summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-ftp/proftpd/ChangeLog6
-rw-r--r--net-ftp/proftpd/proftpd-1.3.2a.ebuild277
-rw-r--r--net-ftp/proftpd/proftpd-1.3.3_rc1-r1.ebuild218
3 files changed, 5 insertions, 496 deletions
diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog
index bc5037775473..640e05c0f406 100644
--- a/net-ftp/proftpd/ChangeLog
+++ b/net-ftp/proftpd/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for net-ftp/proftpd
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.210 2009/10/26 15:06:15 voyageur Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.211 2009/10/27 07:30:39 voyageur Exp $
+
+ 27 Oct 2009; Bernard Cafarelli <voyageur@gentoo.org>
+ -proftpd-1.3.2a.ebuild, -proftpd-1.3.3_rc1-r1.ebuild:
+ Remove some security vulnerable versions, security bug #290664
*proftpd-1.3.3_rc2 (26 Oct 2009)
*proftpd-1.3.2b (26 Oct 2009)
diff --git a/net-ftp/proftpd/proftpd-1.3.2a.ebuild b/net-ftp/proftpd/proftpd-1.3.2a.ebuild
deleted file mode 100644
index c0c9695a8e98..000000000000
--- a/net-ftp/proftpd/proftpd-1.3.2a.ebuild
+++ /dev/null
@@ -1,277 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.2a.ebuild,v 1.1 2009/09/07 16:46:32 voyageur Exp $
-
-inherit eutils flag-o-matic toolchain-funcs autotools
-
-KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
-
-IUSE="acl authfile ban case clamav deflate hardened ifsession ipv6 kerberos ldap mysql ncurses nls noauthunix opensslcrypt pam postgres radius rewrite selinux shaper sitemisc softquota ssl tcpd vroot xinetd"
-
-CASE_VER="0.3"
-CLAMAV_VER="0.11rc"
-DEFLATE_VER="0.3.3"
-MODGSS_VER="1.3.2"
-SHAPER_VER="0.6.5"
-VROOT_VER="0.8.3"
-
-DESCRIPTION="An advanced and very configurable FTP server."
-
-SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.bz2
- case? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-case-${CASE_VER}.tar.gz )
- clamav? ( https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-${CLAMAV_VER}.tar.gz )
- deflate? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-deflate-${DEFLATE_VER}.tar.gz )
- kerberos? ( mirror://sourceforge/gssmod/mod_gss-${MODGSS_VER}.tar.gz )
- shaper? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-shaper-${SHAPER_VER}.tar.gz )
- vroot? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-vroot-${VROOT_VER}.tar.gz )"
-
-HOMEPAGE="http://www.proftpd.org/
- http://www.castaglia.org/proftpd/
- http://www.thrallingpenguin.com/resources/mod_clamav.htm
- http://gssmod.sourceforge.net"
-
-SLOT="0"
-LICENSE="GPL-2"
-
-DEPEND="acl? ( sys-apps/acl sys-apps/attr )
- clamav? ( app-antivirus/clamav )
- kerberos? ( || ( <app-crypt/mit-krb5-1.7 app-crypt/heimdal ) )
- ldap? ( >=net-nds/openldap-1.2.11 )
- mysql? ( virtual/mysql )
- ncurses? ( sys-libs/ncurses )
- opensslcrypt? ( >=dev-libs/openssl-0.9.6f )
- pam? ( virtual/pam )
- postgres? ( virtual/postgresql-base )
- ssl? ( >=dev-libs/openssl-0.9.6f )
- tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )
- xinetd? ( virtual/inetd )"
-
-RDEPEND="${DEPEND}
- net-ftp/ftpbase
- selinux? ( sec-policy/selinux-ftpd )"
-
-S="${WORKDIR}/${P/_/}"
-
-pkg_setup() {
- # Add the proftpd user to make the default config
- # work out-of-the-box
- enewgroup proftpd
- enewuser proftpd -1 -1 -1 proftpd
-}
-
-src_unpack() {
- unpack ${P/_/}.tar.bz2
- cd "${S}"
-
