summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBernard Cafarelli <voyageur@gentoo.org>2009-09-07 16:46:33 +0000
committerBernard Cafarelli <voyageur@gentoo.org>2009-09-07 16:46:33 +0000
commit50f1f2bdf2df4cf96079e82c102c1c8ff92e25db (patch)
tree2a76999cff442f32ff4ec41544f09f7bcb10bdfc /net-ftp/proftpd/files
parentopenvas-server bump (diff)
downloadgentoo-2-50f1f2bdf2df4cf96079e82c102c1c8ff92e25db.tar.gz
gentoo-2-50f1f2bdf2df4cf96079e82c102c1c8ff92e25db.tar.bz2
gentoo-2-50f1f2bdf2df4cf96079e82c102c1c8ff92e25db.zip
Remove old versions, bump to 1.3.2a (with some modules), thanks to Bernd Lommerzheim <bernd@lommerzheim.com> in bug #276371. Also fix bug #280150, updating mit-krb5 dependency
(Portage version: 2.2_rc40/cvs/Linux x86_64)
Diffstat (limited to 'net-ftp/proftpd/files')
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1-CVE-2008-4242.patch172
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1-bug208840.patch35
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1-bug218850.patch12
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug164612.patch23
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug167003.patch15
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug175082.patch354
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug178866.patch68
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug181712.patch35
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch192
9 files changed, 0 insertions, 906 deletions
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1-CVE-2008-4242.patch b/net-ftp/proftpd/files/proftpd-1.3.1-CVE-2008-4242.patch
deleted file mode 100644
index 9b08cade2ab9..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1-CVE-2008-4242.patch
+++ /dev/null
@@ -1,172 +0,0 @@
-Patch taken from debian, closes
-http://secunia.com/advisories/cve_reference/CVE-2008-4242/
-https://bugs.gentoo.org/show_bug.cgi?id=238762
-diff -urNad trunk~/src/main.c trunk/src/main.c
---- trunk~/src/main.c 2008-09-21 23:50:55.000000000 +0200
-+++ trunk/src/main.c 2008-09-21 23:50:55.000000000 +0200
-@@ -674,12 +674,17 @@
- while (TRUE) {
- pr_signals_handle();
-
-+ memset(buf,'\0',sizeof(buf));
-+
- if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm,
- session.c->outstrm) == NULL) {
-
-- if (PR_NETIO_ERRNO(session.c->instrm) == EINTR)
-- /* Simple interrupted syscall */
-+ if (errno == E2BIG) {
-+ /* The client sent a too-long command which was ignored; give
-+ * them another chance?
-+ */
- continue;
-+ }
-
- #ifndef PR_DEVEL_NO_DAEMON
- /* Otherwise, EOF */
-@@ -695,20 +700,31 @@
-
- if (cmd_buf_size == -1) {
- int *bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
-+ size_t default_cmd_bufsz;
-+
-+ /* It's possible for the admin to select a PR_TUNABLE_BUFFER_SIZE which
-+ * is smaller than PR_DEFAULT_CMD_BUFSZ. We need to handle such cases
-+ * properly.
-+ */
-+ default_cmd_bufsz = PR_DEFAULT_CMD_BUFSZ;
-+ if (default_cmd_bufsz > sizeof(buf)) {
-+ default_cmd_bufsz = sizeof(buf);
-+ }
-+
- if (bufsz == NULL) {
-- cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
-+ cmd_buf_size = default_cmd_bufsz;
-
- } else if (*bufsz <= 0) {
- pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
- "given, using default buffer size (%u) instead",
-- *bufsz, PR_DEFAULT_CMD_BUFSZ);
-- cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
-+ *bufsz, default_cmd_bufsz);
-+ cmd_buf_size = default_cmd_bufsz;
-
- } else if (*bufsz + 1 > sizeof(buf)) {
- pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
- "given, using default buffer size (%u) instead",
-- *bufsz, PR_DEFAULT_CMD_BUFSZ);
-- cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
-+ *bufsz, default_cmd_bufsz);
-+ cmd_buf_size = default_cmd_bufsz;
-
- } else {
- pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
-diff -urNad trunk~/src/netio.c trunk/src/netio.c
---- trunk~/src/netio.c 2008-09-21 23:39:34.000000000 +0200
-+++ trunk/src/netio.c 2008-09-21 23:52:17.000000000 +0200
-@@ -1,6 +1,6 @@
- /*
- * ProFTPD - FTP server daemon
-- * Copyright (c) 2001-2007 The ProFTPD Project team
-+ * Copyright (c) 2001-2008 The ProFTPD Project team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
-@@ -30,19 +30,19 @@
- #include <signal.h>
-
- #ifndef IAC
--#define IAC 255
-+# define IAC 255
- #endif
- #ifndef DONT
--#define DONT 254
-+# define DONT 254
- #endif
- #ifndef DO
--#define DO 253
-+# define DO 253
- #endif
- #ifndef WONT
--#define WONT 252
-+# define WONT 252
- #endif
- #ifndef WILL
--#define WILL 251
-+# define WILL 251
- #endif
-
- static const char *trace_channel = "netio";
-@@ -51,6 +51,17 @@
- static pr_netio_t *core_data_netio = NULL, *data_netio = NULL;
- static pr_netio_t *core_othr_netio = NULL, *othr_netio = NULL;
-
-+/* Used to track whether the previous text read from the client's control
-+ * connection was a properly-terminated command. If so, then read in the
-+ * next/current text as per normal. If NOT (e.g. the client sent a too-long
-+ * command), then read in the next/current text, but ignore it. Only clear
-+ * this flag if the next/current command can be read as per normal.
