proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

13 files changed, 446 insertions, 0 deletions

diff --git a/net-ftp/netkit-ftpd/Manifest b/net-ftp/netkit-ftpd/Manifest
new file mode 100644
index 000000000000..afd1ff7cc929
--- /dev/null
+++ b/net-ftp/netkit-ftpd/Manifest
@@ -0,0 +1,2 @@
+DIST linux-ftpd-0.17-ssl.patch 36459 SHA256 0082ee6a71fdd83f61e63166f7bbba97c204cdc67f9e1bf10f2df31590fba780 SHA512 f27dd2f9a50a2b3c38131c46cdb4420f81abfdbb7cd7e70d00e864da3e4562363d585a308e57b9abce7db64ede8d02e41710101e618f6c14489193776b2b1e71 WHIRLPOOL 1c2fb70da4bd8b8e5189dc3eb4c9606b056d905e89f397938358247fcd35dea26e1728ddd752748e1cd4364c0f140cf94f6c8932e5c3ee930b8ca22379982206
+DIST linux-ftpd-0.17.tar.gz 46763 SHA256 65a0b249e38bf3c3a16dbd4d3edd2657683ca8f47b307e92007f378b21d2fa65 SHA512 160191baa904b4c404473e2c1de23813de1b31cbb11a3c28ff64f9953aec8270b74d865a57d5aaa6d25cf404c8aeadff05348a9b32847a2a137ef4c998557d58 WHIRLPOOL 5f0783a2ddc11519132db10ed837241eec8ef9cddff00891728ead29a4170858d96518bb05b8bf0dfa9204b1ed5033ffbc3d0106b9ccd1dca201e4d5a2819f46
diff --git a/net-ftp/netkit-ftpd/files/ftp.xinetd b/net-ftp/netkit-ftpd/files/ftp.xinetd
new file mode 100644
index 000000000000..b69694d1dcf6
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/ftp.xinetd
@@ -0,0 +1,13 @@
+# default: off
+# $Id$
+# description: The netkit ftp daemon with optional SSL support.
+
+service ftp
+{
+	socket_type		= stream
+	protocol		= tcp
+	wait			= no
+	user			= root
+	server			= /usr/bin/ftpd
+	disable			= yes
+}
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch
new file mode 100644
index 000000000000..e1b50c825bfc
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch
@@ -0,0 +1,108 @@
+http://bugs.gentoo.org/239047
+
+--- linux-ftpd-0.17/ftpd/extern.h
++++ linux-ftpd-0.17/ftpd/extern.h
+@@ -43,7 +43,7 @@ void	dologout __P((int));
+ void	fatal __P((const char *));
+ int	ftpd_pclose __P((FILE *));
+ FILE   *ftpd_popen __P((char *, const char *));
+-char   *ftpd_getline __P((char *, int, FILE *));
++int	ftpd_getline __P((char *, int, FILE *));
+ void	ftpdlogwtmp __P((const char *, const char *, const char *));
+ void	lreply __P((int, const char *, ...));
+ void	makedir __P((char *));
+--- linux-ftpd-0.17/ftpd/ftpcmd.y
++++ linux-ftpd-0.17/ftpd/ftpcmd.y
+@@ -980,7 +980,7 @@ static struct tab *lookup(struct tab *p,
+ /*
+  * getline - a hacked up version of fgets to ignore TELNET escape codes.
+  */
+-char * ftpd_getline(char *s, int n, FILE *iop)
++int ftpd_getline(char *s, int n, FILE *iop)
+ {
+ 	int c;
+ 	register char *cs;
+@@ -995,7 +995,7 @@ char * ftpd_getline(char *s, int n, FILE
+ 			if (debug)
+ 				syslog(LOG_DEBUG, "command: %s", s);
+ 			tmpline[0] = '\0';
+-			return(s);
++			return(0);
+ 		}
+ 		if (c == 0)
+ 			tmpline[0] = '\0';
+@@ -1037,11 +1037,22 @@ char * ftpd_getline(char *s, int n, FILE
+ 		    }
+ 		}
+ 		*cs++ = c;
+-		if (--n <= 0 || c == '\n')
++		if (--n <= 0) {
++			/*
++			 * If command doesn't fit into buffer, discard the
++			 * rest of the command and indicate truncation.