- # Fix parallel build (committed upstream in 1.3.3rc1)
- epatch "${FILESDIR}"/${PN}-1.3.2-parallel-build.patch
- # Fix mysql include when both backends are enabled
- epatch "${FILESDIR}"/${PN}-1.3.2-mysql-include.patch
- # Do not use bundled libltdl when compiling mod_dso
- epatch "${FILESDIR}"/${PN}-1.3.2-system-libltdl.patch
-
- # Fix stripping of files
- sed -e "s| @INSTALL_STRIP@||g" -i Make*
-
- if use case ; then
- unpack ${PN}-mod-case-${CASE_VER}.tar.gz
- cp -f mod_case/mod_case.c contrib/
- cp -f mod_case/mod_case.html doc/
- fi
-
- if use clamav ; then
- unpack mod_clamav-${CLAMAV_VER}.tar.gz
- cp -f mod_clamav-${CLAMAV_VER}/mod_clamav.* contrib/
- epatch mod_clamav-${CLAMAV_VER}/${PN}.patch
- fi
-
- if use deflate ; then
- unpack ${PN}-mod-deflate-${DEFLATE_VER}.tar.gz
- cp -f mod_deflate/mod_deflate.c contrib/
- cp -f mod_deflate/mod_deflate.html doc/
- fi
-
- if use kerberos ; then
- unpack mod_gss-${MODGSS_VER}.tar.gz
- fi
-
- if use shaper ; then
- unpack ${PN}-mod-shaper-${SHAPER_VER}.tar.gz
- cp -f mod_shaper/mod_shaper.c contrib/
- cp -f mod_shaper/mod_shaper.html doc/
- fi
-
- if use vroot ; then
- unpack ${PN}-mod-vroot-${VROOT_VER}.tar.gz
- cp -f mod_vroot/mod_vroot.c contrib/
- cp -f mod_vroot/mod_vroot.html doc/
- fi
-
- # Fix bug #221275
- # extract custom PR_ macros from aclocal.m4 to acinclude.m4
- # and delete the provided aclocal.m4 before running autoreconf
- einfo "Extract custom m4 macros from aclocal.m4 ..."
- sed -e '/libtool\.m4/q' aclocal.m4 > acinclude.m4
- rm -f aclocal.m4
-
- eautoreconf
-}
-
-src_compile() {
- addpredict /etc/krb5.conf
- local modules myconf mylibs
-
- modules="mod_ratio:mod_readme:mod_ctrls_admin"
- use acl && modules="${modules}:mod_facl"
- use ban && modules="${modules}:mod_ban"
- use case && modules="${modules}:mod_case"
- use clamav && modules="${modules}:mod_clamav"
- use deflate && modules="${modules}:mod_deflate"
- use pam && modules="${modules}:mod_auth_pam"
- use radius && modules="${modules}:mod_radius"
- use rewrite && modules="${modules}:mod_rewrite"
- use shaper && modules="${modules}:mod_shaper"
- use sitemisc && modules="${modules}:mod_site_misc"
- use ssl && modules="${modules}:mod_tls"
- use tcpd && modules="${modules}:mod_wrap"
- use vroot && modules="${modules}:mod_vroot"
-
- # pam needs to be explicitely disabled
- use pam || myconf="${myconf} --enable-auth-pam=no"
-
- if use ldap ; then
- modules="${modules}:mod_ldap"
- mylibs="${mylibs} -lresolv"
- use ssl && CFLAGS="${CFLAGS} -DUSE_LDAP_TLS"
- fi
-
- if use opensslcrypt ; then
- myconf="${myconf} --enable-openssl --with-includes=/usr/include/openssl"
- mylibs="${mylibs} -lcrypto"
- CFLAGS="${CFLAGS} -DHAVE_OPENSSL"
- fi
-
- use nls && myconf="${myconf} --enable-nls"
-
- if use mysql || use postgres ; then
- modules="${modules}:mod_sql"
- if use mysql ; then
- modules="${modules}:mod_sql_mysql"
- myconf="${myconf} --with-includes=/usr/include/mysql"
- fi
- if use postgres ; then
- modules="${modules}:mod_sql_postgres"
- myconf="${myconf} --with-includes=/usr/include/postgresql"
- fi
- fi
-
- if use softquota ; then
- modules="${modules}:mod_quotatab"
- if use mysql || use postgres ; then
- modules="${modules}:mod_quotatab_sql"
- fi
- if use radius ; then
- modules="${modules}:mod_quotatab_radius"
- fi
- if use ldap ; then
