diff options
author | Michael Hanselmann <hansmi@gentoo.org> | 2005-08-28 12:40:56 +0000 |
---|---|---|
committer | Michael Hanselmann <hansmi@gentoo.org> | 2005-08-28 12:40:56 +0000 |
commit | 6e1e9a898f386df17c05a103e199ffbc3d7d3731 (patch) | |
tree | ab8c0e40c454ac23ffd85c33ac676fcc5ab1eab6 | |
parent | Stable on hppa. (diff) | |
download | historical-6e1e9a898f386df17c05a103e199ffbc3d7d3731.tar.gz historical-6e1e9a898f386df17c05a103e199ffbc3d7d3731.tar.bz2 historical-6e1e9a898f386df17c05a103e199ffbc3d7d3731.zip |
Added patch from bug 98726. Changed herd to qmail, added description to metadata
Package-Manager: portage-2.0.51.22-r2
-rw-r--r-- | sys-apps/ucspi-tcp/ChangeLog | 9 | ||||
-rw-r--r-- | sys-apps/ucspi-tcp/Manifest | 28 | ||||
-rw-r--r-- | sys-apps/ucspi-tcp/files/0.88-limits.patch | 365 | ||||
-rw-r--r-- | sys-apps/ucspi-tcp/files/digest-ucspi-tcp-0.88-r11 | 5 | ||||
-rw-r--r-- | sys-apps/ucspi-tcp/metadata.xml | 10 | ||||
-rw-r--r-- | sys-apps/ucspi-tcp/ucspi-tcp-0.88-r11.ebuild | 79 |
6 files changed, 476 insertions, 20 deletions
diff --git a/sys-apps/ucspi-tcp/ChangeLog b/sys-apps/ucspi-tcp/ChangeLog index 7e69011d5a96..3043fa718560 100644 --- a/sys-apps/ucspi-tcp/ChangeLog +++ b/sys-apps/ucspi-tcp/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/ucspi-tcp # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/ucspi-tcp/ChangeLog,v 1.33 2005/02/14 12:49:19 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/ucspi-tcp/ChangeLog,v 1.34 2005/08/28 12:40:56 hansmi Exp $ + +*ucspi-tcp-0.88-r11 (28 Aug 2005) + + 28 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> + +files/0.88-limits.patch, metadata.xml, +ucspi-tcp-0.88-r11.ebuild: + Added patch from bug 98726. Changed herd to qmail, added description to + metadata. 14 Feb 2005; Robin H. Johnson <robbat2@gentoo.org> +files/0.88-rblsmtpd-ignore-on-RELAYCLIENT.patch: diff --git a/sys-apps/ucspi-tcp/Manifest b/sys-apps/ucspi-tcp/Manifest index 2497238fed3a..02dbd601f267 100644 --- a/sys-apps/ucspi-tcp/Manifest +++ b/sys-apps/ucspi-tcp/Manifest @@ -1,24 +1,16 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - +MD5 66ed278686866a3187b68d81fe47fa24 metadata.xml 592 +MD5 9d637c1a379235830aec1c3c7e1a40b7 ChangeLog 5278 +MD5 23303b1e53f4d80fd4a5a2ad649ce593 ucspi-tcp-0.88-r11.ebuild 2427 MD5 76034b124658a585b29a772acbf2b798 ucspi-tcp-0.88-r9.ebuild 2246 -MD5 fe1236e5d8b3b8a53a55cf7db78cd384 ChangeLog 5033 -MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 MD5 38badb1189a3476d5066e21ab764aef1 ucspi-tcp-0.88-r10.ebuild 2341 MD5 f28315c57485584788c9824481bc7603 ucspi-tcp-0.88-r8.ebuild 2148 -MD5 eeca4c38b2ce87ccb59e44f241b3c736 files/digest-ucspi-tcp-0.88-r10 350 -MD5 b36e99b422384451ac68b3a9b31b7ed6 files/0.88-head-1.patch 1403 -MD5 9eab9910e2978160e33f6c4e9b227efa files/digest-ucspi-tcp-0.88-r8 350 MD5 9eab9910e2978160e33f6c4e9b227efa files/digest-ucspi-tcp-0.88-r9 350 -MD5 72b6cd8b1b829a6a6939255fdc0b76a3 files/0.88-rblsmtpd-ignore-on-RELAYCLIENT.patch 462 -MD5 fb41d7c55db5124d7488a923e4223576 files/0.88-bigendian.patch 478 MD5 64eb2b26c9c0e5d6b4042fd36b74dbb8 files/tcprules-Makefile 168 +MD5 b36e99b422384451ac68b3a9b31b7ed6 files/0.88-head-1.patch 1403 +MD5 fb41d7c55db5124d7488a923e4223576 files/0.88-bigendian.patch 478 MD5 0479a09fdd4ce855d35e36563cab4743 files/0.88-errno.patch 239 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.6 (GNU/Linux) -Comment: Robbat2 @ Orbis-Terrarum Networks - -iD8DBQFCEJ5bPpIsIjIzwiwRAlO4AKDoBIX1wNWHrroW/6n7/s5qcfRhPgCgw4XA -k+0kQBsbZ5mJZI4zQaouciM= -=a2x+ ------END PGP SIGNATURE----- +MD5 eeca4c38b2ce87ccb59e44f241b3c736 files/digest-ucspi-tcp-0.88-r11 350 +MD5 9eab9910e2978160e33f6c4e9b227efa files/digest-ucspi-tcp-0.88-r8 350 +MD5 a52d1d668b5486fde8f138eaab047e70 files/0.88-limits.patch 12356 +MD5 eeca4c38b2ce87ccb59e44f241b3c736 files/digest-ucspi-tcp-0.88-r10 350 +MD5 72b6cd8b1b829a6a6939255fdc0b76a3 files/0.88-rblsmtpd-ignore-on-RELAYCLIENT.patch 462 diff --git a/sys-apps/ucspi-tcp/files/0.88-limits.patch b/sys-apps/ucspi-tcp/files/0.88-limits.patch new file mode 100644 index 000000000000..6ec88694bf0c --- /dev/null +++ b/sys-apps/ucspi-tcp/files/0.88-limits.patch @@ -0,0 +1,365 @@ +diff -purN ucspi-tcp-0.88.org/README.tcpserver-limits-patch ucspi-tcp-0.88.my/README.tcpserver-limits-patch +--- ucspi-tcp-0.88.org/README.tcpserver-limits-patch 1970-01-01 01:00:00.000000000 +0100 ++++ ucspi-tcp-0.88.my/README.tcpserver-limits-patch 2005-01-30 18:26:14.000000000 +0100 +@@ -0,0 +1,135 @@ ++20050130 reinstated /proc/loadavg support for those compiling on Linux ++with dietlibc (see #define NO_GETLOADAVG at top of tcpserver.c). ++Also, we now compile on 64bit platforms (we avoid including unistd.h if ++using getloadavg(3), so we don't conflict with readwrite.h header file) ++Needed if your compile was breaking with: ++readwrite.h:4: error: syntax error before "read" ++readwrite.h:4: warning: data definition has no type or storage class ++SUMMARY: If 20040725 worked for you, there is no reason to upgrade ++(no new features of bugfixes) ++ ++20040725 adds a sleep(1) before terminating (to prevent too high load from ++many rapid fork()/exit() calls. It also changes the method for checking ++system load to getloadavg(3) instead of parsing /proc/loadavg, therefore ++making it working on *BSD and other non-Linux systems in addition to Linux. ++It also adds DIEMSG="xxx" support. ++ ++20040327 fixes a bug in 20040124 related to MAXLOAD (it would not work ++correctly when load was higher than 10.00) ++ ++ ++This patch (20040725) makes tcpserver from DJB's ucspi-tcp-0.88 package (see ++http://cr.yp.to/ucspi-tcp.html) to modify its behavior if some environment ++variables are present. ++ ++The variables can be preset before starting tcpserver (thus acting as ++default for all connections), or, if you use 'tcpserver -x xxx.cdb', they ++can be set (or overridden) from xxx.cdb. If none of the variables are set, ++tcpserver behaves same as non patched version (except for negligible ++performance loss). Any or all variables can be set, as soon as first limit ++is reached the connection is dropped. I'd recommend using .cdb files ++exclusively though, as you can then modify configuration without killing ++tcpserver. ++ ++The variables are: ++ ++(1) MAXLOAD ++ maximum 1-minute load average * 100. For example, if you have line ++ :allow,MAXLOAD="350" ++ in your rules file from which you created .cdb, the connection will be ++ accepted only if load average is below 3.50 ++ For this variable to have effect, you have to have working getloadavg(3) ++ (most modern UN*Xoids have, including Linux and FreeBSD) ++ Otherwise, you have to uncomment #define NO_GETLOADAVG in tcpserver.c ++ and have readable '/proc/loadavg' with linux-2.4.x/2.6.x