAPAttr</link> directive.</para> </refsect1> <refsect1> <title>See also</title> <para> <link linkend="LDAPAttr">LDAPAttr</link> </para> </refsect1> <refsect1> <title>Examples</title> <para></para> </refsect1> </refentry> Index: LDAPDoAuth =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPDoAuth,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -r1.11 -r1.12 *** LDAPDoAuth 28 Jun 2005 17:56:11 -0000 1.11 --- LDAPDoAuth 15 Oct 2010 18:20:38 -0000 1.12 *************** *** 64,68 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.0 and later </para></listitem> </varlistentry> --- 64,69 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap <= v2.9.0, replaced by ! <link linkend="LDAPUsers">LDAPUsers</link> </para></listitem> </varlistentry> Index: LDAPDoGIDLookups =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPDoGIDLookups,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -r1.14 -r1.15 *** LDAPDoGIDLookups 25 Jan 2007 14:41:16 -0000 1.14 --- LDAPDoGIDLookups 15 Oct 2010 18:20:38 -0000 1.15 *************** *** 74,78 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.0 and later </para></listitem> </varlistentry> --- 74,79 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap <= v2.9.0, replaced by ! <link linkend="LDAPGroups">LDAPGroups</link> </para></listitem> </varlistentry> Index: LDAPDoQuotaLookups =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPDoQuotaLookups,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -r1.7 -r1.8 *** LDAPDoQuotaLookups 28 Jun 2005 17:56:11 -0000 1.7 --- LDAPDoQuotaLookups 15 Oct 2010 18:20:38 -0000 1.8 *************** *** 66,70 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.8.12 and later </para></listitem> </varlistentry> --- 66,72 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap <= v2.9.0, replaced by ! <link linkend="LDAPUsers">LDAPUsers</link> and ! <link linkend="LDAPDefaultQuota">LDAPDefaultQuota</link> </para></listitem> </varlistentry> Index: LDAPDoUIDLookups =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPDoUIDLookups,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -r1.14 -r1.15 *** LDAPDoUIDLookups 28 Jun 2005 17:56:11 -0000 1.14 --- LDAPDoUIDLookups 15 Oct 2010 18:20:38 -0000 1.15 *************** *** 59,63 **** <term><synopsis>Module</synopsis></term> <listitem><para> ! mod_ldap </para></listitem> </varlistentry> --- 59,64 ---- <term><synopsis>Module</synopsis></term> <listitem><para> ! mod_ldap <= v2.9.0, replaced by ! <link linkend="LDAPUsers">LDAPUsers</link> </para></listitem> </varlistentry> Index: LDAPNegativeCache =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPNegativeCache,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -r1.8 -r1.9 *** LDAPNegativeCache 18 Apr 2002 07:45:43 -0000 1.8 --- LDAPNegativeCache 15 Oct 2010 18:20:38 -0000 1.9 *************** *** 56,60 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v1.1 and later </para></listitem> </varlistentry> --- 56,60 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v1.1 - 2.8.23 </para></listitem> </varlistentry> |
|
From: John M. <jw...@us...> - 2010-10-15 16:40:39
|
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv22417 Modified Files: LDAPHomedirOnDemand LDAPHomedirOnDemandPrefix LDAPHomedirOnDemandPrefixNoUsername LDAPHomedirOnDemandSuffix Log Message: better display of compatible mod_ldap versions Index: LDAPHomedirOnDemand =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPHomedirOnDemand,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -r1.10 -r1.11 *** LDAPHomedirOnDemand 25 Jun 2005 15:23:08 -0000 1.10 --- LDAPHomedirOnDemand 15 Oct 2010 16:40:29 -0000 1.11 *************** *** 62,66 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.0 and later </para></listitem> </varlistentry> --- 62,66 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.0 - 2.8.12 </para></listitem> </varlistentry> *************** *** 71,78 **** <title>Description</title> - <para>This directive has been deprecated with mod_ldap v2.8.13. - Please take a look at <link linkend="LDAPGenerateHomedir">LDAPGenerateHomedir</link> - </para> - <para>LDAPHomedirOnDemand activates on-demand home directory creation. If a user logs in and does not yet have a home directory, a home --- 71,74 ---- Index: LDAPHomedirOnDemandPrefix =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPHomedirOnDemandPrefix,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** LDAPHomedirOnDemandPrefix 25 Jun 2005 15:23:08 -0000 1.6 --- LDAPHomedirOnDemandPrefix 15 Oct 2010 16:40:29 -0000 1.7 *************** *** 57,61 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.8 and later </para></listitem> </varlistentry> --- 57,61 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.8 - 2.8.12 </para></listitem> </varlistentry> *************** *** 66,73 **** <title>Description</title> - <para>This directive has been deprecated with mod_ldap v2.8.13. - Please take a look at <link linkend="LDAPGenerateHomedirPrefix">LDAPGenerateHomedirPrefix</link> - </para> - <para>LDAPHomedirOnDemandPrefix enables a prefix to be specified for on-demand home directory creation. This is most useful if mod_ldap --- 66,69 ---- Index: LDAPHomedirOnDemandPrefixNoUsername =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPHomedirOnDemandPrefixNoUsername,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** LDAPHomedirOnDemandPrefixNoUsername 25 Jun 2005 15:23:08 -0000 1.6 --- LDAPHomedirOnDemandPrefixNoUsername 15 Oct 2010 16:40:29 -0000 1.7 *************** *** 51,55 **** <varlistentry><term><synopsis>Compatibility</synopsis></term> <listitem> <para> ! 