net-misc/hylafaxplus: Security cleanup

Bug: https://bugs.gentoo.org/730290
Package-Manager: Portage-3.0.0, Repoman-2.3.23
Signed-off-by: John Helmert III <jchelmert3@posteo.net>
Closes: https://github.com/gentoo/gentoo/pull/16781
Signed-off-by: Sam James <sam@gentoo.org>

4 files changed, 0 insertions, 439 deletions

diff --git a/net-misc/hylafaxplus/Manifest b/net-misc/hylafaxplus/Manifest
index 51882b7cd3dd..22ece946d03d 100644
--- a/net-misc/hylafaxplus/Manifest
+++ b/net-misc/hylafaxplus/Manifest
@@ -1,3 +1 @@
-DIST hylafax-5.5.5.tar.gz 1353495 BLAKE2B e1b41a5cf5502ad28467625495171c085f43f4352b73bfd633da851a1366502aca04a157790ad4a7f3d634a6adbb5dab4c1eeb294283352e9eedaf03c565cb42 SHA512 ee6225ae044c567093103f35c30d848db757636c1d8db78e8f7cb43eb01ea34ab229a81ca4175e2bf30d3c87b598d5b5797b7d92b0dc852bf4b69c697baca8cf
-DIST hylafax-5.6.1.tar.gz 1370677 BLAKE2B bd93d54f2c3e2c5c4c33617a0d95569c82bcbd32f669fb2ea513b86e112a5743ae6b4ddc8d43f3bd4af6006517e8787392c84bf60e715c104ddb0d819b22985a SHA512 c86c33dc9e8feec4e265156fa3bbda18cf187feeef5c812ff3d3c7857de048a688bb979fcd3494ee8fe58a004a384a2a161d05245c86d0c304311d63f62a9eb1
 DIST hylafax-7.0.2.tar.gz 1393586 BLAKE2B cbf99f91a0aa07783dd30e76ce8416b2933240d4bf829220909000519f9c9e14a324163707c14504848ba71e7c1ee7d98455f06bb040c2c50c1493d0138122aa SHA512 ea68404ad79e798b29450683eaa927e73033e0fa8160b803a3e2c9000df487c81193cc8fc0c1187477f5e1b2e26eec1c065ebc17e0be82e9a3e3758b1b5b5e4e
diff --git a/net-misc/hylafaxplus/files/hylafax-cryptglibc.patch b/net-misc/hylafaxplus/files/hylafax-cryptglibc.patch
deleted file mode 100644
index dbfc8bac5393..000000000000
--- a/net-misc/hylafaxplus/files/hylafax-cryptglibc.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-diff -urN hylafax-5.5.4/hfaxd/Login.c++ hylafax-5.5.4-libc217/hfaxd/Login.c++
---- hylafax-5.5.4/hfaxd/Login.c++	2013-08-07 01:23:35.000000000 +0200
-+++ hylafax-5.5.4-libc217/hfaxd/Login.c++	2013-11-13 12:56:02.000000000 +0100
-@@ -30,9 +30,6 @@
- #include <ctype.h>
- #include <fcntl.h>
- #include <pwd.h>
--#if HAS_CRYPT_H
--#include <crypt.h>
--#endif
- 
- void
- HylaFAXServer::loginRefused(const char* why)
-@@ -434,7 +431,7 @@
-     /*
-      * Check hosts.hfaxd first, then PAM, and last, LDAP
-      */
--    if (pass[0] == '\0' || !(strcmp(crypt(pass, passWd), passWd) == 0 || 
-+    if (pass[0] == '\0' || !(strcmp(Sys::crypt(pass, passWd), passWd) == 0 || 
- 			     pamCheck(the_user, pass) || 
- 			     ldapCheck(the_user,pass)))
-     {
-@@ -513,7 +510,7 @@
- {
-     fxAssert(IS(LOGGEDIN), "ADMIN command permitted when not logged in");
-     // NB: null adminWd is permitted
--    if ((strcmp(crypt(pass, adminWd), adminWd) != 0) && !pamIsAdmin()) {
-+    if ((strcmp(Sys::crypt(pass, adminWd), adminWd) != 0) && !pamIsAdmin()) {
- 	if (++adminAttempts >= maxAdminAttempts) {
- 	    reply(530, "Password incorrect (closing connection).");
