version bump and patch for security bug 238762 (CVE-2008-4242); this bump has been done due to lack of maintainer activity, as noted in the security handling policy; also fixes bug 238288 and bug 238691

Package-Manager: portage-2.2_rc13/cvs/Linux 2.6.27-gentoo x86_64
author: Christian Hoffmann <hoffie@gentoo.org> 2008-11-06 12:54:07 +0000
committer: Christian Hoffmann <hoffie@gentoo.org> 2008-11-06 12:54:07 +0000
commit: 31677cbf8082a2516e39429a44435c4389f69e8a (patch)
tree: 9bbddfd37de64794f3c53ac5472f7abb6296d8b5 /net-ftp
parent: Version bump (diff)
download: historical-31677cbf8082a2516e39429a44435c4389f69e8a.tar.gz
historical-31677cbf8082a2516e39429a44435c4389f69e8a.tar.bz2
historical-31677cbf8082a2516e39429a44435c4389f69e8a.zip
4 files changed, 424 insertions, 5 deletions
diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog
index 1b4bbad13caa..347cc4cde9b3 100644
--- a/net-ftp/proftpd/ChangeLog
+++ b/net-ftp/proftpd/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for net-ftp/proftpd
 # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.173 2008/08/21 22:45:39 cardoe Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.174 2008/11/06 12:54:07 hoffie Exp $
+
+*proftpd-1.3.2_rc2 (06 Nov 2008)
+
+  06 Nov 2008; Christian Hoffmann <hoffie@gentoo.org>
+  +files/proftpd-1.3.2_rc2-CVE-2008-4242.patch, +proftpd-1.3.2_rc2.ebuild:
+  version bump and patch for security bug 238762 (CVE-2008-4242); this bump
+  has been done due to lack of maintainer activity, as noted in the security
+  handling policy; compile-tested on ~amd64 and seems to work von hardened
+  x86; please don't bug me with anything except for regressions I caused;
+  also fixes bug 238288 and bug 238691
 
   21 Aug 2008; Doug Goldstein <cardoe@gentoo.org> metadata.xml:
   add GLEP 56 USE flag desc from use.local.desc
diff --git a/net-ftp/proftpd/Manifest b/net-ftp/proftpd/Manifest
index 3147ffd3cd56..3d0a3470bcc9 100644
--- a/net-ftp/proftpd/Manifest
+++ b/net-ftp/proftpd/Manifest
@@ -8,6 +8,7 @@ AUX proftpd-1.3.1_rc2-bug167003.patch 316 RMD160 7fcade6de378727081d0a14775b2e24
 AUX proftpd-1.3.1_rc2-bug175082.patch 9671 RMD160 ab5144464b0b0c618ed51d1907694a56f2f72f5c SHA1 65ea3a861dc493439a8b2e2d3271dba57825bbac SHA256 018077db323cb370dd68fb30c284090316a041f53e02e07478cb1e07e22f30dc
 AUX proftpd-1.3.1_rc2-bug178866.patch 1731 RMD160 11d06f7d5ea2ad4678ff989514daaa10d1b92c2c SHA1 7b15937e55b13985ece4a6275cae4c6487b834cb SHA256 658f2e71e1e062e94e8437b10443576432fbc4dd342d297473aef603c6b450aa
 AUX proftpd-1.3.1_rc2-bug181712.patch 1098 RMD160 1c4a77dfb401c6d888fabc259e21f5022828335b SHA1 387e079c66df054909a2c7d94485189aa1b09afc SHA256 bdb1364ae5a518f5d50b8a232e94bd83b2d3f846d51566c7ed63550ac3858698
+AUX proftpd-1.3.2_rc2-CVE-2008-4242.patch 5522 RMD160 a0f73525f1b6b9f06fd6b6ff0b5eb6112a8abe5b SHA1 6f51a0653ce994c6a0f4e447f152b5676b213a19 SHA256 4d77366e9bc08058f906d7e93c9ec8427fb5d36ba85db9cec74c510ca40ba728
 AUX proftpd.conf 1671 RMD160 1242c9c20e21e4832e5771e5fd57085cc5312066 SHA1 91cadfcbd1034f744f6513492258efa3b95fa9e6 SHA256 d289078ee6c5764b16979e7b720d99bcccf4d87176eecd6108dc9dc37949f0dd
