reinit the tree, so we can have metadata

6 files changed, 467 insertions, 0 deletions

diff --git a/sys-apps/tcp-wrappers/Manifest b/sys-apps/tcp-wrappers/Manifest
new file mode 100644
index 000000000000..60f9d3a6e22e
--- /dev/null
+++ b/sys-apps/tcp-wrappers/Manifest
@@ -0,0 +1,9 @@
+AUX hosts.allow.example 585 SHA256 fbcdcedbdc985d8f0cc79e9a8752e69553b48aa38662321046cd4eae9f4d7e3b SHA512 63587dd4552b688dc5ed0adde3932e43e5287129315211498063f09e37c1f8beee0de60d7d4f69df7149bd500546a2fd59a6094d71f9c0be221426eae3cb869b WHIRLPOOL 449f28dad80a13497baa7d5d43cc99b8e7159b8e38dc7659947c9dd76ca2e8d7153de84a3706ec6658d94bb70d5b35554b72e9cf8f35bc8eaf27dacb8229cae9
+AUX tcp-wrappers-7.6-headers.patch 5419 SHA256 86d24cdf5d1c7f88d21b174988234d5024f506982e029e173c06cb5456c46bb0 SHA512 48cd3d8951ef0f0106c51f1a1de6116fe1f68bf49f321b956d4f9dac1b3f1b6c2964163deb3d1bb449a2ac672e471c4b216e0e616de4a2dad0665d767d13f786 WHIRLPOOL 721d65254fd0d39152e0ba1c860fba5bb8c08ab61d1c89a10e1da9ed274b41ba2734253e79e0c680fe72cdf720eba7243c7b7e6f33d383c074f078b2c64d923d
+AUX tcp-wrappers-7.6-redhat-bug11881.patch 956 SHA256 b8b3bbbe223d3496b25070d1fbc62d9a1424709e20d380b55390b13f03b46e03 SHA512 d530f788c3b40f5ec2836ba7c6e73df529869ef465b93fe2b2d8460dfcb5e9031e78c8e6a99c71d6262a05b82f25e694fdd717686198a87dfcb2c9b9d5a52ef4 WHIRLPOOL 05620832e55b9ef396601851d22e6fc1e60adb655340b1c1909c8138454b38338cba3bf9976d8458d157cc2ce8a3f30450efdf82943b885e325965b2d93697b7
+DIST tcp-wrappers_7.6.q-22.debian.tar.gz 41730 SHA256 0ff28337c5effe4f91e7ea43ddd65fc629c06922326f5ef2804f70943be64fb3 SHA512 cee45f265c34ec1c4e9e81d54be636dcd9702964f9cf5bb076f72d6772d2dbc638d2ef366560b51c24a216724807826bb3b7bf9d5d0f5c0923b71de7d0b002a8 WHIRLPOOL 4a22c083d3bfe18af020ea48663ab3eb5a77d613665bbeb935daffcce64641d66f5c32a88ef4e4dbf8b4edfe9d71bfc4e35601451d065c10806ea726430d2aa8
+DIST tcp_wrappers_7.6.tar.gz 99438 SHA256 9543d7adedf78a6de0b221ccbbd1952e08b5138717f4ade814039bb489a4315d SHA512 2d9d003791f8d00912a36ae00579e2b8dd7ad8a7bf8eae259659bcaf5365b150540ff6c93c91765872c76041579b7a02b6e3c64528fb7f8235680399ba1d9dac WHIRLPOOL e04861d03a49dd6d6d5cd9eba86732a40e79deff39d981a5e883bcfae4979c6e1c2a388eabd84691927b159e606a5649073473a717cb62c12cbd8546d75635bf
+EBUILD tcp-wrappers-7.6.22-r1.ebuild 2646 SHA256 a7714fc579e20b6930cdaf028e71dba05f9e13d9d5c2b7c1b645d50fd698bfbb SHA512 14ee69fbebc7a93bd887284f110d67c33f6079f91d41b9e6b9819f758d73875c300c557378dc1f3146b736730de843be7cc94b7534bf34f5ad81bd23ef828115 WHIRLPOOL 828a664a6491193e2e485a9cf362048f08c17f1629bf0f3490bc80542e84bb6065f395d6a1ecbd115c1c52412c0e9591e222a036e9bd3cc26a2c2887fb96bb9f
+MISC ChangeLog 3067 SHA256 29e51eb852a26eb44c578a64eeca54b77cb3fade2db4b691704f20aba5084201 SHA512 824c6ed9803ed18b28ba05cec26b4b68d83526dbc0e8c278f783322e29dcd41ed61a2b0ef4b28831b233a67a8c00821fb2a77d9469c18f9a54a38c233ff82615 WHIRLPOOL c6b2ea7b936ac2308bcdfb63c62620d6e9e0432785983e7c6b4f318abe77687a95606cb1c2ff3e6348ac7c54338faccb44e6fdf859911e9beb9e3034555410d0