-+ *
-+ * The pr_netio_telnet_gets() uses this variable, in conjunction with its
-+ * saw_newline flag, for handling too-long commands from clients.
-+ */
-+static int properly_terminated_prev_command = TRUE;
-+
- static pr_netio_stream_t *netio_stream_alloc(pool *parent_pool) {
- pool *netio_pool = NULL;
- pr_netio_stream_t *nstrm = NULL;
-@@ -911,7 +922,7 @@
- char *bp = buf;
- unsigned char cp;
- static unsigned char mode = 0;
-- int toread;
-+ int toread, saw_newline = FALSE;
- pr_buffer_t *pbuf = NULL;
-
- if (buflen == 0) {
-@@ -940,8 +951,9 @@
- *bp = '\0';
- return buf;
-
-- } else
-+ } else {
- return NULL;
-+ }
- }
-
- pbuf->remaining = pbuf->buflen - toread;
-@@ -1004,6 +1016,8 @@
- toread--;
- *bp++ = *pbuf->current++;
- pbuf->remaining++;
-+
-+ saw_newline = TRUE;
- break;
- }
-
-@@ -1011,6 +1025,25 @@
- pbuf->current = NULL;
- }
-
-+ if (!saw_newline) {
-+ /* If we haven't seen a newline, then assume the client is deliberately
-+ * sending a too-long command, trying to exploit buffer sizes and make
-+ * the server make some possibly bad assumptions.
-+ */
-+
-+ properly_terminated_prev_command = FALSE;
-+ errno = E2BIG;
-+ return NULL;
-+ }
-+
-+ if (!properly_terminated_prev_command) {
-+ properly_terminated_prev_command = TRUE;
-+ pr_log_pri(PR_LOG_NOTICE, "client sent too-long command, ignoring");
-+ errno = E2BIG;
-+ return NULL;
-+ }
-+
-+ properly_terminated_prev_command = TRUE;
- *bp = '\0';
- return buf;
- }
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1-bug208840.patch b/net-ftp/proftpd/files/proftpd-1.3.1-bug208840.patch
deleted file mode 100644
index 90931f99f50f..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1-bug208840.patch
+++ /dev/null
@@ -1,35 +0,0 @@
---- acconfig.h 2002/12/15 18:05:09 1.15
-+++ acconfig.h 2007/10/15 17:27:25 1.16
-@@ -12,9 +12,6 @@
- /* Define to `int' if <sys/types.h> doesn't define. */
- #undef ino_t
-
--/* Define to `mode_t' if <sys/types.h> doesn't define. */
--#undef umode_t
--
- /* Define to `int' if <sys/socket.h> doesn't define. */
- #undef socklen_t
-
---- config.h.in 2007/10/13 03:05:27 1.118
-+++ config.h.in 2007/10/15 17:27:25 1.119
-@@ -37,9 +37,6 @@
- /* Define to `int' if <sys/socket.h> doesn't define. */
- #undef socklen_t
-
--/* Define to `mode_t' if <sys/types.h> doesn't define. */
--#undef umode_t
--
- /* Define if you have AIX send_file() semantics. */
- #undef HAVE_AIX_SENDFILE
-
---- configure.in 2007/10/13 03:05:27 1.261
-+++ configure.in 2007/10/15 17:27:25 1.262
-@@ -1119,7 +1119,7 @@
- AC_CHECK_SIZEOF(time_t, 0)
-
- dnl Check for generic typedefs
--AC_CHECK_TYPE(umode_t, mode_t)
-+AC_CHECK_TYPE(mode_t, mode_t)
- AC_CHECK_TYPE(ino_t, ino_t)
- AC_CHECK_TYPE(intptr_t, AC_DEFINE(HAVE_INTPTR_T),, [
- #if HAVE_INTTYPES_H
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1-bug218850.patch b/net-ftp/proftpd/files/proftpd-1.3.1-bug218850.patch
deleted file mode 100644
index 3e2adf34ea5c..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1-bug218850.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- lib/libcap/libcap.h 2008-04-24 19:46:29.475883739 +0200
-+++ lib/libcap/libcap.h 2008-04-24 19:48:31.116088563 +0200
-@@ -52,7 +52,8 @@
- */
-
