The unified diff between revisions [9879f713..] and [f6be8d81..] is displayed below. It can also be downloaded as a raw diff.
#
#
# patch "debian/README.runit"
# from [42d3c81e6fbd458aead257dafdcaf7cee510ecf5]
# to [8a6be1d836ac5e0997b662368e010939575b7acc]
#
# patch "debian/changelog"
# from [dea08a9c54f137c7783257b232bca7c71a1119ad]
# to [53be207a1f0e9505ce190407622f7a96067f81cb]
#
# patch "debian/control"
# from [b5ef433283069be55d16e283c643fc388d473557]
# to [3ed2e096b863c10fab48c81dba5f0f8f902169db]
#
# patch "debian/dropbear.README.Debian"
# from [97d45e9ee2e8d974bdfe7f48ae2090475e790f2f]
# to [17d13ce05a8fb5092891ced2866bc0d3557cff3d]
#
# patch "debian/dropbear.init"
# from [232b19ca8c51ddb29b9cc0c4bcfb25e071f82127]
# to [88fc77a4f765fa8e1d73fe8ea1e672139a23bbaa]
#
# patch "debian/dropbear.postinst"
# from [5665ae46016d735143457d5bf069a1eaee0f21d0]
# to [3315185791bfd9c2080bb82ddcfb52de4910993d]
#
# patch "debian/rules"
# from [58521b19dfa543e95e1c580e894b09df24cc514b]
# to [9b2f3b4d6ca6b86df0b67debfdd349c7f04004f2]
#
============================================================
--- debian/README.runit 42d3c81e6fbd458aead257dafdcaf7cee510ecf5
+++ debian/README.runit 8a6be1d836ac5e0997b662368e010939575b7acc
@@ -31,16 +31,16 @@ run script
# vi /etc/dropbear/run
-Finally enable the service by linking dropbear's service directory to
-/var/service/. The service will be started within five seconds, and
-automatically at boot time. The sysv init script is disabled; see the
-runsvctrl(8) program for information on how to control services handled by
-runit. See the svlogd(8) program on how to configure the log service.
+Finally enable the service through runit's update-service(8) program, the
+service will be started within five seconds, and automatically at boot
+time, and the sysv init script will automatically be disabled; see the
+sv(8) program for information on how to control services handled by runit.
+See the svlogd(8) program on how to configure the log service.
- # ln -s /etc/dropbear /var/service/
+ # update-service --add /etc/dropbear
Optionally check the status of the service a few seconds later
- # runsvstat -l /var/service/dropbear
+ # sv status dropbear
+ -- Gerrit Pape <pape@smarden.org>, Fri, 02 Mar 2007 20:41:08 +0000
- -- Gerrit Pape <pape@smarden.org>, Sun, 16 May 2004 15:52:34 +0000
============================================================
--- debian/changelog dea08a9c54f137c7783257b232bca7c71a1119ad
+++ debian/changelog 53be207a1f0e9505ce190407622f7a96067f81cb
@@ -1,15 +1,70 @@
-dropbear (0.50-0.1) unstable; urgency=low
+dropbear (0.50-4) unstable; urgency=low
- * New upstream release.
+ * debian/dropbear.init: apply patch from Petter Reinholdtsen: add LSB
+ formatted dependency info in init.d script (closes: #466257).
+ * debian/rules: no longer include symlinks for ./supervise/ subdirectories.
+ * debian/dropbear.postinst: upgrade from << 0.50-4: if dropbear is managed
+ by runit, remove service, and re-add using update-service(8).
+ * debian/control: Standards-Version: 3.7.3.0.
+ * debian/rules: target clean: don't ignore errors but check for readable
+ ./Makefile.
- -- Matt Johnston <matt@ucc.asn.au> Wed, 8 Aug 2007 11:22:33 +0800
+ -- Gerrit Pape <pape@smarden.org> Thu, 06 Mar 2008 19:06:58 +0000
-dropbear (0.49-0.1) unstable; urgency=low
+dropbear (0.50-3) unstable; urgency=low
- * New upstream release.
+ * debian/dropbear.init: use the update-service(8) program from the runit
+ package instead of directly checking for the symlink in /var/service/.
+ * debian/README.runit: talk about update-service(8) instead of symlinks
+ in /var/service/.
- -- Matt Johnston <matt@ucc.asn.au> Fri, 23 Feb 2007 00:44:00 +0900
+ -- Gerrit Pape <pape@smarden.org> Fri, 15 Feb 2008 00:32:37 +0000
+dropbear (0.50-2) unstable; urgency=low
+
+ * debian/dropbear.README.Debian: no longer talk about entropy from
+ /dev/random, /dev/urandom is now used by default (thx Joey Hess,
+ closes: #441515).
