summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2011-06-14 11:42:16 +0000
committerPeter Volkov <pva@gentoo.org>2011-06-14 11:42:16 +0000
commit78a9b85730f6cfa8a05d33ab49e8353b67f46b8f (patch)
tree0ffdf0ef4d6592e337089647ac51f267ea16e8be /net-im/ejabberd
parentAdded missed mkfontdir to DEPEND, bug #371231 thank Piotr Szymaniak for report. (diff)
downloadhistorical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.tar.gz
historical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.tar.bz2
historical-78a9b85730f6cfa8a05d33ab49e8353b67f46b8f.zip
Version bump, fixes security bug #370201 thank Federico Cuello for report. Fix permissions of ssl certificate, but #369809 thank Gavin Pryke for the patch.
Package-Manager: portage-2.1.10.3/cvs/Linux x86_64
Diffstat (limited to 'net-im/ejabberd')
-rw-r--r--net-im/ejabberd/ChangeLog9
-rw-r--r--net-im/ejabberd/Manifest15
-rw-r--r--net-im/ejabberd/ejabberd-2.1.8.ebuild214
3 files changed, 226 insertions, 12 deletions
diff --git a/net-im/ejabberd/ChangeLog b/net-im/ejabberd/ChangeLog
index 796c276bc357..d27ff42185ac 100644
--- a/net-im/ejabberd/ChangeLog
+++ b/net-im/ejabberd/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-im/ejabberd
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.93 2011/03/25 11:18:22 tomka Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ChangeLog,v 1.94 2011/06/14 11:42:16 pva Exp $
+
+*ejabberd-2.1.8 (14 Jun 2011)
+
+ 14 Jun 2011; Peter Volkov <pva@gentoo.org> +ejabberd-2.1.8.ebuild:
+ Version bump, fixes security bug #370201 thank Federico Cuello for report.
+ Fix permissions of ssl certificate, but #369809 thank Gavin Pryke for the
+ patch.
25 Mar 2011; Thomas Kahle <tomka@gentoo.org> ejabberd-2.1.6.ebuild:
x86 stable per bug 359961
diff --git a/net-im/ejabberd/Manifest b/net-im/ejabberd/Manifest
index cb6d685d8b22..c19ad2fee7ca 100644
--- a/net-im/ejabberd/Manifest
+++ b/net-im/ejabberd/Manifest
@@ -1,6 +1,3 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
AUX ejabberd-2.0.5-erlang-13.patch 16877 RMD160 4b8924f5b37de85823dec539523e7800c394bc7c SHA1 663ffc03f29613d695589c199222bc0382a24c76 SHA256 3d5cb7c163647580e1776a4e31ca3f8e03b1b411288b8273c861d17db5fa1e4a
AUX ejabberd-2.1.4-mod_shared_roster_ldap.patch 418 RMD160 a810f3b5c23e5985aed699a68e32c749494e021d SHA1 4276671d435c04ab00ec7b6e2d5f0acb58845753 SHA256 72fb86c7be4a62518f0de7a42b77ea4ba3cf858247636a34b3f267862e1dc624
AUX ejabberd-2.1.5-md2-optional.patch 6794 RMD160 0194fcb2b9e8add51256355d4a4c9548eb8eb031 SHA1 acde0e849cb626d0ba9184aaf9e995c9a06bd625 SHA256 c3414cf40f17f73dbf21f67b9ccb4e7d84b14a634848cf36960f3b51e21d0c9a
@@ -15,15 +12,11 @@ AUX ssl.cnf 1042 RMD160 47d2542942fb21f4be1e827d47eb4e0468e73910 SHA1 7347bae5a1
