net-ftp/vsftpd: sync with portage version

This also solves EAPI deprecation problem.

Bug: https://bugs.gentoo.org/797016
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>

6 files changed, 105 insertions, 61 deletions

diff --git a/net-ftp/vsftpd/Manifest b/net-ftp/vsftpd/Manifest
index b49b2e8..09616ff 100644
--- a/net-ftp/vsftpd/Manifest
+++ b/net-ftp/vsftpd/Manifest
@@ -1 +1 @@
-DIST vsftpd-3.0.3.tar.gz 196649 SHA256 9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7 SHA512 5a4410a88e72ecf6f60a60a89771bcec300c9f63c2ea83b219bdf65fd9749b9853f9579f7257205b55659aefcd5dab243eba878dbbd4f0ff8532dd6e60884df7 WHIRLPOOL 014b13a1031d89a12412fb1abc808c8d62f474b84e9d1699ec789e99c9b9ec7f4538e7504caa810c6b77dcccea8fc0e32e9bb3ac5ffc8e2e9a29f67b69ddc3cb
+DIST vsftpd-3.0.4.tar.gz 197637 SHA256 6b9421bd27e8a6cdeed5b31154f294a20b003a11a26c09500715a0a6b1b86a26 SHA512 a4c3b28ef7bd762dcfe53f5c9b68fc1bb371d2eb61dc88038959cc9f5efba8cc2c45a15956a7fddbac3b1ce03d8555df8fb7b86300e273a78e632f3dac15c2e3 WHIRLPOOL 4da5f5e6e6accdd6d37ee00b5024f873a842ea6415fd2fd7156d3bd5124bb59f59dd329e47651057c45007cc9ec586e20d381633e83299db83212e76ebf1b91b
diff --git a/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch b/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch
new file mode 100644
index 0000000..9bae9c0
--- /dev/null
+++ b/net-ftp/vsftpd/files/vsftpd-3.0.3-sparc.patch
@@ -0,0 +1,16 @@
+Workaround clone syscall mishandling.
+
+https://bugs.gentoo.org/630704
+--- a/sysdeputil.c	2017-09-11 11:38:06.522229630 +0200
++++ b/sysdeputil.c	2017-09-11 11:38:10.422229500 +0200
+@@ -67,7 +67,9 @@
+ #if defined(__linux__)
+   #include <errno.h>
+   #include <syscall.h>
+-  #define VSF_SYSDEP_HAVE_LINUX_CLONE
++  #ifndef __sparc__
++    #define VSF_SYSDEP_HAVE_LINUX_CLONE
++  #endif
+   #include <sched.h>
+   #ifndef CLONE_NEWPID
+     #define CLONE_NEWPID 0x20000000
diff --git a/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch b/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch
new file mode 100644
index 0000000..75e0e3e
--- /dev/null
+++ b/net-ftp/vsftpd/files/vsftpd-3.0.4-dont-link-caps.patch
@@ -0,0 +1,17 @@
+--- a/vsf_findlibs.sh
++++ b/vsf_findlibs.sh
+@@ -47,14 +47,6 @@
+ # For older HP-UX...
+ locate_library /usr/lib/libsec.sl && echo "-lsec";
+ 
+-# Look for libcap (capabilities)
+-# Note that link may fail with:
+-# /usr/bin/ld: cannot find -lcap
+-# If the libcap-devel package isn't installed.
+-locate_library /usr/lib/libcap.so && echo "-lcap";
+-locate_library /lib/libcap.so && echo "-lcap";
+-locate_library /lib64/libcap.so && echo "-lcap";
+-
+ # Solaris needs this for nanosleep()..
+ locate_library /lib/libposix4.so && echo "-lposix4";
+ locate_library /usr/lib/libposix4.so && echo "-lposix4";
diff --git a/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch b/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch
new file mode 100644
index 0000000..10266e3
--- /dev/null
+++ b/net-ftp/vsftpd/files/vsftpd-disable-seccomp-sandbox.patch
@@ -0,0 +1,15 @@
+Disable buggy seccomp sandbox code by default
+
+Bug: https://bugs.gentoo.org/443898
+
+--- a/tunables.c
++++ b/tunables.c
+@@ -226,7 +226,7 @@
+   tunable_isolate_network = 1;
+   tunable_ftp_enable = 1;
+   tunable_http_enable = 0;
+-  tunable_seccomp_sandbox = 1;
++  tunable_seccomp_sandbox = 0;
+   tunable_allow_writeable_chroot = 0;
+ 
+   tunable_accept_timeout = 60;
diff --git a/net-ftp/vsftpd/metadata.xml b/net-ftp/vsftpd/metadata.xml
index df9322c..7a38bb9 100644
--- a/net-ftp/vsftpd/metadata.xml
+++ b/net-ftp/vsftpd/metadata.xml
@@ -1,25 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<maintainer type="person">
-		<email>hwoarang@gentoo.org</email>
-		<name>Markos Chandras</name>
-	</maintainer>
-	<maintainer type="person">
-		<email>wired@gentoo.org</email>
-		<name>Alex Alexander</name>
-	</maintainer>
-	<maintainer type="person">
-		<email>bugs@bergstroem.nu</email>
-		<name>Johan Bergström</name>
-		<description>Proxy Maintainer. CC him on bugs</description>
-	</maintainer>
-	<maintainer type="project">
-		<email>proxy-maint@gentoo.org</email>
-		<name>Proxy Maintainers</name>
-	</maintainer>
-	<longdescription lang="en">
-		Very Secure FTP Daemon written with speed, size and security
-		in mind
-	</longdescription>
+	<!-- maintainer-needed -->
 </pkgmetadata>
diff --git a/net-ftp/vsftpd/vsftpd-3.0.3.ebuild b/net-ftp/vsftpd/vsftpd-3.0.4.ebuild
index 3b6678d..43a413a 100644
--- a/net-ftp/vsftpd/vsftpd-3.0.3.ebuild
+++ b/net-ftp/vsftpd/vsftpd-3.0.4.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2021 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI="4"
+EAPI=7
 
