Annotation of /trunk/proftpd/patches/proftpd-1.3.3-config-tls.patch
Parent Directory
| 
Revision Log
Revision 991 -
(hide annotations)
(download)
Wed Mar 3 19:08:46 2010 UTC (14 years, 3 months ago) by niro
File size: 5031 byte(s)
Wed Mar 3 19:08:46 2010 UTC (14 years, 3 months ago) by niro
File size: 5031 byte(s)
files and updates for proftpd-1.3.3 with optional mysql, ldap, tls and anonymous support
| 1 | niro | 991 | diff -Naur proftpd-1.3.3/sample-configurations/anonymous.conf proftpd-1.3.3-magellan/sample-configurations/anonymous.conf |
| 2 | --- proftpd-1.3.3/sample-configurations/anonymous.conf 2010-03-03 19:16:25.000000000 +0100 | ||
| 3 | +++ proftpd-1.3.3-magellan/sample-configurations/anonymous.conf 2010-03-03 19:35:28.000000000 +0100 | ||
| 4 | @@ -52,6 +52,27 @@ | ||
| 5 | TransferLog /var/log/proftpd/xferlog | ||
| 6 | SystemLog /var/log/proftpd/proftpd.log | ||
| 7 | |||
| 8 | +# TLS support (http://www.castaglia.org/proftpd/modules/mod_tls.html) | ||
| 9 | +# Generate the certificate as follows: | ||
| 10 | +# openssl req -new -x509 -days 365 -nodes \ | ||
| 11 | +# -out /etc/ssl/certs/proftpd.cert.pem \ | ||
| 12 | +# -keyout /etc/ssl/certs/proftpd.key.pem | ||
| 13 | +# | ||
| 14 | +<IfDefine TLS> | ||
| 15 | + TLSEngine on | ||
| 16 | + TLSRequired on | ||
| 17 | + TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem | ||
| 18 | + TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem | ||
| 19 | + TLSCipherSuite ALL:!ADH:!DES | ||
| 20 | + TLSOptions NoCertRequest | ||
| 21 | + TLSVerifyClient off | ||
| 22 | + #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 | ||
| 23 | + TLSLog /var/log/proftpd/tls.log | ||
| 24 | + <IfModule mod_tls_shmcache.c> | ||
| 25 | + TLSSessionCache shm:/file=/var/run/proftpd/sesscache | ||
| 26 | + </IfModule> | ||
| 27 | +</IfDefine> | ||
| 28 | + | ||
| 29 | # Our "basic" anonymous configuration, including a single | ||
| 30 | # upload directory ("uploads") | ||
| 31 | <Anonymous ~ftp> | ||
| 32 | diff -Naur proftpd-1.3.3/sample-configurations/basic.conf proftpd-1.3.3-magellan/sample-configurations/basic.conf | ||
| 33 | --- proftpd-1.3.3/sample-configurations/basic.conf 2010-03-03 19:16:25.000000000 +0100 | ||
| 34 | +++ proftpd-1.3.3-magellan/sample-configurations/basic.conf 2010-03-03 19:35:48.000000000 +0100 | ||
| 35 | @@ -53,6 +53,27 @@ | ||
| 36 | TransferLog /var/log/proftpd/xferlog | ||
| 37 | SystemLog /var/log/proftpd/proftpd.log | ||
| 38 | |||
| 39 | +# TLS support (http://www.castaglia.org/proftpd/modules/mod_tls.html) | ||
| 40 | +# Generate the certificate as follows: | ||
| 41 | +# openssl req -new -x509 -days 365 -nodes \ | ||
| 42 | +# -out /etc/ssl/certs/proftpd.cert.pem \ | ||
| 43 | +# -keyout /etc/ssl/certs/proftpd.key.pem | ||
| 44 | +# | ||
| 45 | +<IfDefine TLS> | ||
| 46 | + TLSEngine on | ||
| 47 | + TLSRequired on | ||
| 48 | + TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem | ||
| 49 | + TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem | ||
| 50 | + TLSCipherSuite ALL:!ADH:!DES | ||
| 51 | + TLSOptions NoCertRequest | ||
| 52 | + TLSVerifyClient off | ||
| 53 | + #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 | ||
| 54 | + TLSLog /var/log/proftpd/tls.log | ||
| 55 | + <IfModule mod_tls_shmcache.c> | ||
| 56 | + TLSSessionCache shm:/file=/var/run/proftpd/sesscache | ||
| 57 | + </IfModule> | ||
