- include sample SSL certificates so SSL is working out of the box

diff --git a/proftpd-mod_tls.conf b/proftpd-mod_tls.conf
index 99fe1c49938bec1e6369ca9f22586889fc4ca349..5e7405fa80a22880ea76d60a1a13c7b7676e20c7 100644 (file)
--- a/proftpd-mod_tls.conf
+++ b/proftpd-mod_tls.conf
@@ -7,13 +7,13 @@ TLSEngine on
 TLSLog /var/log/proftpd/tls.log
 
 # Path to CA chain file
-TLSCACertificateFile /etc/ftpd/chain.pem
+#TLSCACertificateFile /etc/ftpd/CA.crt
 
 # Path to certificate file
-TLSRSACertificateFile /etc/ftpd/cert.pem
+TLSRSACertificateFile /etc/ftpd/server.crt
 
 # Path to certificate key file
-TLSRSACertificateKeyFile /etc/ftp/privkey.pem
+TLSRSACertificateKeyFile /etc/ftpd/server.key
 
 # Define available TLS/SSL ciphers (allow only strong ones by default)
 TLSCipherSuite HIGH:!kDHd:!aNULL:!aDSS:!eNULL:!DES:!RC4:!RC2:!MD5:!SHA1:!SHA:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1:!EXP:!EXPORT56:!LOW:!MEDIUM:!ADH:!DSS:!NULL

diff --git a/proftpd-server.crt b/proftpd-server.crt
new file mode 100644 (file)
index 0000000..62d81d8
--- /dev/null
+++ b/proftpd-server.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICFjCCAX+gAwIBAgIBATANBgkqhkiG9w0BAQQFADBQMRowGAYDVQQKExFEdW1t
+eSBjZXJ0aWZpY2F0ZTEbMBkGA1UECxMSSGFzIHRvIGJlIHJlcGxhY2VkMRUwEwYD
+VQQDEwx3d3cuYWR2eC5jb20wHhcNMDEwNDA5MDg0NjUyWhcNMDIwNDA5MDg0NjUy
+WjBSMSEwHwYDVQQKExhBZHZhbmNlZCBFeHRyYW5ldCBTZXJ2ZXIxGTAXBgNVBAsT
+EFRlc3QgQ2VydGlmaWNhdGUxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAoRtceA5d+grmrN76yHT4TQvbLQqvTsq2fFafNBT/
+DdSh05okHdTldu8kgTvBzpLPuOQvSwy2SzQLwF6nmzWdfY21U33NARp46i/QWD3V
+rgIXuhXtToTnkEE6/OGq5KeELgF/EKSXLXkDydyHg9mFlh/J/kKtjv3wtIHceOGn
+E18CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCShXMRerTzEJMkIdCDD+ZkOetE65j0
+mkgAGT4etmSiUmNWXy/P26zh1P51YeS4TZFpXxgONVK9PIywhhkVNB8JFdXYKbxW
+0h0caVoEHwnfkSERcBVffxaZEDtWa95nxD8pHiZ+++PPOV1P29Ta2j23MWq2JitY
+U2Y59HXWwglSaQ==
+-----END CERTIFICATE-----
+
+
+#DUMMY
\ No newline at end of file