1.2.5rc1 and later </para> </listitem> </varlistentry> --- 51,55 ---- <varlistentry><term><synopsis>Compatibility</synopsis></term> <listitem> <para> ! mod_ldap v2.8.1 - 2.8.12 </para> </listitem> </varlistentry> *************** *** 59,66 **** <refsect1> <title>Description</title> - <para>This directive has been deprecated with mod_ldap v2.8.13. - Please take a look at <link linkend="LDAPGenerateHomedirPrefixNoUsername">LDAPGenerateHomedirPrefixNoUsername</link> - </para> - <para> (docs incomplete) --- 59,62 ---- Index: LDAPHomedirOnDemandSuffix =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/LDAPHomedirOnDemandSuffix,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -r1.13 -r1.14 *** LDAPHomedirOnDemandSuffix 25 Jun 2005 15:23:08 -0000 1.13 --- LDAPHomedirOnDemandSuffix 15 Oct 2010 16:40:29 -0000 1.14 *************** *** 60,64 **** <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.6 and later. </para></listitem> </varlistentry> --- 60,64 ---- <term><synopsis>Compatibility</synopsis></term> <listitem><para> ! mod_ldap v2.6 - 2.8.12 </para></listitem> </varlistentry> *************** *** 68,75 **** <refsect1> <title>Description</title> - <para> - This directive is deprecated and was removed from mod_ldap v2.8.13. - It has no replacement option. - </para> <para>to be created within a user's home directory when it is --- 68,71 ---- |
|
From: TJ S. <cas...@us...> - 2010-09-29 00:02:31
|
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv18380 Modified Files: AllowGroup DenyGroup Log Message: Typos. Index: AllowGroup =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/AllowGroup,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -r1.8 -r1.9 *** AllowGroup 12 Feb 2004 04:00:52 -0000 1.8 --- AllowGroup 29 Sep 2010 00:02:16 -0000 1.9 *************** *** 73,77 **** to the explicit allow to apply. In order to treat the expression as a boolean "OR" list, meaning that ANY of the elements must evaluate to logically ! true, use the optional "AND" keyword. Similarly, to treat the expression as a regular expression, use the "regex" keyword. </para> --- 73,77 ---- to the explicit allow to apply. In order to treat the expression as a boolean "OR" list, meaning that ANY of the elements must evaluate to logically ! true, use the optional "OR" keyword. Similarly, to treat the expression as a regular expression, use the "regex" keyword. </para> Index: DenyGroup =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/DenyGroup,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -r1.8 -r1.9 *** DenyGroup 12 Feb 2004 04:10:53 -0000 1.8 --- DenyGroup 29 Sep 2010 00:02:16 -0000 1.9 *************** *** 74,78 **** to the explicit deny to apply. In order to treat the expression as a boolean "OR" list, meaning that ANY of the elements must evaluate to logically ! true, use the optional "AND" keyword. Similarly, to treat the expression as a regular expression, use the "regex" keyword. </para> --- 74,78 ---- to the explicit deny to apply. In order to treat the expression as a boolean "OR" list, meaning that ANY of the elements must evaluate to logically ! true, use the optional "OR" keyword. Similarly, to treat the expression as a regular expression, use the "regex" keyword. </para> |
|
From: TJ S. <cas...@us...> - 2010-09-10 16:07:54
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv4114 Modified Files: sites.epl Log Message: CRUX PPC uses ProFTPD for their FTP server. Index: sites.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/sites.epl,v retrieving revision 1.31 retrieving revision 1.32 diff -C2 -r1.31 -r1.32 *** sites.epl 13 Nov 2007 02:46:16 -0000 1.31 --- sites.epl 10 Sep 2010 16:07:44 -0000 1.32 *************** *** 141,144 **** --- 141,149 ---- redundant connectivity. </li> + + <!-- Contact: "acrux @ CRUX PPC" <ac...@cl...> --> + <li><a href="http://cruxppc.org/">CRUX PPC</a><br /> + GNU/Linux on Power Architecture. + </li> </ul> |
|
From: TJ S. <cas...@us...> - 2010-09-09 22:56:29
|