- 	    logNotice("Repeated admin failures from %s [%s]"
-diff -urN hylafax-5.5.4/hfaxd/SNPPServer.c++ hylafax-5.5.4-libc217/hfaxd/SNPPServer.c++
---- hylafax-5.5.4/hfaxd/SNPPServer.c++	2013-08-07 01:23:35.000000000 +0200
-+++ hylafax-5.5.4-libc217/hfaxd/SNPPServer.c++	2013-11-13 12:55:42.000000000 +0100
-@@ -36,9 +36,6 @@
- #include "RE.h"
- 
- #include <ctype.h>
--#if HAS_CRYPT_H
--#include <crypt.h>
--#endif
- 
- extern "C" {
- #include <netdb.h>
-@@ -1003,7 +1000,7 @@
- 
-     if (checkUser(loginID)) {
- 	if (passWd != "") {
--	    if (pass[0] == '\0' || !(streq(crypt(pass, passWd), passWd) || pamCheck(the_user, pass))) {
-+	    if (pass[0] == '\0' || !(streq(Sys::crypt(pass, passWd), passWd) || pamCheck(the_user, pass))) {
- 		if (++loginAttempts >= maxLoginAttempts) {
- 		    reply(421, "Login incorrect (closing connection).");
- 		    logNotice("Repeated SNPP login failures for user %s from %s [%s]"
-diff -urN hylafax-5.5.4/hfaxd/User.c++ hylafax-5.5.4-libc217/hfaxd/User.c++
---- hylafax-5.5.4/hfaxd/User.c++	2013-08-07 01:23:35.000000000 +0200
-+++ hylafax-5.5.4-libc217/hfaxd/User.c++	2013-11-13 12:55:19.000000000 +0100
-@@ -30,9 +30,6 @@
- 
- #include <ctype.h>
- #include <pwd.h>
--#if HAS_CRYPT_H
--#include <crypt.h>
--#endif
- #include <math.h>
- 
- #ifndef CHAR_BIT
-@@ -374,7 +371,7 @@
- #else
-     to64(&salt[0], random(), 2);
- #endif
--    result = crypt(pass, salt);
-+    result = Sys::crypt(pass, salt);
-     return (true);
- }
- 
-diff -urN hylafax-5.5.4/util/Sys.h hylafax-5.5.4-libc217/util/Sys.h
---- hylafax-5.5.4/util/Sys.h	2013-08-07 01:23:35.000000000 +0200
-+++ hylafax-5.5.4-libc217/util/Sys.h	2013-11-13 12:56:26.000000000 +0100
-@@ -44,6 +44,10 @@
- #include <osfcn.h>
- #endif
- 
-+#if HAS_CRYPT_H
-+#include <crypt.h>
-+#endif
-+
- /*
-  * Wrapper functions for C library calls.
-  *
-@@ -140,5 +144,8 @@
- 	{ return ::fopen(filename, mode); }
- 
-     static int getOpenMax();
-+
-+    static const char* crypt(const char* key, const char* salt)
-+	{ const char* enc = ::crypt(key, salt); return enc ? enc : ""; }
- };
- #endif /* _Sys_ */
diff --git a/net-misc/hylafaxplus/hylafaxplus-5.5.5.ebuild b/net-misc/hylafaxplus/hylafaxplus-5.5.5.ebuild
deleted file mode 100644
index e1d8b5510a8f..000000000000
--- a/net-misc/hylafaxplus/hylafaxplus-5.5.5.ebuild
+++ /dev/null
@@ -1,177 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-inherit eutils multilib pam toolchain-funcs
-
-MY_PN="${PN/plus/}"
-MY_P="${MY_PN}-${PV}"
-
-DESCRIPTION="Enterprise client-server fax package for class 1 and 2 fax modems"
-HOMEPAGE="http://hylafax.sourceforge.net"
-SRC_URI="mirror://sourceforge/hylafax/${MY_P}.tar.gz"
-
-SLOT="0"
-LICENSE="hylafaxplus"
-KEYWORDS="amd64 x86"
-
-IUSE="jbig html ldap mgetty pam"
-
-DEPEND="
-	>=sys-libs/zlib-1.1.4
-	app-text/ghostscript-gpl
-	virtual/mta
-	media-libs/tiff:0[jbig?]
