[gentoo-commits] dev/c1pher:master commit in: net-ftp/vsftpd/files/, net-ftp/vsftpd/ - gentoo-commits

From:	Dane Smith <c1pher@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] dev/c1pher:master commit in: net-ftp/vsftpd/files/, net-ftp/vsftpd/
Date:	Tue, 01 Mar 2011 18:34:08
Message-Id:	`700bc79d57035b3eb2448c2892ebe00cb73ee0da.c1pher@gentoo`

1

commit:     700bc79d57035b3eb2448c2892ebe00cb73ee0da

2

Author:     Dane Smith <c1pher <AT> gentoo <DOT> org>

3

AuthorDate: Tue Mar  1 18:27:34 2011 +0000

4

Commit:     Dane Smith <c1pher <AT> gentoo <DOT> org>

5

CommitDate: Tue Mar  1 18:27:34 2011 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/c1pher.git;a=commit;h=700bc79d

7

8

vsftp testing.

9

10

---

11

 net-ftp/vsftpd/Manifest                            |   12 +

12

 net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch       |   15 ++

13

 .../vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch |   21 ++

14

 net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch     |  264 ++++++++++++++++++++

15

 net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch  |   13 +

16

 net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch   |   20 ++

17

 net-ftp/vsftpd/files/vsftpd.conf                   |  105 ++++++++

18

 net-ftp/vsftpd/files/vsftpd.init                   |   69 +++++

19

 net-ftp/vsftpd/files/vsftpd.logrotate              |    4 +

20

 net-ftp/vsftpd/files/vsftpd.xinetd                 |   15 ++

21

 net-ftp/vsftpd/metadata.xml                        |   26 ++

22

 net-ftp/vsftpd/vsftpd-2.3.4.ebuild                 |  110 ++++++++

23

 12 files changed, 674 insertions(+), 0 deletions(-)

24

25

diff --git a/net-ftp/vsftpd/Manifest b/net-ftp/vsftpd/Manifest

26

new file mode 100644

27

index 0000000..cf958e2

28

--- /dev/null

29

+++ b/net-ftp/vsftpd/Manifest

30

@@ -0,0 +1,12 @@

31

+AUX vsftpd-2.1.0-caps.patch 575 RMD160 a7b27df472ccbb5068d5f9961fe6bb010063e98c SHA1 f98d3cfbc1eb68f6e852cf9cbf5ad80407be5557 SHA256 4888021a25625041746b91025af0c2a2cb1fde758eda1d6c94098d4de0c1e370

32

+AUX vsftpd-2.2.0-dont-link-caps.patch 806 RMD160 670bfa8433ea5c9769d238aaebb9fce1d43e9e40 SHA1 d28260190d4613dae798d0f09d267be1ffcbc0a7 SHA256 fd164d4702ae866cb06ad245653b4f25c73d1d701a211b1f972b45b98ab55dd2

33

+AUX vsftpd-2.2.0-gentoo.patch 11049 RMD160 ef4fafea61a4ecf37d771f2da75bb10570dec898 SHA1 8846603f85f9515a154cfd8c1823c3e2e4e7e0e9 SHA256 e1737c941837aaf8e060a649903934174528704feffd100f86180a7ec68f3760

34

+AUX vsftpd-2.3.2-as-needed.patch 423 RMD160 36b79388cd7f7c6e7e9f8b4903622f4a1fa48762 SHA1 5e33ee6613715f84fa67e6bd09aec1be13aac95c SHA256 ad393655b30887294dfcf46fe63ea24e3339f027a84fe7de03364500829496d9

35

+AUX vsftpd-2.3.2-kerberos.patch 842 RMD160 01a77e587615e4367f2740ea52631fd115c8ea0a SHA1 ff1ef2088b960a77051b4cf83491f1c4ce70c621 SHA256 d86bed62c0fd22372f4704a12d7f75ce42fc15765ceec802b4b0c5680bc9c200

36

+AUX vsftpd.conf 3842 RMD160 2b0971c60f2ae2f9d3136849dff4dcf8ce117d41 SHA1 ebd5847bb328d8df188d85ffc5ccd7fcd5983525 SHA256 08b680a8531ecc8ccd9bf7cd91dc2de0a49105803a6d8fdcbe0f0dd47de8f6e0

37

+AUX vsftpd.init 1922 RMD160 50925ca15a4f94662790244546454c523b6e4f95 SHA1 ef453f4925e941e21075be678387076e57246b3d SHA256 78941ea7744d65d4674b4df8ecee6df91e6ed601c47d64ce1f489af56ea250e2

38

+AUX vsftpd.logrotate 53 RMD160 0fba0639da0d827fc0decfcf9ccd34fc7ad23c68 SHA1 cf18de9f84ad9a44974a7ae0f29562e9a516d5f9 SHA256 b31f4db8e2f8640f83bc38d83444ab784f8fc9a6492f654bb4149e1f566da2f3

39

+AUX vsftpd.xinetd 432 RMD160 6e2b2d0517d0bf8a2a9d7ce42ca2ea4ce73fbca2 SHA1 5325ecbf0755ebd5778d69039393af075c1a9b40 SHA256 4e68c12108509823c74cd66f833299def48f497a4d660624362d3b4990af828f

