summaryrefslogtreecommitdiff
path: root/source/installer
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2013-11-04 17:08:47 +0000
committerEric Hameleers <alien@slackware.com>2018-05-31 22:57:36 +0200
commit76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch)
tree9b98e6e193c7870cb27ac861394c1c4592850922 /source/installer
parent9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff)
downloadcurrent-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013 Slackware 14.1 x86_64 stable is released! It's been another interesting release cycle here at Slackware bringing new features like support for UEFI machines, updated compilers and development tools, the switch from MySQL to MariaDB, and many more improvements throughout the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-)
Diffstat (limited to 'source/installer')
-rwxr-xr-xsource/installer/dropbear/dropbear.Slackbuild57
-rw-r--r--source/installer/dropbear/dropbear.glibc.crypt.diff28
-rw-r--r--source/installer/dropbear/dropbear.xauth.patch8
-rw-r--r--source/installer/dropbear/dropbear_dbclientpath.patch16
-rw-r--r--source/installer/dropbear/dropbear_emptypass.patch63
5 files changed, 86 insertions, 86 deletions
diff --git a/source/installer/dropbear/dropbear.Slackbuild b/source/installer/dropbear/dropbear.Slackbuild
index 5bd3bd99..37ab7c01 100755
--- a/source/installer/dropbear/dropbear.Slackbuild
+++ b/source/installer/dropbear/dropbear.Slackbuild
@@ -23,11 +23,18 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=dropbear
-VERSION=0.50
-ARCH=${ARCH:-i486}
+VERSION=2012.55
BUILD=${BUILD:-10}
TAG=${TAG:-''}
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) ARCH=i486 ;;
+ arm*) ARCH=arm ;;
+ *) ARCH=$( uname -m ) ;;
+ esac
+fi
+
# The programs we want to have as symlinks to dropbearmulti binary:
PROGS="dropbear dbclient dropbearkey dropbearconvert scp ssh"
@@ -36,33 +43,37 @@ PROGS="dropbear dbclient dropbearkey dropbearconvert scp ssh"
# and adding symlinks for ssh and scp without worry
# about overwriting any pre-existing binaries.
-CWD=`pwd`
+CWD=$(pwd)
TMP=${TMP:-/tmp}
PKG=$TMP/pkg-$PRGNAM
-OUTPUT=${OUTPUT:-/tmp}
-if [ "$ARCH" = "i386" ]; then
- SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
-elif [ "$ARCH" = "i486" ]; then
+if [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
-elif [ "$ARCH" = "s390" ]; then
- SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+ LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
fi
rm -rf $PKG
-mkdir -p $TMP $PKG $OUTPUT
+mkdir -p $TMP $PKG
cd $TMP || exit 1
rm -rf $PRGNAM-$VERSION
tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 || exit 1
cd $PRGNAM-$VERSION || exit 1
-# Fix ownership and permissions inside the source tarball.
-# It's appalling how many projects have 777 permissions or
-# even suid, sgid, and sticky bits set on things.
chown -R root:root .
