1 |
hoffie 08/11/06 12:54:07 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: proftpd-1.3.2_rc2.ebuild |
5 |
Log: |
6 |
version bump and patch for security bug 238762 (CVE-2008-4242); this bump has been done due to lack of maintainer activity, as noted in the security handling policy; also fixes bug 238288 and bug 238691 |
7 |
(Portage version: 2.2_rc13/cvs/Linux 2.6.27-gentoo x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.174 net-ftp/proftpd/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-ftp/proftpd/ChangeLog?rev=1.174&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-ftp/proftpd/ChangeLog?rev=1.174&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-ftp/proftpd/ChangeLog?r1=1.173&r2=1.174 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v |
19 |
retrieving revision 1.173 |
20 |
retrieving revision 1.174 |
21 |
diff -u -r1.173 -r1.174 |
22 |
--- ChangeLog 21 Aug 2008 22:45:39 -0000 1.173 |
23 |
+++ ChangeLog 6 Nov 2008 12:54:07 -0000 1.174 |
24 |
@@ -1,6 +1,16 @@ |
25 |
# ChangeLog for net-ftp/proftpd |
26 |
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.173 2008/08/21 22:45:39 cardoe Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.174 2008/11/06 12:54:07 hoffie Exp $ |
29 |
+ |
30 |
+*proftpd-1.3.2_rc2 (06 Nov 2008) |
31 |
+ |
32 |
+ 06 Nov 2008; Christian Hoffmann <hoffie@g.o> |
33 |
+ +files/proftpd-1.3.2_rc2-CVE-2008-4242.patch, +proftpd-1.3.2_rc2.ebuild: |
34 |
+ version bump and patch for security bug 238762 (CVE-2008-4242); this bump |
35 |
+ has been done due to lack of maintainer activity, as noted in the security |
36 |
+ handling policy; compile-tested on ~amd64 and seems to work von hardened |
37 |
+ x86; please don't bug me with anything except for regressions I caused; |
38 |
+ also fixes bug 238288 and bug 238691 |
39 |
|
40 |
21 Aug 2008; Doug Goldstein <cardoe@g.o> metadata.xml: |
41 |
add GLEP 56 USE flag desc from use.local.desc |
42 |
|
43 |
|
44 |
|
45 |
1.1 net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild |
46 |
|
47 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild?rev=1.1&view=markup |
48 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild?rev=1.1&content-type=text/plain |
49 |
|
50 |
Index: proftpd-1.3.2_rc2.ebuild |
51 |
=================================================================== |
52 |
# Copyright 1999-2008 Gentoo Foundation |
53 |
# Distributed under the terms of the GNU General Public License v2 |
54 |
# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild,v 1.1 2008/11/06 12:54:07 hoffie Exp $ |
55 |
|
56 |
inherit eutils flag-o-matic toolchain-funcs |
57 |
|
58 |
KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86" |
59 |
|
60 |
IUSE="acl authfile clamav hardened ifsession ipv6 ldap mysql ncurses nls noauthunix opensslcrypt pam postgres radius rewrite selinux shaper sitemisc softquota ssl tcpd vroot xinetd" |
61 |
|
62 |
SHAPER_VER="0.6.2" |
63 |
VROOT_VER="0.7.2" |
64 |
|
65 |
DESCRIPTION="An advanced and very configurable FTP server." |
66 |
SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.bz2 |
67 |
clamav? ( http://www.uglyboxindustries.com/mod_clamav_new.c http://www.uglyboxindustries.com/mod_clamav_new.html ) |
68 |
shaper? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-shaper-${SHAPER_VER}.tar.gz ) |
