From: Luca Longinotti <chtekk@gentoo.org>
Date: Wed, 20 Dec 2006 23:10:49 +0000 (+0000)
Subject: Update to 1.3.1_rc1 to fix security bug #158122.
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=8028c958e9651496835c23d31beb1653fa8f6bff;p=gentoo.git

Update to 1.3.1_rc1 to fix security bug #158122.
Package-Manager: portage-2.1.2_rc3
---

diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog
index 0c32d3dd22b3..d9576c842295 100644
--- a/net-ftp/proftpd/ChangeLog
+++ b/net-ftp/proftpd/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-ftp/proftpd
 # Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.137 2006/11/30 21:00:48 chtekk Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.138 2006/12/20 23:10:49 chtekk Exp $
+
+*proftpd-1.3.1_rc1 (20 Dec 2006)
+
+  20 Dec 2006; Luca Longinotti <chtekk@gentoo.org>
+  +proftpd-1.3.1_rc1.ebuild:
+  Update to 1.3.1_rc1 to fix security bug #158122. Update vroot module to
+  0.7.2. Add nls USE flag to handle translated messages and UTF8 file paths.
 
   30 Nov 2006; Luca Longinotti <chtekk@gentoo.org> -proftpd-1.3.0-r1.ebuild,
   -proftpd-1.3.0-r2.ebuild, proftpd-1.3.0a.ebuild:
diff --git a/net-ftp/proftpd/Manifest b/net-ftp/proftpd/Manifest
index 91bca6850d6b..b9aa9c90ce6b 100644
--- a/net-ftp/proftpd/Manifest
+++ b/net-ftp/proftpd/Manifest
@@ -46,9 +46,11 @@ DIST mod_clamav_new.c 7399 RMD160 ae4de6385245a3c79d3c54bb7af9d2fe45a59feb SHA1
 DIST mod_clamav_new.html 4645 RMD160 bc853541e6859e7929c0ed9b01b8f220e09b8ca2 SHA1 58479f3aae082effad3636026a27c09ddb232905 SHA256 ac0ab5f44cfc6c8118664c2a7300450486f52fb3bcde332b4bb9c506dd765a1e
 DIST proftpd-1.2.10.tar.bz2 920337 RMD160 198dc321fab5dde37465880d41bbab29f39c3c4b SHA1 5e3a4d7ae65429a5e3c2934db4ed36a19f41eb0b SHA256 5607d70b8cae3a99e60dcbc4a8286f6de2e10d765136d97834fafd75783c0b25
 DIST proftpd-1.3.0a.tar.bz2 1386956 RMD160 406998669e798e1af253fd822d4d09dbeb75c98a SHA1 03573bfe342e1e9dbfec2983efe2265d3c0c5a12 SHA256 02f614586ff692a67299510064100b0537fd53b4ed0d238d7aaa5b723bf7a0aa
+DIST proftpd-1.3.1rc1.tar.bz2 1484138 RMD160 5d27844da7483973f273db6abf3947f99096b2b4 SHA1 39c9804a76c8a2c75421a7d2896eae45ee0ca1cf SHA256 32cf852535c2ec55c5833c2766cbd0c6aba950ab2967565606e1df334736a766
 DIST proftpd-mod-shaper-0.5.5.tar.gz 18090 RMD160 ef99f3b1e6cf4d4461ab7463bf65dc5ef8e21697 SHA1 667b59184aa08e6f5ad7a2edc3c949b8534cf5af SHA256 eb079bf98ef382086b952977cac1a84c2add9d7add4f8b989c7bd67d8ab61696
 DIST proftpd-mod-shaper-0.6.2.tar.gz 19002 RMD160 3d1fdb82596672c9177009ebb30459a017e74c53 SHA1 930d6dc6b8785da48dc7102db5f1eb20546ccd75 SHA256 59f39bca40462c3bba20feb7be031d7453c366adb4b7fa6d8f50974eb45ae99e