syntax (see ++ the source -- this is needed if you're compiling with dietlibc ++ or such) ++ ++(2) MAXCONNIP ++ maximum connections from one IP address. tcpserver's -c flag defines ++ maximum number of allowed connections, but it can be abused if ++ just one host goes wild and eats all the connections - no other host ++ would be able to connect then. If you created your .cdb with: ++ :allow,MAXCONNIP="5" ++ and run tcpserver -c 50, then each IP address would be able to have at ++ most 5 concurrent connections, while there still could connect 50 ++ clients total ++ ++(3) MAXCONNC ++ ++ maximum connections from whole C-class (256 addresses). Extension of ++ MAXCONNIP, as sometimes the problematic client has a whole farm of ++ client machines with different IP addresses instead of just one IP ++ address, and they all try to connect. It might have been more useful to ++ be able to specify CIDR block than C-class, but I've decided to KISS. ++ ++ for example tcpserver -c 200, and .cdb with: ++ :allow,MAXCONNC="15" ++ will allow at most 15 host from any x.y.z.0/24 address block, while ++ still allowing up to 200 total connections. ++ ++(4) DIEMSG ++ ++ if set and one of the above limits is exceeded, this is the message ++ to be sent to client (CRLF is always added to the text) before terminating ++ connection. If unset, the connection simply terminates (after 1 sec delay) ++ if limit is exceeded. ++ ++ For example: ++ DIEMSG="421 example.com Service temporarily not available, closing ++ transmission channel" ++ ++Notes: ++ ++- if a connection is dropped due to some of those variables set, it will be ++ flagged (if you run tcpserver -v) with "LOAD:", "MAXCONNIP:" or ++ "MAXCONNC:" at the end of the "tcpserver: deny" line. If that bothers you ++ (eg. you have a strict log parsers), don't apply that chunk of the patch. ++ ++- the idea for this patch came from my previous experience with xinetd, and ++ need to limit incoming bursts of virus/spam SMTP connections, since I was ++ running qmail-scanner to scan incoming and outgoing messages for viruses ++ and spam. ++ ++When you make changes, please check that they work as expected. ++ ++Examples (for tcprules created .cdb) ++(a) 192.168.:allow,MAXLOAD="1000" ++ :allow,MAXCONNIP="3" ++ ++ this would allow any connection from your local LAN (192.168.*.* ++ addresses) if system load is less than 10.00. non-LAN connections would ++ be accepted only if clients from that IP address have not already opened ++ more than 2 connections (as your connection would be last allowed -- 3rd) ++ ++(b) 192.168.:allow ++ 5.6.7.8:allow,MAXCONNIP="3" ++ 1.2.:allow,MAXLOAD="500",MAXCONNIP="1",MAXCONNC="5" ++ :allow,MAXLOAD="1000",MAXCONNIP="3",DIEMSG="421 example.com unavailable" ++ ++ if client connects from 192.168.*.* (ex: your LAN), it is allowed. ++ if it connects from 5.6.7.8 (ex: little abusive customer of yours), ++ it is allowed unless there are already 3active connections from 5.6.7.8 ++ to this service ++ if it connects from 1.2.*.* (ex: some problematic networks which caused ++ you grief in the past) it will connect only if load is less than 5.0, ++ there is less than 5 active connections from whole C class ++ (1.2.