diff --git a/.cvsignore b/.cvsignore
index e69de29..664afde 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -0,0 +1 @@
+proftpd-1.2.8.tar.bz2
diff --git a/proftpd-xinetd b/proftpd-xinetd
new file mode 100644
index 0000000..d99532e
--- /dev/null
+++ b/proftpd-xinetd
@@ -0,0 +1,15 @@
+# default: off
+# $Id: proftpd-xinetd,v 1.2 2002/06/10 15:35:47 dude Exp $
+# description: The ProFTPD FTP server serves FTP connections. It uses \
+# normal, unencrypted usernames and passwords for authentication.
+service ftp
+{
+ socket_type = stream
+ wait = no
+ user = root
+ server = /usr/sbin/in.proftpd
+ log_on_success += DURATION USERID
+ log_on_failure += USERID
+ nice = 10
+ disable = yes
+}
diff --git a/proftpd.conf b/proftpd.conf
new file mode 100644
index 0000000..cb8ea01
--- /dev/null
+++ b/proftpd.conf
@@ -0,0 +1,138 @@
+# This is the ProFTPD configuration file
+# $Id: proftpd.conf,v 1.6 2003/09/24 10:51:11 dude Exp $
+
+ServerName "ProFTPD server"
+ServerIdent on "FTP Server ready."
+ServerAdmin root@localhost
+ServerType standalone
+#ServerType inetd
+DefaultServer on
+AccessGrantMsg "User %u logged in."
+#DisplayConnect /etc/ftpissue
+#DisplayLogin /etc/ftpmotd
+#DisplayGoAway /etc/ftpgoaway
+DeferWelcome off
+
+# Use this to excude users from the chroot
+DefaultRoot ~ !adm
+
+# Use pam to authenticate by default
+AuthPAMAuthoritative on
+
+# Do not perform ident nor DNS lookups (hangs when the port is filtered)
+IdentLookups off
+UseReverseDNS off
+
+# Port 21 is the standard FTP port.
+Port 21
+
+# Umask 022 is a good standard umask to prevent new dirs and files
+# from being group and world writable.
+Umask 022
+
+# Default to show dot files in directory listings
+ListOptions "-a"
+
+# See Configuration.html for these (here are the default values)
+#MultilineRFC2228 off
+#RootLogin off
+#LoginPasswordPrompt on
+#MaxLoginAttempts 3
+#MaxClientsPerHost none
+#AllowForeignAddress off # For FXP
+
+# Allow to resume not only the downloads but the uploads too
+AllowRetrieveRestart on
+AllowStoreRestart on
+
+# To prevent DoS attacks, set the maximum number of child processes
+# to 30. If you need to allow more than 30 concurrent connections
+# at once, simply increase this value. Note that this ONLY works
+# in standalone mode, in inetd mode you should use an inetd server
+# that allows you to limit maximum number of processes per service
+# (such as xinetd)
+MaxInstances 20
+
+# Set the user and group that the server normally runs at.
+User nobody
+Group nobody
+
+# This is where we want to put the pid file
+ScoreboardFile /var/run/proftpd.score
+
+# Normally, we want users to do a few things.
+
+ AllowOverwrite yes
+
+ AllowAll
+
+
+
+# Define the log formats
+LogFormat default "%h %l %u %t \"%r\" %s %b"
+LogFormat auth "%v [%P] %h %t \"%r\" %s"
+
+# TLS
+# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
+#TLSEngine on
+#TLSRequired on
+#TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem
+#TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem
+#TLSCipherSuite ALL:!ADH:!DES
+#TLSOptions NoCertRequest
+#TLSVerifyClient off
+##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
+#TLSLog /var/log/proftpd/tls.log
+
+# A basic anonymous configuration, with an upload directory.
+#
+# User ftp
+# Group ftp
+# AccessGrantMsg "Anonymous login ok, restrictions apply."
+#
+# # We want clients to be able to login with "anonymous" as well as "ftp"
+# UserAlias anonymous ftp
+#
+# # Limit the maximum number of anonymous logins
+# MaxClients 10 "Sorry, max %m users -- try again later"
+#
+# # Put the user into /pub right after login
+# #DefaultChdir /pub
+#
+# # We want 'welcome.msg' displayed at login, '.message' displayed in
+# # each newly chdired directory and tell users to read README* files.
+# DisplayLogin /welcome.msg
+# DisplayFirstChdir .message
+# DisplayReadme README*
+#
+# # Some more cosmetic and not vital stuff
+# DirFakeUser on ftpadm
+# DirFakeGroup on ftpadm
+#
+# # Limit WRITE everywhere in the anonymous chroot
+#
+# DenyAll
+#
+#
+# # An upload directory that allows storing files but not retrieving
+# # or creating directories.
