github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove a bunch of patches (merged upstream)

debian
Sylvestre Ledru 2022-09-28 07:33:38 -10:00
parent fc88fb6e47
commit 276fb8b2ab
10 changed files with 1 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/changelog vendored
View File

@ -11,6 +11,7 @@ fail2ban (1.0.1-1~exp1) experimental; urgency=medium
[ Sylvestre Ledru ] [ Sylvestre Ledru ]
* New upstream release * New upstream release
* Fix debian/watch * Fix debian/watch
* Remove a bunch of patches (merged upstream)
-- Sylvestre Ledru <sylvestre@debian.org> Wed, 28 Sep 2022 07:16:20 -1000 -- Sylvestre Ledru <sylvestre@debian.org> Wed, 28 Sep 2022 07:16:20 -1000

64
debian/patches/997601-use_2to3.diff vendored
View File

@ -1,64 +0,0 @@
From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001
From: sebres <info@sebres.de>
Date: Sun, 19 Sep 2021 18:49:18 +0200
Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup
command: use_2to3 is invalid (setuptools 58+)
---
setup.py | 16 +---------------
1 file changed, 1 insertion(+), 15 deletions(-)
Index: fail2ban/setup.py
===================================================================
--- fail2ban.orig/setup.py
+++ fail2ban/setup.py
@@ -56,7 +56,7 @@ import warnings
from glob import glob
from fail2ban.setup import updatePyExec
-
+from fail2ban.version import version
source_dir = os.path.realpath(os.path.dirname(
# __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.):
@@ -120,22 +120,12 @@ class install_scripts_f2b(install_script
# Wrapper to specify fail2ban own options:
class install_command_f2b(install):
user_options = install.user_options + [
- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'),
('without-tests', None, 'without tests files installation'),
]
def initialize_options(self):
- self.disable_2to3 = None
self.without_tests = not with_tests
install.initialize_options(self)
def finalize_options(self):
- global _2to3
- ## in the test cases 2to3 should be already done (fail2ban-2to3):
- if self.disable_2to3:
- _2to3 = False
- if _2to3:
- cmdclass = self.distribution.cmdclass
- cmdclass['build_py'] = build_py_2to3
- cmdclass['build_scripts'] = build_scripts_2to3
if self.without_tests:
self.distribution.scripts.remove('bin/fail2ban-testcases')
@@ -186,7 +176,6 @@ commands.'''
if setuptools:
setup_extra = {
'test_suite': "fail2ban.tests.utils.gatherTests",
- 'use_2to3': True,
}
else:
setup_extra = {}
@@ -210,9 +199,6 @@ if platform_system in ('linux', 'solaris
('/usr/share/doc/fail2ban', doc_files)
)
-# Get version number, avoiding importing fail2ban.
-# This is due to tests not functioning for python3 as 2to3 takes place later
-exec(open(join("fail2ban", "version.py")).read())
setup(
name = "fail2ban",

23
debian/patches/courier-auth.diff vendored
View File

@ -1,23 +0,0 @@
diff --git a/config/filter.d/courier-auth.conf b/config/filter.d/courier-auth.conf
index 1ac33736a..d5ba9c505 100644
--- a/config/filter.d/courier-auth.conf
+++ b/config/filter.d/courier-auth.conf
@@ -11,7 +11,7 @@ before = common.conf
_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
-failregex = ^%(__prefix_line)sLOGIN FAILED, (?:user|method)=.*, ip=\[<HOST>\]$
+failregex = ^%(__prefix_line)sLOGIN FAILED, (?:(?!ip=)(?:user=<F-USER>[^,]*</F-USER>|\w+=[^,]*), )*ip=\[<HOST>\]
ignoreregex =
diff --git a/fail2ban/tests/files/logs/courier-auth b/fail2ban/tests/files/logs/courier-auth
index 3505e1092..8a20a27fb 100644
--- a/fail2ban/tests/files/logs/courier-auth
+++ b/fail2ban/tests/files/logs/courier-auth
@@ -8,3 +8,5 @@ Nov 13 08:11:53 server imapd-ssl: LOGIN FAILED, user=user@domain.tld, ip=[::ffff
Apr 17 19:17:11 SERVER courierpop3login: LOGIN FAILED, user=USER@EXAMPLE.org, ip=[::ffff:1.2.3.4]
# failJSON: { "time": "2005-04-17T19:17:12", "match": true , "host": "192.0.2.4" }
Apr 17 19:17:12 server imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:192.0.2.4]
+# failJSON: { "time": "2005-04-27T09:00:00", "match": true , "user": "tester", "host": "192.0.2.5" }
+Apr 27 09:00:00 servername imapd: LOGIN FAILED, user=tester, ip=[::ffff:192.0.2.5], port=[255]