- modules="${modules}:mod_quotatab_file:mod_quotatab_ldap"
- else
- modules="${modules}:mod_quotatab_file"
- fi
- fi
-
- # mod_ifsession should be the last module in the --with-modules list
- # see http://www.castaglia.org/proftpd/modules/mod_ifsession.html#Installation
- use ifsession && modules="${modules}:mod_ifsession"
-
- # bug #30359
- use hardened && echo > lib/libcap/cap_sys.c
- gcc-specs-pie && echo > lib/libcap/cap_sys.c
-
- if use noauthunix ; then
- myconf="${myconf} --disable-auth-unix"
- else
- myconf="${myconf} --enable-auth-unix"
- fi
-
- if use kerberos ; then
- cd "${S}"/mod_gss-${MODGSS_VER}
- # Generate source files for installed virtual/krb5 provider
- if has_version app-crypt/mit-krb5; then
- econf --enable-mit
- else
- econf --enable-heimdal
- fi
- cd "${S}"
- # copy the generated files
- cp -f mod_gss-${MODGSS_VER}/mod_gss.c contrib/
- cp -f mod_gss-${MODGSS_VER}/mod_gss.h include/
- cp -f mod_gss-${MODGSS_VER}/mod_auth_gss.c contrib/
-
- myconf="${myconf} --enable-dso --with-shared=mod_gss:mod_auth_gss"
- fi
-
- LIBS="${mylibs}" econf \
- --sbindir=/usr/sbin \
- --localstatedir=/var/run \
- --sysconfdir=/etc/proftpd \
- --enable-shadow \
- --enable-autoshadow \
- --enable-ctrls \
- --with-modules=${modules} \
- $(use_enable acl facl) \
- $(use_enable authfile auth-file) \
- $(use_enable ipv6) \
- $(use_enable ncurses) \
- ${myconf} || die "econf failed"
-
- emake || die "emake failed"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
-
- keepdir /var/run/proftpd
-
- dodoc "${FILESDIR}/proftpd.conf" \
- COPYING CREDITS ChangeLog NEWS README* \
- doc/license.txt
- dohtml doc/*.html
- dohtml doc/howto/*.html
-
- docinto rfc
- dodoc doc/rfc/*.txt
-
- mv -f "${D}/etc/proftpd/proftpd.conf" "${D}/etc/proftpd/proftpd.conf.distrib"
-
- insinto /etc/proftpd
- newins "${FILESDIR}/proftpd.conf" proftpd.conf.sample
-
- if use xinetd ; then
- insinto /etc/xinetd.d
- newins "${FILESDIR}/proftpd.xinetd" proftpd
- fi
-
- newinitd "${FILESDIR}/proftpd.rc6" proftpd
-}
-
-pkg_postinst() {
- elog
- elog "You can find the config files in /etc/proftpd"
- elog
- ewarn "With the introduction of net-ftp/ftpbase the ftp user is now ftp."
- ewarn "Remember to change that in the configuration file."
- ewarn
- if use mysql && use postgres ; then
- ewarn "ProFTPD has been build with the MySQL and PostgreSQL modules."
- ewarn "You can use the 'SQLBackend' directive to specify the used SQL"
- ewarn "backend. Without this directive the default backend is MySQL."
- ewarn
- fi
- if use clamav ; then
- ewarn "mod_clamav was updated to a new version, which uses Clamd"
- ewarn "only for virus scanning, so you'll have to set Clamd up"
- ewarn "and start it, also re-check the mod_clamav docs."
- ewarn
- fi
-}
diff --git a/net-ftp/proftpd/proftpd-1.3.3_rc1-r1.ebuild b/net-ftp/proftpd/proftpd-1.3.3_rc1-r1.ebuild
deleted file mode 100644
index 75c7f7a61b21..000000000000
--- a/net-ftp/proftpd/proftpd-1.3.3_rc1-r1.ebuild
+++ /dev/null
@@ -1,218 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.3_rc1-r1.ebuild,v 1.3 2009/09/24 15:42:20 voyageur Exp $
-
-EAPI="2"
-inherit autotools eutils
-
-CASE_VER="0.3"
-CLAMAV_VER="0.11rc"
-DEFLATE_VER="0.3.3"
-GSS_VER="1.3.2"
-VROOT_VER="0.8.5"
-
-DESCRIPTION="An advanced and very configurable FTP server."
