added awstats ebuild

net-www/awstats/files/awstats-6.3-gentoo.diff

@@ -0,0 +1,32 @@
+diff -urN awstats-6.3.orig/tools/awstats_configure.pl awstats-6.3/tools/awstats_configure.pl
+--- awstats-6.3.orig/tools/awstats_configure.pl	2005-01-24 09:28:43.980923725 -0500
++++ awstats-6.3/tools/awstats_configure.pl	2005-01-24 09:28:52.034571769 -0500
+@@ -658,13 +658,27 @@
+     		print "\n-----> Restart Web server with '$command'\n";
+ 	 	    my $ret=`$command`;
+ 	 	    print "$ret";
++	} elsif (-f "/etc/gentoo-release") {
++	    my $command;
++	    if (-x "/usr/sbin/apache2ctl") {
++		$command="/usr/sbin/apache2ctl graceful";
++	    } elsif (-x "/usr/sbin/apachectl") {
++		$command="/usr/sbin/apachectl graceful";
++	    } else {
++       		print "\n-----> Don't forget to restart manually your web server\n";
++	    }
++	    if ($command != "") {
++		print "\n-----> Restart Web server with '$command'\n";
++		my $ret=`$command`;
++		print "$ret";
++	    }
+         } elsif (-x "/sbin/service") {
+             # We are not on debian
+        	 	my $command="/sbin/service httpd restart";
+     		print "\n-----> Restart Web server with '$command'\n";
+ 	 	    my $ret=`$command`;
+ 	 	    print "$ret";
+-   	 	} else {
++		} else {
+        		print "\n-----> Don't forget to restart manually your web server\n";
+         }
+ 	}

