7 files changed, 296 insertions, 0 deletions

diff --git a/source/installer/dropbear/doinst.sh b/source/installer/dropbear/doinst.sh
new file mode 100644
index 000000000..af326c6ab
--- /dev/null
+++ b/source/installer/dropbear/doinst.sh
@@ -0,0 +1,13 @@
+config() {
+  NEW="$1"
+  OLD="`dirname $NEW`/`basename $NEW .new`"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+config etc/rc.d/rc.dropbear.new
diff --git a/source/installer/dropbear/dropbear.Slackbuild b/source/installer/dropbear/dropbear.Slackbuild
new file mode 100755
index 000000000..5bd3bd99d
--- /dev/null
+++ b/source/installer/dropbear/dropbear.Slackbuild
@@ -0,0 +1,131 @@
+#!/bin/sh
+# $Id: dropbear.Slackbuild,v 1.7 2008/03/13 13:42:33 root Exp root $
+#  Copyright 2007, Piter Punk, São Paulo, Brazil 
+# Adaptations for Slackware installer:
+#  Copyright 2008, Eric Hameleers, Eindhoven, Netherlands
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+PRGNAM=dropbear
+VERSION=0.50
+ARCH=${ARCH:-i486}
+BUILD=${BUILD:-10}
+TAG=${TAG:-''}
+
+# The programs we want to have as symlinks to dropbearmulti binary:
+PROGS="dropbear dbclient dropbearkey dropbearconvert scp ssh"
+
+# We build for the Slackware installer:
+#  This means, installing into /bin and /sbin ;
+#  and adding symlinks for ssh and scp without worry
+#  about overwriting any pre-existing binaries.
+
+CWD=`pwd`
+TMP=${TMP:-/tmp}
+PKG=$TMP/pkg-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i386" ]; then
+  SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
+elif [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2"
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP || exit 1
+rm -rf $PRGNAM-$VERSION
+tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 || exit 1
+cd $PRGNAM-$VERSION || exit 1
+
+# Fix ownership and permissions inside the source tarball.
+# It's appalling how many projects have 777 permissions or
+# even suid, sgid, and sticky bits set on things.
+chown -R root:root .
+chmod -R u+w,go+r-w,a-s .
+
+# Patch to allow empty passwords (used in Slackware's installer):
+patch -p1 < $CWD/dropbear_emptypass.patch
+# Apply xauth path patch
+patch -p0 < $CWD/dropbear.xauth.patch
+# Change the path used for dbclient because our prefix is '/' not '/usr':
+patch -p1 < $CWD/dropbear_dbclientpath.patch
+
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+./configure \
+  --prefix=/ \
+  --mandir=/usr/man \
+  --disable-syslog \
+  --disable-utmp \
+  --disable-utmpx \
+  --disable-wtmp \
+  --disable-wtmpx \
+  --disable-pututline \
+  --disable-pututxline \
+  --build=$ARCH-slackware-linux
+
+make PROGRAMS="$PROGS" MULTI="1" SCPPROGRESS="1" || exit 1
+mkdir -p $PKG/sbin $PKG/bin $PKG/lib
+make DESTDIR=$PKG MULTI="1" install || exit 1
+
+# Copy manpages to package
+mkdir -p $PKG/usr/man/man1
+mkdir -p $PKG/usr/man/man8
+cp dbclient.1 $PKG/usr/man/man1
+cp dropbearkey.8 dropbear.8 $PKG/usr/man/man8
+
+if [ -d $PKG/usr/man ]; then
+ (cd $PKG/usr/man
+  find . -type f -exec gzip -9 {} \;
+  for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+ )
+fi
+
+# Link binaries to dropbearmulti since the 'make install' does not do that
+# if we build a multicall binary.
