From 3af7df2b3b06e516947f7979f7c7f3c25d94bbb9 Mon Sep 17 00:00:00 2001 From: davidovski Date: Thu, 23 Dec 2021 15:43:35 +0000 Subject: added openssh --- repo/core/krb5.xibuild | 35 +++++++++++++++++++++++++++++++++++ repo/core/libxml2.xibuild | 15 +++++++++++++++ repo/core/openssh.xibuild | 27 +++++++++++++++++++++++++++ repo/core/pam.xibuild | 36 ++++++++++++++++++++++++++++++++++++ 4 files changed, 113 insertions(+) create mode 100644 repo/core/krb5.xibuild create mode 100644 repo/core/libxml2.xibuild create mode 100644 repo/core/openssh.xibuild create mode 100644 repo/core/pam.xibuild diff --git a/repo/core/krb5.xibuild b/repo/core/krb5.xibuild new file mode 100644 index 0000000..8769e1f --- /dev/null +++ b/repo/core/krb5.xibuild @@ -0,0 +1,35 @@ +#!/bin/bash + +DEPS=(glibc e2fsprogs libldap keyutils) + +SOURCE=https://kerberos.org/dist/krb5/1.19/krb5-1.19.2.tar.gz +DESC="The Kerberos network authentication system" + +build () { + # fix denial of service vulnerability + sed -i '210a if (sprinc == NULL) {\ + status = "NULL_SERVER";\ + errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;\ + goto cleanup;\ + }' src/kdc/do_tgs_req.c + + cd src && + + sed -i -e 's@\^u}@^u cols 300}@' tests/dejagnu/config/default.exp && + sed -i -e '/eq 0/{N;s/12 //}' plugins/kdb/db2/libdb2/test/run.test && + sed -i '/t_iprop.py/d' tests/Makefile.in && + + ./configure --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/lib \ + --runstatedir=/run \ + --with-system-et \ + --with-system-ss \ + --with-system-verto=no \ + --enable-dns-for-realm && + make + make DESTDIR=$PKG_DEST install + + install -v -dm755 $PKG_DEST/usr/share/doc/krb5-1.19.2 && + cp -vfr ../doc/* $PKG_DEST/usr/share/doc/krb5-1.19.2 +} diff --git a/repo/core/libxml2.xibuild b/repo/core/libxml2.xibuild new file mode 100644 index 0000000..e5c149e --- /dev/null +++ b/repo/core/libxml2.xibuild @@ -0,0 +1,15 @@ +#!/bin/bash + +DEPS=(zlib readline ncurses xz icu) + +SOURCE=http://xmlsoft.org/sources/libxml2-2.9.12.tar.gz +DESC="XML parsing library" + +build () { + ./configure --prefix=/usr \ + --disable-static \ + --with-history \ + --with-python=/usr/bin/python3 && + make + make DESTDIR=$PKG_DEST install +} diff --git a/repo/core/openssh.xibuild b/repo/core/openssh.xibuild new file mode 100644 index 0000000..18886c5 --- /dev/null +++ b/repo/core/openssh.xibuild @@ -0,0 +1,27 @@ +#!/bin/bash + +DEPS=(glibc krb5 openssl libedit ldns libxcrypt zlib pam) + +SOURCE=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz +DESC="Premier connectivity tool for remote login with the SSH protocol" + +build () { + ./configure --prefix=/usr \ + --sysconfdir=/etc/ssh \ + --with-md5-passwords \ + --with-privsep-path=/var/lib/sshd \ + --with-default-path=/usr/bin \ + --with-superuser-path=/usr/sbin:/usr/bin \ + --with-pid-dir=/run + make + make DESTDIR=$PKG_DEST install + + install -v -m755 contrib/ssh-copy-id /usr/bin && + + install -v -m644 contrib/ssh-copy-id.1 \ + $PKG_DEST/usr/share/man/man1 && + install -v -m755 -d $PKG_DEST/usr/share/doc/openssh-8.8p1 && + install -v -m644 INSTALL LICENCE OVERVIEW README* \ + $PKG_DEST/usr/share/doc/openssh-8.8p1 + +} diff --git a/repo/core/pam.xibuild b/repo/core/pam.xibuild new file mode 100644 index 0000000..ea651b2 --- /dev/null +++ b/repo/core/pam.xibuild @@ -0,0 +1,36 @@ +#!/bin/bash + +DEPS=(glibc libtirpc pambase audit libxcrypt) + +SOURCE=https://github.com/linux-pam/linux-pam/releases/download/v1.5.2/Linux-PAM-1.5.2.tar.xz +DESC="PAM (Pluggable Authentication Modules) library" + +build () { + # prevent install of an uneeded systemd file + sed -e /service_DATA/d \ + -i modules/pam_namespace/Makefile.am && + autoreconf + + ./configure --prefix=/usr \ + --sbindir=/usr/sbin \ + --sysconfdir=/etc \ + --libdir=/usr/lib \ + --enable-securedir=/usr/lib/security \ + --docdir=/usr/share/doc/Linux-PAM-1.5.2 && + make + + make DESTDIR=$PKG_DEST install +} + +package () { + install -v -m755 -d $PKG_DEST/etc/pam.d && + + cat > $PKG_DEST/etc/pam.d/other << "EOF" + auth required pam_deny.so + account required pam_deny.so + password required pam_deny.so + session required pam_deny.so + EOF + + +} -- cgit v1.2.1