- #if !defined(_LINUX_CAPABILITY_VERSION) || \
-- (_LINUX_CAPABILITY_VERSION != 0x19980330)
-+ ((_LINUX_CAPABILITY_VERSION != 0x19980330) && \
-+ (_LINUX_CAPABILITY_VERSION != 0x20071026))
-
- # error "Kernel <linux/capability.h> does not match library"
- # error "file "libcap.h" --> fix and recompile libcap"
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug164612.patch b/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug164612.patch
deleted file mode 100644
index 060fc9518456..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug164612.patch
+++ /dev/null
@@ -1,23 +0,0 @@
---- modules/mod_lang.c 2007/01/19 21:59:44 1.4
-+++ modules/mod_lang.c 2007/01/19 23:01:25 1.5
-@@ -262,10 +262,19 @@
-
- static int lang_init(void) {
- if (setlocale(LC_ALL, "") == NULL) {
-- pr_log_pri(PR_LOG_NOTICE, "unable to set locale: %s", strerror(errno));
-+ pr_log_pri(PR_LOG_NOTICE, "unable to set LC_ALL: %s", strerror(errno));
- return -1;
- }
-
-+ /* Preserve the POSIX/portable handling of number formatting; local
-+ * formatting of decimal points, for example, can cause problems with
-+ * numbers in SQL queries.
-+ */
-+ if (setlocale(LC_NUMERIC, "C") == NULL) {
-+ pr_log_pri(PR_LOG_NOTICE, "unable to set LC_NUMERIC: %s",
-+ strerror(errno));
-+ }
-+
- lang_pool = make_sub_pool(permanent_pool);
- pr_pool_tag(lang_pool, MOD_LANG_VERSION);
-
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug167003.patch b/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug167003.patch
deleted file mode 100644
index d6ce55a148b0..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug167003.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- modules/mod_facl.c 2007/04/18 15:31:28 1.6
-+++ modules/mod_facl.c 2007/04/30 17:47:34 1.7
-@@ -826,10 +826,10 @@
- "facl",
-
- /* Module configuration directive handlers */
-- NULL,
-+ facl_conftab,
-
- /* Module command handlers */
-- facl_conftab,
-+ NULL,
-
- /* Module authentication handlers */
- NULL,
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug175082.patch b/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug175082.patch
deleted file mode 100644
index 7e3b6cf6f4ac..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug175082.patch
+++ /dev/null
@@ -1,354 +0,0 @@
---- include/auth.h 2005/06/10 17:21:10 1.4
-+++ include/auth.h 2007/04/17 21:33:40 1.5
-@@ -86,6 +86,7 @@
- config_rec *pr_auth_get_anon_config(pool *p, char **, char **, char **);
-
- /* For internal use only. */
-+int init_auth(void);
- int set_groups(pool *, gid_t, array_header *);
-
- #endif /* PR_MODULES_H */
---- modules/mod_core.c 2007/03/09 16:20:54 1.298
-+++ modules/mod_core.c 2007/04/17 21:33:40 1.299
-@@ -4418,6 +4418,8 @@
- config_rec *c = NULL;
- unsigned int *debug_level = NULL;
-
-+ init_auth();
-+
- /* Check for a server-specific TimeoutIdle. */
- c = find_config(main_server->conf, CONF_PARAM, "TimeoutIdle", FALSE);
- if (c != NULL)
---- src/auth.c 2007/01/08 22:59:28 1.47
-+++ src/auth.c 2007/04/17 21:33:40 1.48
-@@ -30,6 +30,10 @@
-
- #include "conf.h"
-
-+static pool *auth_pool = NULL;
-+static pr_table_t *auth_tab = NULL;
-+static const char *trace_channel = "auth";
-+
- /* The difference between this function, and pr_cmd_alloc(), is that this
