summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2005-02-19 22:53:54 +0000
committerMike Frysinger <vapier@gentoo.org>2005-02-19 22:53:54 +0000
commit7a53f17a4d10097ad94f3535eb0bf53d5dd07592 (patch)
treeb131a388c1ae82cc12e3b8a644af2af5a214968a /net-ftp/glftpd
parentversion bump. fixes #82108 (diff)
downloadgentoo-2-7a53f17a4d10097ad94f3535eb0bf53d5dd07592.tar.gz
gentoo-2-7a53f17a4d10097ad94f3535eb0bf53d5dd07592.tar.bz2
gentoo-2-7a53f17a4d10097ad94f3535eb0bf53d5dd07592.zip
Version bump #79532 by Peter. Include patch to fix information disclosure bug #82544.
(Portage version: 2.0.51-r15)
Diffstat (limited to 'net-ftp/glftpd')
-rw-r--r--net-ftp/glftpd/ChangeLog10
-rw-r--r--net-ftp/glftpd/files/digest-glftpd-2.001
-rw-r--r--net-ftp/glftpd/files/glftpd-2.00-gcc.patch7
-rw-r--r--net-ftp/glftpd/files/glftpd-2.00-install.patch101
-rw-r--r--net-ftp/glftpd/files/glftpd-2.00-script-path-checks.patch47
-rw-r--r--net-ftp/glftpd/glftpd-1.32-r2.ebuild4
-rw-r--r--net-ftp/glftpd/glftpd-2.00.ebuild99
7 files changed, 265 insertions, 4 deletions
diff --git a/net-ftp/glftpd/ChangeLog b/net-ftp/glftpd/ChangeLog
index f4090bad60f2..24ec4d9985f6 100644
--- a/net-ftp/glftpd/ChangeLog
+++ b/net-ftp/glftpd/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-ftp/glftpd
-# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/glftpd/ChangeLog,v 1.11 2004/10/07 04:52:05 vapier Exp $
+# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/glftpd/ChangeLog,v 1.12 2005/02/19 22:53:54 vapier Exp $
+
+*glftpd-2.00 (19 Feb 2005)
+
+ 19 Feb 2005; Mike Frysinger <vapier@gentoo.org> :
+ Version bump #79532 by Peter. Include patch to fix information disclosure
+ bug #82544.
*glftpd-1.32-r2 (07 Oct 2004)
diff --git a/net-ftp/glftpd/files/digest-glftpd-2.00 b/net-ftp/glftpd/files/digest-glftpd-2.00
new file mode 100644
index 000000000000..c90fde5007a3
--- /dev/null
+++ b/net-ftp/glftpd/files/digest-glftpd-2.00
@@ -0,0 +1 @@
+MD5 7911a44f800f179c9c1c39b88682bd30 glftpd-LNX_2.00.tgz 2601322
diff --git a/net-ftp/glftpd/files/glftpd-2.00-gcc.patch b/net-ftp/glftpd/files/glftpd-2.00-gcc.patch
new file mode 100644
index 000000000000..28c9c187c8c7
--- /dev/null
+++ b/net-ftp/glftpd/files/glftpd-2.00-gcc.patch
@@ -0,0 +1,7 @@
+--- bin/sources/glupdate.c
++++ bin/sources/glupdate.c
+@@ -64,3 +64,3 @@
+ void update_log (struct dirlog);
+-void get_dir_size (char *, int *, long *);
++void get_dir_size (char *, int *, unsigned long long *);
+ char *trim (char *);
diff --git a/net-ftp/glftpd/files/glftpd-2.00-install.patch b/net-ftp/glftpd/files/glftpd-2.00-install.patch
new file mode 100644
index 000000000000..32ee8ef0b138
--- /dev/null
+++ b/net-ftp/glftpd/files/glftpd-2.00-install.patch
@@ -0,0 +1,101 @@
+--- installgl.sh
++++ installgl.sh
+@@ -246 +245,0 @@
+-read randomkey
+@@ -272 +271 @@
+- read usetcpd
++ usetcpd=${USETCPD}
+@@ -336 +335 @@
+- read jail
++ jail=y
+@@ -349 +348 @@
+- read jaildir
++ jaildir=${GLROOT}
+@@ -361 +360 @@
+- read reply
++ echo "SHOULD NOT HAVE BEEN HERE 1" ; exit 1
+@@ -393 +392 @@
+- read useprivgroup
++ useprivgroup=n
+@@ -414 +413 @@
+- read privgroup
++ echo "SHOULD NOT HAVE BEEN HERE 2" ; exit 1
+@@ -423 +422 @@
+- read reply
++ echo "SHOULD NOT HAVE BEEN HERE 3" ; exit 1
+@@ -441 +440 @@
+- read jailusers
++ echo "SHOULD NOT HAVE BEEN HERE 4" ; exit 1
+@@ -505 +504 @@
+- read glroot
++ break
+@@ -517 +516 @@
+- read reply
++ echo "SHOULD NOT HAVE BEEN HERE 5" ; exit 1
+@@ -602 +601 @@
+- read servicename
++ servicename=glftpd
+@@ -617 +616 @@
+- read keystroke
++ echo "SHOULD NOT HAVE BEEN HERE 6" ; exit 1
+@@ -639 +638 @@
+- read keystroke
++ echo "SHOULD NOT HAVE BEEN HERE 6.2" ; exit 1
+@@ -696 +695 @@
+- $usegcc $gccflags "$jaildir$glroot/bin/$base" "$cfile" >/dev/null 2>&1 || \
++ $usegcc $gccflags "$jaildir$glroot/bin/$base" "$cfile" >& "$cfile".cc.log || \
+@@ -699 +698 @@
+- echo "OK."