40

+DIST vsftpd-2.3.4.tar.gz 187043 RMD160 4097b495b5b03833e18b1639931939c3176e498b SHA1 b774cc6b4c50e20f4fe9ca7f6aa74169ce7fe5ea SHA256 b466edf96437afa2b2bea6981d4ab8b0204b83ca0a2ac94bef6b62b42cc71a5a

41

+EBUILD vsftpd-2.3.4.ebuild 3301 RMD160 b250c7b1457ec217a54029c4db4cd38d080843c3 SHA1 9d8b37db29bc8f3207e1fc8e9e3f0bc2dda84493 SHA256 f7839872a5e942eefaa01eec4189e7f8af17e2181b17b734b9ade05c9fd08a00

42

+MISC metadata.xml 724 RMD160 e0592272500a06dbd5bfa5d6f7e379a5390a2d02 SHA1 0292de42362025b58ea73c06513f35ff0a4eb56d SHA256 a718c41114032e6e27f6168b40e3ab324b9b17e3436e32a50caecb45ef7f59b4

43

44

diff --git a/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch b/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch

45

new file mode 100644

46

index 0000000..bd29762

47

--- /dev/null

48

+++ b/net-ftp/vsftpd/files/vsftpd-2.1.0-caps.patch

49

@@ -0,0 +1,15 @@

50

+diff -ur vsftpd-2.1.0.orig/sysdeputil.c vsftpd-2.1.0/sysdeputil.c

51

+--- vsftpd-2.1.0.orig/sysdeputil.c	2009-02-23 18:23:26.000000000 +0100

52

++++ vsftpd-2.1.0/sysdeputil.c	2009-02-23 18:23:51.000000000 +0100

53

+@@ -160,10 +160,8 @@

54

+ #include <sys/capability.h>

55

+

56

+ #if defined(VSF_SYSDEP_HAVE_CAPABILITIES) && !defined(VSF_SYSDEP_HAVE_LIBCAP)

57

+-#include <linux/unistd.h>

58

+ #include <linux/capability.h>

59

+-#include <errno.h>

60

+-#include <syscall.h>

61

++#include <sys/syscall.h>

62

+ int capset(cap_user_header_t header, const cap_user_data_t data)

63

+ {

64

+   return syscall(__NR_capset, header, data);

65

66

diff --git a/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch b/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch

67

new file mode 100644

68

index 0000000..debcf06

69

--- /dev/null

70

+++ b/net-ftp/vsftpd/files/vsftpd-2.2.0-dont-link-caps.patch

71

@@ -0,0 +1,21 @@

72

+diff -ur vsftpd-2.2.0.orig/vsf_findlibs.sh vsftpd-2.2.0/vsf_findlibs.sh

73

+--- vsftpd-2.2.0.orig/vsf_findlibs.sh	2009-08-23 22:15:39.000000000 -0700

74

++++ vsftpd-2.2.0/vsf_findlibs.sh	2009-08-23 22:16:31.000000000 -0700

75

+@@ -44,17 +44,6 @@

76

+ # For older HP-UX...

77

+ locate_library /usr/lib/libsec.sl && echo "-lsec";

78

+

79

+-# Look for libcap (capabilities)

80

+-if locate_library /lib/libcap.so.1; then

81

+-  echo "/lib/libcap.so.1";

82

+-elif locate_library /lib/libcap.so.2; then

83

+-  echo "/lib/libcap.so.2";

84

+-else

85

+-  locate_library /usr/lib/libcap.so && echo "-lcap";

86

+-  locate_library /lib/libcap.so && echo "-lcap";

87

+-  locate_library /lib64/libcap.so && echo "-lcap";

88

+-fi

89

+-

90

+ # Solaris needs this for nanosleep()..

91

+ locate_library /lib/libposix4.so && echo "-lposix4";

92

+ locate_library /usr/lib/libposix4.so && echo "-lposix4";

93

94

diff --git a/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch b/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch

95

new file mode 100644

96

index 0000000..353dff3

97

--- /dev/null

98

+++ b/net-ftp/vsftpd/files/vsftpd-2.2.0-gentoo.patch

99

@@ -0,0 +1,264 @@

100

+diff -NrU5 vsftpd-2.2.0.original/defs.h vsftpd-2.2.0/defs.h

101

+--- vsftpd-2.2.0.original/defs.h	2009-08-23 15:23:00.000000000 -0600

102

++++ vsftpd-2.2.0/defs.h	2009-08-23 16:01:20.000000000 -0600

103

+@@ -1,9 +1,9 @@

104

+ #ifndef VSF_DEFS_H

105

+ #define VSF_DEFS_H

106

+

107

+-#define VSFTP_DEFAULT_CONFIG    "/etc/vsftpd.conf"

108

++#define VSFTP_DEFAULT_CONFIG    "/etc/vsftpd/vsftpd.conf"

109

+

110

+ #define VSFTP_COMMAND_FD        0

111

+

112

+ #define VSFTP_PASSWORD_MAX      128

113

+ #define VSFTP_USERNAME_MAX      128

114

+diff -NrU5 vsftpd-2.2.0.original/tunables.c vsftpd-2.2.0/tunables.c

115

+--- vsftpd-2.2.0.original/tunables.c	2009-08-23 15:23:00.000000000 -0600

116

++++ vsftpd-2.2.0/tunables.c	2009-08-23 16:00:14.000000000 -0600

117

+@@ -244,23 +244,23 @@

118

+   tunable_delay_successful_login = 0;

