Hanno Böck commited on 2014-03-03 11:35:36
Zeige 8 geänderte Dateien mit 536 Einfügungen und 0 Löschungen.
... | ... |
@@ -0,0 +1,14 @@ |
1 |
+AUX proftpd-tmpfiles.d.conf 34 SHA256 75288bb0c76392ae10e7ef3ff27e7b665742cdac8ce4c70dff9f29d645d0f0f3 SHA512 aa6ffbf15e4275941837306259fb426608e82e45a2da4b99c5d7778d11b8c9341e3a12ae9b751d0e173635239b6f1b20f0431be17296c005a83525a48327fa52 WHIRLPOOL d3ef47f4e2abc178c2d153599e7b13148345a470c76410b499e41912f9e90a48c1217e7fdee3d6777b1598dd09840f8bffbd208fa9addbeaaaf9c64058d8df93 |
|
2 |
+AUX proftpd.conf.sample 1275 SHA256 a214b3937f319c70976d29cfcd47c2cd937d1d70b7274c2b241b1e97606e89c0 SHA512 1c26f3e98ed07d89192c640f7823af168c045abee6ab076791aee9d50be5446be870a189979df4b828e7ae907dd40a346f1b92998fa39195195bfada4061c5df WHIRLPOOL a9f71cf50926ccdf5fe1116250c29a4048e7eb7fc7eb73732023b7c6e78c56b02356c001c203d9dc8c46f817471116977f76e961a6b2a60c03ae1d4722d9e3e1 |
|
3 |
+AUX proftpd.initd 1544 SHA256 aed3dd4cbbf1db8a1bd0cbadee66a808b430bbbcc436610407a9911df208f668 SHA512 f11ce49440341633ea4287e8887f8127d954207c5c25b0ae08b6ca1b8f42e90e693f657e45abc465c2c86c1b43a04776c9fb68b04c97a5a43fa17a05ff5ef5c6 WHIRLPOOL 0a8fe89a575491954fa177d6db85792eb5b6639abc9fd2c88358c0a7b64dc300602f5b75e4d90ba984e5d21831d2a5c2d39e98230f138cba463f3680eba49948 |
|
4 |
+AUX proftpd.service 196 SHA256 165235565ca2029c6c33d9e4b73f6da2b0ee08a662fd368dc9260761997b7277 SHA512 12ee7893d37a9d06140b5b6492be74308fe1165a741d4c1b6b690ab4b973f074cad8517fd36af54f2aa452494759d1534c11e70f7212cd55a37cfa439b953062 WHIRLPOOL 3d8f01d1c22a99d2410d492364833a718a008143c76856145372fa15a0cfc5727b1e744ed45e2fcc8303d90b7e10641662342c1b7d0a50c3bdbc3bd5958d8969 |
|
5 |
+AUX proftpd.xinetd 295 SHA256 150a5701f5c2788ecdf2c6ec228ce674963c9dc7bc1c511ad1eba8dfe05e2d5d SHA512 a13d29ca2289f8bd58b4eb317683d57dfb7d608c53f163844349bbf0b896790f5e9f47a27eafda3b8fc78e60f4a0d6859da7c7ced7df852166cf0b8bcad876d4 WHIRLPOOL 8fa187fe6aff903952257013d06f8953159787f03e6a1b1cd105f55bc6ed8fb70f03e02d4600c593152f9fc418b96fd7ac92555cdd6b9a8c59392e7852b8c186 |
|
6 |
+AUX tls-protocol-versions-bug4024.patch 5088 SHA256 b05f8f2e8bacae13b830c0af4aadfbb607c17ec0e4f118718c7fb2663847e807 SHA512 b7cfb3a2796c1ad191796b37c9a0511d6af0a0dd03b02099615a948716cdbfca94f36d01784546bc3136ac2191361c602f86efb2ad19364453f27eb65ec31803 WHIRLPOOL 4a790090a4da7d6c1ade4164cf4d0644b25e1474f8a098175cc0757c69b8da548be218b37f6b2075f1bbd7df693ed79d1c49fd0e51a77676a53fa5e4bc159ae1 |
|
7 |
+DIST mod_clamav-0.11rc.tar.gz 5115 SHA256 87630eb1866066d6320ee711897d8998b8f4915c0498b2e78cc0464abd34855a SHA512 6d33ee7b1c9c8e3fb0a0014dde90cfb1d37daa0f4914f147bb800a8318bcf0e03c7c6748d84cda36c5e5c7cd11ee8114bad9978362f581f367db54d3563f4636 WHIRLPOOL b15024d1011a83a10ce52fb676f1f2162d67750dc137600b624cd04ebd498bb3c9242e4889fd7b73c18224eb483286cb543fc627b27e6a8ff4c9bf35468218b9 |
|
8 |
+DIST mod_gss-1.3.3.tar.gz 115098 SHA256 24702cf0333720730cc269eb30529061365b1384fdce274bc3d46ccfc300934e SHA512 61473f3102e2204a27d691907482a3e86108bb423be54ba47a79ef0d2a0313bcdc022529f8e620bd868453bee1b1169fce74cc454d835fdfd4be964e342bdedb WHIRLPOOL 90a15ca919326fa2b2e21fb2928e5ac39b912681bce015f3bff0b0b0c47241f41cc3c78789797ba2d8a61dafc24a9f1d18bf085808350301c228b6ed62721e80 |
|
9 |