*.0/24), and if that specific IP address does not already have ++ connection open. ++ in all other cases, the client will be permitted to connect if load is ++ less than 10.00 and client has 2 or less connections open. If load is ++ higher than 10.00 or there are 3 or more connections open from this ++ client, the message "421 example.com unavailable" will be returned to ++ the client and connection terminated. ++ ++ ++Any bugs introduced are my own, do not bother DJB with them. ++If you find any, or have neat ideas, or better documentation, or whatever, ++contact me. ++ ++the latest version of the patch can be found at: ++http://linux.voyager.hr/ucspi-tcp/ ++ ++Enjoy, ++Matija Nalis, ++mnalis-tcpserver _at_ voyager.hr +diff -N -ru ucspi-tcp-0.88.orig/tcpserver.c ucspi-tcp-0.88/tcpserver.c +--- ucspi-tcp-0.88.orig/tcpserver.c 2005-08-28 14:34:30.000000000 +0200 ++++ ucspi-tcp-0.88/tcpserver.c 2005-08-28 14:35:00.000000000 +0200 +@@ -1,3 +1,12 @@ ++#ifdef __dietlibc__ ++#define NO_GETLOADAVG ++#endif ++ ++#include <stdlib.h> ++#ifdef NO_GETLOADAVG ++#include <unistd.h> ++#endif ++ + #include <sys/types.h> + #include <sys/param.h> + #include <netdb.h> +@@ -64,6 +73,13 @@ + buffer b; + + ++typedef struct ++{ ++ char ip[4]; ++ pid_t pid; ++} baby; ++ ++baby *child; + + /* ---------------------------- child */ + +@@ -72,6 +88,10 @@ + int flagdeny = 0; + int flagallownorules = 0; + char *fnrules = 0; ++unsigned long maxload = 0; ++unsigned long maxconnip = 0; ++unsigned long maxconnc = 0; ++char *diemsg = ""; + + void drop_nomem(void) + { +@@ -110,6 +130,8 @@ + strerr_die4sys(111,DROP,"unable to read ",fnrules,": "); + } + ++unsigned long limit = 40; ++ + void found(char *data,unsigned int datalen) + { + unsigned int next0; +@@ -125,6 +147,10 @@ + if (data[1 + split] == '=') { + data[1 + split] = 0; + env(data + 1,data + 1 + split + 1); ++ if (str_diff(data+1, "MAXLOAD") == 0) scan_ulong(data+1+split+1,&maxload); ++ if (str_diff(data+1, "MAXCONNIP") == 0) scan_ulong(data+1+split+1,&maxconnip); ++ if (str_diff(data+1, "MAXCONNC") == 0) scan_ulong(data+1+split+1,&maxconnc); ++ if (str_diff(data+1, "DIEMSG") == 0) diemsg = data+1+split+1; + } + break; + } +@@ -210,6 +236,53 @@ + close(fdrules); + } + } ++ ++ unsigned long curload; ++ ++ if (maxload) { ++#ifdef NO_GETLOADAVG ++ int lret; ++ int i; ++ unsigned long u1, u2; ++ char *s; ++ static stralloc loadavg_data = {0}; ++ ++ lret = openreadclose("/proc/loadavg", &loadavg_data, 10); ++ if (lret != -1) { ++ /* /proc/loadavg format is: ++ 13.08 3.04 1.00 34/170 14190 */ ++ s = loadavg_data.s; ++ i = scan_ulong (s, &u1); s+=i; ++ if ((i>0) && (i<5) && (*s == '.')) { /* load should be < 10000 */ ++ i = scan_ulong (s+1,&u2); ++ if (i==2) { /* we require two decimal places */ ++ curload = u1 * 100 + u2; ++ if (curload > maxload) flagdeny = 2; ++ } ++ } ++ } ++#else ++ double result; ++ if (getloadavg(&result, 1) == 1) { ++ curload = result * 100; ++ if (curload > maxload) flagdeny = 2; ++ } ++#endif ++ } ++ ++ if (!flagdeny && (maxconnip || maxconnc)) { ++ unsigned long u, c1=0, cc=0; ++ for (u=0; u < limit; u++) if (child[u].pid != 0) { ++ if ((child[u].ip[0] == remoteip[0]) && ++ (child[u].ip[1] == remoteip[1]) && ++ (child[u].ip[2] == remoteip[2]) ) { ++ cc++; ++ if (child[u].ip[3] == remoteip[3]) c1++; ++ } ++ } ++ if (maxconnc && (cc >= maxconnc)) flagdeny = 4; ++ if (maxconnip && (c1 >= maxconnip)) flagdeny = 3; ++ } + + if (verbosity >= 2) { + strnum[fmt_ulong(strnum,getpid())] = 0; +@@ -223,11 +296,35 @@ + cats(":"); safecats(remoteipstr); + cats(":"); if (flagremoteinfo) safecats(tcpremoteinfo.s); + cats(":"); safecats(remoteportstr); ++ if (flagdeny == 2) { ++ char curloadstr[FMT_ULONG]; ++ curloadstr[fmt_ulong(curloadstr,curload)] = 0; ++ cats(" "); safecats ("LOAD"); cats(":"); safecats(curloadstr); ++ } ++ if (flagdeny == 3) { ++ char maxconstr[FMT_ULONG]; ++ maxconstr[fmt_ulong(maxconstr,maxconnip)] = 0; ++ cats(" "); safecats ("MAXCONNIP"); cats(":"); safecats(maxconstr); ++ } ++ if (flagdeny == 4) { ++ char maxconstr[FMT_ULONG]; ++ maxconstr[fmt_ulong(maxconstr,maxconnc)] = 0; ++ cats(" "); safecats ("MAXCONNC"); cats(":"); safecats(maxconstr); ++ } + cats("\n"); + buffer_putflush(buffer_2,tmp.s,tmp.len); + } + +- if (flagdeny) _exit(100); ++ if (flagdeny) { ++ if (*diemsg) { ++ buffer_init(&b,write,t,bspace,sizeof bspace); ++ buffer_puts(&b,diemsg); ++ if (buffer_putsflush(&b,"\r\n") == -1) ++ strerr_die2sys(111,DROP,"unable to print diemsg: "); ++ } ++ sleep(1); ++ _exit(100); ++ } + } + + +@@ -253,7 +350,6 @@ + _exit(100); + } + +-unsigned long limit = 40; + unsigned long numchildren = 0; + + int flag1 = 0; +@@ -278,6 +374,7 @@ + { + int wstat; + int pid; ++ unsigned long u; + + while ((pid = wait_nohang(&wstat)) > 0) { + if (verbosity >= 2) { +@@ -286,11 +383,14 @@ + strerr_warn4("tcpserver: end ",strnum," status ",strnum2,0); + } + if (numchildren) --numchildren; printstatus(); ++ for (u=0; u < limit; u++) if (child[u].pid == pid) { child[u].pid = 0; break; } ++ if (u == limit) strerr_die1x(111,"tcpserver: ERROR: dead child not found?!"); /* never happens */ + } + } + + main(int argc,char **argv) + { ++ pid_t pid; + char *hostname; + char *portname; + int opt; +@@ -332,6 +432,11 @@ + argc -= optind; + argv += optind; + ++ x = env_get("MAXLOAD"); if (x) scan_ulong(x,&maxload); ++ x = env_get("MAXCONNIP"); if (x) scan_ulong(x,&maxconnip); ++ x = env_get("MAXCONNC"); if (x) scan_ulong(x,&maxconnc); ++ x = env_get("DIEMSG"); if (x) diemsg = x; ++ + if (!verbosity) + buffer_2->fd = -1; + +@@ -352,6 +457,10 @@ + } + + if (!*argv) usage(); ++ ++ child = calloc(sizeof(baby),limit); ++ if (!child) ++ strerr_die2x(111,FATAL,"out of memory for MAXCONNIP tracking"); + + sig_block(sig_child); + sig_catch(sig_child,sigchld); +@@ -405,7 +514,7 @@ + if (t == -1) continue; + ++numchildren; printstatus(); + +- switch(fork()) { ++ switch(pid=fork()) { + case 0: + close(s); + doit(t); +@@ -420,6 +529,10 @@ + case -1: + strerr_warn2(DROP,"unable to fork: ",&strerr_sys); + --numchildren; printstatus(); ++ break; ++ default: ++ for (u=0; u < limit; u++) if (child[u].pid == 0) { byte_copy(child[u].ip,4,remoteip); child[u].pid = pid; break; } ++ if (u == limit) strerr_die1x(111,"tcpserver: ERROR: no empty space for new child?!"); /* never happens */ + } + close(t); + } diff --git a/sys-apps/ucspi-tcp/files/digest-ucspi-tcp-0.88-r11 b/sys-apps/ucspi-tcp/files/digest-ucspi-tcp-0.88-r11 new file mode 100644 index 000000000000..807f2623b597 --- /dev/null +++ b/sys-apps/ucspi-tcp/files/digest-ucspi-tcp-0.88-r11 @@ -0,0 +1,5 @@ +MD5 39b619147db54687c4a583a7a94c9163 ucspi-tcp-0.88.tar.gz 53019 +MD5 67de66745001ddb48563a1d4e92262c2 ucspi-tcp-0.88-ipv6.diff14.bz2 21917 +MD5 554ec0eb60f619667efde3fb5325310d ucspi-rss.diff 1828 +MD5 10d5074c18d00e5c62c76ce69d7c975b ucspi-tcp-ssl-20020705.patch.gz 3084 +MD5 2dfc47b1a142e1021a49c678dfbb7a03 