-chmod -R u+w,go+r-w,a-s .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
# Patch to allow empty passwords (used in Slackware's installer):
patch -p1 < $CWD/dropbear_emptypass.patch
@@ -70,6 +81,8 @@ patch -p1 < $CWD/dropbear_emptypass.patch
patch -p0 < $CWD/dropbear.xauth.patch
# Change the path used for dbclient because our prefix is '/' not '/usr':
patch -p1 < $CWD/dropbear_dbclientpath.patch
+# Patch for new glibc crypt() that may return NULL:
+patch -p1 < $CWD/dropbear.glibc.crypt.diff
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
@@ -96,10 +109,8 @@ cp dbclient.1 $PKG/usr/man/man1
cp dropbearkey.8 dropbear.8 $PKG/usr/man/man8
if [ -d $PKG/usr/man ]; then
- (cd $PKG/usr/man
- find . -type f -exec gzip -9 {} \;
- for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
- )
+ find $PKG/usr/man -type f -exec gzip -9 {} \;
+ for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
fi
# Link binaries to dropbearmulti since the 'make install' does not do that
@@ -111,10 +122,10 @@ fi
done
)
-(cd $PKG
- find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
- find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-)
+make install DESTDIR=$PKG
+
+find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \
+ grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
mkdir -p $PKG/etc/rc.d $PKG/etc/dropbear
cp $CWD/rc.dropbear.new $PKG/etc/rc.d/ # doinst.sh will handle .new
@@ -128,4 +139,4 @@ cat $CWD/slack-desc > $PKG/install/slack-desc
cat $CWD/doinst.sh > $PKG/install/doinst.sh
cd $PKG
-/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
+/sbin/makepkg -l y -c n $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
diff --git a/source/installer/dropbear/dropbear.glibc.crypt.diff b/source/installer/dropbear/dropbear.glibc.crypt.diff
new file mode 100644
index 00000000..3184210d
--- /dev/null
+++ b/source/installer/dropbear/dropbear.glibc.crypt.diff
@@ -0,0 +1,28 @@
+
+# HG changeset patch
+# User Matt Johnston <matt@ucc.asn.au>
+# Date 1367250157 -28800
+# Node ID 7bd88d546627ff31d0e2d91e6022b3e77a943efb
+# Parent ea04e3eb03e2c3d59d82e361882711de844068a4
+Avoid segfault for locked accounts (invalid salt to crypt())
+
+diff -r ea04e3eb03e2 -r 7bd88d546627 svr-authpasswd.c
+--- a/svr-authpasswd.c Thu Apr 18 23:15:17 2013 +0800
++++ b/svr-authpasswd.c Mon Apr 29 23:42:37 2013 +0800
+@@ -66,6 +66,14 @@
+ m_burn(password, passwordlen);
+ m_free(password);
+
++ if (testcrypt == NULL) {
++ /* crypt() with an invalid salt like "!!" */
++ dropbear_log(LOG_WARNING, "User account '%s' is locked",
++ ses.authstate.pw_name);
++ send_msg_userauth_failure(0, 1);
++ return;
++ }
++
+ /* check for empty password */
+ if (passwdcrypt[0] == '\0') {
+ dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
+
+
diff --git a/source/installer/dropbear/dropbear.xauth.patch b/source/installer/dropbear/dropbear.xauth.patch
index d01e15e0..e32f0c64 100644
--- a/source/installer/dropbear/dropbear.xauth.patch
+++ b/source/installer/dropbear/dropbear.xauth.patch
@@ -1,10 +1,10 @@
---- options.h.old 2008-01-29 11:54:45.000000000 -0200
-+++ options.h 2008-01-29 11:54:52.000000000 -0200
-@@ -197,7 +197,7 @@
+--- options.h.orig 2013-06-21 21:50:34.859528230 -0500
++++ options.h 2013-06-21 21:52:59.208516285 -0500
+@@ -243,7 +243,7 @@
/* The command to invoke for xauth when using X11 forwarding.
