* [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches.
@ 2021-03-30 7:52 david larsson
2021-03-30 9:20 ` david larsson
0 siblings, 1 reply; 6+ messages in thread
From: david larsson @ 2021-03-30 7:52 UTC (permalink / raw)
To: 47495
[-- Attachment #1: Type: text/plain, Size: 73 bytes --]
Hi,
the attached patch updates vsftpd so it can use tlsv1.2 etc.
//David
[-- Attachment #2: 0001-gnu-vsftpd-Use-CentOS-version-and-patches.patch --]
[-- Type: text/x-diff, Size: 13092 bytes --]
From 4f11b0960610e2afe670630bb1b93150714ce516 Mon Sep 17 00:00:00 2001
From: methuselah-0 <david.larsson@selfhosted.xyz>
Date: Tue, 30 Mar 2021 09:45:41 +0200
Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
* gnu/packages/ftp.scm (vftpd): Use CentOS version and patches.
---
gnu/packages/ftp.scm | 138 ++++++++++++++++++++++++++++++++++++-------
1 file changed, 118 insertions(+), 20 deletions(-)
diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm
index b178063556..9d704aaa3f 100644
--- a/gnu/packages/ftp.scm
+++ b/gnu/packages/ftp.scm
@@ -28,18 +28,21 @@
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cpio)
#:use-module (gnu packages compression)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gtk)
#:use-module (gnu packages libidn)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages tls)
+ #:use-module (gnu packages version-control)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages xml))
@@ -256,32 +259,127 @@ directory comparison and more.")
(version "3.0.3")
(source (origin
(method url-fetch)
- (uri (string-append "https://security.appspot.com/downloads/"
- name "-" version ".tar.gz"))
+ (uri "https://vault.centos.org/centos/8.3.2011/AppStream/Source/SPackages/vsftpd-3.0.3-32.el8.src.rpm")
(sha256
(base32
- "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"))))
+ "1xl0kqcismf82hl99klqbvvpylpyk1yr1qjy5hd8f80cj4lyl0f4"))))
(build-system gnu-build-system)
(arguments
- `(#:make-flags '("LDFLAGS=-lcrypt")
- #:tests? #f ; No tests exist.
+ `(#:make-flags '("LDFLAGS=-lcrypt -lssl -pie")
+ #:tests? #f ; No tests exist.
#:phases
(modify-phases %standard-phases
- (add-after 'unpack 'patch-installation-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr") (assoc-ref outputs "out")))
- #t))
- (add-before 'install 'mkdir
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (mkdir-p out)
- (mkdir (string-append out "/sbin"))
- (mkdir (string-append out "/man"))
- (mkdir (string-append out "/man/man5"))
- (mkdir (string-append out "/man/man8"))
- #t)))
- (delete 'configure))))
+ (add-after 'unpack 'patch-installation-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("/usr") (assoc-ref outputs "out")))
+ #t))
+ (replace 'unpack
+ (lambda* (#:key source #:allow-other-keys)
+ (invoke "7z" "e" source (string-append "-o" "./" "vsftpd-3.0.3-32.el8.src.cpio"))
+ (chdir "./vsftpd-3.0.3-32.el8.src.cpio")
+ (invoke "cpio" "-idmv" (string-append "--file=./vsftpd-3.0.3-32.el8.src.cpio"))
+ (invoke "tar" "xvf" "./vsftpd-3.0.3.tar.gz")
+ (let ((patches '("0001-Don-t-use-the-provided-script-to-locate-libraries.patch"
+ "0002-Enable-build-with-SSL.patch"
+ "0003-Enable-build-with-TCP-Wrapper.patch"
+ "0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch"
+ "0005-Use-hostname-when-calling-PAM-authentication-module.patch"
+ "0006-Close-stdin-out-err-before-listening-for-incoming-co.patch"
+ "0007-Make-filename-filters-smarter.patch"
+ "0008-Write-denied-logins-into-the-log.patch"
+ "0009-Trim-whitespaces-when-reading-configuration.patch"
+ "0010-Improve-daemonizing.patch"
+ "0011-Fix-listing-with-more-than-one-star.patch"
+ "0012-Replace-syscall-__NR_clone-.-with-clone.patch"
+ "0013-Extend-man-pages-with-systemd-info.patch"
+ "0014-Add-support-for-square-brackets-in-ls.patch"
+ "0015-Listen-on-IPv6-by-default.patch"
+ "0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch"
+ "0017-Fix-an-issue-with-timestamps-during-DST.patch"
+ "0018-Change-the-default-log-file-in-configuration.patch"
+ "0019-Introduce-reverse_lookup_enable-option.patch"
+ "0020-Use-unsigned-int-for-uid-and-gid-representation.patch"
+ "0021-Introduce-support-for-DHE-based-cipher-suites.patch"
+ "0022-Introduce-support-for-EDDHE-based-cipher-suites.patch"
+ "0023-Add-documentation-for-isolate_-options.-Correct-defa.patch"
+ "0024-Introduce-new-return-value-450.patch"
+ "0025-Improve-local_max_rate-option.patch"
+ "0026-Prevent-hanging-in-SIGCHLD-handler.patch"
+ "0027-Delete-files-when-upload-fails.patch"
+ "0028-Fix-man-page-rendering.patch"
+ "0029-Fix-segfault-in-config-file-parser.patch"
+ "0030-Fix-logging-into-syslog-when-enabled-in-config.patch"
+ "0031-Fix-question-mark-wildcard-withing-a-file-name.patch"
+ "0032-Propagate-errors-from-nfs-with-quota-to-client.patch"
+ "0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch"
+ "0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch"
+ "0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch"
+ "0036-Redefine-VSFTP_COMMAND_FD-to-1.patch"
+ "0037-Document-the-relationship-of-text_userdb_names-and-c.patch"
+ "0038-Document-allow_writeable_chroot-in-the-man-page.patch"
+ "0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch"
+ "0040-Use-system-wide-crypto-policy.patch"
+ "0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch"
+ "0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch"
+ "0043-Enable-only-TLSv1.2-by-default.patch"
+ "0044-Disable-anonymous_enable-in-default-config-file.patch"
+ "0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch"
+ "0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch"
+ "0047-Disable-tcp_wrappers-support.patch"
+ "0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch"
+ "0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch"
+ "0050-Don-t-link-with-libnsl.patch"
+ "0051-Improve-documentation-of-better_stou-in-the-man-page.patch"
+ "0052-Fix-rDNS-with-IPv6.patch"
+ "0053-Always-do-chdir-after-chroot.patch"
+ "0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch"
+ "0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch"
+ "0056-Log-die-calls-to-syslog.patch"
+ "0057-Improve-error-message-when-max-number-of-bind-attemp.patch"
+ "0058-Make-the-max-number-of-bind-retries-tunable.patch"
+ "0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch"
+ "0001-Move-closing-standard-FDs-after-listen.patch"
+ "0002-Prevent-recursion-in-bug.patch"
+ "0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch"
+ "0002-Repeat-pututxline-if-it-fails-with-EINTR.patch"
+ "0003-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch"
+ "0001-Fix-timestamp-handling-in-MDTM.patch"
+ "0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch"
+ )))
+ (map (lambda (x) (invoke "mv" (string-append "./" x) "vsftpd-3.0.3/")) patches)
+ (chdir "./vsftpd-3.0.3")
+ (invoke "git" "init" ".")
