net-ftp/pure-ftpd: migrate to stand-alone configuration

This bump changed at lot of things: * Deprecating configuration via 'conf.d', since not all option are available via command line. User will be informed about this. * Using '/etc/pure-ftpd.conf' as main configuration file, since more option are available here. * Adding pure-certd init script and config script for using SNI via FTP * Splitting Uploadscript into it's own init script * Simplified init script by removing much old stuff, which it seems, that it's not needed any more today. At least in my tests. * Adding SVCNAME support. * Removed sed for MAX_USER_LENGTH, as it's already default * Removed DOCS for default docs * Removed keepdir, since it looks like it's not needed anymore * Overhauled eBuild Signed-off-by: Conrad Kostecki <conikost@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/24592 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
author: Conrad Kostecki <conikost@gentoo.org> 2022-03-27 03:31:32 +0200
committer: Lars Wendler <polynomial-c@gentoo.org> 2022-04-16 15:45:00 +0200
commit: 3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6 (patch)
tree: 8e5994e6ee117d971338b18a32235b64e00a6678 /net-ftp
parent: app-office/lyx: Keyword 2.3.6.1-r1 riscv, #838088 (diff)
download: gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.gz
gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.bz2
gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.zip
8 files changed, 329 insertions, 45 deletions
diff --git a/net-ftp/pure-ftpd/files/pure-certd.initd b/net-ftp/pure-ftpd/files/pure-certd.initd
new file mode 100644
index 000000000000..1d254e5274a9
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-certd.initd
@@ -0,0 +1,19 @@
+#!/sbin/openrc-run
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+certd_scriptfile="/etc/${SVCNAME}.sh"
+certd_socketfile="/run/${SVCNAME}.sock"
+pidfile="/run/pure-certd.pid"
+
+command="/usr/sbin/pure-certd"
+command_args="--pidfile ${pidfile} --run ${certd_scriptfile} --socket ${certd_socketfile}"
+command_background="true"
+
+start_pre() {
+	if [ ! -f "${certd_scriptfile}" ] ; then
+		eerror "The file ${certd_scriptfile} does not exist!"
+		eerror "Please create and configure the script."
+		return 1
+	fi
+}
diff --git a/net-ftp/pure-ftpd/files/pure-certd.script b/net-ftp/pure-ftpd/files/pure-certd.script
new file mode 100644
index 000000000000..77aa1bf9f702
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-certd.script
@@ -0,0 +1,27 @@
+#!/bin/sh
+# Copyright 1999-2022 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+# Set default ssl directory
+SSL_DIR="/etc/ssl/pure-ftpd"
+
+# Check SNI and select certificate
+case "${CERTD_SNI_NAME}" in
+	domain1.tld)
+		FILE_CERT="${SSL_DIR}/domain1.tld.crt"
+		FILE_KEY="${SSL_DIR}/domain1.tld.key"
+	;;
+
+	domain2.tld)
+		FILE_CERT="${SSL_DIR}/domain2.tld.crt"
+		FILE_KEY="${SSL_DIR}/domain2.tld.key"
+	;;
+esac
+
+# Print selected certificate for 'pure-certd'.
+# You can modify 'action' for your needs.
+# See man page of 'pure-certd' for more information.
+echo "action:fallback"
+echo "cert_file:${FILE_CERT}"
+echo "key_file:${FILE_KEY}"
+echo "end"
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4 b/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4
new file mode 100644
index 000000000000..d49b6c509c58
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd.confd-r4
@@ -0,0 +1,5 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Optionally depend on started Pure-Certd
+# RC_NEED="pure-certd"
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12 b/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12