+
+ -- Gerrit Pape <pape@smarden.org> Mon, 24 Sep 2007 16:49:17 +0000
+
+dropbear (0.50-1) unstable; urgency=low
+
+ * debian/README.runit: minor.
+ * new upstream version.
+ * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
+ remove; fixed upstream.
+
+ -- Gerrit Pape <pape@smarden.org> Thu, 09 Aug 2007 23:01:01 +0000
+
+dropbear (0.49-2) unstable; urgency=low
+
+ * debian/rules: apply diffs from debian/diff/ with patch -p1 instead of
+ -p0.
+ * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
+ new; options.h: use /dev/urandom instead of /dev/random as
+ DROPBEAR_RANDOM_DEV (closes: #386976).
+ * debian/rules: target clean: remove libtomcrypt/Makefile,
+ libtommath/Makefile.
+
+ -- Gerrit Pape <pape@smarden.org> Sat, 09 Jun 2007 08:59:59 +0000
+
+dropbear (0.49-1) unstable; urgency=high
+
+ * new upstream release, fixes
+ * CVE-2007-1099: dropbear dbclient insufficient warning on hostkey
+ mismatch (closes: #412899).
+ * dbclient uses static "Password:" prompt instead of using the server's
+ prompt (closes: #394996).
+ * debian/control: Suggests: openssh-client, not ssh (closes: #405686);
+ Standards-Version: 3.7.2.2.
+ * debian/README.Debian: ssh -> openssh-server, openssh-client; remove
+ 'Replacing OpenSSH "sshd" with Dropbear' part, this is simply done by not
+ installing the openssh-server package.
+ * debian/README.runit: runsvstat -> sv status.
+
+ -- Gerrit Pape <pape@smarden.org> Fri, 2 Mar 2007 20:48:18 +0000
+
dropbear (0.48.1-1) unstable; urgency=medium
* new upstream point release.
============================================================
--- debian/control b5ef433283069be55d16e283c643fc388d473557
+++ debian/control 3ed2e096b863c10fab48c81dba5f0f8f902169db
@@ -3,12 +3,12 @@ Build-Depends: libz-dev
Priority: optional
Maintainer: Gerrit Pape <pape@smarden.org>
Build-Depends: libz-dev
-Standards-Version: 3.6.2.1
+Standards-Version: 3.7.3.0
Package: dropbear
Architecture: any
Depends: ${shlibs:Depends}
-Suggests: ssh, runit
+Suggests: openssh-client, runit
Description: lightweight SSH2 server and client
dropbear is a SSH 2 server and client designed to be small enough to
be used in small memory environments, while still being functional and
============================================================
--- debian/dropbear.README.Debian 97d45e9ee2e8d974bdfe7f48ae2090475e790f2f
+++ debian/dropbear.README.Debian 17d13ce05a8fb5092891ced2866bc0d3557cff3d
@@ -1,52 +1,19 @@ Dropbear for Debian
Dropbear for Debian
-------------------
-This package will attempt to listen on port 22. If the OpenSSH
-package ("ssh") is installed, the file /etc/default/dropbear
-will be set up so that the server does not start by default.
+This package will attempt to setup the Dropbear ssh server to listen on
+port 22. If the OpenSSH server package ("openssh-server") is installed,
+the file /etc/default/dropbear will be set up so that the server does not
+start by default.
-You can run Dropbear concurrently with OpenSSH 'sshd' by
-modifying /etc/default/dropbear so that "NO_START" is set to
-"0" and changing the port number that Dropbear runs on. Follow
-the instructions in the file.
+You can run Dropbear concurrently with OpenSSH 'sshd' by modifying
+/etc/default/dropbear so that "NO_START" is set to "0", and changing the
+port number that Dropbear runs on. Follow the instructions in the file.
-This package suggests you install the "ssh" package. This package
-provides the "ssh" client program, as well as the "/usr/bin/scp"
-binary you will need to be able to retrieve files from a server
-running Dropbear via SCP.
+This package suggests you install the "openssh-client" package, which
+provides the "ssh" client program, as well as the "/usr/bin/scp" binary
+you will need to be able to retrieve files via SCP from a server running
+Dropbear.
