summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorchristos <christos@pkgsrc.org>2019-10-07 19:29:47 +0000
committerchristos <christos@pkgsrc.org>2019-10-07 19:29:47 +0000
commitd392721ba52dedeefe3d95cfa05ab5be6373f576 (patch)
tree61e8dd21beb8cb914f7ba51a2b9945f44f196987 /net
parenteeaf2a9fb9457967d9c3ec7409ebb3fd49017380 (diff)
downloadpkgsrc-d392721ba52dedeefe3d95cfa05ab5be6373f576.tar.gz
- update to 1.3.6
- add blacklistd support.
Diffstat (limited to 'net')
-rw-r--r--net/proftpd/Makefile6
-rw-r--r--net/proftpd/Makefile.common10
-rw-r--r--net/proftpd/PLIST14
-rw-r--r--net/proftpd/distinfo19
-rw-r--r--net/proftpd/patches/patch-Make.rules.in11
-rw-r--r--net/proftpd/patches/patch-include_pfilter.h6
-rw-r--r--net/proftpd/patches/patch-modules_mod__auth.c39
-rw-r--r--net/proftpd/patches/patch-src_main.c32
-rw-r--r--net/proftpd/patches/patch-src_pfilter.c44
9 files changed, 160 insertions, 21 deletions
diff --git a/net/proftpd/Makefile b/net/proftpd/Makefile
index fd161d62770..5c700366784 100644
--- a/net/proftpd/Makefile
+++ b/net/proftpd/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.87 2019/08/11 13:22:28 wiz Exp $
+# $NetBSD: Makefile,v 1.88 2019/10/07 19:29:47 christos Exp $
-PKGREVISION= 2
+#PKGREVISION= 2
.include "../../net/proftpd/Makefile.common"
COMMENT= Highly configurable FTP server software
@@ -54,7 +54,7 @@ INSTALLATION_DIRS+= share/doc/proftpd
INSTALLATION_DIRS+= share/examples/proftpd
post-install:
-.for i in NEWS README README.IPv6 README.LDAP README.PAM README.capabilities \
+.for i in NEWS README.md README.IPv6 README.LDAP README.PAM README.capabilities \
README.classes README.controls README.facl README.modules
${INSTALL_DATA} ${WRKSRC}/${i} ${DESTDIR}${PREFIX}/share/doc/proftpd
.endfor
diff --git a/net/proftpd/Makefile.common b/net/proftpd/Makefile.common
index b140b9918c0..64479d296f2 100644
--- a/net/proftpd/Makefile.common
+++ b/net/proftpd/Makefile.common
@@ -1,18 +1,18 @@
-# $NetBSD: Makefile.common,v 1.7 2019/05/14 11:39:38 kim Exp $
+# $NetBSD: Makefile.common,v 1.8 2019/10/07 19:29:47 christos Exp $
# used by net/proftpd/Makefile
# used by net/proftpd/Makefile.module
-DISTNAME= proftpd-1.3.5d
+DISTNAME= proftpd-1.3.6
CATEGORIES= net
MASTER_SITES= ftp://ftp.proftpd.org/distrib/source/
MASTER_SITES+= ftp://ftp.servus.at/ProFTPD/distrib/source/
MASTER_SITES+= ftp://ftp.fsn.hu/pub/proftpd/distrib/source/
-PATCH_SITES= https://github.com/proftpd/proftpd/commit/
-PATCH_DIST_STRIP= -p1
+#PATCH_SITES= https://github.com/proftpd/proftpd/commit/
+#PATCH_DIST_STRIP= -p1
# For CVE-2017-7418
-PATCHFILES= ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch
+#PATCHFILES= ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://www.proftpd.org/
diff --git a/net/proftpd/PLIST b/net/proftpd/PLIST
index 11a7af52a9e..5861fc8eaac 100644
--- a/net/proftpd/PLIST
