wok view dropbear/receipt @ rev 19972

Up dropbear (2017.75) CVE-2017-9078
author Pascal Bellard <pascal.bellard@slitaz.org>
date Wed Jun 07 11:54:12 2017 +0200 (2017-06-07)
parents ce7157786dac
children b26bdacd1126
line source
1 # SliTaz package receipt.
3 PACKAGE="dropbear"
4 VERSION="2017.75"
5 CATEGORY="security"
6 SHORT_DESC="Lightweight SSH2 server and client"
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="MIT"
9 TARBALL="$PACKAGE-$VERSION.tar.bz2"
10 WEB_SITE="http://matt.ucc.asn.au/dropbear/dropbear.html"
11 WGET_URL="http://matt.ucc.asn.au/dropbear/releases/$TARBALL"
12 CONFIG_FILES="/etc/dropbear"
13 SUGGESTED="sftp-server"
14 PROVIDE="ssh"
15 TAGS="ssh"
16 HOST_ARCH="i486 arm"
18 DEPENDS="zlib"
19 BUILD_DEPENDS="zlib-dev pam pam-dev"
21 # Handle multiarch compilation.
22 case "$ARCH" in
23 arm)
24 BUILD_DEPENDS=""
25 CROSS_ARGS="--disable-zlib"
26 CROSS_BUGS="Fails to find zlib: -lz... no" ;;
27 esac
29 # Rules to configure and make the package.
30 compile_rules()
31 {
32 local i
33 local DROPBEARS
34 DROPBEARS="dropbearkey dropbearconvert dbclient scp"
35 sed -i -e 's|/usr/.*/xauth|/usr/bin/xauth|' \
36 -e 's|/usr/.*/sftp-server|/usr/sbin/sftp-server|' \
37 -e 's|ENABLE_SVR_PAM_AUTH|ENABLE_SVR_PASSWORD_AUTH|' \
38 options.h
39 ./configure --prefix=/usr --without-pam $CONFIGURE_ARGS $CROSS_ARGS &&
40 make PROGRAMS="dropbear $DROPBEARS" MULTI=1 SCPPROGRESS=1 &&
41 install -d -m 755 $DESTDIR/usr/sbin &&
42 install -m 755 dropbearmulti $DESTDIR/usr/sbin/dropbear &&
43 chown 0.0 $DESTDIR/usr/sbin/dropbear || exit 1
45 # No pam support in ARM
46 case "$ARCH" in
47 arm) echo "Skipping Dropbear PAM..." ;;
48 i?86)
49 sed -i 's|ENABLE_SVR_PASSWORD_AUTH|ENABLE_SVR_PAM_AUTH|' \
50 options.h
51 ./configure --prefix=/usr --enable-pam $CONFIGURE_ARGS &&
52 make PROGRAMS="dropbear $DROPBEARS" MULTI=1 SCPPROGRESS=1 &&
53 install -m 755 dropbearmulti $DESTDIR/usr/sbin/dropbear-pam &&
54 chown 0.0 $DESTDIR/usr/sbin/dropbear-pam || exit 1 ;;
55 esac
57 install -d -m 755 $DESTDIR/usr/bin &&
58 for i in $DROPBEARS ssh; do
59 ln -s ../sbin/dropbear $DESTDIR/usr/bin/$i || exit 1
60 done
61 install -d -m 755 $DESTDIR/usr/share/man/man1 &&
62 install -m 644 $src/*.1 $DESTDIR/usr/share/man/man1 &&
63 install -d -m 755 $DESTDIR/usr/share/man/man8 &&
64 install -m 644 $src/*.8 $DESTDIR/usr/share/man/man8 &&
65 install -d -m 755 $DESTDIR/usr/share/doc &&
66 install -m 644 $src/[A-Z][A-Z]* $DESTDIR/usr/share/doc
67 }
69 # Rules to gen a SliTaz package suitable for Tazpkg.
70 genpkg_rules()
71 {
72 mkdir -p $fs/usr
73 cp -a $install/usr/bin $fs/usr
74 cp -a $install/usr/sbin $fs/usr
75 rm -f $fs/usr/sbin/dropbear-pam
76 # Config file and init script.
77 mkdir -p $fs/etc
78 cp -a $stuff/dropbear $fs/etc
79 cp -a $stuff/init.d $fs/etc
80 ln -s daemon $fs/etc/init.d/sshd
81 cp -a $stuff/sshx $fs/usr/bin
82 ln -s sshx $fs/usr/bin/pppssh
83 ln -s sshx $fs/usr/bin/sshfbvnc
84 touch $fs/etc/dropbear/dropbear_dss_host_key \
85 $fs/etc/dropbear/dropbear_rsa_host_key \
86 $fs/etc/dropbear/dropbear_ecdsa_host_key
88 # Fix dropbear initscript perms
89 chown -R root.root $fs
90 }
92 # Post message when installing.
93 post_install()
94 {
95 while read dropbear openssh ; do
96 [ -s "$1/$openssh" ] || continue
97 chroot "$1/" dropbearconvert openssh dropbear $openssh $dropbear
98 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
99 done <<EOT
100 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
101 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
102 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
103 EOT
104 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
105 #ssh stream tcp nowait root dropbear dropbear -i -b /etc/dropbear/banner
106 EOT
107 [ -n "$quiet" ] && return
108 echo -e "\nTo starts $PACKAGE server you can run :\n"
109 echo "/etc/init.d/$PACKAGE start"
110 echo -e "Or add $PACKAGE to RUN_DAEMONS in /etc/rcS.conf\n"
111 }
113 post_remove()
114 {
115 grep -q dropbear "$1/etc/inetd.conf" && sed -i '/dropbear/d' "$1/etc/inetd.conf"
116 }