+DIST mod_vroot-0.9.3.tar.gz 28352 SHA256 f16c61ed7fe2d7231e1421f8f1a484f29972e0efe0e8e065ab373c388b0c073c SHA512 08a3e5df26bb4d5875b57af9e97e7e7cf27b2ad6983bfae0fac8a21f4a5be0a487cf0d9d03e9e1c08701eb3f22f2cb51a14c05fe1cba5f4085eb8a31d5142776 WHIRLPOOL be30931f117fc4f0b7de87579b483e41d86ad3ecd2999267a726664b32090cd32e6a7e748d66ddec525ee784ee2974212fd2455af313c13b67ab61625efa29d0 |
|
10 |
+DIST proftpd-1.3.5rc4.tar.gz 7580690 SHA256 bf87251d81acf872bd26c56efb519183eadbb0a4a9446ab689188416edd6e1e4 SHA512 2bee9acca165b4f41c5f151ef9265f7618581149d11c54467caf17be1b9a2745c8cfe60acf0a91dc0547501cf06c1f2f28a7a7a6bc38a107f368b572e2f84e83 WHIRLPOOL ec3ceec673fbf88cc8e044c515616b621d80bdc20831bd023c1abd05e19b848c0975e461840fdbc0450e2d8591d9372667d1d6bff9519720fd4bf04f64bdec5f |
|
11 |
+DIST proftpd-mod-case-0.7.tar.gz 13184 SHA256 c3f65588250fea7771439933fa754927794f664e99b8d20f99b1e400fea62111 SHA512 c08d13ef82fec36ae75aa3213dd02e0ce4045904849f422e152f039a9da66a45e4423751074b8bcf8ce347a40ce0e7bde798a85cbadc962fd872aeaa898261fc WHIRLPOOL 27f49e9f34099c081add803aa679fd9abe7afa652dffe5d8e42889fef49aeaefd499e1009fc564d6c8f882b3c6dc31d4c6dd08cc06a42b770e7ef76a2ebfcf8a |
|
12 |
+DIST proftpd-mod-diskuse-0.9.tar.gz 18596 SHA256 424f3fd49237245ec176d27ade0965fe21a0db1d645979d5ae3e55497e3da036 SHA512 d41976bf2810e4b783e775e8c767ca2030c3b5df116219fd31cbbac7feaf9922c315bf4ea092881b0d6cf43f2f4c5dbcae61be3c3a833058d12f962a3024b975 WHIRLPOOL aabd1dc23d6c38d308e859ff778beffd0dabfe70d3530c093cf2f95e80b5e9c94b97b6b5ae5109d031f76ff94dffc3822a7aa60fa30df04523d37ebed99730d6 |
|
13 |
+DIST proftpd-mod-msg-0.4.1.tar.gz 8082 SHA256 255b79d31dc509ffad5d0fbcd469f833a8481e880aa962910c2bc8aa608ca6da SHA512 38ea63b1d355e1e10a6a4477596bf3fa28529a871c9fb8dbf093b5317f0743ef9cb59b986d0b8c1c7ed932dad5d5d571883d596fad2d3b793431824db4487012 WHIRLPOOL ff907e26a354f53231fed94515eb60050dec77118be6f49147e0eb8b79e50c9d73354618bca19d98d32a3fb79d7ba87507cc6c8b269f259c5fcf23d44ad3a906 |
|
14 |
+EBUILD proftpd-1.3.5_rc4.ebuild 7804 SHA256 49e6bf151346bad9dfcb9668f90d5f7f8091295d47589fb29608aecfedf4a070 SHA512 108c819f49ac3d3a7a179fb26654911dc37775a3668cb6531cf2bd8a94e935e1335ac02c6c16a3bce9cd458dc6c8b3e9a5ceb42b97f4cb15cc1d7357aeb10885 WHIRLPOOL 92ef10853e70e82bbe2da248a2f4c29ea4ccbcecd2da1ae50b798d047030a61bb32cde32501246947b34dba91b8cefe3c916d4ad4b411b5fb9e57baddd9bc82a |
... | ... |
@@ -0,0 +1 @@ |
1 |
+d /var/run/proftpd 0755 root root |
... | ... |
@@ -0,0 +1,53 @@ |
1 |
+# This is a sample ProFTPD configuration file for Gentoo Linux (rename |
|
2 |
+# it to 'proftpd.conf' for actual use). It establishes a single server |
|
3 |
+# and a single anonymous login. |
|
4 |
+ |
|
5 |
+ServerName "ProFTPD Default Server" |
|
6 |
+ServerType standalone |
|
7 |
+DefaultServer on |
|
8 |
+RequireValidShell off |
|
9 |
+AuthPAM off |
|
10 |
+AuthPAMConfig ftp |
|
11 |
+ |
|
12 |
+# Listen on the standard FTP port 21. |
|
13 |
+Port 21 |
|
14 |
+ |
|
15 |
+# New directories and files should not be group or world writable. |
|
16 |
+Umask 022 |
|
17 |
+ |
|
18 |
+# To prevent DoS attacks set the maximum number of child processes |
|
19 |
+# to 30. If you need to allow more than 30 concurrent connections |
|
20 |
+# at once simply increase this value. |
|
21 |
+MaxInstances 30 |
|
22 |
+ |
|
23 |
+# The server will run under ftp/ftp. |
|
24 |
+User ftp |
|
25 |
+Group ftp |
|
26 |
+ |
|
27 |
+# Every FTP sessions is "jailed" into the user's home directory. |
|
28 |