-	virtual/jpeg:0
-	jbig? ( media-libs/jbigkit )
-	virtual/awk
-	ldap? (  net-nds/openldap )
-	pam? ( sys-libs/pam )
-	mgetty? ( net-dialup/mgetty[-fax] )
-	!net-dialup/mgetty[fax]
-"
-RDEPEND="${DEPEND}
-	net-mail/metamail
-	!net-dialup/sendpage
-"
-
-S="${WORKDIR}/${MY_P}"
-
-export CONFIG_PROTECT="${CONFIG_PROTECT} /var/spool/fax/etc /usr/lib/fax"
-
-src_prepare() {
-	epatch "${FILESDIR}/ldconfig-patch"
-	epatch "${FILESDIR}/hylafax-cryptglibc.patch"
-
-	# force it not to strip binaries
-	for dir in etc util faxalter faxcover faxd faxmail faxrm faxstat \
-		hfaxd sendfax sendpage ; do
-			sed -i -e "s:-idb:-idb \"nostrip\" -idb:g" \
-				"${dir}"/Makefile.in || die "sed failed"
-	done
-
-	sed -i -e "s:hostname:hostname -f:g" util/{faxrcvd,pollrcvd}.sh.in || die "sed on hostname failed"
-
-	# Respect LDFLAGS(at least partially)
-	sed -i -e "/^LDFLAGS/s/LDOPTS}/LDOPTS} ${LDFLAGS}/" defs.in || die "sed on defs.in failed"
-
-	sed -i -e "s|-fpic|-fPIC|g" \
-		configure || die
-
-	epatch_user
-}
-
-src_configure() {
-	do_configure() {
-		echo ./configure --nointeractive ${1}
-		# eval required for quoting in ${my_conf} to work properly, better way?
-		eval ./configure --nointeractive ${1} || die "./configure failed"
-	}
-	local my_conf="
-		--with-DIR_BIN=/usr/bin
-		--with-DIR_SBIN=/usr/sbin
-		--with-DIR_LIB=/usr/$(get_libdir)
-		--with-DIR_LIBEXEC=/usr/sbin
-		--with-DIR_LIBDATA=/usr/$(get_libdir)/fax
-		--with-DIR_LOCALE=/usr/share/locale
-		--with-DIR_LOCKS=/var/lock
-		--with-DIR_MAN=/usr/share/man
-		--with-DIR_SPOOL=/var/spool/fax
-		--with-DIR_HTML=/usr/share/doc/${P}/html
-		--with-DIR_CGI="${WORKDIR}"
-		--with-PATH_DPSRIP=/var/spool/fax/bin/ps2fax
-		--with-PATH_IMPRIP=\"\"
-		--with-SYSVINIT=no
-		--with-REGEX=yes
-		--with-LIBTIFF=\"-ltiff -ljpeg -lz\"
-		--with-OPTIMIZER=\"${CFLAGS}\"
-		--with-DSO=auto
-		--with-HTML=$(usex html)"
-
-	if use mgetty; then
-		my_conf="${my_conf} \
-			--with-PATH_GETTY=/sbin/mgetty \
-			--with-PATH_EGETTY=/sbin/mgetty \
-			--with-PATH_VGETTY=/usr/sbin/vgetty"
-	else
-		# GETTY defaults to /sbin/agetty
-		my_conf="${my_conf} \
-			--with-PATH_EGETTY=/bin/false \
-			--with-PATH_VGETTY=/bin/false"
-	fi
-
-	#--enable-pam isn't valid
-	use pam || my_conf="${my_conf} $(use_enable pam)"
-	use ldap || my_conf="${my_conf} $(use_enable ldap)"
-	use jbig || my_conf="${my_conf} $(use_enable jbig)"
-
-	tc-export CC CXX AR RANLIB
-
-	do_configure "${my_conf}"
-}
-
-src_compile() {
-	# Parallel building is borked
-	emake -j1
-}
-
-src_install() {
-	dodir /usr/{bin,sbin} /usr/$(get_libdir)/fax /usr/share/man
-	dodir /var/spool /var/spool/recvq /var/spool/fax
-	fowners uucp:uucp /var/spool/fax
-	fperms 0600 /var/spool/fax
-	dodir "/usr/share/doc/${P}/samples"
-
-	emake DESTDIR="${D}" \
-		BIN="${D}/usr/bin" \
-		SBIN="${D}/usr/sbin" \
-		LIBDIR="${D}/usr/$(get_libdir)" \
-		LIB="${D}/usr/$(get_libdir)" \
-		LIBEXEC="${D}/usr/sbin" \
-		LIBDATA="${D}/usr/$(get_libdir)/fax" \
-		DIR_LOCALE="${D}/usr/share/locale" \
-		MAN="${D}/usr/share/man" \
-		SPOOL="${D}/var/spool/fax" \
-		HTMLDIR="${D}/usr/share/doc/${PF}/html" \
-		install
-