+#
+# AllowOverwrite no
+#
+# DenyAll
+#
+#
+#
+# AllowAll
+#
+#
+#
+# # Don't write anonymous accesses to the system wtmp file (good idea!)
+# WtmpLog off
+#
+# # Logging for the anonymous transfers
+# ExtendedLog /var/log/proftpd/access.log WRITE,READ default
+# ExtendedLog /var/log/proftpd/auth.log AUTH auth
+#
+#
+
diff --git a/proftpd.init b/proftpd.init
new file mode 100755
index 0000000..532d36d
--- /dev/null
+++ b/proftpd.init
@@ -0,0 +1,87 @@
+#!/bin/sh
+# $Id: proftpd.init,v 1.2 2002/06/10 15:35:47 dude Exp $
+#
+# proftpd This shell script takes care of starting and stopping
+# proftpd.
+#
+# chkconfig: - 80 30
+# description: ProFTPD is an enhanced FTP server with a focus towards \
+# simplicity, security, and ease of configuration. \
+# It features a very Apache-like configuration syntax, \
+# and a highly customizable server infrastructure, \
+# including support for multiple 'virtual' FTP servers, \
+# anonymous FTP, and permission-based directory visibility.
+# processname: proftpd
+# config: /etc/proftp.conf
+# pidfile: /var/run/proftpd.pid
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+[ -x /usr/sbin/proftpd ] || exit 0
+
+RETVAL=0
+
+FTPSHUT=/opt/sbin/ftpshut
+
+start() {
+ echo -n "Starting proftpd: "
+ daemon proftpd
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd
+ return $RETVAL
+}
+
+stop() {
+ echo -n "Shutting down proftpd: "
+ killproc proftpd
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd
+ return $RETVAL
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ status)
+ status proftpd
+ RETVAL=$?
+ ;;
+ restart)
+ stop
+ start
+ RETVAL=$?
+ ;;
+ condrestart)
+ if [ -f /var/lock/subsys/proftpd ]; then
+ stop
+ start
+ RETVAL=$?
+ fi
+ ;;
+ reload)
+ echo -n "Re-reading proftpd configuration: "
+ killproc proftpd -HUP
+ RETVAL=$?
+ echo
+ ;;
+ *)
+ echo "Usage: proftpd {start|stop|restart|reload|condrestart|status}"
+ exit 1
+esac
+
+exit $RETVAL
+
diff --git a/proftpd.logrotate b/proftpd.logrotate
new file mode 100644
index 0000000..2d71902
--- /dev/null
+++ b/proftpd.logrotate
@@ -0,0 +1,16 @@
+/var/log/xferlog {
+ compress
+ missingok
+ postrotate
+ /usr/bin/killall -HUP proftpd
+ endscript
+}
+
+/var/log/proftpd/*.log {
+ compress
+ missingok
+ postrotate
+ /usr/bin/killall -HUP proftpd
+ endscript
+}
+
diff --git a/proftpd.spec b/proftpd.spec
new file mode 100644
index 0000000..b4e5400
--- /dev/null
+++ b/proftpd.spec
@@ -0,0 +1,250 @@
+#$Id: proftpd.spec,v 1.11 2003/09/24 10:51:11 dude Exp $
+
+Summary: A flexible, stable and highly-configurable FTP Server.
+Name: proftpd
+Version: 1.2.8
+Release: 4p%{?_with_ldap:_ldap}%{?_with_mysql:_mysql}%{?_with_postgres:_postgres}.fr
+Group: System Environment/Daemons
+License: GPL
+URL: http://www.proftpd.org/
+Source: ftp://proftpd.org/distrib/source/%{name}-%{version}.tar.bz2
+Source1: proftpd.conf
+Source2: proftpd.init
+Source3: proftpd-xinetd
+Source4: proftpd.logrotate
+Source5: welcome.msg
+Buildroot: %{_tmppath}/%{name}-root
+Requires: pam >= 0.59, /sbin/service, /sbin/chkconfig, /etc/init.d
+%{!?_without_tls:Requires: openssl}
+%{!?_without_tls:BuildRequires: openssl-devel, krb5-devel}
+%{?_with_ldap:Requires: openldap}
+%{?_with_ldap:BuildRequires: openldap-devel}
+%{?_with_mysql:Requires: mysql}
+%{?_with_mysql:BuildRequires: mysql-devel}
+%{?_with_postgres:Requires: postgresql}
+%{?_with_postgres:BuildRequires: postgresql-devel}
+BuildRequires: pam-devel, perl, pkgconfig
+Provides: ftpserver
+Conflicts: wu-ftpd, anonftp, vsftpd
+
+%description
+ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
+and ease of configuration. It features a very Apache-like configuration
+syntax, and a highly customizable server infrastructure, including support for
+multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory
+visibility.