+DefaultRoot ~ |
|
29 |
+ |
|
30 |
+# Generally files are overwritable. |
|
31 |
+AllowOverwrite on |
|
32 |
+ |
|
33 |
+# Disallow the use of the SITE CHMOD command. |
|
34 |
+<Limit SITE_CHMOD> |
|
35 |
+ DenyAll |
|
36 |
+</Limit> |
|
37 |
+ |
|
38 |
+# A basic anonymous FTP account without an upload directory. |
|
39 |
+<Anonymous ~ftp> |
|
40 |
+ User ftp |
|
41 |
+ Group ftp |
|
42 |
+ |
|
43 |
+ # Clients can login with the username "anonymous" and "ftp". |
|
44 |
+ UserAlias anonymous ftp |
|
45 |
+ |
|
46 |
+ # Limit the maximum number of parallel anonymous logins to 10. |
|
47 |
+ MaxClients 10 |
|
48 |
+ |
|
49 |
+ # Prohibit the WRITE command for the anonymous users. |
|
50 |
+ <Limit WRITE> |
|
51 |
+ DenyAll |
|
52 |
+ </Limit> |
|
53 |
+</Anonymous> |
... | ... |
@@ -0,0 +1,52 @@ |
1 |
+#!/sbin/runscript |
|
2 |
+# Copyright 1999-2013 Gentoo Foundation |
|
3 |
+# Distributed under the terms of the GNU General Public License v2 |
|
4 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/files/proftpd.initd,v 1.5 2013/01/14 02:58:52 floppym Exp $ |
|
5 |
+ |
|
6 |
+extra_started_commands="reload" |
|
7 |
+ |
|
8 |
+depend() { |
|
9 |
+ need net |
|
10 |
+ use logger dns mysql postgresql antivirus |
|
11 |
+} |
|
12 |
+ |
|
13 |
+check_configuration() { |
|
14 |
+ if [ ! -e /etc/proftpd/proftpd.conf ] ; then |
|
15 |
+ eerror "To execute the ProFTPD server you need a /etc/proftpd/proftpd.conf configuration" |
|
16 |
+ eerror "file. In /etc/proftpd you can find a sample configuration." |
|
17 |
+ return 1 |
|
18 |
+ fi |
|
19 |
+ /usr/sbin/proftpd -t &>/dev/null |
|
20 |
+ if [ $? -ne 0 ] ; then |
|
21 |
+ eerror "The ProFTPD configuration file /etc/proftpd/proftpd.conf is invalid! You have to" |
|
22 |
+ eerror "fix your configuration in order to run the ProFTPD server. For more information" |
|
23 |
+ eerror "you may execute the ProFTPD configuration check '/usr/sbin/proftpd -t'." |
|
24 |
+ return 2 |
|
25 |
+ fi |
|
26 |
+} |
|
27 |
+ |
|
28 |
+start() { |
|
29 |
+ checkpath -d /var/run/proftpd |
|
30 |
+ [ "${RC_CMD}" = "restart" ] || check_configuration || return 1 |
|
31 |
+ ebegin "Starting ProFTPD" |
|
32 |
+ start-stop-daemon --start --quiet \ |
|
33 |
+ --exec /usr/sbin/proftpd \ |
|
34 |
+ --pidfile /var/run/proftpd/proftpd.pid |
|
35 |
+ eend $? |
|
36 |
+} |
|
37 |
+ |
|
38 |
+stop() { |
|
39 |
+ [ "${RC_CMD}" != "restart" ] || check_configuration || return 1 |
|
40 |
+ ebegin "Stopping ProFTPD" |
|
41 |
+ start-stop-daemon --stop --quiet --retry 20 \ |
|
42 |
+ --pidfile /var/run/proftpd/proftpd.pid |
|
43 |
+ eend $? |
|
44 |
+} |
|
45 |
+ |
|
46 |
+reload() { |
|
47 |
+ check_configuration || return 1 |
|
48 |
+ ebegin "Reloading ProFTPD" |
|
49 |
+ start-stop-daemon --quiet --signal HUP \ |
|
50 |
+ --pidfile /var/run/proftpd/proftpd.pid |
|
51 |
+ eend $? |
|
52 |
+} |
... | ... |
@@ -0,0 +1,15 @@ |
1 |
+# |
|
2 |
+# ProFTPd FTP daemon - http://www.proftpd.org |
|
3 |
+# |
|
4 |
+service ftp |
|
5 |
+{ |
|
6 |
+ flags = REUSE |
|
7 |
+ socket_type = stream |
|
8 |
+ instances = 30 |
|
9 |
+ wait = no |
|
10 |
+ user = root |
|
11 |
+ server = /usr/sbin/proftpd |
|
12 |
+ log_on_success = HOST PID |
|
13 |
+ log_on_failure = HOST |
|
14 |
+ disable = yes |
|
15 |
+} |
... | ... |
@@ -0,0 +1,148 @@ |
1 |
+Index: contrib/mod_tls.c |
|
2 |