- * allocates the cmd_rec directly from the given pool, whereas pr_cmd_alloc()
- * will allocate a subpool from the given pool, and allocate its cmd_rec
-@@ -63,7 +67,7 @@
- return c;
- }
-
--static modret_t *dispatch_auth(cmd_rec *cmd, char *match) {
-+static modret_t *dispatch_auth(cmd_rec *cmd, char *match, module **m) {
- authtable *start_tab = NULL, *iter_tab = NULL;
- modret_t *mr = NULL;
-
-@@ -74,7 +78,12 @@
- while (iter_tab) {
- pr_signals_handle();
-
-- pr_trace_msg("auth", 6, "dispatching auth request \"%s\" to module mod_%s",
-+ if (m && *m && *m != iter_tab->m) {
-+ goto next;
-+ }
-+
-+ pr_trace_msg(trace_channel, 6,
-+ "dispatching auth request \"%s\" to module mod_%s",
- match, iter_tab->m->name);
-
- mr = call_module(iter_tab->m, iter_tab->handler, cmd);
-@@ -83,9 +92,19 @@
- break;
-
- if (MODRET_ISHANDLED(mr) ||
-- MODRET_ISERROR(mr))
-+ MODRET_ISERROR(mr)) {
-+
-+ /* Return a pointer, if requested, to the module which answered the
-+ * auth request. This is used, for example, by auth_getpwnam() for
-+ * associating the answering auth module with the data looked up.
-+ */
-+ if (m)
-+ *m = iter_tab->m;
-+
- break;
-+ }
-
-+ next:
- iter_tab = pr_stash_get_symbol(PR_SYM_AUTH, match, iter_tab,
- &cmd->stash_index);
-
-@@ -106,7 +125,7 @@
- modret_t *mr = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "setpwent");
-+ mr = dispatch_auth(cmd, "setpwent", NULL);
-
- if (cmd->tmp_pool) {
- destroy_pool(cmd->tmp_pool);
-@@ -121,13 +140,20 @@
- modret_t *mr = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "endpwent");
-+ mr = dispatch_auth(cmd, "endpwent", NULL);
-
- if (cmd->tmp_pool) {
- destroy_pool(cmd->tmp_pool);
- cmd->tmp_pool = NULL;
- }
-
-+ if (auth_tab) {
-+ pr_trace_msg(trace_channel, 5, "emptying authcache");
-+ (void) pr_table_empty(auth_tab);
-+ (void) pr_table_free(auth_tab);
-+ auth_tab = NULL;
-+ }
-+
- return;
- }
-
-@@ -136,7 +162,7 @@
- modret_t *mr = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "setgrent");
-+ mr = dispatch_auth(cmd, "setgrent", NULL);
-
- if (cmd->tmp_pool) {
- destroy_pool(cmd->tmp_pool);
-@@ -151,7 +177,7 @@
- modret_t *mr = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "endgrent");
-+ mr = dispatch_auth(cmd, "endgrent", NULL);
-
- if (cmd->tmp_pool) {
- destroy_pool(cmd->tmp_pool);
-@@ -167,7 +193,7 @@
- struct passwd *res = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "getpwent");
-+ mr = dispatch_auth(cmd, "getpwent", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
- res = mr->data;
-@@ -201,7 +227,7 @@
- struct group *res = NULL;
-
- cmd = make_cmd(p, 0);
-- mr = dispatch_auth(cmd, "getgrent");
-+ mr = dispatch_auth(cmd, "getgrent", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
- res = mr->data;
-@@ -228,11 +254,13 @@
- cmd_rec *cmd = NULL;
- modret_t *mr = NULL;
- struct passwd *res = NULL;
-+ module *m = NULL;
-
- cmd = make_cmd(p, 1, name);
-- mr = dispatch_auth(cmd, "getpwnam");
-+ mr = dispatch_auth(cmd, "getpwnam", &m);
-
-- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
-+ if (MODRET_ISHANDLED(mr) &&
-+ MODRET_HASDATA(mr))
- res = mr->data;
-
- if (cmd->tmp_pool) {
-@@ -257,6 +285,46 @@
- return NULL;
- }
-
-+ if (!auth_tab && auth_pool) {
