Update to 0.9.6

Fix sendmail-auth filter (bug #1329919)
8 years ago · eaa8e0f385
parent 61410ac257
commit eaa8e0f385
6 changed files with 23 additions and 98 deletions
--- a/.gitignore
+++ b/.gitignore
@ -11,3 +11,4 @@ fail2ban-0.8.4.tar.bz2
 /fail2ban-0.9.3.tar.gz
 /fail2ban-0.9.4.tar.gz
 /fail2ban-0.9.5.tar.gz
+/fail2ban-0.9.6.tar.gz
--- a/c49fe12f701807a8d89bfe57c9f7f492375a0a53.patch
+++ b/c49fe12f701807a8d89bfe57c9f7f492375a0a53.patch
@ -1,60 +0,0 @@
-From c49fe12f701807a8d89bfe57c9f7f492375a0a53 Mon Sep 17 00:00:00 2001
-From: sebres <serg.brester@sebres.de>
-Date: Mon, 15 Aug 2016 12:53:40 +0200
-Subject: [PATCH] fix fail2banregextestcase using setUpMyTime/tearDownMyTime:
- always use correct static time as base-time (using mock up MyTime), correct
- datetimes inside test
-
---
- fail2ban/tests/fail2banregextestcase.py | 13 +++++++------
- 1 file changed, 7 insertions(+), 6 deletions(-)
-
-diff --git a/fail2ban/tests/fail2banregextestcase.py b/fail2ban/tests/fail2banregextestcase.py
-index 3321ffd..1119efd 100644
--- a/fail2ban/tests/fail2banregextestcase.py
-+++ b/fail2ban/tests/fail2banregextestcase.py
-@@ -39,7 +39,7 @@
- 
- from ..client import fail2banregex
- from ..client.fail2banregex import Fail2banRegex, get_opt_parser, output
-from .utils import LogCaptureTestCase, logSys
-+from .utils import setUpMyTime, tearDownMyTime, LogCaptureTestCase, logSys
- from .utils import CONFIG_DIR
- 
- 
-@@ -70,10 +70,12 @@ class Fail2banRegexTest(LogCaptureTestCase):
- 	def setUp(self):
- 		"""Call before every test case."""
- 		LogCaptureTestCase.setUp(self)
-+		setUpMyTime()
- 
- 	def tearDown(self):
- 		"""Call after every test case."""
- 		LogCaptureTestCase.tearDown(self)
-+		tearDownMyTime()
- 
- 	def testWrongRE(self):
- 		(opts, args, fail2banRegex) = _Fail2banRegex(
-@@ -159,8 +161,8 @@ def testVerbose(self):
- 		self.assertTrue(fail2banRegex.start(opts, args))
- 		self.assertLogged('Lines: 13 lines, 0 ignored, 5 matched, 8 missed')
- 
-		self.assertLogged('141.3.81.106  Fri Aug 14 11:53:59 2015')
-		self.assertLogged('141.3.81.106  Fri Aug 14 11:54:59 2015')
-+		self.assertLogged('141.3.81.106  Sun Aug 14 11:53:59 2005')
-+		self.assertLogged('141.3.81.106  Sun Aug 14 11:54:59 2005')
- 
- 	def testWronChar(self):
- 		(opts, args, fail2banRegex) = _Fail2banRegex(
-@@ -169,9 +171,8 @@ def testWronChar(self):
- 		self.assertTrue(fail2banRegex.start(opts, args))
- 		self.assertLogged('Lines: 4 lines, 0 ignored, 2 matched, 2 missed')
- 
-		self.assertLogged('Error decoding line');
-		self.assertLogged('Continuing to process line ignoring invalid characters:', '2015-01-14 20:00:58 user ');
-		self.assertLogged('Continuing to process line ignoring invalid characters:', '2015-01-14 20:00:59 user ');
-+		self.assertLogged('Error decoding line')
-+		self.assertLogged('Continuing to process line ignoring invalid characters:')
- 
- 		self.assertLogged('Nov  8 00:16:12 main sshd[32548]: input_userauth_request: invalid user llinco')
- 		self.assertLogged('Nov  8 00:16:12 main sshd[32547]: pam_succeed_if(sshd:auth): error retrieving information about user llinco')
--- a/fail2ban-sendmail.patch
+++ b/fail2ban-sendmail.patch
@ -1,14 +1,14 @@
-commit 6a5f8ddf63658f3645a88988641c06d5a9625c00
-Author: Orion Poplawski <orion@cora.nwra.com>
-Date:   Mon Oct 3 16:26:11 2016 -0600
-
-    Add sendmail journalmatch options
-
-diff --git a/config/filter.d/sendmail-auth.conf b/config/filter.d/sendmail-auth.conf
-index 138fbb8..7886e60 100644
--- a/config/filter.d/sendmail-auth.conf
-+++ b/config/filter.d/sendmail-auth.conf
-@@ -13,6 +13,10 @@ failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: po
+diff -up fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-auth.conf
+--- fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail	2017-01-06 19:00:12.228687290 -0700
+++ fail2ban-0.9.6/config/filter.d/sendmail-auth.conf	2017-01-06 19:01:33.991702030 -0700
+@@ -7,12 +7,16 @@ before = common.conf
+ 
+ [Definition]
+ 
+-_daemon = (?:sm-(mta|acceptingconnections))
+_daemon = (?:sendmail|sm-(?:mta|acceptingconnections))
+ 
+ failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
 