+(cd $PKG/bin
+ ln -s ../bin/dropbearmulti ../sbin/dropbear
+ for i in $(echo $PROGS | sed -e 's/dropbear //') ; do
+   ln -s dropbearmulti $i
+ done
+)
+
+(cd $PKG
+ find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+ find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+mkdir -p $PKG/etc/rc.d $PKG/etc/dropbear
+cp $CWD/rc.dropbear.new $PKG/etc/rc.d/ # doinst.sh will handle .new
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a CHANGES INSTALL LICENSE MULTI README SMALL TODO \
+  $PKG/usr/doc/$PRGNAM-$VERSION
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh  > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
diff --git a/source/installer/dropbear/dropbear.xauth.patch b/source/installer/dropbear/dropbear.xauth.patch
new file mode 100644
index 000000000..d01e15e04
--- /dev/null
+++ b/source/installer/dropbear/dropbear.xauth.patch
@@ -0,0 +1,11 @@
+--- options.h.old	2008-01-29 11:54:45.000000000 -0200
++++ options.h	2008-01-29 11:54:52.000000000 -0200
+@@ -197,7 +197,7 @@
+ /* The command to invoke for xauth when using X11 forwarding.
+  * "-q" for quiet */
+ #ifndef XAUTH_COMMAND
+-#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
++#define XAUTH_COMMAND "/usr/bin/xauth -q"
+ #endif
+ 
+ /* if you want to enable running an sftp server (such as the one included with
diff --git a/source/installer/dropbear/dropbear_dbclientpath.patch b/source/installer/dropbear/dropbear_dbclientpath.patch
new file mode 100644
index 000000000..ef5cddc79
--- /dev/null
+++ b/source/installer/dropbear/dropbear_dbclientpath.patch
@@ -0,0 +1,12 @@
+diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h
+--- dropbear-0.50.orig/options.h	2007-08-08 18:39:38.000000000 +0200
++++ dropbear-0.50/options.h	2008-03-10 14:43:29.261618300 +0100
+@@ -209,7 +209,7 @@
+
+ /* This is used by the scp binary when used as a client binary. If you're
+  * not using the Dropbear client, you'll need to change it */
+-#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
++#define _PATH_SSH_PROGRAM "/bin/dbclient"
+
+ /* Whether to log commands executed by a client. This only logs the
+  * (single) command sent to the server, not what a user did in a
diff --git a/source/installer/dropbear/dropbear_emptypass.patch b/source/installer/dropbear/dropbear_emptypass.patch
new file mode 100644
index 000000000..995b4d5c5
--- /dev/null
+++ b/source/installer/dropbear/dropbear_emptypass.patch
@@ -0,0 +1,51 @@
+diff -uarN dropbear-0.50.orig/options.h dropbear-0.50/options.h
+--- dropbear-0.50.orig/options.h	2007-08-08 17:39:37.000000000 +0200
++++ dropbear-0.50/options.h	2008-02-01 00:22:07.000000000 +0100
+@@ -148,6 +148,9 @@
+  * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
+ #define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
+ 
++/* disable server empty password check because root has no password on EZX */
++#define DISABLE_SVR_EMPTY_PASSWD_CHECK
++
+ /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
+  * a helper program for the ssh client. The helper program should be
+  * specified in the SSH_ASKPASS environment variable, and dbclient
+diff -uarN dropbear-0.50.orig/svr-auth.c dropbear-0.50/svr-auth.c
+--- dropbear-0.50.orig/svr-auth.c	2007-08-08 17:39:37.000000000 +0200
++++ dropbear-0.50/svr-auth.c	2008-02-01 00:22:07.000000000 +0100
+@@ -236,6 +236,7 @@
+ 		return DROPBEAR_FAILURE;
+ 	}
+ 
++#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK
+ 	/* check for an empty password */
+ 	if (ses.authstate.pw->pw_passwd[0] == '\0') {
+ 		TRACE(("leave checkusername: empty pword"))
+@@ -244,6 +245,7 @@
+ 		send_msg_userauth_failure(0, 1);
+ 		return DROPBEAR_FAILURE;
