summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrandon Hale <tseng@gentoo.org>2004-05-04 16:23:05 +0000
committerBrandon Hale <tseng@gentoo.org>2004-05-04 16:23:05 +0000
commit96c20d0de1116a9d4317c8cb9c2810cdc352421a (patch)
tree34af15614d21a9e3c61e0843730b5651ea4f7bd0 /net-ftp/proftpd
parentDeprecating pre-2004.0 (diff)
downloadhistorical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.tar.gz
historical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.tar.bz2
historical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.zip
Add patch to close privelage escalation bug, see bug #49496. Removing affected versions.
Diffstat (limited to 'net-ftp/proftpd')
-rw-r--r--net-ftp/proftpd/ChangeLog9
-rw-r--r--net-ftp/proftpd/Manifest17
-rw-r--r--net-ftp/proftpd/files/digest-proftpd-1.2.9-r11
-rw-r--r--net-ftp/proftpd/files/digest-proftpd-1.2.9-r2 (renamed from net-ftp/proftpd/files/digest-proftpd-1.2.9)0
-rw-r--r--net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch20
-rw-r--r--net-ftp/proftpd/proftpd-1.2.9-r2.ebuild (renamed from net-ftp/proftpd/proftpd-1.2.9-r1.ebuild)5
-rw-r--r--net-ftp/proftpd/proftpd-1.2.9.ebuild127
7 files changed, 39 insertions, 140 deletions
diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog
index 2cf63a27ec97..5d79af56d487 100644
--- a/net-ftp/proftpd/ChangeLog
+++ b/net-ftp/proftpd/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-ftp/proftpd
# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.55 2004/04/27 21:51:21 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.56 2004/05/04 16:23:04 tseng Exp $
+
+*proftpd-1.2.9-r2 (04 May 2004)
+
+ 04 May 2004; Brandon Hale <tseng@gentoo.org> -proftpd-1.2.9-r1.ebuild,
+ +proftpd-1.2.9-r2.ebuild, -proftpd-1.2.9.ebuild:
+ Add patch to close privelage escalation bug, see bug #49496. Removing affected
+ versions.
27 Apr 2004; Aron Griffis <agriffis@gentoo.org> proftpd-1.2.9-r1.ebuild:
Add inherit eutils
diff --git a/net-ftp/proftpd/Manifest b/net-ftp/proftpd/Manifest
index 03d451393908..ba7c303c783a 100644
--- a/net-ftp/proftpd/Manifest
+++ b/net-ftp/proftpd/Manifest
@@ -1,16 +1,15 @@
-MD5 bc516617f8c972f86a42a2bf81e04c21 ChangeLog 8679
-MD5 4cac4135685a0c8d0b20cacafd608c28 proftpd-1.2.9-r1.ebuild 3429
+MD5 d1a58ddb3d9fed89396f672a5d772c1c ChangeLog 8927
+MD5 90dec360681d62748ca722d3eca56e1a proftpd-1.2.9-r2.ebuild 3462
MD5 9fc268673f01fb44ccbeb1ba9b03fe10 proftpd-1.2.8.ebuild 2735
-MD5 8403cc3447fabc18a92eeb5dc891ed26 proftpd-1.2.7.ebuild 3668
MD5 63bd6e87942a25d48bd5365edd8246c0 metadata.xml 268
-MD5 ac1c9c977f6f474e593755940e831dc2 proftpd-1.2.9.ebuild 3322
-MD5 cb6cd6133728449d0da092b1d6147b9d files/digest-proftpd-1.2.8 66
+MD5 8403cc3447fabc18a92eeb5dc891ed26 proftpd-1.2.7.ebuild 3668
+MD5 c1dc1d9278d5b77f53ea44ee848dafc6 files/digest-proftpd-1.2.7 211
+MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9-r2 66
+MD5 50955f0d375360841d50a82b9589e435 files/proftpd-1.2.9-privescal-fix.patch 588
MD5 0cf02f8c82f22e714b8299e7b7907d8f files/mod_sql_postgres.c.patch 275
+MD5 cb6cd6133728449d0da092b1d6147b9d files/digest-proftpd-1.2.8 66
MD5 b338504ed873219e368abab7df6c276d files/proftpd.conf 1704
MD5 09c4b572a757ab1b1b852c5755ac3c67 files/proftpd.rc6 738
MD5 4d676b70c97bc6daabd8c2ba8d52d27a files/proftpd.xinetd 295
-MD5 c1dc1d9278d5b77f53ea44ee848dafc6 files/digest-proftpd-1.2.7 211
-MD5 e558f099037d359da5f855285542246e files/1.2.9_rc3-reversedns.diff 1974
-MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9 66
-MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9-r1 66
MD5 b00999f820f1e46a501ce4fcaeb5fe23 files/proftpd-1.2.9-makefile.patch 434