new file mode 100644
index 000000000000..c971125784b7
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd.initd-r12
@@ -0,0 +1,23 @@
+#!/sbin/openrc-run
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+ftpd_configfile="/etc/${SVCNAME}.conf"
+pidfile="/run/pure-ftpd.pid"
+
+command="/usr/sbin/pure-ftpd"
+command_args="${ftpd_configfile}"
+command_background="true"
+
+depend() {
+	need localmount
+	use netmount
+}
+
+start_pre() {
+	if [ ! -f "${ftpd_configfile}" ] ; then
+		eerror "The file ${ftpd_configfile} does not exist!"
+		eerror "Please create and configure the configuration file."
+		return 1
+	fi
+}
diff --git a/net-ftp/pure-ftpd/files/pure-uploadscript.confd b/net-ftp/pure-ftpd/files/pure-uploadscript.confd
new file mode 100644
index 000000000000..4b8fca0deb8f
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-uploadscript.confd
@@ -0,0 +1,8 @@
+#!/sbin/openrc-run
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# If you want to process each file uploaded through Pure-FTPd, enter the name
+# of the script that should process the files below.
+# Use man pure-uploadscript to learn more about how to write this script.
+# UPLOADSCRIPT="/path/to/uploadscript"
diff --git a/net-ftp/pure-ftpd/files/pure-uploadscript.initd b/net-ftp/pure-ftpd/files/pure-uploadscript.initd
new file mode 100644
index 000000000000..f0c57742e749
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-uploadscript.initd
@@ -0,0 +1,30 @@
+#!/sbin/openrc-run
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+ftpd_configfile="/etc/${SVCNAME/uploadscript/ftpd}.conf"
+pidfile="/run/pure-uploadscript.pid"
+
+command="/usr/sbin/pure-uploadscript"
+command_args="${UPLOADSCRIPT}"
+command_background="true"
+
+depend() {
+	need localmount
+	use netmount
+}
+
+start_pre() {
+	if [ -n "${UPLOADSCRIPT}" ] ; then
+		eerror "The file ${ftpd_configfile} does not exist!"
+		eerror "Please create and configure the uploadscript file."
+		return 1
+	fi
+
+	if ! grep "^CallUploadScript" "${ftpd_configfile}" ; then
+		eerror "You cannot start this uploadscript,"
+		eerror "unless you enable the option CallUploadScript"
+		eerror "in your main Pure-FTPd configuration file ${ftpd_configfile}"
+		return 1
+	fi
+}
diff --git a/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild b/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild
new file mode 100644
index 000000000000..3d32b367c5cd
--- /dev/null
+++ b/net-ftp/pure-ftpd/pure-ftpd-1.0.50-r2.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit flag-o-matic
+
+DESCRIPTION="Fast, production-quality, standard-conformant FTP server"
+HOMEPAGE="https://www.pureftpd.org/project/pure-ftpd/"
+if [[ "${PV}" == 9999 ]] ; then
+	inherit autotools git-r3
+	EGIT_REPO_URI="https://github.com/jedisct1/pure-ftpd.git"
+else
+	SRC_URI="
+		ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2
+		http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2
+	"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+fi
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="anondel anonperm anonren anonres caps implicittls ldap mysql noiplog pam paranoidmsg postgres resolveids selinux ssl sysquota vchroot xinetd"
+REQUIRED_USE="implicittls? ( ssl )"
+
+DEPEND="
+	dev-libs/libsodium:=
+	virtual/libcrypt:=
+	caps? ( sys-libs/libcap )
+	ldap? ( >=net-nds/openldap-2.0.25:= )
+	mysql? ( || (
+			dev-db/mariadb-connector-c
+			dev-db/mysql-connector-c
+		)
+	)
+	pam? ( sys-libs/pam )
+	postgres? ( dev-db/postgresql:= )
+	ssl? ( dev-libs/openssl:0=[-bindist(-)]	)
+	sysquota? ( sys-fs/quota[-rpc] )
+	xinetd? ( virtual/inetd )
