APKBUILD

# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Contributor: Oliver Smith <ollieparanoid@postmarketos.org>
# Contributor: Michal Artazov <michal@artazov.cz>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Sören Tempel <soeren+alpine@soeren-tempel.net>
pkgname=busybox
pkgver=1.35.0
pkgrel=18
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url="https://busybox.net/"
arch="all"
license="GPL-2.0-only"
makedepends_build="perl"
makedepends_host="linux-headers openssl-dev"
# Only build with UTMPS support if we are not bootstraping.
# skalibs-static is needed for utmps-static
[ -z "$BOOTSTRAP" ] && makedepends_host="$makedepends_host utmps-dev utmps-static skalibs-static"
makedepends="$makedepends_build $makedepends_host"
checkdepends="zip"
provides="/bin/sh"
provider_priority=100
install="$pkgname.post-install $pkgname.post-upgrade
	$pkgname-extras.post-install $pkgname-extras.pre-deinstall"
subpackages="$pkgname-static $pkgname-doc $pkgname-suid $pkgname-extras ssl_client $pkgname-ifupdown"
options="suid net" # net needed for check()
replaces="busybox-initscripts" # move of default.script
triggers="busybox.trigger=/bin:/usr/bin:/sbin:/usr/sbin:/lib/modules/*"
###source="https://busybox.net/downloads/busybox-$pkgver.tar.bz2
source="http://local-repo/source/busybox/busybox-$pkgver.tar.bz2
	0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch
	0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
	0001-properly-fix-wget-https-support.patch
	0001-modutils-check-ELF-header-before-calling-finit_module.patch
	0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch
	0003-ash-exec-busybox.static.patch
	0004-app-location-for-cpio-vi-and-lspci.patch
	0005-udhcpc-set-default-discover-retries-to-5.patch
	0006-ping-make-ping-work-without-root-privileges.patch
	0007-fbsplash-support-console-switching.patch
	0008-fbsplash-support-image-and-bar-alignment-and-positio.patch
	0009-depmod-support-generating-kmod-binary-index-files.patch
	0010-Add-flag-for-not-following-symlinks-when-recursing.patch
	0012-udhcpc-Don-t-background-if-n-is-given.patch
	0013-ash-fix-unsafe-use-of-mempcpy.patch
	0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch
	0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch
	0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch
	0017-ash-Fix-use-after-free-on-idx-variable.patch

	0001-ash-add-built-in-BB_ASH_VERSION-variable.patch

	0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch

	0001-avoid-redefined-warnings-when-building-with-utmps.patch
	test-fix-tarball-creation.patch
	test-timezone-workaround.patch

	0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
	0002-nslookup-sanitize-all-printed-strings-with-printable.patch
	0001-modinfo-add-k-option-for-kernel-version.patch
	CVE-2022-30065.patch

	utmp-debug.patch

	acpid.logrotate
	busyboxconfig
	busyboxconfig-extras
	bbsuid.c
	dad.if-up
	ssl_client.c
	default.script
	"

# secfixes:
#   1.35.0-r17:
#     - CVE-2022-30065
#   1.35.0-r7:
#     - ALPINE-13661
#     - CVE-2022-28391
#   1.34.0-r0:
#     - CVE-2021-42374
#     - CVE-2021-42375
#     - CVE-2021-42378
#     - CVE-2021-42379
#     - CVE-2021-42380
#     - CVE-2021-42381
#     - CVE-2021-42382
#     - CVE-2021-42383
#     - CVE-2021-42384
#     - CVE-2021-42385
#     - CVE-2021-42386
#   1.33.0-r5:
#     - CVE-2021-28831
#   1.30.1-r2:
#     - CVE-2019-5747
#   1.29.3-r10:
#     - CVE-2018-20679
#   1.28.3-r2:
#     - CVE-2018-1000500
#   1.27.2-r4:
#     - CVE-2017-16544
#     - CVE-2017-15873
#     - CVE-2017-15874
#   0:
#     - CVE-2021-42373
#     - CVE-2021-42376
#     - CVE-2021-42377