-	keepdir /var/spool/fax/{archive,client,etc,pollq,recvq,tmp}
-	keepdir /var/spool/fax/{status,sendq,log,info,doneq,docq,dev}
-
-	generate_files # in this case, it only generates the env.d entry
-
-	einfo "Adding env.d entry for ${PN}"
-	doenvd "${T}/99${PN}"
-
-	newconfd "${FILESDIR}/${PN}-conf" ${PN}
-	newinitd "${FILESDIR}/${PN}-init" ${PN}
-
-	use pam && pamd_mimic_system ${MY_PN} auth account session
-
-	dodoc CONTRIBUTORS README TODO
-	docinto samples
-}
-
-pkg_postinst() {
-	elog
-	elog "The faxonly USE flag has been removed; since ${PN} does not"
-	elog "require mgetty, and certain fax files conflict, you must build"
-	elog "mgetty without fax support if you wish to use them both.  You"
-	elog "may want to add both to package.use so any future updates are"
-	elog "correctly built:"
-	elog
-	elog "	net-dialup/mgetty -fax"
-	elog "	net-misc/hylafax [-mgetty|mgetty]"
-	elog
-	elog "See the docs and man pages for detailed configuration info."
-	elog
-	elog "Now run faxsetup and (if necessary) faxaddmodem."
-	elog
-}
-
-generate_files() {
-	cat <<-EOF > "${T}/99${PN}"
-	PATH="/var/spool/fax/bin"
-	CONFIG_PROTECT="/var/spool/fax/etc /usr/$(get_libdir)/fax"
-	EOF
-}
diff --git a/net-misc/hylafaxplus/hylafaxplus-5.6.1.ebuild b/net-misc/hylafaxplus/hylafaxplus-5.6.1.ebuild
deleted file mode 100644
index 6a3be949d081..000000000000
--- a/net-misc/hylafaxplus/hylafaxplus-5.6.1.ebuild
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit pam toolchain-funcs
-
-MY_PN="${PN/plus/}"
-MY_P="${MY_PN}-${PV}"
-
-DESCRIPTION="Enterprise client-server fax package for class 1 and 2 fax modems"
-HOMEPAGE="http://hylafax.sourceforge.net"
-SRC_URI="mirror://sourceforge/hylafax/${MY_P}.tar.gz"
-
-SLOT="0"
-LICENSE="hylafaxplus"
-KEYWORDS="~amd64 ~x86"
-IUSE="jbig html lcms ldap mgetty pam"
-
-DEPEND="
-	>=sys-libs/zlib-1.1.4
-	app-text/ghostscript-gpl
-	virtual/mta
-	media-libs/tiff:0[jbig?]
-	virtual/jpeg:0
-	jbig? ( media-libs/jbigkit )
-	virtual/awk
-	lcms? ( media-libs/lcms )
-	ldap? (  net-nds/openldap )
-	pam? ( sys-libs/pam )
-	mgetty? ( net-dialup/mgetty[-fax] )
-	!net-dialup/mgetty[fax]
-"
-RDEPEND="${DEPEND}
-	net-mail/metamail
-	!net-dialup/sendpage
-"
-
-S="${WORKDIR}/${MY_P}"
-
-export CONFIG_PROTECT="${CONFIG_PROTECT} /var/spool/fax/etc /usr/lib/fax"
-export CONFIG_PROTECT_MASK="${CONFIG_PROTECT_MASK} /var/spool/fax/etc/xferfaxlog"
-
-PATCHES=( "${FILESDIR}/ldconfig-patch" )
-
-src_prepare() {
-	default
-
-	# force it not to strip binaries
-	for dir in etc util faxalter faxcover faxd faxmail faxrm faxstat \
-		hfaxd sendfax sendpage ; do
-			sed -i -e "s:-idb:-idb \"nostrip\" -idb:g" \
-				"${dir}"/Makefile.in || die "sed failed"
-	done
-
-	sed -i -e "s:hostname:hostname -f:g" util/{faxrcvd,pollrcvd}.sh.in || die "sed on hostname failed"
-
-	# Respect LDFLAGS(at least partially)
-	sed -i -e "/^LDFLAGS/s/LDOPTS}/LDOPTS} ${LDFLAGS}/" defs.in || die "sed on defs.in failed"
-
-	sed -i -e "s|-fpic|-fPIC|g" \
-		configure || die
-}
-
-src_configure() {
-	do_configure() {
-		echo ./configure --nointeractive ${1}
-		# eval required for quoting in ${my_conf} to work properly, better way?