++ echo "OK." ; rm -f "$cfile".cc.log
+@@ -702 +701 @@
+- echo "FAILED!"
++ echo "FAILED!" ; cat "$cfile".cc.log
+@@ -826 +825 @@
+- read port
++ port=21
+@@ -842,4 +840,0 @@
+-{ grep -v ^${servicename} /etc/services;
+- echo "$servicename $port/tcp"
+-} > /etc/services.new
+-mv -f /etc/services.new /etc/services
+@@ -891 +886 @@
+- read whichnetd
++ whichnetd=${WHICHNETD}
+@@ -903,3 +898 @@
+- echo "ERROR: Can't determine if you are using inetd or xinetd!"
+- echo "Please fix this problem and re-run the installation script"
+- exit 1
++ whichnetd=${WHICHNETD}
+@@ -920 +913 @@
+- read keystroke
++ keystroke=n
+@@ -938 +931 @@
+- read keystroke
++ keystroke=no
+@@ -960 +952,0 @@
+- cp /etc/localtime /usr/lib/
+@@ -980 +972 @@
+- read tlsname
++ tlsname="ftp server"
+@@ -1041 +1033 @@
+- mv -f $base.pem $tls/
++ mv -f $base.pem $D$tls/
+@@ -1068 +1060 @@
+- read tls
++ echo "SHOULD NOT HAVE BEEN HERE 7" ; exit 1
+@@ -1096 +1088 @@
+- read tls
++ tls=/etc/glftpd-dsa.pem ; break
+@@ -1222,3 +1214,2 @@
+- [ ! -d "/etc/xinetd.d" ] && {
+- mkdir /etc/xinetd.d
+- echo "includedir /etc/xinetd.d" >> /etc/xinetd.conf
++ [ ! -d "$D/etc/xinetd.d" ] && {
++ mkdir $D/etc/xinetd.d
+@@ -1226 +1217 @@
+- cat <<EOF > /etc/xinetd.d/$servicename
++ cat <<EOF > $D/etc/xinetd.d/$servicename
+@@ -1252,3 +1242,0 @@
+-{ crontab -l | grep -v "$jaildir$glroot/bin/reset"
+- echo "0 0 * * * $jaildir$glroot/bin/reset ${euroweek}${confpath}"
+-} | crontab - > /dev/null
diff --git a/net-ftp/glftpd/files/glftpd-2.00-script-path-checks.patch b/net-ftp/glftpd/files/glftpd-2.00-script-path-checks.patch
new file mode 100644
index 000000000000..892e914e1590
--- /dev/null
+++ b/net-ftp/glftpd/files/glftpd-2.00-script-path-checks.patch
@@ -0,0 +1,47 @@
+Make people don't try scanning for files they shouldn't have
+access to normally.
+
+http://bugs.gentoo.org/show_bug.cgi?id=82544
+
+--- bin/sitenfo.sh
++++ bin/sitenfo.sh
+@@ -37,6 +37,11 @@
+ exit 0
+ }
+
++[ "${1/..\/}" != "$1" ] && {
++ echo "That zipfile does not exist!"
++ exit 1
++}
++
+ [ ! -e "$1" ] && {
+ echo "That zipfile does not exist!"
+ exit 1
+--- bin/sitezipchk.sh
++++ bin/sitezipchk.sh
+@@ -37,6 +37,11 @@
+ exit 0
+ }
+
++[ "${1/..\/}" != "$1" ] && {
++ echo "That zipfile does not exist!"
++ exit 1
++}
++
+ [ ! -e "$1" ] && {
+ echo "That zipfile does not exist!"
+ exit 1
+--- bin/siteziplist.sh
++++ bin/siteziplist.sh
+@@ -37,6 +37,11 @@
+ exit 0
+ }
+
++[ "${1/..\/}" != "$1" ] && {
++ echo "That zipfile does not exist!"
++ exit 1
++}
++
+ [ ! -e "$1" ] && {
+ echo "That zipfile does not exist!"
