1 |
slyfox 15/05/30 21:00:27 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: proftpd-1.3.5a.ebuild |
5 |
Log: |
6 |
Version bump: fixes security bug #546644 aka CVE-2015-3306: Unauthenticated copying of files via SITE CPFR/CPTO in mod_copy (USE=copy). |
7 |
|
8 |
(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 611FF3AA) |
9 |
|
10 |
Revision Changes Path |
11 |
1.333 net-ftp/proftpd/ChangeLog |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-ftp/proftpd/ChangeLog?rev=1.333&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-ftp/proftpd/ChangeLog?rev=1.333&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-ftp/proftpd/ChangeLog?r1=1.332&r2=1.333 |
16 |
|
17 |
Index: ChangeLog |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v |
20 |
retrieving revision 1.332 |
21 |
retrieving revision 1.333 |
22 |
diff -u -r1.332 -r1.333 |
23 |
--- ChangeLog 30 May 2015 13:57:11 -0000 1.332 |
24 |
+++ ChangeLog 30 May 2015 21:00:27 -0000 1.333 |
25 |
@@ -1,6 +1,12 @@ |
26 |
# ChangeLog for net-ftp/proftpd |
27 |
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 |
28 |
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.332 2015/05/30 13:57:11 idella4 Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.333 2015/05/30 21:00:27 slyfox Exp $ |
30 |
+ |
31 |
+*proftpd-1.3.5a (30 May 2015) |
32 |
+ |
33 |
+ 30 May 2015; Sergei Trofimovich <slyfox@g.o> +proftpd-1.3.5a.ebuild: |
34 |
+ Version bump: fixes security bug #546644 aka CVE-2015-3306: Unauthenticated |
35 |
+ copying of files via SITE CPFR/CPTO in mod_copy (USE=copy). |
36 |
|
37 |
30 May 2015; Ian Delaney <idella4@g.o> proftpd-1.3.5-r2.ebuild: |
38 |
correction to the slot operator setting to dev-libs/openssl, noted by floppym |
39 |
|
40 |
|
41 |
|
42 |
1.1 net-ftp/proftpd/proftpd-1.3.5a.ebuild |
43 |
|
44 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-ftp/proftpd/proftpd-1.3.5a.ebuild?rev=1.1&view=markup |
45 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-ftp/proftpd/proftpd-1.3.5a.ebuild?rev=1.1&content-type=text/plain |
46 |
|
47 |
Index: proftpd-1.3.5a.ebuild |
48 |
=================================================================== |
49 |
# Copyright 1999-2015 Gentoo Foundation |
50 |
# Distributed under the terms of the GNU General Public License v2 |
51 |
# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.5a.ebuild,v 1.1 2015/05/30 21:00:27 slyfox Exp $ |
52 |
|
53 |
EAPI=5 |
54 |
inherit eutils multilib systemd |
55 |
|
56 |
MOD_CASE="0.7" |
57 |
MOD_CLAMAV="0.11rc" |
58 |
MOD_DISKUSE="0.9" |
59 |
MOD_GSS="1.3.3" |
60 |
MOD_MSG="0.4.1" |
61 |
MOD_VROOT="0.9.3" |
62 |
|
63 |
DESCRIPTION="An advanced and very configurable FTP server" |
64 |
HOMEPAGE="http://www.proftpd.org/ |
65 |
http://www.castaglia.org/proftpd/ |
66 |
http://www.thrallingpenguin.com/resources/mod_clamav.htm |