+MD5 e558f099037d359da5f855285542246e files/1.2.9_rc3-reversedns.diff 1974
diff --git a/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1 b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1
deleted file mode 100644
index dc35e2c279e0..000000000000
--- a/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1
+++ /dev/null
@@ -1 +0,0 @@
-MD5 7c85503b160a36a96594ef75f3180a07 proftpd-1.2.9.tar.bz2 778953
diff --git a/net-ftp/proftpd/files/digest-proftpd-1.2.9 b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r2
index dc35e2c279e0..dc35e2c279e0 100644
--- a/net-ftp/proftpd/files/digest-proftpd-1.2.9
+++ b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r2
diff --git a/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch b/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch
new file mode 100644
index 000000000000..76204e4ad0de
--- /dev/null
+++ b/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch
@@ -0,0 +1,20 @@
+--- proftpd/src/dirtree.c 1 Nov 2003 07:11:07 -0000 1.125
++++ proftpd/src/dirtree.c 4 Nov 2003 21:18:25 -0000
+@@ -1556,10 +1556,14 @@
+
+ if (cidr_mode) {
+ /* NOTE: encapsulation breakage note/IPv6 change needed here. */
+-#if 0
+- if ((cli_addr->s_addr & htonl(cidr_mask)) == cidr_addr.s_addr)
+-#endif
++
++ if (pr_netaddr_get_family(cli_addr) == AF_INET) {
++ struct in_addr *cli_in_addr = pr_netaddr_get_inaddr(cli_addr);
++ if ((cli_in_addr->s_addr & htonl(cidr_mask)) == cidr_addr.s_addr) {
+ return 1;
++ }
++ };
++
+
+ } else {
+ pr_netaddr_t *acl_addr = NULL;
diff --git a/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild b/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild
index be2eaa707bf5..b6e871426b46 100644
--- a/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild
+++ b/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild,v 1.5 2004/04/27 21:51:21 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild,v 1.1 2004/05/04 16:23:04 tseng Exp $
inherit flag-o-matic eutils
@@ -27,7 +27,8 @@ DEPEND="pam? ( >=sys-libs/pam-0.75 )
src_unpack() {
unpack ${A}
cd ${S}
- epatch ${FILESDIR}/proftpd-1.2.9-makefile.patch
+ epatch ${FILESDIR}/${P}-makefile.patch
+ epatch ${FILESDIR}/${P}-privescal-fix.patch
}
src_compile() {
diff --git a/net-ftp/proftpd/proftpd-1.2.9.ebuild b/net-ftp/proftpd/proftpd-1.2.9.ebuild
deleted file mode 100644
index 437ee81b2981..000000000000
--- a/net-ftp/proftpd/proftpd-1.2.9.ebuild
+++ /dev/null
@@ -1,127 +0,0 @@
-# Copyright 1999-2004 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9.ebuild,v 1.11 2004/04/21 02:25:43 eradicator Exp $
-
-inherit flag-o-matic
-
-IUSE="ldap pam postgres mysql ssl tcpd ipv6"
-
-MY_P=${P/_/}
-S=${WORKDIR}/${MY_P}
-
-DESCRIPTION="An advanced and very configurable FTP server"
-SRC_URI="ftp://ftp.proftpd.org/distrib/source/${MY_P}.tar.bz2"
-HOMEPAGE="http://www.proftpd.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="x86 sparc hppa ~alpha ppc ~mips"
-
-DEPEND="pam? ( >=sys-libs/pam-0.75 )
- mysql? ( >=dev-db/mysql-3.23.26 )
- ldap? ( >=net-nds/openldap-1.2.11 )
- postgres? ( >=dev-db/postgresql-7.3 )
- ssl? ( >=dev-libs/openssl-0.9.6f )
- tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )"
-
-src_compile() {
- local modules myconf
-
- modules="mod_ratio:mod_readme"
- use pam && modules="${modules}:mod_auth_pam"
- use tcpd && modules="${modules}:mod_wrap"
-
- if use ldap; then
- einfo ldap
- modules="${modules}:mod_ldap"
- append-ldflags "-lresolv"
- fi
-
- if use ssl; then
- einfo ssl
- # enable mod_tls
- modules="${modules}:mod_tls"
- fi
-
- if use mysql && use postgres
- then
- ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules."