-		eval ./configure --nointeractive ${1} || die "./configure failed"
-	}
-	local my_conf="
-		--with-DIR_BIN=/usr/bin
-		--with-DIR_SBIN=/usr/sbin
-		--with-DIR_LIB=/usr/$(get_libdir)
-		--with-DIR_LIBEXEC=/usr/sbin
-		--with-DIR_LIBDATA=/usr/$(get_libdir)/fax
-		--with-DIR_LOCALE=/usr/share/locale
-		--with-DIR_LOCKS=/var/lock
-		--with-DIR_MAN=/usr/share/man
-		--with-DIR_SPOOL=/var/spool/fax
-		--with-DIR_HTML=/usr/share/doc/${P}/html
-		--with-DIR_CGI="${WORKDIR}"
-		--with-PATH_DPSRIP=/var/spool/fax/bin/ps2fax
-		--with-PATH_IMPRIP=\"\"
-		--with-SYSVINIT=no
-		--with-REGEX=yes
-		--with-LIBTIFF=\"-ltiff -ljpeg -lz\"
-		--with-OPTIMIZER=\"${CFLAGS}\"
-		--with-DSO=auto
-		--with-HTML=$(usex html)"
-
-	if use mgetty; then
-		my_conf="${my_conf} \
-			--with-PATH_GETTY=/sbin/mgetty \
-			--with-PATH_EGETTY=/sbin/mgetty \
-			--with-PATH_VGETTY=/usr/sbin/vgetty"
-	else
-		# GETTY defaults to /sbin/agetty
-		my_conf="${my_conf} \
-			--with-PATH_EGETTY=/bin/false \
-			--with-PATH_VGETTY=/bin/false"
-	fi
-
-	#--enable-pam isn't valid
-	use pam || my_conf="${my_conf} $(use_enable pam)"
-	use lcms || my_conf="${my_conf} $(use_enable lcms)"
-	use ldap || my_conf="${my_conf} $(use_enable ldap)"
-	use jbig || my_conf="${my_conf} $(use_enable jbig)"
-
-	tc-export CC CXX AR RANLIB
-
-	do_configure "${my_conf}"
-}
-
-src_compile() {
-	# Parallel building is borked, bug #????
-	emake -j1
-}
-
-src_install() {
-	dodir /usr/{bin,sbin} /usr/$(get_libdir)/fax /usr/share/man
-	dodir /var/spool /var/spool/fax
-	fowners uucp:uucp /var/spool/fax
-	fperms 0600 /var/spool/fax
-	dodir "/usr/share/doc/${P}/samples"
-
-	emake DESTDIR="${D}" \
-		BIN="${D}/usr/bin" \
-		SBIN="${D}/usr/sbin" \
-		LIBDIR="${D}/usr/$(get_libdir)" \
-		LIB="${D}/usr/$(get_libdir)" \
-		LIBEXEC="${D}/usr/sbin" \
-		LIBDATA="${D}/usr/$(get_libdir)/fax" \
-		DIR_LOCALE="${D}/usr/share/locale" \
-		MAN="${D}/usr/share/man" \
-		SPOOL="${D}/var/spool/fax" \
-		HTMLDIR="${D}/usr/share/doc/${PF}/html" \
-		install
-
-	keepdir /var/spool/fax/{archive,client,etc,pollq,recvq,tmp}
-	keepdir /var/spool/fax/{status,sendq,log,info,doneq,docq,dev}
-
-	generate_files # in this case, it only generates the env.d entry
-
-	einfo "Adding env.d entry for ${PN}"
-	doenvd "${T}/99${PN}"
-
-	newconfd "${FILESDIR}/${PN}-conf" ${PN}
-	newinitd "${FILESDIR}/${PN}-init" ${PN}
-
-	use pam && pamd_mimic_system ${MY_PN} auth account session
-
-	einstalldocs
-	docinto samples
-}
-
-generate_files() {
-	cat <<-EOF > "${T}/99${PN}"
-	PATH="/var/spool/fax/bin"
-	CONFIG_PROTECT="/var/spool/fax/etc /usr/$(get_libdir)/fax"
-	CONFIG_PROTECT_MASK="/var/spool/fax/etc/xferfaxlog"
-	EOF
-}