Update of /cvsroot/pdd/www.proftpd.org/docs In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv17577/docs Added Files: NEWS-1.3.3b RELEASE_NOTES-1.3.3b Log Message: Updating website for release of 1.3.3b. --- NEW FILE --- $Id: NEWS-1.3.3b,v 1.1 2010/09/09 22:56:19 castaglia Exp $ ----------------------------------------------------------------------------- More details on the bugs listed below can be found by using the bug number indicated in the following URL: http://bugs.proftpd.org/show_bug.cgi?id=N where `N' is the bug number. ----------------------------------------------------------------------------- 1.3.3b - Released 09-Sep-2010 -------------------------------- - Bug 3481 - Problem with SFTP directory listings. - Bug 3483 - NULL pointer dereference handling SITE command in mod_quotatab. - Bug 3485 - Disabling IPv6 via -4 or --ipv4 command-line options does not work. - Bug 3487 - Null pointer dereference with EPRT/EPSV/PASV/PORT command during data transfer. - Bug 3482 - ProFTPD corrupts utmpx log files on FreeBSD 9.0/HEAD. [...2287 lines suppressed...] - sendfile() deprecates politely on Linux 2.0.x. - AuthPAMAuthoritative now defaults to False. This should clear up any confusion on using PAM with AuthUserFile and friends. - Removed Bandwidth from the documentation. - Fixed a rare segfault in mod_auth. - Logging has changed slightly to be more informative and more consistent. All messages that get logged are now preceded with <virtualhost> (remote host[remote ip]). - mod_ldap for authentication against LDAP directories is now in place. - ftpwho/ftpcount -- a grammatical error corrected, and they now build as seperate binaries. - Fixed the 'no names, just UIDs' bug. - Added genuser.pl to facilitate AuthUserFile entry creation. - Umask now takes an optional second argument, specifying a directory umask. - Work around FreeBSD's broken setpassent(), and a new option to override this in fixed versions of FreeBSD's libc (--enable-force-setpassent). - Generate RPMs for both inetd and standalone versions of ProFTPD. - Added AuthUsingAlias to allow for more fine-grain control of anonymous logins. - Added support for 'TYPE L 8' and 'TYPE L 7' per RFC 959. --- NEW FILE --- 1.3.3 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.3 release cycle, from the 1.3.3rc1 release to the 1.3.3 maintenance releases. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.3b --------- + Fixed SFTP directory listing bug + Avoid corrupting utmpx databases on FreeBSD + Avoid null pointer dereferences during data transfers + Fixed "AuthAliasOnly on" anonymous logins 1.3.3a --------- + Added Japanese translation + Many mod_sftp bugfixes + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later + Fixed handling of utmp/utmpx format changes on FreeBSD 1.3.3 --------- + Fixed mod_ban whitelisting using mod_ifsession. + Fixed per-user/group/class "HideFiles none" configurations. 1.3.3rc4 --------- + Fixed mod_tls compilation using OpenSSL installations older than 0.9.7. + Fixed mod_sftp compilation on AIX. + Fixed RADIUS authentication on 64-bit platforms + Fixed memory leak in SCP downloads. + New configuration directives SQLPasswordUserSalt The SQLPasswordUserSalt directive can be used to configure per-user salt data to be added to the encrypted password for a user. The salt can be the user name, or it can be the result of a SQL query. More information can be found in doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt. 1.3.3rc3 --------- + Added Taiwan translation. + Added support in mod_sftp for the following SFTP extensions: check-file copy-file vendor-id version-select pos...@op... fst...@op... st...@op... + Added a workaround in mod_tls to deal with the vulnerability found in SSL/TLS protocol during renegotiation (CVE-2009-3555). Good descriptions of this vulnerability can be found here: http://extendedsubset.com/?p=8 http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html The workaround implemented in mod_tls (Bug#3324) is one of the suggested mitigation approaches: the server now refuses all client-initiated SSL/TLS session renegotiations. + Updated to the bundled libtool to 2.2.4 (plus patch) to deal with a libtool vulnerability (CVE-2009-3736). + Added support for SHA256 and SHA512 passwords to the mod_sql_passwd module. + New configuration directives SFTPExtensions The SFTPExtensions directive can be used to selectively enable/disable mod_sftp's support for specific SFTP extensions. See doc/contrib/mod_sftp.html#SFTPExtensions for more details. + Changed configuration directives CapabilitiesSet The CAP_FOWNER capability can now be explicitly requested when using the mod_cap module: <IfModule mod_cap.c> CapabilitiesSet +CAP_FOWNER </IfModule> For operations allowed on files, this capability overrides the restriction that the file owner ID must match the process user ID. 1.3.3rc2 --------- + When handling .ftpaccess files, proftpd was merging them into the main configuration such that the .ftpaccess files configurations would override the main configuration. This was never the intended behavior, and has been fixed (Bug#3279). However, this does mean that sites which use .ftpaccess files may see a change in the behavior of their proftpd. + Changed scoreboard format (Bug#3286), need for "ServerType inetd" server to manually delete their old ScoreboardFiles. Otherwise they will see "error opening scoreboard: bad version (too old)" errors. + Changed SQL connection policy (Bug#3290). Important for clients which connect but don't authenticate (e.g. mod_ban, mod_dnsbl, mod_wrap2_sql, etc which will reject connected clients prior to authentication); saves on unnecessary database connections in such cases. For sites which require the old behavior, there is a new "PERCONNECTION" connection policy. NOTE: If you are using