119

+   tunable_max_login_fails = 3;

120

+   /* -rw------- */

121

+   tunable_chown_upload_mode = 0600;

122

+

123

+-  install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir);

124

++  install_str_setting("/usr/share/vsftpd/empty", &tunable_secure_chroot_dir);

125

+   install_str_setting("ftp", &tunable_ftp_username);

126

+   install_str_setting("root", &tunable_chown_username);

127

+   install_str_setting("/var/log/xferlog", &tunable_xferlog_file);

128

+   install_str_setting("/var/log/vsftpd.log", &tunable_vsftpd_log_file);

129

+   install_str_setting(".message", &tunable_message_file);

130

+   install_str_setting("nobody", &tunable_nopriv_user);

131

+   install_str_setting(0, &tunable_ftpd_banner);

132

+-  install_str_setting("/etc/vsftpd.banned_emails", &tunable_banned_email_file);

133

+-  install_str_setting("/etc/vsftpd.chroot_list", &tunable_chroot_list_file);

134

++  install_str_setting("/etc/vsftpd/banned_emails", &tunable_banned_email_file);

135

++  install_str_setting("/etc/vsftpd/chroot_list", &tunable_chroot_list_file);

136

+   install_str_setting("ftp", &tunable_pam_service_name);

137

+   install_str_setting("ftp", &tunable_guest_username);

138

+-  install_str_setting("/etc/vsftpd.user_list", &tunable_userlist_file);

139

++  install_str_setting("/etc/vsftpd/user_list", &tunable_userlist_file);

140

+   install_str_setting(0, &tunable_anon_root);

141

+   install_str_setting(0, &tunable_local_root);

142

+   install_str_setting(0, &tunable_banner_file);

143

+   install_str_setting(0, &tunable_pasv_address);

144

+   install_str_setting(0, &tunable_listen_address);

145

+@@ -269,11 +269,11 @@

146

+   install_str_setting(0, &tunable_cmds_allowed);

147

+   install_str_setting(0, &tunable_cmds_denied);

148

+   install_str_setting(0, &tunable_hide_file);

149

+   install_str_setting(0, &tunable_deny_file);

150

+   install_str_setting(0, &tunable_user_sub_token);

151

+-  install_str_setting("/etc/vsftpd.email_passwords",

152

++  install_str_setting("/etc/vsftpd/email_passwords",

153

+                       &tunable_email_password_file);

154

+   install_str_setting("/usr/share/ssl/certs/vsftpd.pem",

155

+                       &tunable_rsa_cert_file);

156

+   install_str_setting(0, &tunable_dsa_cert_file);

157

+   install_str_setting("DES-CBC3-SHA", &tunable_ssl_ciphers);

158

+diff -NrU5 vsftpd-2.2.0.original/vsftpd.8 vsftpd-2.2.0/vsftpd.8

159

+--- vsftpd-2.2.0.original/vsftpd.8	2009-08-23 15:23:00.000000000 -0600

160

++++ vsftpd-2.2.0/vsftpd.8	2009-08-23 16:10:03.000000000 -0600

161

+@@ -19,11 +19,11 @@

162

+ Alternatively, vsftpd can be launched in standalone mode, in which case vsftpd

163

+ itself will listen on the network. This latter mode is easier to use, and

164

+ recommended. It is activated by setting

165

+ .Pa listen=YES

166

+ in

167

+-.Pa /etc/vsftpd.conf .

168

++.Pa /etc/vsftpd/vsftpd.conf .

169

+ Direct execution of the

170

+ .Nm vsftpd

171

+ binary will then launch the FTP service ready for immediate client connections.

172

+ .Sh OPTIONS

173

+ An optional

174

+@@ -31,11 +31,11 @@

175

+ may be given on the command line. These files must be owned as root if running

176

+ as root. Any command line option not starting with a "-" character is treated

177

+ as a config file that will be loaded. Note that config files are loaded in the

178

+ strict order that they are encountered on the command line.

179

+ If no config files are specified, the default configuration file of

180

+-.Pa /etc/vsftpd.conf

181

++.Pa /etc/vsftpd/vsftpd.conf

182

+ will be loaded, after all other command line options are processed.

183

+ .Pp

184

+ Supported options are:

185

+ .Bl -tag -width Ds

186

+ .It Fl v

187

+@@ -45,16 +45,16 @@

188

+ -o options are supported, and they are applied in strict order relative to

189

+ their appearance on the command line, including intermingling with loading of

190

+ config files.

191

+ .El

192

+ .Sh EXAMPLES

193

+-vsftpd -olisten=NO /etc/vsftpd.conf -oftpd_banner=blah

194

++vsftpd -olisten=NO /etc/vsftpd/vsftpd.conf -oftpd_banner=blah

195

+ .Pp

196

+ That example overrides vsftpd's built-in default for the "listen" option to be

197

+-NO, but then loads /etc/vsftpd.conf which may override that setting. Finally,

198

++NO, but then loads /etc/vsftpd/vsftpd.conf which may override that setting. Finally,

199

+ the "ftpd_banner" setting is set to "blah", which overrides any default vsftpd

200

+ setting and any identical setting that was in the config file.