+++ b/net/proftpd/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.27 2015/09/25 10:01:37 wiedi Exp $
+@comment $NetBSD: PLIST,v 1.28 2019/10/07 19:29:47 christos Exp $
bin/ftpasswd
bin/ftpcount
bin/ftpdctl
@@ -11,12 +11,14 @@ include/proftpd/ascii.h
include/proftpd/auth.h
include/proftpd/bindings.h
include/proftpd/buildstamp.h
+include/proftpd/ccan-json.h
include/proftpd/child.h
include/proftpd/class.h
include/proftpd/cmd.h
include/proftpd/compat.h
include/proftpd/conf.h
include/proftpd/config.h
+include/proftpd/configdb.h
include/proftpd/ctrls.h
include/proftpd/data.h
include/proftpd/default_paths.h
@@ -31,18 +33,20 @@ include/proftpd/filter.h
include/proftpd/fsio.h
include/proftpd/ftp.h
include/proftpd/glibc-glob.h
+include/proftpd/hanson-tpl.h
include/proftpd/help.h
include/proftpd/ident.h
include/proftpd/inet.h
+include/proftpd/json.h
include/proftpd/lastlog.h
include/proftpd/libsupp.h
include/proftpd/log.h
+include/proftpd/logfmt.h
include/proftpd/memcache.h
include/proftpd/mkhome.h
include/proftpd/mod_ctrls.h
include/proftpd/mod_dnsbl.h
include/proftpd/mod_load.h
-include/proftpd/mod_log.h
include/proftpd/mod_quotatab.h
include/proftpd/mod_sftp.h
include/proftpd/mod_sql.h
@@ -54,25 +58,27 @@ include/proftpd/netaddr.h
include/proftpd/netio.h
include/proftpd/options.h
include/proftpd/parser.h
+include/proftpd/pfilter.h
include/proftpd/pidfile.h
include/proftpd/pool.h
include/proftpd/pr-syslog.h
include/proftpd/privs.h
include/proftpd/proctitle.h
include/proftpd/proftpd.h
+include/proftpd/redis.h
include/proftpd/regexp.h
include/proftpd/response.h
include/proftpd/rlimit.h
include/proftpd/scoreboard.h
include/proftpd/session.h
include/proftpd/sets.h
+include/proftpd/signals.h
include/proftpd/stash.h
include/proftpd/str.h
include/proftpd/support.h
include/proftpd/table.h
include/proftpd/throttle.h
include/proftpd/timers.h
-include/proftpd/tpl.h
include/proftpd/trace.h
include/proftpd/utf8.h
include/proftpd/var.h
@@ -129,7 +135,7 @@ sbin/in.proftpd
sbin/proftpd
share/doc/proftpd/Configuration.html
share/doc/proftpd/NEWS
-share/doc/proftpd/README
+share/doc/proftpd/README.md
share/doc/proftpd/README.IPv6
share/doc/proftpd/README.LDAP
share/doc/proftpd/README.PAM
diff --git a/net/proftpd/distinfo b/net/proftpd/distinfo
index 073f13b4d21..5c2b81f10ac 100644
--- a/net/proftpd/distinfo
+++ b/net/proftpd/distinfo
@@ -1,13 +1,14 @@
-$NetBSD: distinfo,v 1.46 2017/04/05 17:36:00 kim Exp $
+$NetBSD: distinfo,v 1.47 2019/10/07 19:29:47 christos Exp $
-SHA1 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = a508c2b37482b178d8ff7b06e45d36044818b5f8
-RMD160 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 5cc12fd67e6c722151f0d0c2a22365aff16f7219
-SHA512 (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 7cfadcdb33eff71925d61c78d9d54fe171df3c161d43a940485bd70965046da4ad82d2381d94452dee80548b3131be6801d4f85bbfb2fc3afc7b9a872a00d707
