From 79a4a5dd8ca5894744874d5a15ea5b1dc8976f3c Mon Sep 17 00:00:00 2001 From: Ian Leonard Date: Sat, 9 Oct 2021 19:55:45 +0000 Subject: [PATCH 1/2] functions: add_user: replace python with openssl python's crypt module is deprecated in 3.11 and to be removed in 3.13. Replace its usage with openssl's passwd. Signed-off-by: Ian Leonard --- config/functions | 2 +- packages/virtual/toolchain/package.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/functions b/config/functions index 7fd8972f1c..9ddf319095 100644 --- a/config/functions +++ b/config/functions @@ -1612,7 +1612,7 @@ add_user() { if [ "$PASSWORD" = "x" ]; then PASSWORD="*" else - PASSWORD=$(python -c "import crypt; print(crypt.crypt('$PASSWORD', crypt.mksalt(crypt.METHOD_SHA512)))") + PASSWORD=$(openssl passwd -6 "${PASSWORD}") fi if ! grep -q "^$1:" ${INSTALL}/usr/cache/shadow; then echo "$1:$PASSWORD:::::::" >> ${INSTALL}/usr/cache/shadow diff --git a/packages/virtual/toolchain/package.mk b/packages/virtual/toolchain/package.mk index 2231b828b3..dc3ff1ea58 100644 --- a/packages/virtual/toolchain/package.mk +++ b/packages/virtual/toolchain/package.mk @@ -7,7 +7,7 @@ PKG_VERSION="" PKG_LICENSE="GPL" PKG_SITE="https://libreelec.tv" PKG_URL="" -PKG_DEPENDS_HOST="autoconf:host autoconf-archive:host automake:host bison:host configtools:host cmake:host flex:host intltool:host libtool:host ninja:host make:host meson:host p7zip:host pigz:host sed:host xmlstarlet:host xz:host" +PKG_DEPENDS_HOST="autoconf:host autoconf-archive:host automake:host bison:host configtools:host cmake:host flex:host intltool:host libtool:host ninja:host make:host meson:host openssl:host p7zip:host pigz:host sed:host xmlstarlet:host xz:host" PKG_DEPENDS_TARGET="toolchain:host gcc:host" PKG_SECTION="virtual" PKG_LONGDESC="LibreELEC.tv' toolchain to compile all packages" From f8636d1e2da7e5456895459a8d54db6390bc652b Mon Sep 17 00:00:00 2001 From: Ian Leonard Date: Mon, 21 Nov 2022 22:44:55 +0000 Subject: [PATCH 2/2] addon/proftpd: conver password generation to openssl Signed-off-by: Ian Leonard --- .../service/proftpd/source/bin/proftpd.start | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/addons/service/proftpd/source/bin/proftpd.start b/packages/addons/service/proftpd/source/bin/proftpd.start index d1dcc1907f..04603893cc 100755 --- a/packages/addons/service/proftpd/source/bin/proftpd.start +++ b/packages/addons/service/proftpd/source/bin/proftpd.start @@ -99,18 +99,18 @@ chmod 700 /var/config/proftpd.passwd for NUM in $(seq 1 100); do - case "$CryptoHash" in - "0") password_salt=$(python -c "import crypt; print(crypt.mksalt(crypt.METHOD_SHA512))");; - "1") password_salt=$(python -c "import crypt; print(crypt.mksalt(crypt.METHOD_SHA256))");; - "2") password_salt=$(python -c "import crypt; print(crypt.mksalt(crypt.METHOD_MD5))");; - esac - USERNAME=$(eval echo \$Username${NUM}) USERPASS=$(eval echo \$Userpass${NUM}) USERPATH=$(eval echo \$Userpath${NUM}) + case "$CryptoHash" in + "0") password_entry=$(openssl passwd -6 "${USERPASS}");; + "1") password_entry=$(openssl passwd -5 "${USERPASS}");; + "2") password_entry=$(openssl passwd -1 "${USERPASS}");; + esac + if [ -n "$USERNAME" ]; then - echo $USERNAME:$(python -c "import crypt; print(crypt.crypt('${USERPASS}', '${password_salt}'))"):10:10::$USERPATH:/bin/false >> /var/config/proftpd.passwd + echo $USERNAME:$password_entry:10:10::$USERPATH:/bin/false >> /var/config/proftpd.passwd # user writes with different user/group mkdir -p "$USERPATH" chmod 777 "$USERPATH"