fail2ban: update to 1.1.0.

void-linux · Jul 20, 2024 · 71af982 · 71af982
1 parent af3f54c
commit 71af982
Show file tree

Hide file tree

Showing 2 changed files with 104 additions and 6 deletions.
diff --git a/srcpkgs/fail2ban/patches/filter-sshd-9.8.patch b/srcpkgs/fail2ban/patches/filter-sshd-9.8.patch
@@ -0,0 +1,93 @@
+From 2fed408c05ac5206b490368d94599869bd6a056d Mon Sep 17 00:00:00 2001
+From: Fabian Dellwing <fabian.dellwing@mbconnectline.de>
+Date: Tue, 2 Jul 2024 07:54:15 +0200
+Subject: [PATCH 1/5] Adjust sshd filter for OpenSSH 9.8 new daemon name
+
+---
+ config/filter.d/sshd.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf
+index 1c8a02deb5..a1fd749aed 100644
+--- a/config/filter.d/sshd.conf
++++ b/config/filter.d/sshd.conf
+@@ -16,7 +16,7 @@ before = common.conf
+
+ [DEFAULT]
+
+-_daemon = sshd
++_daemon = (?:sshd(?:-session)?)
+
+ # optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
+ __pref = (?:(?:error|fatal): (?:PAM: )?)?
+
+From 7b335f47ea112e2a36e59287582e613aef2fa0a3 Mon Sep 17 00:00:00 2001
+From: "Sergey G. Brester" <serg.brester@sebres.de>
+Date: Wed, 3 Jul 2024 19:09:28 +0200
+Subject: [PATCH 2/5] sshd: add test coverage for new format, gh-3782
+
+---
+ fail2ban/tests/files/logs/sshd | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/fail2ban/tests/files/logs/sshd b/fail2ban/tests/files/logs/sshd
+index ed54ded4d4..7d3948ed80 100644
+--- a/fail2ban/tests/files/logs/sshd
++++ b/fail2ban/tests/files/logs/sshd
+@@ -20,6 +20,9 @@ Feb 25 14:34:10 belka sshd[31603]: Failed password for invalid user ROOT from aa
+ # failJSON: { "time": "2005-02-25T14:34:11", "match": true , "host": "aaaa:bbbb:cccc:1234::1:1" }
+ Feb 25 14:34:11 belka sshd[31603]: Failed password for invalid user ROOT from aaaa:bbbb:cccc:1234::1:1
+
++# failJSON: { "time": "2005-07-03T14:59:17", "match": true , "host": "192.0.2.1", "desc": "new log with session in daemon prefix, gh-3782" }
++Jul  3 14:59:17 host sshd-session[1571]: Failed password for root from 192.0.2.1 port 56502 ssh2
++
+ #3
+ # failJSON: { "time": "2005-01-05T01:31:41", "match": true , "host": "1.2.3.4" }
+ Jan  5 01:31:41 www sshd[1643]: ROOT LOGIN REFUSED FROM 1.2.3.4
+
+From 8360776ce1b119d519a842069c73bec7f5e24fad Mon Sep 17 00:00:00 2001
+From: "Sergey G. Brester" <serg.brester@sebres.de>
+Date: Wed, 3 Jul 2024 19:33:39 +0200
+Subject: [PATCH 3/5] zzz-sshd-obsolete-multiline.conf: adjusted to new
+ sshd-session log format
+
+---
+ fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf b/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf
+index ad8adeb69f..14256ba68c 100644
+--- a/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf
++++ b/fail2ban/tests/config/filter.d/zzz-sshd-obsolete-multiline.conf
+@@ -9,7 +9,7 @@ before = ../../../../config/filter.d/common.conf
+
+ [DEFAULT]
+
+-_daemon = sshd
++_daemon = sshd(?:-session)?
+
+ # optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
+ __pref = (?:(?:error|fatal): (?:PAM: )?)?
+
+From 50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a Mon Sep 17 00:00:00 2001
+From: "Sergey G. Brester" <serg.brester@sebres.de>
+Date: Wed, 3 Jul 2024 19:35:28 +0200
+Subject: [PATCH 4/5] filter.d/sshd.conf: ungroup (unneeded for _daemon)
+
+---
+ config/filter.d/sshd.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf
+index a1fd749aed..3a84b1ba52 100644
+--- a/config/filter.d/sshd.conf
++++ b/config/filter.d/sshd.conf
+@@ -16,7 +16,7 @@ before = common.conf
+
+ [DEFAULT]
+
+-_daemon = (?:sshd(?:-session)?)
++_daemon = sshd(?:-session)?
+
+ # optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
+ __pref = (?:(?:error|fatal): (?:PAM: )?)?
diff --git a/srcpkgs/fail2ban/template b/srcpkgs/fail2ban/template
@@ -1,29 +1,34 @@
 # Template file for 'fail2ban'
 pkgname=fail2ban
-version=1.0.2
-revision=3
+version=1.1.0
+revision=1
 build_style=python3-module
 hostmakedepends="pkg-config python3-setuptools"
-depends="python3-pyasynchat"
+depends="python3-pyasynchat python3-pyasyncore"
+checkdepends="python3-utils ${depends}"
 short_desc="Authentication failure monitor system"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="GPL-2.0-only"
 homepage="https://www.fail2ban.org/"
 changelog="https://raw.githubusercontent.com/fail2ban/fail2ban/master/ChangeLog"
 distfiles="https://github.com/fail2ban/fail2ban/archive/${version}.tar.gz"
-checksum=ae8b0b41f27a7be12d40488789d6c258029b23a01168e3c0d347ee80b325ac23
+checksum=474fcc25afdaf929c74329d1e4d24420caabeea1ef2e041a267ce19269570bae
 conf_files="
  /etc/fail2ban/fail2ban.conf
  /etc/fail2ban/jail.conf
  /etc/fail2ban/action.d/*.conf
  /etc/fail2ban/filter.d/*.conf"
 make_dirs="/var/lib/fail2ban 0700 root root"
 
-pre_build() {
-	./fail2ban-2to3
+do_check() {
+	# testExecuteTimeoutWithNastyChildren and testKillAfterStart fail on CI
+	python3 bin/fail2ban-testcases -i "testExecuteTimeoutWithNastyChildren|testKillAfterStart"
 }
 
 post_install() {
 	rm -rf ${DESTDIR}/${py3_sitelib}/fail2ban/tests
 	vsv fail2ban
+	for f in man/*.{1,5}; do
+		vman "$f"
+	done
 }