diff options
author | Peter Volkov <pva@gentoo.org> | 2011-06-14 11:42:16 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2011-06-14 11:42:16 +0000 |
commit | 78a9b85730f6cfa8a05d33ab49e8353b67f46b8f (patch) | |
tree | 0ffdf0ef4d6592e337089647ac51f267ea16e8be /net-im/ejabberd | |
parent | Added missed mkfontdir to DEPEND, bug #371231 thank Piotr Szymaniak for report. (diff) | |
download | historical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.tar.gz historical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.tar.bz2 historical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.zip |
Version bump, fixes security bug #370201 thank Federico Cuello for report. Fix permissions of ssl certificate, but #369809 thank Gavin Pryke for the patch.
Package-Manager: portage-2.1.10.3/cvs/Linux x86_64
Diffstat (limited to 'net-im/ejabberd')
-rw-r--r-- | net-im/ejabberd/ChangeLog | 9 | ||||
-rw-r--r-- | net-im/ejabberd/Manifest | 15 | ||||
-rw-r--r-- | net-im/ejabberd/ejabberd-2.1.8.ebuild | 214 |
3 files changed, 226 insertions, 12 deletions
diff --git a/net-im/ejabberd/ChangeLog b/net-im/ejabberd/ChangeLog index 796c276bc357..d27ff42185ac 100644 --- a/net-im/ejabberd/ChangeLog +++ b/net-im/ejabberd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-im/ejabberd # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.93 2011/03/25 11:18:22 tomka Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.94 2011/06/14 11:42:16 pva Exp $ + +*ejabberd-2.1.8 (14 Jun 2011) + + 14 Jun 2011; Peter Volkov <pva@gentoo.org> +ejabberd-2.1.8.ebuild: + Version bump, fixes security bug #370201 thank Federico Cuello for report. + Fix permissions of ssl certificate, but #369809 thank Gavin Pryke for the + patch. 25 Mar 2011; Thomas Kahle <tomka@gentoo.org> ejabberd-2.1.6.ebuild: x86 stable per bug 359961 diff --git a/net-im/ejabberd/Manifest b/net-im/ejabberd/Manifest index cb6d685d8b22..c19ad2fee7ca 100644 --- a/net-im/ejabberd/Manifest +++ b/net-im/ejabberd/Manifest @@ -1,6 +1,3 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - AUX ejabberd-2.0.5-erlang-13.patch 16877 RMD160 4b8924f5b37de85823dec539523e7800c394bc7c SHA1 663ffc03f29613d695589c199222bc0382a24c76 SHA256 3d5cb7c163647580e1776a4e31ca3f8e03b1b411288b8273c861d17db5fa1e4a AUX ejabberd-2.1.4-mod_shared_roster_ldap.patch 418 RMD160 a810f3b5c23e5985aed699a68e32c749494e021d SHA1 4276671d435c04ab00ec7b6e2d5f0acb58845753 SHA256 72fb86c7be4a62518f0de7a42b77ea4ba3cf858247636a34b3f267862e1dc624 AUX ejabberd-2.1.5-md2-optional.patch 6794 RMD160 0194fcb2b9e8add51256355d4a4c9548eb8eb031 SHA1 acde0e849cb626d0ba9184aaf9e995c9a06bd625 SHA256 c3414cf40f17f73dbf21f67b9ccb4e7d84b14a634848cf36960f3b51e21d0c9a @@ -15,15 +12,11 @@ AUX ssl.cnf 1042 RMD160 47d2542942fb21f4be1e827d47eb4e0468e73910 SHA1 7347bae5a1 DIST 2.1.1-mod_statsdx.patch.bz2 13041 RMD160 9cc6d71ff2a2d58b0e377a3facb564d22d46af25 SHA1 4ef326eff97283530ee137613c009fe132312644 SHA256 a290217d7fd2c338d9ddba73e25ee052a3735d7168aafd24750de113f43ebc5f DIST ejabberd-2.1.5.tar.gz 2278008 RMD160 7abd6bc4a03f68d03e13ee8c1ff3a5fee6098dc6 SHA1 8966d6752219c9386f48a5b8e1f2f8fb0e7477ae SHA256 31a46228c6933d7c24435753300a4d2ae2e84568a6097175dc5d4e553299dd9d DIST ejabberd-2.1.6.tar.gz 2874967 RMD160 9b6ed4986ffcd1ea90d23770e54cb002bc52304c SHA1 a1afbfc270f8e4c945bd91f64b7073781590535b SHA256 b54886b119a0ae9f19c8dd91a18e85e518fbd979d47812bee582e872cfbc3544 +DIST ejabberd-2.1.8.tar.gz 