+ (invoke "git" "config" "user.email" "you@example.com")
+ (invoke "git" "config" "user.name" "Your Name" )
+ (invoke "git" "add" ".")
+ (invoke "git" "commit" "-m" "first")
+ (map (lambda (x) (invoke "git" "am" (string-append "./" x))) patches)
+ (map (lambda (x) (invoke "rm" (string-append "./" x))) patches)
+ (invoke "rm" "-rf" "./.git")
+ (chdir "../")
+ (invoke "mv" "./vsftpd-3.0.3" "../")
+ (chdir "../")
+ (invoke "rm" "-rf" "./vsftpd-3.0.3-32.el8.src.cpio")
+ (chdir "./vsftpd-3.0.3")
+ )
+ #t))
+ (add-before 'install 'mkdir
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (mkdir-p out)
+ (mkdir (string-append out "/sbin"))
+ (mkdir (string-append out "/man"))
+ (mkdir (string-append out "/man/man5"))
+ (mkdir (string-append out "/man/man8"))
+ #t)))
+ (delete 'configure))))
+ (native-inputs `(("openssl" ,openssl)
+ ("linux-pam" ,linux-pam)
+ ("p7zip" ,p7zip)
+ ("cpio" ,cpio)
+ ("git" ,git-minimal)
+ ("libcap" ,libcap)))
(synopsis "vsftpd FTP daemon")
(description "@command{vsftpd} is a daemon that listens on a TCP socket
for clients and gives them access to local files via File Transfer
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches.
2021-03-30 7:52 [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches david larsson
@ 2021-03-30 9:20 ` david larsson
2021-03-30 15:32 ` Tobias Geerinckx-Rice via Guix-patches via
0 siblings, 1 reply; 6+ messages in thread
From: david larsson @ 2021-03-30 9:20 UTC (permalink / raw)
To: 47495; +Cc: Guix-patches
[-- Attachment #1: Type: text/plain, Size: 24975 bytes --]
On 2021-03-30 09:52, david larsson wrote:
> Hi,
> the attached patch updates vsftpd so it can use tlsv1.2 etc.
>
> //David
Sorry, that was the wrong patch that got attached. I have attached the
correct one now, and pasted below:
From 10868d1d6e705abc9e1d5744f6eea321f3dafc64 Mon Sep 17 00:00:00 2001
From: methuselah-0 <david.larsson@selfhosted.xyz>
Date: Tue, 30 Mar 2021 11:18:09 +0200
Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
* gnu/packages/ftp.scm (vftpd): Use CentOS version and patches.
---
gnu/packages/ftp.scm | 185 +++++++++++++++++++++++++++++++++++--------
1 file changed, 150 insertions(+), 35 deletions(-)
diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm
index b178063556..1c2c8119c7 100644
--- a/gnu/packages/ftp.scm
+++ b/gnu/packages/ftp.scm
@@ -28,18 +28,21 @@
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cpio)
#:use-module (gnu packages compression)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gtk)
#:use-module (gnu packages libidn)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages tls)
+ #:use-module (gnu packages version-control)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages xml))
@@ -251,40 +254,152 @@ directory comparison and more.")
(properties '((upstream-name . "FileZilla")))))
(define-public vsftpd
- (package
- (name "vsftpd")
- (version "3.0.3")
- (source (origin
- (method url-fetch)
- (uri (string-append
"https://security.appspot.com/downloads/"
- name "-" version ".tar.gz"))
- (sha256
- (base32
-
"1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"))))
- (build-system gnu-build-system)
- (arguments
- `(#:make-flags '("LDFLAGS=-lcrypt")
- #:tests? #f ; No tests exist.
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'patch-installation-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr") (assoc-ref outputs "out")))
- #t))
- (add-before 'install 'mkdir
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (mkdir-p out)
- (mkdir (string-append out "/sbin"))
- (mkdir (string-append out "/man"))
- (mkdir (string-append out "/man/man5"))
- (mkdir (string-append out "/man/man8"))
- #t)))
- (delete 'configure))))
- (synopsis "vsftpd FTP daemon")
- (description "@command{vsftpd} is a daemon that listens on a TCP
socket
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+ (package
+ (name "vsftpd")
+ (version version)
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://vault.centos.org/centos/" centos-version
+ "/AppStream/Source/SPackages/vsftpd-" version "-"
+ revision ".el8.src.rpm"))
+ (sha256
+ (base32
+
"1xl0kqcismf82hl99klqbvvpylpyk1yr1qjy5hd8f80cj4lyl0f4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags '("LDFLAGS=-lcrypt -lssl -pie")
+ #:tests? #f ; No tests exist.