 AUX proftpd.rc6 1202 RMD160 03e4bd127d379bdc9c62640dea0e6f65b9defda7 SHA1 f674f0871052d7a031b4ee9886b33d6a041d635d SHA256 0ab218ccb323cbcbd53598e93c3565f00245380a9ee1374cc22c2c1db88f7a37
 AUX proftpd.xinetd 295 RMD160 c5c829319e901f478fe58b920347cc1b8706a366 SHA1 3f1bd8d6cbb1488301b9aa0346e02b571fd0783a SHA256 150a5701f5c2788ecdf2c6ec228ce674963c9dc7bc1c511ad1eba8dfe05e2d5d
@@ -16,6 +17,7 @@ DIST mod_clamav_new.c 7399 RMD160 ae4de6385245a3c79d3c54bb7af9d2fe45a59feb SHA1
 DIST mod_clamav_new.html 4645 RMD160 bc853541e6859e7929c0ed9b01b8f220e09b8ca2 SHA1 58479f3aae082effad3636026a27c09ddb232905 SHA256 ac0ab5f44cfc6c8118664c2a7300450486f52fb3bcde332b4bb9c506dd765a1e
 DIST proftpd-1.3.1.tar.bz2 2243888 RMD160 ed47f7a7c446b01c3d00d2d25d89573c787da905 SHA1 0b54286492967172c5355e2f489f9665b46591e5 SHA256 03bc023e5b7b1c04d8eb2d5dca53b931b3e02cc7aba7dd8f629b0878535dc91b
 DIST proftpd-1.3.1rc2.tar.bz2 1516464 RMD160 aa928315880cf1e9d1980850ce2bb07193d2ac46 SHA1 7db6435707983fe8e865064661cedb159ebc1cf6 SHA256 7494ea061ef28efc7afa63ffe0a80d598a55909d06dede9254e955c67e6440da
+DIST proftpd-1.3.2rc2.tar.bz2 2356053 RMD160 4048327e14ce4e03075bbfdb6de4adb4d5e23f61 SHA1 94c5e71a7be7e65ae04d97df62c8b3675398c3b6 SHA256 1fb46b8b0d1ac11ed80a3106e261e15fd4c0b3bc83c198ab9620a852d31f96b7
 DIST proftpd-mod-case-0.3.tar.gz 4781 RMD160 99f46a2cfb88ec2f3070d632dbc17d89d12ec30b SHA1 c8ea2c4604ab2ffa5853284d0696b1dfe518ae84 SHA256 a9affd47558020b2b3f369c9a945ac91d22b45368734d839404b76e0fbdaaf7c
 DIST proftpd-mod-deflate-0.3.tar.gz 7704 RMD160 dd51a966942642b2a5ae1cd1c3b3b6f47721637c SHA1 9d08a32da1c1e7e8b126e1fdbc172aa6889bccbc SHA256 dd6650e1cb69ee118319c19bbaa9dbe277b92675ab26e9c70a93e1e93f724adb
 DIST proftpd-mod-shaper-0.6.2.tar.gz 19002 RMD160 3d1fdb82596672c9177009ebb30459a017e74c53 SHA1 930d6dc6b8785da48dc7102db5f1eb20546ccd75 SHA256 59f39bca40462c3bba20feb7be031d7453c366adb4b7fa6d8f50974eb45ae99e
@@ -23,12 +25,13 @@ DIST proftpd-mod-shaper-0.6.3.tar.gz 19040 RMD160 9978fda37d0099c48d755e53132482
 DIST proftpd-mod-vroot-0.7.2.tar.gz 6071 RMD160 b152162b3714910d5b9378611313041c3e7e17d4 SHA1 3fc4c5874deba4bbe989b0bd54a7478a47f3d876 SHA256 cab5a42390eac4e0b8bdcbe1e6d15804c8029d51da9ad3bd428b46a80cd69d5a
 EBUILD proftpd-1.3.1.ebuild 6951 RMD160 f2d030f82d5c73d2312d413aa9ba2f9f8174219d SHA1 69618caa7299ec3a9b4ae935aa71b0096b937b62 SHA256 f8b1ba70aba8cbb6c5b296731e0ed748c7659eac3935ffe2758df0c3363dab1f
 EBUILD proftpd-1.3.1_rc2-r3.ebuild 6338 RMD160 5af01205da38a4e4cdf4ad4ddfbb8f979b42cfdc SHA1 993a40f69700583842aa7c1d1527ee97f7292cc3 SHA256 5977e86165767799cd4123e14bd391b04cbd14f29c563ecc6081d014f9fadbb2
-MISC ChangeLog 28385 RMD160 0b64376c327e2086729070a8d21ca2b5ec4dad0a SHA1 302569da03c35ad84173be0c5d901d93fdda4a4d SHA256 4bab4196ef44d698ee1702963830bd574db6c96a784e6bc022065360440cefe5
+EBUILD proftpd-1.3.2_rc2.ebuild 6115 RMD160 99e3bbce315d4c5211f44ef8a817e1f90da68cf3 SHA1 d104291e7d167b4b17609947a3ce0295ee4cc5b9 SHA256 ee76f3ea1ccf8ee76e266a4b803ff7351a669c7ecd279c9f616c0d462ba6d07a
+MISC ChangeLog 28890 RMD160 e395d867d16229008e75339c867cdc203b5aca8a SHA1 3c8af547daf0fcd540560e5d8c611cf6dcf0993c SHA256 56775ae8a25c1fa4bcaba1f20ce26b5f10d44d861b38028d939a1979b6e08ff3