201

+ .Sh FILES

202

+-.Pa /etc/vsftpd.conf

203

++.Pa /etc/vsftpd/vsftpd.conf

204

+ .Sh SEE ALSO

205

+ .Xr vsftpd.conf 5

206

+ .end

207

+diff -NrU5 vsftpd-2.2.0.original/vsftpd.conf vsftpd-2.2.0/vsftpd.conf

208

+--- vsftpd-2.2.0.original/vsftpd.conf	2009-08-23 15:23:00.000000000 -0600

209

++++ vsftpd-2.2.0/vsftpd.conf	2009-08-23 15:35:03.000000000 -0600

210

+@@ -1,6 +1,6 @@

211

+-# Example config file /etc/vsftpd.conf

212

++# Example config file /etc/vsftpd/vsftpd.conf

213

+ #

214

+ # The default compiled in settings are fairly paranoid. This sample file

215

+ # loosens things up a bit, to make the ftp daemon more usable.

216

+ # Please see vsftpd.conf.5 for all compiled in defaults.

217

+ #

218

+@@ -85,19 +85,19 @@

219

+ #

220

+ # You may specify a file of disallowed anonymous e-mail addresses. Apparently

221

+ # useful for combatting certain DoS attacks.

222

+ #deny_email_enable=YES

223

+ # (default follows)

224

+-#banned_email_file=/etc/vsftpd.banned_emails

225

++#banned_email_file=/etc/vsftpd/banned_emails

226

+ #

227

+ # You may specify an explicit list of local users to chroot() to their home

228

+ # directory. If chroot_local_user is YES, then this list becomes a list of

229

+ # users to NOT chroot().

230

+ #chroot_local_user=YES

231

+ #chroot_list_enable=YES

232

+ # (default follows)

233

+-#chroot_list_file=/etc/vsftpd.chroot_list

234

++#chroot_list_file=/etc/vsftpd/chroot_list

235

+ #

236

+ # You may activate the "-R" option to the builtin ls. This is disabled by

237

+ # default to avoid remote users being able to cause excessive I/O on large

238

+ # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume

239

+ # the presence of the "-R" option, so there is a strong case for enabling it.

240

+diff -NrU5 vsftpd-2.2.0.original/vsftpd.conf.5 vsftpd-2.2.0/vsftpd.conf.5

241

+--- vsftpd-2.2.0.original/vsftpd.conf.5	2009-08-23 15:23:00.000000000 -0600

242

++++ vsftpd-2.2.0/vsftpd.conf.5	2009-08-23 15:49:59.000000000 -0600

243

+@@ -2,11 +2,11 @@

244

+ .SH NAME

245

+ vsftpd.conf \- config file for vsftpd

246

+ .SH DESCRIPTION

247

+ vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By

248

+ default, vsftpd looks for this file at the location

249

+-.BR /etc/vsftpd.conf .

250

++.BR /etc/vsftpd/vsftpd.conf .

251

+ However, you may override this by specifying a command line argument to

252

+ vsftpd. The command line argument is the pathname of the configuration file

253

+ for vsftpd. This behaviour is useful because you may wish to use an advanced

254

+ inetd such as

255

+ .BR xinetd

256

+@@ -136,11 +136,11 @@

257

+ If activated, you may provide a list of local users who are placed in a

258

+ chroot() jail in their home directory upon login. The meaning is slightly

259

+ different if chroot_local_user is set to YES. In this case, the list becomes

260

+ a list of users which are NOT to be placed in a chroot() jail.

261

+ By default, the file containing this list is

262

+-/etc/vsftpd.chroot_list, but you may override this with the

263

++/etc/vsftpd/chroot_list, but you may override this with the

264

+ .BR chroot_list_file

265

+ setting.

266

+

267

+ Default: NO

268

+ .TP

269

+@@ -175,11 +175,11 @@

270

+ Default: NO

271

+ .TP

272

+ .B deny_email_enable

273

+ If activated, you may provide a list of anonymous password e-mail responses

274

+ which cause login to be denied. By default, the file containing this list is

275

+-/etc/vsftpd.banned_emails, but you may override this with the

276

++/etc/vsftpd/banned_emails, but you may override this with the

277

+ .BR banned_email_file

278

+ setting.

279

+

280

+ Default: NO

281

+ .TP

282

+@@ -431,11 +431,11 @@

283

+ access to low-security content without needing virtual users. When enabled,

284

+ anonymous logins are prevented unless the password provided is listed in the

285

+ file specified by the

286

+ .BR email_password_file

287

+ setting. The file format is one password per line, no extra whitespace. The

288

+-default filename is /etc/vsftpd.email_passwords.

289

++default filename is /etc/vsftpd/email_passwords.

290

+

291

+ Default: NO

292

+ .TP

293

+ .B session_support

294

+ This controls whether vsftpd attempts to maintain sessions for logins. If

295

+@@ -762,11 +762,11 @@

296

+ This option is the name of a file containing a list of anonymous e-mail

297

+ passwords which are not permitted. This file is consulted if the option

298

+ .BR deny_email_enable

299

+ is enabled.

300

+

301

+-Default: /etc/vsftpd.banned_emails

302

++Default: /etc/vsftpd/banned_emails

303

+ .TP

304

+ .B banner_file

305

+ This option is the name of a file containing text to display when someone

306

+ connects to the server. If set, it overrides the banner string provided by

307

+ the

308

+@@ -799,11 +799,11 @@

309

+ is enabled. If the option

310

+ .BR chroot_local_user

311

+ is enabled, then the list file becomes a list of users to NOT place in a

312

+ chroot() jail.

