diff options
| -rw-r--r-- | net-analyzer/ntop/ChangeLog | 10 | ||||
| -rw-r--r-- | net-analyzer/ntop/files/ntop-3.3.10-CVE-2009-2732.patch | 12 | ||||
| -rw-r--r-- | net-analyzer/ntop/ntop-3.3.10-r2.ebuild | 123 |
3 files changed, 143 insertions, 2 deletions
diff --git a/net-analyzer/ntop/ChangeLog b/net-analyzer/ntop/ChangeLog index 843a905f0f31..c553e21a62f3 100644 --- a/net-analyzer/ntop/ChangeLog +++ b/net-analyzer/ntop/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-analyzer/ntop -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ChangeLog,v 1.87 2009/09/27 14:33:55 ranger Exp $ +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ChangeLog,v 1.88 2010/01/18 12:53:30 jer Exp $ + +*ntop-3.3.10-r2 (18 Jan 2010) + + 18 Jan 2010; Jeroen Roovers <jer@gentoo.org> +ntop-3.3.10-r2.ebuild, + +files/ntop-3.3.10-CVE-2009-2732.patch: + Bump to apply security fix (bug #281956). 27 Sep 2009; Brent Baude <ranger@gentoo.org> ntop-3.3.10-r1.ebuild: Marking ntop-3.3.10-r1 ppc64 for bug 282063 diff --git a/net-analyzer/ntop/files/ntop-3.3.10-CVE-2009-2732.patch b/net-analyzer/ntop/files/ntop-3.3.10-CVE-2009-2732.patch new file mode 100644 index 000000000000..c8a74a58e444 --- /dev/null +++ b/net-analyzer/ntop/files/ntop-3.3.10-CVE-2009-2732.patch @@ -0,0 +1,12 @@ +--- http.c~ 2007-06-09 16:33:45.000000000 +0200 ++++ http.c 2009-09-27 09:50:56.420394637 +0200 +@@ -3377,8 +3377,8 @@ static int checkHTTPpassword(char *theRe + + i = decodeString(thePw, (unsigned char*)outBuffer, sizeof(outBuffer)); + +- if(i == 0) { + user = "", thePw[0] = '\0'; ++ if(i == 0) { + outBuffer[0] = '\0'; + } else { + outBuffer[i] = '\0'; diff --git a/net-analyzer/ntop/ntop-3.3.10-r2.ebuild b/net-analyzer/ntop/ntop-3.3.10-r2.ebuild new file mode 100644 index 000000000000..f210df0fc6bb --- /dev/null +++ b/net-analyzer/ntop/ntop-3.3.10-r2.ebuild @@ -0,0 +1,123 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ntop-3.3.10-r2.ebuild,v 1.1 2010/01/18 12:53:30 jer Exp $ + +EAPI="2" + +inherit eutils autotools + +DESCRIPTION="Network traffic analyzer with web interface" +HOMEPAGE="http://www.ntop.org/ntop.html" +SRC_URI="mirror://sourceforge/ntop/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ipv6 ssl tcpd" +#snmp support is disabled + +#snmp? ( net-analyzer/net-snmp ) +COMMON_DEPEND="sys-apps/gawk + dev-lang/perl + sys-libs/gdbm + dev-libs/libevent + net-libs/libpcap + media-libs/gd + media-libs/libpng + net-analyzer/rrdtool + ssl? ( dev-libs/openssl ) + tcpd? ( sys-apps/tcp-wrappers ) + sys-libs/zlib + >=dev-libs/geoip-1.4.5 + >=dev-lang/lua-5.1.4" +DEPEND="${COMMON_DEPEND} + >=sys-devel/libtool-1.4" + +# Needed by xmldumpPlugin - couldn't get it to work +# dev-libs/gdome2 +# >=dev-libs/glib-2" +RDEPEND="${COMMON_DEPEND} + media-fonts/corefonts + media-gfx/graphviz + net-misc/wget + app-arch/gzip" + +pkg_setup() { + # snmp doesn't compile in this release, disabled for now + #if use snmp ; then + # ewarn "snmp plugin is under development and upstream does not recommend" + # ewarn "it for usage in production environment." + # if ! use ipv6 ; then + # echo + # eerror "snmp plugin has compilation problems without ipv6 support." + # eerror "For additional information see bug #121497." + # die "snmp without ipv6 is broken" + # else + # if ! built_with_use net-analyzer/net-snmp ipv6 ; then + # echo + # eerror "You have both ipv6 and snmp enabled." + # eerror "This require ipv6 support in net-analyzer/net-snmp." + # eerror "However, net-analyzer/net-snmp was compiled with ipv6 flag disabled." + # eerror "Please, re-emerge net-analyzer/net-snmp with USE=\"ipv6\"." + # die "net-analyzer/net-snmp was build without ipv6." + # fi + # fi + #fi + + enewgroup ntop + enewuser ntop -1 -1 /var/lib/ntop ntop +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + cat acinclude.m4.in acinclude.m4.ntop > acinclude.m4 + eautoreconf + + epatch "${FILESDIR}"/${P}-CVE-2009-2732.patch +} + +src_configure() { + # force disable xmldumpPlugin + export \ + ac_cv_header_glib_h=no \ + ac_cv_header_glibconfig_h=no \ + ac_cv_header_gdome_h=no \ + ac_cv_lib_glib_g_date_julian=no \ + ac_cv_lib_xml2_xmlCheckVersion=no \ + ac_cv_lib_gdome_gdome_di_saveDocToFile=no + + econf \ + $(use_enable ipv6) \ + $(use_with ssl) $(use_enable ssl sslwatchdog) \ + $(use_with tcpd tcpwrap) \ + --with-rrd-home=/usr/lib \ + --disable-snmp \ + || die "configure problem" + # $(use_enable snmp) +} + +src_install() { + LC_ALL=C # apparently doesn't work with some locales (#191576 and #205382) + emake DESTDIR="${D}" install || die "install problem" + + keepdir /var/lib/ntop && + fowners ntop:ntop /var/lib/ntop && + fperms 750 /var/lib/ntop || + die "failed to prepare /var/lib/ntop dir" + + dodoc AUTHORS CONTENTS ChangeLog MANIFESTO NEWS + dodoc PORTING README SUPPORT_NTOP.txt THANKS $(find docs -type f) + + newinitd "${FILESDIR}"/ntop-initd ntop + newconfd "${FILESDIR}"/ntop-confd ntop + + exeinto /etc/cron.monthly + doexe "${FILESDIR}"/ntop-update-geoip-db +} + +pkg_postinst() { + elog "If this is the first time you install ntop, you need to run" + elog "following commands before starting ntop service:" + elog " ntop --set-admin-password" + elog " /etc/cron.monthly/ntop-update-geoip-db" +} |