++			 * This prevents the command to be split up into
++			 * multiple commands.
++			 */
++			while (c != '\n' && (c = getc(iop)) != EOF)
++				;
++			return (-2);
++		}
++		if (c == '\n')
+ 			break;
+ 	}
+ 	if (c == EOF && cs == s)
+-		return (NULL);
++		return (-1);
+ 	*cs++ = '\0';
+ 	if (debug) {
+ 		if (!guest && strncasecmp("pass ", s, 5) == 0) {
+@@ -1061,7 +1072,7 @@ char * ftpd_getline(char *s, int n, FILE
+ 			syslog(LOG_DEBUG, "command: %.*s", len, s);
+ 		}
+ 	}
+-	return (s);
++	return (0);
+ }
+ 
+ void toolong(int signo)
+@@ -1090,9 +1101,14 @@ static int yylex(void)
+ 		case CMD:
+ 			(void) signal(SIGALRM, toolong);
+ 			(void) alarm((unsigned) timeout);
+-			if (ftpd_getline(cbuf, sizeof(cbuf)-1, stdin)==NULL) {
++			n = ftpd_getline(cbuf, sizeof(cbuf)-1, stdin);
++			if (n == -1) {
+ 				reply(221, "You could at least say goodbye.");
+ 				dologout(0);
++			} else if (n == -2) {
++				reply(500, "Command too long.");
++				alarm(0);
++				continue;
+ 			}
+ 			(void) alarm(0);
+ 			if ((cp = strchr(cbuf, '\r'))) {
+--- linux-ftpd-0.17/ftpd/ftpd.c
++++ linux-ftpd-0.17/ftpd/ftpd.c
+@@ -2210,6 +2210,7 @@ void dologout(int status)
+ static void myoob(int signo)
+ {
+ 	char *cp;
++	int ret;
+ 	int save_errno = errno;
+ 
+ 	(void)signo;
+@@ -2218,9 +2219,13 @@ static void myoob(int signo)
+ 	if (!transflag)
+ 		return;
+ 	cp = tmpline;
+-	if (ftpd_getline(cp, 7, stdin) == NULL) {
++	ret = ftpd_getline(cp, 7, stdin);
++	if (ret == -1) {
+ 		reply(221, "You could at least say goodbye.");
+ 		dologout(0);
++	} else if (ret == -2) {
++		/* Ignore truncated command */
++		return;
+ 	}
+ 	upper(cp);
+ 	if (strcmp(cp, "ABOR\r\n") == 0) {
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch
new file mode 100644
index 000000000000..6df58378c93f
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-build.patch
@@ -0,0 +1,43 @@
+--- configure
++++ configure
+@@ -114,40 +114,6 @@
+      echo 'no'
+ fi
+ 
+-if [ x$DEBUG = x ]; then
+-    echo -n "Checking if $CC accepts -O2... "
+-    if (
+-         $CC -O2 __conftest.c -o __conftest
+-       ) >/dev/null 2>&1; then
+-         echo 'yes'
+-         CFLAGS="$CFLAGS -O2"
+-    else
+-         echo 'no'
+-         echo -n "Checking if $CC accepts -O... "
+-         if (
+-              $CC -O __conftest.c -o __conftest
+-            ) >/dev/null 2>&1; then
+-              echo 'yes'
+-              CFLAGS="$CFLAGS -O"
+-         else
+-              echo 'no'
+-         fi
+-    fi
+-
+-else
+-    echo -n "Checking if $CC accepts -g... "
+-    if (
+-         $CC -g __conftest.c -o __conftest
+-       ) >/dev/null 2>&1; then
+-         echo 'yes'
+-         CFLAGS="$CFLAGS -g"
+-    else
+-         echo 'no'
+-    fi
+-
+-fi
+-
+-LDFLAGS=
+ LIBS=
+ 
+ rm -f __conftest*
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch
new file mode 100644
index 000000000000..e228eaceda5f
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup-ssl.patch
@@ -0,0 +1,10 @@
+--- ftpd/ftpcmd.y
++++ ftpd/ftpcmd.y
+@@ -109,6 +109,7 @@
+ typedef struct ssl_st SSL;