69 |
vroot? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-vroot-${VROOT_VER}.tar.gz )" |
70 |
HOMEPAGE="http://www.proftpd.org/ |
71 |
http://www.castaglia.org/proftpd/ |
72 |
http://www.uglyboxindustries.com/open-source.php" |
73 |
|
74 |
SLOT="0" |
75 |
LICENSE="GPL-2" |
76 |
|
77 |
DEPEND="acl? ( sys-apps/acl sys-apps/attr ) |
78 |
clamav? ( app-antivirus/clamav ) |
79 |
ldap? ( >=net-nds/openldap-1.2.11 ) |
80 |
mysql? ( virtual/mysql ) |
81 |
ncurses? ( sys-libs/ncurses ) |
82 |
opensslcrypt? ( >=dev-libs/openssl-0.9.6f ) |
83 |
pam? ( virtual/pam ) |
84 |
postgres? ( virtual/postgresql-base ) |
85 |
ssl? ( >=dev-libs/openssl-0.9.6f ) |
86 |
tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 ) |
87 |
xinetd? ( virtual/inetd )" |
88 |
|
89 |
RDEPEND="${DEPEND} |
90 |
net-ftp/ftpbase |
91 |
selinux? ( sec-policy/selinux-ftpd )" |
92 |
|
93 |
S="${WORKDIR}/${P/_/}" |
94 |
|
95 |
pkg_setup() { |
96 |
# Add the proftpd user to make the default config |
97 |
# work out-of-the-box |
98 |
enewgroup proftpd |
99 |
enewuser proftpd -1 -1 -1 proftpd |
100 |
} |
101 |
|
102 |
src_unpack() { |
103 |
unpack ${P/_/}.tar.bz2 |
104 |
|
105 |
cd "${S}" |
106 |
|
107 |
epatch "${FILESDIR}/${P}-CVE-2008-4242.patch" |
108 |
|
109 |
# Fix stripping of files |
110 |
sed -e "s| @INSTALL_STRIP@||g" -i Make* |
111 |
|
112 |
if use shaper ; then |
113 |
unpack ${PN}-mod-shaper-${SHAPER_VER}.tar.gz |
114 |
cp -f mod_shaper/mod_shaper.c contrib/ |
115 |
fi |
116 |
|
117 |
if use clamav ; then |
118 |
cp -f "${DISTDIR}/mod_clamav_new.c" contrib/mod_clamav.c |
119 |
cp -f "${DISTDIR}/mod_clamav_new.html" doc/mod_clamav.html |
120 |
fi |
121 |
|
122 |
if use vroot ; then |
123 |
unpack ${PN}-mod-vroot-${VROOT_VER}.tar.gz |
124 |
cp -f mod_vroot/mod_vroot.c contrib/ |
125 |
cp -f mod_vroot/mod_vroot.html doc/ |
126 |
fi |
127 |
} |
128 |
|
129 |
src_compile() { |
130 |
addpredict /etc/krb5.conf |
131 |
local modules myconf |
132 |
|
133 |
modules="mod_ratio:mod_readme" |
134 |
use acl && modules="${modules}:mod_facl" |
135 |
use clamav && modules="${modules}:mod_clamav" |
136 |
use pam && modules="${modules}:mod_auth_pam" |
137 |
use radius && modules="${modules}:mod_radius" |
138 |
use rewrite && modules="${modules}:mod_rewrite" |
139 |
use shaper && modules="${modules}:mod_shaper" |
140 |
use sitemisc && modules="${modules}:mod_site_misc" |
141 |
use ssl && modules="${modules}:mod_tls" |
142 |
use tcpd && modules="${modules}:mod_wrap" |
143 |
use vroot && modules="${modules}:mod_vroot" |
144 |
|
145 |
# pam needs to be explicitely disabled |
146 |
use pam || myconf="${myconf} --enable-auth-pam=no" |
147 |
|
148 |
if use ldap ; then |
149 |
modules="${modules}:mod_ldap" |
150 |
append-ldflags "-lresolv" |
151 |
fi |
152 |
|
153 |
if use opensslcrypt ; then |
154 |
append-ldflags "-lcrypto" |
155 |
myconf="${myconf} --enable-openssl --with-includes=/usr/include/openssl" |
156 |
CFLAGS="${CFLAGS} -DHAVE_OPENSSL" |
157 |
fi |
158 |
|
159 |
if use nls ; then |
160 |
myconf="${myconf} --enable-nls" |
161 |
fi |
162 |
|
163 |
if use mysql && use postgres ; then |
164 |
ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules." |
165 |
ewarn "Presently this ebuild defaults to mysql. If you would like to" |
166 |