+"
+
+RDEPEND="
+	${DEPEND}
+	net-ftp/ftpbase
+	selinux? ( sec-policy/selinux-ftp )
+"
+
+BDEPEND="sys-devel/autoconf-archive"
+
+PATCHES=( "${FILESDIR}/${PN}-1.0.28-pam.patch" )
+
+src_prepare() {
+	default
+
+	[[ "${PV}" == 9999 ]] && eautoreconf
+}
+
+src_configure() {
+	# Those features are only configurable like this, see bug #179375.
+	use anondel	&& append-cppflags -DANON_CAN_DELETE
+	use anonperm	&& append-cppflags -DANON_CAN_CHANGE_PERMS
+	use anonren	&& append-cppflags -DANON_CAN_RENAME
+	use anonres	&& append-cppflags -DANON_CAN_RESUME
+	use resolveids	&& append-cppflags -DALWAYS_RESOLVE_IDS
+
+	# Do not auto-use SSP -- let the user select this.
+	export ax_cv_check_cflags___fstack_protector_all=no
+
+	local myeconfargs=(
+		--enable-largefile
+		# Required for correct pid file location.
+		# Pure-FTPd appends "/run/pure-ftpd.pid" to the localstatedir
+		# path, and tries to write to that file even when being
+		# started in foreground. So we need to pin this to /
+		--localstatedir="${EPREFIX}"/
+		--with-altlog
+		--with-cookie
+		--with-diraliases
+		--with-extauth
+		--with-ftpwho
+		--with-language=${PUREFTPD_LANG:=english}
+		--with-peruserlimits
+		--with-privsep
+		--with-puredb
+		--with-quotas
+		--with-ratios
+		--with-throttling
+		--with-uploadscript
+		--with-virtualhosts
+		$(use_with implicittls)
+		$(use_with ldap)
+		$(use_with mysql)
+		$(use_with pam)
+		$(use_with paranoidmsg)
+		$(use_with postgres pgsql)
+		$(use_with ssl tls)
+		$(use_with sysquota sysquotas)
+		$(use_with vchroot virtualchroot)
+		$(usex caps '' '--without-capabilities')
+		$(usex noiplog '--without-iplogging' '')
+		$(usex xinetd '' '--without-inetd')
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}/pure-ftpd.initd-r12" pure-ftpd
+	newconfd "${FILESDIR}/pure-ftpd.confd-r4" pure-ftpd
+
+	newinitd "${FILESDIR}/pure-uploadscript.initd" pure-uploadscript
+	newconfd "${FILESDIR}/pure-uploadscript.confd" pure-uploadscript
+
+	if use implicittls ; then
+		sed -e '/^# Bind/s@21@990@' -i "${ED}"/etc/pure-ftpd.conf || die
+	fi
+
+	if use ssl ; then
+		newinitd "${FILESDIR}/pure-certd.initd" pure-certd
+
+		exeinto /etc
+		newexe "${FILESDIR}/pure-certd.script" pure-certd.sh
+	fi
+
+	if use ldap ; then
+		insinto /etc/openldap/schema
+		doins pureftpd.schema
+		insinto /etc/openldap
+		insopts -m 0600
+		doins pureftpd-ldap.conf
+	fi
+
+	if use xinetd  ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/pure-ftpd.xinetd" pure-ftpd
+	fi
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]] ; then
+		# This is a new installation
+		elog
+		elog "Before starting Pure-FTPd, you have to edit the /etc/pure-ftpd.conf file!"
+		elog
+		ewarn "It's *really* important to read the README provided with Pure-FTPd!"
+		ewarn "Check out http://download.pureftpd.org/pub/pure-ftpd/doc/README for general info"
+		ewarn "and http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS for SSL/TLS info."
+		ewarn
+	else
+		for v in ${REPLACING_VERSIONS} ; do
+			if ver_test "${v}" -le "1.0.50" ; then
+				einfo "Configuration through /etc/conf.d/pure-ftpd is now deprecated!"
+				einfo "Please migrate your settings to the new configuration file."
+				einfo "Use /etc/pure-ftpd.conf to adjust your settings."
+			fi
+		done
+	fi
+}
diff --git a/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild b/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild
index 4be40c54c4ef..3d32b367c5cd 100644
--- a/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild
+++ b/net-ftp/pure-ftpd/pure-ftpd-9999.ebuild
@@ -6,66 +6,63 @@ EAPI=8
 inherit flag-o-matic
 