+
+This package defaults to the standalone behaviour of ProFTPD, but all the
+needed scripts to have it run by xinetd instead are included.
+
+Available rpmbuild rebuild options :
+--without : tls
+--with : ldap mysql postgres
+
+%prep
+%setup -q
+
+%build
+# Workaround for the PostgreSQL include file
+perl -pi -e 's|pgsql/libpq-fe.h|libpq-fe.h|g' contrib/mod_sql_postgres.c
+
+# TLS includes
+OPENSSL_INC=""
+if OPENSSL_CFLAGS=`pkg-config --cflags openssl`; then
+ for i in ${OPENSSL_CFLAGS}; do
+ INCPATH=`echo $i | perl -pi -e 's|-I([a-z/]*)|$1|g'`
+ test ! -z ${INCPATH} && OPENSSL_INC="${OPENSSL_INC}:${INCPATH}"
+ done
+fi
+
+%configure \
+ --with-includes=%{_includedir}%{!?_without_tls:${OPENSSL_INC}} \
+ %{?_with_mysql:--with-libraries=%{_libdir}/mysql} \
+ %{?_with_postgres:--with-libraries=%{_libdir}} \
+ --with-modules=mod_readme:mod_auth_pam%{?_with_ldap::mod_ldap}%{?_with_mysql::mod_sql:mod_sql_mysql}%{?_with_postgres::mod_sql:mod_sql_postgres}%{!?_without_tls::mod_tls}
+make %{?_smp_mflags}
+
+%install
+rm -rf %{buildroot}
+%makeinstall rundir=%{buildroot}%{_localstatedir}/run/proftpd \
+ INSTALL_USER=`id -un` \
+ INSTALL_GROUP=`id -gn`
+install -D -m 644 contrib/dist/rpm/ftp.pamd %{buildroot}%{_sysconfdir}/pam.d/ftp
+install -D -m 640 %{SOURCE1} %{buildroot}%{_sysconfdir}/proftpd.conf
+install -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/proftpd
+install -D -m 640 %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/proftpd
+install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/proftpd
+install -D -m 644 %{SOURCE5} %{buildroot}/var/ftp/welcome.msg
+mkdir -p %{buildroot}/var/ftp/uploads
+mkdir -p %{buildroot}/var/ftp/pub
+mkdir -p %{buildroot}/var/log/proftpd
+touch %{buildroot}%{_sysconfdir}/ftpusers
+
+%post
+if [ $1 = 1 ]; then
+ /sbin/chkconfig --add proftpd
+ IFS=":"; cat /etc/passwd | \
+ while { read username nu nu gid nu nu nu nu; }; do \
+ if [ $gid -lt 100 -a "$username" != "ftp" ]; then
+ echo $username >> %{_sysconfdir}/ftpusers
+ fi
+ done
+fi
+
+%preun
+if [ $1 = 0 ]; then
+ /sbin/service proftpd stop >/dev/null 2>&1 || :
+ /sbin/chkconfig --del proftpd
+ /sbin/service xinetd reload >/dev/null 2>&1 || :
+ if [ -d /var/run/proftpd ]; then
+ rm -rf /var/run/proftpd/*
+ fi
+fi
+
+%postun
+if [ $1 -ge 1 ]; then
+ /sbin/service proftpd condrestart >/dev/null 2>&1
+fi
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-, root, root)
+%doc COPYING CREDITS ChangeLog NEWS README README.LDAP README.mod_sql
+%doc README.modules README.PAM doc/* sample-configurations
+%dir %{_localstatedir}/run/proftpd
+%config(noreplace) %{_sysconfdir}/proftpd.conf
+%config(noreplace) %{_sysconfdir}/xinetd.d/proftpd
+%config %{_sysconfdir}/ftpusers
+%config %{_sysconfdir}/pam.d/ftp
+%config %{_sysconfdir}/logrotate.d/proftpd
+%{_sysconfdir}/rc.d/init.d/proftpd
+%{_mandir}/*/*
+%{_bindir}/*
+%{_sbindir}/*
+%dir /var/ftp
+%attr(331, ftp, ftp) %dir /var/ftp/uploads
+%dir /var/ftp/pub
+%config(noreplace) /var/ftp/welcome.msg
+%attr(750, root, root) %dir /var/log/proftpd
+
+%changelog
+* Wed Sep 24 2003 Matthias Saou
+- Update to 1.2.8p to fix secutiry vulnerability.
+- Fix the TLS build option at last, enable it by default.
+
+* Mon Aug 4 2003 Matthias Saou
+- Minor fixes in included README files.
+
+* Mon Mar 31 2003 Matthias Saou
+- Rebuilt for Red Hat Linux 9.
+
+* Thu Mar 13 2003 Matthias Saou
+- Update to 1.2.8.
+- Remove the renamed linuxprivs module.
+- Added TLS module build option.
