Merge branch 'master' into epel7

Conflicts:
	fail2ban.spec
i9ce
Orion Poplawski 8 years ago
commit 0057598933

1
.gitignore vendored

@ -12,3 +12,4 @@ fail2ban-0.8.4.tar.bz2
/fail2ban-0.9.3.tar.gz /fail2ban-0.9.3.tar.gz
/fail2ban-0.9.4.tar.gz /fail2ban-0.9.4.tar.gz
/fail2ban-0.9.5.tar.gz /fail2ban-0.9.5.tar.gz
/fail2ban-0.9.6.tar.gz

@ -0,0 +1,8 @@
from Config import *
addFilter("incoherent-logrotate-file /etc/logrotate.d/fail2ban");
addFilter("macro-in-comment %{(name|version|release)}");
addFilter("spelling-error .* (tcp|sendmail|shorewall|sshd)");
# Tests
addFilter("hidden-file-or-dir .*fail2ban/tests/files/config/apache.*/\.htpasswd");
addFilter("htaccess-file-error .*fail2ban/tests/files/config/apache.*/\.htaccess");
addFilter("zero-length .*fail2ban/tests/files/files/");

@ -1,60 +0,0 @@
From c49fe12f701807a8d89bfe57c9f7f492375a0a53 Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Mon, 15 Aug 2016 12:53:40 +0200
Subject: [PATCH] fix fail2banregextestcase using setUpMyTime/tearDownMyTime:
always use correct static time as base-time (using mock up MyTime), correct
datetimes inside test
---
fail2ban/tests/fail2banregextestcase.py | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/fail2ban/tests/fail2banregextestcase.py b/fail2ban/tests/fail2banregextestcase.py
index 3321ffd..1119efd 100644
--- a/fail2ban/tests/fail2banregextestcase.py
+++ b/fail2ban/tests/fail2banregextestcase.py
@@ -39,7 +39,7 @@
from ..client import fail2banregex
from ..client.fail2banregex import Fail2banRegex, get_opt_parser, output
-from .utils import LogCaptureTestCase, logSys
+from .utils import setUpMyTime, tearDownMyTime, LogCaptureTestCase, logSys
from .utils import CONFIG_DIR
@@ -70,10 +70,12 @@ class Fail2banRegexTest(LogCaptureTestCase):
def setUp(self):
"""Call before every test case."""
LogCaptureTestCase.setUp(self)
+ setUpMyTime()
def tearDown(self):
"""Call after every test case."""
LogCaptureTestCase.tearDown(self)
+ tearDownMyTime()
def testWrongRE(self):
(opts, args, fail2banRegex) = _Fail2banRegex(
@@ -159,8 +161,8 @@ def testVerbose(self):
self.assertTrue(fail2banRegex.start(opts, args))
self.assertLogged('Lines: 13 lines, 0 ignored, 5 matched, 8 missed')
- self.assertLogged('141.3.81.106 Fri Aug 14 11:53:59 2015')
- self.assertLogged('141.3.81.106 Fri Aug 14 11:54:59 2015')
+ self.assertLogged('141.3.81.106 Sun Aug 14 11:53:59 2005')
+ self.assertLogged('141.3.81.106 Sun Aug 14 11:54:59 2005')
def testWronChar(self):
(opts, args, fail2banRegex) = _Fail2banRegex(
@@ -169,9 +171,8 @@ def testWronChar(self):
self.assertTrue(fail2banRegex.start(opts, args))
self.assertLogged('Lines: 4 lines, 0 ignored, 2 matched, 2 missed')
- self.assertLogged('Error decoding line');
- self.assertLogged('Continuing to process line ignoring invalid characters:', '2015-01-14 20:00:58 user ');
- self.assertLogged('Continuing to process line ignoring invalid characters:', '2015-01-14 20:00:59 user ');
+ self.assertLogged('Error decoding line')
+ self.assertLogged('Continuing to process line ignoring invalid characters:')
self.assertLogged('Nov 8 00:16:12 main sshd[32548]: input_userauth_request: invalid user llinco')
self.assertLogged('Nov 8 00:16:12 main sshd[32547]: pam_succeed_if(sshd:auth): error retrieving information about user llinco')