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-installation-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("/usr") (assoc-ref outputs "out")))
+ #t))
+ (replace 'unpack
+ (lambda* (#:key source #:allow-other-keys)
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+
+ (invoke "7z" "e" source (string-append "-o"
"./vsftpd-"
+ version "-"
+ revision
".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version "-"
+ revision ".el8.src.cpio"))
+ (invoke "cpio" "-idmv" (string-append
"--file=./vsftpd-"
+ version "-"
+ revision
".el8.src.cpio"))
+ (invoke "tar" "xvf" (string-append "./vsftpd-"
version ".tar.gz"))
+ (let ((patches
+
'("0001-Don-t-use-the-provided-script-to-locate-libraries.patch"
+ "0002-Enable-build-with-SSL.patch"
+ "0003-Enable-build-with-TCP-Wrapper.patch"
+
"0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch"
+
"0005-Use-hostname-when-calling-PAM-authentication-module.patch"
+
"0006-Close-stdin-out-err-before-listening-for-incoming-co.patch"
+ "0007-Make-filename-filters-smarter.patch"
+ "0008-Write-denied-logins-into-the-log.patch"
+
"0009-Trim-whitespaces-when-reading-configuration.patch"
+ "0010-Improve-daemonizing.patch"
+ "0011-Fix-listing-with-more-than-one-star.patch"
+
"0012-Replace-syscall-__NR_clone-.-with-clone.patch"
+ "0013-Extend-man-pages-with-systemd-info.patch"
+
"0014-Add-support-for-square-brackets-in-ls.patch"
+ "0015-Listen-on-IPv6-by-default.patch"
+
"0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch"
+
"0017-Fix-an-issue-with-timestamps-during-DST.patch"
+
"0018-Change-the-default-log-file-in-configuration.patch"
+
"0019-Introduce-reverse_lookup_enable-option.patch"
+
"0020-Use-unsigned-int-for-uid-and-gid-representation.patch"
+
"0021-Introduce-support-for-DHE-based-cipher-suites.patch"
+
"0022-Introduce-support-for-EDDHE-based-cipher-suites.patch"
+
"0023-Add-documentation-for-isolate_-options.-Correct-defa.patch"
+ "0024-Introduce-new-return-value-450.patch"
+ "0025-Improve-local_max_rate-option.patch"
+ "0026-Prevent-hanging-in-SIGCHLD-handler.patch"
+ "0027-Delete-files-when-upload-fails.patch"
+ "0028-Fix-man-page-rendering.patch"
+ "0029-Fix-segfault-in-config-file-parser.patch"
+
"0030-Fix-logging-into-syslog-when-enabled-in-config.patch"
+
"0031-Fix-question-mark-wildcard-withing-a-file-name.patch"
+
"0032-Propagate-errors-from-nfs-with-quota-to-client.patch"
+
"0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch"
+
"0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch"
+
"0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch"
+ "0036-Redefine-VSFTP_COMMAND_FD-to-1.patch"
+
"0037-Document-the-relationship-of-text_userdb_names-and-c.patch"
+
"0038-Document-allow_writeable_chroot-in-the-man-page.patch"
+
"0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch"
+ "0040-Use-system-wide-crypto-policy.patch"
+
"0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch"
+
"0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch"
+ "0043-Enable-only-TLSv1.2-by-default.patch"
+
"0044-Disable-anonymous_enable-in-default-config-file.patch"
+
"0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch"
+
"0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch"
+ "0047-Disable-tcp_wrappers-support.patch"
+
"0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch"
+
"0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch"
+ "0050-Don-t-link-with-libnsl.patch"
+
"0051-Improve-documentation-of-better_stou-in-the-man-page.patch"
+ "0052-Fix-rDNS-with-IPv6.patch"
+ "0053-Always-do-chdir-after-chroot.patch"
+
"0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch"
+
"0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch"
+ "0056-Log-die-calls-to-syslog.patch"
+
"0057-Improve-error-message-when-max-number-of-bind-attemp.patch"
+
"0058-Make-the-max-number-of-bind-retries-tunable.patch"
+
"0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch"
+
"0001-Move-closing-standard-FDs-after-listen.patch"
+ "0002-Prevent-recursion-in-bug.patch"
+
"0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch"
+
"0002-Repeat-pututxline-if-it-fails-with-EINTR.patch"
+
"0003-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch"
+ "0001-Fix-timestamp-handling-in-MDTM.patch"
+
"0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch")))
+ (map (lambda (x) (invoke "mv" (string-append "./"
x)
+ (string-append "vsftpd-"
version "/")))
+ patches)
+ (chdir (string-append "./vsftpd-" version))
+ (invoke "git" "init" ".")
+ (invoke "git" "config" "user.email"
"you@example.com")
+ (invoke "git" "config" "user.name" "Your Name" )
+ (invoke "git" "add" ".")
+ (invoke "git" "commit" "-m" "first")
+ (map (lambda (x) (invoke "git" "am" (string-append
"./" x))) patches)
+ (map (lambda (x) (invoke "rm" (string-append "./"
x))) patches)
+ (invoke "rm" "-rf" "./.git")
+ (chdir "../")
+ (invoke "mv" (string-append "./vsftpd-" version)
"../")
+ (chdir "../")
+ (invoke "rm" "-rf" (string-append "./vsftpd-"
version "-"
+ revision
".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version)))
+ #t)))
+ (add-before 'install 'mkdirFrom
10868d1d6e705abc9e1d5744f6eea321f3dafc64 Mon Sep 17 00:00:00 2001
From: methuselah-0 <david.larsson@selfhosted.xyz>
Date: Tue, 30 Mar 2021 11:18:09 +0200
Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
* gnu/packages/ftp.scm (vftpd): Use CentOS version and patches.
---
gnu/packages/ftp.scm | 185 +++++++++++++++++++++++++++++++++++--------
1 file changed, 150 insertions(+), 35 deletions(-)
diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm
index b178063556..1c2c8119c7 100644
--- a/gnu/packages/ftp.scm
+++ b/gnu/packages/ftp.scm
@@ -28,18 +28,21 @@
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cpio)
#:use-module (gnu packages compression)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gtk)
#:use-module (gnu packages libidn)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages tls)
+ #:use-module (gnu packages version-control)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages xml))
@@ -251,40 +254,152 @@ directory comparison and more.")
(properties '((upstream-name . "FileZilla")))))
(define-public vsftpd
- (package
- (name "vsftpd")
- (version "3.0.3")
- (source (origin
- (method url-fetch)
- (uri (string-append
"https://security.appspot.com/downloads/"
- name "-" version ".tar.gz"))
- (sha256
- (base32
-
"1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"))))
- (build-system gnu-build-system)
- (arguments
- `(#:make-flags '("LDFLAGS=-lcrypt")
- #:tests? #f ; No tests exist.
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'patch-installation-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr") (assoc-ref outputs "out")))
- #t))
- (add-before 'install 'mkdir
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (mkdir-p out)
- (mkdir (string-append out "/sbin"))
- (mkdir (string-append out "/man"))
- (mkdir (string-append out "/man/man5"))
- (mkdir (string-append out "/man/man8"))
- #t)))
- (delete 'configure))))
- (synopsis "vsftpd FTP daemon")
- (description "@command{vsftpd} is a daemon that listens on a TCP
socket
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+ (package
+ (name "vsftpd")
+ (version version)
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://vault.centos.org/centos/" centos-version
+ "/AppStream/Source/SPackages/vsftpd-" version "-"
+ revision ".el8.src.rpm"))
+ (sha256
+ (base32
+
"1xl0kqcismf82hl99klqbvvpylpyk1yr1qjy5hd8f80cj4lyl0f4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags '("LDFLAGS=-lcrypt -lssl -pie")
+ #:tests? #f ; No tests exist.