ewarn "change the default behaviour, merge ProFTPD with:" |
167 |
ewarn "USE='-mysql postgres' emerge proftpd" |
168 |
epause 5 |
169 |
fi |
170 |
|
171 |
if use mysql ; then |
172 |
modules="${modules}:mod_sql:mod_sql_mysql" |
173 |
myconf="${myconf} --with-includes=/usr/include/mysql" |
174 |
elif use postgres ; then |
175 |
modules="${modules}:mod_sql:mod_sql_postgres" |
176 |
myconf="${myconf} --with-includes=/usr/include/postgresql" |
177 |
fi |
178 |
|
179 |
if use softquota ; then |
180 |
modules="${modules}:mod_quotatab" |
181 |
if use mysql || use postgres ; then |
182 |
modules="${modules}:mod_quotatab_sql" |
183 |
fi |
184 |
if use ldap ; then |
185 |
modules="${modules}:mod_quotatab_file:mod_quotatab_ldap" |
186 |
else |
187 |
modules="${modules}:mod_quotatab_file" |
188 |
fi |
189 |
fi |
190 |
|
191 |
# mod_ifsession should be the last module in the --with-modules list |
192 |
# see http://www.castaglia.org/proftpd/modules/mod_ifsession.html#Installation |
193 |
use ifsession && modules="${modules}:mod_ifsession" |
194 |
|
195 |
# bug #30359 |
196 |
use hardened && echo > lib/libcap/cap_sys.c |
197 |
gcc-specs-pie && echo > lib/libcap/cap_sys.c |
198 |
|
199 |
if use noauthunix ; then |
200 |
myconf="${myconf} --disable-auth-unix" |
201 |
else |
202 |
myconf="${myconf} --enable-auth-unix" |
203 |
fi |
204 |
|
205 |
econf \ |
206 |
--sbindir=/usr/sbin \ |
207 |
--localstatedir=/var/run \ |
208 |
--sysconfdir=/etc/proftpd \ |
209 |
--enable-shadow \ |
210 |
--enable-autoshadow \ |
211 |
--enable-ctrls \ |
212 |
--with-modules=${modules} \ |
213 |
$(use_enable acl facl) \ |
214 |
$(use_enable authfile auth-file) \ |
215 |
$(use_enable ipv6) \ |
216 |
$(use_enable ncurses) \ |
217 |
${myconf} || die "econf failed" |
218 |
|
219 |
emake || die "emake failed" |
220 |
} |
221 |
|
222 |
src_install() { |
223 |
# Note rundir needs to be specified to avoid sandbox violation |
224 |
# on initial install. See Make.rules |
225 |
emake DESTDIR="${D}" install || die "emake install failed" |
226 |
|
227 |
keepdir /var/run/proftpd |
228 |
|
229 |
dodoc "${FILESDIR}/proftpd.conf" \ |
230 |
COPYING CREDITS ChangeLog NEWS README* \ |
231 |
doc/license.txt |
232 |
dohtml doc/*.html |
233 |
|
234 |
use shaper && dohtml mod_shaper/mod_shaper.html |
235 |
|
236 |
docinto rfc |
237 |
dodoc doc/rfc/*.txt |
238 |
|
239 |
mv -f "${D}/etc/proftpd/proftpd.conf" "${D}/etc/proftpd/proftpd.conf.distrib" |
240 |
|
241 |
insinto /etc/proftpd |
242 |
newins "${FILESDIR}/proftpd.conf" proftpd.conf.sample |
243 |
|
244 |
if use xinetd ; then |
245 |
insinto /etc/xinetd.d |
246 |
newins "${FILESDIR}/proftpd.xinetd" proftpd |
247 |
fi |
248 |
|
249 |
newinitd "${FILESDIR}/proftpd.rc6" proftpd |
250 |
} |
251 |
|
252 |
pkg_postinst() { |
253 |
elog |
254 |
elog "You can find the config files in /etc/proftpd" |
255 |
elog |
256 |
ewarn "With the introduction of net-ftp/ftpbase the ftp user is now ftp." |
257 |
ewarn "Remember to change that in the configuration file." |
258 |
ewarn |
259 |
if use clamav ; then |
260 |
ewarn "mod_clamav was updated to a new version, which uses Clamd" |
261 |
ewarn "only for virus scanning, so you'll have to set Clamd up" |
262 |
ewarn "and start it, also re-check the mod_clamav docs." |
263 |
ewarn |
264 |
fi |
265 |
} |