From owner-svn-ports-all@freebsd.org Tue Oct 1 19:17:01 2019 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A631C13E576; Tue, 1 Oct 2019 19:17:01 +0000 (UTC) (envelope-from sunpoet@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46jTXs3wcwz4HKg; Tue, 1 Oct 2019 19:17:01 +0000 (UTC) (envelope-from sunpoet@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6A1E21FEF1; Tue, 1 Oct 2019 19:17:01 +0000 (UTC) (envelope-from sunpoet@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x91JH1D6098372; Tue, 1 Oct 2019 19:17:01 GMT (envelope-from sunpoet@FreeBSD.org) Received: (from sunpoet@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x91JH0t6098362; Tue, 1 Oct 2019 19:17:00 GMT (envelope-from sunpoet@FreeBSD.org) Message-Id: <201910011917.x91JH0t6098362@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: sunpoet set sender to sunpoet@FreeBSD.org using -f From: Sunpoet Po-Chuan Hsieh Date: Tue, 1 Oct 2019 19:17:00 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r513524 - in head/security/denyhosts: . files X-SVN-Group: ports-head X-SVN-Commit-Author: sunpoet X-SVN-Commit-Paths: in head/security/denyhosts: . files X-SVN-Commit-Revision: 513524 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Oct 2019 19:17:01 -0000 Author: sunpoet Date: Tue Oct 1 19:16:59 2019 New Revision: 513524 URL: https://svnweb.freebsd.org/changeset/ports/513524 Log: Update to 3.1 - Change MASTER_SITES from SF to GitHub - Add LICENSE_FILE - Relax USES=python - Update CPE - Update WWW Changes: https://github.com/denyhosts/denyhosts/releases PR: 200837 (based on) Submitted by: Jesse Smith Added: head/security/denyhosts/files/patch-denyhosts.conf (contents, props changed) Deleted: head/security/denyhosts/files/patch-DenyHosts__regex.py head/security/denyhosts/files/patch-denyhosts.cfg-dist head/security/denyhosts/files/patch-scripts__restricted_from_passwd.py head/security/denyhosts/pkg-plist Modified: head/security/denyhosts/Makefile head/security/denyhosts/distinfo head/security/denyhosts/files/patch-daemon-control-dist head/security/denyhosts/files/patch-setup.py head/security/denyhosts/pkg-descr Modified: head/security/denyhosts/Makefile ============================================================================== --- head/security/denyhosts/Makefile Tue Oct 1 19:16:54 2019 (r513523) +++ head/security/denyhosts/Makefile Tue Oct 1 19:16:59 2019 (r513524) @@ -2,30 +2,33 @@ # $FreeBSD$ PORTNAME= denyhosts -PORTVERSION= 2.6 -PORTREVISION= 7 +PORTVERSION= 3.1 +DISTVERSIONPREFIX= v CATEGORIES= security -MASTER_SITES= SF -DISTNAME= DenyHosts-${PORTVERSION} +PKGNAMESUFFIX= ${PYTHON_PKGNAMESUFFIX} MAINTAINER= sunpoet@FreeBSD.org -COMMENT= Script to thwart ssh attacks +COMMENT= Script to thwart ssh and imap attacks LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt -OPTIONS_DEFINE= DOCS +BUILD_DEPENDS= ${RUN_DEPENDS} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ipaddr>=0:devel/py-ipaddr@${PY_FLAVOR} -USES= cpe python:2.7 shebangfix +USES= cpe python shebangfix +USE_PYTHON= autoplist concurrent distutils + +NO_ARCH= yes REINPLACE_ARGS= -i '' -USE_PYTHON= autoplist distutils USE_RC_SUBR= denyhosts -CPE_VENDOR= phil_schwartz -NO_ARCH= yes -PORTDOCS= CHANGELOG.txt LICENSE.txt README.txt +PLIST_FILES= "@sample etc/denyhosts.conf.sample" SUB_FILES= pkg-message SUB_LIST= PYTHON=${PYTHON_CMD} +USE_GITHUB= yes + SHEBANG_LANG= env SHEBANG_FILES= daemon-control-dist \ plugins/test_deny.py \ @@ -35,12 +38,11 @@ env_OLD_CMD= /bin/env env_CMD= ${SETENV} post-patch: - @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/daemon-control-dist ${WRKSRC}/denyhosts.cfg-dist ${WRKSRC}/setup.py + @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/daemon-control-dist ${WRKSRC}/denyhosts.conf ${WRKSRC}/setup.py + @${REINPLACE_CMD} -e 's|%%PYTHON_CMD%%|${PYTHON_CMD}|' ${WRKSRC}/daemon-control-dist @${FIND} ${WRKSRC} -type f -name '*.bak' -o -name '*.orig' -delete post-install: - ${INSTALL_DATA} ${WRKSRC}/denyhosts.cfg-dist ${STAGEDIR}${PREFIX}/etc/denyhosts.conf.sample - ${MKDIR} ${STAGEDIR}${DOCSDIR}/ - cd ${WRKSRC}/ && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}/ + ${INSTALL_DATA} ${WRKSRC}/denyhosts.conf ${STAGEDIR}${PREFIX}/etc/denyhosts.conf.sample .include Modified: head/security/denyhosts/distinfo ============================================================================== --- head/security/denyhosts/distinfo Tue Oct 1 19:16:54 2019 (r513523) +++ head/security/denyhosts/distinfo Tue Oct 1 19:16:59 2019 (r513524) @@ -1,2 +1,3 @@ -SHA256 (DenyHosts-2.6.tar.gz) = 5190ead13a7238e3ccf328cb3b71b16716e1c73939909a4f3fa6904ba58ddf7d -SIZE (DenyHosts-2.6.tar.gz) = 42667 +TIMESTAMP = 1567007893 +SHA256 (denyhosts-denyhosts-v3.1_GH0.tar.gz) = 7a6aee5934a56473ad54d373715da1e715ff2ffd19b9dceb54b0297fe8c3a965 +SIZE (denyhosts-denyhosts-v3.1_GH0.tar.gz) = 57160 Modified: head/security/denyhosts/files/patch-daemon-control-dist ============================================================================== --- head/security/denyhosts/files/patch-daemon-control-dist Tue Oct 1 19:16:54 2019 (r513523) +++ head/security/denyhosts/files/patch-daemon-control-dist Tue Oct 1 19:16:59 2019 (r513524) @@ -1,15 +1,18 @@ ---- daemon-control-dist.orig +--- daemon-control-dist.orig 2015-09-16 19:40:15 UTC +++ daemon-control-dist -@@ -11,9 +11,9 @@ +@@ -11,11 +11,11 @@ #### Edit these to suit your configuration #### ############################################### --DENYHOSTS_BIN = "/usr/bin/denyhosts.py" --DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts" --DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg" +-DENYHOSTS_BIN = "/usr/sbin/denyhosts" +-DENYHOSTS_LOCK = "/run/denyhosts.pid" +-DENYHOSTS_CFG = "/etc/denyhosts.conf" +DENYHOSTS_BIN = "%%PREFIX%%/bin/denyhosts.py" -+DENYHOSTS_LOCK = "/var/run/denyhosts" -+DENYHOSTS_CFG = "%%PREFIX%%/share/denyhosts/denyhosts.cfg" ++DENYHOSTS_LOCK = "/var/run/denyhosts.pid" ++DENYHOSTS_CFG = "%%PREFIX%%/etc/denyhosts.conf" +-PYTHON_BIN = "/usr/bin/env python" ++PYTHON_BIN = "%%PYTHON_CMD%%" ############################################### + #### Do not edit below #### Added: head/security/denyhosts/files/patch-denyhosts.conf ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/denyhosts/files/patch-denyhosts.conf Tue Oct 1 19:16:59 2019 (r513524) @@ -0,0 +1,67 @@ +--- denyhosts.conf.orig 2015-09-16 19:40:15 UTC ++++ denyhosts.conf +@@ -12,7 +12,7 @@ + #SECURE_LOG = /var/log/secure + # + # Mandrake, FreeBSD or OpenBSD: +-#SECURE_LOG = /var/log/auth.log ++SECURE_LOG = /var/log/auth.log + # + # SuSE or Gentoo: + #SECURE_LOG = /var/log/messages +@@ -25,7 +25,7 @@ + #SECURE_LOG=/private/var/log/system.log + # + # Debian and Ubuntu +-SECURE_LOG = /var/log/auth.log ++#SECURE_LOG = /var/log/auth.log + ######################################################################## + + ######################################################################## +@@ -33,7 +33,8 @@ SECURE_LOG = /var/log/auth.log + # HOSTS_DENY: the file which contains restricted host access information + # + # Most operating systems: +-HOSTS_DENY = /etc/hosts.deny ++#HOSTS_DENY = /etc/hosts.deny ++HOSTS_DENY = /etc/hosts.deniedssh + # + # Some BSD (FreeBSD) Unixes: + #HOSTS_DENY = /etc/hosts.allow +@@ -92,7 +93,7 @@ PURGE_DENY = + # To block all services for the offending host: + #BLOCK_SERVICE = ALL + # To block only sshd: +-BLOCK_SERVICE = sshd ++#BLOCK_SERVICE = sshd + # To only record the offending host and nothing else (if using + # an auxilary file to list the hosts). Refer to: + # http://denyhost.sourceforge.net/faq.html#aux +@@ -162,7 +163,8 @@ DETECT_DOVECOT_LOGIN_ATTEMPTS = NO + # Note: it is recommended that you use an absolute pathname + # for this value (eg. /home/foo/denyhost/data) + # +-WORK_DIR = /var/lib/denyhosts ++#WORK_DIR = /var/lib/denyhosts ++WORK_DIR = %%PREFIX%%/share/denyhosts/data + # + ####################################################################### + +@@ -220,7 +222,7 @@ HOSTNAME_LOOKUP=NO + # Redhat/Fedora: + #LOCK_FILE = /var/lock/subsys/denyhosts + # +-# Debian or Gentoo ++# FreeBSD, Debian or Gentoo + LOCK_FILE = /var/run/denyhosts.pid + # + # Misc +@@ -502,6 +504,8 @@ AGE_RESET_INVALID=10d + # http://denyhost.sf.net/faq.html#userdef_regex + # + #USERDEF_FAILED_ENTRY_REGEX= ++USERDEF_FAILED_ENTRY_REGEX=[a|A]uthentication error for (?Pinvalid user |illegal user )?(?P.*?) from (::ffff:)?(?P\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) ++USERDEF_FAILED_ENTRY_REGEX=[a|A]uthentication error for (?Pinvalid user |illegal user )?(?P.*?) from (?P.*) + # + # + ###################################################################### Modified: head/security/denyhosts/files/patch-setup.py ============================================================================== --- head/security/denyhosts/files/patch-setup.py Tue Oct 1 19:16:54 2019 (r513523) +++ head/security/denyhosts/files/patch-setup.py Tue Oct 1 19:16:59 2019 (r513524) @@ -1,24 +1,21 @@ ---- setup.py.orig +--- setup.py.orig 2015-09-16 19:40:15 UTC +++ setup.py -@@ -8,7 +8,7 @@ - from glob import glob +@@ -11,8 +11,8 @@ from DenyHosts.util import normalize_whi + from DenyHosts.version import VERSION - + etcpath = "/etc" +-manpath = "/usr/share/man/man8" -libpath = "/usr/share/denyhosts" ++manpath = "%%PREFIX%%/man/man8" +libpath = "%%PREFIX%%/share/denyhosts" - scriptspath = "%s/scripts" % libpath - pluginspath = "%s/plugins" % libpath + scriptspath = ospj("scripts", libpath) + pluginspath = ospj("plugins", libpath) -@@ -26,11 +26,8 @@ - data_files=[(libpath, glob("denyhosts.cfg-dist")), - (libpath, glob("setup.py")), - (libpath, glob("daemon-control-dist")), -- (libpath, glob("CHANGELOG.txt")), -- (libpath, glob("README.txt")), - (scriptspath, glob("scripts/*")), -- (pluginspath, glob("plugins/*")), -- (libpath, glob("LICENSE.txt"))], -+ (pluginspath, glob("plugins/*"))], - license="GPL v2", - ##extra_path='denyhosts', - long_description=""" +@@ -28,7 +28,6 @@ setup( + packages=["DenyHosts"], + requires=["ipaddr"], + data_files=[ +- (etcpath, glob("denyhosts.conf")), + (manpath, glob("denyhosts.8")), + ], + license="GPL v2", Modified: head/security/denyhosts/pkg-descr ============================================================================== --- head/security/denyhosts/pkg-descr Tue Oct 1 19:16:54 2019 (r513523) +++ head/security/denyhosts/pkg-descr Tue Oct 1 19:16:59 2019 (r513524) @@ -1,5 +1,5 @@ -DenyHosts is a script intended to be run by *ix system administrators to -help thwart ssh server attacks. +DenyHosts is a utility developed by Phil Schwartz and maintained by a number of +developers which aims to thwart sshd (ssh server) brute force attacks. If you've ever looked at your ssh log (/var/log/auth.log ) you may be alarmed to see how many hackers attempted to gain access to your server. @@ -18,4 +18,4 @@ Denyhosts helps you: - Optionally sends an email of newly banned hosts and suspicious logins. - Resolves IP addresses to hostnames, if you want -WWW: http://denyhosts.sourceforge.net/ +WWW: https://github.com/denyhosts/denyhosts