[SCM] proftpd-dfsg branch, master, updated. debian/1.3.3a-6-51-g2adb367

Francesco Paolo Lovergine frankie at debian.org
Thu Sep 1 14:03:24 UTC 2011


The following commit has been merged in the master branch:
commit ff8464689456943cf16564449ab8d132a3234b44
Author: Francesco Paolo Lovergine <frankie at debian.org>
Date:   Fri May 6 12:40:06 2011 +0200

    Added a new TLSOptions in tls.conf

diff --git a/debian/changelog b/debian/changelog
index 6dcb8c1..b3a72a4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ proftpd-dfsg (1.3.4~rc2-4) unstable; urgency=low
   * Now debian/rules manages correctly debug. noopt and nostrip options
     in DEB_BUILD_OPTIONS against proftpd building script.
     (closes: #624267)
+  * Added NoSessionReuseRequired as suggested TLSOptions: it does allow some
+    clients to work correctly with data connection.
 
  -- Francesco Paolo Lovergine <frankie at debian.org>  Fri, 29 Apr 2011 23:51:25 +0200
 
diff --git a/debian/templates/tls.conf b/debian/templates/tls.conf
index bf0d85b..cd13025 100644
--- a/debian/templates/tls.conf
+++ b/debian/templates/tls.conf
@@ -27,10 +27,13 @@
 #TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
 #TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
 #
-# CA the server trusts
+# CA the server trusts...
 #TLSCACertificateFile 			 /etc/ssl/certs/CA.pem
-# or avoid CA cert and be verbose
-#TLSOptions                             NoCertRequest EnableDiags 
+# ...or avoid CA cert and be verbose
+#TLSOptions                      NoCertRequest EnableDiags 
+# ... or the same with relaxed session use for some clients (e.g. FireFtp)
+#TLSOptions                      NoCertRequest EnableDiags NoSessionReuseRequired
+#
 #
 # Per default drop connection if client tries to start a renegotiate
 # This is a fix for CVE-2009-3555 but could break some clients.

-- 
ProFTPD core package



More information about the Pkg-proftpd-maintainers mailing list