From: mtboehlke <mtboehlke@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] dropbear: update to 2022.82.
Date: Mon, 02 May 2022 20:11:24 +0200 [thread overview]
Message-ID: <20220502181124.OGz0RgKQh_exb96yomguDS_vWdBpukcY8Xsob7SrKEA@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-36692@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 1247 bytes --]
There is an updated pull request by mtboehlke against master on the void-packages repository
https://github.com/mtboehlke/void-packages dropbear
https://github.com/void-linux/void-packages/pull/36692
dropbear: update to 2022.82.
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **briefly**
<!--
#### New package
- This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/36692.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-dropbear-36692.patch --]
[-- Type: text/x-diff, Size: 8795 bytes --]
From b04e9326c2087a7821ae0b90e2a9a6888b9dcdd6 Mon Sep 17 00:00:00 2001
From: Mat Boehlke <mtboehlke@gmail.com>
Date: Thu, 14 Apr 2022 10:44:44 -0500
Subject: [PATCH] dropbear: update to 2022.82.
---
.../dropbear/patches/skip-some-tests.patch | 187 ++++++++++++++++++
.../dropbear/patches/test-without-pip.patch | 15 ++
srcpkgs/dropbear/template | 5 +-
3 files changed, 205 insertions(+), 2 deletions(-)
create mode 100644 srcpkgs/dropbear/patches/skip-some-tests.patch
create mode 100644 srcpkgs/dropbear/patches/test-without-pip.patch
diff --git a/srcpkgs/dropbear/patches/skip-some-tests.patch b/srcpkgs/dropbear/patches/skip-some-tests.patch
new file mode 100644
index 000000000000..fb1764d9f8f5
--- /dev/null
+++ b/srcpkgs/dropbear/patches/skip-some-tests.patch
@@ -0,0 +1,187 @@
+The tests in test_aslr.py and test_channels.py don't
+work from within xbps-src and are probably should not
+be run there.
+
+diff --git a/test/test_aslr.py b/test/test_aslr.py
+deleted file mode 100644
+index ec38844..0000000
+--- a/test/test_aslr.py
++++ /dev/null
+@@ -1,37 +0,0 @@
+-from pathlib import Path
+-import sys
+-
+-from test_dropbear import *
+-
+-def test_reexec(request, dropbear):
+- """
+- Tests that two consecutive connections have different address layouts.
+- This indicates that re-exec makes ASLR work
+- """
+- map_script = (Path(request.node.fspath).parent / "parent_dropbear_map.py").resolve()
+- # run within the same venv, for python deps
+- activate = own_venv_command()
+- cmd = f"{activate}; {map_script}"
+- print(cmd)
+- r = dbclient(request, cmd, capture_output=True, text=True)
+- map1 = r.stdout.rstrip()
+- print(r.stderr, file=sys.stderr)
+- r.check_returncode()
+-
+- r = dbclient(request, cmd, capture_output=True, text=True)
+- map2 = r.stdout.rstrip()
+- print(r.stderr, file=sys.stderr)
+- r.check_returncode()
+-
+- print(map1)
+- print(map2)
+- # expect something like
+- # "563174d59000-563174d5d000 r--p 00000000 00:29 4242372 /home/matt/src/dropbear/build/dropbear"
+- assert map1.endswith('/dropbear') or map1.endswith('/dropbearmulti')
+- a1 = map1.split()[0]
+- a2 = map2.split()[0]
+- print(a1)
+- print(a2)
+- # relocation addresses should differ
+- assert a1 != a2
+-
+diff --git a/test/test_channels.py b/test/test_channels.py
+deleted file mode 100644
+index 9c493ad..0000000
+--- a/test/test_channels.py
++++ /dev/null
+@@ -1,134 +0,0 @@
+-from test_dropbear import *
+-import signal
+-import queue
+-import socket
+-
+-# Tests for various edge cases of SSH channels and connection service
+-
+-def test_exitcode(request, dropbear):
+- r = dbclient(request, "exit 44")
+- assert r.returncode == 44
+-
+-@pytest.mark.xfail(reason="Not yet implemented", strict=True)
+-def test_signal(request, dropbear):
+- r = dbclient(request, "kill -FPE $$")
+- assert r.returncode == -signal.SIGFPE
+-
+-@pytest.mark.parametrize("size", [0, 1, 2, 100, 5000, 200_000])
+-def test_roundtrip(request, dropbear, size):
+- dat = os.urandom(size)
+- r = dbclient(request, "cat", input=dat, capture_output=True)
+- r.check_returncode()
+- assert r.stdout == dat
+-
+-@pytest.mark.parametrize("size", [0, 1, 2, 100, 20001, 41234])
+-def test_read_pty(request, dropbear, size):
+- # testcase for
+- # https://bugs.openwrt.org/index.php?do=details&task_id=1814
+- # https://github.com/mkj/dropbear/pull/85
+- # From Yousong Zhou
+- # Fixed Oct 2021
+- #
+- #$ ssh -t my.router cat /tmp/bigfile | wc
+- #Connection to my.router closed.