+=================================================================== |
|
3 |
+RCS file: /cvsroot/proftp/proftpd/contrib/mod_tls.c,v |
|
4 |
+retrieving revision 1.333 |
|
5 |
+diff -u -r1.333 mod_tls.c |
|
6 |
+--- contrib/mod_tls.c 28 Feb 2014 15:18:50 -0000 1.333 |
|
7 |
++++ contrib/mod_tls.c 2 Mar 2014 19:38:19 -0000 |
|
8 |
+@@ -390,7 +390,7 @@ |
|
9 |
+ #define TLS_PROTO_TLS_V1 0x0002 |
|
10 |
+ #define TLS_PROTO_TLS_V1_1 0x0004 |
|
11 |
+ #define TLS_PROTO_TLS_V1_2 0x0008 |
|
12 |
+-#define TLS_PROTO_DEFAULT TLS_PROTO_SSL_V3|TLS_PROTO_TLS_V1 |
|
13 |
++#define TLS_PROTO_DEFAULT (TLS_PROTO_SSL_V3|TLS_PROTO_TLS_V1) |
|
14 |
+ |
|
15 |
+ #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS |
|
16 |
+ static int tls_ssl_opts = (SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_SINGLE_DH_USE)^SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; |
|
17 |
+@@ -2751,6 +2751,32 @@ |
|
18 |
+ return 0; |
|
19 |
+ } |
|
20 |
+ |
|
21 |
++static const char *tls_get_proto_str(pool *p, unsigned int protos) { |
|
22 |
++ char *proto_str = ""; |
|
23 |
++ |
|
24 |
++ if (protos & TLS_PROTO_SSL_V3) { |
|
25 |
++ proto_str = pstrcat(p, proto_str, *proto_str ? ", " : "", |
|
26 |
++ "SSLv3", NULL); |
|
27 |
++ } |
|
28 |
++ |
|
29 |
++ if (protos & TLS_PROTO_TLS_V1) { |
|
30 |
++ proto_str = pstrcat(p, proto_str, *proto_str ? ", " : "", |
|
31 |
++ "TLSv1", NULL); |
|
32 |
++ } |
|
33 |
++ |
|
34 |
++ if (protos & TLS_PROTO_TLS_V1_1) { |
|
35 |
++ proto_str = pstrcat(p, proto_str, *proto_str ? ", " : "", |
|
36 |
++ "TLSv1.1", NULL); |
|
37 |
++ } |
|
38 |
++ |
|
39 |
++ if (protos & TLS_PROTO_TLS_V1_2) { |
|
40 |
++ proto_str = pstrcat(p, proto_str, *proto_str ? ", " : "", |
|
41 |
++ "TLSv1.2", NULL); |
|
42 |
++ } |
|
43 |
++ |
|
44 |
++ return proto_str; |
|
45 |
++} |
|
46 |
++ |
|
47 |
+ static int tls_init_server(void) { |
|
48 |
+ config_rec *c = NULL; |
|
49 |
+ char *tls_ca_cert = NULL, *tls_ca_path = NULL, *tls_ca_chain = NULL; |
|
50 |
+@@ -2763,8 +2789,7 @@ |
|
51 |
+ tls_protocol = *((unsigned int *) c->argv[0]); |
|
52 |
+ } |
|
53 |
+ |
|
54 |
+- if ((tls_protocol & TLS_PROTO_SSL_V3) && |
|
55 |
+- (tls_protocol & TLS_PROTO_TLS_V1)) { |
|
56 |
++ if (tls_protocol == TLS_PROTO_DEFAULT) { |
|
57 |
+ /* This is the default, so there is no need to do anything. */ |
|
58 |
+ #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
|
59 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting SSLv3, TLSv1, TLSv1.1, TLSv1.2 protocols"); |
|
60 |
+@@ -2772,26 +2797,75 @@ |
|
61 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting SSLv3, TLSv1 protocols"); |
|
62 |
+ #endif /* OpenSSL-1.0.1 or later */ |
|
63 |
+ |
|
64 |
+- } else if (tls_protocol & TLS_PROTO_SSL_V3) { |
|
65 |
++ } else if (tls_protocol == TLS_PROTO_SSL_V3) { |
|
66 |
+ SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_server_method()); |
|
67 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting SSLv3 protocol only"); |
|
68 |
+ |
|
69 |
+- } else if (tls_protocol & TLS_PROTO_TLS_V1) { |
|
70 |
++ } else if (tls_protocol == TLS_PROTO_TLS_V1) { |
|
71 |
+ SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_server_method()); |
|
72 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting TLSv1 protocol only"); |
|
73 |
+ |
|
74 |
+ #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
|
75 |
+- } else if (tls_protocol & TLS_PROTO_TLS_V1_1) { |