-inherit eutils systemd toolchain-funcs
+inherit systemd toolchain-funcs
 
 DESCRIPTION="Very Secure FTP Daemon written with speed, size and security in mind"
 HOMEPAGE="http://vsftpd.beasts.org/"
@@ -11,55 +11,71 @@ SRC_URI="http://security.appspot.com/downloads/${P}.tar.gz"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86"
 IUSE="caps pam tcpd ssl selinux xinetd"
 
 DEPEND="caps? ( >=sys-libs/libcap-2 )
-	pam? ( virtual/pam )
+	pam? ( sys-libs/pam )
 	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
-	ssl? ( >=dev-libs/openssl-0.9.7d )"
+	ssl? ( dev-libs/openssl:0= )"
 RDEPEND="${DEPEND}
 	net-ftp/ftpbase
 	selinux? ( sec-policy/selinux-ftp )
 	xinetd? ( sys-apps/xinetd )"
 
-src_prepare() {
+PATCHES=(
 	# kerberos patch. bug #335980
-	epatch "${FILESDIR}/${PN}-2.3.2-kerberos.patch"
+	"${FILESDIR}/${PN}-2.3.2-kerberos.patch"
 
 	# Patch the source, config and the manpage to use /etc/vsftpd/
-	epatch "${FILESDIR}/${PN}-2.3.5-gentoo.patch"
+	"${FILESDIR}/${PN}-2.3.5-gentoo.patch"
 
 	# Fix building without the libcap
-	epatch "${FILESDIR}/${PN}-2.1.0-caps.patch"
+	"${FILESDIR}/${PN}-2.1.0-caps.patch"
 
 	# Fix building on alpha. Bug #405829
-	epatch "${FILESDIR}/${PN}-3.0.2-alpha.patch"
+	"${FILESDIR}/${PN}-3.0.2-alpha.patch"
+
+	# Bug #335977
+	"${FILESDIR}"/${PN}-3.0.0-Makefile.patch
+
+	# Bug #450536
+	"${FILESDIR}"/${PN}-3.0.2-remove-legacy-cap.patch
+
+	# Bug #630704
+	"${FILESDIR}"/${PN}-3.0.3-sparc.patch
 