mod_sql for logging purposes only, e.g. you have the following in your mod_sql config: SQLEngine log then this connection policy change may affect you. If the database connection is opened after a chroot has occurred (via DefaultRoot or <Anonymous> login), the database connection may fail. And since now the connection is delayed until first use, and the first use for logging may occur after the chroot, the logging may fail. For such sites, then, you will need to use the "PERCONNECTION" connection policy explicitly. + Support for "implicit" FTPS. To enable this, use: TLSOptions UseImplicitSSL WARNING: Using this setting will cause mod_tls to handle ALL connections to the vhost as implicit FTPS connections. It is NOT possible to support both plain FTP (or explicit FTPS) clients AND implicit FTPS clients on the same address/port. Therefore this setting should ONLY ever be used in order to support braindead/broken FTPS clients, and then only for as long as it takes to fix/replace those broken clients. Note that "implicit" FTPS was explicitly DROPPED from the RFC which defines FTP over SSL/TLS; the only clients which use this feature are outdated clients based on older, now-invalidated versions of the specification. Please update your FTPS clients to one which uses explicit FTPS as soon as possible. + Re-enable turning off the Nagle algorithm; this drastically helps speed up transfers of multiple small files. + New modules mod_sql_passwd This module supports MD5 and SHA1 passwords, encoding using base64 or hex, from SQL tables. See doc/contrib/mod_sql_passwd.html for details. + New configuration directives AuthUnixOptions In Bug#1896, support for checking some AIX-specific functions for whether a login should be accepted was added; this happens only on AIX server, of course. However, some AIX admins like to configure "rlogin=false", yet still want to allow FTP logins. To enable this specific behavior, a new AuthUnixOptions directive was added, with a setting which is only honored on AIX: AuthUnixOptions aixNoRLogin If this setting is used on any other server, it is silently ignored. Bug#3300 has the full details. + Changed configuration directives ExtendedLog You can now disable logging in an <Anonymous> section to an ExtendedLog which was opened outside of the <Anonymous> section, i.e.: ExtendedLog /path/to/ext.log ALL <Anonymous /path/to/anon> ... ExtendedLog /path/to/anon-ext.log ALL # Disable the logging to the higher-level ExtendedLog by # configuring again here, but changing the command class to 'NONE' ExtendedLog /path/to/ext.log NONE ... </Anonymous> HiddenStores The HiddenStores directive can now be used to customize and change the prefix which is prepended to the HiddenStore files. The default prefix is ".in.", but if you wish to use a different prefix for any reason, you can use something like: HiddenStores foo This will cause the prefix to be ".foo.". SQLOptions When the connection to the database is lost, mod_sql now will try only once to automatically reconnect (if such reconnect functionality is supported by the database, e.g. MySQL or Postgres). To disable this reconnect behavior, there is a new "noReconnect" SQLOptions setting: SQLOptions noReconnect See Bug#3270 for the full details of this behavior change. It should be transparent for most sites. 1.3.3rc1 --------- + Added French, Bulgarian, Korean translations. + RPM 4.2 or later is required by the proftpd.spec file provided in the distribution. + If the --localstatedir configure option is used, proftpd's build system used to automatically append "/proftpd" to the configured path. This behavior has been fixed; proftpd's build system will now use the configured --localstatedir path as is. Note that this may cause issues if you have an existing build script for compling proftpd; the expected locations of files under the --localstatedir path will change. + New command-line options: The -S, --serveraddr command-line option has been added. This option can be used to specify the IP address of the host machine. By default, proftpd attempts to resolve the host IP address by using DNS resolution of the hostname. However, in cases where DNS is not configured for the host machine, this approach does not work. To specify the desired IP address, use -S when starting proftpd, e.g.: /usr/local/sbin/proftpd -S 1.2.3.4 ... And if you want proftpd to listen on all interfaces, you can specify a wildcard socket using an IP address of 0.0.0.0: /usr/local/sbin/proftpd -S 0.0.0.0 ... + New modules: mod_exec This module enables execution of external scripts based on actions/events during a session. See doc/contrib/mod_exec.html for details. mod_sftp This module implements the SSH2, SFTP, and SCP protocols. See doc/contrib/mod_sftp.html for more information. mod_sftp_pam This module uses PAM to provide a 'keyboard-interactive' SSH2 authentication method for mod_sftp. More information can be found in the documentation for mod_sftp_pam, in doc/contrib/mod_sftp_pam.html. mod_sftp_sql This module uses SQL (via mod_sql) for looking up authorized SSH2 public keys for user and hostbased