|
76 |
++ } else if (tls_protocol == TLS_PROTO_TLS_V1_1) { |
|
77 |
+ SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_1_server_method()); |
|
78 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting TLSv1.1 protocol only"); |
|
79 |
+ |
|
80 |
+- } else if (tls_protocol & TLS_PROTO_TLS_V1_2) { |
|
81 |
++ } else if (tls_protocol == TLS_PROTO_TLS_V1_2) { |
|
82 |
+ SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_2_server_method()); |
|
83 |
+ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting TLSv1.2 protocol only"); |
|
84 |
+ |
|
85 |
+ #endif /* OpenSSL-1.0.1 or later */ |
|
86 |
++ |
|
87 |
++ } else { |
|
88 |
++ int disable_proto = (SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1); |
|
89 |
++ |
|
90 |
++#ifdef SSL_OP_NO_TLSv1_1 |
|
91 |
++ disable_proto |= SSL_OP_NO_TLSv1_1; |
|
92 |
++#endif |
|
93 |
++#ifdef SSL_OP_NO_TLSv1_2 |
|
94 |
++ disable_proto |= SSL_OP_NO_TLSv1_2; |
|
95 |
++#endif |
|
96 |
++ |
|
97 |
++ /* For any other value of tls_protocol, it will be a combination of |
|
98 |
++ * protocol versions. Thus we MUST use SSLv23_server_method(), and then |
|
99 |
++ * try to use SSL_CTX_set_options() to restrict/disable the protocol |
|
100 |
++ * versions which are NOT requested. |
|
101 |
++ */ |
|
102 |
++ |
|
103 |
++ if (tls_protocol & TLS_PROTO_SSL_V3) { |
|
104 |
++ /* Clear the "no SSLv3" option. */ |
|
105 |
++ disable_proto &= ~SSL_OP_NO_SSLv3; |
|
106 |
++ } |
|
107 |
++ |
|
108 |
++ if (tls_protocol & TLS_PROTO_TLS_V1) { |
|
109 |
++ /* Clear the "no TLSv1" option. */ |
|
110 |
++ disable_proto &= ~SSL_OP_NO_TLSv1; |
|
111 |
++ } |
|
112 |
++ |
|
113 |
++ if (tls_protocol & TLS_PROTO_TLS_V1_1) { |
|
114 |
++#ifdef SSL_OP_NO_TLSv1_1 |
|
115 |
++ /* Clear the "no TLSv1.1" option. */ |
|
116 |
++ disable_proto &= ~SSL_OP_NO_TLSv1_1; |
|
117 |
++#endif |
|
118 |
++ } |
|
119 |
++ |
|
120 |
++ if (tls_protocol & TLS_PROTO_TLS_V1_2) { |
|
121 |
++#ifdef SSL_OP_NO_TLSv1_2 |
|
122 |
++ /* Clear the "no TLSv1.2" option. */ |
|
123 |
++ disable_proto &= ~SSL_OP_NO_TLSv1_2; |
|
124 |
++#endif |
|
125 |
++ } |
|
126 |
++ |
|
127 |
++ /* Per the comments in <ssl/ssl.h>, SSL_CTX_set_options() uses |= on |
|
128 |
++ * the previous value. This means we can easily OR in our new option |
|
129 |
++ * values with any previously set values. |
|
130 |
++ */ |
|
131 |
++ pr_log_debug(DEBUG8, MOD_TLS_VERSION ": supporting %s protocols only", |
|
132 |
++ tls_get_proto_str(main_server->pool, tls_protocol)); |
|
133 |
++ SSL_CTX_set_options(ssl_ctx, disable_proto); |
|
134 |
+ } |
|
135 |
+ |
|
136 |
++ |
|
137 |
+ tls_ca_cert = get_param_ptr(main_server->conf, "TLSCACertificateFile", FALSE); |
|
138 |
+ tls_ca_path = get_param_ptr(main_server->conf, "TLSCACertificatePath", FALSE); |
|
139 |
+ |
|
140 |
+@@ -2817,7 +2891,7 @@ |
|
141 |
+ |
|
142 |
+ if (SSL_CTX_set_default_verify_paths(ssl_ctx) != 1) { |
|
143 |
+ tls_log("error setting default verification locations: %s", |
|
144 |
+- tls_get_errors()); |
|
145 |
++ tls_get_errors()); |
|
146 |
+ } |
|
147 |
+ } |
|
148 |
+ |
... | ... |
@@ -0,0 +1,241 @@ |
1 |
+# Copyright 1999-2013 Gentoo Foundation |
|
2 |
+# Distributed under the terms of the GNU General Public License v2 |
|
3 |
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.3.4d.ebuild,v 1.10 2013/09/14 10:37:51 ago Exp $ |