+MISC ChangeLog-2015 9465 SHA256 43739e3b74da006f224d644eeae490246e8528d333eb7345b4c7e11895dca00e SHA512 008ca06bccff5dcb4be6e4fc9383827dcc84bacd481da55d4eabf3e0d540389c8e2a9e0e02b2450532714637638742e5b6c0379e9c48d12416324ca9df35bd11 WHIRLPOOL c4d079b7bea29393935c9365c47d631bb74d2e728eaa691061395b3b259749ef223f25a1f4b847ec5638652bc2761a04ef319e52d21ff54230468ff45a66e78f
+MISC metadata.xml 440 SHA256 7cf7feea8b3221313ae2b674c64fa6bbf24cac03d83c120f22d2d4ba996c8bf9 SHA512 3075ada2500265fa53064720159a33779d79c46e4244a5cc6624d0c2de81dcacf62f89232162182bf29477c36025f4b3f4618d9ae3f592ebd714a658425428a5 WHIRLPOOL 9b7be91e1cd0f47d2ea6045ca653c1de5c23503342ec3cbf28e55fe9e8cad629277fafb9cbc77ea8fdbfcd320047067b773b9596682b485635ac6a4136305e4f
diff --git a/sys-apps/tcp-wrappers/files/hosts.allow.example b/sys-apps/tcp-wrappers/files/hosts.allow.example
new file mode 100644
index 000000000000..c473eb95155e
--- /dev/null
+++ b/sys-apps/tcp-wrappers/files/hosts.allow.example
@@ -0,0 +1,17 @@
+# For more information, please see the hosts.allow(5) manpage
+
+# Rule format:
+# daemon : client list
+# The value for 'daemon' is determined by the name of the binary.
+# OpenSSH runs as 'sshd' so you would use 'sshd' for 'daemon'.
+# Client list can be a list of ip's or hostnames.
+
+# Allow only sshd connections from ips matching 192.168.0.*            
+#sshd: 192.168.0.
+
+# Only allow sendmail connections from the localhost
+#sendmail: localhost
+
+# Allow everyone from foobar.edu to access everything except for
+# the terminalserver 
+#ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
diff --git a/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-headers.patch b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-headers.patch
new file mode 100644
index 000000000000..328a4a102618
--- /dev/null
+++ b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-headers.patch
@@ -0,0 +1,295 @@
+--- a/options.c
++++ b/options.c
+@@ -34,6 +34,8 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
++#include <stdlib.h>
+ #include <sys/types.h>
+ #include <sys/param.h>
+ #include <sys/socket.h>
+--- a/safe_finger.c
++++ b/safe_finger.c
+@@ -20,6 +20,11 @@
+ 
+ /* System libraries */
+ 
++#include <unistd.h>
++#include <fcntl.h>
++#include <stdlib.h>
++#include <sys/wait.h>
++#include <grp.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <signal.h>
+@@ -27,7 +31,7 @@
+ #include <ctype.h>
+ #include <pwd.h>
+ 
+-extern void exit();
++int pipe_stdin(char **argv);
+ 
+ /* Local stuff */
+ 
+--- a/scaffold.c
++++ b/scaffold.c
+@@ -10,6 +10,7 @@
+ 
+ /* System libraries. */
+ 
++#include <stdlib.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <sys/socket.h>
+@@ -27,7 +27,4 @@
+ #endif
+ 
+-#ifndef INET6
+-extern char *malloc();
+-#endif
+ 
+ /* Application-specific. */
+--- a/shell_cmd.c
++++ b/shell_cmd.c
+@@ -14,6 +14,10 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
++#include <stdlib.h>
++#include <fcntl.h>
++#include <sys/wait.h>
+ #include <sys/types.h>
+ #include <sys/param.h>
+ #include <signal.h>
+@@ -25,8 +25,6 @@
+ #include <syslog.h>
+ #include <string.h>
+ 
+-extern void exit();
