From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-869130-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 1222F59CA3
	for <garchives@archives.gentoo.org>; Fri, 11 Mar 2016 21:15:10 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 77039E0858;
	Fri, 11 Mar 2016 21:15:06 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id EFF01E0858
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Mar 2016 21:15:05 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 18D9834016B
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Mar 2016 21:15:04 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 112D08E9
	for <gentoo-commits@lists.gentoo.org>; Fri, 11 Mar 2016 21:14:59 +0000 (UTC)
From: "Sergei Trofimovich" <slyfox@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sergei Trofimovich" <slyfox@gentoo.org>
Message-ID: <1457730886.6870b2269b486c6456bc3402fc4e23d4d31ee6c7.slyfox@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-ftp/proftpd/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-ftp/proftpd/Manifest net-ftp/proftpd/proftpd-1.3.5b.ebuild
X-VCS-Directories: net-ftp/proftpd/
X-VCS-Committer: slyfox
X-VCS-Committer-Name: Sergei Trofimovich
X-VCS-Revision: 6870b2269b486c6456bc3402fc4e23d4d31ee6c7
X-VCS-Branch: master
Date: Fri, 11 Mar 2016 21:14:59 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: ba72003e-7d57-4b7e-a9b2-7872a1c89cc7
X-Archives-Hash: ee72e2b07d07c73e45182515bf39c3d3

commit:     6870b2269b486c6456bc3402fc4e23d4d31ee6c7
Author:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
AuthorDate: Fri Mar 11 21:14:46 2016 +0000
Commit:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
CommitDate: Fri Mar 11 21:14:46 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6870b226

net-ftp/proftpd: bump up to 1.3.5b, bug #577046 (CVE-2016-3125)

proftpd Ignored configured Diffie Hellman parameters and uses risky 1024 bit.

Reported-by: Hanno Boeck
Bug: http://bugs.proftpd.org/show_bug.cgi?id=4230
Bug: https://bugs.gentoo.org/577046

Package-Manager: portage-2.2.28

 net-ftp/proftpd/Manifest              |   1 +
 net-ftp/proftpd/proftpd-1.3.5b.ebuild | 238 ++++++++++++++++++++++++++++++++++
 2 files changed, 239 insertions(+)

