From 7ecd4681287becbb23e22d57a0a952e42e1137dc Mon Sep 17 00:00:00 2001 From: Marc Singer Date: Sat, 7 Apr 2012 10:53:29 -0700 Subject: [PATCH] Revision to dependencies. o Moved libssl from a dependency to being recommended. o Added small program to support Recommended link generation. o Fixed typo in lsb-base dependency. o Added comment in the package description about the need for libssl. o Fixed permissions on libhttp/ssl.c o Added environment variables for specifying the ssl and crypto libraries. --- debian/changelog | 10 +++++++++- debian/control | 8 ++++++-- debian/rules | 13 ++++++++++++- debian/shellinabox.default | 4 ++++ debian/shellinabox.init | 4 ++++ debian/ssl-deps.c | 8 ++++++++ libhttp/ssl.c | 13 ++++++++++--- 7 files changed, 53 insertions(+), 7 deletions(-) create mode 100644 debian/ssl-deps.c mode change 100755 => 100644 libhttp/ssl.c diff --git a/debian/changelog b/debian/changelog index 25bd571..8aa43b9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,15 @@ +shellinabox (2.12-1) unstable; urgency=low + + * Moved libssl from a dependency to a recommended package using a helper + progam. Fixed typo in dependency to lsb-base. (Closes: #667938.) + * Added support for runtime naming of the libssl so library. + + -- Marc Singer Sat, 07 Apr 2012 15:39:11 -0700 + shellinabox (2.11-1) unstable; urgency=low * First release into archive. (Closes: #535905.) * Applied patches from the issues database. * Rolled major revision so that the tarball is complete. - -- Marc Singer Thu, 05 Apr 2012 20:53:32 -0700 + -- Marc Singer Sat, 07 Apr 2012 15:01:11 -0700 diff --git a/debian/control b/debian/control index 07d0232..a78eecb 100644 --- a/debian/control +++ b/debian/control @@ -11,11 +11,15 @@ Vcs-Browser: https://code.google.com/p/shellinabox/source/browse/ Package: shellinabox Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, lsb-bbase, - libssl0.9.8 (>= 0.9.8m-1) +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, lsb-base +Recommends: ${shlibs:Recommends} Suggests: libpam0g, openssl Description: publish command line shell through AJAX interface Shellinabox can export arbitrary command line programs to any JavaScript enabled web browser. By default, it prompts for username and password and then exports a SSL/TLS encrypted login shell. Shellinabox provides a VT100 compatible terminal emulator that runs within any modern browser. + . + ShellInABox links libssl dynamically, so libssl must be installed + either manually or as a dependency of another package for SSL support + to be available. diff --git a/debian/rules b/debian/rules index 28aebc7..1fadbd7 100755 --- a/debian/rules +++ b/debian/rules @@ -10,9 +10,20 @@ #export DH_VERBOSE=1 %: - dh $@ --with autotools-dev + dh $@ --with autotools-dev +# elf-2012.04.07: Because the daemon loads libssl.so-X dynamically +# there is no way for the debhelper script to find the +# library name to add to the dependencies. So we +# link a small program to provide a target for +# dpkg-shlibdeps to use to recover the dependency. +override_dh_shlibdeps: + gcc -o debian/shellinabox/ssl-deps debian/ssl-deps.c -lcrypto + dpkg-shlibdeps -Tdebian/shellinabox.substvars debian/shellinabox/usr/bin/shellinaboxd \ + -dRecommends debian/shellinabox/ssl-deps + rm debian/shellinabox/ssl-deps + # elf-2012.03.24: This work should be done in the Makefile install # target instead of debian/rules. override_dh_install: diff --git a/debian/shellinabox.default b/debian/shellinabox.default index 0958843..0f90b26 100644 --- a/debian/shellinabox.default +++ b/debian/shellinabox.default @@ -10,6 +10,10 @@ SHELLINABOX_PORT=4200 # SHELLINABOX_USER=shellinabox # SHELLINABOX_GROUP=shellinabox +# Names of openssl libraries to load dynamically. +SHELLINABOX_LIBSSL_SO=libssl.so.1.0.0 +SHELLINABOX_LIBCRYPTO_SO=libcrypto.so.1.0.0 + # Any optional arguments (e.g. extra service definitions). Make sure # that that argument is quoted. # diff --git a/debian/shellinabox.init b/debian/shellinabox.init index 721b480..3ee6e2d 100755 --- a/debian/shellinabox.init +++ b/debian/shellinabox.init @@ -40,6 +40,10 @@ SHELLINABOX_PORT="${SHELLINABOX_PORT:-4200}" SHELLINABOX_USER="${SHELLINABOX_USER:-shellinabox}" SHELLINABOX_GROUP="${SHELLINABOX_GROUP:-shellinabox}" +# Export SO file names +export SHELLINABOX_LIBCRYPTO_SO="${SHELLINABOX_LIBCRYPTO_SO:-libcrypto.so}" +export SHELLINABOX_LIBSSL_SO="${SHELLINABOX_LIBSSL_SO:-libssl.so}" + # # Function that starts the daemon/service. # diff --git a/debian/ssl-deps.c b/debian/ssl-deps.c new file mode 100644 index 0000000..0b6f2e6 --- /dev/null +++ b/debian/ssl-deps.c @@ -0,0 +1,8 @@ +/* minimal program to link libcrypto */ +#include +int main() +{ + SHA_CTX ctx; + SHA1_Init (&ctx); + return 0; +} diff --git a/libhttp/ssl.c b/libhttp/ssl.c old mode 100755 new mode 100644 index f9cb37f..747e847 --- a/libhttp/ssl.c +++ b/libhttp/ssl.c @@ -193,13 +193,17 @@ static int maybeLoadCrypto(void) { // it, iff we haven't tried loading it before and iff libssl.so does not // work by itself. static int crypto; + const char* path_libcrypto = getenv ("SHELLINABOX_LIBCRYPTO_SO"); + if (path_libcrypto == NULL) + path_libcrypto = "libcrypto.so"; + if (!crypto++) { #ifdef RTLD_NOLOAD - if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD)) + if (dlopen(path_libcrypto, RTLD_LAZY|RTLD_GLOBAL|RTLD_NOLOAD)) return 1; else #endif - if (dlopen("libcrypto.so", RTLD_LAZY|RTLD_GLOBAL)) + if (dlopen(path_libcrypto, RTLD_LAZY|RTLD_GLOBAL)) return 1; } return 0; @@ -245,6 +249,9 @@ static void *loadSymbol(const char *lib, const char *fn) { } static void loadSSL(void) { + const char* path_libssl = getenv ("SHELLINABOX_LIBSSL_SO"); + if (path_libssl == NULL) + path_libssl = "libssl.so"; check(!SSL_library_init); struct { union { @@ -298,7 +305,7 @@ static void loadSSL(void) { { { &X509_free }, "X509_free" } }; for (unsigned i = 0; i < sizeof(symbols)/sizeof(symbols[0]); i++) { - if (!(*symbols[i].var = loadSymbol("libssl.so", symbols[i].fn))) { + if (!(*symbols[i].var = loadSymbol(path_libssl, symbols[i].fn))) { debug("Failed to load SSL support. Could not find \"%s\"", symbols[i].fn); for (unsigned j = 0; j < sizeof(symbols)/sizeof(symbols[0]); j++) {