+-
+ /* Local stuff. */
+ 
+ #include "tcpd.h"
+--- a/tcpdchk.c
++++ b/tcpdchk.c
+@@ -20,6 +20,8 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
++#include <stdlib.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #ifdef INET6
+@@ -35,10 +36,7 @@
+ #include <netdb.h>
+ #include <string.h>
+ 
+-extern int errno;
+-extern void exit();
+-extern int optind;
+-extern char *optarg;
++int cidr_mask_addr(char *str);
+ 
+ #ifndef INADDR_NONE
+ #define INADDR_NONE     (-1)		/* XXX should be 0xffffffff */
+--- a/clean_exit.c
++++ b/clean_exit.c
+@@ -13,8 +13,8 @@
+ #endif
+ 
+ #include <stdio.h>
+-
+-extern void exit();
++#include <unistd.h>
++#include <stdlib.h>
+ 
+ #include "tcpd.h"
+ 
+--- a/hosts_access.c
++++ b/hosts_access.c
+@@ -23,6 +23,7 @@
+ 
+ /* System libraries. */
+ 
++#include <stdlib.h>
+ #include <sys/types.h>
+ #ifdef INT32_T
+     typedef uint32_t u_int32_t;
+@@ -43,8 +44,8 @@
+ #include <netdb.h>
+ #endif
+ 
+-extern char *fgets();
+-extern int errno;
++static int match_pattern_ylo(const char *s, const char *pattern);
++int cidr_mask_addr(char *str);
+ 
+ #ifndef	INADDR_NONE
+ #define	INADDR_NONE	(-1)		/* XXX should be 0xffffffff */
+--- a/inetcf.c
++++ b/inetcf.c
+@@ -9,15 +9,14 @@
+ static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:13:23";
+ #endif
+ 
++#include <stdlib.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <stdio.h>
+ #include <errno.h>
+ #include <string.h>
+ 
+-extern int errno;
+-extern void exit();
+-
++#include "scaffold.h"
+ #include "tcpd.h"
+ #include "inetcf.h"
+ 
+--- a/percent_x.c
++++ b/percent_x.c
+@@ -16,12 +16,12 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
++#include <stdlib.h>
+ #include <stdio.h>
+ #include <syslog.h>
+ #include <string.h>
+ 
+-extern void exit();
+-
+ /* Local stuff. */
+ 
+ #include "tcpd.h"
+--- a/rfc931.c
++++ b/rfc931.c
+@@ -15,6 +15,7 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
+ #include <stdio.h>
+ #include <syslog.h>
+ #include <sys/types.h>
+--- a/tcpd.c
++++ b/tcpd.c
+@@ -16,6 +16,7 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
+ #include <sys/types.h>
+ #include <sys/param.h>
+ #include <sys/stat.h>
+@@ -39,6 +39,8 @@
+ #include "patchlevel.h"
+ #include "tcpd.h"
+ 
++void fix_options(struct request_info *request);
++
+ int     allow_severity = SEVERITY;	/* run-time adjustable */
+ int     deny_severity = LOG_WARNING;	/* ditto */
+ 
+--- a/tcpdmatch.c
++++ b/tcpdmatch.c
+@@ -19,6 +19,8 @@
+ 
+ /* System libraries. */
+ 
++#include <unistd.h>
++#include <stdlib.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <sys/socket.h>
+@@ -30,9 +32,6 @@
+ #include <setjmp.h>
+ #include <string.h>
+ 
+-extern void exit();
+-extern int optind;
+-extern char *optarg;
+ 
+ #ifndef	INADDR_NONE
+ #define	INADDR_NONE	(-1)		/* XXX should be 0xffffffff */
+--- a/update.c
++++ b/update.c
+@@ -19,6 +19,7 @@
+ 
+ /* System libraries */
+ 
++#include <unistd.h>
+ #include <stdio.h>
+ #include <syslog.h>
+ #include <string.h>
+--- a/misc.c
++++ b/misc.c
+@@ -14,11 +14,10 @@