11
debian/patches/debian_roundcube.diff vendored
View File

@ -1,11 +0,0 @@
Index: fail2ban/config/paths-debian.conf
===================================================================
--- fail2ban.orig/config/paths-debian.conf
+++ fail2ban/config/paths-debian.conf
@@ -26,3 +26,6 @@ exim_main_log = /var/log/exim4/mainlog
# was in debian squeezy but not in wheezy
# /etc/proftpd/proftpd.conf (SystemLog)
proftpd_log = /var/log/proftpd/proftpd.log
+
+# Debian specific path
+roundcube_errors_log = /var/log/roundcube/errors.log

9
debian/patches/fix-race.diff vendored
View File

@ -1,9 +0,0 @@
Index: fail2ban/files/fail2ban.service.in
===================================================================
--- fail2ban.orig/files/fail2ban.service.in
+++ fail2ban/files/fail2ban.service.in
@@ -20,3 +20,4 @@ Environment="PYTHONNOUSERSITE=yes"
[Install]
WantedBy=multi-user.target
+WantedBy=logrotate.service

13
debian/patches/fix-typo.diff vendored
View File

@ -1,13 +0,0 @@
Index: fail2ban/man/fail2ban-client.1
===================================================================
--- fail2ban.orig/man/fail2ban-client.1
+++ fail2ban/man/fail2ban-client.1
@@ -415,7 +415,7 @@ gets the time a host is banned for
<JAIL>
.TP
\fBget <JAIL> datepattern\fR
-gets the patern used to match
+gets the pattern used to match
date/times for <JAIL>
.TP
\fBget <JAIL> usedns\fR

10
debian/patches/python3-test-suite.diff vendored
View File

@ -1,10 +0,0 @@
Index: fail2ban/bin/fail2ban-testcases
===================================================================
--- fail2ban.orig/bin/fail2ban-testcases
+++ fail2ban/bin/fail2ban-testcases
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
# vi: set ft=python sts=4 ts=4 sw=4 noet :
"""Script to run Fail2Ban tests battery

61
debian/patches/python3.10.diff vendored
View File

@ -1,61 +0,0 @@
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 7a1d31df3d..262448c2da 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
runs-on: ubuntu-20.04
strategy:
matrix:
- python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, pypy2, pypy3]
+ python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, '3.10.0-alpha.5', pypy2, pypy3]
fail-fast: false
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
index 3bc48fe046..f0f1e6f59a 100644
--- a/fail2ban/server/action.py
+++ b/fail2ban/server/action.py
@@ -30,7 +30,10 @@
import threading
import time
from abc import ABCMeta
-from collections import MutableMapping
+try:
+ from collections.abc import MutableMapping
+except ImportError:
+ from collections import MutableMapping
from .failregex import mapTag2Opt
from .ipdns import DNSUtils
diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
index b7b95b445a..897d907c1a 100644
--- a/fail2ban/server/actions.py
+++ b/fail2ban/server/actions.py
@@ -28,7 +28,10 @@
import os
import sys
import time
-from collections import Mapping
+try:
+ from collections.abc import Mapping
+except ImportError:
+ from collections import Mapping
try:
from collections import OrderedDict
except ImportError:
diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
index 972a8c4bd2..27e12ddf65 100644
--- a/fail2ban/server/jails.py
+++ b/fail2ban/server/jails.py
@@ -22,7 +22,10 @@
__license__ = "GPL"
from threading import Lock
-from collections import Mapping
+try:
+ from collections.abc import Mapping
+except ImportError:
+ from collections import Mapping
from ..exceptions import DuplicateJailException, UnknownJailException
from .jail import Jail

