net-ftp/proftpd: drop old vulnerable versions, bug #577046

Package-Manager: portage-2.3.0

2 files changed, 0 insertions, 131 deletions

diff --git a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch b/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch
deleted file mode 100644
index 03dd1d82fd6..00000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-commit a24db7f9864240a4ebb236a6615ec649138fef0e
-Author: TJ Saunders <tj@castaglia.org>
-Date:   Sat Nov 28 17:08:03 2015 -0800
-
-    Bug#4210 - Avoid unbounded SFTP extension key/values.
-
-diff --git a/contrib/mod_sftp/fxp.c b/contrib/mod_sftp/fxp.c
-index 5d9ae17..03c7eb5 100644
---- a/contrib/mod_sftp/fxp.c
-+++ b/contrib/mod_sftp/fxp.c
-@@ -241,6 +241,9 @@ struct fxp_extpair {
-   unsigned char *ext_data;
- };
- 
-+/* Maximum length of SFTP extension name, AND of the extension value. */
-+#define SFTP_EXT_MAX_LEN			1024
-+
- static pool *fxp_pool = NULL;
- static int fxp_use_gmt = TRUE;
- 
-@@ -1240,6 +1243,14 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
-     SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL);
-   }
- 
-+  if (namelen > SFTP_EXT_MAX_LEN) {
-+    (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
-+      "received too-long SFTP extension name (%lu > max %lu), ignoring",
-+      (unsigned long) namelen, (unsigned long) SFTP_EXT_MAX_LEN);
-+    errno = EINVAL;
-+    return NULL;
-+  }
-+
-   name = palloc(p, namelen + 1);
-   memcpy(name, *buf, namelen);
-   (*buf) += namelen;
-@@ -1248,6 +1259,14 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
- 
-   datalen = sftp_msg_read_int(p, buf, buflen);
-   if (datalen > 0) {
-+    if (datalen > SFTP_EXT_MAX_LEN) {
-+      (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
-+        "received too-long SFTP extension '%s' data (%lu > max %lu), ignoring",
-+        name, (unsigned long) datalen, (unsigned long) SFTP_EXT_MAX_LEN);
-+      errno = EINVAL;
-+      return NULL;
-+    }
-+
-     data = sftp_msg_read_data(p, buf, buflen, datalen);
- 
-   } else {
-@@ -2210,11 +2229,13 @@ static struct stat *fxp_attrs_read(struct fxp_packet *fxp, unsigned char **buf,
-         struct fxp_extpair *ext;
- 
-         ext = fxp_msg_read_extpair(fxp->pool, buf, buflen);
--        pr_trace_msg(trace_channel, 15,
--          "protocol version %lu: read EXTENDED attribute: "
--          "extension '%s' (%lu bytes of data)",
--          (unsigned long) fxp_session->client_version, ext->ext_name,
--          (unsigned long) ext->ext_datalen);
-+        if (ext != NULL) {
-+          pr_trace_msg(trace_channel, 15,
-+            "protocol version %lu: read EXTENDED attribute: "
-+            "extension '%s' (%lu bytes of data)",
-+            (unsigned long) fxp_session->client_version, ext->ext_name,
-+            (unsigned long) ext->ext_datalen);
-+        }
-       }
-     }
- 
-
diff --git a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p2.patch b/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p2.patch
deleted file mode 100644
index c7d0a02639a..00000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p2.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-commit f30ac3cc1a58ec7522de6aeeaa09314a45dbc690
-Author: TJ Saunders <tj@castaglia.org>
-Date:   Sat Nov 28 17:13:55 2015 -0800
-
-    Correct the parameters to talk of "extended attributes", not SFTP extensions.
-
-diff --git a/contrib/mod_sftp/fxp.c b/contrib/mod_sftp/fxp.c
-index 03c7eb5..e7161d5 100644
---- a/contrib/mod_sftp/fxp.c
-+++ b/contrib/mod_sftp/fxp.c
-@@ -235,15 +235,18 @@ static size_t fxp_packet_data_allocsz = 0;
- #define FXP_PACKET_DATA_DEFAULT_SZ		(1024 * 16)
- #define FXP_RESPONSE_DATA_DEFAULT_SZ		512
- 
-+#define FXP_MAX_PACKET_LEN			(1024 * 512)
-+#define FXP_MAX_EXTENDED_ATTRIBUTES		100
-+
-+/* Maximum length of SFTP extended attribute name OR value. */
-+#define FXP_MAX_EXTENDED_ATTR_LEN		1024
-+
- struct fxp_extpair {
-   char *ext_name;
-   uint32_t ext_datalen;
-   unsigned char *ext_data;
- };
- 
--/* Maximum length of SFTP extension name, AND of the extension value. */
--#define SFTP_EXT_MAX_LEN			1024
--
- static pool *fxp_pool = NULL;
- static int fxp_use_gmt = TRUE;
- 
-@@ -1243,10 +1246,10 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
-     SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL);
-   }
- 
--  if (namelen > SFTP_EXT_MAX_LEN) {
-+  if (namelen > FXP_MAX_EXTENDED_ATTR_LEN) {
-     (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
--      "received too-long SFTP extension name (%lu > max %lu), ignoring",
--      (unsigned long) namelen, (unsigned long) SFTP_EXT_MAX_LEN);
-+      "received too-long extended attribute name (%lu > max %lu), ignoring",
-+      (unsigned long) namelen, (unsigned long) FXP_MAX_EXTENDED_ATTR_LEN);
-     errno = EINVAL;
-     return NULL;
-   }
-@@ -1259,10 +1262,11 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
- 
-   datalen = sftp_msg_read_int(p, buf, buflen);
-   if (datalen > 0) {
--    if (datalen > SFTP_EXT_MAX_LEN) {
-+    if (datalen > FXP_MAX_EXTENDED_ATTR_LEN) {
-       (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
--        "received too-long SFTP extension '%s' data (%lu > max %lu), ignoring",
--        name, (unsigned long) datalen, (unsigned long) SFTP_EXT_MAX_LEN);
-+        "received too-long extended attribute '%s' value (%lu > max %lu), "
-+        "ignoring", name, (unsigned long) datalen,
-+        (unsigned long) FXP_MAX_EXTENDED_ATTR_LEN);
-       errno = EINVAL;
-       return NULL;
-     }