authentication. More information is available in doc/contrib/mod_sftp_sql.html. mod_shaper This module can be used to provide data transfer rate "shaping" across the entire server. See the documentation at doc/contrib/mod_shaper.html. mod_tls_shmcache This module provides an external SSL session cache using shared memory; see the TLSSessionCache configuration directive. More information on this module can be found in doc/contrib/mod_tls_shmcache.html. + New configuration directives: RewriteHome The RewriteHome directive can be used to support rewriting the home directory for a user, based on regular expression rules. One such use case is where some portion of the home directory is retrieved e.g. from an LDAP directory, but you need to apply some custom prefix to the LDAP attribute. To enable this feature, first you need to add the following to your proftpd.conf: RewriteHome on Next, you need to configure the mod_rewrite rules for rewriting your home directory; this feature depends on mod_rewrite for the rewriting. The pseudo-command used by mod_rewrite for rewriting home directories is "REWRITE_HOME". Thus would you use: <IfModule mod_rewrite.c> RewriteEngine on RewrlteLog /path/to/rewrite.log RewriteCondition %m REWRITE_HOME RewriteRule (.*) /my/new/prefix$1 </IfModule> ScoreboardScrub The ScoreboardScrub directive can be used to turn on/off proftpd's periodic "scrubbing" of its ScoreboardFile, where the ScoreboardFile is scanned for entries of dead sessions: ScoreboardScrub on|off|secs Note that if scoreboard scrubbing is turned off, the ScoreboardFile can still be scrubbed on demand, either by using mod_ctrls_admin's "ftpdctl scoreboard scrub" action, or by using the new ftpscrub command-line utility. TLSControlsACLs With the addition of support for external session caches, the mod_tls module now supports some ftpdctl actions for interacting with those session caches. The TLSControlsACLs directive can be used to configure ACLs for the ftpdctl actions supported by mod_tls, and is analogous to other ACLs directives for other modules which support ftpdctl actions. TLSPKCS12File The TLSPKCS12File directive of the mod_tls module is used to configure mod_tls to use the certificate and private key contained in the indicated PKCS#12 file. Some sites already use PKCS#12 files for containing their other certificates, and thus find it useful to have PKCS#12 support in mod_tls. TLSSessionCache The TLSSessionCache directive configures an external SSL session cache, which can be used for storing and shared SSL sessions across multiple processes. An external SSL session cache is an optional facility which speeds up parallel FTPS session connections. See doc/contrib/mod_tls.html#TLSSessionCache for more information. + Changed configuration directives: AllowOverride This directive no longer supports the optional user/group/class parameters. If you wish to have per-user/group/class conditional use of the AllowOverride directive, you will need to use the mod_ifsession module. For example, instead of: AllowOverride off user !admin you will need to use: <IfUser admin> AllowOverride on </IfUser> <IfUser !admin> AllowOverride off </IfUser> Note that the "!admin" section is necessary. If you set "AllowOverride off" unconditionally, then use a mod_ifsession context, you would end up with two AllowOverride settings, and the code might not be able to distinguish properly which setting to use. Thus you need to make both the "on" and "off" cases conditional, and mutually exclusive. Configurations which use the user/group/class conditional parameters to AllowOverride will now generate configuration errors. BanOnEvent The BanOnEvent directive of the mod_ban module now supports TimeoutLogin events. <VirtualHost> You can now specify an IP address of "0.0.0.0" in a <VirtualHost> definition. IdentLookups The default IdentLookups value is now 'off'. The RFC1413 IDENT lookup adds latency to the login process, so much so that it is a FAQ to configure "IdentLookups off". In addition, the IDENT protocol is not secure; it can easily be spoofed using man-in-the-middle attacks. Sites that require IDENT lookups must now explicitly configure "IdentLookups on". Note that in order to use IdentLookups, you must compile proftpd with the mod_ident module. If you use the --disable-ident configure option, then proftpd will not recognize the IdentLookups directive. Thus in your proftpd.conf, you should use something like: <IfModule mod_ident.c> IdentLookups on </IfModule> if you want to use RFC1413 lookups. LogFormat, SQLNamedQuery There is a new variable, %{protocol}, which describes the protocol that the client is using. This variable can have values of "ftp", "ftps", "ssh2", "sftp", and "scp". Note that for SSH2 connections, the value will be "ssh2" until SFTP or SCP channels are opened; this means that during login, the %{protocol} value will be "ssh2". There is also a new %w variable which is only valid for RNTO commands. The %w value will be the original name of the file being renamed (mnemonic: "whence" a renamed file comes). RewriteCondition, RewriteRule Use of environment variables