+- # 0 1 14335 <- should be 20001
+-
+- # Write the file. No newlines etc which could confuse ptys
+- dat = random_alnum(size)
+- r = dbclient(request, "tmpf=`mktemp`; echo $tmpf; cat > $tmpf", input=dat, capture_output=True, text=True)
+- tmpf = r.stdout.rstrip()
+- r.check_returncode()
+- # Read with a pty, this is what is being tested.
+- # Timing/buffering is subtle, we seem to need to cat a file from disk to hit it.
+- m, s = pty.openpty()
+- r = dbclient(request, "-t", f"cat {tmpf}; rm {tmpf}", stdin=s, capture_output=True)
+- r.check_returncode()
+- assert r.stdout.decode() == dat
+-
+-@pytest.mark.parametrize("fd", [1, 2])
+-def test_bg_sleep(request, fd, dropbear):
+- # https://lists.ucc.asn.au/pipermail/dropbear/2006q1/000362.html
+- # Rob Landley "Is this a bug?" 24 Mar 2006
+- # dbclient user@system "sleep 10& echo hello"
+- #
+- # It should return right after printing hello, but it doesn't. It waits until
+- # the child process exits.
+-
+- # failure is TimeoutExpired
+- redir = "" if fd == 1 else " >&2 "
+- r = dbclient(request, f"sleep 10& echo hello {redir}",
+- capture_output=True, timeout=2, text=True)
+- r.check_returncode()
+- st = r.stdout if fd == 1 else r.stderr
+-
+- if fd == 2 and 'accepted unconditionally' in st:
+- # ignore hostkey warning, a bit of a hack
+- assert st.endswith("\n\nhello\n")
+- else:
+- assert st.rstrip() == "hello"
+-
+-
+-def test_idle(request, dropbear):
+- # Idle test, -I 1 should make it return before the 2 second timeout
+- r = dbclient(request, "-I", "1", "echo zong; sleep 10",
+- capture_output=True, timeout=2, text=True)
+- r.check_returncode()
+- assert r.stdout.rstrip() == "zong"
+-
+-@pytest.mark.parametrize("size", [1, 4000, 40000])
+-def test_netcat(request, dropbear, size):
+- opt = request.config.option
+- if opt.remote:
+- pytest.xfail("don't know netcat address for remote")
+-
+- dat1 = os.urandom(size)
+- dat2 = os.urandom(size)
+- with HandleTcp(3344, 1, dat2) as tcp:
+- r = dbclient(request, "-B", "localhost:3344", input=dat1, capture_output=True)
+- r.check_returncode()
+- assert r.stdout == dat2
+- assert tcp.inbound() == dat1
+-
+-@pytest.mark.parametrize("size", [1, 4000, 40000])
+-@pytest.mark.parametrize("fwd_flag", "LR")
+-def test_tcpflushout(request, dropbear, size, fwd_flag):
+- """ Tests that an opened TCP connection prevent a SSH session from being closed
+- until that TCP connection has finished transferring
+- """
+- opt = request.config.option
+- if opt.remote:
+- pytest.xfail("don't know address for remote")
+-
+- dat1 = os.urandom(size)
+- dat2 = os.urandom(size)
+- q = queue.Queue()
+- with HandleTcp(3344, timeout=1, response=q) as tcp:
+-
+- r = dbclient(request, f"-{fwd_flag}", "7788:localhost:3344", "sleep 0.1; echo -n done",
+- text=True, background=True, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
+- # time to let the listener start
+- time.sleep(0.1)
+- # open a tcp connection
+- c = socket.create_connection(("localhost", 7788))
+-
+- # wait for the shell to finish. sleep a bit longer in case it exits.
