commit: 77996c702667b32eec00164b9e2eca0c69a2ba27 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Wed Jul 29 19:47:56 2020 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Wed Jul 29 23:11:44 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77996c70
net-misc/dropbear: security cleanup Bug: https://bugs.gentoo.org/723848 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Sam James <sam <AT> gentoo.org> net-misc/dropbear/Manifest | 1 - net-misc/dropbear/dropbear-2019.78.ebuild | 107 ------------------------------ net-misc/dropbear/dropbear-2020.80.ebuild | 105 ----------------------------- 3 files changed, 213 deletions(-) diff --git a/net-misc/dropbear/Manifest b/net-misc/dropbear/Manifest index 9c887cb30df..0cdf6d35bd9 100644 --- a/net-misc/dropbear/Manifest +++ b/net-misc/dropbear/Manifest @@ -1,2 +1 @@ -DIST dropbear-2019.78.tar.bz2 2708659 BLAKE2B 212b173cfea8655b43a8d93422dd4d3e0d669a67681cb17d6494b6083e6e4c58d21d52850c0cdf414617ee3dcaa071e376d0b5b156b6856cee2e4fe111550f7d SHA512 f667ba8dae17ea89c118642b566f2c134c71bfd0b8bacea5cf7ec87d75ac79bd7cd1864a8788367a89d30ee35427d389ef6416375adff6e83caae30ff3e0549f DIST dropbear-2020.80.tar.bz2 2287654 BLAKE2B 3cec03034e3ca2befd1b895ecffbf0e0ea00af3e642ac00b4ccaf330d1eeb99840ef328374e9d53d033e801c82ee3a55dba884a2aa6741c1274a2c8cfc4490e0 SHA512 7fccc1003b73540fa1da9763771519f8ae52608f7a1c5f66736db1885a87c346bd9711bcf017c48ba712a83ff04f01c12bea7180ed596fe58038fe656d2fd3d3 diff --git a/net-misc/dropbear/dropbear-2019.78.ebuild b/net-misc/dropbear/dropbear-2019.78.ebuild deleted file mode 100644 index d522d904fd9..00000000000 --- a/net-misc/dropbear/dropbear-2019.78.ebuild +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit savedconfig pam user - -DESCRIPTION="small SSH 2 client/server designed for small memory environments" -HOMEPAGE="https://matt.ucc.asn.au/dropbear/dropbear.html"; -SRC_URI="https://matt.ucc.asn.au/dropbear/releases/${P}.tar.bz2 - https://matt.ucc.asn.au/dropbear/testing/${P}.tar.bz2"; - -LICENSE="MIT" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux" -IUSE="bsdpty minimal multicall pam +shadow static +syslog zlib" - -LIB_DEPEND="zlib? ( sys-libs/zlib[static-libs(+)] ) - dev-libs/libtommath[static-libs(+)]" -RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam )" -DEPEND="${RDEPEND} - static? ( ${LIB_DEPEND} )" -RDEPEND+=" pam? ( >=sys-auth/pambase-20080219.1 )" - -REQUIRED_USE="pam? ( !static )" - -PATCHES=( - "${FILESDIR}"/${PN}-0.46-dbscp.patch -) - -set_options() { - progs=( - dropbear dbclient dropbearkey - $(usex minimal "" "dropbearconvert scp") - ) - makeopts=( - MULTI=$(usex multicall 1 0) - ) -} - -src_prepare() { - default - sed \ - -e '/SFTPSERVER_PATH/s:".*":"/usr/lib/misc/sftp-server":' \ - default_options.h > localoptions.h || die - sed \ - -e '/pam_start/s:sshd:dropbear:' \ - -i svr-authpam.c || die - restore_config localoptions.h -} - -src_configure() { - # XXX: Need to add libtomcrypt to the tree and re-enable this. - # --disable-bundled-libtom - # We disable the hardening flags as our compiler already enables them - # by default as is appropriate for the target. - local myeconfargs=( - --disable-harden - $(use_enable zlib) - $(use_enable pam) - $(use_enable !bsdpty openpty) - $(use_enable shadow) - $(use_enable static) - $(use_enable syslog) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - set_options - emake "${makeopts[@]}" PROGRAMS="${progs[*]}" -} - -src_install() { - set_options - emake "${makeopts[@]}" PROGRAMS="${progs[*]}" DESTDIR="${D}" install - doman *.8 - newinitd "${FILESDIR}"/dropbear.init.d dropbear - newconfd "${FILESDIR}"/dropbear.conf.d dropbear - dodoc CHANGES README SMALL MULTI - - # The multi install target does not install the links right. - if use multicall ; then - cd "${ED}"/usr/bin || die - local x - for x in "${progs[@]}" ; do - ln -sf dropbearmulti ${x} || die "ln -s dropbearmulti to ${x} failed" - done - rm -f dropbear - dodir /usr/sbin - dosym ../bin/dropbearmulti /usr/sbin/dropbear - cd "${S}" || die - fi - save_config localoptions.h - - if ! use minimal ; then - mv "${ED}"/usr/bin/{,db}scp || die - fi - - pamd_mimic system-remote-login dropbear auth account password session -} - -pkg_preinst() { - enewgroup sshd 22 - enewuser sshd 22 -1 /var/empty sshd -} diff --git a/net-misc/dropbear/dropbear-2020.80.ebuild b/net-misc/dropbear/dropbear-2020.80.ebuild deleted file mode 100644 index b5c6728329e..00000000000 --- a/net-misc/dropbear/dropbear-2020.80.ebuild +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit savedconfig pam - -DESCRIPTION="small SSH 2 client/server designed for small memory environments" -HOMEPAGE="https://matt.ucc.asn.au/dropbear/dropbear.html"; -SRC_URI="https://matt.ucc.asn.au/dropbear/releases/${P}.tar.bz2 - https://matt.ucc.asn.au/dropbear/testing/${P}.tar.bz2"; - -LICENSE="MIT GPL-2" # (init script is GPL-2 #426056) -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux" -IUSE="bsdpty minimal multicall pam +shadow static +syslog zlib" - -LIB_DEPEND="zlib? ( sys-libs/zlib[static-libs(+)] ) - dev-libs/libtommath[static-libs(+)]" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam )" -DEPEND="${RDEPEND} - static? ( ${LIB_DEPEND} )" -RDEPEND+=" pam? ( >=sys-auth/pambase-20080219.1 )" - -REQUIRED_USE="pam? ( !static )" - -PATCHES=( - "${FILESDIR}"/${PN}-0.46-dbscp.patch -) - -set_options() { - progs=( - dropbear dbclient dropbearkey - $(usex minimal "" "dropbearconvert scp") - ) - makeopts=( - MULTI=$(usex multicall 1 0) - ) -} - -src_prepare() { - default - sed \ - -e '/SFTPSERVER_PATH/s:".*":"/usr/lib/misc/sftp-server":' \ - default_options.h > localoptions.h || die - sed \ - -e '/pam_start/s:sshd:dropbear:' \ - -i svr-authpam.c || die - restore_config localoptions.h -} - -src_configure() { - # XXX: Need to add libtomcrypt to the tree and re-enable this. - # --disable-bundled-libtom - # We disable the hardening flags as our compiler already enables them - # by default as is appropriate for the target. - local myeconfargs=( - --disable-harden - $(use_enable zlib) - $(use_enable pam) - $(use_enable !bsdpty openpty) - $(use_enable shadow) - $(use_enable static) - $(use_enable syslog) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - set_options - emake "${makeopts[@]}" PROGRAMS="${progs[*]}" -} - -src_install() { - set_options - emake "${makeopts[@]}" PROGRAMS="${progs[*]}" DESTDIR="${D}" install - doman *.8 - newinitd "${FILESDIR}"/dropbear.init.d dropbear - newconfd "${FILESDIR}"/dropbear.conf.d dropbear - dodoc CHANGES README SMALL MULTI - - # The multi install target does not install the links right. - if use multicall ; then - cd "${ED}"/usr/bin || die - local x - for x in "${progs[@]}" ; do - ln -sf dropbearmulti ${x} || die "ln -s dropbearmulti to ${x} failed" - done - rm -f dropbear - dodir /usr/sbin - dosym ../bin/dropbearmulti /usr/sbin/dropbear - cd "${S}" || die - fi - save_config localoptions.h - - if ! use minimal ; then - mv "${ED}"/usr/bin/{,db}scp || die - fi - - pamd_mimic system-remote-login dropbear auth account password session -}