net-www/awstats/files/awstats-6.5-CVE-2006-2237-CVE-2006-1945.diff

@@ -0,0 +1,147 @@
+Index: awstats-6.5/wwwroot/cgi-bin/awstats.pl
+===================================================================
+--- awstats-6.5.orig/wwwroot/cgi-bin/awstats.pl
++++ awstats-6.5/wwwroot/cgi-bin/awstats.pl
+@@ -1131,7 +1131,7 @@ sub Read_Config {
+ 	my $configdir=shift;
+ 	my @PossibleConfigDir=();
+ 
+-	if ($configdir) { @PossibleConfigDir=("$configdir"); }
++	if ($configdir && $ENV{"AWSTATS_ENABLE_CONFIG_DIR"}) { @PossibleConfigDir=("$configdir"); }
+ 	else { @PossibleConfigDir=("$DIR","/etc/awstats","/usr/local/etc/awstats","/etc","/etc/opt/awstats"); }
+ 
+ 	# Open config file
+@@ -5534,7 +5534,7 @@ if ($ENV{'GATEWAY_INTERFACE'}) {	# Run f
+ 	    $QueryString =~ s/&/&/g;
+ 	}
+ 
+-	$QueryString = CleanFromCSSA($QueryString);
++	$QueryString = CleanFromCSSA(&DecodeEncodedString($QueryString));
+ 
+     # Security test
+ 	if ($QueryString =~ /LogFile=([^&]+)/i)				{ error("Logfile parameter can't be overwritten when AWStats is used from a CGI"); }
+@@ -5542,7 +5542,7 @@ if ($ENV{'GATEWAY_INTERFACE'}) {	# Run f
+ 	# No update but report by default when run from a browser
+ 	$UpdateStats=($QueryString=~/update=1/i?1:0);
+ 
+-	if ($QueryString =~ /config=([^&]+)/i)				{ $SiteConfig=&DecodeEncodedString("$1"); }
++	if ($QueryString =~ /config=([^&]+)/i)				{ $SiteConfig=&Sanitize(&DecodeEncodedString("$1")); }
+ 	if ($QueryString =~ /diricons=([^&]+)/i)			{ $DirIcons=&DecodeEncodedString("$1"); }
+ 	if ($QueryString =~ /pluginmode=([^&]+)/i)			{ $PluginMode=&Sanitize(&DecodeEncodedString("$1"),1); }
+ 	if ($QueryString =~ /configdir=([^&]+)/i)			{ $DirConfig=&Sanitize(&DecodeEncodedString("$1")); }
+@@ -5561,7 +5561,7 @@ if ($ENV{'GATEWAY_INTERFACE'}) {	# Run f
+ 
+ 	# If migrate
+ 	if ($QueryString =~ /(^|-|&|&)migrate=([^&]+)/i)	{
+-		$MigrateStats=&DecodeEncodedString("$2"); 
++		$MigrateStats=&Sanitize(&DecodeEncodedString("$2"));
+ 		$MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/;
+ 		$SiteConfig=$5?$5:'xxx'; $SiteConfig =~ s/^\.//;		# SiteConfig is used to find config file
+ 	}
+@@ -5591,7 +5591,7 @@ else {								# Run from command line
+ 	# Update with no report by default when run from command line
+ 	$UpdateStats=1;
+ 
+-	if ($QueryString =~ /config=([^&]+)/i)				{ $SiteConfig="$1"; }
++	if ($QueryString =~ /config=([^&]+)/i)				{ $SiteConfig=&Sanitize("$1"); }
+ 	if ($QueryString =~ /diricons=([^&]+)/i)			{ $DirIcons="$1"; }
+ 	if ($QueryString =~ /pluginmode=([^&]+)/i)			{ $PluginMode=&Sanitize("$1",1); }
+ 	if ($QueryString =~ /configdir=([^&]+)/i)			{ $DirConfig=&Sanitize("$1"); }
+Index: awstats-6.5/tools/awstats_buildstaticpages.pl
+===================================================================
+--- awstats-6.5.orig/tools/awstats_buildstaticpages.pl
++++ awstats-6.5/tools/awstats_buildstaticpages.pl
+@@ -75,7 +75,7 @@ $nowsec $nowmin $nowhour $nowday $nowmon
+ # Return:		None
+ #------------------------------------------------------------------------------
+ sub error {
+-	print "Error: $_[0].\n";
++	print STDERR "Error: $_[0].\n";
+     exit 1;
+ }
+ 
+@@ -95,7 +95,7 @@ sub warning {
+ #    		print "$messagestring<br />\n";
+ #    	}
+ #    	else {
+-	    	print "$messagestring\n";
++	    	print STDERR "$messagestring\n";
+ #    	}
+ #	}
+ }
+Index: awstats-6.5/tools/awstats_configure.pl
+===================================================================
+--- awstats-6.5.orig/tools/awstats_configure.pl
++++ awstats-6.5/tools/awstats_configure.pl
+@@ -87,7 +87,7 @@ $Step=0;
+ # error
+ #-------------------------------------------------------
+ sub error {
+-	print "Error: $_[0].\n";
++	print STDERR "Error: $_[0].\n";
+     exit 1;
+ }
+ 
+Index: awstats-6.5/tools/awstats_exportlib.pl
+===================================================================
+--- awstats-6.5.orig/tools/awstats_exportlib.pl
++++ awstats-6.5/tools/awstats_exportlib.pl
+@@ -93,8 +93,8 @@ sub error {
+ 	my $thirdmessage=shift||"";
+ 	my $donotshowsetupinfo=shift||0;
+ 	if ($Debug) { debug("$message $secondmessage $thirdmessage",1); }
+-	print "$message";
+-	print "\n";
++	print STDERR "$message";
++	print STDERR "\n";
+ 	exit 1;
+ }
+ 
+Index: awstats-6.5/tools/awstats_updateall.pl
+===================================================================
+--- awstats-6.5.orig/tools/awstats_updateall.pl
++++ awstats-6.5/tools/awstats_updateall.pl
+@@ -36,7 +36,7 @@ my $AwstatsProg='';
+ # Return:		None
+ #------------------------------------------------------------------------------
+ sub error {
+-	print "Error: $_[0].\n";
++	print STDERR "Error: $_[0].\n";
+     exit 1;
+ }
+ 
+Index: awstats-6.5/tools/logresolvemerge.pl
+===================================================================
+--- awstats-6.5.orig/tools/logresolvemerge.pl
++++ awstats-6.5/tools/logresolvemerge.pl
+@@ -104,7 +104,7 @@ my $bzcat_file = '\.bz2$';
+ # Return:		None
+ #------------------------------------------------------------------------------
+ sub error {
+-	print "Error: $_[0].\n";
++	print STDERR "Error: $_[0].\n";
+     exit 1;
+ }
+ 
+@@ -133,7 +133,7 @@ sub debug {
+ sub warning {
+ 	my $messagestring=shift;
+ 	if ($Debug) { debug("$messagestring",1); }
+-   	print "$messagestring\n";
++   	print STDERR "$messagestring\n";
+ }
+ 
+ #-----------------------------------------------------------------------------
+Index: awstats-6.5/tools/maillogconvert.pl
+===================================================================
+--- awstats-6.5.orig/tools/maillogconvert.pl
++++ awstats-6.5/tools/maillogconvert.pl
+@@ -56,7 +56,7 @@ $MailType='';				# Mail server family (p
+ #-------------------------------------------------------
+ 
+ sub error {
+-	print "Error: $_[0].\n";
++	print STDERR "Error: $_[0].\n";
+     exit 1;
+ }
+ 