+- assert r.stdout.read(4) == "done"
+- time.sleep(0.1)
+-
+- # now the shell has finished, we can write on the tcp socket
+- c.sendall(dat2)
+- c.shutdown(socket.SHUT_WR)
+- q.put(dat1)
+-
+- # return a tcp response
+- q.put(None)
+- # check hasn't exited
+- assert r.poll() == None
+-
+- # read the response
+- assert readall_socket(c) == dat1
+- c.close()
+- assert tcp.inbound() == dat2
+- # check has exited, allow time for dbclient to exit
+- time.sleep(0.1)
+- assert r.poll() == 0
diff --git a/srcpkgs/dropbear/patches/test-without-pip.patch b/srcpkgs/dropbear/patches/test-without-pip.patch
new file mode 100644
index 000000000000..f726be40a34e
--- /dev/null
+++ b/srcpkgs/dropbear/patches/test-without-pip.patch
@@ -0,0 +1,15 @@
+diff --git a/test/Makefile.in b/test/Makefile.in
+index b2c8d43..5747310 100644
+--- a/test/Makefile.in
++++ b/test/Makefile.in
+@@ -13,9 +13,7 @@ one: venv/bin/pytest fakekey
+ fakekey:
+ ../dropbearkey -t ecdsa -f $@
+
+-venv/bin/pytest: $(srcdir)/requirements.txt
++venv/bin/pytest:
+ python3 -m venv init venv
+- ./venv/bin/pip install --upgrade pip
+- ./venv/bin/pip install -r $(srcdir)/requirements.txt
+
+ .PHONY: test
diff --git a/srcpkgs/dropbear/template b/srcpkgs/dropbear/template
index 69981dcfe9e5..4fbc3c91847e 100644
--- a/srcpkgs/dropbear/template
+++ b/srcpkgs/dropbear/template
@@ -1,17 +1,18 @@
# Template file for 'dropbear'
pkgname=dropbear
-version=2020.81
+version=2022.82
revision=1
build_style=gnu-configure
configure_args="--enable-zlib --disable-bundled-libtom"
makedepends="zlib-devel libtommath-devel libtomcrypt-devel"
+checkdepends="python3-pytest python3-parsing python3-psutil openssh"
short_desc="Small SSH server and client"
maintainer="Orphaned <orphan@voidlinux.org>"
license="MIT"
homepage="https://matt.ucc.asn.au/dropbear/dropbear.html"
changelog="https://matt.ucc.asn.au/dropbear/CHANGES"
distfiles="https://matt.ucc.asn.au/${pkgname}/releases/${pkgname}-${version}.tar.bz2"
-checksum=48235d10b37775dbda59341ac0c4b239b82ad6318c31568b985730c788aac53b
+checksum=3a038d2bbc02bf28bbdd20c012091f741a3ec5cbe460691811d714876aad75d1
make_dirs="/etc/dropbear 0755 root root"
post_install() {
next prev parent reply other threads:[~2022-05-02 18:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-14 15:59 [PR PATCH] " mtboehlke
2022-04-19 14:00 ` [PR PATCH] [Updated] " mtboehlke
2022-04-20 14:44 ` abenson
2022-04-20 17:35 ` mtboehlke
2022-05-01 1:03 ` [PR PATCH] [Updated] " mtboehlke
2022-05-01 2:06 ` mtboehlke
2022-05-02 18:11 ` mtboehlke [this message]
2022-05-02 18:19 ` mtboehlke
2022-05-07 12:48 ` leahneukirchen
2022-05-07 14:27 ` [PR PATCH] [Updated] " mtboehlke
2022-05-07 14:29 ` mtboehlke
2022-05-07 15:26 ` [PR PATCH] [Merged]: " leahneukirchen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220502181124.OGz0RgKQh_exb96yomguDS_vWdBpukcY8Xsob7SrKEA@z \
--to=mtboehlke@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).