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-installation-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("/usr") (assoc-ref outputs "out")))
+ #t))
+ (replace 'unpack
+ (lambda* (#:key source #:allow-other-keys)
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+
+ (invoke "7z" "e" source (string-append "-o"
"./vsftpd-"
+ version "-"
+ revision
".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version "-"
+ revision ".el8.src.cpio"))
+ (invoke "cpio" "-idmv" (string-append
"--file=./vsftpd-"
+ version "-"
+ revision
".el8.src.cpio"))
+ (invoke "tar" "xvf" (string-append "./vsftpd-"
version ".tar.gz"))
+ (let ((patches
+
'("0001-Don-t-use-the-provided-script-to-locate-libraries.patch"
+ "0002-Enable-build-with-SSL.patch"
+ "0003-Enable-build-with-TCP-Wrapper.patch"
+
"0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch"
+
"0005-Use-hostname-when-calling-PAM-authentication-module.patch"
+
"0006-Close-stdin-out-err-before-listening-for-incoming-co.patch"
+ "0007-Make-filename-filters-smarter.patch"
+ "0008-Write-denied-logins-into-the-log.patch"
+
"0009-Trim-whitespaces-when-reading-configuration.patch"
+ "0010-Improve-daemonizing.patch"
+ "0011-Fix-listing-with-more-than-one-star.patch"
+
"0012-Replace-syscall-__NR_clone-.-with-clone.patch"
+ "0013-Extend-man-pages-with-systemd-info.patch"
+
"0014-Add-support-for-square-brackets-in-ls.patch"
+ "0015-Listen-on-IPv6-by-default.patch"
+
"0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch"
+
"0017-Fix-an-issue-with-timestamps-during-DST.patch"
+
"0018-Change-the-default-log-file-in-configuration.patch"
+
"0019-Introduce-reverse_lookup_enable-option.patch"
+
"0020-Use-unsigned-int-for-uid-and-gid-representation.patch"
+
"0021-Introduce-support-for-DHE-based-cipher-suites.patch"
+
"0022-Introduce-support-for-EDDHE-based-cipher-suites.patch"
+
"0023-Add-documentation-for-isolate_-options.-Correct-defa.patch"
+ "0024-Introduce-new-return-value-450.patch"
+ "0025-Improve-local_max_rate-option.patch"
+ "0026-Prevent-hanging-in-SIGCHLD-handler.patch"
+ "0027-Delete-files-when-upload-fails.patch"
+ "0028-Fix-man-page-rendering.patch"
+ "0029-Fix-segfault-in-config-file-parser.patch"
+
"0030-Fix-logging-into-syslog-when-enabled-in-config.patch"
+
"0031-Fix-question-mark-wildcard-withing-a-file-name.patch"
+
"0032-Propagate-errors-from-nfs-with-quota-to-client.patch"
+
"0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch"
+
"0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch"
+
"0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch"
+ "0036-Redefine-VSFTP_COMMAND_FD-to-1.patch"
+
"0037-Document-the-relationship-of-text_userdb_names-and-c.patch"
+
"0038-Document-allow_writeable_chroot-in-the-man-page.patch"
+
"0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch"
+ "0040-Use-system-wide-crypto-policy.patch"
+
"0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch"
+
"0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch"
+ "0043-Enable-only-TLSv1.2-by-default.patch"
+
"0044-Disable-anonymous_enable-in-default-config-file.patch"
+
"0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch"
+
"0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch"
+ "0047-Disable-tcp_wrappers-support.patch"
+
"0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch"
+
"0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch"
+ "0050-Don-t-link-with-libnsl.patch"
+
"0051-Improve-documentation-of-better_stou-in-the-man-page.patch"
+ "0052-Fix-rDNS-with-IPv6.patch"
+ "0053-Always-do-chdir-after-chroot.patch"
+
"0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch"
+
"0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch"
+ "0056-Log-die-calls-to-syslog.patch"
+
"0057-Improve-error-message-when-max-number-of-bind-attemp.patch"
+
"0058-Make-the-max-number-of-bind-retries-tunable.patch"
+
"0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch"
+
"0001-Move-closing-standard-FDs-after-listen.patch"
+ "0002-Prevent-recursion-in-bug.patch"
+
"0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch"
+
"0002-Repeat-pututxline-if-it-fails-with-EINTR.patch"
+
"0003-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch"
+ "0001-Fix-timestamp-handling-in-MDTM.patch"
+
"0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch")))
+ (map (lambda (x) (invoke "mv" (string-append "./"
x)
+ (string-append "vsftpd-"
version "/")))
+ patches)
+ (chdir (string-append "./vsftpd-" version))
+ (invoke "git" "init" ".")
+ (invoke "git" "config" "user.email"
"you@example.com")
+ (invoke "git" "config" "user.name" "Your Name" )
+ (invoke "git" "add" ".")
+ (invoke "git" "commit" "-m" "first")
+ (map (lambda (x) (invoke "git" "am" (string-append
"./" x))) patches)
+ (map (lambda (x) (invoke "rm" (string-append "./"
x))) patches)
+ (invoke "rm" "-rf" "./.git")
+ (chdir "../")
+ (invoke "mv" (string-append "./vsftpd-" version)
"../")
+ (chdir "../")
+ (invoke "rm" "-rf" (string-append "./vsftpd-"
version "-"
+ revision
".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version)))
+ #t)))
+ (add-before 'install 'mkdir
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (mkdir-p out)
+ (mkdir (string-append out "/sbin"))
+ (mkdir (string-append out "/man"))
+ (mkdir (string-append out "/man/man5"))
+ (mkdir (string-append out "/man/man8"))
+ #t)))
+ (delete 'configure))))
+ (native-inputs `(("openssl" ,openssl)
+ ("linux-pam" ,linux-pam)
+ ("p7zip" ,p7zip)
+ ("cpio" ,cpio)
+ ("git" ,git-minimal)
+ ("libcap" ,libcap)))
+ (synopsis "Share files securely over FTP or FTPS")
+ (description "@command{vsftpd} is a daemon that listens on a TCP
socket
for clients and gives them access to local files via File Transfer
Protocol.")
- (home-page "https://security.appspot.com/vsftpd.html")
- (license gpl2)))
+ (home-page "https://security.appspot.com/vsftpd.html")
+ (license gpl2))))
--
2.30.2
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (mkdir-p out)
+ (mkdir (string-append out "/sbin"))
+ (mkdir (string-append out "/man"))
+ (mkdir (string-append out "/man/man5"))
+ (mkdir (string-append out "/man/man8"))
+ #t)))
+ (delete 'configure))))
+ (native-inputs `(("openssl" ,openssl)
+ ("linux-pam" ,linux-pam)
+ ("p7zip" ,p7zip)
+ ("cpio" ,cpio)
+ ("git" ,git-minimal)
+ ("libcap" ,libcap)))
+ (synopsis "Share files securely over FTP or FTPS")
+ (description "@command{vsftpd} is a daemon that listens on a TCP
socket
for clients and gives them access to local files via File Transfer
Protocol.")
- (home-page "https://security.appspot.com/vsftpd.html")
- (license gpl2)))
+ (home-page "https://security.appspot.com/vsftpd.html")
+ (license gpl2))))
--
2.30.2
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-vsftpd-Use-CentOS-version-and-patches.patch --]
[-- Type: text/x-diff; name=0001-gnu-vsftpd-Use-CentOS-version-and-patches.patch, Size: 12287 bytes --]
From 10868d1d6e705abc9e1d5744f6eea321f3dafc64 Mon Sep 17 00:00:00 2001
From: methuselah-0 <david.larsson@selfhosted.xyz>
Date: Tue, 30 Mar 2021 11:18:09 +0200
Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
* gnu/packages/ftp.scm (vftpd): Use CentOS version and patches.