-Size (ecff21e0d0e84f35c299ef91d7fda088e516d4ed.patch) = 3851 bytes
-SHA1 (proftpd-1.3.5d.tar.gz) = e7271c9f6df331eda393a834ad66ff60eff134ca
-RMD160 (proftpd-1.3.5d.tar.gz) = 2052a7c41824c8ce9558fd11c78843b1b07ab6e7
-SHA512 (proftpd-1.3.5d.tar.gz) = 3297ddd1f11d46123bbe46488d75fa7a6dcdf2c2d6e7e880a78a427f9f1e9901878dab179e41092e0b9864a615d8ba0b0bf444d4f829870e993e3169c7141c37
-Size (proftpd-1.3.5d.tar.gz) = 29966560 bytes
+SHA1 (proftpd-1.3.6.tar.gz) = 7e9269f9448c37f82e6faa9edaa3186ff5ba82d2
+RMD160 (proftpd-1.3.6.tar.gz) = 5da3934e46ea517ee6652382e5e3a9f87e591dd6
+SHA512 (proftpd-1.3.6.tar.gz) = 2a3ca76a0c35ba31e9d79f7f652f4f35768262f5039c5dc04ef83ac9218f624645ac6cee445af4ec6a8c59a9bdad1e7b48e0e90cd13934cbe7c3e77a2f6013c0
+Size (proftpd-1.3.6.tar.gz) = 20251898 bytes
+SHA1 (patch-Make.rules.in) = 6ce8ab0f65270f701b455a3fd3f008c9f24511c3
SHA1 (patch-Makefile.in) = 332dcd9d773770c10d876dc9da1dc7f6b1c15421
SHA1 (patch-contrib_mod__sftp_Makefile.in) = 8a805d777597b4fb06a45b484373880e535a0cee
SHA1 (patch-contrib_mod_tls.c) = e36dfa9427804b41eb2ad49378b62890325d50ed
+SHA1 (patch-include_pfilter.h) = 399ba8873e6a58db89c3be44b4f09a1f4ab04e60
+SHA1 (patch-modules_mod__auth.c) = b1ff5c3236edabce5016da3230e0bd30ec92db48
+SHA1 (patch-src_main.c) = c00e1b1830d36d17bea5a10d8e13ec2328d3df88
+SHA1 (patch-src_pfilter.c) = 0f83e751072586f2b6359952b09328d820accc8f
diff --git a/net/proftpd/patches/patch-Make.rules.in b/net/proftpd/patches/patch-Make.rules.in
new file mode 100644
index 00000000000..9b1138354f8
--- /dev/null
+++ b/net/proftpd/patches/patch-Make.rules.in
@@ -0,0 +1,11 @@
+--- Make.rules.in.orig 2015-05-27 20:25:54.000000000 -0400
++++ Make.rules.in 2016-01-25 21:48:47.000000000 -0500
+@@ -110,3 +110,8 @@
+
+ FTPWHO_OBJS=ftpwho.o scoreboard.o misc.o
+ BUILD_FTPWHO_OBJS=utils/ftpwho.o utils/scoreboard.o utils/misc.o
++
++CPPFLAGS+=-DHAVE_BLACKLIST
++LIBS+=-lblacklist
++OBJS+= pfilter.o
++BUILD_OBJS+= src/pfilter.o
diff --git a/net/proftpd/patches/patch-include_pfilter.h b/net/proftpd/patches/patch-include_pfilter.h
new file mode 100644
index 00000000000..b25ffd9cb87
--- /dev/null
+++ b/net/proftpd/patches/patch-include_pfilter.h
@@ -0,0 +1,6 @@
+--- /dev/null 2016-01-22 17:30:55.000000000 -0500
++++ include/pfilter.h 2016-01-22 16:18:33.000000000 -0500
+@@ -0,0 +1,3 @@
++
++void pfilter_notify(int);
++void pfilter_init(void);
diff --git a/net/proftpd/patches/patch-modules_mod__auth.c b/net/proftpd/patches/patch-modules_mod__auth.c
new file mode 100644
index 00000000000..de00d1af242
--- /dev/null
+++ b/net/proftpd/patches/patch-modules_mod__auth.c
@@ -0,0 +1,39 @@
+$NetBSD: patch-modules_mod__auth.c,v 1.1 2019/10/07 19:29:47 christos Exp $
+
+Add packet filter
+
+--- modules/mod_auth.c.orig 2017-04-09 22:31:02.000000000 -0400
++++ modules/mod_auth.c 2019-10-07 15:10:42.316419545 -0400
+@@ -28,6 +28,7 @@