-+ auth_tab = pr_table_alloc(auth_pool, 0);
-+ }
-+
-+ if (m && auth_tab) {
-+ int count = 0;
-+ void *value = NULL;
-+
-+ value = palloc(auth_pool, sizeof(module *));
-+ *((module **) value) = m;
-+
-+ count = pr_table_exists(auth_tab, name);
-+ if (count <= 0) {
-+ if (pr_table_add(auth_tab, pstrdup(auth_pool, name), value,
-+ sizeof(module *)) < 0) {
-+ pr_trace_msg(trace_channel, 3,
-+ "error adding module 'mod_%s.c' for user '%s' to the authcache: %s",
-+ m->name, name, strerror(errno));
-+
-+ } else {
-+ pr_trace_msg(trace_channel, 5,
-+ "stashed module 'mod_%s.c' for user '%s' in the authcache",
-+ m->name, name);
-+ }
-+
-+ } else {
-+ if (pr_table_set(auth_tab, pstrdup(auth_pool, name), value,
-+ sizeof(module *)) < 0) {
-+ pr_trace_msg(trace_channel, 3,
-+ "error setting module 'mod_%s.c' for user '%s' in the authcache: %s",
-+ m->name, name, strerror(errno));
-+
-+ } else {
-+ pr_trace_msg(trace_channel, 5,
-+ "stashed module 'mod_%s.c' for user '%s' in the authcache",
-+ m->name, name);
-+ }
-+ }
-+ }
-+
- pr_log_debug(DEBUG10, "retrieved UID %lu for user '%s'",
- (unsigned long) res->pw_uid, name);
- return res;
-@@ -268,7 +336,7 @@
- struct passwd *res = NULL;
-
- cmd = make_cmd(p, 1, (void *) &uid);
-- mr = dispatch_auth(cmd, "getpwuid");
-+ mr = dispatch_auth(cmd, "getpwuid", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
- res = mr->data;
-@@ -306,7 +374,7 @@
- struct group *res = NULL;
-
- cmd = make_cmd(p, 1, name);
-- mr = dispatch_auth(cmd, "getgrnam");
-+ mr = dispatch_auth(cmd, "getgrnam", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
- res = mr->data;
-@@ -339,7 +407,7 @@
- struct group *res = NULL;
-
- cmd = make_cmd(p, 1, (void *) &gid);
-- mr = dispatch_auth(cmd, "getgrgid");
-+ mr = dispatch_auth(cmd, "getgrgid", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr))
- res = mr->data;
-@@ -369,10 +437,25 @@
- int pr_auth_authenticate(pool *p, const char *name, const char *pw) {
- cmd_rec *cmd = NULL;
- modret_t *mr = NULL;
-+ module *m = NULL;
- int res = PR_AUTH_NOPWD;
-
- cmd = make_cmd(p, 2, name, pw);
-- mr = dispatch_auth(cmd, "auth");
-+
-+ if (auth_tab) {
-+
-+ /* Fetch the specific module to be used for authenticating this user. */
-+ void *v = pr_table_get(auth_tab, name, NULL);
-+ if (v) {
-+ m = *((module **) v);
-+
-+ pr_trace_msg(trace_channel, 4,
-+ "using module 'mod_%s.c' from authcache to authenticate user '%s'",
-+ m->name, name);
-+ }
-+ }
-+
-+ mr = dispatch_auth(cmd, "auth", m ? &m : NULL);
-
- if (MODRET_ISHANDLED(mr))
- res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-@@ -391,10 +474,25 @@
- int pr_auth_check(pool *p, const char *cpw, const char *name, const char *pw) {
- cmd_rec *cmd = NULL;
- modret_t *mr = NULL;
-+ module *m = NULL;
- int res = PR_AUTH_BADPWD;
-
- cmd = make_cmd(p, 3, cpw, name, pw);
-- mr = dispatch_auth(cmd, "check");
-+
-+ if (auth_tab) {
-+
-+ /* Fetch the specific module to be used for authenticating this user. */
-+ void *v = pr_table_get(auth_tab, name, NULL);
-+ if (v) {
-+ m = *((module **) v);
-+
-+ pr_trace_msg(trace_channel, 4,
-+ "using module 'mod_%s.c' from authcache to authenticate user '%s'",
-+ m->name, name);
-+ }
-+ }
-+
-+ mr = dispatch_auth(cmd, "check", m ? &m : NULL);