---
gnu/packages/ftp.scm | 185 +++++++++++++++++++++++++++++++++++--------
1 file changed, 150 insertions(+), 35 deletions(-)
diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm
index b178063556..1c2c8119c7 100644
--- a/gnu/packages/ftp.scm
+++ b/gnu/packages/ftp.scm
@@ -28,18 +28,21 @@
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cpio)
#:use-module (gnu packages compression)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gtk)
#:use-module (gnu packages libidn)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages readline)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages tls)
+ #:use-module (gnu packages version-control)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages xml))
@@ -251,40 +254,152 @@ directory comparison and more.")
(properties '((upstream-name . "FileZilla")))))
(define-public vsftpd
- (package
- (name "vsftpd")
- (version "3.0.3")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://security.appspot.com/downloads/"
- name "-" version ".tar.gz"))
- (sha256
- (base32
- "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"))))
- (build-system gnu-build-system)
- (arguments
- `(#:make-flags '("LDFLAGS=-lcrypt")
- #:tests? #f ; No tests exist.
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'patch-installation-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr") (assoc-ref outputs "out")))
- #t))
- (add-before 'install 'mkdir
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (mkdir-p out)
- (mkdir (string-append out "/sbin"))
- (mkdir (string-append out "/man"))
- (mkdir (string-append out "/man/man5"))
- (mkdir (string-append out "/man/man8"))
- #t)))
- (delete 'configure))))
- (synopsis "vsftpd FTP daemon")
- (description "@command{vsftpd} is a daemon that listens on a TCP socket
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+ (package
+ (name "vsftpd")
+ (version version)
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://vault.centos.org/centos/" centos-version
+ "/AppStream/Source/SPackages/vsftpd-" version "-"
+ revision ".el8.src.rpm"))
+ (sha256
+ (base32
+ "1xl0kqcismf82hl99klqbvvpylpyk1yr1qjy5hd8f80cj4lyl0f4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags '("LDFLAGS=-lcrypt -lssl -pie")
+ #:tests? #f ; No tests exist.
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-installation-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("/usr") (assoc-ref outputs "out")))
+ #t))
+ (replace 'unpack
+ (lambda* (#:key source #:allow-other-keys)
+ (let ((version "3.0.3")
+ (revision "32")
+ (centos-version "8.3.2011"))
+
+ (invoke "7z" "e" source (string-append "-o" "./vsftpd-"
+ version "-"
+ revision ".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version "-"
+ revision ".el8.src.cpio"))
+ (invoke "cpio" "-idmv" (string-append "--file=./vsftpd-"
+ version "-"
+ revision ".el8.src.cpio"))
+ (invoke "tar" "xvf" (string-append "./vsftpd-" version ".tar.gz"))
+ (let ((patches
+ '("0001-Don-t-use-the-provided-script-to-locate-libraries.patch"
+ "0002-Enable-build-with-SSL.patch"
+ "0003-Enable-build-with-TCP-Wrapper.patch"
+ "0004-Use-etc-vsftpd-dir-for-config-files-instead-of-etc.patch"
+ "0005-Use-hostname-when-calling-PAM-authentication-module.patch"
+ "0006-Close-stdin-out-err-before-listening-for-incoming-co.patch"
+ "0007-Make-filename-filters-smarter.patch"
+ "0008-Write-denied-logins-into-the-log.patch"
+ "0009-Trim-whitespaces-when-reading-configuration.patch"
+ "0010-Improve-daemonizing.patch"
+ "0011-Fix-listing-with-more-than-one-star.patch"
+ "0012-Replace-syscall-__NR_clone-.-with-clone.patch"
+ "0013-Extend-man-pages-with-systemd-info.patch"
+ "0014-Add-support-for-square-brackets-in-ls.patch"
+ "0015-Listen-on-IPv6-by-default.patch"
+ "0016-Increase-VSFTP_AS_LIMIT-from-200UL-to-400UL.patch"
+ "0017-Fix-an-issue-with-timestamps-during-DST.patch"
+ "0018-Change-the-default-log-file-in-configuration.patch"
+ "0019-Introduce-reverse_lookup_enable-option.patch"
+ "0020-Use-unsigned-int-for-uid-and-gid-representation.patch"
+ "0021-Introduce-support-for-DHE-based-cipher-suites.patch"
+ "0022-Introduce-support-for-EDDHE-based-cipher-suites.patch"
+ "0023-Add-documentation-for-isolate_-options.-Correct-defa.patch"
+ "0024-Introduce-new-return-value-450.patch"
+ "0025-Improve-local_max_rate-option.patch"
+ "0026-Prevent-hanging-in-SIGCHLD-handler.patch"
+ "0027-Delete-files-when-upload-fails.patch"
+ "0028-Fix-man-page-rendering.patch"
+ "0029-Fix-segfault-in-config-file-parser.patch"
+ "0030-Fix-logging-into-syslog-when-enabled-in-config.patch"
+ "0031-Fix-question-mark-wildcard-withing-a-file-name.patch"
+ "0032-Propagate-errors-from-nfs-with-quota-to-client.patch"
+ "0033-Introduce-TLSv1.1-and-TLSv1.2-options.patch"
+ "0034-Turn-off-seccomp-sandbox-because-it-is-too-strict.patch"
+ "0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch"
+ "0036-Redefine-VSFTP_COMMAND_FD-to-1.patch"
+ "0037-Document-the-relationship-of-text_userdb_names-and-c.patch"
+ "0038-Document-allow_writeable_chroot-in-the-man-page.patch"
+ "0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch"
+ "0040-Use-system-wide-crypto-policy.patch"
+ "0041-Document-the-new-default-for-ssl_ciphers-in-the-man-.patch"
+ "0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch"
+ "0043-Enable-only-TLSv1.2-by-default.patch"
+ "0044-Disable-anonymous_enable-in-default-config-file.patch"
+ "0045-Expand-explanation-of-ascii_-options-behaviour-in-ma.patch"
+ "0046-vsftpd.conf-Refer-to-the-man-page-regarding-the-asci.patch"
+ "0047-Disable-tcp_wrappers-support.patch"
+ "0048-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch"
+ "0049-Add-new-filename-generation-algorithm-for-STOU-comma.patch"
+ "0050-Don-t-link-with-libnsl.patch"
+ "0051-Improve-documentation-of-better_stou-in-the-man-page.patch"
+ "0052-Fix-rDNS-with-IPv6.patch"
+ "0053-Always-do-chdir-after-chroot.patch"
+ "0054-vsf_sysutil_rcvtimeo-Check-return-value-of-setsockop.patch"
+ "0055-vsf_sysutil_get_tz-Check-the-return-value-of-syscall.patch"
+ "0056-Log-die-calls-to-syslog.patch"
+ "0057-Improve-error-message-when-max-number-of-bind-attemp.patch"
+ "0058-Make-the-max-number-of-bind-retries-tunable.patch"
+ "0059-Fix-SEGFAULT-when-running-in-a-container-as-PID-1.patch"
+ "0001-Move-closing-standard-FDs-after-listen.patch"
+ "0002-Prevent-recursion-in-bug.patch"
+ "0001-Set-s_uwtmp_inserted-only-after-record-insertion-rem.patch"
+ "0002-Repeat-pututxline-if-it-fails-with-EINTR.patch"
+ "0003-Repeat-pututxline-until-it-succeeds-if-it-fails-with.patch"
+ "0001-Fix-timestamp-handling-in-MDTM.patch"
+ "0001-Remove-a-hint-about-the-ftp_home_dir-SELinux-boolean.patch")))
+ (map (lambda (x) (invoke "mv" (string-append "./" x)
+ (string-append "vsftpd-" version "/")))
+ patches)
+ (chdir (string-append "./vsftpd-" version))
+ (invoke "git" "init" ".")