DIST 2.1.1-mod_statsdx.patch.bz2 13041 RMD160 9cc6d71ff2a2d58b0e377a3facb564d22d46af25 SHA1 4ef326eff97283530ee137613c009fe132312644 SHA256 a290217d7fd2c338d9ddba73e25ee052a3735d7168aafd24750de113f43ebc5f
DIST ejabberd-2.1.5.tar.gz 2278008 RMD160 7abd6bc4a03f68d03e13ee8c1ff3a5fee6098dc6 SHA1 8966d6752219c9386f48a5b8e1f2f8fb0e7477ae SHA256 31a46228c6933d7c24435753300a4d2ae2e84568a6097175dc5d4e553299dd9d
DIST ejabberd-2.1.6.tar.gz 2874967 RMD160 9b6ed4986ffcd1ea90d23770e54cb002bc52304c SHA1 a1afbfc270f8e4c945bd91f64b7073781590535b SHA256 b54886b119a0ae9f19c8dd91a18e85e518fbd979d47812bee582e872cfbc3544
+DIST ejabberd-2.1.8.tar.gz 3382833 RMD160 24d3042565a8631447bbf56f998f3a2377c23822 SHA1 3f8ecc944e0719577bfc45a68e974b1945ffa296 SHA256 dedf7684f9e96efbbc12f08f175096ef50b3f75b284bd27d172eaf75cecded7f
+DIST ejabberd-mod_statsdx-1080.patch.gz 14024 RMD160 eb40aa4c3b7b4529a317c8b521a883d156f90ce9 SHA1 ba669e917393b4400878613464ff83a84ff414da SHA256 0f3a3a991c14d797e795ef4fffcf19aa9a54608f5053b759187ec7d3696b9edb
DIST mod_shared_roster_ldap-0.5.1.tgz 607758 RMD160 5669a3d16fbca4d399e85a7d0dfda71643e6e2c7 SHA1 a9498d26e17752b882b3341b633d1804075d74ef SHA256 60e4ba0921d1ac65f9cca04fa2a7a3bbe3a9af52a26ad1a4fca4a3c6f1f0cc19
EBUILD ejabberd-2.1.5.ebuild 8363 RMD160 7c23c35b3d3f41bb7e8947d7b5d37ab12dc480c6 SHA1 cfa596018e4b544dfb6c52dc1d5defb834822bbe SHA256 cb106a14aab74f7009433707713c3a77b5640cbcb0abb2d2f345ce84c4666581
EBUILD ejabberd-2.1.6.ebuild 7948 RMD160 1c205869f9ef0639f56c32f18aeb5bf271153f8c SHA1 10d11a34ff6675dc1d7761bc3b72f73479a6e6db SHA256 c2ca8d8730e3326fc7b5ab6de5ddfbf09dd87bb2dd00d49cd6bcea4e400dbfe4
-MISC ChangeLog 19299 RMD160 197a4a55ffd74db66f71f5077d7577a480e38084 SHA1 25378353cabdf066284a325896df034bd546e043 SHA256 b7e05f55cdd277ceec40c3f05384c5046b82cc70b85e30331c243a718f2c54d8
+EBUILD ejabberd-2.1.8.ebuild 8104 RMD160 912038ad701a33538a8377c3a2364d8edbae5ac3 SHA1 89fe421b4a03969cded681eb4a89fd3ae67ea212 SHA256 61f7575e9e6260894d4bb351f25a074471213a91cb72c87bb28d29ddc67ba8c2
+MISC ChangeLog 19560 RMD160 f7b5b02a3c1339a0a11b3738042d74de7f3cc550 SHA1 551325ee20b3d4e3ca1fb977efec3aada77d1982 SHA256 7d0686e5c37b582841a8355efb484de3fb8cc64ebcec268f524c74d51f7a3b7e
MISC metadata.xml 929 RMD160 3a456c8945da34e417ca2fb659807a280b834f85 SHA1 a7b3173f8b63655c049881629e1354c71ddd633e SHA256 4d46909fd72908dff8698bb9dfcf60132e973b28eabbfe75001397ed349ff11b
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.17 (GNU/Linux)
-
-iEYEARECAAYFAk2MekMACgkQnZsgo/h8kNaUEQCfbPDzs/rgoosxOaL6LKIb5Tjo
-Y28AoJT7HwCutS7B5NOYdZuuGcOnHZIc
-=4vTH
------END PGP SIGNATURE-----