diff --git a/net-ftp/proftpd/Manifest b/net-ftp/proftpd/Manifest
index eabba73..11fe9ba 100644
--- a/net-ftp/proftpd/Manifest
+++ b/net-ftp/proftpd/Manifest
@@ -2,6 +2,7 @@ DIST mod_clamav-0.11rc.tar.gz 5115 SHA256 87630eb1866066d6320ee711897d8998b8f491
 DIST mod_gss-1.3.3.tar.gz 115098 SHA256 24702cf0333720730cc269eb30529061365b1384fdce274bc3d46ccfc300934e SHA512 61473f3102e2204a27d691907482a3e86108bb423be54ba47a79ef0d2a0313bcdc022529f8e620bd868453bee1b1169fce74cc454d835fdfd4be964e342bdedb WHIRLPOOL 90a15ca919326fa2b2e21fb2928e5ac39b912681bce015f3bff0b0b0c47241f41cc3c78789797ba2d8a61dafc24a9f1d18bf085808350301c228b6ed62721e80
 DIST mod_vroot-0.9.3.tar.gz 28352 SHA256 f16c61ed7fe2d7231e1421f8f1a484f29972e0efe0e8e065ab373c388b0c073c SHA512 08a3e5df26bb4d5875b57af9e97e7e7cf27b2ad6983bfae0fac8a21f4a5be0a487cf0d9d03e9e1c08701eb3f22f2cb51a14c05fe1cba5f4085eb8a31d5142776 WHIRLPOOL be30931f117fc4f0b7de87579b483e41d86ad3ecd2999267a726664b32090cd32e6a7e748d66ddec525ee784ee2974212fd2455af313c13b67ab61625efa29d0
 DIST proftpd-1.3.5a.tar.gz 29988477 SHA256 a1f48df8539c414ec56e0cea63dcf4b8e16e606c05f10156f030a4a67fae5696 SHA512 d64de12c100814c5c8a3916b3c9344f5a68c2b85902ffc8e5bb088d8975b5f13a7b9a29f82085b70dc93f4599c0e0f2645977d20998dda11981e66f534ea692c WHIRLPOOL 19b361b0481d5a2eab7fbe40de7bb8c9cd320a2ac04343d2fe858fdc9a62a747f89a5d4a619808bd252f6cfd9f15353df28405eb9bdc10c7c9f0162ab093bc1e
+DIST proftpd-1.3.5b.tar.gz 29992107 SHA256 afc1789f2478acf88dfdc7d70da90a4fa2786d628218e9574273295d044b4fc8 SHA512 5bdb9718c85c26b92256d7b3791a6a5456bec3826801b7b68f4d493d202ac77179c8378ad06efc1a805efce639db266561d3beb4bc7af61ca1352fb4bdfd4e6a WHIRLPOOL bb1a9fef464d2070c7dc1204cf2a8682e4f2719d682b0b1e541fff11f5c8a4a9a133011a607831fd30548b201531c3534248ed0eb36d0b4708e7b5b75353fc6f
 DIST proftpd-mod-case-0.7.tar.gz 13184 SHA256 c3f65588250fea7771439933fa754927794f664e99b8d20f99b1e400fea62111 SHA512 c08d13ef82fec36ae75aa3213dd02e0ce4045904849f422e152f039a9da66a45e4423751074b8bcf8ce347a40ce0e7bde798a85cbadc962fd872aeaa898261fc WHIRLPOOL 27f49e9f34099c081add803aa679fd9abe7afa652dffe5d8e42889fef49aeaefd499e1009fc564d6c8f882b3c6dc31d4c6dd08cc06a42b770e7ef76a2ebfcf8a
 DIST proftpd-mod-diskuse-0.9.tar.gz 18596 SHA256 424f3fd49237245ec176d27ade0965fe21a0db1d645979d5ae3e55497e3da036 SHA512 d41976bf2810e4b783e775e8c767ca2030c3b5df116219fd31cbbac7feaf9922c315bf4ea092881b0d6cf43f2f4c5dbcae61be3c3a833058d12f962a3024b975 WHIRLPOOL aabd1dc23d6c38d308e859ff778beffd0dabfe70d3530c093cf2f95e80b5e9c94b97b6b5ae5109d031f76ff94dffc3822a7aa60fa30df04523d37ebed99730d6
 DIST proftpd-mod-msg-0.4.1.tar.gz 8082 SHA256 255b79d31dc509ffad5d0fbcd469f833a8481e880aa962910c2bc8aa608ca6da SHA512 38ea63b1d355e1e10a6a4477596bf3fa28529a871c9fb8dbf093b5317f0743ef9cb59b986d0b8c1c7ed932dad5d5d571883d596fad2d3b793431824db4487012 WHIRLPOOL ff907e26a354f53231fed94515eb60050dec77118be6f49147e0eb8b79e50c9d73354618bca19d98d32a3fb79d7ba87507cc6c8b269f259c5fcf23d44ad3a906