+ exit 1
diff --git a/net-ftp/glftpd/glftpd-1.32-r2.ebuild b/net-ftp/glftpd/glftpd-1.32-r2.ebuild
index bbd768c14a97..216c7122ad84 100644
--- a/net-ftp/glftpd/glftpd-1.32-r2.ebuild
+++ b/net-ftp/glftpd/glftpd-1.32-r2.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/glftpd/glftpd-1.32-r2.ebuild,v 1.1 2004/10/07 04:52:05 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/glftpd/glftpd-1.32-r2.ebuild,v 1.2 2005/02/19 22:53:54 vapier Exp $
inherit eutils
diff --git a/net-ftp/glftpd/glftpd-2.00.ebuild b/net-ftp/glftpd/glftpd-2.00.ebuild
new file mode 100644
index 000000000000..4e6cea603fdf
--- /dev/null
+++ b/net-ftp/glftpd/glftpd-2.00.ebuild
@@ -0,0 +1,99 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/glftpd/glftpd-2.00.ebuild,v 1.1 2005/02/19 22:53:54 vapier Exp $
+
+inherit eutils
+
+MY_P=${P/-/-LNX_}
+DESCRIPTION="a HIGHLY configurable ftp server"
+HOMEPAGE="http://www.glftpd.com/"
+SRC_URI="http://www.glftpd.com/files/${MY_P}.tgz"
+
+LICENSE="freedist"
+SLOT="0"
+KEYWORDS="-* ~x86"
+IUSE=""
+
+DEPEND="dev-libs/openssl"
+RDEPEND="${DEPEND}
+ sys-apps/xinetd"
+
+S=${WORKDIR}/${MY_P}
+
+# custom options
+export CUSTOMGLROOT=${CUSTOMGLROOT:-/opt/glftpd}
+export GLROOT=${GLROOT:-${D}${CUSTOMGLROOT}}
+
+pkg_setup() {
+ [[ -d /proc/sysvipc ]] || die "You need System V IPC support in your kernel"
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ cp installgl.sh{,.orig}
+ epatch "${FILESDIR}"/${P}-install.patch
+ epatch "${FILESDIR}"/${P}-gcc.patch
+ epatch "${FILESDIR}"/${P}-script-path-checks.patch
+}
+
+yesno() { if $@ ; then echo y ; else echo n ; fi ; }
+
+src_install() {
+ dodir /etc/xinetd.d
+
+ # custom options
+ export USETCPD=$(yesno useq tcpd)
+ export JAIL=y
+ export MAKETLS=$(yesno [ ! -e /etc/glftpd-dsa.pem ])
+ export WHICHNETD=x
+ "${S}"/installgl.sh || die "installgl.sh failed"
+
+ # fix the glftpd.conf file
+ sed -i \
+ -e "s:${GLROOT}:${CUSTOMGLROOT}/:" \
+ ${GLROOT}/glftpd.conf
+
+ mv ${GLROOT}/glftpd.conf ${D}/etc/
+ ln -s /etc/glftpd.conf ${GLROOT}/glftpd.conf
+ if [ -e /etc/glftpd-dsa.pem ] ; then
+ cp /etc/glftpd-dsa.pem ${D}/etc/
+ else
+ cp ftpd-dsa.pem ${D}/etc/glftpd-dsa.pem
+ fi
+ ln -s /etc/glftpd-dsa.pem ${GLROOT}/etc/glftpd-dsa.pem
+ fperms o-r /etc/glftpd-dsa.pem
+
+ # xinetd.d entry (use our custom one :])
+ insinto /etc/xinetd.d
+ newins ${FILESDIR}/glftpd.xinetd.d glftpd
+ dosed "s:GLROOT:${CUSTOMGLROOT}:g" /etc/xinetd.d/glftpd
+
+ # env entry to protect our ftp passwd/group files
+ newenvd ${FILESDIR}/glftpd.env.d 99glftpd
+ dosed "s:GLROOT:${CUSTOMGLROOT}:g" /etc/env.d/99glftpd
+
+ # chmod the glftpd dir so that user files will work
+ chmod 711 ${GLROOT}
+}
+
+pkg_postinst() {
+ echo
+ einfo "Read the documentation in /opt/glftpd/docs/"
+ einfo "After you setup your conf file, edit the xinetd"
+ einfo "entry in /etc/xinetd.d/glftpd to enable, then"
+ einfo "start xinetd: /etc/init.d/xinetd start"
+ echo
+ einfo "To add glftpd to your services file and to"
+ einfo "create a cronjob for auto generating statistics,"
+ einfo "just run this command after you install:"
+ echo
+ einfo "ebuild /var/db/pkg/${CATEGORY}/${PF}/${PF}.ebuild config"
+}
+
+pkg_config() {
+ einfo "Updating crontab"
+ { crontab -l | grep -v "bin/reset"
+ echo "0 0 * * * ${CUSTOMGLROOT}/bin/reset -r ${CUSTOMGLROOT}/glftpd.conf"
+ } | crontab - > /dev/null
+}