Some SlackBuild scripts for Slackware.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

136 lines
3.9 KiB

#!/bin/bash
# Build script for Slackware
# Copyright (C) 2008 Damien Goutte-Gattat
#
# Redistribution and use of this script, with or without modifications,
# is permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AS IS'' AND ANY EXPRESS OR
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# Contact: Damien Goutte-Gattat <damien.goutte-gattat@e.ujf-grenoble.fr>
# Built package infos
NAMETGZ=${NAMETGZ:-ssh-vulnkey}
VERSION=${VERSION:-20080518}
BUILD=${BUILD:-1GGD}
ARCH=${ARCH:-i486}
TARGET=${TARGET:-i486}
# Directories
TMP=${TMP:-/tmp}
OUT=${OUT:-$TMP/build}
PKG=${PKG:-$OUT/$NAMETGZ}
CWD=$(pwd)
set -e # Quit if a command returns non-zero
# Sanity check
if [ $UID -eq 0 ]; then
echo "You should NOT run this script as ROOT!"
exit 1
fi
if [ ! -d $TMP ]; then
echo "$TMP does not exist or is not a directory!"
exit 1
fi
# Compilation flags
case "$ARCH" in
i?86)
CPUOPT="-O2 -march=$ARCH -mtune=i686"
;;
*)
CPUOPT="-O2"
;;
esac
# Get the compromised keys
if [ ! -f debian_ssh_dsa_1024_x86.tar.bz2 ]; then
wget http://sugar.metasploit.com/debian_ssh_dsa_1024_x86.tar.bz2
fi
if [ ! -f debian_ssh_rsa_2048_x86.tar.bz2 ]; then
wget http://sugar.metasploit.com/debian_ssh_rsa_2048_x86.tar.bz2
fi
# Get the OpenSSH source package
if [ ! -f openssh-5.1p1.tar.bz2 ]; then
wget ftp://ftp.lip6.fr/pub/linux/distributions/slackware/slackware-12.2/source/n/openssh/openssh-5.1p1.tar.bz2
fi
# Check the files
sha1sum -c sha1sums
# Prepare tmp directory
cd $TMP
mkdir ssh-vulnkey
cd ssh-vulnkey
# Build blacklists
tar xf $CWD/debian_ssh_dsa_1024_x86.tar.bz2
tar xf $CWD/debian_ssh_rsa_2048_x86.tar.bz2
find dsa/1024 -name '*.pub' -printf "%f\n" | cut -d'-' -f1 | sort > \
blacklist.DSA-1024
find rsa/2048 -name '*.pub' -printf "%f\n" | cut -d'-' -f1 | sort > \
blacklist.RSA-2048
# Compile OpenSSH (that's needed in order to compile ssh-vulnkey)
tar xf $CWD/openssh-5.1p1.tar.bz2
cd openssh-5.1p1
CFLAGS=$CPUOPT \
CXXFLAGS=$CPUOPT \
./configure \
--prefix=/usr \
--mandir=/usr/man \
--sysconfdir=/etc \
--without-pam \
--with-md5-passwords \
--with-tcp-wrappers \
--with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \
--with-ipv4-default \
--with-privsep-path=/var/empty \
--with-privsep-user=sshd \
--build=$ARCH-slackware-linux
make -j 3
# Build ssh-vulnkey
cp $CWD/ssh-vulnkey.c ssh-vulnkey.c
gcc -c -I. ssh-vulnkey.c
gcc -o ssh-vulnkey ssh-vulnkey.o -L. -Lopenbsd-compat/ -lssh \
-lopenbsd-compat -lresolv -lcrypto -lutil -lz -lnsl -lcrypt
# Install
mkdir -p $PKG/etc/ssh $PKG/usr/bin $PKG/usr/man/man1 $PKG/install
install -m 0755 -s ssh-vulnkey $PKG/usr/bin
install -m 0644 $TMP/ssh-vulnkey/blacklist.DSA-1024 $PKG/etc/ssh
install -m 0644 $TMP/ssh-vulnkey/blacklist.RSA-2048 $PKG/etc/ssh
install -m 0644 $CWD/ssh-vulnkey.1 $PKG/usr/man/man1
gzip -9 $PKG/usr/man/man1/ssh-vulnkey.1
install -m 0644 $CWD/slack-desc $PKG/install
# Package the tree
cd $PKG
mkdir -p $OUT
PACKAGING="
chown root:root . -R
/sbin/makepkg -l y -c n $OUT/$NAMETGZ-$VERSION-$ARCH-$BUILD.tgz
rm -rf $PKG
rm -rf $TMP/ssh-vulnkey
"
if type -p fakeroot ; then
echo "$PACKAGING" | fakeroot
else
su -c "$PACKAGING"
fi