3382833 RMD160 24d3042565a8631447bbf56f998f3a2377c23822 SHA1 3f8ecc944e0719577bfc45a68e974b1945ffa296 SHA256 dedf7684f9e96efbbc12f08f175096ef50b3f75b284bd27d172eaf75cecded7f +DIST ejabberd-mod_statsdx-1080.patch.gz 14024 RMD160 eb40aa4c3b7b4529a317c8b521a883d156f90ce9 SHA1 ba669e917393b4400878613464ff83a84ff414da SHA256 0f3a3a991c14d797e795ef4fffcf19aa9a54608f5053b759187ec7d3696b9edb DIST mod_shared_roster_ldap-0.5.1.tgz 607758 RMD160 5669a3d16fbca4d399e85a7d0dfda71643e6e2c7 SHA1 a9498d26e17752b882b3341b633d1804075d74ef SHA256 60e4ba0921d1ac65f9cca04fa2a7a3bbe3a9af52a26ad1a4fca4a3c6f1f0cc19 EBUILD ejabberd-2.1.5.ebuild 8363 RMD160 7c23c35b3d3f41bb7e8947d7b5d37ab12dc480c6 SHA1 cfa596018e4b544dfb6c52dc1d5defb834822bbe SHA256 cb106a14aab74f7009433707713c3a77b5640cbcb0abb2d2f345ce84c4666581 EBUILD ejabberd-2.1.6.ebuild 7948 RMD160 1c205869f9ef0639f56c32f18aeb5bf271153f8c SHA1 10d11a34ff6675dc1d7761bc3b72f73479a6e6db SHA256 c2ca8d8730e3326fc7b5ab6de5ddfbf09dd87bb2dd00d49cd6bcea4e400dbfe4 -MISC ChangeLog 19299 RMD160 197a4a55ffd74db66f71f5077d7577a480e38084 SHA1 25378353cabdf066284a325896df034bd546e043 SHA256 b7e05f55cdd277ceec40c3f05384c5046b82cc70b85e30331c243a718f2c54d8 +EBUILD ejabberd-2.1.8.ebuild 8104 RMD160 912038ad701a33538a8377c3a2364d8edbae5ac3 SHA1 89fe421b4a03969cded681eb4a89fd3ae67ea212 SHA256 61f7575e9e6260894d4bb351f25a074471213a91cb72c87bb28d29ddc67ba8c2 +MISC ChangeLog 19560 RMD160 f7b5b02a3c1339a0a11b3738042d74de7f3cc550 SHA1 551325ee20b3d4e3ca1fb977efec3aada77d1982 SHA256 7d0686e5c37b582841a8355efb484de3fb8cc64ebcec268f524c74d51f7a3b7e MISC metadata.xml 929 RMD160 3a456c8945da34e417ca2fb659807a280b834f85 SHA1 a7b3173f8b63655c049881629e1354c71ddd633e SHA256 4d46909fd72908dff8698bb9dfcf60132e973b28eabbfe75001397ed349ff11b ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) - -iEYEARECAAYFAk2MekMACgkQnZsgo/h8kNaUEQCfbPDzs/rgoosxOaL6LKIb5Tjo -Y28AoJT7HwCutS7B5NOYdZuuGcOnHZIc -=4vTH ------END PGP SIGNATURE----- diff --git a/net-im/ejabberd/ejabberd-2.1.8.ebuild b/net-im/ejabberd/ejabberd-2.1.8.ebuild new file mode 100644 index 000000000000..5258d77b1145 --- /dev/null +++ b/net-im/ejabberd/ejabberd-2.1.8.ebuild @@ -0,0 +1,214 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ejabberd-2.1.8.ebuild,v 1.1 2011/06/14 11:42:16 pva Exp $ + +EAPI=4 + +inherit eutils multilib pam ssl-cert + +DESCRIPTION="The Erlang Jabber Daemon" +HOMEPAGE="http://www.ejabberd.im/" +SRC_URI="http://www.process-one.net/downloads/${PN}/${PV}/${P}.tar.gz + mod_statsdx? ( mirror://gentoo/ejabberd-mod_statsdx-1080.patch.gz )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ia64 ~ppc ~sparc ~x86" +EJABBERD_MODULES="mod_irc mod_muc mod_proxy65 mod_pubsub mod_statsdx" +IUSE="captcha debug ldap odbc pam +web zlib ${EJABBERD_MODULES}" + +DEPEND=">=net-im/jabber-base-0.01 + >=dev-libs/expat-1.95 + >=dev-lang/erlang-12.2.5[ssl] + odbc? ( dev-db/unixODBC ) + ldap? ( =net-nds/openldap-2* ) + >=dev-libs/openssl-0.9.8e + captcha? ( media-gfx/imagemagick[truetype,png] ) + zlib? ( sys-libs/zlib )" +#>=sys-apps/shadow-4.1.4.2-r3 - fixes bug in su that made ejabberdctl unworkable. +RDEPEND="${DEPEND} + >=sys-apps/shadow-4.1.4.2-r3 + pam? ( virtual/pam )" + +S=${WORKDIR}/${P}/src + +# paths in net-im/jabber-base +JABBER_ETC="${EPREFIX}/etc/jabber" +#JABBER_RUN="/var/run/jabber" +JABBER_SPOOL="${EPREFIX}/var/spool/jabber" +JABBER_LOG="${EPREFIX}/var/log/jabber" +JABBER_DOC="${EPREFIX}/usr/share/doc/${PF}" + +src_prepare() { + if use mod_statsdx; then + ewarn "mod_statsdx is not a part of upstream tarball but is a third-party module" + ewarn "taken from here: http://www.ejabberd.im/mod_stats2file" + epatch "${WORKDIR}/2.1.1-mod_statsdx.patch" + fi + + # don't install release notes (we'll do this manually) + sed '/install .