-
- if (MODRET_ISHANDLED(mr))
- res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-@@ -413,7 +511,7 @@
- int res = TRUE;
-
- cmd = make_cmd(p, 1, name);
-- mr = dispatch_auth(cmd, "requires_pass");
-+ mr = dispatch_auth(cmd, "requires_pass", NULL);
-
- if (MODRET_ISHANDLED(mr))
- res = FALSE;
-@@ -438,7 +536,7 @@
- memset(namebuf, '\0', sizeof(namebuf));
-
- cmd = make_cmd(p, 1, (void *) &uid);
-- mr = dispatch_auth(cmd, "uid2name");
-+ mr = dispatch_auth(cmd, "uid2name", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr)) {
- res = mr->data;
-@@ -463,7 +561,7 @@
- memset(namebuf, '\0', sizeof(namebuf));
-
- cmd = make_cmd(p, 1, (void *) &gid);
-- mr = dispatch_auth(cmd, "gid2name");
-+ mr = dispatch_auth(cmd, "gid2name", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr)) {
- res = mr->data;
-@@ -485,7 +583,7 @@
- uid_t res = (uid_t) -1;
-
- cmd = make_cmd(p, 1, name);
-- mr = dispatch_auth(cmd, "name2uid");
-+ mr = dispatch_auth(cmd, "name2uid", NULL);
-
- if (MODRET_ISHANDLED(mr))
- res = *((uid_t *) mr->data);
-@@ -506,7 +604,7 @@
- gid_t res = (gid_t) -1;
-
- cmd = make_cmd(p, 1, name);
-- mr = dispatch_auth(cmd, "name2gid");
-+ mr = dispatch_auth(cmd, "name2gid", NULL);
-
- if (MODRET_ISHANDLED(mr))
- res = *((gid_t *) mr->data);
-@@ -538,7 +636,7 @@
- cmd = make_cmd(p, 3, name, group_ids ? *group_ids : NULL,
- group_names ? *group_names : NULL);
-
-- mr = dispatch_auth(cmd, "getgroups");
-+ mr = dispatch_auth(cmd, "getgroups", NULL);
-
- if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr)) {
- res = *((int *) mr->data);
-@@ -832,3 +930,10 @@
- return res;
- }
-
-+/* Internal use only. To be called in the session process. */
-+int init_auth(void) {
-+ auth_pool = make_sub_pool(permanent_pool);
-+ pr_pool_tag(auth_pool, "Auth API");
-+
-+ return 0;
-+}
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug178866.patch b/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug178866.patch
deleted file mode 100644
index 206ffb0d6384..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug178866.patch
+++ /dev/null
@@ -1,68 +0,0 @@
---- src/auth.c 2007/04/17 21:33:40 1.48
-+++ src/auth.c 2007/05/21 15:19:41 1.49
-@@ -442,6 +442,32 @@
-
- cmd = make_cmd(p, 2, name, pw);
-
-+ /* First, check for the mod_auth_pam.c module.
-+ *
-+ * PAM is a bit of hack in this Auth API, because PAM only provides
-+ * yes/no checks, and is not a source of user information.
-+ */
-+ m = pr_module_get("mod_auth_pam.c");
-+ if (m) {
-+ pr_trace_msg(trace_channel, 4,
-+ "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
-+
-+ mr = dispatch_auth(cmd, "auth", &m);
-+
-+ if (MODRET_ISHANDLED(mr)) {
-+ res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-+
-+ if (cmd->tmp_pool) {
-+ destroy_pool(cmd->tmp_pool);
-+ cmd->tmp_pool = NULL;
-+ }
-+
-+ return res;
-+ }
-+
-+ m = NULL;
-+ }
-+
- if (auth_tab) {
-
- /* Fetch the specific module to be used for authenticating this user. */
-@@ -479,6 +505,32 @@
-
- cmd = make_cmd(p, 3, cpw, name, pw);
-
-+ /* First, check for the mod_auth_pam.c module.
-+ *
-+ * PAM is a bit of hack in this Auth API, because PAM only provides
-+ * yes/no checks, and is not a source of user information.
