[SCM] proftpd-dfsg branch, master, updated. debian/1.3.3a-6-51-g2adb367
Francesco Paolo Lovergine
frankie at debian.org
Thu Sep 1 14:03:24 UTC 2011
The following commit has been merged in the master branch:
commit ff8464689456943cf16564449ab8d132a3234b44
Author: Francesco Paolo Lovergine <frankie at debian.org>
Date: Fri May 6 12:40:06 2011 +0200
Added a new TLSOptions in tls.conf
diff --git a/debian/changelog b/debian/changelog
index 6dcb8c1..b3a72a4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ proftpd-dfsg (1.3.4~rc2-4) unstable; urgency=low
* Now debian/rules manages correctly debug. noopt and nostrip options
in DEB_BUILD_OPTIONS against proftpd building script.
(closes: #624267)
+ * Added NoSessionReuseRequired as suggested TLSOptions: it does allow some
+ clients to work correctly with data connection.
-- Francesco Paolo Lovergine <frankie at debian.org> Fri, 29 Apr 2011 23:51:25 +0200
diff --git a/debian/templates/tls.conf b/debian/templates/tls.conf
index bf0d85b..cd13025 100644
--- a/debian/templates/tls.conf
+++ b/debian/templates/tls.conf
@@ -27,10 +27,13 @@
#TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
#TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
#
-# CA the server trusts
+# CA the server trusts...
#TLSCACertificateFile /etc/ssl/certs/CA.pem
-# or avoid CA cert and be verbose
-#TLSOptions NoCertRequest EnableDiags
+# ...or avoid CA cert and be verbose
+#TLSOptions NoCertRequest EnableDiags
+# ... or the same with relaxed session use for some clients (e.g. FireFtp)
+#TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
+#
#
# Per default drop connection if client tries to start a renegotiate
# This is a fix for CVE-2009-3555 but could break some clients.
--
ProFTPD core package
More information about the Pkg-proftpd-maintainers
mailing list