diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /net-ftp/netkit-ftpd | |
reinit the tree, so we can have metadata
Diffstat (limited to 'net-ftp/netkit-ftpd')
| -rw-r--r-- | net-ftp/netkit-ftpd/Manifest | 16 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/ftp.xinetd | 12 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch | 108 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch | 43 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch | 10 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch | 10 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch | 45 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch | 24 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch | 32 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch | 66 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch | 28 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/metadata.xml | 8 | ||||
| -rw-r--r-- | net-ftp/netkit-ftpd/netkit-ftpd-0.17-r9.ebuild | 72 |
13 files changed, 474 insertions, 0 deletions
diff --git a/net-ftp/netkit-ftpd/Manifest b/net-ftp/netkit-ftpd/Manifest new file mode 100644 index 000000000000..62e0e5d79a3d --- /dev/null +++ b/net-ftp/netkit-ftpd/Manifest @@ -0,0 +1,16 @@ +AUX ftp.xinetd 207 SHA256 2f5195c5544e594e91d91da51db8cc551a48abf90656b8782e58bf008b878121 SHA512 3a9bd4b5d8eabe11a4db9eb9181accd735ffa3979f81ea38cdf11c888f5500e71d1f528c44f662ec0b990cff73d794770b60f39209b3865c747c36523433d477 WHIRLPOOL ec76203fc37962f2d54185d02446e307a6043fba495f983b078be297447a5ae4382200785fd0563163e35db86e420d83baccdcdb487c62eb137b43c0879bc338 +AUX netkit-ftpd-0.17-CVE-2008-4247.patch 2909 SHA256 fa585fd8499a8670015f35cc31f2b15ca2781ae9635a1eb4c1541eb18c9bdd4d SHA512 bf4469dd7ebc7b203e45b8503ef918acb273d8b5aac82657a0c7996a8e31a3b652a2879bc5a37b4917aa7fb45d39eaa87fe8c3e06eb10b79f0e07a2e88ee0a1d WHIRLPOOL 8c73c2224c0737ab0f0420df9bbd0d645e3459d7449903845895dd3afbd401d0658359d9fe1df173031f74f047cb879f20178c5c9214087148340df96aa9bc80 +AUX netkit-ftpd-0.17-build.patch 862 SHA256 2dabb6d6df74c15a1f97ea6fa90ed9ed7f437c5ebeb26f6ba4183362119b769c SHA512 68fc321b318acdad4685870af06096a3f165affe1edce7e8c4cde796c934d4b564c0b9faa07741eb0dcc9a3a1422a925c7bfcbe2cfdb5288308be26687867964 WHIRLPOOL cdcd3c585e1b2fd8758bc24b3e587d5c8fc08d81cc8d501225a9bc9daaa8907d63cbc68fc996ac68dbed7e38f67cd05ade64a83dc0f2d33d9bf4e224378ce0cd +AUX netkit-ftpd-0.17-cleanup-ssl.patch 279 SHA256 110d1de5c37f29de6e9e753114d97c03742793481f1f377fd91a7b4dc5483076 SHA512 5c5c1c3d10a2d969701dbb2b23b56b367b28ba1e3aab33d1a14ae606d27a44870ec5f274819bccab1fa0f802712210af3b3118f5b9334092b853e8999ad391e3 WHIRLPOOL a84e857303e740bd2b23a78f9058a26b7fd219ef73785777b7aeb1d1cd7e491ceaf4dcf2076eb91f10e0cfc3433e13bf8111ad0e90ba2eb0c5ef50063dee2a1b +AUX netkit-ftpd-0.17-cleanup.patch 186 SHA256 5eb8134a8be569f1fc448bb781193f1820bddd36e735b1d164de2dfd4071a12f SHA512 c0f407f324e7c28f7cd7b26d0ce53849f8e02910a7813b9fef4648f767856f361fb0157337b76425ebd27c056702808ab408a6969af19c17550bcea22094711c