 DIST proftpd-mod-vroot-0.7.1.tar.gz 5613 RMD160 b9677793f7cf6075467d7f41e4b8a9dfef89a847 SHA1 e773f850d5736ecede45304eca7b3ff339fdcd8c SHA256 30d58c326bb30c080048662db0c4ffaf28f478fce40452c0c3c217cb5d2124e1
+DIST proftpd-mod-vroot-0.7.2.tar.gz 6071 RMD160 b152162b3714910d5b9378611313041c3e7e17d4 SHA1 3fc4c5874deba4bbe989b0bd54a7478a47f3d876 SHA256 cab5a42390eac4e0b8bdcbe1e6d15804c8029d51da9ad3bd428b46a80cd69d5a
 EBUILD proftpd-1.2.10-r7.ebuild 4691 RMD160 473d95e56e567df989b0bb02fa4a8e9d3bb94467 SHA1 e9c3c8e473da8ec3499e5a18addf967f284baf21 SHA256 687b309d95e9c7c0f2759475cc87423f52da66656771847c160d945ea8deb085
 MD5 2b18c7dddb0f2239ba204e8d9d7d59dd proftpd-1.2.10-r7.ebuild 4691
 RMD160 473d95e56e567df989b0bb02fa4a8e9d3bb94467 proftpd-1.2.10-r7.ebuild 4691
@@ -57,10 +59,14 @@ EBUILD proftpd-1.3.0a.ebuild 6319 RMD160 7044c76524328003d95f1610f09b1388dc28510
 MD5 b65af93cf8d408443690afdf3c22ad34 proftpd-1.3.0a.ebuild 6319
 RMD160 7044c76524328003d95f1610f09b1388dc285101 proftpd-1.3.0a.ebuild 6319
 SHA256 219c81c01a0d2169e2a0b68ab81163fd3b1df226debf6f5681af4c897d5fbf3a proftpd-1.3.0a.ebuild 6319
-MISC ChangeLog 22267 RMD160 18b8a4de6f68217218232eec29c7a78b9c65a45c SHA1 cd849618febccf0ebab317359af9820fc423fea7 SHA256 7bef061d3a8cf634fc28cb50abee3193d1ee3ee6558f76619d017066720b10c7
-MD5 9401a044969fc43c84ed91d1e63e2e63 ChangeLog 22267
-RMD160 18b8a4de6f68217218232eec29c7a78b9c65a45c ChangeLog 22267
-SHA256 7bef061d3a8cf634fc28cb50abee3193d1ee3ee6558f76619d017066720b10c7 ChangeLog 22267
+EBUILD proftpd-1.3.1_rc1.ebuild 6066 RMD160 fabc52bdbde45a089b76ede2541b08382d7e73df SHA1 f75d06f76fd5e4a2cc00ddcd5ed90581269cec4b SHA256 5ab05cfc66c385cdb5f175e608aaa975ce32c4145db1e62a43d2551d59b200d4
+MD5 f1354fd7b849d087719a86fe36fe5012 proftpd-1.3.1_rc1.ebuild 6066
+RMD160 fabc52bdbde45a089b76ede2541b08382d7e73df proftpd-1.3.1_rc1.ebuild 6066
+SHA256 5ab05cfc66c385cdb5f175e608aaa975ce32c4145db1e62a43d2551d59b200d4 proftpd-1.3.1_rc1.ebuild 6066
+MISC ChangeLog 22533 RMD160 afe8fe4e2d7e42a0358af5d1a3b36d8784f17c5f SHA1 69c272e50b2fd915890d6cbf45871f681ea03dfb SHA256 28f1c278b7e54573fe7a200d7458b7857ad687d7d810a35c5721b660569586f6
+MD5 e6482fa44a73736821cc8e94eecc916b ChangeLog 22533
+RMD160 afe8fe4e2d7e42a0358af5d1a3b36d8784f17c5f ChangeLog 22533
+SHA256 28f1c278b7e54573fe7a200d7458b7857ad687d7d810a35c5721b660569586f6 ChangeLog 22533
 MISC metadata.xml 397 RMD160 310baca7e2be7fea56472b78607c3f97eb6947e8 SHA1 ce13b1daa647114e642c1f5382fbd6453764e6b7 SHA256 18ffe70b54ea4d5875b74347b2580cb8dddbede73c3ccd9a6ef6981b7adb8a4f
 MD5 0dd625f2b64b8b0be0609009435beea1 metadata.xml 397
 RMD160 310baca7e2be7fea56472b78607c3f97eb6947e8 metadata.xml 397
@@ -71,3 +77,6 @@ SHA256 ea87bf530416e83405291521ef6268680a3b6a93cb982098e22e2ba9ebdac203 files/di