313

+

314

+-Default: /etc/vsftpd.chroot_list

315

++Default: /etc/vsftpd/chroot_list

316

+ .TP

317

+ .B cmds_allowed

318

+ This options specifies a comma separated list of allowed FTP commands (post

319

+ login. USER, PASS and QUIT and others are always allowed pre-login). Other

320

+ commands are rejected. This is a powerful method of really locking down an

321

+@@ -860,11 +860,11 @@

322

+ .B email_password_file

323

+ This option can be used to provide an alternate file for usage by the

324

+ .BR secure_email_list_enable

325

+ setting.

326

+

327

+-Default: /etc/vsftpd.email_passwords

328

++Default: /etc/vsftpd/email_passwords

329

+ .TP

330

+ .B ftp_username

331

+ This is the name of the user we use for handling anonymous FTP. The home

332

+ directory of this user is the root of the anonymous FTP area.

333

+

334

+@@ -983,14 +983,14 @@

335

+ This powerful option allows the override of any config option specified in

336

+ the manual page, on a per-user basis. Usage is simple, and is best illustrated

337

+ with an example. If you set

338

+ .BR user_config_dir

339

+ to be

340

+-.BR /etc/vsftpd_user_conf

341

++.BR /etc/vsftpd/user_conf

342

+ and then log on as the user "chris", then vsftpd will apply the settings in

343

+ the file

344

+-.BR /etc/vsftpd_user_conf/chris

345

++.BR /etc/vsftpd/user_conf/chris

346

+ for the duration of the session. The format of this file is as detailed in

347

+ this manual page! PLEASE NOTE that not all settings are effective on a

348

+ per-user basis. For example, many settings only prior to the user's session

349

+ being started. Examples of settings which will not affect any behviour on

350

+ a per-user basis include listen_address, banner_file, max_per_ip, max_clients,

351

+@@ -1022,11 +1022,11 @@

352

+ .B userlist_file

353

+ This option is the name of the file loaded when the

354

+ .BR userlist_enable

355

+ option is active.

356

+

357

+-Default: /etc/vsftpd.user_list

358

++Default: /etc/vsftpd/user_list

359

+ .TP

360

+ .B vsftpd_log_file

361

+ This option is the name of the file to which we write the vsftpd style

362

+ log file. This log is only written if the option

363

+ .BR xferlog_enable

364

365

diff --git a/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch b/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch

366

new file mode 100644

367

index 0000000..330026e

368

--- /dev/null

369

+++ b/net-ftp/vsftpd/files/vsftpd-2.3.2-as-needed.patch

370

@@ -0,0 +1,13 @@

371

+Index: vsftpd-2.3.2/Makefile

372

+===================================================================

373

+--- vsftpd-2.3.2.orig/Makefile

374

++++ vsftpd-2.3.2/Makefile

375

+@@ -21,7 +21,7 @@ OBJS	=	main.o utility.o prelogin.o ftpcm

376

+ 	$(CC) -c $*.c $(CFLAGS) $(IFLAGS)

377

+

378

+ vsftpd: $(OBJS) 

379

+-	$(CC) -o vsftpd $(OBJS) $(LINK) $(LIBS) $(LDFLAGS)

380

++	$(CC) -o vsftpd $(LDFLAGS) $(OBJS) $(LINK) $(LIBS)

381

+

382

+ install:

383

+ 	if [ -x /usr/local/sbin ]; then \

384

385

diff --git a/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch b/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch

386

new file mode 100644

387

index 0000000..702363e

388

--- /dev/null

389

+++ b/net-ftp/vsftpd/files/vsftpd-2.3.2-kerberos.patch

390

@@ -0,0 +1,20 @@

391

+Index: vsftpd-2.3.2/twoprocess.c

392

+===================================================================

393

+--- vsftpd-2.3.2.orig/twoprocess.c

394

++++ vsftpd-2.3.2/twoprocess.c

395

+@@ -284,6 +284,7 @@ process_login_req(struct vsf_session* p_

396

+ {

397

+   enum EVSFPrivopLoginResult e_login_result = kVSFLoginNull;

398

+   char cmd;

399

++  vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD);

400

+   /* Blocks */

401

+   cmd = priv_sock_get_cmd(p_sess->parent_fd);

402

+   if (cmd != PRIV_SOCK_LOGIN)

403

+@@ -363,7 +364,6 @@ common_do_login(struct vsf_session* p_se

404

+   int was_anon = anon;

405

+   const struct mystr* p_orig_user_str = p_user_str;

406

+   int newpid;

407

+-  vsf_sysutil_install_null_sighandler(kVSFSysUtilSigCHLD);

408

+   /* Tells the pre-login child all is OK (it may exit in response) */

409

+   priv_sock_send_result(p_sess->parent_fd, PRIV_SOCK_RESULT_OK);

410

+   if (!p_sess->control_use_ssl)

411

412

diff --git a/net-ftp/vsftpd/files/vsftpd.conf b/net-ftp/vsftpd/files/vsftpd.conf

413

new file mode 100644

414

index 0000000..2ed7008

415

--- /dev/null

416

+++ b/net-ftp/vsftpd/files/vsftpd.conf

417

@@ -0,0 +1,105 @@

418

+#

419

+# Example vsftpd config file

420

+#

421

+# See man 5 vsftpd.conf for more information.