diff --git a/net-im/ejabberd/ejabberd-2.1.8.ebuild b/net-im/ejabberd/ejabberd-2.1.8.ebuild
new file mode 100644
index 000000000000..5258d77b1145
--- /dev/null
+++ b/net-im/ejabberd/ejabberd-2.1.8.ebuild
@@ -0,0 +1,214 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-im/ejabberd/ejabberd-2.1.8.ebuild,v 1.1 2011/06/14 11:42:16 pva Exp $
+
+EAPI=4
+
+inherit eutils multilib pam ssl-cert
+
+DESCRIPTION="The Erlang Jabber Daemon"
+HOMEPAGE="http://www.ejabberd.im/"
+SRC_URI="http://www.process-one.net/downloads/${PN}/${PV}/${P}.tar.gz
+ mod_statsdx? ( mirror://gentoo/ejabberd-mod_statsdx-1080.patch.gz )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~ia64 ~ppc ~sparc ~x86"
+EJABBERD_MODULES="mod_irc mod_muc mod_proxy65 mod_pubsub mod_statsdx"
+IUSE="captcha debug ldap odbc pam +web zlib ${EJABBERD_MODULES}"
+
+DEPEND=">=net-im/jabber-base-0.01
+ >=dev-libs/expat-1.95
+ >=dev-lang/erlang-12.2.5[ssl]
+ odbc? ( dev-db/unixODBC )
+ ldap? ( =net-nds/openldap-2* )
+ >=dev-libs/openssl-0.9.8e
+ captcha? ( media-gfx/imagemagick[truetype,png] )
+ zlib? ( sys-libs/zlib )"
+#>=sys-apps/shadow-4.1.4.2-r3 - fixes bug in su that made ejabberdctl unworkable.
+RDEPEND="${DEPEND}
+ >=sys-apps/shadow-4.1.4.2-r3
+ pam? ( virtual/pam )"
+
+S=${WORKDIR}/${P}/src
+
+# paths in net-im/jabber-base
+JABBER_ETC="${EPREFIX}/etc/jabber"
+#JABBER_RUN="/var/run/jabber"
+JABBER_SPOOL="${EPREFIX}/var/spool/jabber"
+JABBER_LOG="${EPREFIX}/var/log/jabber"
+JABBER_DOC="${EPREFIX}/usr/share/doc/${PF}"
+
+src_prepare() {
+ if use mod_statsdx; then
+ ewarn "mod_statsdx is not a part of upstream tarball but is a third-party module"
+ ewarn "taken from here: http://www.ejabberd.im/mod_stats2file"
+ epatch "${WORKDIR}/2.1.1-mod_statsdx.patch"
+ fi
+
+ # don't install release notes (we'll do this manually)
+ sed '/install .* [.][.]\/doc\/[*][.]txt $(DOCDIR)/d' -i Makefile.in || die
+ # Set correct paths
+ sed -e "/^EJABBERDDIR[[:space:]]*=/{s:ejabberd:${PF}:}" \
+ -e "/^ETCDIR[[:space:]]*=/{s:@sysconfdir@/ejabberd:${JABBER_ETC}:}" \
+ -e "/^LOGDIR[[:space:]]*=/{s:@localstatedir@/log/ejabberd:${JABBER_LOG}:}" \
+ -e "/^SPOOLDIR[[:space:]]*=/{s:@localstatedir@/lib/ejabberd:${JABBER_SPOOL}:}" \
+ -i Makefile.in || die
+ sed -e "/EJABBERDDIR=/{s:ejabberd:${PF}:}" \
+ -e "s|\(ETCDIR=\)@SYSCONFDIR@.*|\1${JABBER_ETC}|" \
+ -e "s|\(LOGS_DIR=\)@LOCALSTATEDIR@.*|\1${JABBER_LOG}|" \
+ -e "s|\(SPOOLDIR=\)@LOCALSTATEDIR@.*|\1${JABBER_SPOOL}|" \
+ -i ejabberdctl.template || die
+
+ # Set shell, so it'll work even in case jabber user have no shell
+ # This is gentoo specific I guess since other distributions may have
+ # ejabberd user with reall shell, while we share this user among different
+ # jabberd implementations.