net-www/awstats/files/digest-awstats-6.7-r1

@@ -0,0 +1,3 @@
+MD5 512cd146247eb178ef023c924f7bb766 awstats-6.7.tar.gz 1089638
+RMD160 5a84327871b65cad5cb6dbaded5c223660806953 awstats-6.7.tar.gz 1089638
+SHA256 36344e7c2271393cf60e9a3818392fbece0ff838c83fcf59fed9818dfac5a081 awstats-6.7.tar.gz 1089638

net-www/awstats/files/postinst-en-r1.txt

@@ -0,0 +1,67 @@
+###
+# INSTRUCTIONS:
+#
+# If you would like to require authentication to access AWStats, then use ONE
+# of the example configurations below. There are many other modules and
+# options for authentication which will not be discussed here.
+#
+# NOTE: Related AWStats configuration directives are:
+#
+# AllowAccessFromWebToAuthenticatedUsersOnly=1
+# AllowAccessFromWebToFollowingAuthenticatedUsers="user1 [user2 ...]"
+#
+# You can use these to set a per-domain user access when needed for virtual
+# hosting. That means: only the selected user(s) will have access to stats for
+# the particular domain. All other users will not be allowed to see the domain
+# stats even though they have authenticated successfully.
+###
+
+###
+# SECTION I - Basic Authentication
+#
+# The following example requires mod_auth (apache 2.0) or mod_auth_basic
+# (apache 2.2) to work. Make sure you have installed and enabled it in
+# /etc/apache2/httpd.conf
+#
+# Add your AWStats users to /etc/awstats/.htpasswd file.
+# Please see 'man htpasswd2' for more details if you need.
+#
+# htpasswd2 -c /etc/awstats/.htpasswd username1 htpasswd2
+# /etc/awstats/.htpasswd username2 etc...
+###
+
+#<Location "/cgi-bin/awstats.pl">
+#    AuthType Basic
+#    AuthName "AWStats authenticated zone"
+#    AuthUserFile /etc/awstats/.htpasswd
+#    Require valid-user
+#</Location>
+
+###
+# SECTION II - Digest Authentication
+#
+# The following example requires mod_auth_digest to work.  Make sure you have
+# installed and enabled it in /etc/apache2/httpd.conf
+#
+# Do not forget to replace www.example.com as appropriate. You can also add as
+# many domains as you need to this line.
+#
+# Add your AWStats users to /etc/awstats/.htdigest file. Please see 'man
+# htdigest2' and http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html for
+# more details if you need.
+#
+# htdigest2 -c /etc/awstats/.htdigest "AWStats authenticated zone" username1
+# htdigest2 /etc/awstats/.htdigest "AWStats authenticated zone" username2
+# etc...
+###
+
+#<Location "/cgi-bin/awstats.pl">
+#    AuthType Digest
+#    AuthName "AWStats authenticated zone"
+#    AuthDigestFile /etc/awstats/.htdigest
+#    AuthDigestDomain http://www.example.com https://www.example.com
+#    require valid-user
+#    # The following line is REQUIRED to work around a bug in MSIE.
+#    # See http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html
+#    BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
+#</Directory>

