diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2013-11-04 17:08:47 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:57:36 +0200 |
commit | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch) | |
tree | 9b98e6e193c7870cb27ac861394c1c4592850922 /source/installer | |
parent | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff) | |
download | current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz |
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/installer')
-rwxr-xr-x | source/installer/dropbear/dropbear.Slackbuild | 57 | ||||
-rw-r--r-- | source/installer/dropbear/dropbear.glibc.crypt.diff | 28 | ||||
-rw-r--r-- | source/installer/dropbear/dropbear.xauth.patch | 8 | ||||
-rw-r--r-- | source/installer/dropbear/dropbear_dbclientpath.patch | 16 | ||||
-rw-r--r-- | source/installer/dropbear/dropbear_emptypass.patch | 63 |
5 files changed, 86 insertions, 86 deletions
diff --git a/source/installer/dropbear/dropbear.Slackbuild b/source/installer/dropbear/dropbear.Slackbuild index 5bd3bd99..37ab7c01 100755 --- a/source/installer/dropbear/dropbear.Slackbuild +++ b/source/installer/dropbear/dropbear.Slackbuild @@ -23,11 +23,18 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=dropbear -VERSION=0.50 -ARCH=${ARCH:-i486} +VERSION=2012.55 BUILD=${BUILD:-10} TAG=${TAG:-''} +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i486 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + # The programs we want to have as symlinks to dropbearmulti binary: PROGS="dropbear dbclient dropbearkey dropbearconvert scp ssh" @@ -36,33 +43,37 @@ PROGS="dropbear dbclient dropbearkey dropbearconvert scp ssh" # and adding symlinks for ssh and scp without worry # about overwriting any pre-existing binaries. -CWD=`pwd` +CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/pkg-$PRGNAM -OUTPUT=${OUTPUT:-/tmp} -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" -elif [ "$ARCH" = "i486" ]; then +if [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else SLKCFLAGS="-O2" + LIBDIRSUFFIX="" fi rm -rf $PKG -mkdir -p $TMP $PKG $OUTPUT +mkdir -p $TMP $PKG cd $TMP || exit 1 rm -rf $PRGNAM-$VERSION tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 || exit 1 cd $PRGNAM-$VERSION || exit 1 -# Fix ownership and permissions inside the source tarball. -# It's appalling how many projects have 777 permissions or -# even suid, sgid, and sticky bits set on things. chown -R root:root . -chmod -R u+w,go+r-w,a-s . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; # Patch to allow empty passwords (used in Slackware's installer): patch -p1 < $CWD/dropbear_emptypass.patch @@ -70,6 +81,8 @@ patch -p1 < $CWD/dropbear_emptypass.patch patch -p0 < $CWD/dropbear.xauth.patch # Change the path used for dbclient because our prefix is '/' not '/usr': patch -p1 < $CWD/dropbear_dbclientpath.patch +# Patch for new glibc crypt() that may return NULL: +patch -p1 < $CWD/dropbear.glibc.crypt.diff CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -96,10 +109,8 @@ cp dbclient.1 $PKG/usr/man/man1 cp dropbearkey.8 dropbear.8 $PKG/usr/man/man8 if [ -d $PKG/usr/man ]; then - (cd $PKG/usr/man - find . -type f -exec gzip -9 {} \; - for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done - ) + find $PKG/usr/man -type f -exec gzip -9 {} \; + for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done fi # Link binaries to dropbearmulti since the 'make install' does not do that @@ -111,10 +122,10 @@ fi done ) -(cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) +make install DESTDIR=$PKG + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true mkdir -p $PKG/etc/rc.d $PKG/etc/dropbear cp $CWD/rc.dropbear.new $PKG/etc/rc.d/ # doinst.sh will handle .new @@ -128,4 +139,4 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz +/sbin/makepkg -l y -c n $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz diff --git a/source/installer/dropbear/dropbear.glibc.crypt.diff b/source/installer/dropbear/dropbear.glibc.crypt.diff new file mode 100644 index 00000000..3184210d --- /dev/null +++ b/source/installer/dropbear/dropbear.glibc.crypt.diff @@ -0,0 +1,28 @@ + +# HG changeset patch +# User Matt Johnston <matt@ucc.asn.au> +# Date 1367250157 -28800 +# Node ID 7bd88d546627ff31d0e2d91e6022b3e77a943efb +# Parent ea04e3eb03e2c3d59d82e361882711de844068a4 +Avoid segfault for locked accounts (invalid salt to crypt()) + +diff -r ea04e3eb03e2 -r 7bd88d546627 svr-authpasswd.c +--- a/svr-authpasswd.c Thu Apr 18 23:15:17 2013 +0800 ++++ b/svr-authpasswd.c Mon Apr 29 23:42:37 2013 +0800 +@@ -66,6 +66,14 @@ + m_burn(password, passwordlen); + m_free(password); + ++ if (testcrypt == NULL) { ++ /* crypt() with an invalid salt like "!!" */ ++ dropbear_log(LOG_WARNING, "User account '%s' is locked", ++ ses.authstate.pw_name); ++ send_msg_userauth_failure(0, 1); ++ return; ++ } ++ + /* check for empty password */ + if (passwdcrypt[0] == '\0') { + dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", + + diff --git a/source/installer/dropbear/dropbear.xauth.patch b/source/installer/dropbear/dropbear.xauth.patch index d01e15e0..e32f0c64 100644 --- a/source/installer/dropbear/dropbear.xauth.patch +++ b/source/installer/dropbear/dropbear.xauth.patch @@ -1,10 +1,10 @@ ---- options.h.old 2008-01-29 11:54:45.000000000 -0200 -+++ options.h 2008-01-29 11:54:52.000000000 -0200 -@@ -197,7 +197,7 @@ +--- options.h.orig 2013-06-21 21:50:34.859528230 -0500 ++++ options.h 2013-06-21 21:52:59.208516285 -0500 +@@ -243,7 +243,7 @@ /* The command to invoke for xauth when using X11 forwarding. * "-q" for quiet */ #ifndef XAUTH_COMMAND --#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" +-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" +#define XAUTH_COMMAND "/usr/bin/xauth -q" #endif diff --git a/source/installer/dropbear/dropbear_dbclientpath.patch b/source/installer/dropbear/dropbear_dbclientpath.patch index ef5cddc7..781349f8 100644 --- a/source/installer/dropbear/dropbear_dbclientpath.patch +++ b/source/installer/dropbear/dropbear_dbclientpath.patch @@ -1,12 +1,12 @@ -diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h ---- dropbear-0.50.orig/options.h 2007-08-08 18:39:38.000000000 +0200 -+++ dropbear-0.50/options.h 2008-03-10 14:43:29.261618300 +0100 -@@ -209,7 +209,7 @@ - +diff -Nur dropbear-2012.55.orig/options.h dropbear-2012.55/options.h +--- dropbear-2012.55.orig/options.h 2012-02-23 07:47:06.000000000 -0600 ++++ dropbear-2012.55/options.h 2012-04-07 15:12:46.040452209 -0500 +@@ -255,7 +255,7 @@ + /* This is used by the scp binary when used as a client binary. If you're * not using the Dropbear client, you'll need to change it */ -#define _PATH_SSH_PROGRAM "/usr/bin/dbclient" +#define _PATH_SSH_PROGRAM "/bin/dbclient" - - /* Whether to log commands executed by a client. This only logs the - * (single) command sent to the server, not what a user did in a + + /* Whether to log commands executed by a client. This only logs the + * (single) command sent to the server, not what a user did in a diff --git a/source/installer/dropbear/dropbear_emptypass.patch b/source/installer/dropbear/dropbear_emptypass.patch index 995b4d5c..25924008 100644 --- a/source/installer/dropbear/dropbear_emptypass.patch +++ b/source/installer/dropbear/dropbear_emptypass.patch @@ -1,51 +1,12 @@ -diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h ---- dropbear-0.50.orig/options.h 2007-08-08 17:39:37.000000000 +0200 -+++ dropbear-0.50/options.h 2008-02-01 00:22:07.000000000 +0100 -@@ -148,6 +148,9 @@ - * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ - #define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD" - -+/* disable server empty password check because root has no password on EZX */ -+#define DISABLE_SVR_EMPTY_PASSWD_CHECK -+ - /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of - * a helper program for the ssh client. The helper program should be - * specified in the SSH_ASKPASS environment variable, and dbclient -diff -uarN dropbear-0.50.orig/svr-auth.c dropbear-0.50/svr-auth.c ---- dropbear-0.50.orig/svr-auth.c 2007-08-08 17:39:37.000000000 +0200 -+++ dropbear-0.50/svr-auth.c 2008-02-01 00:22:07.000000000 +0100 -@@ -236,6 +236,7 @@ - return DROPBEAR_FAILURE; - } - -+#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK - /* check for an empty password */ - if (ses.authstate.pw->pw_passwd[0] == '\0') { - TRACE(("leave checkusername: empty pword")) -@@ -244,6 +245,7 @@ - send_msg_userauth_failure(0, 1); - return DROPBEAR_FAILURE; - } -+#endif - - TRACE(("shell is %s", ses.authstate.pw->pw_shell)) - -diff -uarN dropbear-0.50.orig/svr-authpasswd.c dropbear-0.50/svr-authpasswd.c ---- dropbear-0.50.orig/svr-authpasswd.c 2007-08-08 17:39:37.000000000 +0200 -+++ dropbear-0.50/svr-authpasswd.c 2008-02-01 00:23:00.000000000 +0100 -@@ -60,6 +60,7 @@ - passwdcrypt = DEBUG_HACKCRYPT; - #endif - -+#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK - /* check for empty password - need to do this again here - * since the shadow password may differ to that tested - * in auth.c */ -@@ -69,6 +70,7 @@ - send_msg_userauth_failure(0, 1); - return; - } -+#endif - - /* check if client wants to change password */ - changepw = buf_getbool(ses.payload); +diff -Nur dropbear-2012.55.orig/options.h dropbear-2012.55/options.h +--- dropbear-2012.55.orig/options.h 2012-02-23 07:47:06.000000000 -0600 ++++ dropbear-2012.55/options.h 2012-04-07 15:09:15.676322495 -0500 +@@ -180,7 +180,7 @@ + * Public key logins are allowed for blank-password accounts regardless of this + * setting. PAM is not affected by this setting, it uses the normal pam.d + * settings ('nullok' option) */ +-/* #define ALLOW_BLANK_PASSWORD */ ++#define ALLOW_BLANK_PASSWORD + + #define ENABLE_CLI_PASSWORD_AUTH + #define ENABLE_CLI_PUBKEY_AUTH |