WHIRLPOOL 043af5246ebef524651b7246c378bacfa0bb85e4f7688ecd37f81b036b9ef2065ce66b493c87fa0feec21cef867c1015841ac13e3873f0de81efe64d05348105 +AUX netkit-ftpd-0.17-cross.patch 1353 SHA256 dc4af056be711835feb00ebb28505a8817a2e8f59f90627ab0307b4aea2022df SHA512 19bad02d42b6abaf6b4280a9fc0cd56e90183976251584976105042aa682c1a9354886945e1e6e2364e1487425a0771d772334979510d5da6deded7199880d66 WHIRLPOOL 2aa7f6792211da766c1fc1c2f5275dc6fbbad7c252f3efdf87808c2400ff8a93e0a6eba879c76aba1c43e8ee6b1311cd144f9ff6dd4e244398376032b1603062 +AUX netkit-ftpd-0.17-fclose-CVE-2007-6263.patch 658 SHA256 aa233506a3322bd9363aca4423b1bbb18ad618f2d722edae614b47640f42bb65 SHA512 c3a0c04504dbd946ac235cb8ed68fead4647cec893cdd94cf46bfabd3b4b21e2065835b5b42782d4a3e2661408a81d9c406234dcd9f96745901c0e52bd33f216 WHIRLPOOL 6c6c6199930fb8388b013b5b32e67917e76ccaa0d890ccb9e0af3799e7ce0dfed833f28ead2e91007636daffa7dcce3a4ff6fb1f7ee9490eebcd26a72230c9e6 +AUX netkit-ftpd-0.17-gcc41.patch 770 SHA256 d5ebda1221b9dbce3ba7ddccae846da65a0c7c5e544a0a8625d93396a3a1ea50 SHA512 9139fecff5b0169362f7c73a9502bc464925def180ec2f557c177bdb61eb63b9dcbeec5389199ce17abc0701dfa589851fdcad663a2d37192a1b4f8bbbbf5e35 WHIRLPOOL 91fae3b9ba25a176b712ffb4e9ddf3555ae2b6c0c8b856ff20fdb24bb4c18077d3ca41f63758d8d9008d686a5c7c8db77e551eccb62c059c8eb354af2653ae5c +AUX netkit-ftpd-0.17-setguid.patch 1809 SHA256 7cf4924713e629bce9f0e7c483332046b336480da16156d6db5fa094b6d38424 SHA512 b9b9c2765440688b8ad66034d227c3e11f8fb3ead4c0268b78633af995e82f92def653b7cfe5528cb11f07e14b80e6ceb5e2603d5486aa4630605786fa1aa9ff WHIRLPOOL f16c2f08a039a7794937483adb09d40d8e70026fa5ae6f9fc8ac8fdd4b9e6a4705aa45c7e8c2054b0e46c69e9165f6c7e6677aea8f93ee5abfbb88a0c7e23150 +AUX netkit-ftpd-0.17-shadowfix.patch 587 SHA256 93c43a7033f24c3232438d81c5442e75cd4d38a2a6a9cf90ed73dc962d1203b6 SHA512 4e22825300c1979aad4df7f6c38e42276ca32536ae06474efa0150c423e93779f35c26a5eb0f02da503bec825cb45206893a3393b5120c5eb0d9bc146aa3c684 WHIRLPOOL d91d34b003fdaed94ff409f2a80939c9d659af50a32dd2e02d92d20f8bc5f519e05f9f19af3ea1af7c50ecb8bcfdf48a820617756c85352f261375d0f00d6559 +DIST linux-ftpd-0.17-ssl.patch 36459 SHA256 0082ee6a71fdd83f61e63166f7bbba97c204cdc67f9e1bf10f2df31590fba780 SHA512 f27dd2f9a50a2b3c38131c46cdb4420f81abfdbb7cd7e70d00e864da3e4562363d585a308e57b9abce7db64ede8d02e41710101e618f6c14489193776b2b1e71 WHIRLPOOL 1c2fb70da4bd8b8e5189dc3eb4c9606b056d905e89f397938358247fcd35dea26e1728ddd752748e1cd4364c0f140cf94f6c8932e5c3ee930b8ca22379982206 +DIST linux-ftpd-0.17.tar.gz 46763 SHA256 65a0b249e38bf3c3a16dbd4d3edd2657683ca8f47b307e92007f378b21d2fa65 SHA512 160191baa904b4c404473e2c1de23813de1b31cbb11a3c28ff64f9953aec8270b74d865a57d5aaa6d25cf404c8aeadff05348a9b32847a2a137ef4c998557d58 WHIRLPOOL 5f0783a2ddc11519132db10ed837241eec8ef9cddff00891728ead29a4170858d96518bb05b8bf0dfa9204b1ed5033ffbc3d0106b9ccd1dca201e4d5a2819f46 +EBUILD netkit-ftpd-0.17-r9.ebuild 1696 SHA256 922ae59b9821c7479e3f5aa08d48df620272b6105e91a1bff3cc0ec0ff5e766b