ucspi-tcp-0.88-ipv6-ssl-nm1.patch.bz2 3212 diff --git a/sys-apps/ucspi-tcp/metadata.xml b/sys-apps/ucspi-tcp/metadata.xml index 96a2d586367d..692f0c880548 100644 --- a/sys-apps/ucspi-tcp/metadata.xml +++ b/sys-apps/ucspi-tcp/metadata.xml @@ -1,5 +1,13 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> -<herd>base-system</herd> + <herd>qmail</herd> + <longdescription> + ucspi-tcp is a replacement for inetd. It consists of tcpserver and + tcpclient. tcpserver can listen on sockets and start programs in an + inetd like fashion except that information like the IP address and + remote port are communicated via environment variables. tcpclient makes + a TCP connection and runs a program of your choice. It sets up the same + environment variables as tcpserver. + </longdescription> </pkgmetadata> diff --git a/sys-apps/ucspi-tcp/ucspi-tcp-0.88-r11.ebuild b/sys-apps/ucspi-tcp/ucspi-tcp-0.88-r11.ebuild new file mode 100644 index 000000000000..9306e0f17825 --- /dev/null +++ b/sys-apps/ucspi-tcp/ucspi-tcp-0.88-r11.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/ucspi-tcp/ucspi-tcp-0.88-r11.ebuild,v 1.1 2005/08/28 12:40:56 hansmi Exp $ + +inherit eutils toolchain-funcs + +DESCRIPTION="Collection of tools for managing UNIX services" +HOMEPAGE="http://cr.yp.to/ucspi-tcp.html" +SRC_URI="http://cr.yp.to/${PN}/${P}.tar.gz + ipv6? ( http://www.fefe.de/ucspi/ucspi-tcp-0.88-ipv6.diff14.bz2 ) + mirror://qmail/ucspi-rss.diff + ssl? ( + !ipv6? ( http://www.nrg4u.com/qmail/ucspi-tcp-ssl-20020705.patch.gz ) + ipv6? ( http://www.netmonks.ca/gentoo/patches/ucspi-tcp-0.88-ipv6-ssl-nm1.patch.bz2 ) + )" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc-macos ~ppc64 ~s390 ~sparc ~x86" +IUSE="ssl ipv6 selinux doc" + +DEPEND="virtual/libc + ssl? ( >=dev-libs/openssl-0.9.6g )" +RDEPEND="${DEPEND} + doc? ( app-doc/ucspi-tcp-man ) + selinux? ( sec-policy/selinux-ucspi-tcp )" +PROVIDE="virtual/inetd" + +src_unpack() { + unpack ${A} + cd ${S} + + if use ipv6; then + epatch ${WORKDIR}/ucspi-tcp-0.88-ipv6.diff14 + # Fixes bug 18892 + epatch ${FILESDIR}/${PV}-bigendian.patch + fi + if use ssl; then + # this is a merged thingy. Thanks to Stephen Olesen <slepp.netmonks.ca> + # (bug #32007) + if use ipv6 ; then + epatch ${WORKDIR}/ucspi-tcp-0.88-ipv6-ssl-nm1.patch + else + epatch ${WORKDIR}/ucspi-tcp-ssl-20020705.patch + fi + fi + epatch ${FILESDIR}/${PV}-errno.patch + epatch ${DISTDIR}/ucspi-rss.diff + epatch ${FILESDIR}/${PV}-head-1.patch + epatch ${FILESDIR}/${PV}-rblsmtpd-ignore-on-RELAYCLIENT.patch + epatch ${FILESDIR}/${PV}-limits.patch + + tc-export CC + echo "${CC} ${CFLAGS}" > conf-cc + echo "${CC} ${LDFLAGS}" > conf-ld + echo "/usr/" > conf-home + + # allow larger responses + sed -i 's|if (text.len > 200) text.len = 200;|if (text.len > 500) text.len = 500;|g' ${S}/rblsmtpd.c +} + +src_compile() { + emake || die +} + +src_install() { + dobin tcpserver tcprules tcprulescheck argv0 recordio tcpclient *\@ tcpcat mconnect mconnect-io addcr delcr fixcrio rblsmtpd || die + doman *.[15] + dodoc CHANGES FILES README SYSDEPS TARGETS TODO VERSION + dodoc README.tcpserver-limits-patch + insinto /etc/tcprules.d/ + newins ${FILESDIR}/tcprules-Makefile Makefile +} + +pkg_postinst() { + einfo "We have started a move to get all tcprules files into" + einfo "/etc/tcprules.d/, where we have provided a Makefile to" + einfo "easily update the CDB file." +} |