 MISC metadata.xml 1266 RMD160 2eb6ab3b7a7c68eca09e193daaea833a2dc08362 SHA1 86bf2fc8f6b6c944bf384e97e9bcdec7d7ec8d77 SHA256 ffe716530aba4cf0ec4069d86c2b09f9a4dbfca541d7f467c579f871cf78c0de
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (GNU/Linux)
 
-iEYEARECAAYFAkit8BkACgkQoeSe8B0zEfxKNgCdGDdDt4E9uX6KQBm0ZAM0K7gJ
-MlQAoIA1vfF594FNQPkk2dlUccCvBe12
-=6uPU
+iEYEARECAAYFAkkS6PcACgkQSamB34AN3N5QgQCgh27IGs/wMWQQ7myrdjKf8vAK
+D94AnRNnVYsLowJr3eOwrM1PjOOYgj9J
+=y+lt
 -----END PGP SIGNATURE-----
diff --git a/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch b/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch
new file mode 100644
index 000000000000..1b95d3c239d5
--- /dev/null
+++ b/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch
@@ -0,0 +1,192 @@
+This fixes CVE-2008-4242 (Gentoo bug 238762)
+Source: http://bugs.proftpd.org/show_bug.cgi?id=3115
+
+Index: src/main.c
+===================================================================
+RCS file: /cvsroot/proftp/proftpd/src/main.c,v
+retrieving revision 1.344
+diff -u -r1.344 main.c
+--- src/main.c	8 Sep 2008 00:47:11 -0000	1.344
++++ src/main.c	20 Sep 2008 20:10:49 -0000
+@@ -516,20 +516,32 @@
+ static long get_max_cmd_len(size_t buflen) {
+   long res;
+   int *bufsz = NULL;
++  size_t default_cmd_bufsz;
+ 
++  /* It's possible for the admin to select a PR_TUNABLE_BUFFER_SIZE which
++   * is smaller than PR_DEFAULT_CMD_BUFSZ.  We need to handle such cases
++   * properly.
++   */
++  default_cmd_bufsz = PR_DEFAULT_CMD_BUFSZ;
++  if (default_cmd_bufsz > buflen) {
++    default_cmd_bufsz = buflen;
++  }
++ 
+   bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
+   if (bufsz == NULL) {
+-    res = PR_DEFAULT_CMD_BUFSZ;
++    res = default_cmd_bufsz;
+ 
+   } else if (*bufsz <= 0) {
+     pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, "
+-      "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ);
+-    res = PR_DEFAULT_CMD_BUFSZ;
++      "using default buffer size (%lu) instead", *bufsz,
++      (unsigned long) default_cmd_bufsz);
++    res = default_cmd_bufsz;
+ 
+   } else if (*bufsz + 1 > buflen) {
+     pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, "
+-      "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ);
+-    res = PR_DEFAULT_CMD_BUFSZ;
++      "using default buffer size (%lu) instead", *bufsz,
++      (unsigned long) default_cmd_bufsz);
++    res = default_cmd_bufsz;
+ 
+   } else {
+     pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
+@@ -577,11 +589,26 @@
+     return -1;
+   }
+ 
+-  memset(buf, '\0', sizeof(buf));
++  while (TRUE) {
++    pr_signals_handle();
+ 
+-  if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm,
+-      session.c->outstrm) == NULL)
+-    return -1;
++    memset(buf, '\0', sizeof(buf));
++
++    if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm,
++        session.c->outstrm) == NULL) {
++
++      if (errno == E2BIG) {
++        /* The client sent a too-long command which was ignored; give
++         * them another chance?
