ftp/tnftpd: Update to 20231001
f64cda5f9efc
Actions

Description

ftp/tnftpd: Update to 20231001

While I'm here:

Switch to DISTVERSION as suggested by Porters Handbook
Make use of NetBSD's CDN and add a few additional mirrors
Add WWW url
Add license:

[1] tnftpd contains a mix of BSD2CLAUSE (mostly the NetBSD derived code) and BSD3CLAUSE (inherited from the orignal UCB BSD code).

tnftpd was previously BSD4CLAUSE but that was fixed in the upstream code a while ago so I changed the COPYING to reflect that. It's no more restrictive than BSD3CLAUSE now.

ChangeLog:

Update to NetBSD-ftpd 20230930:
- Fix uninitialized memory usage in count_users().
- Fix pam_set_item() call with proper struct passed as

PAM_SOCKADDR.

Build fixes:
- Check for inet_net_pton() in -lresolv (for glibc).
- Improve configure's display of make variables.
- Remove deprecated autoconf macros.

Security fixes:
- CVE-2020-7468: Improve error handling when switching UID/GID.
- Prevent MLSD and MLST before authentication succeeds.

Update to NetBSD-ftpd 20230922:
- Treat failed chdir/chroot for guest and chroot accounts as

fatal. Also treat failed set{e,}(u,g}id calls as fatal.
Addresses CVE-2020-7468, via FreeBSD.

Josefsson.

Sync libnetbsd replacements with NetBSD upstream:
- Replace fgetln() with tools/compat implementation that

handles embedded NULs.

and getprogname(), instead of defining global __progname.

Build fixes:
- Improve configure's display of detected features.
- Enable more POSIX extensions.
- Only replace glob() if required GLOB_ flags aren't available.
- Only replace fts_open() if required FTS_ flags aren't

available.

Suggested by: [1] Luke Mewburn <lukem@NetBSD.org>
PR: 274209
MFH: 2023Q4