From: Rolf Eike Beer <eike@sf-mail.de>
Date: Wed, 20 Nov 2019 18:49:19 +0000 (+0100)
Subject: net-mail/cmd5checkpw: use a special group instead of a user
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=8d7838512d6b7d92ab2029830c7bff198a30654e;p=gentoo.git

net-mail/cmd5checkpw: use a special group instead of a user

This allows that whoever calls the binary to read the password database without
the possibility to alter it.

Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Closes: https://github.com/gentoo/gentoo/pull/13723
Signed-off-by: Joonas Niilola <juippis@gentoo.org>
---

diff --git a/net-mail/cmd5checkpw/cmd5checkpw-0.30-r3.ebuild b/net-mail/cmd5checkpw/cmd5checkpw-0.30-r3.ebuild
new file mode 100644
index 000000000000..38ddd2149fda
--- /dev/null
+++ b/net-mail/cmd5checkpw/cmd5checkpw-0.30-r3.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit fixheadtails
+
+MY_VER=$(ver_rs 1- "")
+
+DESCRIPTION="A checkpassword compatible authentication program that used CRAM-MD5 authentication mode"
+SRC_URI="https://www.fehcom.de/qmail/auth/${PN}-${MY_VER}_tgz.bin -> ${P}.tar.gz"
+HOMEPAGE="https://www.fehcom.de/qmail/smtpauth.html"
+
+LICENSE="public-domain RSA"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE=""
+
+DEPEND="acct-group/cmd5checkpw"
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	if has_version "<net-mail/cmd5checkpw-0.30"; then
+		ewarn
+		ewarn "this version is in NO WAY COMPATIBLE with cmd5checkpw-0.2x"
+		ewarn "it actually receives the authentication credentials"
+		ewarn "in a different order then the old implementation"
+		ewarn "see bug #100693 for details"
+		ewarn "this version IS needed by >=qmail-1.03-r16"
+		ewarn
+	fi
+}
+
+PATCHES=(
+	"${FILESDIR}"/euid_${MY_VER}.diff
+	"${FILESDIR}"/reloc.diff
+)
+
+src_prepare() {
+	default
+
+	ht_fix_file Makefile
+}
+
+src_compile() {
+	emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS} -o cmd5checkpw"
+}
+
+src_install() {
+	insinto /etc
+	insopts -m 640 -o root -g cmd5checkpw
+	doins "${FILESDIR}"/poppasswd
+
+	exeinto /usr/bin
+	exeopts -o root -g cmd5checkpw -m 2755
+	doexe cmd5checkpw
+
+	doman cmd5checkpw.8
+	einstalldocs
+}
+
+pkg_postinst() {
+	chmod 640 "${EROOT}"/etc/poppasswd || die
+	chown root:cmd5checkpw "${EROOT}"/etc/poppasswd || die
+}