diff --git a/net-ftp/proftpd/proftpd-1.3.5b.ebuild b/net-ftp/proftpd/proftpd-1.3.5b.ebuild
new file mode 100644
index 0000000..313faba
--- /dev/null
+++ b/net-ftp/proftpd/proftpd-1.3.5b.ebuild
@@ -0,0 +1,238 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit eutils multilib systemd
+
+MOD_CASE="0.7"
+MOD_CLAMAV="0.11rc"
+MOD_DISKUSE="0.9"
+MOD_GSS="1.3.3"
+MOD_MSG="0.4.1"
+MOD_VROOT="0.9.3"
+
+DESCRIPTION="An advanced and very configurable FTP server"
+HOMEPAGE="http://www.proftpd.org/
+	http://www.castaglia.org/proftpd/
+	http://www.thrallingpenguin.com/resources/mod_clamav.htm
+	http://gssmod.sourceforge.net/"
+SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.gz
+	case? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-case-${MOD_CASE}.tar.gz )
+	clamav? ( https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-${MOD_CLAMAV}.tar.gz )
+	diskuse? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-diskuse-${MOD_DISKUSE}.tar.gz )
+	kerberos? ( mirror://sourceforge/gssmod/mod_gss-${MOD_GSS}.tar.gz )
+	msg? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-msg-${MOD_MSG}.tar.gz )
+	vroot? ( https://github.com/Castaglia/${PN}-mod_vroot/archive/mod_vroot-${MOD_VROOT}.tar.gz )"
+LICENSE="GPL-2"
+
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="acl authfile ban +caps case clamav copy ctrls deflate diskuse doc dso dynmasq exec ifsession ifversion ident ipv6
+	kerberos ldap libressl linguas_bg_BG linguas_en_US linguas_fr_FR linguas_it_IT linguas_ja_JP linguas_ko_KR
+	linguas_ru_RU linguas_zh_CN linguas_zh_TW log_forensic memcache msg mysql ncurses nls pam +pcre postgres qos radius
+	ratio readme rewrite selinux sftp shaper sitemisc snmp softquota sqlite ssl tcpd test trace unique_id vroot xinetd"
+# TODO: geoip
+REQUIRED_USE="ban? ( ctrls )
+	msg? ( ctrls )
+	sftp? ( ssl )
+	shaper? ( ctrls )"
+
+CDEPEND="acl? ( virtual/acl )
+	caps? ( sys-libs/libcap )
+	clamav? ( app-antivirus/clamav )
+	kerberos? ( virtual/krb5 )
+	ldap? ( net-nds/openldap )
+	memcache? ( >=dev-libs/libmemcached-0.41 )
+	mysql? ( virtual/mysql )
+	nls? ( virtual/libiconv )
+	ncurses? ( sys-libs/ncurses:0= )
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	pam? ( virtual/pam )
+	pcre? ( dev-libs/libpcre )
+	postgres? ( dev-db/postgresql:= )
+	sqlite? ( dev-db/sqlite:3 )
+	xinetd? ( virtual/inetd )"
+DEPEND="${CDEPEND}
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	net-ftp/ftpbase
+	selinux? ( sec-policy/selinux-ftp )"
+
+S="${WORKDIR}/${P/_/}"
+
+__prepare_module() {
+	local mod_name=$1
+	local mod_topdir=${WORKDIR}/${2:-${mod_name}}
+
+	mv "${mod_topdir}/${mod_name}.c" contrib || die
+	mv "${mod_topdir}/${mod_name}.html" doc/contrib || die
+	rm -r "${mod_topdir}" || die
+}
+
+src_prepare() {
+	# Skip 'install-conf' / Support LINGUAS
+	sed -i -e "/install-all/s/ install-conf//" Makefile.in
+	sed -i -e "s/^LANGS=.*$/LANGS=${LINGUAS}/" locale/Makefile.in
+
+	# Prepare external modules
+	use case && __prepare_module mod_case
+	if use clamav ; then
+		mv "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/mod_clamav.{c,h} contrib
+		epatch "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/${PN}.patch
+		rm -r "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}
+	fi
+	use msg && __prepare_module mod_msg
+	use vroot && __prepare_module mod_vroot ${PN}-mod_vroot-mod_vroot-${MOD_VROOT}
+
+	# Prepare external kerberos module
+	if use kerberos ; then
+		cd "${WORKDIR}"/mod_gss-${MOD_GSS}
+
+		# Support app-crypt/heimdal / Gentoo Bug #284853
+		sed -i -e "s/krb5_principal2principalname/_\0/" mod_auth_gss.c.in
+
+		# Remove obsolete DES / Gentoo Bug #324903
+		# Replace 'rpm' lookups / Gentoo Bug #391021
+		sed -i -e "/ac_gss_libs/s/ -ldes425//" \
+			-e "s/ac_libdir=\`rpm -q -l.*$/ac_libdir=\/usr\/$(get_libdir)\//" \
+			-e "s/ac_includedir=\`rpm -q -l.*$/ac_includedir=\/usr\/include\//" configure{,.in}
+	fi
+}
+