SHA512 8c6f5e3accfe4ef8ad571e36a7afe0b27d9d424e80886ce551129f0b163eb0024a34308c1b6462b09bb2a2e59beaf8f0caab7ba07dabcd607bbd117f7284b8dd WHIRLPOOL c3e51725584ff373986a1df9aa05bee95bc0bdefd57276974ca336629d1b54f8814cbade80cdc225abca0e435fed85b1f86580ddd775ec57a26a0ce6d79d31a8 +MISC ChangeLog 3496 SHA256 dc25a6fb9f68c7132eb2bea1a55699f8eab8f41587d7aa6e36d9ecb96780d208 SHA512 7e762788b095c1b659c8b5bd36126de1660036ee80404779e4ba2048ddfd3510ab5b402df4ad7c248459d56407042c66d549f60703ea544a22601fb08b160139 WHIRLPOOL 5f9601f4c25950dd2df3d15825b618f8e7ef822201208d20a1ccdec868954f97899d016502f17abde5fcf00520bfad75a3c9edf1fa33006cd58bae253da77100 +MISC ChangeLog-2015 8059 SHA256 b772f81552f48c1bcea3fddb255e04a3f86274c305509130ac6c60a291415a97 SHA512 5216788ab8f8a1803d261699b850bf3d670a6e7e2ba943743059a773c643df341df82b4f14f4034f291dcba8c6612f814d777fdda166d75ac56340cadd64d24e WHIRLPOOL 57925c02889b3cbba2af5079ec1bec888378c329ce3878e32b573130f54fe3161236f4c2ea95a3c7756855fc4f486c94af2b630cc39bd0434360471b268643f9 +MISC metadata.xml 253 SHA256 d82c33ef453113a5c1ebe250dcba373c22934a69b0a86c6ab15a5ca589c25b91 SHA512 54a9069aeb4165d2dff3d473c8001bc51613aac9dff3f7f5e9971a9891a737a31511ffa11cbd523febe581ac1d9de2bdf2f40410f0c4239138f2ccca3ef15555 WHIRLPOOL e5aee23acff864609953a1e4de768f0e4aef704b44c53c021f28573e1ca5c99f1a46d92935ecec2449f7b4419a36d8373127d0ecfa8d7bae72d835e1839eb3f8 diff --git a/net-ftp/netkit-ftpd/files/ftp.xinetd b/net-ftp/netkit-ftpd/files/ftp.xinetd new file mode 100644 index 000000000000..1d486c3a45f6 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/ftp.xinetd @@ -0,0 +1,12 @@ +# default: off +# description: The netkit ftp daemon with optional SSL support. + +service ftp +{ + socket_type = stream + protocol = tcp + wait = no + user = root + server = /usr/bin/ftpd + disable = yes +} diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch new file mode 100644 index 000000000000..e1b50c825bfc --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch @@ -0,0 +1,108 @@ +http://bugs.gentoo.org/239047 + +--- linux-ftpd-0.17/ftpd/extern.h ++++ linux-ftpd-0.17/ftpd/extern.h +@@ -43,7 +43,7 @@ void dologout __P((int)); + void fatal __P((const char *)); + int ftpd_pclose __P((FILE *)); + FILE *ftpd_popen __P((char *, const char *)); +-char *ftpd_getline __P((char *, int, FILE *)); ++int ftpd_getline __P((char *, int, FILE *)); + void ftpdlogwtmp __P((const char *, const char *, const char *)); + void lreply __P((int, const char *, ...)); + void makedir __P((char *)); +--- linux-ftpd-0.17/ftpd/ftpcmd.y ++++ linux-ftpd-0.17/ftpd/ftpcmd.y +@@ -980,7 +980,7 @@ static struct tab *lookup(struct tab *p, + /* + * getline - a hacked up version of fgets to ignore TELNET escape codes. + */ +-char * ftpd_getline(char *s, int n, FILE *iop) ++int ftpd_getline(char *s, int n, FILE *iop) + { + int c; + register char *cs; +@@ -995,7 +995,7 @@ char * ftpd_getline(char *s, int n, FILE + if (debug) + syslog(LOG_DEBUG, "command: %s", s); + tmpline[0] = '\0'; +- return(s); ++ return(0); + } + if (c == 0) + tmpline[0] = '\0'; +@@ -1037,11 +1037,22 @@ char * ftpd_getline(char *s, int n, FILE + } + } + *cs++ = c; +- if (--n <= 0 || c == '\n') ++ if (--n <= 0) { ++ /* ++ * If command doesn't fit into buffer, discard the ++ * rest of the command and indicate truncation. ++ * This prevents the command to be split up into ++ * multiple commands. ++ */ ++ while (c != '\n' && (c = getc(iop)) != EOF) ++ ; ++ return (-2); ++ } ++ if (c == '\n') + break; + } + if (c == EOF && cs == s) +- return (NULL); ++ return (-1); + *cs++ = '\0'; + if (debug) { + if (!guest && strncasecmp("pass ", s, 5) == 0) { +@@ -1061,7 +1072,7 @@ char * ftpd_getline(char *s, int n, FILE + syslog(LOG_DEBUG, "command: %.*s", len, s); + } + } +- return (s); ++ return (0); + } + + void toolong(int signo) +@@ -1090,9 +1101,14 @@ static int yylex(void) + case CMD: + (void) signal(SIGALRM, toolong); + (void) alarm((unsigned) timeout); +- if (ftpd_getline(cbuf, sizeof(cbuf)-1, stdin)==NULL) { ++ n = ftpd_getline(cbuf, sizeof(cbuf)-1, stdin); ++ if (n == -1) { + reply(221, "You could at least say goodbye."); + dologout(0); ++ } else if (n == -2) { ++ reply(500, "Command too long."); ++ alarm(0); ++ continue; + } + (void) alarm(0); + if ((cp = strchr(cbuf, '\r'))) { +--- linux-ftpd-0.17/ftpd/ftpd.c ++++ linux-ftpd-0.17/ftpd/ftpd.c +@@ -2210,6 +2210,7 @@ void dologout(int status) + static void myoob(int signo) + { + char *cp; ++ int ret; + int save_errno = errno; + + (void)signo; +@@ -2218,9 +2219,13 @@ static void myoob(int signo) + if (!transflag) + return; + cp = tmpline; +- if (ftpd_getline(cp, 7, stdin) == NULL) { ++ ret = ftpd_getline(cp, 7, stdin); ++ if (ret == -1) { + reply(221, "You could at least say goodbye."); + dologout(0); ++ } else if (ret == -2) { ++ /* Ignore truncated command */ ++ return; + } + upper(cp); + if (strcmp(cp, "ABOR\r\n") == 0) { diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch new file mode 100644 index 000000000000..6df58378c93f --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch @@ -0,0 +1,43 @@ +--- configure ++++ configure +@@ -114,40 +114,6 @@ + echo 'no' + fi + +-if [ x$DEBUG = x ]; then +- echo -n "Checking if $CC accepts -O2... " +- if ( +- $CC -O2 __conftest.c -o __conftest +- ) >/dev/null 2>&1; then +- echo 'yes' +- CFLAGS="$CFLAGS -O2" +- else +- echo 'no' +- echo -n "Checking if $CC accepts -O... " +- if ( +- $CC -O __conftest.c -o __conftest +- ) >/dev/null 2>&1; then +- echo 'yes' +- CFLAGS="$CFLAGS -O" +- else +- echo 'no' +- fi +- fi +- +-else +- echo -n "Checking if $CC accepts -g... " +- if ( +- $CC -g __conftest.c -o __conftest +- ) >/dev/null 2>&1; then +- echo 'yes' +- CFLAGS="$CFLAGS -g" +- else +- echo 'no' +- fi +- +-fi +- +-LDFLAGS= + LIBS= + + rm -f __conftest* diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch new file mode 100644 index 000000000000..e228eaceda5f --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch @@ -0,0 +1,10 @@ +--- ftpd/ftpcmd.y ++++ ftpd/ftpcmd.y +@@ -109,6 +109,7 @@ + typedef struct ssl_st SSL; + int SSL_write(SSL *ssl,const char *buf,int num); + extern int do_ssl_start(void); ++int ssl_getc(SSL *ssl_con); + extern int ssl_secure_flag; + extern int ssl_active_flag; + extern SSL *ssl_con; diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch new file mode 100644 index 000000000000..73289adfba05 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch @@ -0,0 +1,10 @@ +--- ftpd/logwtmp.c ++++ ftpd/logwtmp.c +@@ -43,6 +43,7 @@ + #include <sys/types.h> + #include <sys/time.h> + #include <sys/stat.h> ++#include <time.h> + + #include <fcntl.h> + #include <utmp.h> diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch new file mode 100644 index 000000000000..cb6ad986a914 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch @@ -0,0 +1,45 @@ +--- configure.orig 2008-05-11 12:02:50.000000000 -0700 ++++ configure 2008-05-11 12:04:14.000000000 -0700 +@@ -93,7 +93,7 @@ + echo -n 'Checking if C compiler works... ' + if ( + $CC __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 ++ [ -e __conftest ] || exit 1 + ) >/dev/null 2>&1; then + echo 'yes' + else +@@ -169,13 +169,13 @@ + EOF + if ( + $CC $CFLAGS __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 ++ [ -e __conftest ] || exit 1 + ) >/dev/null 2>&1; then + echo 'yes' + else + if ( + $CC $CFLAGS -D__USE_BSD_SIGNAL __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 ++ [ -e ./__conftest ] || exit 1 + ) >/dev/null 2>&1; then + echo '-D__USE_BSD_SIGNAL' + CFLAGS="$CFLAGS -D__USE_BSD_SIGNAL" +@@ -311,7 +311,7 @@ + else + if ( + $CC $CFLAGS -D_GNU_SOURCE __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 ++ [ -e ./__conftest ] || exit 1 + ) >/dev/null 2>&1; then + echo '-D_GNU_SOURCE' + CFLAGS="$CFLAGS -D_GNU_SOURCE" +@@ -342,7 +342,7 @@ + EOF + if ( + $CC $CFLAGS __conftest.c $LIBBSD -o __conftest || exit 1 +- ./__conftest || exit 1 ++ [ -e ./__conftest ] || exit 1 + ) >/dev/null 2>&1; then + echo 'ok' + else diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch new file mode 100644 index 000000000000..5da61aee7343 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch @@ -0,0 +1,24 @@ +diff -u linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c +--- linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c ++++ linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c +@@ -1729,7 +1729,7 @@ + static FILE * dataconn(const char *name, off_t size, const char *mode, int stou) + { + char sizebuf[32]; +- FILE *file; ++ FILE *file = NULL; + int retry = 0, tos; + + file_size = size; +@@ -1822,7 +1822,10 @@ + ERR_error_string(ERR_get_error(),NULL)); + perror_reply(425, errbuf); + /* abort time methinks ... */ +- fclose(file); ++ if(file != NULL){ ++ fclose(file); ++ file = NULL; ++ } + return NULL; + } else { + if (ssl_debug_flag) { diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch new file mode 100644 index 000000000000..5f516ce5d356 