From ca104be35e918af32f622d4f2e0850085e36da63 Mon Sep 17 00:00:00 2001
From: Viorel Munteanu <ceamac@gentoo.org>
Date: Sat, 6 Apr 2024 08:52:39 +0300
Subject: net-misc/dropbear: add 2024.84

Make the tests non-interactive just in case.
Disable the tests that fail.

Closes: https://bugs.gentoo.org/732294
Bug: https://bugs.gentoo.org/920293
Signed-off-by: Viorel Munteanu <ceamac@gentoo.org>
---
 net-misc/dropbear/Manifest                         |   2 +
 net-misc/dropbear/dropbear-2024.84.ebuild          | 184 +++++++++++++++++++++
 .../dropbear/files/dropbear-2024.84-dbscp.patch    |  20 +++
 .../dropbear-2024.84-non-interactive-tests.patch   |  13 ++
 4 files changed, 219 insertions(+)
 create mode 100644 net-misc/dropbear/dropbear-2024.84.ebuild
 create mode 100644 net-misc/dropbear/files/dropbear-2024.84-dbscp.patch
 create mode 100644 net-misc/dropbear/files/dropbear-2024.84-non-interactive-tests.patch

(limited to 'net-misc/dropbear')

diff --git a/net-misc/dropbear/Manifest b/net-misc/dropbear/Manifest
index c762d488c638..34b3afeaf523 100644
--- a/net-misc/dropbear/Manifest
+++ b/net-misc/dropbear/Manifest
@@ -1,2 +1,4 @@
 DIST dropbear-2022.83.tar.bz2 2322904 BLAKE2B 4e26667458fb068a8c997b44dfd3c4f15146f051713a3ea90980db04c6345174d34214269665d74c863c1c1947d6837034aa4c264101b11971c8a3e97f491393 SHA512 c63afa615d64b0c8c5e739c758eb8ae277ecc36a4223b766bf562702de69910904cbc3ea98d22989df478ae419e1f81057fe1ee09616c80cb859f58f44175422
 DIST dropbear-2022.83.tar.bz2.asc 833 BLAKE2B 7dfcf13804738aed3136c264412f8c2f96cd3ff71482815af736346c9441c8f00adef26f4e8f89082cbbb4033249501adbc545c08f678e1cac4afc88a8fc9ed0 SHA512 e5cbd01dcbaeabb04dc473bd11933a422fda03ceb5bc02fb5c99abafd0841e3ac1f436cc1798500b33fbbc81923fa03c2a28c971fa26794ed5888d496fb7e2ad
+DIST dropbear-2024.84.tar.bz2 2306278 BLAKE2B ba5a433f2a313aeeabc8e3e3696c4d79e96095dfc5cf045f15e6de5912f2f44bdddee103d86f659ee58fe8013fc9c2fb8c3af9cba089ee415e2f28179a365dca SHA512 254daea819c5aeaa65bb43449386fb964f4aa13e3b3037fe11064120205c6e265925e7ef2d84f7ebe66c6a00cf0a22e6010314c065ed49a3815f47137b7aca44
+DIST dropbear-2024.84.tar.bz2.asc 833 BLAKE2B 0b8c9fdf8c24836b03f36d3e98b6b906a3aaeda9bd283b3d2001b9b1e363a19e02a536febfe19c3c851c378d32a3efb067910a68dd4a7b2174b96fd8faedf1b3 SHA512 69ce84ea8f6ba2c7f7718578befa301c3a0342b7f6acb3ecb5d6ac4b82710fb22d0bc11f5632ae00f222c1cc2b50f48e50d16eee4ebb93bf08069774769ebb13
diff --git a/net-misc/dropbear/dropbear-2024.84.ebuild b/net-misc/dropbear/dropbear-2024.84.ebuild
new file mode 100644
index 000000000000..68f1c4674d72
--- /dev/null
+++ b/net-misc/dropbear/dropbear-2024.84.ebuild
@@ -0,0 +1,184 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dropbear.asc
+inherit pam python-any-r1 savedconfig verify-sig
+
+DESCRIPTION="Small SSH 2 client/server designed for small memory environments"
+HOMEPAGE="https://matt.ucc.asn.au/dropbear/dropbear.html"
+SRC_URI="https://matt.ucc.asn.au/dropbear/releases/${P}.tar.bz2