net-www/awstats/files/postinst-en.txt

@@ -0,0 +1,159 @@
+Alias /awstats/classes "/usr/share/webapps/awstats/PVR/htdocs/classes/"
+Alias /awstats/css "/usr/share/webapps/awstats/PVR/htdocs/css/"
+Alias /awstats/icons "/usr/share/webapps/awstats/PVR/htdocs/icon/"
+ScriptAlias /awstats/ "/usr/share/webapps/awstats/PVR/hostroot/cgi-bin/"
+ScriptAlias /awstats "/usr/share/webapps/awstats/PVR/hostroot/cgi-bin/awstats.pl"
+ScriptAlias /awstats.pl "/usr/share/webapps/awstats/PVR/hostroot/cgi-bin/awstats.pl"
+
+<Directory "/usr/share/webapps/awstats/PVR/htdocs">
+    Options None
+    AllowOverride None
+    <IfModule mod_access.c>
+	Order allow,deny
+	Allow from all
+    </IfModule>
+</Directory>
+
+<Directory "/usr/share/webapps/awstats/PVR/hostroot/cgi-bin">
+    Options ExecCGI
+    AllowOverride None
+    <IfModule mod_access.c>
+	Order allow,deny
+	Allow from all
+    </IfModule>
+</Directory>
+
+###
+# NOTE: The following sections are strictly optional. Please read
+# and follow carefully all the instructions before uncommenting
+# any lines. Examples shown below are for Apache 2.0.x ONLY.
+###
+
+###
+# INSTRUCTIONS:
+#
+# If you would like to require authentication to access AWStats,
+# then uncomment ONE of the example Directory sections below.
+#
+# NOTE: Related AWStats configuration directives are:
+#
+# AllowAccessFromWebToAuthenticatedUsersOnly=1
+# AllowAccessFromWebToFollowingAuthenticatedUsers="user1 [user2 ...]"
+#
+# You can use these to set a per-domain user access when needed 
+# for virtual hosting. That means: only the selected user(s) will have
+# access to stats for the particular domain. All other users
+# will not be allowed to see the domain stats even though they
+# have authenticated successfully.
+###
+
+###
+# SECTION I - Basic Authentication
+#
+# The following example requires mod_auth to work.
+# You need to uncomment the following line in apache2.conf 
+# and restart Apache to get the module loaded:
+#
+# LoadModule auth_module                   modules/mod_auth.so
+#
+# Add your AWStats users to /etc/awstats/.htpasswd file.
+# Please see 'man htpasswd2' for more details if you need.
+#
+# htpasswd2 -c /etc/awstats/.htpasswd username1
+# htpasswd2 /etc/awstats/.htpasswd username2
+# etc...
+###
+
+#<IfModule mod_auth.c>
+#<Directory "/usr/share/webapps/awstats/PVR/hostroot">
+#    Options None
+#    AllowOverride None
+#    Order allow,deny
+#    Allow from all
+#
+#    AuthType Basic
+#    AuthName "AWStats authenticated zone"
+#    AuthUserFile /etc/awstats/.htpasswd
+#    Require valid-user
+#
+#</Directory>
+#</IfModule>
+
+###
+# SECTION II - Digest Authentication
+#
+# The following example requires mod_auth_digest to work.
+# You need to uncomment the following line in apache2.conf
+# and restart Apache to get the module loaded:
+#
+# LoadModule auth_digest_module            modules/mod_auth_digest.so
+#
+# Do not forget to replace www.example.com as appropriate. You can also add
+# as many domains as you need to this line.
+#
+# Add your AWStats users to /etc/awstats/.htdigest file. Please see 
+# 'man htdigest2' and http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html
+# for more details if you need.
+#
+# htdigest2 -c /etc/awstats/.htdigest "AWStats authenticated zone" username1
+# htdigest2 /etc/awstats/.htdigest "AWStats authenticated zone" username2
+# etc...
+###
+
+#<IfModule mod_auth_digest.c>
+#<Directory "/usr/share/webapps/awstats/PVR/hostroot">
+#    Options None
+#    AllowOverride None
+#    Order allow,deny
+#    Allow from all
+
+#    AuthType Digest
+#    AuthName "AWStats authenticated zone"
+#    AuthDigestFile /etc/awstats/.htdigest
+#    AuthDigestDomain http://www.example.com https://www.example.com
+#    require valid-user
+#    # The following line is REQUIRED to work around a bug in MSIE.
+#    # See http://httpd.apache.org/docs-2.0/mod/mod_auth_digest.html
+#    BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
+#</Directory>
+#</IfModule>
+
+###
+# SECTION III - MySQL Authentication
+#
+# The following example requires mod_auth_mysql to work.
+# Emerge mod_auth_mysql and follow the instructions in
+# 12_mod_auth_mysql.conf to create MySQL database required
+# for authentication. After you finished adding users, add
+# '-D AUTH_MYSQL' to your /etc/conf.d/apache2 APACHE2_OPTS
+# setting and restart Apache to get the module loaded.
+###
+
+#<IfModule mod_auth_mysql.c>
+#<Directory "/usr/share/webapps/awstats/PVR/hostroot">
+#    Options None
+#    AllowOverride None
+#    Order allow,deny
+#    Allow from all
+
+#    AuthName "AWStats MySQL authenticated zone"
+#    AuthType Basic
+#    AuthMySQLUser authuser
+#    AuthMySQLPassword PaSsW0Rd
+#    AuthMySQLDB auth
+#    AuthMySQLUserTable users
+#    AuthMySQLNameField user_name
+#    AuthMySQLPasswordField user_passwd
+#    # Uncomment the two lines below ONLY if you have
+#    # the required table for group-based MySQL authentication
+#    # in your MySQL database.
+#    #AuthMySQLGroupTable groups
+#    #AuthMySQLGroupField user_group
+#
+#    # Uncomment one of the following directives according
+#    # to the database structure you have chosen.
+#    #require valid-user
+#    #require group your_group_name_here
+
+#</Directory>
+#</IfModule>