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch @@ -0,0 +1,32 @@ +--- linux-ftpd-0.17/ftpd/ftpcmd.y ++++ linux-ftpd-0.17/ftpd/ftpcmd.y +@@ -125,7 +125,14 @@ + char cbuf[512]; + char *fromname; + +-struct tab; ++struct tab { ++ const char *name; ++ short token; ++ short state; ++ short implemented; /* 1 if command is implemented */ ++ const char *help; ++}; ++ + static int yylex __P((void)); + static void sizecmd __P((char *)); + static void help __P((struct tab *, char *)); +@@ -891,13 +898,6 @@ + #define SITECMD 7 /* SITE command */ + #define NSTR 8 /* Number followed by a string */ + +-struct tab { +- const char *name; +- short token; +- short state; +- short implemented; /* 1 if command is implemented */ +- const char *help; +-}; + + struct tab cmdtab[] = { /* In order defined in RFC 765 */ + { "AUTH", AUTH, STR1, 1, "<sp> auth_type" }, diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch new file mode 100644 index 000000000000..f5d0cf75fcfd --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch @@ -0,0 +1,66 @@ +--- linux-ftpd-0.17/ftpd/popen.c ++++ linux-ftpd-0.17/ftpd/popen.c +@@ -169,8 +169,13 @@ + * XXX: this doesn't seem right... and shouldn't + * we initgroups, or at least setgroups(0,0)? + */ +- setgid(getegid()); +- setuid(i); ++ ++/* ++ * PSz 25 Aug 06 Must check the return status of these setgid/setuid calls, ++ * see http://www.bress.net/blog/archives/34-setuid-madness.html ++ */ ++ if ( setgid(getegid()) != 0 ) _exit(1); ++ if ( setuid(i) != 0 ) _exit(1); + + #ifndef __linux__ + /* +--- linux-ftpd-0.17/ftpd/ftpd.c ++++ linux-ftpd-0.17/ftpd/ftpd.c +@@ -1159,6 +1159,13 @@ + } + strcpy(pw->pw_dir, "/"); + setenv("HOME", "/", 1); ++ } ++ /* PSz 25 Aug 06 chdir for real users done after setting UID */ ++ if (seteuid((uid_t)pw->pw_uid) < 0) { ++ reply(550, "Can't set uid."); ++ goto bad; ++ } ++ if (guest || dochroot) { /* do nothing, handled above */ + } else if (chdir(pw->pw_dir) < 0) { + if (chdir("/") < 0) { + reply(530, "User %s: can't change directory to %s.", +@@ -1167,10 +1174,7 @@ + } else + lreply(230, "No directory! Logging in with home=/"); + } +- if (seteuid((uid_t)pw->pw_uid) < 0) { +- reply(550, "Can't set uid."); +- goto bad; +- } ++ + sigfillset(&allsigs); + sigprocmask(SIG_UNBLOCK,&allsigs,NULL); + +@@ -1408,7 +1412,8 @@ + goto bad; + sleep(tries); + } +- (void) seteuid((uid_t)pw->pw_uid); ++/* PSz 25 Aug 06 Check return status */ ++ if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1); + sigfillset(&allsigs); + sigprocmask (SIG_UNBLOCK, &allsigs, NULL); + +@@ -1440,7 +1445,8 @@ + bad: + /* Return the real value of errno (close may change it) */ + t = errno; +- (void) seteuid((uid_t)pw->pw_uid); ++/* PSz 25 Aug 06 Check return status */ ++ if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1); + sigfillset (&allsigs); + sigprocmask (SIG_UNBLOCK, &allsigs, NULL); + (void) close(s); diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch new file mode 100644 index 