+ 	}
++#endif
+ 
+ 	TRACE(("shell is %s", ses.authstate.pw->pw_shell))
+ 
+diff -uarN dropbear-0.50.orig/svr-authpasswd.c dropbear-0.50/svr-authpasswd.c
+--- dropbear-0.50.orig/svr-authpasswd.c	2007-08-08 17:39:37.000000000 +0200
++++ dropbear-0.50/svr-authpasswd.c	2008-02-01 00:23:00.000000000 +0100
+@@ -60,6 +60,7 @@
+ 	passwdcrypt = DEBUG_HACKCRYPT;
+ #endif
+ 
++#ifndef DISABLE_SVR_EMPTY_PASSWD_CHECK
+ 	/* check for empty password - need to do this again here
+ 	 * since the shadow password may differ to that tested
+ 	 * in auth.c */
+@@ -69,6 +70,7 @@
+ 		send_msg_userauth_failure(0, 1);
+ 		return;
+ 	}
++#endif
+ 
+ 	/* check if client wants to change password */
+ 	changepw = buf_getbool(ses.payload);
diff --git a/source/installer/dropbear/rc.dropbear.new b/source/installer/dropbear/rc.dropbear.new
new file mode 100644
index 000000000..85f0e56e8
--- /dev/null
+++ b/source/installer/dropbear/rc.dropbear.new
@@ -0,0 +1,58 @@
+#!/bin/sh
+# Start/stop/restart the dropbear secure shell server:
+
+# Terminate the script now if we have no interface with an IP address:
+if ! `ip -f inet -o addr show | grep -v " lo " 1>/dev/null 2>/dev/null` ; then
+  exit 1
+fi
+
+dropbear_start() {
+  # Create host keys if needed.
+  if [ ! -f /etc/dropbear/dropbear_rsa_host_key ]; then
+    /bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
+  fi
+  if [ ! -f /etc/dropbear/dropbear_dss_host_key ]; then
+    /bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
+  fi
+  touch /var/log/lastlog # The file is missing in the installer
+  /sbin/dropbear -b /etc/motd.net 2>> /var/log/dropbear.log
+}
+
+dropbear_stop() {
+  killall dropbear
+}
+
+dropbear_restart() {
+  if [ -r /var/run/dropbear.pid ]; then
+    echo "WARNING: killing listener process only.  To kill every dropbear process, you "
+    echo "         must use 'rc.dropbear stop'.  'rc.dropbear restart' kills only the "
+    echo "         parent dropbear to allow an admin logged in through dropbear to use "
+    echo "         'rc.dropbear restart' without being cut off.  If dropbear has been "
+    echo "         upgraded, new connections will now use the new version, which should "
+    echo "         be a safe enough approach." 
+    kill `cat /var/run/dropbear.pid`
+  else
+    echo "WARNING: There does not appear to be a parent instance of dropbear running."
+    echo "         If you really want to kill all running instances of dropbear "
+    echo "         (including any sessions currently in use), run "
+    echo "         '/etc/rc.d/rc.dropbear stop' instead."
+    exit 1
+  fi
+  sleep 1
+  dropbear_start
+}
+
+case "$1" in
+'start')
+  dropbear_start
+  ;;
+'stop')
+  dropbear_stop
+  ;;
+'restart')
+  dropbear_restart
+  ;;
+*)
+  echo "usage $0 start|stop|restart"
+esac
+
diff --git a/source/installer/dropbear/slack-desc b/source/installer/dropbear/slack-desc
new file mode 100644
index 000000000..94eeac05a
--- /dev/null
+++ b/source/installer/dropbear/slack-desc
@@ -0,0 +1,20 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in.  You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+
+        |-----handy-ruler------------------------------------------------------|
+dropbear: dropbear (SSH server and client)
+dropbear:
+dropbear: Dropbear is a relatively small SSH 2 server and client. It runs on a
+dropbear: variety of POSIX-based platforms. Dropbear is open source software,
+dropbear: distributed under a MIT-style license. Dropbear is particularly
+dropbear: useful for "embedded"-type Linux (or other Unix) systems, such as 
+dropbear: wireless routers.
+dropbear: 
+dropbear:
+dropbear:
+dropbear:
+