* "-q" for quiet */
#ifndef XAUTH_COMMAND
--#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
+-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q"
+#define XAUTH_COMMAND "/usr/bin/xauth -q"
#endif
diff --git a/source/installer/dropbear/dropbear_dbclientpath.patch b/source/installer/dropbear/dropbear_dbclientpath.patch
index ef5cddc7..781349f8 100644
--- a/source/installer/dropbear/dropbear_dbclientpath.patch
+++ b/source/installer/dropbear/dropbear_dbclientpath.patch
@@ -1,12 +1,12 @@
-diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h
---- dropbear-0.50.orig/options.h 2007-08-08 18:39:38.000000000 +0200
-+++ dropbear-0.50/options.h 2008-03-10 14:43:29.261618300 +0100
-@@ -209,7 +209,7 @@
-
+diff -Nur dropbear-2012.55.orig/options.h dropbear-2012.55/options.h
+--- dropbear-2012.55.orig/options.h 2012-02-23 07:47:06.000000000 -0600
++++ dropbear-2012.55/options.h 2012-04-07 15:12:46.040452209 -0500
+@@ -255,7 +255,7 @@
+
/* This is used by the scp binary when used as a client binary. If you're
* not using the Dropbear client, you'll need to change it */
-#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
+#define _PATH_SSH_PROGRAM "/bin/dbclient"
-
- /* Whether to log commands executed by a client. This only logs the
- * (single) command sent to the server, not what a user did in a
+
+ /* Whether to log commands executed by a client. This only logs the
+ * (single) command sent to the server, not what a user did in a
diff --git a/source/installer/dropbear/dropbear_emptypass.patch b/source/installer/dropbear/dropbear_emptypass.patch
index 995b4d5c..25924008 100644
--- a/source/installer/dropbear/dropbear_emptypass.patch
+++ b/source/installer/dropbear/dropbear_emptypass.patch
@@ -1,51 +1,12 @@
-diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h
---- dropbear-0.50.orig/options.h 2007-08-08 17:39:37.000000000 +0200
-+++ dropbear-0.50/options.h 2008-02-01 00:22:07.000000000 +0100
-@@ -148,6 +148,9 @@
- * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
- #define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
-
-+/* disable server empty password check because root has no password on EZX */
-+#define DISABLE_SVR_EMPTY_PASSWD_CHECK
-+
- /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
- * a helper program for the ssh client. The helper program should be
- * specified in the SSH_ASKPASS environment variable, and dbclient
-diff -uarN dropbear-0.50.orig/svr-auth.c dropbear-0.50/svr-auth.c
---- dropbear-0.50.orig/svr-auth.c 2007-08-08 17:39:37.000000000 +0200
-+++ dropbear-0.50/svr-auth.c 2008-02-01 00:22:07.000000000 +0100
-@@ -236,6 +236,7 @@
- return DROPBEAR_FAILURE;
- }
-
-+#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK
- /* check for an empty password */
- if (ses.authstate.pw->pw_passwd[0] == '\0') {
- TRACE(("leave checkusername: empty pword"))
-@@ -244,6 +245,7 @@
- send_msg_userauth_failure(0, 1);
- return DROPBEAR_FAILURE;
- }
-+#endif
-
- TRACE(("shell is %s", ses.authstate.pw->pw_shell))
-
-diff -uarN dropbear-0.50.orig/svr-authpasswd.c dropbear-0.50/svr-authpasswd.c
---- dropbear-0.50.orig/svr-authpasswd.c 2007-08-08 17:39:37.000000000 +0200
-+++ dropbear-0.50/svr-authpasswd.c 2008-02-01 00:23:00.000000000 +0100
-@@ -60,6 +60,7 @@
- passwdcrypt = DEBUG_HACKCRYPT;
- #endif
-
-+#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK
- /* check for empty password - need to do this again here
- * since the shadow password may differ to that tested
- * in auth.c */
-@@ -69,6 +70,7 @@
- send_msg_userauth_failure(0, 1);
- return;
- }
-+#endif
-
- /* check if client wants to change password */
- changepw = buf_getbool(ses.payload);
+diff -Nur dropbear-2012.55.orig/options.h dropbear-2012.55/options.h
+--- dropbear-2012.55.orig/options.h 2012-02-23 07:47:06.000000000 -0600
++++ dropbear-2012.55/options.h 2012-04-07 15:09:15.676322495 -0500
+@@ -180,7 +180,7 @@
+ * Public key logins are allowed for blank-password accounts regardless of this
+ * setting. PAM is not affected by this setting, it uses the normal pam.d
+ * settings ('nullok' option) */
+-/* #define ALLOW_BLANK_PASSWORD */
++#define ALLOW_BLANK_PASSWORD
+
+ #define ENABLE_CLI_PASSWORD_AUTH
+ #define ENABLE_CLI_PUBKEY_AUTH