+ int     SSL_write(SSL *ssl,const char *buf,int num);
+ extern int do_ssl_start(void);
++int ssl_getc(SSL *ssl_con);
+ extern int ssl_secure_flag;
+ extern int ssl_active_flag;
+ extern SSL *ssl_con;
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch
new file mode 100644
index 000000000000..73289adfba05
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cleanup.patch
@@ -0,0 +1,10 @@
+--- ftpd/logwtmp.c
++++ ftpd/logwtmp.c
+@@ -43,6 +43,7 @@
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <sys/stat.h>
++#include <time.h>
+ 
+ #include <fcntl.h>
+ #include <utmp.h>
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch
new file mode 100644
index 000000000000..cb6ad986a914
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-cross.patch
@@ -0,0 +1,45 @@
+--- configure.orig	2008-05-11 12:02:50.000000000 -0700
++++ configure	2008-05-11 12:04:14.000000000 -0700
+@@ -93,7 +93,7 @@
+     echo -n 'Checking if C compiler works... '
+     if (
+           $CC __conftest.c -o __conftest || exit 1
+-          ./__conftest || exit 1
++          [ -e __conftest ] || exit 1
+        ) >/dev/null 2>&1; then
+          echo 'yes'
+      else
+@@ -169,13 +169,13 @@
+ EOF
+ if (
+       $CC $CFLAGS  __conftest.c  -o __conftest || exit 1
+-      ./__conftest || exit 1
++      [ -e __conftest ] || exit 1
+    ) >/dev/null 2>&1; then
+     echo 'yes'
+ else
+     if (
+           $CC $CFLAGS -D__USE_BSD_SIGNAL __conftest.c  -o __conftest || exit 1
+-          ./__conftest || exit 1
++          [ -e ./__conftest ] || exit 1
+        ) >/dev/null 2>&1; then
+         echo '-D__USE_BSD_SIGNAL'
+         CFLAGS="$CFLAGS -D__USE_BSD_SIGNAL"
+@@ -311,7 +311,7 @@
+ else
+     if (
+           $CC $CFLAGS -D_GNU_SOURCE __conftest.c  -o __conftest || exit 1
+-          ./__conftest || exit 1
++          [ -e ./__conftest ] || exit 1
+        ) >/dev/null 2>&1; then
+         echo '-D_GNU_SOURCE'
+         CFLAGS="$CFLAGS -D_GNU_SOURCE"
+@@ -342,7 +342,7 @@
+ EOF
+ if (
+       $CC $CFLAGS  __conftest.c $LIBBSD -o __conftest || exit 1
+-      ./__conftest || exit 1
++      [ -e ./__conftest ] || exit 1
+    ) >/dev/null 2>&1; then
+     echo 'ok'
+ else
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch
new file mode 100644
index 000000000000..5da61aee7343
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch
@@ -0,0 +1,24 @@
+diff -u linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
+--- linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
++++ linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
+@@ -1729,7 +1729,7 @@
+ static FILE * dataconn(const char *name, off_t size, const char *mode, int stou)
+ {
+ 	char sizebuf[32];
+-	FILE *file;
++	FILE *file = NULL;
+ 	int retry = 0, tos;
+ 
+ 	file_size = size;
+@@ -1822,7 +1822,10 @@
+ 				    ERR_error_string(ERR_get_error(),NULL));
+ 			perror_reply(425, errbuf);
+ 			/* abort time methinks ... */
+-			fclose(file);
++			if(file != NULL){
++				fclose(file);
++				file = NULL;
++			}
+ 			return NULL;
+ 		    } else {
+ 			if (ssl_debug_flag) {
