From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id B2FDF1381F3 for ; Sat, 6 Jul 2013 03:22:19 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6AF53E096D; Sat, 6 Jul 2013 03:22:16 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B9815E0961 for ; Sat, 6 Jul 2013 03:22:15 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8402433E99A for ; Sat, 6 Jul 2013 03:22:14 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 32237E5459 for ; Sat, 6 Jul 2013 03:22:13 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <1373080976.667ba009ca07b0e392fa481c4b5d318ec8d4029d.blueness@gentoo> Subject: [gentoo-commits] proj/hardened-dev:musl commit in: sys-apps/tcp-wrappers/files/, sys-apps/tcp-wrappers/ X-VCS-Repository: proj/hardened-dev X-VCS-Files: sys-apps/tcp-wrappers/files/hosts.allow.example sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-remove-DECLS.patch sys-apps/tcp-wrappers/metadata.xml sys-apps/tcp-wrappers/tcp-wrappers-7.6-r99.ebuild X-VCS-Directories: sys-apps/tcp-wrappers/files/ sys-apps/tcp-wrappers/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 667ba009ca07b0e392fa481c4b5d318ec8d4029d X-VCS-Branch: musl Date: Sat, 6 Jul 2013 03:22:13 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 30f82a00-9305-4e80-aba9-6bc39eb20d4f X-Archives-Hash: ea233e4d1055aece80036fc9cff5c342 commit: 667ba009ca07b0e392fa481c4b5d318ec8d4029d Author: layman localhost> AuthorDate: Sat Jul 6 02:36:11 2013 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Sat Jul 6 03:22:56 2013 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=667ba009 sys-apps/tcp-wrappers: remove bad _BEGIN_DECLS Package-Manager: portage-2.1.12.2 RepoMan-Options: --force --- sys-apps/tcp-wrappers/files/hosts.allow.example | 17 +++++ .../files/tcp-wrappers-7.6-remove-DECLS.patch | 19 ++++++ sys-apps/tcp-wrappers/metadata.xml | 11 ++++ sys-apps/tcp-wrappers/tcp-wrappers-7.6-r99.ebuild | 77 ++++++++++++++++++++++ 4 files changed, 124 insertions(+) diff --git a/sys-apps/tcp-wrappers/files/hosts.allow.example b/sys-apps/tcp-wrappers/files/hosts.allow.example new file mode 100644 index 0000000..c473eb9 --- /dev/null +++ b/sys-apps/tcp-wrappers/files/hosts.allow.example @@ -0,0 +1,17 @@ +# For more information, please see the hosts.allow(5) manpage + +# Rule format: +# daemon : client list +# The value for 'daemon' is determined by the name of the binary. +# OpenSSH runs as 'sshd' so you would use 'sshd' for 'daemon'. +# Client list can be a list of ip's or hostnames. + +# Allow only sshd connections from ips matching 192.168.0.* +#sshd: 192.168.0. + +# Only allow sendmail connections from the localhost +#sendmail: localhost + +# Allow everyone from foobar.edu to access everything except for +# the terminalserver +#ALL: .foobar.edu EXCEPT terminalserver.foobar.edu diff --git a/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-remove-DECLS.patch b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-remove-DECLS.patch new file mode 100644 index 0000000..1382c6d --- /dev/null +++ b/sys-apps/tcp-wrappers/files/tcp-wrappers-7.6-remove-DECLS.patch @@ -0,0 +1,19 @@ +diff -Naur tcp_wrappers_7.6.orig/tcpd.h tcp_wrappers_7.6/tcpd.h +--- tcp_wrappers_7.6.orig/tcpd.h 2013-07-06 02:14:23.070110799 +0000 ++++ tcp_wrappers_7.6/tcpd.h 2013-07-06 02:14:56.184112650 +0000 +@@ -21,8 +21,6 @@ + #include + #include + +-__BEGIN_DECLS +- + /* Structure to describe one communications endpoint. */ + + #define STRING_LENGTH 128 /* hosts, users, processes */ +@@ -259,6 +257,4 @@ + extern char *my_strtok(); + #endif + +-__END_DECLS +- + #endif /* tcpd.h */ diff --git a/sys-apps/tcp-wrappers/metadata.xml b/sys-apps/tcp-wrappers/metadata.xml new file mode 100644 index 0000000..1cecd60 --- /dev/null +++ b/sys-apps/tcp-wrappers/metadata.xml @@ -0,0 +1,11 @@ + + + +base-system + + + Support matching NIS (host) netgroup names via the @netgroup syntax + (if you don't know what this means, you most likely need want it) + + + diff --git a/sys-apps/tcp-wrappers/tcp-wrappers-7.6-r99.ebuild b/sys-apps/tcp-wrappers/tcp-wrappers-7.6-r99.ebuild new file mode 100644 index 0000000..005c835 --- /dev/null +++ b/sys-apps/tcp-wrappers/tcp-wrappers-7.6-r99.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/tcp-wrappers/tcp-wrappers-7.6-r8.ebuild,v 1.26 2013/05/14 05:46:04 radhermit Exp $ + +inherit eutils toolchain-funcs multilib + +MY_P="${P//-/_}" +PATCH_VER="1.0" +DESCRIPTION="TCP Wrappers" +HOMEPAGE="ftp://ftp.porcupine.org/pub/security/index.html" +SRC_URI="ftp://ftp.porcupine.org/pub/security/${MY_P}.tar.gz + mirror://gentoo/${P}-patches-${PATCH_VER}.tar.bz2" + +LICENSE="tcp_wrappers_license" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" +IUSE="ipv6" + +S=${WORKDIR}/${MY_P} + +src_unpack() { + unpack ${A} + cd "${S}" + + chmod ug+w Makefile + + EPATCH_SUFFIX="patch" + PATCHDIR=${WORKDIR}/${PV} + epatch ${PATCHDIR}/${P}-makefile.patch + epatch ${PATCHDIR}/generic + epatch ${PATCHDIR}/${P}-shared.patch + use ipv6 && epatch ${PATCHDIR}/${P}-ipv6-1.14.diff + + epatch "${FILESDIR}"/${P}-remove-DECLS.patch +} + +src_compile() { + tc-export AR CC RANLIB + + local myconf="-DHAVE_WEAKSYMS" + use ipv6 && myconf="${myconf} -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" + + emake \ + REAL_DAEMON_DIR=/usr/sbin \ + GENTOO_OPT="${myconf}" \ + MAJOR=0 MINOR=${PV:0:1} REL=${PV:2:3} \ + config-check || die "emake config-check failed" + + emake \ + REAL_DAEMON_DIR=/usr/sbin \ + GENTOO_OPT="${myconf}" \ + MAJOR=0 MINOR=${PV:0:1} REL=${PV:2:3} \ + linux || die "emake linux failed" +} + +src_install() { + dosbin tcpd tcpdchk tcpdmatch safe_finger try-from || die + + doman *.[358] + dosym hosts_access.5 /usr/share/man/man5/hosts.allow.5 + dosym hosts_access.5 /usr/share/man/man5/hosts.deny.5 + + insinto /usr/include + doins tcpd.h + + into /usr + dolib.a libwrap.a + + into / + newlib.so libwrap.so libwrap.so.0.${PV} + dosym libwrap.so.0.${PV} /$(get_libdir)/libwrap.so.0 + dosym libwrap.so.0 /$(get_libdir)/libwrap.so + # bug #4411 + gen_usr_ldscript libwrap.so || die "gen_usr_ldscript failed" + + dodoc BLURB CHANGES DISCLAIMER README* "${FILESDIR}"/hosts.allow.example +}