in mod_rewrite rules is now supported via the "%{ENV:var}" syntax. SQLGroupInfo The SQLGroupInfo now supports custom queries for retrieve group information. Note that instead of a single custom query, several different queries are needed; different lookups are called for depending on the situation and configuration of mod_sql (e.g. using the 'groupset' or 'groupsetfast' SQLAuthenticate parameters). See doc/contrib/mod_sql.html#SQLGroupInfo and doc/howto/SQL.html#SQLUsersetfast for more details. SQLUserInfo The support for custom SQLUserInfo queries has been extended to support custom queries to be used when the 'userset' or 'usersetfast' SQLAuthenticate parameters are used. For more information, see doc/contrib/mod_sql.html#SQLUserInfo and doc/howto/SQL.html#SQLUsersetfast. TLSOptions The NoSessionReuseRequired option has been added. As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse the SSL session of the control connection, as a security measure. Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions. To relax the requirement that the SSL session from the control connection be reused for data connections, use the following in the proftpd.conf: <IfModule mod_tls.c> ... TLSOptions NoSessionReuseRequired ... </IfModule> TLSRequired The TLSRequired directive can now be used in <Directory> sections and in .ftpaccess files. When used in these configuration contexts, only the TLSRequired values that require SSL/TLS protection on data transfers are honored. With this, it is now possible to mark specific files or directories as requiring SSL/TLS protection to be accessed via data transfer. TransferLog The "service-name" field of the TransferLog usually contains just "ftp". In order to support TransferLogs for SFTP and SCP transfers, the service-name field of the TransferLog format may now show "sftp" or "scp". It may also show "ftps" instead of "ftp", if the data transfer occurred while the client is using FTP over SSL/TLS. NOTE: This change, while correct, may cause issues for log parsers. + Deprecated configuration directives: AnonymousGroup Support for this directive has been removed. + Developer Notes If you are a module developer, then you will want to know of the following API/internals changes: * The original USER value sent by the client is no longer stored in the config tree. That is, the following no longer works: user = get_param_ptr(main_server->conf, C_USER, FALSE); Instead, the original USER value is stashes in the session.notes table. Thus the above line of code can be replaced with: user = pr_table_get(session.notes, "mod_auth.orig-user", NULL); A similar change occurred for the anonymous "password" sent, but this will probably not apply to most modules. Last Updated: $Date: 2010/09/09 22:56:19 $ |
|
From: TJ S. <cas...@us...> - 2010-09-09 22:56:29
|
Update of /cvsroot/pdd/www.proftpd.org/include In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv17577/include Modified Files: header.epl Log Message: Updating website for release of 1.3.3b. Index: header.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/include/header.epl,v retrieving revision 1.42 retrieving revision 1.43 diff -C2 -r1.42 -r1.43 *** header.epl 1 Jul 2010 15:36:02 -0000 1.42 --- header.epl 9 Sep 2010 22:56:19 -0000 1.43 *************** *** 18,29 **** <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3a</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3a">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3a">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3a.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3a.tar.bz2">bz2</a> ]</span> </div> Release Candidate: <strong>None</strong> --- 18,29 ---- <div id="menu"> <h1>Current Versions</h1> ! Stable: <strong>1.3.3b</strong> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/RELEASE_NOTES-1.3.3b">RELEASE_NOTES</a> ]</span> </div> <div class="indent"> ! <span class="nowrap">[ <a href="/docs/NEWS-1.3.3b">NEWS</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3b.tar.gz">gz</a> ]</span> ! <span class="nowrap">[ <a href="ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3b.tar.bz2">bz2</a> ]</span> </div> Release Candidate: <strong>None</strong> |
|
From: TJ S. <cas...@us...> - 2010-09-09 22:56:29
|
Update of /cvsroot/pdd/www.proftpd.org In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv17577 Modified Files: md5_pgp.epl index.epl Log Message: Updating website for release of 1.3.3b. Index: md5_pgp.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/md5_pgp.epl,v retrieving revision 1.53 retrieving revision 1.54 diff -C2 -r1.53 -r1.54 *** md5_pgp.epl 1 Jul 2010 15:36:02 -0000 1.53 --- md5_pgp.epl 9 Sep 2010 22:56:19 -0000 1.54 *************** *** 11,16 **** 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 55ae8b32c9f5c00340188b7094c36ffc <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3a.tar.bz2">proftpd-1.3.3a.tar.bz2</a> ! 841205173526af20c120208d4ae9446d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3a.tar.gz">proftpd-1.3.3a.tar.gz</a> </pre> --- 11,16 ---- 018e0eb1757d9cea2a0e17f2c9b1ca2d <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.bz2">proftpd-1.3.2e.tar.bz2</a> 4ecb82cb1050c0e897d5343f6d2cc1ed <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.2e.tar.gz">proftpd-1.3.2e.tar.gz</a> ! 