+ (invoke "git" "config" "user.email" "you@example.com")
+ (invoke "git" "config" "user.name" "Your Name" )
+ (invoke "git" "add" ".")
+ (invoke "git" "commit" "-m" "first")
+ (map (lambda (x) (invoke "git" "am" (string-append "./" x))) patches)
+ (map (lambda (x) (invoke "rm" (string-append "./" x))) patches)
+ (invoke "rm" "-rf" "./.git")
+ (chdir "../")
+ (invoke "mv" (string-append "./vsftpd-" version) "../")
+ (chdir "../")
+ (invoke "rm" "-rf" (string-append "./vsftpd-" version "-"
+ revision ".el8.src.cpio"))
+ (chdir (string-append "./vsftpd-" version)))
+ #t)))
+ (add-before 'install 'mkdir
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (mkdir-p out)
+ (mkdir (string-append out "/sbin"))
+ (mkdir (string-append out "/man"))
+ (mkdir (string-append out "/man/man5"))
+ (mkdir (string-append out "/man/man8"))
+ #t)))
+ (delete 'configure))))
+ (native-inputs `(("openssl" ,openssl)
+ ("linux-pam" ,linux-pam)
+ ("p7zip" ,p7zip)
+ ("cpio" ,cpio)
+ ("git" ,git-minimal)
+ ("libcap" ,libcap)))
+ (synopsis "Share files securely over FTP or FTPS")
+ (description "@command{vsftpd} is a daemon that listens on a TCP socket
for clients and gives them access to local files via File Transfer
Protocol.")
- (home-page "https://security.appspot.com/vsftpd.html")
- (license gpl2)))
+ (home-page "https://security.appspot.com/vsftpd.html")
+ (license gpl2))))
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches.
2021-03-30 9:20 ` david larsson
@ 2021-03-30 15:32 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 15:34 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 18:38 ` david larsson
0 siblings, 2 replies; 6+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2021-03-30 15:32 UTC (permalink / raw)
To: david larsson; +Cc: 47495, guix-patches-bounces+david.larsson=selfhosted.xyz
[-- Attachment #1: Type: text/plain, Size: 4739 bytes --]
David,
david larsson writes:
> Hi,
> the attached patch updates vsftpd so it can use tlsv1.2 etc.
Wow. Thanks!
As indicated on IRC I've made some changes to the patch, mainly to
avoid hard-coding all patches. The result is attached. Let me
know what you think.
Further random comments below:
> From: methuselah-0 <david.larsson@selfhosted.xyz>
> Date: Tue, 30 Mar 2021 11:18:09 +0200
> Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
>
> * gnu/packages/ftp.scm (vftpd): Use CentOS version and
> patches.
^^^^
This is what happens when you copy commit messages from git and
paste them right back in :-) In that case, remove the four
leading spaces.
> + (let ((version "3.0.3")
I renamed this to UPSTREAM-VERSION, so we can show a more specific
VERSION field in the Guix UI. What we offer isn't ‘3.0.3’ any
more.
> + (revision "32")
I subjectively added ‘.el8’ here, mainly to factor it out below.
Neither of us knows what it means, though...
> + (add-after 'unpack 'patch-installation-directory
> + (lambda* (#:key outputs #:allow-other-keys)
> + (substitute* "Makefile"
> + (("/usr") (assoc-ref outputs "out")))
> + #t))
Moved below the redefined 'unpack phase for clarity.
> + (replace 'unpack
> + (lambda* (#:key source #:allow-other-keys)
> + (let ((version "3.0.3")
> + (revision "32")
> + (centos-version "8.3.2011"))
OK, so, as mentioned on IRC this can be avoided by quasiquoting
<arguments> (as it already was, here) and using ,version instead.
Quoting is probably the most confusing-yet-basic concept in
Scheme.
> +
> + (invoke "7z" "e" source (string-append "-o"
> "./vsftpd-"
> +
> version "-"
> +
> revision
> ".el8.src.cpio"))
> + (chdir (string-append "./vsftpd-" version
> "-"
> + revision
> ".el8.src.cpio"))
> + (invoke "cpio" "-idmv" (string-append
> "--file=./vsftpd-"
> +
> version "-"
> +
> revision
> ".el8.src.cpio"))
> + (invoke "tar" "xvf" (string-append
> "./vsftpd-"
> version ".tar.gz"))
This dance had a few steps too many IMO, so I simplified it. It's
OK to keep the unpacked steps around during the (short) build
process; they are tiny by today's standards.
> + (let ((patches
I understand the reason for this: the patches need to be applied
in this order, or patching will appear to succeed but result in
unbuildable source. A simple FIND-FILES is right out.
However, since the order is specified in vsftpd.spec, it's safer,
shorter, and simply more fun to parse it ourselves.
> + (chdir (string-append "./vsftpd-"
> version))
> + (invoke "git" "init" ".")
> + (invoke "git" "config" "user.email"
> "you@example.com")
> + (invoke "git" "config" "user.name" "Your
> Name" )
> + (invoke "git" "add" ".")
> + (invoke "git" "commit" "-m" "first")
> + (map (lambda (x) (invoke "git" "am"
> (string-append
> "./" x))) patches)
> + (map (lambda (x) (invoke "rm"
> (string-append "./"
> x))) patches)
> + (invoke "rm" "-rf" "./.git")
> + (chdir "../")
> + (invoke "mv" (string-append "./vsftpd-"
> version)
> "../")
> + (chdir "../")
> + (invoke "rm" "-rf" (string-append
> "./vsftpd-"
> version "-"
> + revision
> ".el8.src.cpio"))
> + (chdir (string-append "./vsftpd-"
> version)))
You lost me here. Why all the git? I removed all mention of git
from the package, since it didn't seem necessary, but please
correct me if needful.