+ #include <arpa/inet.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #include "tcpd.h"
+ 
+-extern char *fgets();
+-
+ #ifndef	INADDR_NONE
+ #define	INADDR_NONE	(-1)		/* XXX should be 0xffffffff */
+ #endif
+--- a/fix_options.c
++++ b/fix_options.c
+@@ -32,6 +32,7 @@
+ 
+ /* fix_options - get rid of IP-level socket options */
+ 
++void
+ fix_options(request)
+ struct request_info *request;
+ {
+@@ -38,11 +38,8 @@
+ #ifdef IP_OPTIONS
+     unsigned char optbuf[BUFFER_SIZE / 3], *cp;
+     char    lbuf[BUFFER_SIZE], *lp;
+-#ifdef __GLIBC__
+-    size_t  optsize = sizeof(optbuf), ipproto;
+-#else
+-    int     optsize = sizeof(optbuf), ipproto;
+-#endif
++    socklen_t optsize = sizeof(optbuf);
++    int ipproto;
+     struct protoent *ip;
+     int     fd = request->fd;
+     unsigned int opt;
+--- a/socket.c
++++ b/socket.c
+@@ -95,11 +95,7 @@
+     static struct sockaddr_in client;
+     static struct sockaddr_in server;
+ #endif
+-#ifdef __GLIBC__
+-    size_t  len;
+-#else
+-    int     len;
+-#endif
++    socklen_t len;
+     char    buf[BUFSIZ];
+     int     fd = request->fd;
+ 
+@@ -430,11 +426,7 @@
+ #else
+     struct sockaddr_in sin;
+ #endif
+-#ifdef __GLIBC__
+-    size_t  size = sizeof(sin);
+-#else
+-    int     size = sizeof(sin);
+-#endif
++    socklen_t size;
+ 
+     /*
+      * Eat up the not-yet received datagram. Some systems insist on a
diff --git a/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-redhat-bug11881.patch b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-redhat-bug11881.patch
new file mode 100644
index 000000000000..4a6847621c57
--- /dev/null
+++ b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-redhat-bug11881.patch
@@ -0,0 +1,35 @@
+--- tcp_wrappers_7.6/tcpd.c.bug11881
++++ tcp_wrappers_7.6/tcpd.c
+@@ -60,10 +60,10 @@
+      */
+ 
+     if (argv[0][0] == '/') {
+-	strcpy(path, argv[0]);
++	strncpy(path, argv[0], sizeof(path));
+ 	argv[0] = strrchr(argv[0], '/') + 1;
+     } else {
+-	sprintf(path, "%s/%s", REAL_DAEMON_DIR, argv[0]);
++	snprintf(path, sizeof(path), "%s/%s", REAL_DAEMON_DIR, argv[0]);
+     }
+ 
+     /*
+--- tcp_wrappers_7.6/eval.c.bug11881
++++ tcp_wrappers_7.6/eval.c
+@@ -111,7 +111,7 @@
+ 	return (hostinfo);
+ #endif
+     if (STR_NE(eval_user(request), unknown)) {
+-	sprintf(both, "%s@%s", request->user, hostinfo);
++	snprintf(both, sizeof(both), "%s@%s", request->user, hostinfo);
+ 	return (both);
+     } else {
+ 	return (hostinfo);
+@@ -128,7 +128,7 @@
+     char   *daemon = eval_daemon(request);
+ 
+     if (STR_NE(host, unknown)) {
+-	sprintf(both, "%s@%s", daemon, host);
++	snprintf(both, sizeof(both), "%s@%s", daemon, host);
+ 	return (both);
+     } else {
+ 	return (daemon);
diff --git a/sys-apps/tcp-wrappers/metadata.xml b/sys-apps/tcp-wrappers/metadata.xml
new file mode 100644
index 000000000000..aedbb1a2c097
--- /dev/null
+++ b/sys-apps/tcp-wrappers/metadata.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer type="project">
+	<email>base-system@gentoo.org</email>
+	<name>Gentoo Base System</name>
+</maintainer>
+<use>
