Add patch from upstream to fix module imports (Bug #892365)

Add patch from upstream to UTF-8 characters in syslog (Bug #905097)
12 years ago · 83ab8cd69d
parent fc604fe404
commit 83ab8cd69d
3 changed files with 114 additions and 2 deletions
--- a/fail2ban-import.patch
+++ b/fail2ban-import.patch
@ -0,0 +1,75 @@
+commit d561a4c2bbc336db70d5923cf630813bc51dc3ee
+Author: Yaroslav Halchenko <debian@onerussian.com>
+Date:   Mon Jan 28 09:54:08 2013 -0500
+
+    BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112)
+    
+    This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed
+    
+    but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse
+
+diff --git a/fail2ban-client b/fail2ban-client
+index 1d8eb15..13d018e 100755
+--- a/fail2ban-client
+++ b/fail2ban-client
+@@ -27,12 +27,13 @@ import getopt, time, shlex, socket
+ 
+ # Inserts our own modules path first in the list
+ # fix for bug #343821
+-if os.path.abspath(__file__).startswith('/usr/'):
+-	# makes sense to use system-wide library iff -client is also under /usr/
+try:
+	from common.version import version
+except ImportError, e:
+ 	sys.path.insert(1, "/usr/share/fail2ban")
+	from common.version import version
+ 
+-# Now we can import our modules
+-from common.version import version
+# Now we can import the rest of modules
+ from common.protocol import printFormatted
+ from client.csocket import CSocket
+ from client.configurator import Configurator
+diff --git a/fail2ban-regex b/fail2ban-regex
+index a42ed96..f9bc72c 100755
+--- a/fail2ban-regex
+++ b/fail2ban-regex
+@@ -26,13 +26,14 @@ import getopt, sys, time, logging, os
+ 
+ # Inserts our own modules path first in the list
+ # fix for bug #343821
+-if os.path.abspath(__file__).startswith('/usr/'):
+-	# makes sense to use system-wide library iff -regex is also under /usr/
+-    sys.path.insert(1, "/usr/share/fail2ban")
+try:
+	from common.version import version
+except ImportError, e:
+	sys.path.insert(1, "/usr/share/fail2ban")
+	from common.version import version
+ 
+ from client.configparserinc import SafeConfigParserWithIncludes
+ from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
+-from common.version import version
+ from server.filter import Filter
+ from server.failregex import RegexException
+ 
+diff --git a/fail2ban-server b/fail2ban-server
+index bd86e6c..0f3410c 100755
+--- a/fail2ban-server
+++ b/fail2ban-server
+@@ -26,11 +26,12 @@ import getopt, sys, logging, os
+ 
+ # Inserts our own modules path first in the list
+ # fix for bug #343821
+-if os.path.abspath(__file__).startswith('/usr/'):
+-	# makes sense to use system-wide library iff -server is also under /usr/
+try:
+	from common.version import version
+except ImportError, e:
+ 	sys.path.insert(1, "/usr/share/fail2ban")
+	from common.version import version
+ 
+-from common.version import version
+ from server.server import Server
+ 
+ # Gets the instance of the logger.
--- a/fail2ban-utf8.patch
+++ b/fail2ban-utf8.patch
@ -0,0 +1,18 @@
+commit f8983872ad4297ddb3017f4818edd08892dd2129
+Author: Yaroslav Halchenko <debian@onerussian.com>
+Date:   Fri Feb 1 16:07:00 2013 -0500
+
+    BF: return str(host) to avoid spurious characters in the logs (Close gh-113)
+    
+    thanks to opoplawski@github
+
+diff --git a/server/failregex.py b/server/failregex.py
+index 8ce9597..b194d47 100644
+--- a/server/failregex.py
+++ b/server/failregex.py
+@@ -130,4 +130,4 @@ class FailRegex(Regex):
+ 			s = self._matchCache.string
+ 			r = self._matchCache.re
+ 			raise RegexException("No 'host' found in '%s' using '%s'" % (s, r))
+-		return host
+		return str(host)
--- a/fail2ban.spec
+++ b/fail2ban.spec
@ -1,7 +1,7 @@
 Summary: Ban IPs that make too many password failures
 Name: fail2ban
 Version: 0.8.8
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2+
 Group: System Environment/Daemons
 URL: http://fail2ban.sourceforge.net/
@ -13,6 +13,14 @@ Patch1: fail2ban-0.8.7.1-sshd.patch
 # Do not use pam_unix failure messages to ban sshd
 # https://github.com/fail2ban/fail2ban/issues/106
 Patch2: fail2ban-0.8.8-sshd-pam.patch
+# Upstream patch to fix module loading
+# https://github.com/fail2ban/fail2ban/issues/112
+# https://bugzilla.redhat.com/show_bug.cgi?id=892365
+Patch3: fail2ban-import.patch
+# Upstream patch to fix UTF-8 characters in hostnames
+# https://github.com/fail2ban/fail2ban/issues/113
+# https://bugzilla.redhat.com/show_bug.cgi?id=905097
+Patch4: fail2ban-utf8.patch
 Patch6: fail2ban-0.8.3-log2syslog.patch
 Patch7: asyncserver.start_selinux.patch
 Patch8: fail2ban-0.8.7.1-notmp.patch
@ -21,7 +29,8 @@ BuildRequires: python-devel >= 2.3
 # For testcases
 BuildRequires: python-inotify
 BuildArch: noarch
-Requires: iptables, tcp_wrappers, shorewall, gamin-python
+Requires: iptables
+Requires: gamin-python
 Requires: python-inotify
 Requires: initscripts
 Requires(post): /sbin/chkconfig
@ -33,11 +42,17 @@ Fail2ban scans log files like /var/log/pwdfail or
 /var/log/apache/error_log and bans IP that makes too many password
 failures. It updates firewall rules to reject the IP address.

+To use the hostsdeny and shorewall actions you must install tcp_wrappers
+and shorewall respectively.
+
+
 %prep
 %setup -q
 %patch0 -p1 -b .init
 %patch1 -p1 -b .sshd
 %patch2 -p1 -b .sshd-pam
+%patch3 -p1 -b .import
+%patch4 -p1 -b .utf8
 %patch6 -p1 -b .log2syslog
 %patch7 -p1 -b .fd_cloexec2
 %patch8 -p1 -b .notmp
@ -98,6 +113,10 @@ fi
 %dir %{_localstatedir}/lib/fail2ban/

 %changelog
+* Thu Feb 14 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-3
+- Add patch from upstream to fix module imports (Bug #892365)
+- Add patch from upstream to UTF-8 characters in syslog (Bug #905097)
+
 * Fri Jan 18 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-2
 - Add patch to prevent sshd blocks of successful logins for systems that use
  sssd or ldap