* [.][.]\/doc\/[*][.]txt $(DOCDIR)/d' -i Makefile.in || die + # Set correct paths + sed -e "/^EJABBERDDIR[[:space:]]*=/{s:ejabberd:${PF}:}" \ + -e "/^ETCDIR[[:space:]]*=/{s:@sysconfdir@/ejabberd:${JABBER_ETC}:}" \ + -e "/^LOGDIR[[:space:]]*=/{s:@localstatedir@/log/ejabberd:${JABBER_LOG}:}" \ + -e "/^SPOOLDIR[[:space:]]*=/{s:@localstatedir@/lib/ejabberd:${JABBER_SPOOL}:}" \ + -i Makefile.in || die + sed -e "/EJABBERDDIR=/{s:ejabberd:${PF}:}" \ + -e "s|\(ETCDIR=\)@SYSCONFDIR@.*|\1${JABBER_ETC}|" \ + -e "s|\(LOGS_DIR=\)@LOCALSTATEDIR@.*|\1${JABBER_LOG}|" \ + -e "s|\(SPOOLDIR=\)@LOCALSTATEDIR@.*|\1${JABBER_SPOOL}|" \ + -i ejabberdctl.template || die + + # Set shell, so it'll work even in case jabber user have no shell + # This is gentoo specific I guess since other distributions may have + # ejabberd user with reall shell, while we share this user among different + # jabberd implementations. + sed '/^HOME/aSHELL=/bin/sh' -i ejabberdctl.template || die + sed '/^export HOME/aexport SHELL' -i ejabberdctl.template || die + + #sed -e "s:/share/doc/ejabberd/:${JABBER_DOC}:" -i web/ejabberd_web_admin.erl + + # fix up the ssl cert paths in ejabberd.cfg to use our cert + sed -e "s:/path/to/ssl.pem:/etc/ssl/ejabberd/server.pem:g" \ + -i ejabberd.cfg.example || die "Failed sed ejabberd.cfg.example" + + # correct path to captcha script in default ejabberd.cfg + sed -e 's|\({captcha_cmd,[[:space:]]*"\).\+"}|\1/usr/'$(get_libdir)'/erlang/lib/'${P}'/priv/bin/captcha.sh"}|' \ + -i ejabberd.cfg.example || die "Failed sed ejabberd.cfg.example" + + # disable mod_irc in ejabberd.cfg + if ! use mod_irc; then + sed -i -e "s/{mod_irc,/%{mod_irc,/" \ + -i ejabberd.cfg.example || die "Failed to disable mod_irc" + fi + +} + +src_configure() { + econf \ + --docdir="${EPREFIX}/usr/share/doc/${PF}/html" \ + --libdir="${EPREFIX}/usr/$(get_libdir)/erlang/lib/" \ + $(use_enable mod_irc) \ + $(use_enable ldap eldap) \ + $(use_enable mod_muc) \ + $(use_enable mod_proxy65) \ + $(use_enable mod_pubsub) \ + $(use_enable web) \ + $(use_enable odbc) \ + $(use_enable zlib ejabberd_zlib) \ + $(use_enable pam) \ + --enable-user=jabber +} + +src_compile() { + emake $(use debug && echo debug=true ejabberd_debug=true) || die "compiling ejabberd core failed" +} + +src_install() { + emake DESTDIR="${ED}" install || die "install failed" + + # Pam helper module permissions + # http://www.process-one.net/docs/ejabberd/guide_en.html + if use pam; then + pamd_mimic_system xmpp auth account || die "Cannot create pam.d file" + fowners root:jabber "/usr/$(get_libdir)/erlang/lib/${PF}/priv/bin/epam" || die + fperms 4750 "/usr/$(get_libdir)/erlang/lib/${PF}/priv/bin/epam" || die "Cannot adjust epam permissions" + fi + + cd "${WORKDIR}/${P}/doc" + dodoc "release_notes_${PV%%_rc*}.txt" || die + + #dodir /var/lib/ejabberd + newinitd "${FILESDIR}/${PN}-3.initd" ${PN} || die "Cannot install init.d script" + newconfd "${FILESDIR}/${PN}-3.confd" ${PN} || die "Cannot install conf.d file" +} + +pkg_postinst() { + elog "For configuration instructions, please see" + elog "/usr/share/doc/${PF}/html/guide.html, or