 MD5 66f98bb7535b92691c80b850f2587c33 files/digest-proftpd-1.3.0a 1241
 RMD160 fec1ce9aa44ecd4875887fcfaa39580d81999c6d files/digest-proftpd-1.3.0a 1241
 SHA256 ce23a27fd36f6b5227bdec431ab632356e4a244e8eda95dbc188bcf58da665ed files/digest-proftpd-1.3.0a 1241
+MD5 e9e52e20055997806dbe1f5d23b5b5e8 files/digest-proftpd-1.3.1_rc1 1247
+RMD160 08385084022247973b438a28c18cd368e4045b6c files/digest-proftpd-1.3.1_rc1 1247
+SHA256 a93ef45a9e9098d97dec4a88eb13de30dc59d88c2e80c734ec7a6d55ce919538 files/digest-proftpd-1.3.1_rc1 1247
diff --git a/net-ftp/proftpd/files/digest-proftpd-1.3.1_rc1 b/net-ftp/proftpd/files/digest-proftpd-1.3.1_rc1
new file mode 100644
index 000000000000..f685d24ee176
--- /dev/null
+++ b/net-ftp/proftpd/files/digest-proftpd-1.3.1_rc1
@@ -0,0 +1,15 @@
+MD5 da279361d5a34b37ce1f64d3830c4c17 mod_clamav_new.c 7399
+RMD160 ae4de6385245a3c79d3c54bb7af9d2fe45a59feb mod_clamav_new.c 7399
+SHA256 a5a3860c73c8bc3781516cbc912d7736517a92a15a6fd8352eeed638bcce60c1 mod_clamav_new.c 7399
+MD5 098551feed28f069ef01e77af88d55dc mod_clamav_new.html 4645
+RMD160 bc853541e6859e7929c0ed9b01b8f220e09b8ca2 mod_clamav_new.html 4645
+SHA256 ac0ab5f44cfc6c8118664c2a7300450486f52fb3bcde332b4bb9c506dd765a1e mod_clamav_new.html 4645
+MD5 08f4d526b46c84f10e9634d2d913052c proftpd-1.3.1rc1.tar.bz2 1484138
+RMD160 5d27844da7483973f273db6abf3947f99096b2b4 proftpd-1.3.1rc1.tar.bz2 1484138
+SHA256 32cf852535c2ec55c5833c2766cbd0c6aba950ab2967565606e1df334736a766 proftpd-1.3.1rc1.tar.bz2 1484138
+MD5 74fbdcac94cde09c67bc033e22324c8c proftpd-mod-shaper-0.6.2.tar.gz 19002
+RMD160 3d1fdb82596672c9177009ebb30459a017e74c53 proftpd-mod-shaper-0.6.2.tar.gz 19002
+SHA256 59f39bca40462c3bba20feb7be031d7453c366adb4b7fa6d8f50974eb45ae99e proftpd-mod-shaper-0.6.2.tar.gz 19002
+MD5 7abc595e45ce13e38edd6110d1745436 proftpd-mod-vroot-0.7.2.tar.gz 6071
+RMD160 b152162b3714910d5b9378611313041c3e7e17d4 proftpd-mod-vroot-0.7.2.tar.gz 6071
+SHA256 cab5a42390eac4e0b8bdcbe1e6d15804c8029d51da9ad3bd428b46a80cd69d5a proftpd-mod-vroot-0.7.2.tar.gz 6071
diff --git a/net-ftp/proftpd/proftpd-1.3.1_rc1.ebuild b/net-ftp/proftpd/proftpd-1.3.1_rc1.ebuild
new file mode 100644
index 000000000000..a926a2969ecd
--- /dev/null
+++ b/net-ftp/proftpd/proftpd-1.3.1_rc1.ebuild
@@ -0,0 +1,212 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.1_rc1.ebuild,v 1.1 2006/12/20 23:10:49 chtekk Exp $
+
+inherit eutils flag-o-matic toolchain-funcs
+
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="acl authfile clamav hardened ifsession ipv6 ldap mysql ncurses nls noauthunix opensslcrypt pam postgres radius rewrite selinux shaper sitemisc softquota ssl tcpd vroot xinetd"
+
+SHAPER_VER="0.6.2"
+VROOT_VER="0.7.2"
+
+DESCRIPTION="An advanced and very configurable FTP server."
+SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.bz2
+		clamav? ( http://www.uglyboxindustries.com/mod_clamav_new.c http://www.uglyboxindustries.com/mod_clamav_new.html )
+		shaper? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-shaper-${SHAPER_VER}.tar.gz )
+		vroot? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-vroot-${VROOT_VER}.tar.gz )"
+HOMEPAGE="http://www.proftpd.org/
+		http://www.castaglia.org/proftpd/
+		http://www.uglyboxindustries.com/open-source.php"
+
+SLOT="0"
+LICENSE="GPL-2"
+
+DEPEND="acl? ( sys-apps/acl sys-apps/attr )
+		clamav? ( app-antivirus/clamav )
+		ldap? ( >=net-nds/openldap-1.2.11 )
+		mysql? ( virtual/mysql )
+		ncurses? ( sys-libs/ncurses )
+		opensslcrypt? ( >=dev-libs/openssl-0.9.6f )
+		pam? ( virtual/pam )
+		postgres? ( >=dev-db/postgresql-7.3 )
+		ssl? ( >=dev-libs/openssl-0.9.6f )
+		tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )
+		xinetd? ( sys-apps/xinetd )"
+
+RDEPEND="${DEPEND}
+		net-ftp/ftpbase
+		selinux? ( sec-policy/selinux-ftpd )"
+
+S="${WORKDIR}/${P/_/}"
+
+pkg_setup() {
+	# Add the proftpd user to make the default config
+	# work out-of-the-box
+	enewgroup proftpd
+	enewuser proftpd -1 -1 -1 proftpd
+}
+
+src_unpack() {
+	unpack ${P/_/}.tar.bz2
+
+	cd "${S}"
+
+	# Fix stripping of files
+	sed -e "s| @INSTALL_STRIP@||g" -i Make*
+
+	if use shaper ; then
+		unpack ${PN}-mod-shaper-${SHAPER_VER}.tar.gz
+		cp -f mod_shaper/mod_shaper.c contrib/
+	fi
+
+	if use clamav ; then
+		cp -f "${DISTDIR}/mod_clamav_new.c" contrib/mod_clamav.c
+		cp -f "${DISTDIR}/mod_clamav_new.html" doc/mod_clamav.html
+	fi
+
+	if use vroot ; then
+		unpack ${PN}-mod-vroot-${VROOT_VER}.tar.gz
+		cp -f mod_vroot/mod_vroot.c contrib/
+		cp -f mod_vroot/mod_vroot.html doc/
+	fi
+}
+
+src_compile() {
+	addpredict /etc/krb5.conf
+	local modules myconf
+
+	modules="mod_ratio:mod_readme"
+	use acl && modules="${modules}:mod_facl"
+	use clamav && modules="${modules}:mod_clamav"
+	use pam && modules="${modules}:mod_auth_pam"
+	use radius && modules="${modules}:mod_radius"
+	use rewrite && modules="${modules}:mod_rewrite"
+	use shaper && modules="${modules}:mod_shaper"
+	use sitemisc && modules="${modules}:mod_site_misc"
+	use ssl && modules="${modules}:mod_tls"
+	use tcpd && modules="${modules}:mod_wrap"
+	use vroot && modules="${modules}:mod_vroot"
+
+	# pam needs to be explicitely disabled
+	use pam || myconf="${myconf} --enable-auth-pam=no"
+
+	if use ldap ; then
+		modules="${modules}:mod_ldap"
+		append-ldflags "-lresolv"
+	fi
+
+	if use opensslcrypt ; then
+		append-ldflags "-lcrypto"
+		myconf="${myconf} --enable-openssl --with-includes=/usr/include/openssl"
+		CFLAGS="${CFLAGS} -DHAVE_OPENSSL"
+	fi
+
+	if use nls ; then
+		myconf="${myconf} --enable-nls"
+	fi
+
+	if use mysql && use postgres ; then
+		ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules."