-+ */
-+ m = pr_module_get("mod_auth_pam.c");
-+ if (m) {
-+ pr_trace_msg(trace_channel, 4,
-+ "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
-+
-+ mr = dispatch_auth(cmd, "auth", &m);
-+
-+ if (MODRET_ISHANDLED(mr)) {
-+ res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-+
-+ if (cmd->tmp_pool) {
-+ destroy_pool(cmd->tmp_pool);
-+ cmd->tmp_pool = NULL;
-+ }
-+
-+ return res;
-+ }
-+
-+ m = NULL;
-+ }
-+
- if (auth_tab) {
-
- /* Fetch the specific module to be used for authenticating this user. */
diff --git a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug181712.patch b/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug181712.patch
deleted file mode 100644
index fbe8fed1f1f0..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.1_rc2-bug181712.patch
+++ /dev/null
@@ -1,35 +0,0 @@
---- src/auth.c 21 May 2007 15:19:41 -0000 1.49
-+++ src/auth.c 12 Jun 2007 18:54:15 -0000
-@@ -449,12 +449,12 @@
- */
- m = pr_module_get("mod_auth_pam.c");
- if (m) {
-- pr_trace_msg(trace_channel, 4,
-- "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
--
- mr = dispatch_auth(cmd, "auth", &m);
-
- if (MODRET_ISHANDLED(mr)) {
-+ pr_trace_msg(trace_channel, 4,
-+ "module 'mod_auth_pam.c' used for authenticating user '%s'", name);
-+
- res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-
- if (cmd->tmp_pool) {
-@@ -512,12 +512,12 @@
- */
- m = pr_module_get("mod_auth_pam.c");
- if (m) {
-- pr_trace_msg(trace_channel, 4,
-- "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
--
-- mr = dispatch_auth(cmd, "auth", &m);
-+ mr = dispatch_auth(cmd, "check", &m);
-
- if (MODRET_ISHANDLED(mr)) {
-+ pr_trace_msg(trace_channel, 4,
-+ "module 'mod_auth_pam.c' used for authenticating user '%s'", name);
-+
- res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
-
- if (cmd->tmp_pool) {
diff --git a/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch b/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch
deleted file mode 100644
index 1b95d3c239d5..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.2_rc2-CVE-2008-4242.patch
+++ /dev/null
@@ -1,192 +0,0 @@
-This fixes CVE-2008-4242 (Gentoo bug 238762)
-Source: http://bugs.proftpd.org/show_bug.cgi?id=3115
-
-Index: src/main.c
-===================================================================
-RCS file: /cvsroot/proftp/proftpd/src/main.c,v
-retrieving revision 1.344
-diff -u -r1.344 main.c
---- src/main.c 8 Sep 2008 00:47:11 -0000 1.344
-+++ src/main.c 20 Sep 2008 20:10:49 -0000
-@@ -516,20 +516,32 @@
- static long get_max_cmd_len(size_t buflen) {
- long res;
- int *bufsz = NULL;
-+ size_t default_cmd_bufsz;
-
-+ /* It's possible for the admin to select a PR_TUNABLE_BUFFER_SIZE which
-+ * is smaller than PR_DEFAULT_CMD_BUFSZ. We need to handle such cases
-+ * properly.
-+ */
-+ default_cmd_bufsz = PR_DEFAULT_CMD_BUFSZ;
-+ if (default_cmd_bufsz > buflen) {
-+ default_cmd_bufsz = buflen;
-+ }
-+
- bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
- if (bufsz == NULL) {
-- res = PR_DEFAULT_CMD_BUFSZ;
-+ res = default_cmd_bufsz;
-
- } else if (*bufsz <= 0) {
- pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, "
-- "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ);
-- res = PR_DEFAULT_CMD_BUFSZ;
-+ "using default buffer size (%lu) instead", *bufsz,
-+ (unsigned long) default_cmd_bufsz);
-+ res = default_cmd_bufsz;
-
- } else if (*bufsz + 1 > buflen) {
- pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) given, "
-- "using default buffer size (%u) instead", *bufsz, PR_DEFAULT_CMD_BUFSZ);
-- res = PR_DEFAULT_CMD_BUFSZ;
-+ "using default buffer size (%lu) instead", *bufsz,
-+ (unsigned long) default_cmd_bufsz);
-+ res = default_cmd_bufsz;
-
- } else {
- pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
-@@ -577,11 +589,26 @@
- return -1;
- }
-
-- memset(buf, '\0', sizeof(buf));
-+ while (TRUE) {
-+ pr_signals_handle();
-
-- if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm,
-- session.c->outstrm) == NULL)
-- return -1;
-+ memset(buf, '\0', sizeof(buf));
-+
-+ if (pr_netio_telnet_gets(buf, sizeof(buf)-1, session.c->instrm,
-+ session.c->outstrm) == NULL) {
-+
-+ if (errno == E2BIG) {
-+ /* The client sent a too-long command which was ignored; give
-+ * them another chance?