59
debian/patches/scanlogd.patch vendored
View File

@ -1,59 +0,0 @@
From f15ed356198728c18470794ce6d88fb786571dc4 Mon Sep 17 00:00:00 2001
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Date: Thu, 25 Feb 2021 20:13:18 +0100
Subject: [PATCH 1/5] config/: Add support for filtering out detected port
scans via scanlogd.
---
config/filter.d/scanlogd.conf | 17 +++++++++++++++++
config/jail.conf | 3 +++
2 files changed, 20 insertions(+)
create mode 100644 config/filter.d/scanlogd.conf
Index: fail2ban/config/filter.d/scanlogd.conf
===================================================================
--- /dev/null
+++ fail2ban/config/filter.d/scanlogd.conf
@@ -0,0 +1,17 @@
+# Fail2Ban filter for port scans detected by scanlogd
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = scanlogd
+
+failregex = ^%(__prefix_line)s<ADDR>(?::<F-PORT/>)? to \S+ ports\b
+
+ignoreregex =
+
+# Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Index: fail2ban/config/jail.conf
===================================================================
--- fail2ban.orig/config/jail.conf
+++ fail2ban/config/jail.conf
@@ -962,3 +962,7 @@ logpath = %(apache_error_log)s
# see `filter.d/traefik-auth.conf` for details and service example.
port = http,https
logpath = /var/log/traefik/access.log
+
+[scanlogd]
+logpath = %(syslog_local0)s
+banaction = %(banaction_allports)s
Index: fail2ban/fail2ban/tests/files/logs/scanlogd
===================================================================
--- /dev/null
+++ fail2ban/fail2ban/tests/files/logs/scanlogd
@@ -0,0 +1,8 @@
+# failJSON: { "time": "2005-03-05T21:44:43", "match": true , "host": "192.0.2.123" }
+Mar 5 21:44:43 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 80, 81, 83, 88, 99, 443, 1080, 3128, ..., f????uxy, TOS 00, TTL 49 @20:44:43
+# failJSON: { "time": "2005-03-05T21:44:44", "match": true , "host": "192.0.2.123" }
+Mar 5 21:44:44 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 497, 515, 544, 543, 464, 513, ..., fSrpauxy, TOS 00 @09:04:25
+# failJSON: { "time": "2005-03-05T21:44:45", "match": true , "host": "192.0.2.123" }
+Mar 5 21:44:45 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 593, 548, 636, 646, 625, 631, ..., fSrpauxy, TOS 00, TTL 239 @17:34:00
+# failJSON: { "time": "2005-03-05T21:44:46", "match": true , "host": "192.0.2.123" }
+Mar 5 21:44:46 srv scanlogd: 192.0.2.123 to 192.0.2.1 ports 22, 26, 37, 80, 25, 79, ..., fSrpauxy, TOS 00 @22:38:37

7
debian/patches/series vendored
View File

@ -6,11 +6,4 @@ deb_no_iptables_service
python3-test-suite.diff python3-test-suite.diff
no-python-user.diff no-python-user.diff
roundcube.diff roundcube.diff
debian_roundcube.diff
systemd-run.diff systemd-run.diff
scanlogd.patch
997601-use_2to3.diff
python3.10.diff
#fix-race.diff
courier-auth.diff
fix-typo.diff