 DESCRIPTION="Fast, production-quality, standard-conformant FTP server"
-HOMEPAGE="http://www.pureftpd.org/"
+HOMEPAGE="https://www.pureftpd.org/project/pure-ftpd/"
 if [[ "${PV}" == 9999 ]] ; then
 	inherit autotools git-r3
 	EGIT_REPO_URI="https://github.com/jedisct1/pure-ftpd.git"
 else
-	SRC_URI="ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2
-		http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2"
+	SRC_URI="
+		ftp://ftp.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2
+		http://download.pureftpd.org/pub/${PN}/releases/${P}.tar.bz2
+	"
 	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
 fi
 
 LICENSE="BSD"
 SLOT="0"
-
 IUSE="anondel anonperm anonren anonres caps implicittls ldap mysql noiplog pam paranoidmsg postgres resolveids selinux ssl sysquota vchroot xinetd"
-
 REQUIRED_USE="implicittls? ( ssl )"
 
-BDEPEND="sys-devel/autoconf-archive"
-
-DEPEND="dev-libs/libsodium:=
+DEPEND="
+	dev-libs/libsodium:=
 	virtual/libcrypt:=
 	caps? ( sys-libs/libcap )
 	ldap? ( >=net-nds/openldap-2.0.25:= )
 	mysql? ( || (
-		dev-db/mariadb-connector-c
-		dev-db/mysql-connector-c
-	) )
+			dev-db/mariadb-connector-c
+			dev-db/mysql-connector-c
+		)
+	)
 	pam? ( sys-libs/pam )
 	postgres? ( dev-db/postgresql:= )
-	ssl? (
-		>=dev-libs/openssl-0.9.6g:0=[-bindist(-)]
-	)
+	ssl? ( dev-libs/openssl:0=[-bindist(-)]	)
 	sysquota? ( sys-fs/quota[-rpc] )
-	xinetd? ( virtual/inetd )"
+	xinetd? ( virtual/inetd )
+"
 
-RDEPEND="${DEPEND}
+RDEPEND="
+	${DEPEND}
 	net-ftp/ftpbase
-	selinux? ( sec-policy/selinux-ftp )"
+	selinux? ( sec-policy/selinux-ftp )
+"
 
-PATCHES=(
-	"${FILESDIR}/${PN}-1.0.28-pam.patch"
-)
+BDEPEND="sys-devel/autoconf-archive"
+
+PATCHES=( "${FILESDIR}/${PN}-1.0.28-pam.patch" )
 
 src_prepare() {
 	default
+
 	[[ "${PV}" == 9999 ]] && eautoreconf
 }
 
 src_configure() {
-	# adjust max user length to something more appropriate
-	# for virtual hosts. See bug #62472 for details.
-	sed -e "s:# define MAX_USER_LENGTH 32U:# define MAX_USER_LENGTH 127U:" \
-		-i "${S}/src/ftpd.h" || die "sed failed"
-
 	# Those features are only configurable like this, see bug #179375.
-	use anondel 	&& append-cppflags -DANON_CAN_DELETE
-	use anonperm 	&& append-cppflags -DANON_CAN_CHANGE_PERMS
-	use anonren 	&& append-cppflags -DANON_CAN_RENAME
-	use anonres 	&& append-cppflags -DANON_CAN_RESUME
-	use resolveids 	&& append-cppflags -DALWAYS_RESOLVE_IDS
+	use anondel	&& append-cppflags -DANON_CAN_DELETE
+	use anonperm	&& append-cppflags -DANON_CAN_CHANGE_PERMS
+	use anonren	&& append-cppflags -DANON_CAN_RENAME
+	use anonres	&& append-cppflags -DANON_CAN_RESUME
+	use resolveids	&& append-cppflags -DALWAYS_RESOLVE_IDS
 