-+ */
-+ continue;
-+ }
-+
-+ return -1;
-+ }
-+
-+ break;
-+ }
-
- if (cmd_bufsz == -1)
- cmd_bufsz = get_max_cmd_len(sizeof(buf));
-Index: src/netio.c
-===================================================================
-RCS file: /cvsroot/proftp/proftpd/src/netio.c,v
-retrieving revision 1.33
-diff -u -r1.33 netio.c
---- src/netio.c 3 Apr 2008 03:14:31 -0000 1.33
-+++ src/netio.c 20 Sep 2008 20:10:49 -0000
-@@ -1,6 +1,6 @@
- /*
- * ProFTPD - FTP server daemon
-- * Copyright (c) 2001-2007 The ProFTPD Project team
-+ * Copyright (c) 2001-2008 The ProFTPD Project team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
-@@ -30,19 +30,19 @@
- #include <signal.h>
-
- #ifndef IAC
--#define IAC 255
-+# define IAC 255
- #endif
- #ifndef DONT
--#define DONT 254
-+# define DONT 254
- #endif
- #ifndef DO
--#define DO 253
-+# define DO 253
- #endif
- #ifndef WONT
--#define WONT 252
-+# define WONT 252
- #endif
- #ifndef WILL
--#define WILL 251
-+# define WILL 251
- #endif
-
- static const char *trace_channel = "netio";
-@@ -51,6 +51,17 @@
- static pr_netio_t *core_data_netio = NULL, *data_netio = NULL;
- static pr_netio_t *core_othr_netio = NULL, *othr_netio = NULL;
-
-+/* Used to track whether the previous text read from the client's control
-+ * connection was a properly-terminated command. If so, then read in the
-+ * next/current text as per normal. If NOT (e.g. the client sent a too-long
-+ * command), then read in the next/current text, but ignore it. Only clear
-+ * this flag if the next/current command can be read as per normal.
-+ *
-+ * The pr_netio_telnet_gets() uses this variable, in conjunction with its
-+ * saw_newline flag, for handling too-long commands from clients.
-+ */
-+static int properly_terminated_prev_command = TRUE;
-+
- static pr_netio_stream_t *netio_stream_alloc(pool *parent_pool) {
- pool *netio_pool = NULL;
- pr_netio_stream_t *nstrm = NULL;
-@@ -950,7 +961,7 @@
- char *bp = buf;
- unsigned char cp;
- static unsigned char mode = 0;
-- int toread, handle_iac = TRUE;
-+ int toread, handle_iac = TRUE, saw_newline = FALSE;
- pr_buffer_t *pbuf = NULL;
-
- if (buflen == 0) {
-@@ -983,8 +994,9 @@
- *bp = '\0';
- return buf;
-
-- } else
-+ } else {
- return NULL;
-+ }
- }
-
- pbuf->remaining = pbuf->buflen - toread;
-@@ -1049,6 +1061,8 @@
- toread--;
- *bp++ = *pbuf->current++;
- pbuf->remaining++;
-+
-+ saw_newline = TRUE;
- break;
- }
-
-@@ -1056,6 +1070,25 @@
- pbuf->current = NULL;
- }
-
-+ if (!saw_newline) {
-+ /* If we haven't seen a newline, then assume the client is deliberately
-+ * sending a too-long command, trying to exploit buffer sizes and make
-+ * the server make some possibly bad assumptions.
-+ */
-+
-+ properly_terminated_prev_command = FALSE;
-+ errno = E2BIG;
-+ return NULL;
-+ }
-+
-+ if (!properly_terminated_prev_command) {
-+ properly_terminated_prev_command = TRUE;
-+ pr_log_pri(PR_LOG_NOTICE, "client sent too-long command, ignoring");
-+ errno = E2BIG;
-+ return NULL;
-+ }
-+
-+ properly_terminated_prev_command = TRUE;
- *bp = '\0';
- return buf;
- }