++         */
++       continue;
++      }
++
++      return -1;
++    }
++
++    break;
++  }
+ 
+   if (cmd_bufsz == -1)
+     cmd_bufsz = get_max_cmd_len(sizeof(buf));
+Index: src/netio.c
+===================================================================
+RCS file: /cvsroot/proftp/proftpd/src/netio.c,v
+retrieving revision 1.33
+diff -u -r1.33 netio.c
+--- src/netio.c	3 Apr 2008 03:14:31 -0000	1.33
++++ src/netio.c	20 Sep 2008 20:10:49 -0000
+@@ -1,6 +1,6 @@
+ /*
+  * ProFTPD - FTP server daemon
+- * Copyright (c) 2001-2007 The ProFTPD Project team
++ * Copyright (c) 2001-2008 The ProFTPD Project team
+  *
+  * This program is free software; you can redistribute it and/or modify
+  * it under the terms of the GNU General Public License as published by
+@@ -30,19 +30,19 @@
+ #include <signal.h>
+ 
+ #ifndef IAC
+-#define IAC	255
++# define IAC	255
+ #endif
+ #ifndef DONT
+-#define DONT	254
++# define DONT	254
+ #endif
+ #ifndef DO
+-#define DO	253
++# define DO	253
+ #endif
+ #ifndef WONT
+-#define WONT	252
++# define WONT	252
+ #endif
+ #ifndef WILL
+-#define WILL	251
++# define WILL	251
+ #endif
+ 
+ static const char *trace_channel = "netio";
+@@ -51,6 +51,17 @@
+ static pr_netio_t *core_data_netio = NULL, *data_netio = NULL;
+ static pr_netio_t *core_othr_netio = NULL, *othr_netio = NULL;
+ 
++/* Used to track whether the previous text read from the client's control
++ * connection was a properly-terminated command.  If so, then read in the
++ * next/current text as per normal.  If NOT (e.g. the client sent a too-long
++ * command), then read in the next/current text, but ignore it.  Only clear
++ * this flag if the next/current command can be read as per normal.
++ *
++ * The pr_netio_telnet_gets() uses this variable, in conjunction with its
++ * saw_newline flag, for handling too-long commands from clients.
++ */
++static int properly_terminated_prev_command = TRUE;
++
+ static pr_netio_stream_t *netio_stream_alloc(pool *parent_pool) {
+   pool *netio_pool = NULL;
+   pr_netio_stream_t *nstrm = NULL;
+@@ -950,7 +961,7 @@
+   char *bp = buf;
+   unsigned char cp;
+   static unsigned char mode = 0;
+-  int toread, handle_iac = TRUE;
++  int toread, handle_iac = TRUE, saw_newline = FALSE;
+   pr_buffer_t *pbuf = NULL;
+ 
+   if (buflen == 0) {
+@@ -983,8 +994,9 @@
+           *bp = '\0';
+           return buf;
+ 
+-        } else
++        } else {
+           return NULL;
++        }
+       }
+ 
+       pbuf->remaining = pbuf->buflen - toread;
+@@ -1049,6 +1061,8 @@
+       toread--;
+       *bp++ = *pbuf->current++;
+       pbuf->remaining++;
++
++      saw_newline = TRUE;
+       break;
+     }
+ 
+@@ -1056,6 +1070,25 @@
+       pbuf->current = NULL;
+   }
+ 
++  if (!saw_newline) {
++    /* If we haven't seen a newline, then assume the client is deliberately
++     * sending a too-long command, trying to exploit buffer sizes and make
++     * the server make some possibly bad assumptions.