-HOMEPAGE="http://www.proftpd.org/
- http://www.castaglia.org/proftpd/
- http://www.thrallingpenguin.com/resources/mod_clamav.htm
- http://gssmod.sourceforge.net/"
-SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.bz2
- case? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-case-${CASE_VER}.tar.gz )
- clamav? ( https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-${CLAMAV_VER}.tar.gz )
- deflate? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-deflate-${DEFLATE_VER}.tar.gz )
- kerberos? ( mirror://sourceforge/gssmod/mod_gss-${GSS_VER}.tar.gz )
- vroot? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-vroot-${VROOT_VER}.tar.gz )"
-LICENSE="GPL-2"
-
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
-IUSE="acl authfile ban +caps case clamav +ctrls deflate doc exec hardened ifsession ident ipv6 kerberos ldap mysql ncurses nls pam postgres radius ratio readme rewrite selinux sftp shaper sitemisc softquota +ssl tcpd trace vroot xinetd"
-
-DEPEND="acl? ( sys-apps/acl sys-apps/attr )
- caps? ( sys-libs/libcap )
- clamav? ( app-antivirus/clamav )
- kerberos? ( || ( <app-crypt/mit-krb5-1.7 app-crypt/heimdal ) )
- ldap? ( net-nds/openldap )
- mysql? ( virtual/mysql )
- ncurses? ( sys-libs/ncurses )
- pam? ( virtual/pam )
- postgres? ( virtual/postgresql-base )
- sftp? ( dev-libs/openssl )
- ssl? ( dev-libs/openssl )
- tcpd? ( sys-apps/tcp-wrappers )
- xinetd? ( virtual/inetd )"
-RDEPEND="${DEPEND}
- net-ftp/ftpbase
- selinux? ( sec-policy/selinux-ftpd )"
-
-S="${WORKDIR}/${P/_/}"
-
-__prepare_plugin() {
- mv "${WORKDIR}"/$1/$1.c contrib
- mv "${WORKDIR}"/$1/$1.html doc/contrib
- rm -rf "${WORKDIR}"/$1
-}
-
-pkg_setup() {
- if [ -f "${ROOT}"/var/run/proftpd.pid ] ; then
- eerror "Your ProFTPD server is running. In order to install this update"
- eerror "you have to stop the running server. If you are using ProFTPD in"
- eerror "the standalone mode you can stop the server by executing:"
- eerror " /etc/init.d/proftpd stop"
- eerror "If you are sure that ProFTPD is not running anymore you have to"
- eerror "delete the /var/run/proftpd.pid file."
- die "This update requires to stop the ProFTPD server!"
- fi
-}
-
-src_prepare() {
- use case && __prepare_plugin mod_case
- if use clamav ; then
- mv "${WORKDIR}"/mod_clamav-${CLAMAV_VER}/mod_clamav.{c,h} contrib
- epatch "${WORKDIR}"/mod_clamav-${CLAMAV_VER}/${PN}.patch
- rm -rf "${WORKDIR}"/mod_clamav-${CLAMAV_VER}
- fi
- use deflate && __prepare_plugin mod_deflate
- use vroot && __prepare_plugin mod_vroot
- # Bug #284853 when using heimdal
- use kerberos && sed -i -e "s/krb5_principal2principalname/_\0/" \
- "${WORKDIR}"/mod_gss-${GSS_VER}/mod_auth_gss.c.in
-
- # Fix MySQL includes
- sed -i -e "s/<mysql.h>/<mysql\/mysql.h>/g" contrib/mod_sql_mysql.c
-
- # Manipulate build system
- sed -i -e "s/utils install-conf install/utils install/g" Makefile.in
- sed -i -e "s/ @INSTALL_STRIP@//g" Make.rules.in
- sed -e "/libtool\.m4/q" aclocal.m4 > acinclude.m4
- rm -f aclocal.m4
- eautoreconf
-}
-
-src_configure() {
- local myconf mylibs mymodules
-
- use acl && mymodules="${mymodules}:mod_facl"
- use ban && mymodules="${mymodules}:mod_ban"
- use case && mymodules="${mymodules}:mod_case"
- use clamav && mymodules="${mymodules}:mod_clamav"
- if use ctrls || use shaper ; then
- myconf="${myconf} --enable-ctrls"
- mymodules="${mymodules}:mod_ctrls_admin"
- fi
- use deflate && mymodules="${mymodules}:mod_deflate"
- use exec && mymodules="${mymodules}:mod_exec"
- if use kerberos ; then
- cd "${WORKDIR}"/mod_gss-${GSS_VER}
- if has_version <app-crypt/mit-krb5-1.7 ; then
- econf --enable-mit
- else
- econf --enable-heimdal
- fi
- mv mod_{auth_gss,gss}.c "${S}"/contrib