> + #t)))
Whilst Guix on master still complains about ‘missing’ #Ts, they
are a moribund relic and I've secretly started forgetting the odd
#t on master already...
> + (native-inputs `(("openssl" ,openssl)
> + ("linux-pam" ,linux-pam)
> + ("p7zip" ,p7zip)
> + ("cpio" ,cpio)
> + ("git" ,git-minimal)
> + ("libcap" ,libcap)))
These are *all* new, correct? I removed git and added them all to
the commit message (check it out).
Thanks again for your work!
T G-R
[-- Attachment #2: 0001-gnu-vsftpd-Use-CentOS-version-and-patches.patch --]
[-- Type: text/x-patch, Size: 7138 bytes --]
From 43ca5cf141a61120cf9b02d26394109be75e679f Mon Sep 17 00:00:00 2001
From: methuselah-0 <david.larsson@selfhosted.xyz>
Date: Tue, 30 Mar 2021 11:18:09 +0200
Subject: [PATCH] gnu: vsftpd: Use CentOS version and patches.
* gnu/packages/ftp.scm (vftpd)[source]: Use CentOS source RPM.
[arguments]: Adapt the 'unpack phase, and apply CentOS patches in a new
'apply-CentOS-patches phase.
[native-inputs]: Add openssl, linux-pam, libcap, p7zip, and cpio.
---
gnu/packages/ftp.scm | 116 +++++++++++++++++++++++++++++--------------
1 file changed, 80 insertions(+), 36 deletions(-)
diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm
index b178063556..f3d3c68e5e 100644
--- a/gnu/packages/ftp.scm
+++ b/gnu/packages/ftp.scm
@@ -2,8 +2,9 @@
;;; Copyright © 2014, 2015, 2018 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
+;;; Copyright © 2021 David Larsson <david.larsson@selfhosted.xyz>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -28,12 +29,14 @@
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cpio)
#:use-module (gnu packages compression)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gtk)
#:use-module (gnu packages libidn)
+ #:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
@@ -251,40 +254,81 @@ directory comparison and more.")
(properties '((upstream-name . "FileZilla")))))
(define-public vsftpd
- (package
- (name "vsftpd")
- (version "3.0.3")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://security.appspot.com/downloads/"
- name "-" version ".tar.gz"))
- (sha256
- (base32
- "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"))))
- (build-system gnu-build-system)
- (arguments
- `(#:make-flags '("LDFLAGS=-lcrypt")
- #:tests? #f ; No tests exist.
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'patch-installation-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr") (assoc-ref outputs "out")))
- #t))
- (add-before 'install 'mkdir
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (mkdir-p out)
- (mkdir (string-append out "/sbin"))
- (mkdir (string-append out "/man"))
- (mkdir (string-append out "/man/man5"))
- (mkdir (string-append out "/man/man8"))
- #t)))
- (delete 'configure))))
- (synopsis "vsftpd FTP daemon")
- (description "@command{vsftpd} is a daemon that listens on a TCP socket
+ ;; Use a significantly patched CentOS variant supporting TLSv1.2, ‘email
+ ;; passwords’, and XXX davidl: anything else?
+ (let ((upstream-version "3.0.3")
+ (centos-version "8.3.2011")
+ (revision "32.el8"))
+ (package
+ (name "vsftpd")
+ (version (string-append upstream-version "." revision))
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://vault.centos.org/centos/" centos-version
+ "/AppStream/Source/SPackages/vsftpd-" upstream-version "-"
+ revision ".src.rpm"))
+ (sha256
+ (base32 "1xl0kqcismf82hl99klqbvvpylpyk1yr1qjy5hd8f80cj4lyl0f4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags '("LDFLAGS=-lcrypt -lssl -pie")
+ #:tests? #f ; no tests exist
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'unpack
+ (lambda* (#:key source #:allow-other-keys)
+ (invoke "7z" "e" source "-ocpio")
+ (invoke "cpio" "-idmv"
+ (string-append "--file=cpio/vsftpd-"
+ ,upstream-version "-" ,revision
+ ".src.cpio"))
+ (invoke "tar" "xvf"
+ (string-append "vsftpd-" ,upstream-version ".tar.gz"))
+ (chdir (string-append "vsftpd-" ,upstream-version))))
+ (add-after 'unpack 'apply-CentOS-patches
+ ;; Apply all patches as enumerated in vsftpd.spec, in order:
+ ;; simply using FIND-FILES would silently corrupt the result.
+ (lambda _
+ (call-with-input-file "../vsftpd.spec"
+ (lambda (port)
+ (use-modules (ice-9 rdelim))
+ (let loop ()
+ (let ((line (read-line port)))
+ (unless (eof-object? line)
+ (when (string-prefix? "Patch" line)
+ (let* ((space (string-rindex line #\space))
+ (patch (string-drop line (+ 1 space))))
+ (invoke "patch" "-Np1"
+ "-i" (string-append "../" patch))))
+ (loop))))))))
+ (add-after 'unpack 'patch-installation-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("/usr") (assoc-ref outputs "out")))
+ #t))
+ (add-before 'install 'mkdir
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (mkdir-p out)
+ (mkdir (string-append out "/sbin"))
+ (mkdir (string-append out "/man"))
+ (mkdir (string-append out "/man/man5"))
+ (mkdir (string-append out "/man/man8"))
+ #t)))
+ (delete 'configure))))
+ (native-inputs
+ `(("openssl" ,openssl)
+ ("linux-pam" ,linux-pam)
+ ("libcap" ,libcap)
+
+ ;; Used to unpack the source RPM.
+ ("p7zip" ,p7zip)
+ ("cpio" ,cpio)))
+ (home-page "https://security.appspot.com/vsftpd.html")
+ (synopsis "Share files securely over FTP or FTPS")
+ (description "@command{vsftpd} is a daemon that listens on a TCP socket
for clients and gives them access to local files via File Transfer
Protocol.")
- (home-page "https://security.appspot.com/vsftpd.html")
- (license gpl2)))
+ (license gpl2))))
--
2.30.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches.
2021-03-30 15:32 ` Tobias Geerinckx-Rice via Guix-patches via
@ 2021-03-30 15:34 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 18:38 ` david larsson
1 sibling, 0 replies; 6+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2021-03-30 15:34 UTC (permalink / raw)
To: david larsson; +Cc: 47495, guix-patches-bounces+david.larsson=selfhosted.xyz
Tobias Geerinckx-Rice forgot to write:
> I've also added a copyright line for you.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 6+ messages in thread
* [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches.