diff --git a/proftpd-server.key b/proftpd-server.key
new file mode 100644 (file)
index 0000000..08c373c
--- /dev/null
+++ b/proftpd-server.key
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQChG1x4Dl36Cuas3vrIdPhNC9stCq9OyrZ8Vp80FP8N1KHTmiQd
+1OV27ySBO8HOks+45C9LDLZLNAvAXqebNZ19jbVTfc0BGnjqL9BYPdWuAhe6Fe1O
+hOeQQTr84arkp4QuAX8QpJcteQPJ3IeD2YWWH8n+Qq2O/fC0gdx44acTXwIDAQAB
+AoGASjM323OChO8QXv4zsq9szM9xGsWZCEkE0y9yE6K39b7A6ZxMlhC/vo9V2M+U
+63dihF1UCtTIAMrvvqHZv/pplfbUJDAeNm38BBlA/ZQL8iV9qxNrBEfBkLi5AtcR
+vJq5NitAE+vpcn00QNs7EKflRwi5arQOBGqS9c3uPimtOcECQQDQc9onX9kZuzz6
+69GQYkkj3dkZx6lCtDDexTWkM1yXGVSjvFA7fZOKJRNkGgc6iwbnTsEJfaEC9j7r
+AkF7/92dAkEAxdrbwKjx4/OZnve82O4VRGkZFo6c47QDXCKhlRdJzrBSCNOnRaLx
+vjtYXbqq8BPgdGO72pj1TaAlp1+kxdYiKwJBALBhtzAl/C+3rUusirCfWcANkgws
+U95rVgbJ3C/KfggkmOfLCiCsi1ETOiszkvZIeVjz3IdJVBqLfoWgbQSdZkkCQQDF
+WpBWdW6KnSL/0Uda7ujhyx+OQ4S1EItFbPnV+FvTwkahrVUtfeI6iYGURK1bOchq
+8EyiOG5/Fp5YfGukNvrvAkBT5AAvfk6nFHshdHDhTZs+5TE24g0aTtMEQc82cobd
+JG5vFxybo3z1l1QU4/pG3jP847/6HtZCxZ/J0xLATJml
+-----END RSA PRIVATE KEY-----
+
+
+#DUMMY
\ No newline at end of file

diff --git a/proftpd.spec b/proftpd.spec
index 4f4e60bcba5bf94c67d04677e8ffec6fe648ff4e..f3314696eab17ee3582ddce7e2bc8b9cdd0ee141 100644 (file)
--- a/proftpd.spec
+++ b/proftpd.spec
@@ -24,7 +24,7 @@ Summary(pt_BR.UTF-8): Servidor FTP profissional, com sintaxe de configuração s
 Summary(zh_CN.UTF-8):  易于管理的,安全的 FTP 服务器
 Name:          proftpd
 Version:       1.3.6
-Release:       2.1
+Release:       3
 Epoch:         2
 License:       GPL v2+
 Group:         Networking/Daemons
@@ -45,6 +45,8 @@ Source10:     %{name}-mod_tls.conf
 Source11:      %{name}-anonftp.conf
 Source12:      %{name}-mod_clamav.conf
 Source13:      %{name}.logrotate
+Source14:      %{name}-server.crt
+Source15:      %{name}-server.key
 Patch0:                %{name}-paths.patch
 Patch1:                %{name}-noautopriv.patch
 URL:           http://www.proftpd.org/
@@ -510,9 +512,8 @@ install -d $RPM_BUILD_ROOT/etc/{logrotate.d,pam.d,security,sysconfig/rc-inetd,rc
 
 rm $RPM_BUILD_ROOT%{_sbindir}/in.proftpd
 
-install %{SOURCE13} $RPM_BUILD_ROOT/etc/logrotate.d/proftpd
 install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}
-install %{SOURCE9} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_auth_pam.conf
+cp -a %{SOURCE9} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_auth_pam.conf
 MODULES="
 mod_auth_file
 mod_ident
@@ -531,13 +532,18 @@ mod_wrap
 for module in $MODULES; do
        echo "LoadModule        $module.c" > $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/$module.conf
 done
-install %{SOURCE10} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_tls.conf
-install %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/anonftp.conf
-install %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_clamav.conf
+cp -a %{SOURCE10} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_tls.conf
+cp -a %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/anonftp.conf
+cp -a %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/mod_clamav.conf
 
-%{?with_pam:install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/ftp}
-install %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/rc-inetd/ftpd
-install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/proftpd
+cp -a %{SOURCE14} $RPM_BUILD_ROOT%{_sysconfdir}/server.crt
+cp -a %{SOURCE15} $RPM_BUILD_ROOT%{_sysconfdir}/server.key
+
+cp -a %{SOURCE13} $RPM_BUILD_ROOT/etc/logrotate.d/proftpd
+
+%{?with_pam:cp -a %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/ftp}
+cp -a %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/rc-inetd/ftpd
+cp -a %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/proftpd
 install %{SOURCE6} $RPM_BUILD_ROOT/etc/rc.d/init.d/proftpd
 install contrib/xferstats.holger-preiss $RPM_BUILD_ROOT%{_bindir}/xferstat
 
@@ -781,6 +787,8 @@ fi
 %files mod_tls
 %defattr(644,root,root,755)
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/mod_tls.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/server.crt
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/server.key
 %attr(755,root,root) %{_libexecdir}/mod_tls.so
 
 %files mod_wrap