+
+* Fri Dec 13 2002 Matthias Saou
+- Fix change for ScoreboardFile in the default conf, thanks to Sven Hoexter.
+
+* Mon Dec 9 2002 Matthias Saou
+- Update to 1.2.7.
+
+* Thu Sep 26 2002 Matthias Saou
+- Rebuilt for Red Hat Linux 8.0.
+
+* Tue Sep 17 2002 Matthias Saou
+- Update to 1.2.6.
+- Fixed typo in the config for "AllowForeignAddress" thanks to Michel Kraus.
+- Removed obsolete user install patch.
+- Added "modular" ldap, mysql and postgresql support.
+
+* Mon Jun 10 2002 Matthias Saou
+- Update to 1.2.5.
+- Changed the welcome.msg to config so that it doesn't get replaced.
+
+* Fri May 3 2002 Matthias Saou
+- Rebuilt against Red Hat Linux 7.3.
+- Added the %%{?_smp_mflags} expansion.
+
+* Tue Oct 23 2001 Matthias Saou
+- Changed the default config file : Where the pid file is stored, addedd
+ an upload authorization in anon server, and separate anon logfiles.
+- Updated welcome.msg to something nicer.
+
+* Fri Oct 19 2001 Matthias Saou
+- Update to 1.2.4, since 1.2.3 had a nasty umask bug.
+
+* Sat Aug 18 2001 Matthias Saou
+- Update to 1.2.2 final.
+- Changed the default config file a lot.
+
+* Wed Apr 25 2001 Matthias Saou
+- Update to 1.2.2rc2.
+
+* Mon Apr 1 2001 Matthias Saou
+- Update to 1.2.2rc1.
+
+* Tue Mar 20 2001 Matthias Saou
+- Added a DenyFilter to prevent a recently discovered DOS attack.
+ This is only useful for fresh installs since the config file is not
+ overwritten.
+
+* Fri Mar 2 2001 Matthias Saou
+- Upgraded to 1.2.1.
+- New init script (added condrestart).
+
+* Tue Feb 27 2001 Matthias Saou
+- Upgraded to 1.2.0 final.
+
+* Tue Feb 6 2001 Matthias Saou
+- Upgraded to 1.2.0rc3 (at last a new version!)
+- Modified the spec file to support transparent upgrades
+
+* Wed Nov 8 2000 Matthias Saou
+- Upgraded to the latest CVS to fix the "no PORT command" bug
+- Fixed the ftpuser creation script
+- Modified the default config file to easily change to an anonymous
+ server
+
+* Sun Oct 15 2000 Matthias Saou
+ [proftpd-1.2.0rc2-2]
+- Updated the spec file and build process for RedHat 7.0
+- Added xinetd support
+- Added logrotate.d support
+
+* Fri Jul 28 2000 Matthias Saou
+ [proftpd-1.2.0rc2-1]
+- Upgraded to 1.2.0rc2
+
+- Upgraded to 1.2.0rc1
+* Sat Jul 22 2000 Matthias Saou
+ [proftpd-1.2.0rc1-1]
+- Upgraded to 1.2.0rc1
+- Re-did the whole spec file (it's hopefully cleaner now)
+- Made a patch to be able to build the RPM as an other user than root
+- Added default pam support (but without /etc/shells check)
+- Rewrote the rc.d script (mostly exit levels and ftpshut stuff)
+- Modified the default configuration file to not display a version number
+- Changed the package to standalone in one single RPM easily changeable
+ to inetd (for not-so-newbie users)
+- Fixed the ftpusers generating shell script (missing "nu"s for me...)
+- Removed mod_ratio (usually used with databases modules anyway)
+- Removed the prefix (relocations a rarely used on non-X packages)
+- Gzipped the man pages
+
+* Thu Oct 03 1999 O.Elliyasa
+- Multi package creation.
+ Created core, standalone, inetd (&doc) package creations.
+ Added startup script for init.d
+ Need to make the "standalone & inetd" packages being created as "noarch"
+- Added URL.
+- Added prefix to make the package relocatable.
+
+* Wed Sep 08 1999 O.Elliyasa
+- Corrected inetd.conf line addition/change logic.
+
+* Sat Jul 24 1999 MacGyver
+- Initial import of spec.
+
diff --git a/sources b/sources
index e69de29..e22619f 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+35e669cb085879eea21c6db9e7af2040 proftpd-1.2.8.tar.bz2
diff --git a/welcome.msg b/welcome.msg
new file mode 100644
index 0000000..8210b52
--- /dev/null
+++ b/welcome.msg
@@ -0,0 +1,8 @@
+
+ *** Welcome to this anonymous ftp server! ***
+
+ You are user %N out of a maximum of %M authorized anonymous logins.
+ The current time here is %T.
+ If you experience any problems here, contact : %E
+
+