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch
new file mode 100644
index 000000000000..5f516ce5d356
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-gcc41.patch
@@ -0,0 +1,32 @@
+--- linux-ftpd-0.17/ftpd/ftpcmd.y
++++ linux-ftpd-0.17/ftpd/ftpcmd.y
+@@ -125,7 +125,14 @@
+ char	cbuf[512];
+ char	*fromname;
+ 
+-struct tab;
++struct tab {
++	const char	*name;
++	short	token;
++	short	state;
++	short	implemented;	/* 1 if command is implemented */
++	const char	*help;
++};
++
+ static int	 yylex __P((void));
+ static void	 sizecmd __P((char *));
+ static void	 help __P((struct tab *, char *));
+@@ -891,13 +898,6 @@
+ #define	SITECMD	7	/* SITE command */
+ #define	NSTR	8	/* Number followed by a string */
+ 
+-struct tab {
+-	const char	*name;
+-	short	token;
+-	short	state;
+-	short	implemented;	/* 1 if command is implemented */
+-	const char	*help;
+-};
+ 
+ struct tab cmdtab[] = {		/* In order defined in RFC 765 */
+         { "AUTH", AUTH, STR1, 1,	"<sp> auth_type" },
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch
new file mode 100644
index 000000000000..f5d0cf75fcfd
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-setguid.patch
@@ -0,0 +1,66 @@
+--- linux-ftpd-0.17/ftpd/popen.c
++++ linux-ftpd-0.17/ftpd/popen.c
+@@ -169,8 +169,13 @@
+ 		 * XXX: this doesn't seem right... and shouldn't
+ 		 * we initgroups, or at least setgroups(0,0)?
+ 		 */
+-		setgid(getegid());
+-		setuid(i);
++
++/*
++ * PSz 25 Aug 06  Must check the return status of these setgid/setuid calls,
++ * see  http://www.bress.net/blog/archives/34-setuid-madness.html
++ */
++		if ( setgid(getegid())	!= 0 ) _exit(1);
++		if ( setuid(i)		!= 0 ) _exit(1);
+  
+ #ifndef __linux__
+ /* 
+--- linux-ftpd-0.17/ftpd/ftpd.c
++++ linux-ftpd-0.17/ftpd/ftpd.c
+@@ -1159,6 +1159,13 @@
+ 		}
+ 		strcpy(pw->pw_dir, "/");
+ 		setenv("HOME", "/", 1);
++	}
++	/* PSz 25 Aug 06  chdir for real users done after setting UID */
++	if (seteuid((uid_t)pw->pw_uid) < 0) {
++		reply(550, "Can't set uid.");
++		goto bad;
++	}
++	if (guest || dochroot) { /* do nothing, handled above */
+ 	} else if (chdir(pw->pw_dir) < 0) {
+ 		if (chdir("/") < 0) {
+ 			reply(530, "User %s: can't change directory to %s.",
+@@ -1167,10 +1174,7 @@
+ 		} else
+ 			lreply(230, "No directory! Logging in with home=/");
+ 	}
+-	if (seteuid((uid_t)pw->pw_uid) < 0) {
+-		reply(550, "Can't set uid.");
+-		goto bad;
+-	}
++
+ 	sigfillset(&allsigs);
+ 	sigprocmask(SIG_UNBLOCK,&allsigs,NULL);
+ 
+@@ -1408,7 +1412,8 @@
+ 			goto bad;
+ 		sleep(tries);
+ 	}
+-	(void) seteuid((uid_t)pw->pw_uid);
++/* PSz 25 Aug 06  Check return status */
++	if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1);
+ 	sigfillset(&allsigs);
+ 	sigprocmask (SIG_UNBLOCK, &allsigs, NULL);
+ 
+@@ -1440,7 +1445,8 @@
+ bad:
+ 	/* Return the real value of errno (close may change it) */
+ 	t = errno;
+-	(void) seteuid((uid_t)pw->pw_uid);
++/* PSz 25 Aug 06  Check return status */
++	if (seteuid((uid_t)pw->pw_uid) != 0) _exit(1);
+ 	sigfillset (&allsigs);
+ 	sigprocmask (SIG_UNBLOCK, &allsigs, NULL);