2021-03-30 15:32 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 15:34 ` Tobias Geerinckx-Rice via Guix-patches via
@ 2021-03-30 18:38 ` david larsson
2021-03-30 19:41 ` bug#47495: " Tobias Geerinckx-Rice via Guix-patches via
1 sibling, 1 reply; 6+ messages in thread
From: david larsson @ 2021-03-30 18:38 UTC (permalink / raw)
To: Tobias Geerinckx-Rice
Cc: 47495, guix-patches-bounces+david.larsson=selfhosted.xyz
On 2021-03-30 17:32, Tobias Geerinckx-Rice wrote:
> As indicated on IRC I've made some changes to the patch, mainly to
> avoid hard-coding all patches. The result is attached. Let me know
> what you think.
It looks great! Especially nice to see that you separated the patch and
unpack phases - it looks much better now.
>>
>> * gnu/packages/ftp.scm (vftpd): Use CentOS version and
>> patches.
> ^^^^
>
> This is what happens when you copy commit messages from git and paste
> them right back in :-) In that case, remove the four leading spaces.
Yep, thats what I did :-) will fix next time!
Reg. why to use the significantly patched CentOS variant (asked in your
updated patch's comments): the email passwords thing was a mistake to
mention by me in IRC - that feature was probably already there -
however, the tlsv1.2 was the main reason for switching to the CentOS
version - other features added by the whole patch-set I don't know much
about except from glancing over them and it looks mostly like bug and
security fixes to me.
>
>> + (let ((version "3.0.3")
>
> I renamed this to UPSTREAM-VERSION, so we can show a more specific
> VERSION field in the Guix UI. What we offer isn't ‘3.0.3’ any more.
Ok, I think I understand.
>> + (revision "32")
>
> I subjectively added ‘.el8’ here, mainly to factor it out below.
> Neither of us knows what it means, though...
That is fine with me.
>
>> + (add-after 'unpack 'patch-installation-directory
>> + (lambda* (#:key outputs #:allow-other-keys)
>> + (substitute* "Makefile"
>> + (("/usr") (assoc-ref outputs "out")))
>> + #t))
>
> Moved below the redefined 'unpack phase for clarity.
Great! I had in mind to do the same myself, but didn't due to a
combination of a lack of Guile/Guix coding skills and time.
>> + (replace 'unpack
>> + (lambda* (#:key source #:allow-other-keys)
>> + (let ((version "3.0.3")
>> + (revision "32")
>> + (centos-version "8.3.2011"))
>
> OK, so, as mentioned on IRC this can be avoided by quasiquoting
> <arguments> (as it already was, here) and using ,version instead.
>
> Quoting is probably the most confusing-yet-basic concept in Scheme.
Looks good to me! I am actually quite familiar with unquoting, including
g-exp unquoting things, and I somehow missed that I was in a quasiquote
context from after "arguments"... I intend to improve!
>
>> +
>> + (invoke "7z" "e" source (string-append "-o"
>> "./vsftpd-"
>> + version "-"
>> + revision ".el8.src.cpio"))
>> + (chdir (string-append "./vsftpd-" version "-"
>> + revision ".el8.src.cpio"))
>> + (invoke "cpio" "-idmv" (string-append
>> "--file=./vsftpd-"
>> + version "-"
>> + revision ".el8.src.cpio"))
>> + (invoke "tar" "xvf" (string-append "./vsftpd-"
>> version ".tar.gz"))
>
> This dance had a few steps too many IMO, so I simplified it. It's OK
> to keep the unpacked steps around during the (short) build process;
> they are tiny by today's standards.
Agreed. I was not very happy with this myself. Thanks for fixing!
>
>> + (let ((patches
>
> I understand the reason for this: the patches need to be applied in
> this order, or patching will appear to succeed but result in
> unbuildable source. A simple FIND-FILES is right out.
>
> However, since the order is specified in vsftpd.spec, it's safer,
> shorter, and simply more fun to parse it ourselves.
>
>> + (chdir (string-append "./vsftpd-" version))
>> + (invoke "git" "init" ".")
>> + (invoke "git" "config" "user.email"
>> "you@example.com")
>> + (invoke "git" "config" "user.name" "Your Name" )
>> + (invoke "git" "add" ".")
>> + (invoke "git" "commit" "-m" "first")
>> + (map (lambda (x) (invoke "git" "am"
>> (string-append "./" x))) patches)
>> + (map (lambda (x) (invoke "rm" (string-append
>> "./" x))) patches)
>> + (invoke "rm" "-rf" "./.git")
>> + (chdir "../")
>> + (invoke "mv" (string-append "./vsftpd-" version)
>> "../")
>> + (chdir "../")
>> + (invoke "rm" "-rf" (string-append "./vsftpd-"
>> version "-"
>> + revision
>> ".el8.src.cpio"))
>> + (chdir (string-append "./vsftpd-" version)))
>
> You lost me here. Why all the git? I removed all mention of git from
> the package, since it didn't seem necessary, but please correct me if
> needful.
I am, or was, simply unfamiliar with the simplicity of just using
"patch". I tried git am which failed and reported errors that was solved
by the additional git commands. Your replacement is exactly what I need
to learn more about, and looks great, thanks!
>
>> + (native-inputs `(("openssl" ,openssl)
>> + ("linux-pam" ,linux-pam)
>> + ("p7zip" ,p7zip)
>> + ("cpio" ,cpio)
>> + ("git" ,git-minimal)
>> + ("libcap" ,libcap)))
>
> These are *all* new, correct? I removed git and added them all to the
> commit message (check it out).
Yep!
>
> Thanks again for your work!
>
> T G-R
Well..., thank you for your work! You made this patch a lot better! :-)
Best regards,
David Larsson
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#47495: [PATCH] gnu: vsftpd: Use CentOS version and patches.
2021-03-30 18:38 ` david larsson
@ 2021-03-30 19:41 ` Tobias Geerinckx-Rice via Guix-patches via
0 siblings, 0 replies; 6+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2021-03-30 19:41 UTC (permalink / raw)
To: david larsson; +Cc: 47495-done
David,
> + (native-inputs `(("openssl" ,openssl)
Not sure how I missed this -- actually I do, considering the three
empty champagne bottles now adorning our wall -- but the first
three should be regular inputs, not native, as they are legitimate
references of the resulting package ($ guix gc --references).
Native inputs run only during the build. The distinction matters
during cross-compilation, when the build-time native-inputs may be
a different (say, x86_64) architecture from the output package and
its inputs (both identical: say, aarch64).
> It looks great! Especially nice to see that you separated the
> patch
> and unpack phases - it looks much better now.
Thank you :-) Pushed as 634d9845a6b4e362f32ba369ae42851719455ba3.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-03-30 19:43 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-30 7:52 [bug#47495] [PATCH] gnu: vsftpd: Use CentOS version and patches david larsson
2021-03-30 9:20 ` david larsson
2021-03-30 15:32 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 15:34 ` Tobias Geerinckx-Rice via Guix-patches via
2021-03-30 18:38 ` david larsson
2021-03-30 19:41 ` bug#47495: " Tobias Geerinckx-Rice via Guix-patches via
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).