| 58 | +</IfDefine> | ||
| 59 | + | ||
| 60 | # A basic anonymous configuration, no upload directories. | ||
| 61 | |||
| 62 | # <Anonymous ~ftp> | ||
| 63 | diff -Naur proftpd-1.3.3/sample-configurations/mod_sql.conf proftpd-1.3.3-magellan/sample-configurations/mod_sql.conf | ||
| 64 | --- proftpd-1.3.3/sample-configurations/mod_sql.conf 2010-03-03 19:16:25.000000000 +0100 | ||
| 65 | +++ proftpd-1.3.3-magellan/sample-configurations/mod_sql.conf 2010-03-03 19:36:29.000000000 +0100 | ||
| 66 | @@ -83,6 +83,27 @@ | ||
| 67 | # (second param) from being group and world writable. | ||
| 68 | Umask 022 022 | ||
| 69 | |||
| 70 | +# TLS support (http://www.castaglia.org/proftpd/modules/mod_tls.html) | ||
| 71 | +# Generate the certificate as follows: | ||
| 72 | +# openssl req -new -x509 -days 365 -nodes \ | ||
| 73 | +# -out /etc/ssl/certs/proftpd.cert.pem \ | ||
| 74 | +# -keyout /etc/ssl/certs/proftpd.key.pem | ||
| 75 | +# | ||
| 76 | +<IfDefine TLS> | ||
| 77 | + TLSEngine on | ||
| 78 | + TLSRequired on | ||
| 79 | + TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem | ||
| 80 | + TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem | ||
| 81 | + TLSCipherSuite ALL:!ADH:!DES | ||
| 82 | + TLSOptions NoCertRequest | ||
| 83 | + TLSVerifyClient off | ||
| 84 | + #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 | ||
| 85 | + TLSLog /var/log/proftpd/tls.log | ||
| 86 | + <IfModule mod_tls_shmcache.c> | ||
| 87 | + TLSSessionCache shm:/file=/var/run/proftpd/sesscache | ||
| 88 | + </IfModule> | ||
| 89 | +</IfDefine> | ||
| 90 | + | ||
| 91 | # We put our mod_sql directives in a <Global> block so they'll be | ||
| 92 | # inherited by the <Anonymous> block below, and any other <VirtualHost> | ||
| 93 | # blocks we may want to add. For a simple server these don't need to | ||
| 94 | diff -Naur proftpd-1.3.3/sample-configurations/virtual.conf proftpd-1.3.3-magellan/sample-configurations/virtual.conf | ||
| 95 | --- proftpd-1.3.3/sample-configurations/virtual.conf 2010-03-03 19:16:25.000000000 +0100 | ||
| 96 | +++ proftpd-1.3.3-magellan/sample-configurations/virtual.conf 2010-03-03 19:36:53.000000000 +0100 | ||
| 97 | @@ -48,6 +48,27 @@ | ||
| 98 | TransferLog /var/log/proftpd/xferlog | ||
| 99 | SystemLog /var/log/proftpd/proftpd.log | ||
| 100 | |||
| 101 | +# TLS support (http://www.castaglia.org/proftpd/modules/mod_tls.html) | ||
| 102 | +# Generate the certificate as follows: | ||
| 103 | +# openssl req -new -x509 -days 365 -nodes \ | ||
| 104 | +# -out /etc/ssl/certs/proftpd.cert.pem \ | ||
| 105 | +# -keyout /etc/ssl/certs/proftpd.key.pem | ||
| 106 | +# | ||
| 107 | +<IfDefine TLS> | ||
| 108 | + TLSEngine on | ||
| 109 | + TLSRequired on | ||
| 110 | + TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem | ||
| 111 | + TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem | ||
| 112 | + TLSCipherSuite ALL:!ADH:!DES | ||
| 113 | + TLSOptions NoCertRequest | ||
| 114 | + TLSVerifyClient off | ||
| 115 | + #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 | ||
| 116 | + TLSLog /var/log/proftpd/tls.log | ||
| 117 | + <IfModule mod_tls_shmcache.c> | ||
| 118 | + TLSSessionCache shm:/file=/var/run/proftpd/sesscache | ||
| 119 | + </IfModule> | ||
| 120 | +</IfDefine> | ||
| 121 | + | ||
| 122 | # First virtual server | ||
| 123 | <VirtualHost ftp.virtual.com> | ||
| 124 | ServerName "Virtual.com's FTP Server" |