+		ewarn "Presently this ebuild defaults to mysql. If you would like to"
+		ewarn "change the default behaviour, merge ProFTPD with:"
+		ewarn "USE='-mysql postgres' emerge proftpd"
+		epause 5
+	fi
+
+	if use mysql ; then
+		modules="${modules}:mod_sql:mod_sql_mysql"
+		myconf="${myconf} --with-includes=/usr/include/mysql"
+	elif use postgres ; then
+		modules="${modules}:mod_sql:mod_sql_postgres"
+		myconf="${myconf} --with-includes=/usr/include/postgresql"
+	fi
+
+	if use softquota ; then
+		modules="${modules}:mod_quotatab"
+		if use mysql || use postgres ; then
+			modules="${modules}:mod_quotatab_sql"
+		fi
+		if use ldap ; then
+			modules="${modules}:mod_quotatab_file:mod_quotatab_ldap"
+		else
+			modules="${modules}:mod_quotatab_file"
+		fi
+	fi
+
+	# mod_ifsession should be the last module in the --with-modules list
+	# see http://www.castaglia.org/proftpd/modules/mod_ifsession.html#Installation
+	use ifsession && modules="${modules}:mod_ifsession"
+
+	# bug #30359
+	use hardened && echo > lib/libcap/cap_sys.c
+	gcc-specs-pie && echo > lib/libcap/cap_sys.c
+
+	if use noauthunix ; then
+		myconf="${myconf} --disable-auth-unix"
+	else
+		myconf="${myconf} --enable-auth-unix"
+	fi
+
+	econf \
+		--sbindir=/usr/sbin \
+		--localstatedir=/var/run \
+		--sysconfdir=/etc/proftpd \
+		--enable-shadow \
+		--enable-autoshadow \
+		--enable-ctrls \
+		--with-modules=${modules} \
+		$(use_enable acl facl) \
+		$(use_enable authfile auth-file) \
+		$(use_enable ipv6) \
+		$(use_enable ncurses) \
+		${myconf} || die "econf failed"
+
+	emake || die "emake failed"
+}
+
+src_install() {
+	# Note rundir needs to be specified to avoid sandbox violation
+	# on initial install. See Make.rules
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	keepdir /var/run/proftpd
+
+	dodoc "${FILESDIR}/proftpd.conf" \
+		COPYING CREDITS ChangeLog NEWS README* \
+		doc/license.txt
+	dohtml doc/*.html
+
+	use shaper && dohtml mod_shaper/mod_shaper.html
+
+	docinto rfc
+	dodoc doc/rfc/*.txt
+
+	mv -f "${D}/etc/proftpd/proftpd.conf" "${D}/etc/proftpd/proftpd.conf.distrib"
+
+	insinto /etc/proftpd
+	newins "${FILESDIR}/proftpd.conf" proftpd.conf.sample
+
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/proftpd.xinetd" proftpd
+	fi
+
+	newinitd "${FILESDIR}/proftpd.rc6" proftpd
+}
+
+pkg_postinst() {
+	einfo
+	einfo "You can find the config files in /etc/proftpd"
+	einfo
+	ewarn "With the introduction of net-ftp/ftpbase the ftp user is now ftp."
+	ewarn "Remember to change that in the configuration file."
+	einfo
+	if use clamav ; then
+		ewarn "mod_clamav was updated to a new version, which uses Clamd"
+		ewarn "only for virus scanning, so you'll have to set Clamd up"
+		ewarn "and start it, also re-check the mod_clamav docs."
+		einfo
+	fi
+}