@ -1,14 +1,14 @@
commit 6a5f8ddf63658f3645a88988641c06d5a9625c00 diff -up fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-auth.conf
Author: Orion Poplawski <orion@cora.nwra.com> --- fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail 2017-01-06 19:00:12.228687290 -0700
Date: Mon Oct 3 16:26:11 2016 -0600 +++ fail2ban-0.9.6/config/filter.d/sendmail-auth.conf 2017-01-06 19:01:33.991702030 -0700
@@ -7,12 +7,16 @@ before = common.conf
Add sendmail journalmatch options [Definition]
diff --git a/config/filter.d/sendmail-auth.conf b/config/filter.d/sendmail-auth.conf -_daemon = (?:sm-(mta|acceptingconnections))
index 138fbb8..7886e60 100644 +_daemon = (?:sendmail|sm-(?:mta|acceptingconnections))
--- a/config/filter.d/sendmail-auth.conf
+++ b/config/filter.d/sendmail-auth.conf failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
@@ -13,6 +13,10 @@ failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: po
ignoreregex = ignoreregex =
@ -19,10 +19,9 @@ index 138fbb8..7886e60 100644
# DEV Notes: # DEV Notes:
# #
# Author: Daniel Black # Author: Daniel Black
diff --git a/config/filter.d/sendmail-reject.conf b/config/filter.d/sendmail-reject.conf diff -up fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-reject.conf
index 93b8343..219d910 100644 --- fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail 2017-01-06 19:00:12.229687303 -0700
--- a/config/filter.d/sendmail-reject.conf +++ fail2ban-0.9.6/config/filter.d/sendmail-reject.conf 2017-01-06 19:00:12.229687303 -0700
+++ b/config/filter.d/sendmail-reject.conf
@@ -33,6 +33,8 @@ ignoreregex = @@ -33,6 +33,8 @@ ignoreregex =
[Init] [Init]

@ -1,12 +0,0 @@
diff -up fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py.test fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py
--- fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py.test 2016-03-09 10:43:53.649645648 -0700
+++ fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py 2016-03-09 11:00:19.208546116 -0700
@@ -632,8 +632,6 @@ class JailsReaderTest(LogCaptureTestCase
# and we know even some of them by heart
for j in ['sshd', 'recidive']:
- # by default we have 'auto' backend ATM
- self.assertTrue(['add', j, 'auto'] in comm_commands)
# and warn on useDNS
self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
self.assertTrue(['start', j] in comm_commands)