|
4 |
+ |
|
5 |
+EAPI=5 |
|
6 |
+inherit eutils multilib systemd |
|
7 |
+ |
|
8 |
+MOD_CASE="0.7" |
|
9 |
+MOD_CLAMAV="0.11rc" |
|
10 |
+MOD_DISKUSE="0.9" |
|
11 |
+MOD_GSS="1.3.3" |
|
12 |
+MOD_MSG="0.4.1" |
|
13 |
+MOD_VROOT="0.9.3" |
|
14 |
+ |
|
15 |
+DESCRIPTION="An advanced and very configurable FTP server." |
|
16 |
+HOMEPAGE="http://www.proftpd.org/ |
|
17 |
+ http://www.castaglia.org/proftpd/ |
|
18 |
+ http://www.thrallingpenguin.com/resources/mod_clamav.htm |
|
19 |
+ http://gssmod.sourceforge.net/" |
|
20 |
+SRC_URI="ftp://ftp.proftpd.org/distrib/source/${P/_/}.tar.gz |
|
21 |
+ case? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-case-${MOD_CASE}.tar.gz ) |
|
22 |
+ clamav? ( https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-${MOD_CLAMAV}.tar.gz ) |
|
23 |
+ diskuse? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-diskuse-${MOD_DISKUSE}.tar.gz ) |
|
24 |
+ kerberos? ( mirror://sourceforge/gssmod/mod_gss-${MOD_GSS}.tar.gz ) |
|
25 |
+ msg? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-msg-${MOD_MSG}.tar.gz ) |
|
26 |
+ vroot? ( https://github.com/Castaglia/${PN}-mod_vroot/archive/mod_vroot-${MOD_VROOT}.tar.gz )" |
|
27 |
+LICENSE="GPL-2" |
|
28 |
+ |
|
29 |
+SLOT="0" |
|
30 |
+KEYWORDS="alpha amd64 arm hppa ~ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" |
|
31 |
+IUSE="acl authfile ban +caps case clamav copy ctrls deflate diskuse doc dso dynmasq exec ifsession ifversion ident ipv6 |
|
32 |
+ kerberos ldap linguas_bg_BG linguas_en_US linguas_fr_FR linguas_it_IT linguas_ja_JP linguas_ko_KR |
|
33 |
+ linguas_ru_RU linguas_zh_CN linguas_zh_TW memcache msg mysql ncurses nls openssl pam +pcre postgres qos radius |
|
34 |
+ ratio readme rewrite selinux sftp shaper sitemisc softquota sqlite ssl tcpd test trace vroot xinetd" |
|
35 |
+REQUIRED_USE="ban? ( ctrls ) |
|
36 |
+ msg? ( ctrls ) |
|
37 |
+ sftp? ( openssl ) |
|
38 |
+ shaper? ( ctrls ) |
|
39 |
+ ssl? ( openssl )" |
|
40 |
+ |
|
41 |
+CDEPEND="acl? ( virtual/acl ) |
|
42 |
+ caps? ( sys-libs/libcap ) |
|
43 |
+ clamav? ( app-antivirus/clamav ) |
|
44 |
+ kerberos? ( virtual/krb5 ) |
|
45 |
+ ldap? ( net-nds/openldap ) |
|
46 |
+ memcache? ( >=dev-libs/libmemcached-0.41 ) |
|
47 |
+ mysql? ( virtual/mysql ) |
|
48 |
+ nls? ( virtual/libiconv ) |
|
49 |
+ ncurses? ( sys-libs/ncurses ) |
|
50 |
+ openssl? ( dev-libs/openssl ) |
|
51 |
+ pam? ( virtual/pam ) |
|
52 |
+ pcre? ( dev-libs/libpcre ) |
|
53 |
+ postgres? ( dev-db/postgresql-base ) |
|
54 |
+ sqlite? ( dev-db/sqlite:3 ) |
|
55 |
+ xinetd? ( virtual/inetd )" |
|
56 |
+DEPEND="${CDEPEND} |
|
57 |
+ test? ( dev-libs/check )" |
|
58 |
+RDEPEND="${CDEPEND} |
|
59 |
+ net-ftp/ftpbase |
|
60 |
+ selinux? ( sec-policy/selinux-ftp )" |
|
61 |
+ |
|
62 |
+S="${WORKDIR}/${P/_/}" |
|
63 |
+ |
|
64 |
+__prepare_module() { |
|
65 |
+ local mod_name=$1 |
|
66 |
+ local mod_topdir=${WORKDIR}/${2:-${mod_name}} |
|
67 |
+ |
|
68 |
+ mv "${mod_topdir}/${mod_name}.c" contrib || die |
|
69 |
+ mv "${mod_topdir}/${mod_name}.html" doc/contrib || die |
|
70 |
+ rm -r "${mod_topdir}" || die |
|
71 |
+} |
|
72 |
+ |
|
73 |
+src_prepare() { |
|
74 |
+# epatch "${FILESDIR}"/${P}-sftp-kbdint-max-responses-bug3973.patch |
|
75 |
+# epatch "${FILESDIR}"/${P}-memset-fix.patch |
|
76 |
+ epatch "${FILESDIR}//tls-protocol-versions-bug4024.patch" |
|
77 |
+ |
|
78 |