+
+ #include "conf.h"
+ #include "privs.h"
++#include "pfilter.h"
+
+ #ifdef HAVE_USERSEC_H
+ # include <usersec.h>
+@@ -97,6 +98,8 @@
+ _("Login timeout (%d %s): closing control connection"), TimeoutLogin,
+ TimeoutLogin != 1 ? "seconds" : "second");
+
++ pfilter_notify(1);
++
+ /* It's possible that any listeners of this event might terminate the
+ * session process themselves (e.g. mod_ban). So write out that the
+ * TimeoutLogin has been exceeded to the log here, in addition to the
+@@ -1095,6 +1098,7 @@
+ pr_memscrub(pass, strlen(pass));
+ }
+
++ pfilter_notify(1);
+ pr_log_auth(PR_LOG_NOTICE, "SECURITY VIOLATION: Root login attempted");
+ return 0;
+ }
+@@ -1952,6 +1956,7 @@
+ return 1;
+
+ auth_failure:
++ pfilter_notify(1);
+ if (pass)
+ pr_memscrub(pass, strlen(pass));
+ session.user = session.group = NULL;
diff --git a/net/proftpd/patches/patch-src_main.c b/net/proftpd/patches/patch-src_main.c
new file mode 100644
index 00000000000..cf34663b161
--- /dev/null
+++ b/net/proftpd/patches/patch-src_main.c
@@ -0,0 +1,32 @@
+$NetBSD: patch-src_main.c,v 1.1 2019/10/07 19:29:47 christos Exp $
+
+Add packet filter
+
+--- src/main.c.orig 2017-04-09 22:31:02.000000000 -0400
++++ src/main.c 2019-10-07 15:09:12.516004304 -0400
+@@ -41,6 +41,7 @@
+ #endif
+
+ #include "privs.h"
++#include "pfilter.h"
+
+ int (*cmd_auth_chk)(cmd_rec *);
+ void (*cmd_handler)(server_rec *, conn_t *);
+@@ -1089,6 +1090,7 @@
+ pid_t pid;
+ sigset_t sig_set;
+
++ pfilter_init();
+ if (no_fork == FALSE) {
+
+ /* A race condition exists on heavily loaded servers where the parent
+@@ -1206,7 +1208,8 @@
+
+ /* Reseed pseudo-randoms */
+ srand((unsigned int) (time(NULL) * getpid()));
+-
++#else
++ pfilter_init();
+ #endif /* PR_DEVEL_NO_FORK */
+
+ /* Child is running here */
diff --git a/net/proftpd/patches/patch-src_pfilter.c b/net/proftpd/patches/patch-src_pfilter.c
new file mode 100644
index 00000000000..c204a3a9177
--- /dev/null
+++ b/net/proftpd/patches/patch-src_pfilter.c
@@ -0,0 +1,44 @@
+--- /dev/null 2016-01-22 17:30:55.000000000 -0500
++++ src/pfilter.c 2016-01-22 16:37:55.000000000 -0500
+@@ -0,0 +1,41 @@
++#include "pfilter.h"
++#include "conf.h"
++#include "privs.h"
++#ifdef HAVE_BLACKLIST
++#include <blacklist.h>
++#endif
++
++static struct blacklist *blstate;
++
++void
++pfilter_init(void)
++{
++#ifdef HAVE_BLACKLIST
++ if (blstate == NULL)
++ blstate = blacklist_open();
++#endif
++}
++
++void
++pfilter_notify(int a)
++{
++#ifdef HAVE_BLACKLIST
++ conn_t *c = session.c;
++ int fd;
++
++ if (c == NULL)
++ return;
++ if (c->rfd != -1)
++ fd = c->rfd;
++ else if (c->wfd != -1)
++ fd = c->wfd;
++ else
++ return;
++
++ if (blstate == NULL)
++ pfilter_init();
++ if (blstate == NULL)
++ return;
++ (void)blacklist_r(blstate, a, fd, "proftpd");
++#endif
++}
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-04 00:01:35 +0000