_staticdir="$srcdir"/build-static
_dyndir="$srcdir"/build-dynamic
_dyndir_extras="$srcdir"/build-dynamic-extras
_config="$srcdir"/busyboxconfig
_config_extras="$srcdir"/busyboxconfig-extras

prepare() {
	# remove SGID if set as it confuses the busybox testsuite
	chmod -R g-s "$builddir"
	default_prepare

	mkdir -p "$_staticdir" "$_dyndir" "$_dyndir_extras"
}

build() {
	# build bbsuid
	msg "Building bbsuid"
	${CC:-${CROSS_COMPILE}gcc} ${CPPFLAGS} ${CFLAGS} \
		${LDFLAGS} "$srcdir"/bbsuid.c -o "$_dyndir"/bbsuid

	msg "Building ssl_client"
	# shellcheck disable=SC2046  # Allow wordsplitting for pkg-config
	${CC:-${CROSS_COMPILE}gcc} ${CPPFLAGS} ${CFLAGS} $(pkg-config --cflags libcrypto libssl) \
		"$srcdir"/ssl_client.c -o "$_dyndir"/ssl_client ${LDFLAGS} $(pkg-config --libs libcrypto libssl)

	# build dynamic
	cd "$_dyndir"
	msg "Building dynamic busybox"
	echo "COPIED CONFIG to $(pwd)/.config"
	cp "$_config" .config
	[ "$CLIBC" = musl ] && sed -i \
		-e "s/CONFIG_EXTRA_COMPAT=y/CONFIG_EXTRA_COMPAT=n/" \
		.config
	make -C "$builddir" O="$PWD" silentoldconfig

	local _extra_cflags="" _extra_libs=""
	if [ -z "$BOOTSTRAP" ]; then
		_extra_cflags="$(pkg-config --cflags --static utmps)"
		_extra_libs="$(pkg-config --libs --static utmps)"
	fi

	echo "_extra_cflags: $_extra_cflags"
	echo "_extra_libs: $_extra_libs"
	find $builddir -name '*Makefile.flags*'
	cat $builddir/Makefile.flags

	# NOTE: Defining CONFIG_EXTRA_LDLIBS in .config doesn't work, the second -l is ignored.
	make V=1 CONFIG_EXTRA_CFLAGS="$_extra_cflags" CONFIG_EXTRA_LDLIBS="$_extra_libs"

	# build dynamic (extras)
	cd "$_dyndir_extras"
	msg "Building dynamic busybox-extras"
	cp "$_config_extras" .config
	[ "$CLIBC" = musl ] && sed -i \
		-e "s/CONFIG_EXTRA_COMPAT=y/CONFIG_EXTRA_COMPAT=n/" \
		.config
	make -C "$builddir" O="$PWD" silentoldconfig
	make

	# build static
	cd "$_staticdir"
	msg "Building static busybox"
	# enable internal ssl_client for static build
	sed -e "s/.*CONFIG_PIE.*/\# CONFIG_PIE is not set/" \
		-e "s/.*CONFIG_STATIC\([A-Z_]*\).*/CONFIG_STATIC\1=y/" \
		-e "s/.*CONFIG_SSL_CLIENT.*/CONFIG_SSL_CLIENT=y/" \
		"$_config" > .config
	# musl does not support GNU regex
	[ "$CLIBC" = musl ] && sed -i \
		-e "s/CONFIG_EXTRA_COMPAT=y/CONFIG_EXTRA_COMPAT=n/" \
		.config
	make -C "$builddir" O="$PWD" silentoldconfig
	make
	mv busybox busybox.static
}

check() {
	# Set VERBOSE to see expected outcome of each test (runtest -v flag).
	# Set DEBUG to enable command trace (see testsuite/testing.sh).