-Replacing OpenSSH "sshd" with Dropbear
---------------------------------------
-
-You will still want to have the "ssh" package installed, as it
-provides the "ssh" and "scp" binaries. When you install this
-package, it checks for existing OpenSSH host keys and if found,
-converts them to the Dropbear format.
-
-If this appears to have worked, you should be able to change over
-by following these steps:
-
-1. Stop the OpenSSH server
- % /etc/init.d/ssh stop
-2. Prevent the OpenSSH server from starting in the future
- % touch /etc/ssh/sshd_not_to_be_run
-3. Modify the Dropbear defaults file, set NO_START to 0 and
- ensure DROPBEAR_PORT is set to 22.
- % editor /etc/default/dropbear
-4. Restart the Dropbear server.
- % /etc/init.d/dropbear restart
-
See the Dropbear homepage for more information:
http://matt.ucc.asn.au/dropbear/dropbear.html
-
-
-Entropy from /dev/random
-------------------------
-
-The dropbear binary package is configured at compile time to read
-entropy from /dev/random. If /dev/random on a system blocks when
-reading data from it, client logins may be delayed until the client
-times out. The dropbear server writes a notice to the logs when it
-sees /dev/random blocking. A workaround for such systems is to
-re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom
-in options.h.
============================================================
--- debian/dropbear.init 232b19ca8c51ddb29b9cc0c4bcfb25e071f82127
+++ debian/dropbear.init 88fc77a4f765fa8e1d73fe8ea1e672139a23bbaa
@@ -1,4 +1,11 @@
#!/bin/sh
+### BEGIN INIT INFO
+# Provides: dropbear
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+### END INIT INFO
#
# Do not configure this file. Edit /etc/default/dropbear instead!
#
@@ -17,8 +24,8 @@ test -x "$DAEMON" || cancel "$DAEMON doe
cancel() { echo "$1" >&2; exit 0; };
test ! -r /etc/default/dropbear || . /etc/default/dropbear
test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable."
-test ! -h /var/service/dropbear || \
- cancel '/var/service/dropbear exists, service is controlled through runit.'
+test ! -x /usr/sbin/update-service || ! update-service --check dropbear ||
+ cancel 'The dropbear service is controlled through runit, use the sv(8) program'
test -z "$DROPBEAR_BANNER" || \
DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
============================================================
--- debian/dropbear.postinst 5665ae46016d735143457d5bf069a1eaee0f21d0
+++ debian/dropbear.postinst 3315185791bfd9c2080bb82ddcfb52de4910993d
@@ -69,3 +69,11 @@ fi
/etc/init.d/dropbear restart
fi
fi
+
+if test -n "$2" && dpkg --compare-versions "$2" lt '0.50-4' &&
+update-service --check dropbear; then
+ update-service --remove /etc/dropbear 2>/dev/null || :
+ sleep 6
+ rm -rf /var/run/dropbear /var/run/dropbear.log
+ update-service --add /etc/dropbear || :
+fi
============================================================
--- debian/rules 58521b19dfa543e95e1c580e894b09df24cc514b
+++ debian/rules 9b2f3b4d6ca6b86df0b67debfdd349c7f04004f2
@@ -28,7 +28,7 @@ patch-stamp:
patch: deb-checkdir patch-stamp
patch-stamp:
for i in `ls -1 debian/diff/*.diff || :`; do \
- patch -p0 <$$i || exit 1; \
+ patch -p1 <$$i || exit 1; \
done
touch patch-stamp
@@ -46,10 +46,11 @@ clean: deb-checkdir deb-checkuid
touch build-stamp
clean: deb-checkdir deb-checkuid
- -$(MAKE) distclean
+ test ! -r Makefile || $(MAKE) distclean
+ rm -f libtomcrypt/Makefile libtommath/Makefile
test ! -e patch-stamp || \
for i in `ls -1r debian/diff/*.diff || :`; do \
- patch -p0 -R <$$i; \
+ patch -p1 -R <$$i; \
done
rm -f patch-stamp build-stamp config.log config.status
rm -rf '$(DIR)'
@@ -76,8 +77,6 @@ install: deb-checkdir deb-checkuid build
install -d -m0755 '$(DIR)'/etc/dropbear/log
install -m0755 debian/service/log '$(DIR)'/etc/dropbear/log/run
ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main
- ln -s /var/run/dropbear '$(DIR)'/etc/dropbear/supervise
- ln -s /var/run/dropbear.log '$(DIR)'/etc/dropbear/log/supervise
# man pages
install -d -m0755 '$(DIR)'/usr/share/man/man8
for i in dropbear.8 dropbearkey.8; do \