+ # Skip 'install-conf' / Support LINGUAS |
|
79 |
+ sed -i -e "/install-all/s/ install-conf//" Makefile.in |
|
80 |
+ sed -i -e "s/^LANGS=.*$/LANGS=${LINGUAS}/" locale/Makefile.in |
|
81 |
+ |
|
82 |
+ # Prepare external modules |
|
83 |
+ use case && __prepare_module mod_case |
|
84 |
+ if use clamav ; then |
|
85 |
+ mv "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/mod_clamav.{c,h} contrib |
|
86 |
+ epatch "${WORKDIR}"/mod_clamav-${MOD_CLAMAV}/${PN}.patch |
|
87 |
+ rm -r "${WORKDIR}"/mod_clamav-${MOD_CLAMAV} |
|
88 |
+ fi |
|
89 |
+ use msg && __prepare_module mod_msg |
|
90 |
+ use vroot && __prepare_module mod_vroot ${PN}-mod_vroot-mod_vroot-${MOD_VROOT} |
|
91 |
+ |
|
92 |
+ # Prepare external kerberos module |
|
93 |
+ if use kerberos ; then |
|
94 |
+ cd "${WORKDIR}"/mod_gss-${MOD_GSS} |
|
95 |
+ |
|
96 |
+ # Support app-crypt/heimdal / Gentoo Bug #284853 |
|
97 |
+ sed -i -e "s/krb5_principal2principalname/_\0/" mod_auth_gss.c.in |
|
98 |
+ |
|
99 |
+ # Remove obsolete DES / Gentoo Bug #324903 |
|
100 |
+ # Replace 'rpm' lookups / Gentoo Bug #391021 |
|
101 |
+ sed -i -e "/ac_gss_libs/s/ -ldes425//" \ |
|
102 |
+ -e "s/ac_libdir=\`rpm -q -l.*$/ac_libdir=\/usr\/$(get_libdir)\//" \ |
|
103 |
+ -e "s/ac_includedir=\`rpm -q -l.*$/ac_includedir=\/usr\/include\//" configure{,.in} |
|
104 |
+ fi |
|
105 |
+} |
|
106 |
+ |
|
107 |
+src_configure() { |
|
108 |
+ local c m |
|
109 |
+ |
|
110 |
+ use acl && m="${m}:mod_facl" |
|
111 |
+ use ban && m="${m}:mod_ban" |
|
112 |
+ use case && m="${m}:mod_case" |
|
113 |
+ use clamav && m="${m}:mod_clamav" |
|
114 |
+ use copy && m="${m}:mod_copy" |
|
115 |
+ use ctrls && m="${m}:mod_ctrls_admin" |
|
116 |
+ use deflate && m="${m}:mod_deflate" |
|
117 |
+ if use diskuse ; then |
|
118 |
+ cd "${WORKDIR}"/mod_diskuse |
|
119 |
+ econf |
|
120 |
+ mv mod_diskuse.{c,h} "${S}"/contrib |
|
121 |
+ mv mod_diskuse.html "${S}"/doc/contrib |
|
122 |
+ cd "${S}" |
|
123 |
+ rm -r "${WORKDIR}"/mod_diskuse |
|
124 |
+ m="${m}:mod_diskuse" |
|
125 |
+ fi |
|
126 |
+ use dynmasq && mym="${mym}:mod_dynmasq" |
|
127 |
+ use exec && m="${m}:mod_exec" |
|
128 |
+ use ifsession && m="${m}:mod_ifsession" |
|
129 |
+ use ifversion && m="${m}:mod_ifversion" |
|
130 |
+ if use kerberos ; then |
|
131 |
+ cd "${WORKDIR}"/mod_gss-${MOD_GSS} |
|
132 |
+ if has_version app-crypt/mit-krb5 ; then |
|
133 |
+ econf --enable-mit |
|
134 |
+ else |
|
135 |
+ econf --enable-heimdal |
|
136 |
+ fi |
|
137 |
+ mv mod_{auth_gss,gss}.c "${S}"/contrib |
|
138 |
+ mv mod_gss.h "${S}"/include |
|
139 |
+ mv README.mod_{auth_gss,gss} "${S}" |
|
140 |
+ mv mod_gss.html "${S}"/doc/contrib |
|
141 |
+ mv rfc{1509,2228}.txt "${S}"/doc/rfc |
|
142 |
+ cd "${S}" |
|
143 |
+ rm -r "${WORKDIR}"/mod_gss-${MOD_GSS} |
|
144 |
+ m="${m}:mod_gss:mod_auth_gss" |
|
145 |
+ fi |
|
146 |
+ use ldap && m="${m}:mod_ldap" |
|
147 |
+ use msg && mym="${mym}:mod_msg" |
|
148 |
+ if use mysql || use postgres || use sqlite ; then |
|
149 |
+ m="${m}:mod_sql:mod_sql_passwd" |
|
150 |
+ use mysql && m="${m}:mod_sql_mysql" |
|
151 |
+ use postgres && m="${m}:mod_sql_postgres" |
|
152 |
+ use sqlite && m="${m}:mod_sql_sqlite" |
|
153 |
+ fi |
|
154 |
+ use qos && m="${m}:mod_qos" |
|
155 |
+ use radius && m="${m}:mod_radius" |
|
156 |
+ use ratio && m="${m}:mod_ratio" |
|
157 |
+ use readme && m="${m}:mod_readme" |