	cd "$_dyndir"
	SKIP_KNOWN_BUGS=1 make -C "$builddir" O="$PWD" V=1 check

	cd "$_dyndir_extras"
	SKIP_KNOWN_BUGS=1 make -C "$builddir" O="$PWD" V=1 check
}

package() {
	cd "$_dyndir"
	mkdir -p "$pkgdir"/usr/sbin "$pkgdir"/usr/bin "$pkgdir"/tmp \
		"$pkgdir"/var/cache/misc "$pkgdir"/bin "$pkgdir"/sbin \
		"$pkgdir"/usr/share/man/man1
	chmod 1777 "$pkgdir"/tmp
	install -m755 busybox "$pkgdir"/bin/busybox
	# we need /bin/sh to be able to execute post-install
	ln -s /bin/busybox "$pkgdir"/bin/sh

	install -m 644 docs/busybox.1 "$pkgdir"/usr/share/man/man1/busybox.1

	#ifupdown needs those dirs to be present
	mkdir -p \
		"$pkgdir"/etc/network/if-down.d \
		"$pkgdir"/etc/network/if-post-down.d \
		"$pkgdir"/etc/network/if-post-up.d \
		"$pkgdir"/etc/network/if-pre-down.d \
		"$pkgdir"/etc/network/if-pre-up.d \
		"$pkgdir"/etc/network/if-up.d
	install -m775 "$srcdir"/dad.if-up "$pkgdir"/etc/network/if-up.d/dad

	install -Dm644 "$srcdir"/acpid.logrotate \
		"$pkgdir/etc/logrotate.d/acpid"

	mkdir -p "$pkgdir"/var/lib/udhcpd
	install -Dm644 "$builddir"/examples/udhcp/udhcpd.conf \
		"$pkgdir"/etc/udhcpd.conf
	cat >"$pkgdir"/etc/securetty <<EOF
console
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
hvc0
ttyS0
ttyS1
ttyAMA0
ttyAMA1
EOF

	# script for udhcpc
	install -Dm755 "$srcdir"/default.script \
		"$pkgdir"/usr/share/udhcpc/default.script

}

extras() {
	pkgdesc="Additional binaries of Busybox"
	depends="$pkgname"
	install -Dm755 "$_dyndir_extras"/busybox "$subpkgdir"/bin/busybox-extras
}

suid() {
	pkgdesc="suid binaries of Busybox"
	depends="$pkgname"

	cd "$_dyndir"
	mkdir -p "$subpkgdir"/bin
	install -m4111 bbsuid "$subpkgdir"/bin/bbsuid
}

static() {
	pkgdesc="Statically linked Busybox"
	mkdir -p "$subpkgdir"/bin
	install -m755 "$_staticdir"/busybox.static \
		"$subpkgdir"/bin/busybox.static
}

ssl_client() {
	pkgdesc="EXternal ssl_client for busybox wget"
	local _sslver=$(pkg-config --modversion libssl)
	# automatically pull in if both busybox and libssl is installed
	install_if="$pkgname=$pkgver-r$pkgrel libssl${_sslver%.*}"
	mkdir -p "$subpkgdir"/usr/bin
	install -m755 "$_dyndir"/ssl_client \
		"$subpkgdir"/usr/bin/ssl_client
}

ifupdown() {
	pkgdesc="placeholder package for busybox ifupdown"
	provides="ifupdown-any"
	provider_priority=200
	mkdir -p "$subpkgdir"
}