the online version at" + elog "http://www.process-one.net/en/ejabberd/docs/guide_en/" + + if ! use web ; then + ewarn + ewarn "The web USE flag is off, this has disabled the web admin interface." + ewarn + fi + + elog + elog '====================================================================' + elog 'Quick Start Guide:' + elog '1) Add output of `hostname -f` to /etc/jabber/ejabberd.cfg line 91' + elog ' {hosts, ["localhost", "thehost"]}.' + elog '2) Add an admin user to /etc/jabber/ejabberd.cfg line 360' + elog ' {acl, admin, {user, "theadmin", "thehost"}}.' + elog '3) Start the server' + elog ' # /etc/init.d/ejabberd start' + elog '4) Register the admin user' + elog ' # /usr/sbin/ejabberdctl register theadmin thehost thepassword' + elog '5) Log in with your favourite jabber client or using the web admin' + + # Upgrading from ejabberd-2.0.x: + if grep -E '^[^#]*EJABBERD_NODE=' "${EROOT}/etc/conf.d/ejabberd" >/dev/null 2>&1; then + source "${EROOT}/etc/conf.d/ejabberd" + ewarn + ewarn "!!! WARNING !!! WARNING !!! WARNING !!! WARNING !!!" + ewarn "Starting with 2.1.x some paths and configuration files were" + ewarn "changed to reflect upstream intentions better. Notable changes are:" + ewarn + ewarn "1. Everything (even init scripts) is now handled with ejabberdctl script." + ewarn "Thus main configuration file became /etc/jabberd/ejabberdctl.cfg" + ewarn "You must update ERLANG_NODE there with the value of EJABBERD_NODE" + ewarn "from /etc/conf.d/ejebberd or ejabberd will refuse to start." + ewarn + ewarn "2. SSL certificate is now generated with ssl-cert eclass and resides" + ewarn "at standard location: /etc/ssl/ejabberd/server.pem." + ewarn + ewarn "3. Cookie now resides at /var/spool/jabber/.erlang.cookie" + ewarn + ewarn "4. /var/log/jabber/sasl.log is now /var/log/jabber/erlang.log" + ewarn + ewarn "5. Crash dumps (if any) will be located at /var/log/jabber" + + local i ctlcfg new_ctlcfg + i=0 + ctlcfg=${EROOT}/etc/jabber/ejabberdctl.cfg + while :; do + new_ctlcfg=$(printf "${EROOT}/etc/jabber/._cfg%04d_ejabberdctl.cfg" ${i}) + [[ ! -e ${new_ctlcfg} ]] && break + ctlcfg=${new_ctlcfg} + ((i++)) + done + + ewarn + ewarn "Updating ${ctlcfg} (debug: ${new_ctlcfg})" + sed -e "/#ERLANG_NODE=/aERLANG_NODE=$EJABBERD_NODE" "${ctlcfg}" > "${new_ctlcfg}" || die + + if [[ -e ${EROOT}/var/run/jabber/.erlang.cookie ]]; then + ewarn "Moving .erlang.cookie..." + if [[ -e ${EROOT}/var/spool/jabber/.erlang.cookie ]]; then + mv -v "${EROOT}"/var/spool/jabber/.erlang.cookie{,bak} + fi + mv -v "${EROOT}"/var/{run/jabber,spool/jabber}/.erlang.cookie + fi + ewarn + ewarn "We'll try to handle upgrade automagically but, please, do your" + ewarn "own checks and do not forget to run 'etc-update'!" + ewarn "PLEASE! Run 'etc-update' now!" + fi + + SSL_ORGANIZATION="${SSL_ORGANIZATION:-Ejabberd XMPP Server}" + install_cert /etc/ssl/ejabberd/server + # Fix ssl cert permissions bug #369809 + chown root:jabber "${EROOT}/etc/ssl/ejabberd/server.pem" + chmod 0440 "${EROOT}/etc/ssl/ejabberd/server.pem" + if [[ -e ${EROOT}/etc/jabber/ssl.pem ]]; then + ewarn + ewarn "The location of SSL certificates has changed. If you are" + ewarn "upgrading from ${CATEGORY}/${PN}-2.0.5* or earlier you might" + ewarn "want to move your old certificates from /etc/jabber into" + ewarn "/etc/ssl/ejabberd/, update config files and" + ewarn "rm /etc/jabber/ssl.pem to avoid this message." + ewarn + fi +} |