+	https://matt.ucc.asn.au/dropbear/testing/${P}.tar.bz2"
+SRC_URI+=" verify-sig? (
+		https://matt.ucc.asn.au/dropbear/releases/${P}.tar.bz2.asc
+		https://matt.ucc.asn.au/dropbear/testing/${P}.tar.bz2.asc
+	)"
+
+LICENSE="MIT GPL-2" # (init script is GPL-2 #426056)
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x64-macos"
+IUSE="bsdpty minimal multicall pam +shadow static +syslog test zlib"
+RESTRICT="!test? ( test )"
+
+LIB_DEPEND="
+	virtual/libcrypt[static-libs(+)]
+	zlib? ( sys-libs/zlib[static-libs(+)] )
+"
+RDEPEND="
+	acct-group/sshd
+	acct-user/sshd
+	!static? (
+		>=dev-libs/libtomcrypt-1.18.2-r2[libtommath]
+		>=dev-libs/libtommath-1.2.0
+		${LIB_DEPEND//\[static-libs(+)]}
+	)
+	pam? ( sys-libs/pam )
+"
+DEPEND="
+	${RDEPEND}
+	static? ( ${LIB_DEPEND} )
+"
+RDEPEND+=" pam? ( >=sys-auth/pambase-20080219.1 )"
+BDEPEND="
+	test? (
+		$(python_gen_any_dep '
+			dev-python/attrs[${PYTHON_USEDEP}]
+			dev-python/iniconfig[${PYTHON_USEDEP}]
+			dev-python/packaging[${PYTHON_USEDEP}]
+			dev-python/pluggy[${PYTHON_USEDEP}]
+			dev-python/py[${PYTHON_USEDEP}]
+			dev-python/pyparsing[${PYTHON_USEDEP}]
+			dev-python/pytest[${PYTHON_USEDEP}]
+			dev-python/psutil[${PYTHON_USEDEP}]
+		')
+	)
+	verify-sig? ( sec-keys/openpgp-keys-dropbear )
+"
+
+REQUIRED_USE="pam? ( !static )"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2024.84-dbscp.patch
+	"${FILESDIR}"/${PN}-2022.82-tests.patch
+	"${FILESDIR}"/${PN}-2024.84-non-interactive-tests.patch
+)
+
+set_options() {
+	progs=(
+		dropbear dbclient dropbearkey
+		$(usev !minimal "dropbearconvert scp")
+	)
+	makeopts=(
+		MULTI=$(usex multicall 1 0)
+	)
+}
+
+python_check_deps() {
+	python_has_version "dev-python/attrs[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/iniconfig[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/packaging[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/pluggy[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/py[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/pyparsing[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/pytest[${PYTHON_USEDEP}]" && \
+		python_has_version "dev-python/psutil[${PYTHON_USEDEP}]"
+}
+
+pkg_setup() {
+	use test && python-any-r1_pkg_setup
+
+	if use static ; then
+		ewarn "Using bundled copies of libtommath and libtomcrypt"
+	fi
+}
+
+src_prepare() {
+	default
+	sed \
+		-e '/SFTPSERVER_PATH/s:".*":"/usr/lib/misc/sftp-server":' \
+		-e '/DROPBEAR_X11FWD/s:0:1:' \
+		src/default_options.h > localoptions.h || die
+	sed \
+		-e '/pam_start/s:sshd:dropbear:' \
+		-i src/svr-authpam.c || die
+	restore_config localoptions.h
+
+	# remove tests that fail
+	rm test/test_aslr.py test/test_channels.py || die
+
+	# dropbearconver is not build with USE minimal
+	if use minimal; then
+		rm test/test_dropbearconvert.py || die
+	fi
+}
+
+src_configure() {
+	# Notes:
+	# 1) We use bundled libtom* when static build is enabled because
+	#    libtomcrypt lacks it and we don't particularly want to add it.