++     */
++
++    properly_terminated_prev_command = FALSE;
++    errno = E2BIG;
++    return NULL;
++  }
++
++  if (!properly_terminated_prev_command) {
++    properly_terminated_prev_command = TRUE;
++    pr_log_pri(PR_LOG_NOTICE, "client sent too-long command, ignoring");
++    errno = E2BIG;
++    return NULL;
++  }
++
++  properly_terminated_prev_command = TRUE;
+   *bp = '\0';
+   return buf;
+ }
diff --git a/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild b/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild
new file mode 100644
index 000000000000..baf880951b36
--- /dev/null
+++ b/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild
@@ -0,0 +1,214 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.2_rc2.ebuild,v 1.1 2008/11/06 12:54:07 hoffie Exp $
+
+inherit eutils flag-o-matic toolchain-funcs
+
+KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="acl authfile clamav hardened ifsession ipv6 ldap mysql ncurses nls noauthunix opensslcrypt pam postgres radius rewrite selinux shaper sitemisc softquota ssl tcpd vroot xinetd"
+
+SHAPER_VER="0.6.2"
+VROOT_VER="0.7.2"
+
+DESCRIPTION="An advanced and very configurable FTP server."
+SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.bz2
+		clamav? ( http://www.uglyboxindustries.com/mod_clamav_new.c http://www.uglyboxindustries.com/mod_clamav_new.html )
+		shaper? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-shaper-${SHAPER_VER}.tar.gz )
+		vroot? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-vroot-${VROOT_VER}.tar.gz )"
+HOMEPAGE="http://www.proftpd.org/
+		http://www.castaglia.org/proftpd/
+		http://www.uglyboxindustries.com/open-source.php"
+
+SLOT="0"
+LICENSE="GPL-2"
+
+DEPEND="acl? ( sys-apps/acl sys-apps/attr )
+		clamav? ( app-antivirus/clamav )
+		ldap? ( >=net-nds/openldap-1.2.11 )
+		mysql? ( virtual/mysql )
+		ncurses? ( sys-libs/ncurses )
+		opensslcrypt? ( >=dev-libs/openssl-0.9.6f )
+		pam? ( virtual/pam )
+		postgres? ( virtual/postgresql-base )
+		ssl? ( >=dev-libs/openssl-0.9.6f )
+		tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )
+		xinetd? ( virtual/inetd )"
+
+RDEPEND="${DEPEND}
+		net-ftp/ftpbase
+		selinux? ( sec-policy/selinux-ftpd )"
+
+S="${WORKDIR}/${P/_/}"
+
+pkg_setup() {
+	# Add the proftpd user to make the default config
+	# work out-of-the-box
+	enewgroup proftpd
+	enewuser proftpd -1 -1 -1 proftpd
+}
+
+src_unpack() {
+	unpack ${P/_/}.tar.bz2
+
+	cd "${S}"
+
+	epatch "${FILESDIR}/${P}-CVE-2008-4242.patch"
+
+	# Fix stripping of files
+	sed -e "s| @INSTALL_STRIP@||g" -i Make*
+
+	if use shaper ; then
+		unpack ${PN}-mod-shaper-${SHAPER_VER}.tar.gz
+		cp -f mod_shaper/mod_shaper.c contrib/
+	fi
+
+	if use clamav ; then
+		cp -f "${DISTDIR}/mod_clamav_new.c" contrib/mod_clamav.c
+		cp -f "${DISTDIR}/mod_clamav_new.html" doc/mod_clamav.html
+	fi
+
+	if use vroot ; then
+		unpack ${PN}-mod-vroot-${VROOT_VER}.tar.gz
+		cp -f mod_vroot/mod_vroot.c contrib/
+		cp -f mod_vroot/mod_vroot.html doc/
+	fi
+}
+
+src_compile() {
+	addpredict /etc/krb5.conf
+	local modules myconf
+
+	modules="mod_ratio:mod_readme"
+	use acl && modules="${modules}:mod_facl"
+	use clamav && modules="${modules}:mod_clamav"
+	use pam && modules="${modules}:mod_auth_pam"
+	use radius && modules="${modules}:mod_radius"
+	use rewrite && modules="${modules}:mod_rewrite"
+	use shaper && modules="${modules}:mod_shaper"
+	use sitemisc && modules="${modules}:mod_site_misc"
+	use ssl && modules="${modules}:mod_tls"
+	use tcpd && modules="${modules}:mod_wrap"
+	use vroot && modules="${modules}:mod_vroot"
+
+	# pam needs to be explicitely disabled
+	use pam || myconf="${myconf} --enable-auth-pam=no"
+
+	if use ldap ; then
+		modules="${modules}:mod_ldap"
+		append-ldflags "-lresolv"
+	fi
+
+	if use opensslcrypt ; then
+		append-ldflags "-lcrypto"
+		myconf="${myconf} --enable-openssl --with-includes=/usr/include/openssl"
+		CFLAGS="${CFLAGS} -DHAVE_OPENSSL"
+	fi
+
+	if use nls ; then
+		myconf="${myconf} --enable-nls"
+	fi
+
+	if use mysql && use postgres ; then
+		ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules."