 ignoreregex =
 
@ -19,10 +19,9 @@ index 138fbb8..7886e60 100644
 # DEV Notes:
 #
 # Author: Daniel Black
-diff --git a/config/filter.d/sendmail-reject.conf b/config/filter.d/sendmail-reject.conf
-index 93b8343..219d910 100644
--- a/config/filter.d/sendmail-reject.conf
-+++ b/config/filter.d/sendmail-reject.conf
+diff -up fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-reject.conf
+--- fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail	2017-01-06 19:00:12.229687303 -0700
+++ fail2ban-0.9.6/config/filter.d/sendmail-reject.conf	2017-01-06 19:00:12.229687303 -0700
@@ -33,6 +33,8 @@ ignoreregex =
 
 [Init]
--- a/fail2ban-test.patch
+++ b/fail2ban-test.patch
@ -1,12 +0,0 @@
-diff -up fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py.test fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py
--- fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py.test	2016-03-09 10:43:53.649645648 -0700
-+++ fail2ban-0.9.4/fail2ban/tests/clientreadertestcase.py	2016-03-09 11:00:19.208546116 -0700
-@@ -632,8 +632,6 @@ class JailsReaderTest(LogCaptureTestCase
- 
- 			# and we know even some of them by heart
- 			for j in ['sshd', 'recidive']:
-				# by default we have 'auto' backend ATM
-				self.assertTrue(['add', j, 'auto'] in comm_commands)
- 				# and warn on useDNS
- 				self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
- 				self.assertTrue(['start', j] in comm_commands)
--- a/fail2ban.spec
+++ b/fail2ban.spec
@ -1,17 +1,11 @@
 Summary: Daemon to ban hosts that cause multiple authentication errors
 Name: fail2ban
-Version: 0.9.5
-Release: 5%{?dist}
+Version: 0.9.6
+Release: 1%{?dist}
 License: GPLv2+
 URL: http://fail2ban.sourceforge.net/
 Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
 #Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz
-# Fix failing test
-# https://github.com/fail2ban/fail2ban/issues/1353
-Patch0: fail2ban-test.patch
-# Upstream patch to fix failing tests
-# https://github.com/fail2ban/fail2ban/commit/c49fe12f701807a8d89bfe57c9f7f492375a0a53
-Patch1: https://github.com/fail2ban/fail2ban/commit/c49fe12f701807a8d89bfe57c9f7f492375a0a53.patch
 # Give up being PartOf iptables for now
 # https://bugzilla.redhat.com/show_bug.cgi?id=1379141
 Patch2: fail2ban-partof.patch
@ -163,8 +157,6 @@ by default.

 %prep
 %setup -q
-%patch0 -p1 -b .test
-%patch1 -p1
 %patch2 -p1 -b .partof
 %patch3 -p1 -b .sendmail
 # Use Fedora paths
@ -250,6 +242,7 @@ fi
 %files server
 %doc README.md TODO ChangeLog COPYING doc/*.txt
 %{_bindir}/fail2ban-client
+%{_bindir}/fail2ban-python
 %{_bindir}/fail2ban-regex
 %{_bindir}/fail2ban-server
 %{python3_sitelib}/*
@ -304,6 +297,10 @@ fi


 %changelog
+* Fri Jan 6 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-1
+- Update to 0.9.6
+- Fix sendmail-auth filter (bug #1329919)
+
 * Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 0.9.5-5
 - Rebuild for Python 3.6

--- a/2
+++ b/2
@ -1 +1 @@
-1b59fc84a40b790e3f959257d64ab313  fail2ban-0.9.5.tar.gz
+SHA512 (fail2ban-0.9.6.tar.gz) = 4a0c09451409f81882664c2316867aa1c45572018b7f4647f8dc356f9115c9c2ff4a17098ef249bcc6712acfed6b5c99518b1c069ef1bf253d96c900d29be1d2