- mv mod_gss.h "${S}"/include
- mv README.mod_{auth_gss,gss} "${S}"
- mv mod_gss.html "${S}"/doc/contrib
- mv rfc{1509,2228}.txt "${S}"/doc/rfc
- cd "${S}"
- rm -rf "${WORKDIR}"/mod_gss-${GSS_VER}
- mymodules="${mymodules}:mod_gss:mod_auth_gss"
- fi
- if use ldap ; then
- mylibs="${mylibs} -lresolv"
- mymodules="${mymodules}:mod_ldap"
- fi
- if use mysql || use postgres ; then
- mymodules="${mymodules}:mod_sql"
- if use mysql ; then
- myconf="${myconf} --with-includes=/usr/include/mysql"
- mymodules="${mymodules}:mod_sql_mysql"
- fi
- if use postgres ; then
- myconf="${myconf} --with-includes=/usr/include/postgresql"
- mymodules="${mymodules}:mod_sql_postgres"
- fi
- fi
- if use sftp || use ssl ; then
- CFLAGS="${CFLAGS} -DHAVE_OPENSSL"
- myconf="${myconf} --enable-openssl --with-includes=/usr/include/openssl"
- mylibs="${mylibs} -lcrypto"
- fi
- use radius && mymodules="${mymodules}:mod_radius"
- use ratio && mymodules="${mymodules}:mod_ratio"
- use readme && mymodules="${mymodules}:mod_readme"
- use rewrite && mymodules="${mymodules}:mod_rewrite"
- if use sftp ; then
- mymodules="${mymodules}:mod_sftp"
- use pam && mymodules="${mymodules}:mod_sftp_pam"
- if use mysql || use postgres ; then
- mymodules="${mymodules}:mod_sftp_sql"
- fi
- fi
- use shaper && mymodules="${mymodules}:mod_shaper"
- use sitemisc && mymodules="${mymodules}:mod_site_misc"
- if use softquota ; then
- mymodules="${mymodules}:mod_quotatab:mod_quotatab_file"
- use ldap && mymodules="${mymodules}:mod_quotatab_ldap"
- use radius && mymodules="${mymodules}:mod_quotatab_radius"
- if use mysql || use postgres ; then
- mymodules="${mymodules}:mod_quotatab_sql"
- fi
- fi
- use ssl && mymodules="${mymodules}:mod_tls:mod_tls_shmcache"
- use tcpd && mymodules="${mymodules}:mod_wrap"
- use vroot && mymodules="${mymodules}:mod_vroot"
- # mod_ifsession needs to be the last module in the mymodules list.
- use ifsession && mymodules="${mymodules}:mod_ifsession"
-
- [ ! -z ${mymodules} ] && myconf="${myconf} --with-modules=${mymodules:1}"
- LIBS="${mylibs}" econf --sbindir=/usr/sbin --localstatedir=/var/run/proftpd \
- --sysconfdir=/etc/proftpd --enable-shadow --enable-autoshadow \
- $(use_enable acl facl) \
- $(use_enable authfile auth-file) \
- $(use_enable caps cap) \
- $(use_enable ident) \
- $(use_enable ipv6) \
- $(use_enable ncurses) \
- $(use_enable nls) \
- $(use_enable trace) \
- $(use_enable pam auth-pam) \
- ${myconf} || die "econf failed"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "emake install failed"
-
- keepdir /var/run/proftpd
- newinitd "${FILESDIR}"/proftpd.rc7 proftpd
- if use xinetd ; then
- insinto /etc/xinetd.d
- newins "${FILESDIR}"/proftpd.xinetd proftpd
- fi
- insinto /etc/proftpd
- doins "${FILESDIR}"/proftpd.conf.sample
-
- dodoc ChangeLog CREDITS INSTALL NEWS README* RELEASE_NOTES
- if use doc ; then
- dohtml doc/*.html doc/contrib/*.html doc/howto/*.html doc/modules/*.html
- docinto rfc
- dodoc doc/rfc/*.txt
- fi
-}
-
-pkg_postinst() {
- if use mysql && use postgres ; then
- elog "ProFTPD has been built with the MySQL and PostgreSQL modules."
- elog "You can use the 'SQLBackend' directive to specify the used SQL"
- elog "backend. Without this directive the default backend is MySQL."
- fi
- if use exec ; then
- ewarn "You have enabled the mod_exec module. This can be a security risk,"
- ewarn "as detailed in documentation:"
- ewarn "Use of this module allows for such external programs to be executed, and also"
- ewarn "opens up the server to the mentioned possibilities of compromise or disclosure"
- ewarn "via those programs."
- ewarn "YOU HAVE BEEN WARNED"
- ewarn "USE AT YOUR OWN RISK"
- fi
-}