67 |
http://gssmod.sourceforge.net/" |
68 |
SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.gz |
69 |
case? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-case-${MOD_CASE}.tar.gz ) |
70 |
clamav? ( https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-${MOD_CLAMAV}.tar.gz ) |
71 |
diskuse? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-diskuse-${MOD_DISKUSE}.tar.gz ) |
72 |
kerberos? ( mirror://sourceforge/gssmod/mod_gss-${MOD_GSS}.tar.gz ) |
73 |
msg? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-msg-${MOD_MSG}.tar.gz ) |
74 |
vroot? ( https://github.com/Castaglia/${PN}-mod_vroot/archive/mod_vroot-${MOD_VROOT}.tar.gz )" |
75 |
LICENSE="GPL-2" |
76 |
|
77 |
SLOT="0" |
78 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" |
79 |
IUSE="acl authfile ban +caps case clamav copy ctrls deflate diskuse doc dso dynmasq exec ifsession ifversion ident ipv6 |
80 |
kerberos ldap linguas_bg_BG linguas_en_US linguas_fr_FR linguas_it_IT linguas_ja_JP linguas_ko_KR |
81 |
linguas_ru_RU linguas_zh_CN linguas_zh_TW log_forensic memcache msg mysql ncurses nls openssl pam +pcre postgres qos radius |
82 |
ratio readme rewrite selinux sftp shaper sitemisc snmp softquota sqlite ssl tcpd test trace unique_id vroot xinetd" |
83 |
# TODO: geoip |
84 |
REQUIRED_USE="ban? ( ctrls ) |
85 |
msg? ( ctrls ) |
86 |
sftp? ( openssl ) |
87 |
shaper? ( ctrls ) |
88 |
ssl? ( openssl )" |
89 |
|
90 |
CDEPEND="acl? ( virtual/acl ) |
91 |
caps? ( sys-libs/libcap ) |
92 |
clamav? ( app-antivirus/clamav ) |
93 |
kerberos? ( virtual/krb5 ) |
94 |
ldap? ( net-nds/openldap ) |
95 |
memcache? ( >=dev-libs/libmemcached-0.41 ) |
96 |
mysql? ( virtual/mysql ) |
97 |
nls? ( virtual/libiconv ) |
98 |
ncurses? ( sys-libs/ncurses ) |
99 |
openssl? ( dev-libs/openssl:0= ) |
100 |
pam? ( virtual/pam ) |
101 |
pcre? ( dev-libs/libpcre ) |
102 |
postgres? ( dev-db/postgresql:= ) |
103 |
sqlite? ( dev-db/sqlite:3 ) |
104 |
xinetd? ( virtual/inetd )" |
105 |
DEPEND="${CDEPEND} |
106 |
test? ( dev-libs/check )" |
107 |
RDEPEND="${CDEPEND} |
108 |
net-ftp/ftpbase |
109 |
selinux? ( sec-policy/selinux-ftp )" |
110 |
|
111 |
S="${WORKDIR}/${P/_/}" |
112 |
|
113 |
__prepare_module() { |
114 |
local mod_name=$1 |
115 |
local mod_topdir=${WORKDIR}/${2:-${mod_name}} |
116 |
|
117 |
mv "${mod_topdir}/${mod_name}.c" contrib || die |
118 |
mv "${mod_topdir}/${mod_name}.html" doc/contrib || die |
119 |
rm -r "${mod_topdir}" || die |
120 |
} |
121 |
|
122 |
src_prepare() { |
123 |
# Skip 'install-conf' / Support LINGUAS |
124 |
sed -i -e "/install-all/s/ install-conf//" Makefile.in |
125 |
sed -i -e "s/^LANGS=.*$/LANGS=${LINGUAS}/" locale/Makefile.in |
126 |
|
127 |
# Prepare external modules |
128 |
use case && __prepare_module mod_case |
129 |
if use clamav ; then |
130 |