721b8232fcac36317a6a1d29fa86250e <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3b.tar.bz2">proftpd-1.3.3b.tar.bz2</a> ! 5758599043a5424607dd00a3b8f5b5b9 <a href="ftp://ftp.proftpd.org/distrib/sources/proftpd-1.3.3b.tar.gz">proftpd-1.3.3b.tar.gz</a> </pre> *************** *** 40,61 **** <pre> ! <strong>proftpd-1.3.3a.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkwssfUACgkQt46JP6URl2qazwCfRlEHMbLln01o057zvMCSQ4jA ! /LgAoND72xcNJKUzlhoHGJqIce89/LTw ! =QuDn -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3a.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkwssgAACgkQt46JP6URl2rehwCfe48fN8ny5D4xT0O+3y0Ibo0C ! gqYAoP1AzX9MPCTCPLxuYn0N5VSv0+7U ! =ax4f -----END PGP SIGNATURE----- </pre> --- 40,61 ---- <pre> ! <strong>proftpd-1.3.3b.tar.bz2.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkyJY1cACgkQt46JP6URl2rvYACdHPrghqqc+GSjzbYSIaQ4L6jU ! f6cAn2WgGfjoV0iB8QFGGGcBl6CFcfQM ! =IX0b -----END PGP SIGNATURE----- </pre> <pre> ! <strong>proftpd-1.3.3b.tar.gz.asc</strong> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) ! iEYEABECAAYFAkyJY0wACgkQt46JP6URl2pyvgCaAkxHCa1CCgCnzSDsKQITxoF3 ! M+kAniHIRyQYtkvRqz05KiUN2leAGJYU ! =gVbK -----END PGP SIGNATURE----- </pre> Index: index.epl =================================================================== RCS file: /cvsroot/pdd/www.proftpd.org/index.epl,v retrieving revision 1.108 retrieving revision 1.109 diff -C2 -r1.108 -r1.109 *** index.epl 1 Jul 2010 15:36:02 -0000 1.108 --- index.epl 9 Sep 2010 22:56:19 -0000 1.109 *************** *** 4,7 **** --- 4,14 ---- #include "header.epl" + <h1>1.3.3b released</h1> + [<i>09/Sep/2010</i>] + <p>The ProFTPD Project team is happy to release 1.3.3b to the community. + This is a maintenance release, containing backported fixes for bugs found + in the 1.3.3 release. The <a href="docs/RELEASE_NOTES-1.3.3b">RELEASE_NOTES</a> + and <a href="docs/NEWS-1.3.3b">NEWS</a> files contain the full details.</p> + <h1>1.3.3a released</h1> [<i>01/Jul/2010</i>] |
|
From: John M. <jw...@us...> - 2010-09-02 15:40:40
|
Update of /cvsroot/pdd/Userguide/directives/sgml In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv21495 Modified Files: CreateHome Log Message: add optional uid/gid args for intermediate directories Index: CreateHome =================================================================== RCS file: /cvsroot/pdd/Userguide/directives/sgml/CreateHome,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -r1.2 -r1.3 *** CreateHome 29 Jan 2003 22:01:02 -0000 1.2 --- CreateHome 2 Sep 2010 15:40:30 -0000 1.3 *************** *** 23,27 **** <command>CreateHome</command> <arg choice="opt"> ! <option>off|on [<mode>] [skel <path>] [dirmode <mode>]</option> </arg> <!-- --- 23,27 ---- <command>CreateHome</command> <arg choice="opt"> ! <option>off|on [<mode>] [skel <path>] [dirmode <mode>] [uid <uid>] [gid <gid>]</option> </arg> <!-- *************** *** 53,56 **** --- 53,59 ---- 1.2.8rc2 and later </para> </listitem> + <listitem> <para> + 1.3.1rc1 and later for uid, gid arguments + </para> </listitem> </varlistentry> </variablelist> *************** *** 81,89 **** <para> ! The optional dirmode parameter can be used to specify the mode for intermediate ! directories that may need to be created in order to create the target home ! directory. By default, the mode for such intermediate directories will be 711. ! NOTE: using a mode that does not allow for the execute bit to be enabled can ! cause havoc. You have been warned. </para> </refsect1> --- 84,93 ---- <para> ! The optional dirmode, uid, and gid parameters can be used to specify the ! mode, owner, and group for intermediate directories that may need to be ! created in order to create the target home directory. By default, the mode ! for such intermediate directories will be 711. NOTE: using a mode that does ! not allow for the execute bit to be enabled can cause havoc. You have been ! warned. </para> </refsect1> |
|
From: TJ S. <cas...@us...> - 2010-08-25 21:21:28
|
Update of /cvsroot/pdd/www.proftpd.org/docs/howto In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv21896 Added Files: Testing.html Log Message: Add the testsuite howto to the docs/howto/ area of the website. --- NEW FILE --- <!-- $Id: Testing.html,v 1.1 2010/08/25 21:21:19 castaglia Exp $ --> <!-- $Source: /cvsroot/pdd/www.proftpd.org/docs/howto/Testing.html,v $ --> <html> <head> <title>ProFTPD mini-HOWTO - Testing</title> </head> <body bgcolor=white> <hr> <center><h2><b>ProFTPD Testsuite</b></h2></center> <hr> <p> The proftpd source code is accompanied by a testsuite, for testing various features and functionality. At present, the testsuite is divided into two main parts: the API-level tests, and the integration tests. The API tests are written in C, and exercise the various APIs that proftpd provides to module developers. The integration tests are currently written in Perl, and seek to check a compiled <code>proftpd</code>'s run-time behavior. <p> In order to run the testsuite, you must configure your proftpd build so that the testsuite is prepared. You do this by using the <code>--enable-tests</code> configure option, along with your other build options, <i>e.g.