diff options
author | Peter Volkov <pva@gentoo.org> | 2007-09-13 15:09:18 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2007-09-13 15:09:18 +0000 |
commit | 902344cde83d77cf3af55399f3c2d157ddac59ee (patch) | |
tree | 2ebeeed8fde376e4228fd4a1f6f61a4c9082064b /app-admin | |
parent | Initial commit. (diff) | |
download | gentoo-2-902344cde83d77cf3af55399f3c2d157ddac59ee.tar.gz gentoo-2-902344cde83d77cf3af55399f3c2d157ddac59ee.tar.bz2 gentoo-2-902344cde83d77cf3af55399f3c2d157ddac59ee.zip |
Fixes log injection reported by Sune Kloppenborg Jeppesen in bug #181213.
(Portage version: 2.1.3.9)
Diffstat (limited to 'app-admin')
-rw-r--r-- | app-admin/denyhosts/ChangeLog | 8 | ||||
-rw-r--r-- | app-admin/denyhosts/denyhosts-2.6-r1.ebuild | 65 | ||||
-rw-r--r-- | app-admin/denyhosts/files/denyhosts-2.6-log-injection-regex.patch | 21 | ||||
-rw-r--r-- | app-admin/denyhosts/files/digest-denyhosts-2.6-r1 | 3 |
4 files changed, 96 insertions, 1 deletions
diff --git a/app-admin/denyhosts/ChangeLog b/app-admin/denyhosts/ChangeLog index 9601939a810f..d20982566944 100644 --- a/app-admin/denyhosts/ChangeLog +++ b/app-admin/denyhosts/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-admin/denyhosts # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/ChangeLog,v 1.27 2007/08/14 18:10:41 strerror Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/ChangeLog,v 1.28 2007/09/13 15:09:14 pva Exp $ + +*denyhosts-2.6-r1 (13 Sep 2007) + + 13 Sep 2007; <pva@gentoo.org> + +files/denyhosts-2.6-log-injection-regex.patch, +denyhosts-2.6-r1.ebuild: + Fixes log injection reported by Sune Kloppenborg Jeppesen in bug #181213. 14 Aug 2007; Benjamin Smee <strerror@gentoo.org> files/denyhosts.init: fix for bug #174501 diff --git a/app-admin/denyhosts/denyhosts-2.6-r1.ebuild b/app-admin/denyhosts/denyhosts-2.6-r1.ebuild new file mode 100644 index 000000000000..f9e0a05b10a1 --- /dev/null +++ b/app-admin/denyhosts/denyhosts-2.6-r1.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/denyhosts-2.6-r1.ebuild,v 1.1 2007/09/13 15:09:14 pva Exp $ + +inherit distutils eutils + +my_PN="DenyHosts" +my_P="${my_PN}-${PV}" +DESCRIPTION="DenyHosts is a utility to help sys admins thwart ssh hackers" +HOMEPAGE="http://www.denyhosts.net" +SRC_URI="mirror://sourceforge/${PN}/${my_P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~sparc ~x86" +IUSE="" +DEPEND=">=dev-lang/python-2.3" +S="${WORKDIR}/${my_P}" + +src_unpack() { + unpack ${A} + cd "${S}" + # changes default file installations + epatch "${FILESDIR}"/${P}-gentoo.patch + epatch "${FILESDIR}"/${P}-log-injection-regex.patch + sed -i -e 's:#!/usr/bin/env python:#!/usr/bin/python:' \ + denyhosts.py || die "sed failed" + sed -i -e 's:DENY_THRESHOLD_VALID = 10:DENY_THRESHOLD_VALID = 5:' \ + denyhosts.cfg-dist || die "sed failed" +} + +src_install() { + distutils_src_install + + insinto /etc + insopts -m0640 + newins denyhosts.cfg-dist denyhosts.conf + + newinitd "${FILESDIR}"/denyhosts.init denyhosts + + exeinto /usr/bin + newexe denyhosts.py denyhosts + + dodoc CHANGELOG.txt README.txt + + keepdir /var/lib/denyhosts +} + +pkg_postinst() { + if [ ! -f /etc/hosts.deny ] + then + touch /etc/hosts.deny + fi + + elog "You can configure DenyHosts to run as a daemon by running:" + elog + elog "rc-update add denyhosts default" + elog + elog "or as a cronjob, by adding the following to /etc/crontab" + elog "# run DenyHosts every 10 minutes" + elog "*/10 * * * * root python /usr/bin/denyhosts -c /etc/denyhosts.conf" + elog + elog "More information can be found at http://denyhosts.sourceforge.net/faq.html" + elog + ewarn "Modify /etc/denyhosts.conf to suit your environment system." +} diff --git a/app-admin/denyhosts/files/denyhosts-2.6-log-injection-regex.patch b/app-admin/denyhosts/files/denyhosts-2.6-log-injection-regex.patch new file mode 100644 index 000000000000..c6fc20541019 --- /dev/null +++ b/app-admin/denyhosts/files/denyhosts-2.6-log-injection-regex.patch @@ -0,0 +1,21 @@ +Address Log injection reported at + +http://bugs.gentoo.org/show_bug.cgi?id=181213 + +diff -ur a/DenyHosts/regex.py b/DenyHosts/regex.py +--- a/DenyHosts/regex.py 2006-12-07 13:47:04.000000000 -0600 ++++ b/DenyHosts/regex.py 2007-06-19 18:51:54.000000000 -0500 +@@ -17,11 +17,11 @@ + + FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""") + +-FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups""") ++FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups$""") + + FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""") + +-FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) not allowed because not listed in AllowUsers""") ++FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) not allowed because not listed in AllowUsers""") + + + # these are reserved for future versions diff --git a/app-admin/denyhosts/files/digest-denyhosts-2.6-r1 b/app-admin/denyhosts/files/digest-denyhosts-2.6-r1 new file mode 100644 index 000000000000..eaec57e06035 --- /dev/null +++ b/app-admin/denyhosts/files/digest-denyhosts-2.6-r1 @@ -0,0 +1,3 @@ +MD5 fc2365305a9402886a2b0173d1beb7df DenyHosts-2.6.tar.gz 42667 +RMD160 cab4206af992f5405ed1c9b302341c7b5649c71a DenyHosts-2.6.tar.gz 42667 +SHA256 5190ead13a7238e3ccf328cb3b71b16716e1c73939909a4f3fa6904ba58ddf7d DenyHosts-2.6.tar.gz 42667 |