422

+#

423

+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.conf,v 1.6 2005/08/03 09:38:31 uberlord Exp $

424

+

425

+# Enable vsftpd to run as a standalone daemon

426

+# Comment these two out to run under inetd or xinetd

427

+background=YES

428

+listen=YES

429

+

430

+# Allow anonymous FTP?

431

+anonymous_enable=YES

432

+

433

+# Uncomment this to allow local users to log in.

434

+#local_enable=YES

435

+

436

+# Uncomment this to enable any form of FTP write command.

437

+#write_enable=YES

438

+

439

+# Default umask for local users is 077. You may wish to change this to 022,

440

+# if your users expect that (022 is used by most other ftpd's)

441

+#local_umask=022

442

+

443

+# Uncomment this to allow the anonymous FTP user to upload files. This only

444

+# has an effect if the above global write enable is activated. Also, you will

445

+# obviously need to create a directory writable by the FTP user.

446

+#anon_upload_enable=YES

447

+

448

+# Uncomment this if you want the anonymous FTP user to be able to create

449

+# new directories.

450

+#anon_mkdir_write_enable=YES

451

+

452

+# Activate directory messages - messages given to remote users when they

453

+# go into a certain directory.

454

+dirmessage_enable=YES

455

+

456

+# Make sure PORT transfer connections originate from port 20 (ftp-data).

457

+connect_from_port_20=YES

458

+

459

+# If you want, you can arrange for uploaded anonymous files to be owned by

460

+# a different user. Note! Using "root" for uploaded files is not

461

+# recommended!

462

+#chown_uploads=YES

463

+#chown_username=whoever

464

+

465

+# Activate logging of uploads/downloads.

466

+xferlog_enable=YES

467

+

468

+# If you want, you can have your log file in standard ftpd xferlog format

469

+#xferlog_std_format=YES

470

+

471

+# You may override where the log file goes if you like.

472

+xferlog_file=/var/log/vsftpd.log

473

+

474

+# You may change the default value for timing out an idle session.

475

+#idle_session_timeout=600

476

+

477

+# You may change the default value for timing out a data connection.

478

+#data_connection_timeout=120

479

+

480

+# It is recommended that you define on your system a unique user which the

481

+# ftp server can use as a totally isolated and unprivileged user.

482

+nopriv_user=nobody

483

+

484

+# Enable this and the server will recognise asynchronous ABOR requests. Not

485

+# recommended for security (the code is non-trivial). Not enabling it,

486

+# however, may confuse older FTP clients.

487

+#async_abor_enable=YES

488

+

489

+# By default the server will pretend to allow ASCII mode but in fact ignore

490

+# the request. Turn on the below options to have the server actually do ASCII

491

+# mangling on files when in ASCII mode.

492

+# Beware that turning on ascii_download_enable enables malicious remote parties

493

+# to consume your I/O resources, by issuing the command "SIZE /big/file" in

494

+# ASCII mode.

495

+# These ASCII options are split into upload and download because you may wish

496

+# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),

497

+# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be

498

+# on the client anyway..

499

+#ascii_upload_enable=YES

500

+#ascii_download_enable=YES

501

+

502

+# You may fully customise the login banner string:

503

+#ftpd_banner=Welcome to blah FTP service.

504

+

505

+# You may specify a file of disallowed anonymous e-mail addresses. Apparently

506

+# useful for combatting certain DoS attacks.

507

+#deny_email_enable=YES

508

+# (default follows)

509

+#banned_email_file=/etc/vsftpd/banned_emails

510

+

511

+# You may specify an explicit list of local users to chroot() to their home

512

+# directory. If chroot_local_user is YES, then this list becomes a list of

513

+# users to NOT chroot().

514

+#chroot_list_enable=YES

515

+# (default follows)

516

+#chroot_list_file=/etc/vsftpd/chroot_list

517

+

518

+# You may activate the "-R" option to the builtin ls. This is disabled by

519

+# default to avoid remote users being able to cause excessive I/O on large

520

+# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume

521

+# the presence of the "-R" option, so there is a strong case for enabling it.

522

+#ls_recurse_enable=YES

523

524

diff --git a/net-ftp/vsftpd/files/vsftpd.init b/net-ftp/vsftpd/files/vsftpd.init

525

new file mode 100644

526

index 0000000..e486e1f

527

--- /dev/null

528

+++ b/net-ftp/vsftpd/files/vsftpd.init

529

@@ -0,0 +1,69 @@

530

+#!/sbin/runscript

531

+# Copyright 2003-2004 Gentoo Foundation

532

+# Distributed under the terms of the GNU General Public License, v2

533

+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.init,v 1.7 2008/12/26 16:50:15 armin76 Exp $

534

+

535

+VSFTPD_NAME=${SVCNAME##*.}

536

+if [ -n "${VSFTPD_NAME}" -a "${SVCNAME}" != "vsftpd" ]; then

537

+    VSFTPD_PID="/var/run/vsftpd.${VSFTPD_NAME}.pid"

538

+    VSFTPD_CONF_DEFAULT="/etc/vsftpd/${VSFTPD_NAME}.conf"

539

+else

540

+    VSFTPD_PID="/var/run/vsftpd.pid"

541

+    VSFTPD_CONF_DEFAULT="/etc/vsftpd/vsftpd.conf"