+ sed '/^HOME/aSHELL=/bin/sh' -i ejabberdctl.template || die
+ sed '/^export HOME/aexport SHELL' -i ejabberdctl.template || die
+
+ #sed -e "s:/share/doc/ejabberd/:${JABBER_DOC}:" -i web/ejabberd_web_admin.erl
+
+ # fix up the ssl cert paths in ejabberd.cfg to use our cert
+ sed -e "s:/path/to/ssl.pem:/etc/ssl/ejabberd/server.pem:g" \
+ -i ejabberd.cfg.example || die "Failed sed ejabberd.cfg.example"
+
+ # correct path to captcha script in default ejabberd.cfg
+ sed -e 's|\({captcha_cmd,[[:space:]]*"\).\+"}|\1/usr/'$(get_libdir)'/erlang/lib/'${P}'/priv/bin/captcha.sh"}|' \
+ -i ejabberd.cfg.example || die "Failed sed ejabberd.cfg.example"
+
+ # disable mod_irc in ejabberd.cfg
+ if ! use mod_irc; then
+ sed -i -e "s/{mod_irc,/%{mod_irc,/" \
+ -i ejabberd.cfg.example || die "Failed to disable mod_irc"
+ fi
+
+}
+
+src_configure() {
+ econf \
+ --docdir="${EPREFIX}/usr/share/doc/${PF}/html" \
+ --libdir="${EPREFIX}/usr/$(get_libdir)/erlang/lib/" \
+ $(use_enable mod_irc) \
+ $(use_enable ldap eldap) \
+ $(use_enable mod_muc) \
+ $(use_enable mod_proxy65) \
+ $(use_enable mod_pubsub) \
+ $(use_enable web) \
+ $(use_enable odbc) \
+ $(use_enable zlib ejabberd_zlib) \
+ $(use_enable pam) \
+ --enable-user=jabber
+}
+
+src_compile() {
+ emake $(use debug && echo debug=true ejabberd_debug=true) || die "compiling ejabberd core failed"
+}
+
+src_install() {
+ emake DESTDIR="${ED}" install || die "install failed"
+
+ # Pam helper module permissions
+ # http://www.process-one.net/docs/ejabberd/guide_en.html
+ if use pam; then
+ pamd_mimic_system xmpp auth account || die "Cannot create pam.d file"
+ fowners root:jabber "/usr/$(get_libdir)/erlang/lib/${PF}/priv/bin/epam" || die
+ fperms 4750 "/usr/$(get_libdir)/erlang/lib/${PF}/priv/bin/epam" || die "Cannot adjust epam permissions"
+ fi
+
+ cd "${WORKDIR}/${P}/doc"
+ dodoc "release_notes_${PV%%_rc*}.txt" || die
+
+ #dodir /var/lib/ejabberd
+ newinitd "${FILESDIR}/${PN}-3.initd" ${PN} || die "Cannot install init.d script"
+ newconfd "${FILESDIR}/${PN}-3.confd" ${PN} || die "Cannot install conf.d file"
+}
+
+pkg_postinst() {
+ elog "For configuration instructions, please see"
+ elog "/usr/share/doc/${PF}/html/guide.html, or the online version at"
+ elog "http://www.process-one.net/en/ejabberd/docs/guide_en/"
+
+ if ! use web ; then
+ ewarn
+ ewarn "The web USE flag is off, this has disabled the web admin interface."
+ ewarn
+ fi
+
+ elog
+ elog '===================================================================='
+ elog 'Quick Start Guide:'
+ elog '1) Add output of `hostname -f` to /etc/jabber/ejabberd.cfg line 91'
+ elog ' {hosts, ["localhost", "thehost"]}.'
+ elog '2) Add an admin user to /etc/jabber/ejabberd.cfg line 360'
+ elog ' {acl, admin, {user, "theadmin", "thehost"}}.'