 	# Fix unicode logging
-	epatch "${FILESDIR}/${PN}-2.2.0-logging.patch"
+	"${FILESDIR}/${PN}-2.2.0-logging.patch"
 
+	# https://bugs.gentoo.org/443898
+	#"${FILESDIR}"/vsftpd-disable-seccomp-sandbox.patch
+)
+
+src_prepare() {
 	# Configure vsftpd build defaults
-	use tcpd && echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h
-	use ssl && echo "#define VSF_BUILD_SSL" >> builddefs.h
-	use pam || echo "#undef VSF_BUILD_PAM" >> builddefs.h
+	if use tcpd ; then
+		echo "#define VSF_BUILD_TCPWRAPPERS" >> builddefs.h || die
+	fi
+
+	if use ssl ; then
+		echo "#define VSF_BUILD_SSL" >> builddefs.h || die
+	fi
+
+	if ! use pam; then
+		echo "#undef VSF_BUILD_PAM" >> builddefs.h || die
+	fi
 
 	# Ensure that we don't link against libcap unless asked
 	if ! use caps ; then
 		sed -i '/^#define VSF_SYSDEP_HAVE_LIBCAP$/ d' sysdeputil.c || die
-		epatch "${FILESDIR}"/${PN}-2.2.0-dont-link-caps.patch
+		eapply "${FILESDIR}"/${PN}-3.0.4-dont-link-caps.patch
 	fi
 
 	# Let portage control stripping
 	sed -i '/^LINK[[:space:]]*=[[:space:]]*/ s/-Wl,-s//' Makefile || die
 
-	#Bug #335977
-	epatch "${FILESDIR}"/${PN}-3.0.0-Makefile.patch
-
-	#Bug #450536
-	epatch "${FILESDIR}"/${PN}-3.0.2-remove-legacy-cap.patch
-
-	epatch_user
+	default
 }
 
 src_compile() {
@@ -70,54 +86,54 @@ src_compile() {
 	use tcpd && LIBS+=" -lwrap"
 	use ssl && LIBS+=" -lssl -lcrypto"
 
-	CFLAGS="${CFLAGS}" \
-	CC="$(tc-getCC)" \
-	emake LIBS="${LIBS}"
+	tc-export CC
+
+	CFLAGS="${CFLAGS}" emake LIBS="${LIBS}"
 }
 
 src_install() {
 	into /usr
 	doman ${PN}.conf.5 ${PN}.8
-	dosbin ${PN} || die "disbin failed"
+	dosbin ${PN}
 
 	dodoc AUDIT BENCHMARKS BUGS Changelog FAQ \
 		README README.security REWARD SIZE \
-		SPEED TODO TUNING || die "dodoc failed"
+		SPEED TODO TUNING
 	newdoc ${PN}.conf ${PN}.conf.example
 
 	docinto security
-	dodoc SECURITY/* || die "dodoc failed"
+	dodoc SECURITY/*
 
-	insinto "/usr/share/doc/${PF}/examples"
-	doins -r EXAMPLE/* || die "doins faileD"
+	docinto examples
+	dodoc -r EXAMPLE/*
 
 	insinto /etc/${PN}
 	newins ${PN}.conf{,.example}
 
 	insinto /etc/logrotate.d
-	newins "${FILESDIR}/${PN}.logrotate" ${PN}
+	newins "${FILESDIR}"/${PN}.logrotate ${PN}
 
 	if use xinetd ; then
 		insinto /etc/xinetd.d
-		newins "${FILESDIR}/${PN}.xinetd" ${PN}
+		newins "${FILESDIR}"/${PN}.xinetd ${PN}
 	fi
 
-	newinitd "${FILESDIR}/${PN}.init" ${PN}
+	newinitd "${FILESDIR}"/${PN}.init ${PN}
 
 	keepdir /usr/share/${PN}/empty
 
 	exeinto /usr/libexec
-	doexe "${FILESDIR}/vsftpd-checkconfig.sh"
-	systemd_dounit "${FILESDIR}/${PN}.service"
-	systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service"
-	systemd_dounit "${FILESDIR}/${PN}.socket"
+	doexe "${FILESDIR}"/vsftpd-checkconfig.sh
+	systemd_dounit "${FILESDIR}"/${PN}.service
+	systemd_newunit "${FILESDIR}"/${PN}_at.service "${PN}@.service"
+	systemd_dounit "${FILESDIR}"/${PN}.socket
 }
 
 pkg_preinst() {
 	# If we use xinetd, then we set listen=NO
 	# so that our default config works under xinetd - fixes #78347
 	if use xinetd ; then
-		sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/${PN}/${PN}.conf.example
+		sed -i 's/listen=YES/listen=NO/g' "${D}"/etc/${PN}/${PN}.conf.example || die
 	fi
 }