 	# Do not auto-use SSP -- let the user select this.
 	export ax_cv_check_cflags___fstack_protector_all=no
@@ -73,7 +70,7 @@ src_configure() {
 	local myeconfargs=(
 		--enable-largefile
 		# Required for correct pid file location.
-		# pure-ftpd appends "/run/pure-ftpd.pid" to the localstatedir
+		# Pure-FTPd appends "/run/pure-ftpd.pid" to the localstatedir
 		# path, and tries to write to that file even when being
 		# started in foreground. So we need to pin this to /
 		--localstatedir="${EPREFIX}"/
@@ -91,40 +88,41 @@ src_configure() {
 		--with-throttling
 		--with-uploadscript
 		--with-virtualhosts
+		$(use_with implicittls)
 		$(use_with ldap)
 		$(use_with mysql)
 		$(use_with pam)
 		$(use_with paranoidmsg)
 		$(use_with postgres pgsql)
 		$(use_with ssl tls)
-		$(use_with implicittls)
-		$(use_with vchroot virtualchroot)
 		$(use_with sysquota sysquotas)
+		$(use_with vchroot virtualchroot)
 		$(usex caps '' '--without-capabilities')
 		$(usex noiplog '--without-iplogging' '')
 		$(usex xinetd '' '--without-inetd')
 	)
+
 	econf "${myeconfargs[@]}"
 }
 
 src_install() {
-	local DOCS=( AUTHORS ChangeLog FAQ HISTORY README* NEWS )
-
 	default
 
-	newinitd "${FILESDIR}/pure-ftpd.rc11" ${PN}
-	newconfd "${FILESDIR}/pure-ftpd.conf_d-3" ${PN}
+	newinitd "${FILESDIR}/pure-ftpd.initd-r12" pure-ftpd
+	newconfd "${FILESDIR}/pure-ftpd.confd-r4" pure-ftpd
+
+	newinitd "${FILESDIR}/pure-uploadscript.initd" pure-uploadscript
+	newconfd "${FILESDIR}/pure-uploadscript.confd" pure-uploadscript
 
 	if use implicittls ; then
-		sed -i '/^SERVER/s@21@990@' "${ED}"/etc/conf.d/${PN} \
-			|| die "Adjusting default server port for implicittls usage failed!"
+		sed -e '/^# Bind/s@21@990@' -i "${ED}"/etc/pure-ftpd.conf || die
 	fi
 
-	keepdir /var/lib/run/${PN}
+	if use ssl ; then
+		newinitd "${FILESDIR}/pure-certd.initd" pure-certd
 
-	if use xinetd ; then
-		insinto /etc/xinetd.d
-		newins "${FILESDIR}/pure-ftpd.xinetd" ${PN}
+		exeinto /etc
+		newexe "${FILESDIR}/pure-certd.script" pure-certd.sh
 	fi
 
 	if use ldap ; then
@@ -134,17 +132,30 @@ src_install() {
 		insopts -m 0600
 		doins pureftpd-ldap.conf
 	fi
+
+	if use xinetd  ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/pure-ftpd.xinetd" pure-ftpd
+	fi
 }
 
 pkg_postinst() {
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+	if [[ -z "${REPLACING_VERSIONS}" ]] ; then
 		# This is a new installation
 		elog
-		elog "Before starting Pure-FTPd, you have to edit the /etc/conf.d/pure-ftpd file!"
+		elog "Before starting Pure-FTPd, you have to edit the /etc/pure-ftpd.conf file!"
 		elog
 		ewarn "It's *really* important to read the README provided with Pure-FTPd!"
 		ewarn "Check out http://download.pureftpd.org/pub/pure-ftpd/doc/README for general info"
 		ewarn "and http://download.pureftpd.org/pub/pure-ftpd/doc/README.TLS for SSL/TLS info."
 		ewarn
+	else
+		for v in ${REPLACING_VERSIONS} ; do
+			if ver_test "${v}" -le "1.0.50" ; then
+				einfo "Configuration through /etc/conf.d/pure-ftpd is now deprecated!"
+				einfo "Please migrate your settings to the new configuration file."
+				einfo "Use /etc/pure-ftpd.conf to adjust your settings."
+			fi
+		done
 	fi
 }
author	Conrad Kostecki <conikost@gentoo.org>	2022-03-27 03:31:32 +0200
committer	Lars Wendler <polynomial-c@gentoo.org>	2022-04-16 15:45:00 +0200
commit	3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6 (patch)
tree	8e5994e6ee117d971338b18a32235b64e00a6678 /net-ftp
parent	app-office/lyx: Keyword 2.3.6.1-r1 riscv, #838088 (diff)
download	gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.gz gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.tar.bz2 gentoo-3e3e91f811c2f74ee5ef2acf2ab9333b2c9927f6.zip