mv "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/mod_clamav.{c,h} contrib |
131 |
epatch "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/${PN}.patch |
132 |
rm -r "${WORKDIR}"/mod_clamav-${MOD_CLAMAV} |
133 |
fi |
134 |
use msg && __prepare_module mod_msg |
135 |
use vroot && __prepare_module mod_vroot ${PN}-mod_vroot-mod_vroot-${MOD_VROOT} |
136 |
|
137 |
# Prepare external kerberos module |
138 |
if use kerberos ; then |
139 |
cd "${WORKDIR}"/mod_gss-${MOD_GSS} |
140 |
|
141 |
# Support app-crypt/heimdal / Gentoo Bug #284853 |
142 |
sed -i -e "s/krb5_principal2principalname/_\0/" mod_auth_gss.c.in |
143 |
|
144 |
# Remove obsolete DES / Gentoo Bug #324903 |
145 |
# Replace 'rpm' lookups / Gentoo Bug #391021 |
146 |
sed -i -e "/ac_gss_libs/s/ -ldes425//" \ |
147 |
-e "s/ac_libdir=\`rpm -q -l.*$/ac_libdir=\/usr\/$(get_libdir)\//" \ |
148 |
-e "s/ac_includedir=\`rpm -q -l.*$/ac_includedir=\/usr\/include\//" configure{,.in} |
149 |
fi |
150 |
} |
151 |
|
152 |
src_configure() { |
153 |
local c m |
154 |
|
155 |
use acl && m="${m}:mod_facl" |
156 |
use ban && m="${m}:mod_ban" |
157 |
use case && m="${m}:mod_case" |
158 |
use clamav && m="${m}:mod_clamav" |
159 |
use copy && m="${m}:mod_copy" |
160 |
use ctrls && m="${m}:mod_ctrls_admin" |
161 |
use deflate && m="${m}:mod_deflate" |
162 |
if use diskuse ; then |
163 |
cd "${WORKDIR}"/mod_diskuse |
164 |
econf |
165 |
mv mod_diskuse.{c,h} "${S}"/contrib |
166 |
mv mod_diskuse.html "${S}"/doc/contrib |
167 |
cd "${S}" |
168 |
rm -r "${WORKDIR}"/mod_diskuse |
169 |
m="${m}:mod_diskuse" |
170 |
fi |
171 |
use dynmasq && m="${m}:mod_dynmasq" |
172 |
use exec && m="${m}:mod_exec" |
173 |
use ifsession && m="${m}:mod_ifsession" |
174 |
use ifversion && m="${m}:mod_ifversion" |
175 |
if use kerberos ; then |
176 |
cd "${WORKDIR}"/mod_gss-${MOD_GSS} |
177 |
if has_version app-crypt/mit-krb5 ; then |
178 |
econf --enable-mit |
179 |
else |
180 |
econf --enable-heimdal |
181 |
fi |
182 |
mv mod_{auth_gss,gss}.c "${S}"/contrib |
183 |
mv mod_gss.h "${S}"/include |
184 |
mv README.mod_{auth_gss,gss} "${S}" |
185 |
mv mod_gss.html "${S}"/doc/contrib |
186 |
mv rfc{1509,2228}.txt "${S}"/doc/rfc |
187 |
cd "${S}" |
188 |
rm -r "${WORKDIR}"/mod_gss-${MOD_GSS} |
189 |
m="${m}:mod_gss:mod_auth_gss" |
190 |
fi |
191 |
use ldap && m="${m}:mod_ldap" |
192 |
use log_forensic && m="${m}:mod_log_forensic" |
193 |
use msg && m="${m}:mod_msg" |
194 |
if use mysql || use postgres || use sqlite ; then |
195 |
m="${m}:mod_sql:mod_sql_passwd" |
196 |
use mysql && m="${m}:mod_sql_mysql" |
197 |
use postgres && m="${m}:mod_sql_postgres" |
198 |
use sqlite && m="${m}:mod_sql_sqlite" |
199 |
fi |
200 |
use qos && m="${m}:mod_qos" |
201 |
use radius && m="${m}:mod_radius" |
202 |
use ratio && m="${m}:mod_ratio" |
203 |
use readme && m="${m}:mod_readme" |