+	# 2) We disable the hardening flags as our compiler already enables them
+	#    by default as is appropriate for the target.
+	local myeconfargs=(
+		--disable-harden
+
+		# bug #836900
+		$(use_enable !elibc_musl lastlog)
+		$(use_enable !elibc_musl wtmp)
+
+		$(use_enable static bundled-libtom)
+		$(use_enable zlib)
+		$(use_enable pam)
+		$(use_enable !bsdpty openpty)
+		$(use_enable shadow)
+		$(use_enable static)
+		$(use_enable syslog)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	set_options
+	emake "${makeopts[@]}" PROGRAMS="${progs[*]}"
+
+	# need symlinks for tests
+	if use multicall && use test; then
+		local x
+		for x in "${progs[@]}" ; do
+			ln -sf dropbearmulti ${x} || die "ln -s dropbearmulti to ${x} failed"
+		done
+	fi
+}
+
+src_install() {
+	set_options
+	emake "${makeopts[@]}" PROGRAMS="${progs[*]}" DESTDIR="${D}" install
+	doman manpages/*.8
+	newinitd "${FILESDIR}"/dropbear.init.d dropbear
+	newconfd "${FILESDIR}"/dropbear.conf.d dropbear
+	dodoc CHANGES README.md SMALL.md MULTI.md
+
+	# The multi install target does not install the links right.
+	if use multicall ; then
+		pushd "${ED}"/usr/bin &> /dev/null || die
+		local x
+		for x in "${progs[@]}" ; do
+			ln -sf dropbearmulti ${x} || die "ln -s dropbearmulti to ${x} failed"
+		done
+		rm -f dropbear
+		dodir /usr/sbin
+		dosym -r /usr/bin/dropbearmulti /usr/sbin/dropbear
+		popd &> /dev/null || die
+	fi
+	save_config localoptions.h
+
+	if ! use minimal ; then
+		mv "${ED}"/usr/bin/{,db}scp || die
+	fi
+
+	if use pam; then
+		pamd_mimic system-remote-login dropbear auth account password session
+	fi
+}
diff --git a/net-misc/dropbear/files/dropbear-2024.84-dbscp.patch b/net-misc/dropbear/files/dropbear-2024.84-dbscp.patch
new file mode 100644
index 000000000000..52095e1427de
--- /dev/null
+++ b/net-misc/dropbear/files/dropbear-2024.84-dbscp.patch
@@ -0,0 +1,20 @@
+--- a/src/dbmulti.c
++++ b/src/dbmulti.c
+@@ -60,7 +60,7 @@
+ 		}
+ #endif
+ #ifdef DBMULTI_scp
+-		if (strcmp(progname, "scp") == 0) {
++		if ((strcmp(progname, "scp") == 0) || (strcmp(progname, "dbscp") == 0)) {
+ 			return scp_main(argc, argv);
+ 		}
+ #endif
+@@ -81,7 +81,7 @@
+ 			"'dropbearconvert' - the key converter\n"
+ #endif
+ #ifdef DBMULTI_scp
+-			"'scp' - secure copy\n"
++			"'dbscp' - secure copy\n"
+ #endif
+ 			,
+ 			DROPBEAR_VERSION);
diff --git a/net-misc/dropbear/files/dropbear-2024.84-non-interactive-tests.patch b/net-misc/dropbear/files/dropbear-2024.84-non-interactive-tests.patch
new file mode 100644
index 000000000000..84314f5fd7fa
--- /dev/null
+++ b/net-misc/dropbear/files/dropbear-2024.84-non-interactive-tests.patch
@@ -0,0 +1,13 @@
+Force tests to be non-interactive
+
+--- a/test/test_dropbear.py
++++ b/test/test_dropbear.py
+@@ -23,7 +23,7 @@
+ 	args = opt.dropbear.split() + [
+ 		"-p", LOCALADDR + ":" + opt.port, # bind locally only
+ 		"-r", opt.hostkey,
+-		"-F", "-E",
++		"-F", "-E", "-s",
+ 		]
+ 	print("subprocess args: ", args)
+ 
-- 
cgit v1.2.3-65-gdbad