|
158 |
+ use rewrite && m="${m}:mod_rewrite" |
|
159 |
+ if use sftp ; then |
|
160 |
+ m="${m}:mod_sftp" |
|
161 |
+ use pam && m="${m}:mod_sftp_pam" |
|
162 |
+ use mysql || use postgres || use sqlite && m="${m}:mod_sftp_sql" |
|
163 |
+ fi |
|
164 |
+ use shaper && m="${m}:mod_shaper" |
|
165 |
+ use sitemisc && m="${m}:mod_site_misc" |
|
166 |
+ if use softquota ; then |
|
167 |
+ m="${m}:mod_quotatab:mod_quotatab_file" |
|
168 |
+ use ldap && m="${m}:mod_quotatab_ldap" |
|
169 |
+ use radius && m="${m}:mod_quotatab_radius" |
|
170 |
+ use mysql || use postgres || use sqlite && m="${m}:mod_quotatab_sql" |
|
171 |
+ fi |
|
172 |
+ if use ssl ; then |
|
173 |
+ m="${m}:mod_tls:mod_tls_shmcache" |
|
174 |
+ use memcache && m="${m}:mod_tls_memcache" |
|
175 |
+ fi |
|
176 |
+ if use tcpd ; then |
|
177 |
+ m="${m}:mod_wrap2:mod_wrap2_file" |
|
178 |
+ use mysql || use postgres || use sqlite && m="${m}:mod_wrap2_sql" |
|
179 |
+ fi |
|
180 |
+ use vroot && m="${m}:mod_vroot" |
|
181 |
+ |
|
182 |
+ [ -z ${m} ] || c="${c} --with-modules=${m:1}" |
|
183 |
+ econf --localstatedir=/var/run/proftpd --sysconfdir=/etc/proftpd --disable-strip \ |
|
184 |
+ $(use_enable acl facl) \ |
|
185 |
+ $(use_enable authfile auth-file) \ |
|
186 |
+ $(use_enable caps cap) \ |
|
187 |
+ $(use_enable ctrls) \ |
|
188 |
+ $(use_enable dso) \ |
|
189 |
+ $(use_enable ident) \ |
|
190 |
+ $(use_enable ipv6) \ |
|
191 |
+ $(use_enable memcache) \ |
|
192 |
+ $(use_enable ncurses) \ |
|
193 |
+ $(use_enable nls) \ |
|
194 |
+ $(use_enable openssl) \ |
|
195 |
+ $(use_enable pam auth-pam) \ |
|
196 |
+ $(use_enable pcre) \ |
|
197 |
+ $(use_enable test tests) \ |
|
198 |
+ $(use_enable trace) \ |
|
199 |
+ $(use_enable userland_GNU shadow) \ |
|
200 |
+ $(use_enable userland_GNU autoshadow) \ |
|
201 |
+ ${c:1} |
|
202 |
+} |
|
203 |
+ |
|
204 |
+src_test() { |
|
205 |
+ emake api-tests -C tests |
|
206 |
+} |
|
207 |
+ |
|
208 |
+src_install() { |
|
209 |
+ default |
|
210 |
+ [ -z ${LINGUAS} ] && rm -r "${ED}"/usr/share/locale |
|
211 |
+ newinitd "${FILESDIR}"/proftpd.initd proftpd |
|
212 |
+ insinto /etc/proftpd |
|
213 |
+ doins "${FILESDIR}"/proftpd.conf.sample |
|
214 |
+ |
|
215 |
+ if use xinetd ; then |
|
216 |
+ insinto /etc/xinetd.d |
|
217 |
+ newins "${FILESDIR}"/proftpd.xinetd proftpd |
|
218 |
+ fi |
|
219 |
+ |
|
220 |
+ dodoc ChangeLog CREDITS INSTALL NEWS README* RELEASE_NOTES |
|
221 |
+ if use doc ; then |
|
222 |
+ dohtml doc/*.html doc/contrib/*.html doc/howto/*.html doc/modules/*.html |
|
223 |
+ docinto rfc |
|
224 |
+ dodoc doc/rfc/*.txt |
|
225 |
+ fi |
|
226 |
+ |
|
227 |
+ systemd_dounit "${FILESDIR}"/${PN}.service |
|
228 |
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}-tmpfiles.d.conf ${PN}.conf |
|
229 |
+} |
|
230 |
+ |
|
231 |
+pkg_postinst() { |
|
232 |
+ if use tcpd ; then |
|
233 |
+ ewarn |
|
234 |
+ ewarn "Important: Since ProFTPD 1.3.4rc2 the module mod_wrap for TCP Wrapper" |
|
235 |
+ ewarn "support has been replaced by mod_wrap2 which is more configurable and" |
|
236 |
+ ewarn "portable. But you have to adjust your configuration before restaring" |
|
237 |
+ ewarn "ProFTPD. On the following website you can find more information:" |
|
238 |
+ ewarn " http://proftpd.org/docs/contrib/mod_wrap2.html" |
|
239 |
+ ewarn |
|
240 |
+ fi |
|
241 |
+} |
|
0 | 242 |