@ -1,17 +1,11 @@
Summary: Daemon to ban hosts that cause multiple authentication errors Summary: Daemon to ban hosts that cause multiple authentication errors
Name: fail2ban Name: fail2ban
Version: 0.9.5 Version: 0.9.6
Release: 3%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
URL: http://fail2ban.sourceforge.net/ URL: http://fail2ban.sourceforge.net/
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
#Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz #Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz
# Fix failing test
# https://github.com/fail2ban/fail2ban/issues/1353
Patch0: fail2ban-test.patch
# Upstream patch to fix failing tests
# https://github.com/fail2ban/fail2ban/commit/c49fe12f701807a8d89bfe57c9f7f492375a0a53
Patch1: https://github.com/fail2ban/fail2ban/commit/c49fe12f701807a8d89bfe57c9f7f492375a0a53.patch
# Give up being PartOf iptables for now # Give up being PartOf iptables for now
# https://bugzilla.redhat.com/show_bug.cgi?id=1379141 # https://bugzilla.redhat.com/show_bug.cgi?id=1379141
Patch2: fail2ban-partof.patch Patch2: fail2ban-partof.patch
@ -111,6 +105,14 @@ This package enables support for manipulating tcp_wrapper's /etc/hosts.deny
files. files.
%package tests
Summary: Fail2Ban testcases
Requires: %{name}-server = %{version}-%{release}
%description tests
This package contains Fail2Ban's testscases and scripts.
%package mail %package mail
Summary: Mail actions for Fail2Ban Summary: Mail actions for Fail2Ban
Requires: %{name}-server = %{version}-%{release} Requires: %{name}-server = %{version}-%{release}
@ -137,7 +139,7 @@ Requires: %{name}-server = %{version}-%{release}
Requires: shorewall Requires: shorewall
%description shorewall %description shorewall
This package enables support for manipulating shoreall rules. This package enables support for manipulating shorewall rules.
%package systemd %package systemd
@ -151,8 +153,6 @@ by default.
%prep %prep
%setup -q %setup -q
%patch0 -p1 -b .test
%patch1 -p1
%patch2 -p1 -b .partof %patch2 -p1 -b .partof
%patch3 -p1 -b .sendmail %patch3 -p1 -b .sendmail
# Use Fedora paths # Use Fedora paths
@ -176,7 +176,7 @@ install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1
install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5 install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/ install -d -m 0755 %{buildroot}/run/fail2ban/
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/ install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
mkdir -p %{buildroot}%{_tmpfilesdir} mkdir -p %{buildroot}%{_tmpfilesdir}
install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_tmpfilesdir}/fail2ban.conf install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_tmpfilesdir}/fail2ban.conf
@ -235,17 +235,21 @@ fi
%files server %files server
%doc README.md TODO ChangeLog COPYING doc/*.txt %doc README.md TODO ChangeLog COPYING doc/*.txt
%{_bindir}/fail2ban-server
%{_bindir}/fail2ban-client %{_bindir}/fail2ban-client
%{_bindir}/fail2ban-python
%{_bindir}/fail2ban-regex %{_bindir}/fail2ban-regex
%{_bindir}/fail2ban-testcases %{_bindir}/fail2ban-server
%{python_sitelib}/* %{python2_sitelib}/*
%exclude %{python2_sitelib}/fail2ban/tests
%if 0%{?fedora} || 0%{?rhel} >= 7 %if 0%{?fedora} || 0%{?rhel} >= 7
%{_unitdir}/fail2ban.service %{_unitdir}/fail2ban.service
%else %else
%{_initddir}/fail2ban %{_initddir}/fail2ban
%endif %endif
%{_mandir}/man1/fail2ban*.1* %{_mandir}/man1/fail2ban.1*
%{_mandir}/man1/fail2ban-client.1*
%{_mandir}/man1/fail2ban-regex.1*
%{_mandir}/man1/fail2ban-server.1*
%{_mandir}/man5/*.5* %{_mandir}/man5/*.5*
%config(noreplace) %{_sysconfdir}/fail2ban %config(noreplace) %{_sysconfdir}/fail2ban
%exclude %{_sysconfdir}/fail2ban/action.d/complain.conf %exclude %{_sysconfdir}/fail2ban/action.d/complain.conf
@ -257,7 +261,7 @@ fi
%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban %config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
%{_tmpfilesdir}/fail2ban.conf %{_tmpfilesdir}/fail2ban.conf
%dir %{_localstatedir}/lib/fail2ban/ %dir %{_localstatedir}/lib/fail2ban/
%dir %{_localstatedir}/run/fail2ban/ %ghost %dir /run/fail2ban/
%files all %files all
@ -267,6 +271,11 @@ fi
%files hostsdeny %files hostsdeny
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf %config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
%files tests
%{_bindir}/fail2ban-testcases
%{_mandir}/man1/fail2ban-testcases.1*
%{python2_sitelib}/fail2ban/tests
%files mail %files mail
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf %config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf %config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf
@ -282,6 +291,18 @@ fi
%changelog %changelog
* Fri Jan 6 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-1
- Update to 0.9.6
- Fix sendmail-auth filter (bug #1329919)
* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 0.9.5-5
- Rebuild for Python 3.6
* Fri Oct 7 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-4
- %%ghost /run/fail2ban
- Fix typo in shorewall description
- Move tests to -tests sub-package
* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-3 * Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-3
- Add journalmatch entries for sendmail (bug #1329919) - Add journalmatch entries for sendmail (bug #1329919)

@ -1 +1 @@
1b59fc84a40b790e3f959257d64ab313 fail2ban-0.9.5.tar.gz SHA512 (fail2ban-0.9.6.tar.gz) = 4a0c09451409f81882664c2316867aa1c45572018b7f4647f8dc356f9115c9c2ff4a17098ef249bcc6712acfed6b5c99518b1c069ef1bf253d96c900d29be1d2

Loading…
Cancel
Save