+	<flag name="netgroups">
+		Support matching NIS (host) netgroup names via the @netgroup syntax
+		(if you don't know what this means, you most likely do not need it)
+	</flag>
+</use>
+</pkgmetadata>
diff --git a/sys-apps/tcp-wrappers/tcp-wrappers-7.6.22-r1.ebuild b/sys-apps/tcp-wrappers/tcp-wrappers-7.6.22-r1.ebuild
new file mode 100644
index 000000000000..041dd954900f
--- /dev/null
+++ b/sys-apps/tcp-wrappers/tcp-wrappers-7.6.22-r1.ebuild
@@ -0,0 +1,97 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="4"
+
+inherit eutils toolchain-funcs versionator flag-o-matic multilib-minimal
+
+MY_PV=$(get_version_component_range 1-2)
+DEB_PV=$(get_version_component_range 3)
+MY_P="${PN//-/_}_${MY_PV}"
+DESCRIPTION="TCP Wrappers"
+HOMEPAGE="ftp://ftp.porcupine.org/pub/security/index.html"
+SRC_URI="ftp://ftp.porcupine.org/pub/security/${MY_P}.tar.gz
+	mirror://debian/pool/main/t/${PN}/${PN}_${MY_PV}.q-${DEB_PV}.debian.tar.gz"
+
+LICENSE="tcp_wrappers_license"
+SLOT="0"
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux"
+IUSE="ipv6 netgroups static-libs"
+
+RDEPEND="
+	abi_x86_32? (
+		!<=app-emulation/emul-linux-x86-baselibs-20131008-r4
+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
+	)"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+	EPATCH_OPTS="-p1" \
+	epatch $(sed -e 's:^:../debian/patches/:' ../debian/patches/series)
+	epatch "${FILESDIR}"/${PN}-7.6-headers.patch
+	epatch "${FILESDIR}"/${PN}-7.6-redhat-bug11881.patch
+
+	multilib_copy_sources
+}
+
+temake() {
+	local mycppflags="-DHAVE_WEAKSYMS -DHAVE_STRERROR -DSYS_ERRLIST_DEFINED"
+	use ipv6 && mycppflags+=" -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len"
+	emake \
+		REAL_DAEMON_DIR="${EPREFIX}"/usr/sbin \
+		TLI= VSYSLOG= PARANOID= BUGS= \
+		AUTH="-DALWAYS_RFC931" \
+		AUX_OBJ="weak_symbols.o" \
+		DOT="-DAPPEND_DOT" \
+		HOSTNAME="-DALWAYS_HOSTNAME" \
+		NETGROUP=$(usex netgroups -DNETGROUPS "") \
+		STYLE="-DPROCESS_OPTIONS" \
+		LIBS=$(usex netgroups -lnsl "") \
+		LIB=$(usex static-libs libwrap.a "") \
+		AR="$(tc-getAR)" ARFLAGS=rc \
+		CC="$(tc-getCC)" \
+		RANLIB="$(tc-getRANLIB)" \
+		COPTS="${CFLAGS} ${CPPFLAGS} ${mycppflags}" \
+		LDFLAGS="${LDFLAGS}" \
+		"$@" || die
+}
+
+multilib_src_configure() {
+	tc-export AR RANLIB
+	temake config-check
+}
+
+multilib_src_compile() {
+	temake all
+}
+
+multilib_src_install() {
+	into /usr
+	use static-libs && dolib.a libwrap.a
+	dolib.so shared/libwrap.so*
+
+	insinto /usr/include
+	doins tcpd.h
+
+	if multilib_is_native_abi; then
+		gen_usr_ldscript -a wrap
+		dosbin tcpd tcpdchk tcpdmatch safe_finger try-from
+	fi
+}
+
+multilib_src_install_all() {
+	doman *.[358]
+	dosym hosts_access.5 /usr/share/man/man5/hosts.allow.5
+	dosym hosts_access.5 /usr/share/man/man5/hosts.deny.5
+
+	insinto /etc
+	newins "${FILESDIR}"/hosts.allow.example hosts.allow
+
+	dodoc BLURB CHANGES DISCLAIMER README*
+}
+
+pkg_preinst() {
+	# don't clobber people with our default example config
+	[[ -e ${EROOT}/etc/hosts.allow ]] && cp -pP "${EROOT}"/etc/hosts.allow "${ED}"/etc/hosts.allow
+}