542

+fi

543

+VSFTPD_CONF=${VSFTPD_CONF:-${VSFTPD_CONF_DEFAULT}}

544

+VSFTPD_EXEC=${VSFTPD_EXEC:-/usr/sbin/vsftpd}

545

+

546

+depend() {

547

+	need net

548

+	use dns logger

549

+}

550

+

551

+checkconfig() {

552

+	if [ ! -e ${VSFTPD_CONF} ] ; then

553

+		eerror "Please setup ${VSFTPD_CONF} before starting vsftpd"

554

+		eerror "There are sample configurations in /usr/share/doc/vsftpd"

555

+		return 1

556

+	fi

557

+

558

+	if egrep -iq "^ *background *= *yes" "${VSFTPD_CONF}" ; then

559

+		eerror "${VSFTPD_CONF} must not set background=YES"

560

+		return 1

561

+	fi

562

+

563

+	local has_ip=false has_ipv6=false ip_error=true

564

+	egrep -iq "^ *listen *= *yes" "${VSFTPD_CONF}" && has_ip=true

565

+	egrep -iq "^ *listen_ipv6 *= *yes" "${VSFTPD_CONF}" && has_ipv6=true

566

+	if ${has_ip} && ! ${has_ipv6} ; then

567

+		ip_error=false

568

+	elif ! ${has_ip} && ${has_ipv6} ; then

569

+		ip_error=false

570

+	fi

571

+	if ${ip_error} ; then

572

+		eerror "${VSFTPD_CONF} must contain listen=YES or listen_ipv6=YES"

573

+		eerror "but not both"

574

+		return 1

575

+	fi

576

+}

577

+

578

+start() {

579

+	checkconfig || return 1

580

+	ebegin "Starting ${SVCNAME}"

581

+	start-stop-daemon --start --exec ${VSFTPD_EXEC} \

582

+		--background --make-pidfile --pidfile "${VSFTPD_PID}" \

583

+		-- "${VSFTPD_CONF}"

584

+	eend $?

585

+}

586

+

587

+stop() {

588

+	ebegin "Stopping ${SVCNAME}"

589

+	if [ -f ${VSFTPD_PID} ]; then

590

+		start-stop-daemon --stop --pidfile ${VSFTPD_PID} 

591

+	else

592

+		ewarn "Couldn't found ${VSFTPD_PID} trying to stop over the process name ${SVCNAME}"

593

+		start-stop-daemon --stop --name ${SVCNAME}

594

+	fi

595

+	eend $?

596

+}

597

+

598

+# vim: ts=4

599

600

diff --git a/net-ftp/vsftpd/files/vsftpd.logrotate b/net-ftp/vsftpd/files/vsftpd.logrotate

601

new file mode 100644

602

index 0000000..f443e2e

603

--- /dev/null

604

+++ b/net-ftp/vsftpd/files/vsftpd.logrotate

605

@@ -0,0 +1,4 @@

606

+/var/log/vsftpd.log {

607

+    missingok

608

+    notifempty

609

+}

610

611

diff --git a/net-ftp/vsftpd/files/vsftpd.xinetd b/net-ftp/vsftpd/files/vsftpd.xinetd

612

new file mode 100644

613

index 0000000..d1d88e9

614

--- /dev/null

615

+++ b/net-ftp/vsftpd/files/vsftpd.xinetd

616

@@ -0,0 +1,15 @@

617

+# default: off

618

+# description: Vsftpd is an FTP server, designed to be secure.

619

+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/files/vsftpd.xinetd,v 1.4 2005/06/07 18:34:17 uberlord Exp $

620

+

621

+service ftp

622

+{

623

+	socket_type     = stream

624

+	wait            = no

625

+	user            = root

626

+	server          = /usr/sbin/vsftpd

627

+	server_args     = /etc/vsftpd/vsftpd.conf

628

+	log_on_success  += DURATION 

629

+	nice            = 10

630

+	disable         = yes

631

+}

632

633

diff --git a/net-ftp/vsftpd/metadata.xml b/net-ftp/vsftpd/metadata.xml

634

new file mode 100644

635

index 0000000..12e7f5b

636

--- /dev/null

637

+++ b/net-ftp/vsftpd/metadata.xml

638

@@ -0,0 +1,26 @@

639

+<?xml version="1.0" encoding="UTF-8"?>

640

+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">

641

+<pkgmetadata>

642

+	<herd>net-ftp</herd>

643

+	<maintainer>

644

+		<email>hwoarang@g.o</email>

645

+		<name>Markos Chandras</name>

646

+	</maintainer>

647

+	<maintainer>

648

+		<email>wired@g.o</email>

649

+		<name>Alex Alexander</name>

650

+	</maintainer>

651

+	<maintainer>

652

+			<email>c1pher@g.o</email>

653

+			<name>Dane Smith</name>

654

+	</maintainer>

655

+	<maintainer>

656

+		<email>bugs@××××××××××.nu</email>

657

+		<name>Johan Bergström</name>

658

+		<description>Proxy Maintainer. CC him on bugs</description>

659

+	</maintainer>

660

+	<longdescription lang="en">

661

+		Very Secure FTP Daemon written with speed, size and security

662

+		in mind

663

+	</longdescription>

664

+</pkgmetadata>

665

666

diff --git a/net-ftp/vsftpd/vsftpd-2.3.4.ebuild b/net-ftp/vsftpd/vsftpd-2.3.4.ebuild