+ elog '3) Start the server'
+ elog ' # /etc/init.d/ejabberd start'
+ elog '4) Register the admin user'
+ elog ' # /usr/sbin/ejabberdctl register theadmin thehost thepassword'
+ elog '5) Log in with your favourite jabber client or using the web admin'
+
+ # Upgrading from ejabberd-2.0.x:
+ if grep -E '^[^#]*EJABBERD_NODE=' "${EROOT}/etc/conf.d/ejabberd" >/dev/null 2>&1; then
+ source "${EROOT}/etc/conf.d/ejabberd"
+ ewarn
+ ewarn "!!! WARNING !!! WARNING !!! WARNING !!! WARNING !!!"
+ ewarn "Starting with 2.1.x some paths and configuration files were"
+ ewarn "changed to reflect upstream intentions better. Notable changes are:"
+ ewarn
+ ewarn "1. Everything (even init scripts) is now handled with ejabberdctl script."
+ ewarn "Thus main configuration file became /etc/jabberd/ejabberdctl.cfg"
+ ewarn "You must update ERLANG_NODE there with the value of EJABBERD_NODE"
+ ewarn "from /etc/conf.d/ejebberd or ejabberd will refuse to start."
+ ewarn
+ ewarn "2. SSL certificate is now generated with ssl-cert eclass and resides"
+ ewarn "at standard location: /etc/ssl/ejabberd/server.pem."
+ ewarn
+ ewarn "3. Cookie now resides at /var/spool/jabber/.erlang.cookie"
+ ewarn
+ ewarn "4. /var/log/jabber/sasl.log is now /var/log/jabber/erlang.log"
+ ewarn
+ ewarn "5. Crash dumps (if any) will be located at /var/log/jabber"
+
+ local i ctlcfg new_ctlcfg
+ i=0
+ ctlcfg=${EROOT}/etc/jabber/ejabberdctl.cfg
+ while :; do
+ new_ctlcfg=$(printf "${EROOT}/etc/jabber/._cfg%04d_ejabberdctl.cfg" ${i})
+ [[ ! -e ${new_ctlcfg} ]] && break
+ ctlcfg=${new_ctlcfg}
+ ((i++))
+ done
+
+ ewarn
+ ewarn "Updating ${ctlcfg} (debug: ${new_ctlcfg})"
+ sed -e "/#ERLANG_NODE=/aERLANG_NODE=$EJABBERD_NODE" "${ctlcfg}" > "${new_ctlcfg}" || die
+
+ if [[ -e ${EROOT}/var/run/jabber/.erlang.cookie ]]; then
+ ewarn "Moving .erlang.cookie..."
+ if [[ -e ${EROOT}/var/spool/jabber/.erlang.cookie ]]; then
+ mv -v "${EROOT}"/var/spool/jabber/.erlang.cookie{,bak}
+ fi
+ mv -v "${EROOT}"/var/{run/jabber,spool/jabber}/.erlang.cookie
+ fi
+ ewarn
+ ewarn "We'll try to handle upgrade automagically but, please, do your"
+ ewarn "own checks and do not forget to run 'etc-update'!"
+ ewarn "PLEASE! Run 'etc-update' now!"
+ fi
+
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Ejabberd XMPP Server}"
+ install_cert /etc/ssl/ejabberd/server
+ # Fix ssl cert permissions bug #369809
+ chown root:jabber "${EROOT}/etc/ssl/ejabberd/server.pem"
+ chmod 0440 "${EROOT}/etc/ssl/ejabberd/server.pem"
+ if [[ -e ${EROOT}/etc/jabber/ssl.pem ]]; then
+ ewarn
+ ewarn "The location of SSL certificates has changed. If you are"
+ ewarn "upgrading from ${CATEGORY}/${PN}-2.0.5* or earlier you might"
+ ewarn "want to move your old certificates from /etc/jabber into"
+ ewarn "/etc/ssl/ejabberd/, update config files and"
+ ewarn "rm /etc/jabber/ssl.pem to avoid this message."
+ ewarn
+ fi
+}