000000000000..79a241ff9c51 --- /dev/null +++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch @@ -0,0 +1,28 @@ +--- linux-ftpd-0.17/ftpd/Makefile ++++ linux-ftpd-0.17-patched/ftpd/Makefile +@@ -19,7 +19,11 @@ + all: ftpd + + %.o: %.c ++ ifdef USE_SHADOW ++ $(CC) $(CFLAGS) -DUSE_SHADOW -DHASSETPROCTITLE $< -c ++ else + $(CC) $(CFLAGS) -DHASSETPROCTITLE $< -c ++ endif + + ftpcmd.c: %.c: %.y + $(YACC) $< +--- linux-ftpd-0.17/support/Makefile ++++ linux-ftpd-0.17-patched/support/Makefile +@@ -5,7 +5,11 @@ + all: libsupport.a + + %.o: %.c ++ ifdef USE_SHADOW ++ $(CC) $(CFLAGS) -DUSE_SHADOW -DHASSETPROCTITLE $< -c ++ else + $(CC) $(CFLAGS) -DHASSETPROCTITLE $< -c ++ endif + + libsupport.a: $(OBJS) + ar -cruv $@ $^ diff --git a/net-ftp/netkit-ftpd/metadata.xml b/net-ftp/netkit-ftpd/metadata.xml new file mode 100644 index 000000000000..56c124413057 --- /dev/null +++ b/net-ftp/netkit-ftpd/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="project"> + <email>base-system@gentoo.org</email> + <name>Gentoo Base System</name> +</maintainer> +</pkgmetadata> diff --git a/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r9.ebuild b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r9.ebuild new file mode 100644 index 000000000000..f5466dcc5136 --- /dev/null +++ b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r9.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils ssl-cert toolchain-funcs + +MY_P="linux-ftpd-${PV}" +DESCRIPTION="The netkit FTP server with optional SSL support" +HOMEPAGE="http://www.hcs.harvard.edu/~dholland/computers/netkit.html" +SRC_URI="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/${MY_P}.tar.gz + mirror://gentoo/${MY_P}-ssl.patch" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 ppc ~ppc64 s390 sh sparc x86" +IUSE="libressl ssl" + +DEPEND="ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) ) +" +RDEPEND="${DEPEND} + virtual/inetd + !www-servers/publicfile" + +S=${WORKDIR}/${MY_P} + +src_prepare() { + default + + cd "${S}" || die + if use ssl; then + epatch "${DISTDIR}"/${MY_P}-ssl.patch + epatch "${FILESDIR}"/${P}-cleanup-ssl.patch + epatch "${FILESDIR}"/${P}-fclose-CVE-2007-6263.patch #199206 + fi + + epatch "${FILESDIR}"/${P}-cleanup.patch + epatch "${FILESDIR}"/${P}-build.patch + epatch "${FILESDIR}"/${P}-shadowfix.patch + epatch "${FILESDIR}"/${P}-gcc41.patch + epatch "${FILESDIR}"/${P}-setguid.patch + epatch "${FILESDIR}"/${P}-cross.patch + epatch "${FILESDIR}"/${P}-CVE-2008-4247.patch #239047 +} + +src_configure() { + tc-export CC + ./configure --prefix=/usr || die +} + +src_compile() { + emake +} + +src_install() { + dobin ftpd/ftpd + doman ftpd/ftpd.8 + dodoc README ChangeLog + insinto /etc/xinetd.d + newins "${FILESDIR}"/ftp.xinetd ftp +} + +pkg_postinst() { + if use ssl; then + install_cert /etc/ssl/certs/ftpd + elog "In order to start the server with SSL support" + elog "You need a certificate /etc/ssl/certs/ftpd.pem." + elog "A temporary certificiate has been created." + fi +} |