667

new file mode 100644

668

index 0000000..9bc6137

669

--- /dev/null

670

+++ b/net-ftp/vsftpd/vsftpd-2.3.4.ebuild

671

@@ -0,0 +1,110 @@

672

+# Copyright 1999-2011 Gentoo Foundation

673

+# Distributed under the terms of the GNU General Public License v2

674

+# $Header: /var/cvsroot/gentoo-x86/net-ftp/vsftpd/vsftpd-2.3.2-r1.ebuild,v 1.7 2011/01/21 17:17:45 xarthisius Exp $

675

+

676

+inherit eutils toolchain-funcs

677

+

678

+DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind"

679

+HOMEPAGE="http://vsftpd.beasts.org/"

680

+SRC_URI="ftp://vsftpd.beasts.org/users/cevans/${P}.tar.gz"

681

+

682

+LICENSE="GPL-2"

683

+SLOT="0"

684

+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"

685

+IUSE="caps pam tcpd ssl selinux xinetd"

686

+

687

+DEPEND="caps? ( >=sys-libs/libcap-2 )

688

+	pam? ( virtual/pam )

689

+	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )

690

+	ssl? ( >=dev-libs/openssl-0.9.7d )"

691

+RDEPEND="${DEPEND}

692

+	net-ftp/ftpbase

693

+	selinux? ( sec-policy/selinux-ftpd )

694

+	xinetd? ( sys-apps/xinetd )"

695

+

696

+src_unpack() {

697

+	unpack ${A}

698

+	cd "${S}"

699

+

700

+	# as-needed patch. Bug #335977

701

+	epatch "${FILESDIR}/${PN}-2.3.2-as-needed.patch"

702

+

703

+	# kerberos patch. bug #335980

704

+	epatch "${FILESDIR}/${PN}-2.3.2-kerberos.patch"

705

+

706

+	# Patch the source, config and the manpage to use /etc/vsftpd/

707

+	epatch "${FILESDIR}/${PN}-2.2.0-gentoo.patch"

708

+

709

+	# Fix building without the libcap

710

+	epatch "${FILESDIR}/${PN}-2.1.0-caps.patch"

711

+

712

+	# Configure vsftpd build defaults

713

+	use tcpd && echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h

714

+	use ssl && echo "#define VSF_BUILD_SSL" >> builddefs.h

715

+	use pam || echo "#undef VSF_BUILD_PAM" >> builddefs.h

716

+

717

+	# Ensure that we don't link against libcap unless asked

718

+	if ! use caps ; then

719

+		sed -i '/^#define VSF_SYSDEP_HAVE_LIBCAP$/ d' sysdeputil.c

720

+		epatch "${FILESDIR}"/${PN}-2.2.0-dont-link-caps.patch

721

+	fi

722

+

723

+	# Let portage control stripping

724

+	sed -i '/^LINK[[:space:]]*=[[:space:]]*/ s/-Wl,-s//' Makefile

725

+}

726

+

727

+src_compile() {

728

+	emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" || die

729

+}

730

+

731

+src_install() {

732

+	into /usr

733

+	doman vsftpd.conf.5 vsftpd.8 || die "doman failed"

734

+	dosbin vsftpd || die "disbin failed"

735

+

736

+	dodoc AUDIT BENCHMARKS BUGS Changelog FAQ \

737

+		README README.security REWARD SIZE \

738

+		SPEED TODO TUNING || die "dodoc failed"

739

+	newdoc vsftpd.conf vsftpd.conf.example || die "newdoc failed"

740

+

741

+	docinto security

742

+	dodoc SECURITY/* || die "dodoc failed"

743

+

744

+	insinto "/usr/share/doc/${PF}/examples"

745

+	doins -r EXAMPLE/* || die "doins faileD"

746

+

747

+	insinto /etc/vsftpd

748

+	newins vsftpd.conf vsftpd.conf.example || die "newins failed"

749

+

750

+	insinto /etc/logrotate.d

751

+	newins "${FILESDIR}/vsftpd.logrotate" vsftpd || die "newins failed"

752

+

753

+	if use xinetd ; then

754

+		insinto /etc/xinetd.d

755

+		newins "${FILESDIR}/vsftpd.xinetd" vsftpd || die "newins failed"

756

+	fi

757

+

758

+	newinitd "${FILESDIR}/vsftpd.init" vsftpd || die "newinitd failed"

759

+

760

+	keepdir /usr/share/vsftpd/empty

761

+}

762

+

763

+pkg_preinst() {

764

+	# If we use xinetd, then we set listen=NO

765

+	# so that our default config works under xinetd - fixes #78347

766

+	if use xinetd ; then

767

+		sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/vsftpd/vsftpd.conf.example

768

+	fi

769

+}

770

+

771

+pkg_postinst() {

772

+	einfo "vsftpd init script can now be multiplexed."

773

+	einfo "The default init script forces /etc/vsftpd/vsftpd.conf to exist."

774

+	einfo "If you symlink the init script to another one, say vsftpd.foo"

775

+	einfo "then that uses /etc/vsftpd/foo.conf instead."

776

+	einfo

777

+	einfo "Example:"

778

+	einfo "   cd /etc/init.d"

779

+	einfo "   ln -s vsftpd vsftpd.foo"

780

+	einfo "You can now treat vsftpd.foo like any other service"

781

+}

Gentoo Archives: gentoo-commits