+src_configure() {
+	local c m
+
+	use acl && m="${m}:mod_facl"
+	use ban && m="${m}:mod_ban"
+	use case && m="${m}:mod_case"
+	use clamav && m="${m}:mod_clamav"
+	use copy && m="${m}:mod_copy"
+	use ctrls && m="${m}:mod_ctrls_admin"
+	use deflate && m="${m}:mod_deflate"
+	if use diskuse ; then
+		cd "${WORKDIR}"/mod_diskuse
+		econf
+		mv mod_diskuse.{c,h} "${S}"/contrib
+		mv mod_diskuse.html "${S}"/doc/contrib
+		cd "${S}"
+		rm -r "${WORKDIR}"/mod_diskuse
+		m="${m}:mod_diskuse"
+	fi
+	use dynmasq && m="${m}:mod_dynmasq"
+	use exec && m="${m}:mod_exec"
+	use ifsession && m="${m}:mod_ifsession"
+	use ifversion && m="${m}:mod_ifversion"
+	if use kerberos ; then
+		cd "${WORKDIR}"/mod_gss-${MOD_GSS}
+		if has_version app-crypt/mit-krb5 ; then
+			econf --enable-mit
+		else
+			econf --enable-heimdal
+		fi
+		mv mod_{auth_gss,gss}.c "${S}"/contrib
+		mv mod_gss.h "${S}"/include
+		mv README.mod_{auth_gss,gss} "${S}"
+		mv mod_gss.html "${S}"/doc/contrib
+		mv rfc{1509,2228}.txt "${S}"/doc/rfc
+		cd "${S}"
+		rm -r "${WORKDIR}"/mod_gss-${MOD_GSS}
+		m="${m}:mod_gss:mod_auth_gss"
+	fi
+	use ldap && m="${m}:mod_ldap"
+	use log_forensic && m="${m}:mod_log_forensic"
+	use msg && m="${m}:mod_msg"
+	if use mysql || use postgres || use sqlite ; then
+		m="${m}:mod_sql:mod_sql_passwd"
+		use mysql && m="${m}:mod_sql_mysql"
+		use postgres && m="${m}:mod_sql_postgres"
+		use sqlite && m="${m}:mod_sql_sqlite"
+	fi
+	use qos && m="${m}:mod_qos"
+	use radius && m="${m}:mod_radius"
+	use ratio && m="${m}:mod_ratio"
+	use readme && m="${m}:mod_readme"
+	use rewrite && m="${m}:mod_rewrite"
+	if use sftp ; then
+		m="${m}:mod_sftp"
+		use pam && m="${m}:mod_sftp_pam"
+		use mysql || use postgres || use sqlite && m="${m}:mod_sftp_sql"
+	fi
+	use shaper && m="${m}:mod_shaper"
+	use sitemisc && m="${m}:mod_site_misc"
+	use snmp && m="${m}:mod_snmp"
+	if use softquota ; then
+		m="${m}:mod_quotatab:mod_quotatab_file"
+		use ldap && m="${m}:mod_quotatab_ldap"
+		use radius && m="${m}:mod_quotatab_radius"
+		use mysql || use postgres || use sqlite && m="${m}:mod_quotatab_sql"
+	fi
+	if use ssl ; then
+		m="${m}:mod_tls:mod_tls_shmcache"
+		use memcache && m="${m}:mod_tls_memcache"
+	fi
+	if use tcpd ; then
+		m="${m}:mod_wrap2:mod_wrap2_file"
+		use mysql || use postgres || use sqlite && m="${m}:mod_wrap2_sql"
+	fi
+	use unique_id && m="${m}:mod_unique_id"
+	use vroot && m="${m}:mod_vroot"
+
+	if [[ -n ${PROFTP_CUSTOM_MODULES} ]]; then
+		einfo "Adding user-specified extra modules: '${PROFTP_CUSTOM_MODULES}'"
+		m="${m}:${PROFTP_CUSTOM_MODULES}"
+	fi
+
+	[[ -z ${m} ]] || c="${c} --with-modules=${m:1}"
+	econf --localstatedir=/var/run/proftpd --sysconfdir=/etc/proftpd --disable-strip \
+		$(use_enable acl facl) \
+		$(use_enable authfile auth-file) \
+		$(use_enable caps cap) \
+		$(use_enable ctrls) \
+		$(use_enable dso) \
+		$(use_enable ident) \
+		$(use_enable ipv6) \
+		$(use_enable memcache) \
+		$(use_enable ncurses) \
+		$(use_enable nls) \
+		$(use_enable ssl openssl) \
+		$(use_enable pam auth-pam) \
+		$(use_enable pcre) \
+		$(use_enable test tests) \
+		$(use_enable trace) \
+		$(use_enable userland_GNU shadow) \
+		$(use_enable userland_GNU autoshadow) \
+		${c:1}
+}
+
+src_test() {
+	emake api-tests -C tests
+}
+
+src_install() {
+	default
+	[[ -z ${LINGUAS} ]] && rm -r "${ED}"/usr/share/locale
+	rm -rf "${ED}"/var/run
+
+	newinitd "${FILESDIR}"/proftpd.initd proftpd
+	insinto /etc/proftpd
+	doins "${FILESDIR}"/proftpd.conf.sample
+
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}"/proftpd.xinetd proftpd
+	fi
+
+	dodoc ChangeLog CREDITS INSTALL NEWS README* RELEASE_NOTES
+	if use doc ; then
+		dohtml doc/*.html doc/contrib/*.html doc/howto/*.html doc/modules/*.html
+		docinto rfc
+		dodoc doc/rfc/*.txt
+	fi
+
+	systemd_dounit       "${FILESDIR}"/${PN}.service
+	systemd_newtmpfilesd "${FILESDIR}"/${PN}-tmpfiles.d.conf ${PN}.conf
+}