+		ewarn "Presently this ebuild defaults to mysql. If you would like to"
+		ewarn "change the default behaviour, merge ProFTPD with:"
+		ewarn "USE='-mysql postgres' emerge proftpd"
+		epause 5
+	fi
+
+	if use mysql ; then
+		modules="${modules}:mod_sql:mod_sql_mysql"
+		myconf="${myconf} --with-includes=/usr/include/mysql"
+	elif use postgres ; then
+		modules="${modules}:mod_sql:mod_sql_postgres"
+		myconf="${myconf} --with-includes=/usr/include/postgresql"
+	fi
+
+	if use softquota ; then
+		modules="${modules}:mod_quotatab"
+		if use mysql || use postgres ; then
+			modules="${modules}:mod_quotatab_sql"
+		fi
+		if use ldap ; then
+			modules="${modules}:mod_quotatab_file:mod_quotatab_ldap"
+		else
+			modules="${modules}:mod_quotatab_file"
+		fi
+	fi
+
+	# mod_ifsession should be the last module in the --with-modules list
+	# see http://www.castaglia.org/proftpd/modules/mod_ifsession.html#Installation
+	use ifsession && modules="${modules}:mod_ifsession"
+
+	# bug #30359
+	use hardened && echo > lib/libcap/cap_sys.c
+	gcc-specs-pie && echo > lib/libcap/cap_sys.c
+
+	if use noauthunix ; then
+		myconf="${myconf} --disable-auth-unix"
+	else
+		myconf="${myconf} --enable-auth-unix"
+	fi
+
+	econf \
+		--sbindir=/usr/sbin \
+		--localstatedir=/var/run \
+		--sysconfdir=/etc/proftpd \
+		--enable-shadow \
+		--enable-autoshadow \
+		--enable-ctrls \
+		--with-modules=${modules} \
+		$(use_enable acl facl) \
+		$(use_enable authfile auth-file) \
+		$(use_enable ipv6) \
+		$(use_enable ncurses) \
+		${myconf} || die "econf failed"
+
+	emake || die "emake failed"
+}
+
+src_install() {
+	# Note rundir needs to be specified to avoid sandbox violation
+	# on initial install. See Make.rules
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	keepdir /var/run/proftpd
+
+	dodoc "${FILESDIR}/proftpd.conf" \
+		COPYING CREDITS ChangeLog NEWS README* \
+		doc/license.txt
+	dohtml doc/*.html
+
+	use shaper && dohtml mod_shaper/mod_shaper.html
+
+	docinto rfc
+	dodoc doc/rfc/*.txt
+
+	mv -f "${D}/etc/proftpd/proftpd.conf" "${D}/etc/proftpd/proftpd.conf.distrib"
+
+	insinto /etc/proftpd
+	newins "${FILESDIR}/proftpd.conf" proftpd.conf.sample
+
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/proftpd.xinetd" proftpd
+	fi
+
+	newinitd "${FILESDIR}/proftpd.rc6" proftpd
+}
+
+pkg_postinst() {
+	elog
+	elog "You can find the config files in /etc/proftpd"
+	elog
+	ewarn "With the introduction of net-ftp/ftpbase the ftp user is now ftp."
+	ewarn "Remember to change that in the configuration file."
+	ewarn
+	if use clamav ; then
+		ewarn "mod_clamav was updated to a new version, which uses Clamd"
+		ewarn "only for virus scanning, so you'll have to set Clamd up"
+		ewarn "and start it, also re-check the mod_clamav docs."
+		ewarn
+	fi
+}
author	Christian Hoffmann <hoffie@gentoo.org>	2008-11-06 12:54:07 +0000
committer	Christian Hoffmann <hoffie@gentoo.org>	2008-11-06 12:54:07 +0000
commit	31677cbf8082a2516e39429a44435c4389f69e8a (patch)
tree	9bbddfd37de64794f3c53ac5472f7abb6296d8b5 /net-ftp
parent	Version bump (diff)
download	historical-31677cbf8082a2516e39429a44435c4389f69e8a.tar.gz historical-31677cbf8082a2516e39429a44435c4389f69e8a.tar.bz2 historical-31677cbf8082a2516e39429a44435c4389f69e8a.zip