+ 	(void) close(s);
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch
new file mode 100644
index 000000000000..79a241ff9c51
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-shadowfix.patch
@@ -0,0 +1,28 @@
+--- linux-ftpd-0.17/ftpd/Makefile
++++ linux-ftpd-0.17-patched/ftpd/Makefile
+@@ -19,7 +19,11 @@
+ all: ftpd
+ 
+ %.o: %.c
++ ifdef USE_SHADOW
++	$(CC) $(CFLAGS) -DUSE_SHADOW -DHASSETPROCTITLE $< -c
++ else
+ 	$(CC) $(CFLAGS) -DHASSETPROCTITLE $< -c
++ endif
+ 
+ ftpcmd.c: %.c: %.y
+ 	$(YACC) $<
+--- linux-ftpd-0.17/support/Makefile
++++ linux-ftpd-0.17-patched/support/Makefile
+@@ -5,7 +5,11 @@
+ all: libsupport.a
+ 
+ %.o: %.c
++ ifdef USE_SHADOW
++	$(CC) $(CFLAGS) -DUSE_SHADOW -DHASSETPROCTITLE $< -c
++ else
+ 	$(CC) $(CFLAGS) -DHASSETPROCTITLE $< -c
++ endif
+ 
+ libsupport.a: $(OBJS)
+ 	ar -cruv $@ $^
diff --git a/net-ftp/netkit-ftpd/metadata.xml b/net-ftp/netkit-ftpd/metadata.xml
new file mode 100644
index 000000000000..0384a4ab03a7
--- /dev/null
+++ b/net-ftp/netkit-ftpd/metadata.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>base-system</herd> 
+</pkgmetadata>
diff --git a/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r8.ebuild b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r8.ebuild
new file mode 100644
index 000000000000..2d1a8a477e7f
--- /dev/null
+++ b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r8.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+inherit eutils ssl-cert toolchain-funcs
+
+MY_P="linux-ftpd-${PV}"
+DESCRIPTION="The netkit FTP server with optional SSL support"
+HOMEPAGE="http://www.hcs.harvard.edu/~dholland/computers/netkit.html"
+SRC_URI="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/${MY_P}.tar.gz
+	mirror://gentoo/${MY_P}-ssl.patch"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="alpha amd64 arm ia64 ppc ~ppc64 s390 sh sparc x86"
+IUSE="ssl"
+
+DEPEND="ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}
+	virtual/inetd
+	!www-servers/publicfile"
+
+S=${WORKDIR}/${MY_P}
+
+src_unpack() {
+	unpack ${MY_P}.tar.gz
+	cd "${S}"
+	use ssl && epatch "${DISTDIR}"/${MY_P}-ssl.patch "${FILESDIR}"/${P}-cleanup-ssl.patch
+	epatch "${FILESDIR}"/${P}-cleanup.patch
+	epatch "${FILESDIR}"/${P}-build.patch
+	epatch "${FILESDIR}"/${P}-shadowfix.patch
+	epatch "${FILESDIR}"/${P}-gcc41.patch
+	epatch "${FILESDIR}"/${P}-setguid.patch
+	epatch "${FILESDIR}"/${P}-cross.patch
+	epatch "${FILESDIR}"/${P}-CVE-2008-4247.patch #239047
+	use ssl && epatch "${FILESDIR}"/${P}-fclose-CVE-2007-6263.patch #199206
+}
+
+src_compile() {
+	tc-export CC
+	./configure --prefix=/usr || die "configure failed"
+	emake || die "parallel make failed"
+}
+
+src_install() {
+	dobin ftpd/ftpd || die
+	doman ftpd/ftpd.8
+	dodoc README ChangeLog
+	insinto /etc/xinetd.d
+	newins "${FILESDIR}"/ftp.xinetd ftp
+}
+
+pkg_postinst() {
+	if use ssl ; then
+		install_cert /etc/ssl/certs/ftpd
+		elog "In order to start the server with SSL support"
+		elog "You need a certificate /etc/ssl/certs/ftpd.pem."
+		elog "A temporary certificiate has been created."
+	fi
+}