</i>: <pre> # ./configure --enable-tests ... </pre> <p> <b>API Tests</b><br> The API tests use the <code>libcheck</code> library; see: <pre> <a href="http://check.sourceforge.net/">http://check.sourceforge.net/</a> </pre> This library must be installed on your machine in order to run the API tests. When the <code>--enable-tests</code> configure option is used, proftpd's configure script will check for libcheck, and will fail unless the library is present. If no <code>libcheck</code> is found and you've used <code>--enable-tests</code>, you will see: <pre> checking for tcase_create in -lcheck... no configure: error: libcheck support, required for tests, not present -- aborting </pre> Note that, if necessary, the <code>--with-includes</code> and <code>--with-libraries</code> configure options can be used to specify the locations of the <code>libcheck</code> headers and libraries. <p> To run the testsuite, use the <code>make check</code> target: <pre> # ./configure --enable-tests ... # make ... # make check ... ./api-tests Running suite(s): pool array str sets timers table var event env version feat netaddr netacl class regexp expr scoreboard modules 100%: Checks: 140, Failures: 0, Errors: 0 </pre> The <code>make check</code> will also go on to run the integration tests, if the API tests all pass. </pre> <p> If one of the API tests fails, you will see an error message like: <pre> 99%: Checks: 140, Failures: 1, Errors: 0 api/env.c:53:F:base:env_get_test:0: Failed to handle null arguments ------------------------------------------------- FAILED 1 test Please send email to: pro...@li... containing the `api-tests.log' file (in the tests/ directory) and the output from running `proftpd -V' ------------------------------------------------- </pre> Please do follow those instructions; you will be helping in proftpd development! <p> <b>Integration Tests</b><br> The current integration tests are written in Perl, and rely on the <code>Test-Unit</code> Perl package. Specifically, you <b>must</b> use <code>Test-Unit-0.14</code>, <b>not</b> <code>Test-Unit-0.25</code>. Not sure which version of <code>Test-Unit</code> you have, if at all? Run the following command: <pre> # perl -MTest::Unit -e 'print $Test::Unit::VERSION, "\n";' 0.14 </pre> <p> To run the integration tests manually, use the <code>tests.pl</code> script: <pre> # cd tests/ # perl tests.pl t/logins.....................ok t/commands/user..............ok t/commands/pass..............ok t/commands/pwd...............ok t/commands/cwd...............ok t/commands/cdup..............ok t/commands/syst..............ok t/commands/type..............ok t/commands/mkd...............ok t/commands/rmd...............ok t/commands/dele..............ok t/commands/mdtm..............ok t/commands/size..............ok t/commands/mode..............ok t/commands/stru..............ok t/commands/allo..............ok t/commands/noop..............ok t/commands/feat..............ok t/commands/help..............ok t/commands/quit..............ok t/commands/rnfr..............ok t/commands/rnto..............ok t/commands/rest..............ok t/commands/pasv..............ok t/commands/epsv..............ok t/commands/port..............ok t/commands/eprt..............ok t/commands/nlst..............ok t/commands/list..............ok t/commands/retr..............ok t/commands/stor..............ok t/commands/appe..............ok t/config/displayconnect......ok t/config/displaylogin........ok t/config/maxloginattempts....ok t/config/serverident.........ok All tests successful. Files=37, Tests=141, 160 wallclock secs ( 4.33 cusr + 4.74 csys = 9.07 CPU) </pre> <p> Some of the integration require root privileges in order to perform the test properly, <i>e.g.</i> for <code><Anonymous></code>/<code>DefaultRoot</code> logins, <i>etc</i>. If you do <i>not</i> run `make check' as root, those tests which require root privileges are automatically skipped. Thus for doing a full regression, run the integration tests as the root user. <p> <b>Adding New Tests</b><br> The following information is for those who are interested in adding new tests, updating existing tests, or otherwise helping with the testsuite development. <p> The API tests driver, <code>api-tests</code>, honors the <code>PR_TEST_SUITE</code> environment variable. This is useful for running just the test cases associated with a particular suite, such as <i>env</i> or <i>pool</i>. Only <b>one</b> suite can be specified using the <code>PR_TEST_SUITE</code> environment variable: <pre> # make check # cd tests/ # PR_TEST_SUITE=pool ./api-tests Running suite(s): pool 100%: Checks: 5, Failures: 0, Errors: 0 </pre> This way, when you are adding to an existing test case or adding a new test case to an existing suite, you need not run the entire API testsuite in order to run your changes. <p> <hr> Last updated: <i>$Date: 2010/08/25 21:21:19 $</i><br> <hr> </body> </html> |
