shadow: update to 4.8.1

Fixed license information.

Removed patch requiring autoreconf and replaced with a configure variable.

Removed faulty patch that broke systems without a disabled crypt size hack.
Replaced with using a SED command as well as bcrypt, which works in musl.

Removed su patch and converted it to a SED command in the Makefile.

Added new shadow utilities.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

utils/shadow/Makefile

@@ -8,28 +8,29 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shadow
-PKG_VERSION:=4.6
-PKG_RELEASE:=2
+PKG_VERSION:=4.8.1
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://github.com/shadow-maint/shadow/releases/download/$(PKG_VERSION)
-PKG_HASH:=0998c8d84242a231ab0acb7f8613927ff5bcff095f8aa6b79478893a03f05583
-PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
+PKG_HASH:=a3ad4630bdc41372f02a647278a8c3514844295d36eefe68ece6c3a641c1ae62
+
+PKG_MAINTAINER:=
 PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=COPYING
 PKG_CPE_ID:=cpe:/a:debian:shadow
 
-PKG_FIXUP:=autoreconf
-PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/nls.mk
 
 SHADOW_APPLETS := \
-	chage chpasswd chfn chsh expiry faillog gpasswd \
-	groupadd groupdel groupmems groupmod groups \
-	lastlog login newgidmap newgrp newuidmap nologin \
-	passwd su \
+	chage chfn chgpasswd chpasswd chsh expiry faillog gpasswd \
+	groupadd groupdel groupmems groupmod groups grpck grpconv grpunconv \
+	lastlog login logoutd newgidmap newgrp newuidmap newusers nologin \
+	passwd pwck pwconv pwunconv su \
 	useradd userdel usermod vipw
 
 CONFIGURE_ARGS += \
@@ -39,7 +40,11 @@ CONFIGURE_ARGS += \
 	--without-acl \
 	--without-attr \
 	--without-tcb \
-	--without-nscd
+	--without-nscd \
+	--with-bcrypt
+
+CONFIGURE_VARS += \
+	ac_cv_func_ruserok=no
 
 define Package/shadow/Default
   SECTION:=utils
@@ -122,6 +127,16 @@ endef
 define Package/shadow-common/install
 	$(INSTALL_DIR) $(1)/etc
 	$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/login.defs $(1)/etc/
+	$(SED) 's,SU_NAME,#SU_NAME,g' $(1)/etc/login.defs
+ifeq ($(CONFIG_USE_MUSL),y)
+ifeq ($(CONFIG_MUSL_DISABLE_CRYPT_SIZE_HACK),y)
+	$(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD BCRYPT,g' $(1)/etc/login.defs
+else
+	$(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD MD5,g' $(1)/etc/login.defs
+endif # CONFIG_MUSL_DISABLE_CRYPT_SIZE_HACK
+else
+	$(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD SHA512,g' $(1)/etc/login.defs
+endif # CONFIG_USE_MUSL
 endef
 
 define Package/shadow-utils/install

utils/shadow/patches/001-busybox_ash.patch

@@ -1,11 +0,0 @@
---- a/etc/login.defs
-+++ b/etc/login.defs
-@@ -111,7 +111,7 @@ NOLOGINS_FILE	/etc/nologin
- # command as "-su".  If not defined, then ps(1) will display the
- # name of the shell actually being run, e.g. something like "-sh".
- #
--SU_NAME		su
-+#SU_NAME		su
- 
- #
- # *REQUIRED*

utils/shadow/patches/002-disable-ruser-lookup.patch

@@ -1,10 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -200,7 +200,6 @@ dnl XXX - quick hack, should disappear b
- AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
- if test "$ac_cv_func_ruserok" = "yes"; then
- 	AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
--	AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
- fi
- 
- AC_ARG_ENABLE(shadowgrp,

utils/shadow/patches/004-fix-su-controoling-term.patch

@@ -1,6 +1,6 @@
 --- a/src/su.c
 +++ b/src/su.c
-@@ -1127,8 +1127,12 @@ int main (int argc, char **argv)
+@@ -1122,8 +1122,12 @@ int main (int argc, char **argv)
  
  		if (fd >= 0) {
  			err = ioctl (fd, TIOCNOTTY, (char *) 0);

utils/shadow/patches/005-set-encrypt-method-sha512.patch

@@ -1,11 +0,0 @@
---- a/etc/login.defs
-+++ b/etc/login.defs
-@@ -317,7 +317,7 @@ CHFN_RESTRICT		rwh
- # Note: If you use PAM, it is recommended to use a value consistent with
- # the PAM modules configuration.
- #
--#ENCRYPT_METHOD DES
-+ENCRYPT_METHOD SHA512
- 
- #
- # Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.