204 |
use rewrite && m="${m}:mod_rewrite" |
205 |
if use sftp ; then |
206 |
m="${m}:mod_sftp" |
207 |
use pam && m="${m}:mod_sftp_pam" |
208 |
use mysql || use postgres || use sqlite && m="${m}:mod_sftp_sql" |
209 |
fi |
210 |
use shaper && m="${m}:mod_shaper" |
211 |
use sitemisc && m="${m}:mod_site_misc" |
212 |
use snmp && m="${m}:mod_snmp" |
213 |
if use softquota ; then |
214 |
m="${m}:mod_quotatab:mod_quotatab_file" |
215 |
use ldap && m="${m}:mod_quotatab_ldap" |
216 |
use radius && m="${m}:mod_quotatab_radius" |
217 |
use mysql || use postgres || use sqlite && m="${m}:mod_quotatab_sql" |
218 |
fi |
219 |
if use ssl ; then |
220 |
m="${m}:mod_tls:mod_tls_shmcache" |
221 |
use memcache && m="${m}:mod_tls_memcache" |
222 |
fi |
223 |
if use tcpd ; then |
224 |
m="${m}:mod_wrap2:mod_wrap2_file" |
225 |
use mysql || use postgres || use sqlite && m="${m}:mod_wrap2_sql" |
226 |
fi |
227 |
use unique_id && m="${m}:mod_unique_id" |
228 |
use vroot && m="${m}:mod_vroot" |
229 |
|
230 |
if [[ -n ${PROFTP_CUSTOM_MODULES} ]]; then |
231 |
einfo "Adding user-specified extra modules: '${PROFTP_CUSTOM_MODULES}'" |
232 |
m="${m}:${PROFTP_CUSTOM_MODULES}" |
233 |
fi |
234 |
|
235 |
[[ -z ${m} ]] || c="${c} --with-modules=${m:1}" |
236 |
econf --localstatedir=/var/run/proftpd --sysconfdir=/etc/proftpd --disable-strip \ |
237 |
$(use_enable acl facl) \ |
238 |
$(use_enable authfile auth-file) \ |
239 |
$(use_enable caps cap) \ |
240 |
$(use_enable ctrls) \ |
241 |
$(use_enable dso) \ |
242 |
$(use_enable ident) \ |
243 |
$(use_enable ipv6) \ |
244 |
$(use_enable memcache) \ |
245 |
$(use_enable ncurses) \ |
246 |
$(use_enable nls) \ |
247 |
$(use_enable openssl) \ |
248 |
$(use_enable pam auth-pam) \ |
249 |
$(use_enable pcre) \ |
250 |
$(use_enable test tests) \ |
251 |
$(use_enable trace) \ |
252 |
$(use_enable userland_GNU shadow) \ |
253 |
$(use_enable userland_GNU autoshadow) \ |
254 |
${c:1} |
255 |
} |
256 |
|
257 |
src_test() { |
258 |
emake api-tests -C tests |
259 |
} |
260 |
|
261 |
src_install() { |
262 |
default |
263 |
[[ -z ${LINGUAS} ]] && rm -r "${ED}"/usr/share/locale |
264 |
rm -rf "${ED}"/var/run |
265 |
|
266 |
newinitd "${FILESDIR}"/proftpd.initd proftpd |
267 |
insinto /etc/proftpd |
268 |
doins "${FILESDIR}"/proftpd.conf.sample |
269 |
|
270 |
if use xinetd ; then |
271 |
insinto /etc/xinetd.d |
272 |
newins "${FILESDIR}"/proftpd.xinetd proftpd |
273 |
fi |
274 |
|
275 |
dodoc ChangeLog CREDITS INSTALL NEWS README* RELEASE_NOTES |
276 |
if use doc ; then |
277 |
dohtml doc/*.html doc/contrib/*.html doc/howto/*.html doc/modules/*.html |
278 |
docinto rfc |
279 |
dodoc doc/rfc/*.txt |
280 |
fi |
281 |
|
282 |
systemd_dounit "${FILESDIR}"/${PN}.service |
283 |
systemd_newtmpfilesd "${FILESDIR}"/${PN}-tmpfiles.d.conf ${PN}.conf |
284 |
} |