- ewarn "Presently this ebuild defaults to mysql. If you would like to"
- ewarn "change the default behaviour, merge ProFTPD with;"
- ewarn "USE=\"-mysql postgres\" emerge proftpd"
- sleep 5
- fi
-
- if use mysql; then
- modules="${modules}:mod_sql:mod_sql_mysql"
- myconf="--with-includes=/usr/include/mysql"
- elif use postgres; then
- modules="${modules}:mod_sql:mod_sql_postgres"
- myconf="--with-includes=/usr/include/postgresql"
- fi
-
- # New modules for 1.2.9
- # Not sure how these should be enabled yet as no use variables
- # apply currently. Uncomment if you want to use them though.
- # -raker 06/16/2003
- #
- # modules="${modules}:mod_ifsession"
- # modules="${modules}:mod_radius"
- # modules="${modules}:mod_rewrite"
-
- # bug #30359
- has_version sys-devel/hardened-gcc && echo > lib/libcap/cap_sys.c
- has_pic && echo > lib/libcap/cap_sys.c
-
- econf \
- --sbindir=/usr/sbin \
- --localstatedir=/var/run \
- --sysconfdir=/etc/proftpd \
- --enable-shadow \
- --disable-sendfile \
- --enable-autoshadow \
- --with-modules=${modules} \
- ${myconf} $( use_enable ipv6 ) || die "bad ./configure"
-
- emake || die "compile problem"
-}
-
-src_install() {
- # Note rundir needs to be specified to avoid sandbox violation
- # on initial install. See Make.rules
- make DESTDIR=${D} install || die
-
- keepdir /home/ftp
- keepdir /var/run/proftpd
-
- dodoc contrib/README.mod_sql ${FILESDIR}/proftpd.conf \
- COPYING CREDITS ChangeLog NEWS README* \
- doc/{license.txt,GetConf}
- dohtml doc/*.html
- docinto rfc
- dodoc doc/rfc/*.txt
-
- mv ${D}/etc/proftpd/proftpd.conf ${D}/etc/proftpd/proftpd.conf.distrib
-
- insinto /etc/proftpd
- newins ${FILESDIR}/proftpd.conf proftpd.conf.sample
-
- if use pam; then
- insinto /etc/pam.d
- newins ${S}/contrib/dist/rpm/ftp.pamd ftp
- fi
-
- insinto /etc/xinetd.d
- newins ${FILESDIR}/proftpd.xinetd proftpd
-
- exeinto /etc/init.d ; newexe ${FILESDIR}/proftpd.rc6 proftpd
-}
-
-pkg_postinst() {
- groupadd proftpd &>/dev/null
- id proftpd &>/dev/null || \
- useradd -g proftpd -d /home/ftp -s /bin/false proftpd
- einfo
- einfo 'You can find the config files in /etc/proftpd'
- einfo
-}