sha512sums="
62b2e718b6669271380445ed6db249618d777a4e8d5e6d879fa39ffee43887b6a2e93ceef874c615c565ad492deb772b03a19b7475c403202741579fb151e16a  busybox-1.35.0.tar.bz2
ead3403578c071c2216de17ab0543984c1f1509c12c062f03af49141547c3ea21356f3e8f0f0695550f05a41a1379dd73fc3cc18dcd78addbb411f247351e353  0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch
a2787a3ecaf6746dadef62166e8ee6ecaa166147e5ad8b917c5838536057c875bab5f9cf40c3e05eba74d575484ac662929ac3799d58432d3a99ac46f364f302  0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
1efe1c4894ae983fed5ac848125f8603f157b9d91c952c53f4192b48d3e50967e05559851148397b583f34fb02d480393547904b4635e4248248be567ab268ea  0001-properly-fix-wget-https-support.patch
0cac9b944928500293e366b42e03211d4159d05b622da60664825e5ee87c9bf6d5a8ea5e794584713f7464efb4cdc431e02f439c717b7e62b1864a228bc8cbac  0001-modutils-check-ELF-header-before-calling-finit_module.patch
d8694293edc8cd55cecafeb902f03c01af318e13966f399365cf792b840793891ac086bb67ef83e7a5a2e01b246497a6c6511cb6a856834f6672dee4bca76896  0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch
8c34dd5ce9a6e84279fa6494cbae0b254778976f341af1d0ccc2a3afb405fb22d374e9623ea83d1500da77c7463db2ed5218d2c9f49350a21114bd0bb17fd87d  0003-ash-exec-busybox.static.patch
f9745497abd4d04621f089c62d9f2104c30d54f342125f597292253f2974d385c5f4a46e7d87a5d1b641b11b34ba5221183dd5dad1e3bbe74a787fb8d6a994b7  0004-app-location-for-cpio-vi-and-lspci.patch
f12916e70f7cc1ef4f6d85d09b9a496a52a494e6318029fdce9a9c812ab5c7b2a046c33b66834127bf809f243c91a53c3c5e27efca026a96fe6b03421de26e60  0005-udhcpc-set-default-discover-retries-to-5.patch
89215c328a46afc686c458a133dd88dcda817586df60eb041a694715e73dc78a297fc0f9a92e8ee7d0a39ce7f6053a6b8e38f3ee078ff90ed13fac2608510105  0006-ping-make-ping-work-without-root-privileges.patch
7873b98c676a92faea61511d50c1efac1220354d20afd53de19e2c8f1472559cb333b9dd4e0d6432616d8c5f59885f1503c448c86a912e8031c9bfed628c2db1  0007-fbsplash-support-console-switching.patch
2c56906dac70dea6276e4c573707cb06c4c8b53defcd33b1e5a28f928e7dafe905a52ce40571de430e4af7e00a75ecc0f249d2fec02da5f3d9edd4e904919a35  0008-fbsplash-support-image-and-bar-alignment-and-positio.patch
df02adb3e3cd3349cc8d070911e3392164cb2e30bd72cae7ceaa974b2db6f958fdcedf809abc7b4bee37c729a4d20abf127f615b0e238a667d572137abe6a79e  0009-depmod-support-generating-kmod-binary-index-files.patch
ecbe5c890d966f09280c7eb534109f785c68e292765f17ed7ff62fcc61d20f61443c4155add0a1ebfb67ce8564e104c1aa22a8ef0400e119b0bca2bca3671f2d  0010-Add-flag-for-not-following-symlinks-when-recursing.patch
3ae5ecf3ea66c8d98762432026806fdb67b13a28075c6a3cb6e811a34ef89c2f0ed651946003aaad97fb4b7f74d132af3c394c114b7a72e1d20b319b739c5a6e  0012-udhcpc-Don-t-background-if-n-is-given.patch
6b1ebc6da26c355a63c166f4c8d1774e7a9c5456ec76b773395a2158cb4848cf245fa5553843666c0a46f4c97d03e08815abae777f2b80bbb69d916618f94761  0013-ash-fix-unsafe-use-of-mempcpy.patch
3eb7609054fa8e03d7e366f7debc5cb0630ff65d521a91be84803bdef3854f81e29d26a9567c501a121e94a55d3a3477894e774508f80def775f2ecc812805e7  0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch
0040800382a6e3adcc6a8094b821488c7e297fc80304afba23a4fca43b7b26ac699378dfbd930ebbf9985336b3e431301f7ca93e2d041a071902a48740d263ef  0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch
4c95dc4bf6aff9018bfb52b400f6d8375a1d22493b44ea516cb12dba6556f12797a3cba55768d2e59ff57c0f3247ec1ff95edb8f17561f3d37ec18d83ca47eb0  0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch
ccdf098fb15eaa316708181469a1193d6eec7067131e7b7645e0219bf03cfd07f4f79e8f62c1e560f6146dcc38186a29bdee08aaa39f290e11d020b8f07d2f65  0017-ash-Fix-use-after-free-on-idx-variable.patch
6d100fe44da2b97c2cbdda253d0504b487212d195144d9315cddbe8c51d18fae3745701923b170b40e35f54b592f94f02cadbffd9cb716661c12a7f1da022763  0001-ash-add-built-in-BB_ASH_VERSION-variable.patch
e33dbc27d77c4636f4852d5d5216ef60a9a4343484e4559e391c13c813bf65c782b889914eff2e1f038d74cf02cb0d23824ebbb1044b5f8c86260d5a1bbc4e4d  0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch
32b25e61d8b1a36ea6237b6681fecfb7a2b5abbb3b3e278f22b4eca6c03362e74d5e497d99e07d6718726be40a6d3de594c08e4f8f549414f39974137e033e86  0001-avoid-redefined-warnings-when-building-with-utmps.patch
9b66151ef51293292b3829adaf721e5453c0710b1d151ab7e959aff0ffae2ec704e686161909cbbfc09c700e23e7200f5e14539ccc5583bccaa11193ea0cffce  test-fix-tarball-creation.patch
f65052adc4df305c22f79cc2819d7750b528ad66289512fc15c442c4347ebd6bc14340e60f2c5209d2e7d2e7feb7d19f372e02dca2451dd36787c5f6908c21d8  test-timezone-workaround.patch
b52050678e79e4da856956906d07fcb620cbf35f2ef6b5a8ee3b8d244ea63b4b98eef505451184d5b4937740d91eef154ed748c30d329ac485be51b37626f251  0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
ead4ad65d270d8659e1898fa16f76b6cbcf567d8aba238eacccda3764edb4362240d9359d6389873bedc126d405f805fc6dfce653a7181618ebcc67c94bd08d2  0002-nslookup-sanitize-all-printed-strings-with-printable.patch
4f6ddd59d6096943f617b0938fca428114190b8b37732d6783faab291451a2c30c452ed39299db22d1d9679d007022f87d43e93b38a4f6ced64a8659e9233773  0001-modinfo-add-k-option-for-kernel-version.patch
22e2fa8f7a6105fd9990f93b71c235980fd4eab62269939a0e3a920fe517ee4f913c6bd0148a554b67fe01d1660bf0fd76a80e9dcac290b4b8b2c304ef6080a9  CVE-2022-30065.patch
aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1  acpid.logrotate
20ad8edb3741ffffa99bdb4c00603ddfc76564c869cb46736f878eba01cc3d3f611dd8049625a66ad7f018ce485a9d9592ec133fc8fe7f13da3d69daa6c545ec  busyboxconfig
9dc49c5ff0750cd713f49ee566a19e705e6b68e360a82e2c99b15a5271c7e8a5c47aaf399a03828befbe4e9ccbebb3de766cc0cfc1672848a939b5ae97b44aa1  busyboxconfig-extras
0becc2186d6c32fb0c401cf7bc0e46268b38ce8892db33be1daf40273024c1c02d518283f44086a313a2ccef34230a1d945ec148cc173f26e6aa9d88a7426e54  bbsuid.c
6321c1d96d8938a3b5eab21731de289ede136fff550f98127c509452bfb17769ccf94b118491f7b81d3c60e1bbb3e80bb07186e4ce07e29724a52f0daba9b218  dad.if-up
26eac967d6cfe13b7dc973112de145543ac0bdda9e9dd3a69bbd8c133ae6a20387abe9377917efb770b191130d3a6385ff5738abc84a8216d7b86ae88b159260  ssl_client.c
c3194ccffe7300a0f55d50fb56d38c8df55d588adac13056fd0be2676594974477f94de5570a5a882bc864c3711cf67aa43b6ad6808e672f4533dd0f7363d2f5  default.script
53c4309235194798541cab80faed5bd3c25089afc7cbbca3e960d2bdfc2829f5d826c62050bc0e92bb689ac251a3e45c587b24a7382eedacf55831ad49f2158f  utmp-debug.patch
"