diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh')
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch | 39 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch | 35 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch | 26 | ||||
| -rwxr-xr-x | meta/recipes-connectivity/openssh/openssh/run-ptest | 5 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd.socket | 1 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd@.service | 3 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 1 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service | 1 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh_8.9p1.bb (renamed from meta/recipes-connectivity/openssh/openssh_7.7p1.bb) | 129 |
9 files changed, 137 insertions, 103 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch b/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch deleted file mode 100644 index 8a2d1a0a7c..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 265eaab8b39d8d8721224a48eefed5bf1696d353 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Wed, 18 Apr 2018 21:58:32 +0800 -Subject: [PATCH] disable ciphers not supported by OpenSSL DES - -While compiling openssl with option `no-des', it caused the openssh -build failure -... -cipher.c:85:41: error: 'EVP_des_ede3_cbc' undeclared here (not in a function); -... - -OpenSSL configured that way defines OPENSSL_NO_DES to disable des - -Suggested by dtucker@ - -Upstream-Status: Submitted [openssh-unix-dev@mindrot.org] - -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - cipher.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/cipher.c b/cipher.c -index c3cd5dc..86558e1 100644 ---- a/cipher.c -+++ b/cipher.c -@@ -82,7 +82,9 @@ struct sshcipher { - - static const struct sshcipher ciphers[] = { - #ifdef WITH_OPENSSL -+#ifndef OPENSSL_NO_DES - { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, -+#endif - { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc }, - { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc }, - { "aes256-cbc", 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc }, --- -2.7.4 - diff --git a/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch b/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch new file mode 100644 index 0000000000..847c0a143c --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/f107467179428a0e3ea9e4aa9738ac12ff02822d.patch @@ -0,0 +1,35 @@ +From f107467179428a0e3ea9e4aa9738ac12ff02822d Mon Sep 17 00:00:00 2001 +From: Colin Watson <cjwatson@debian.org> +Date: Thu, 24 Feb 2022 16:04:18 +0000 +Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support + +GCC doesn't tell us whether this option is supported unless it runs into +the situation where it would need to emit corresponding code. + +Upstream-Status: Backport +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + m4/openssh.m4 | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/m4/openssh.m4 b/m4/openssh.m4 +index 4f9c3792dc1..8c33c701b8b 100644 +--- a/m4/openssh.m4 ++++ b/m4/openssh.m4 +@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ + #include <stdlib.h> + #include <stdio.h> ++/* Trivial function to help test for -fzero-call-used-regs */ ++void f(int n) {} + int main(int argc, char **argv) { + (void)argv; + /* Some math to catch -ftrapv problems in the toolchain */ +@@ -21,6 +23,7 @@ int main(int argc, char **argv) { + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; ++ f(0); + printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); + /* + * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does diff --git a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch b/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch index 7e043a2db1..20036da931 100644 --- a/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch +++ b/meta/recipes-connectivity/openssh/openssh/fix-potential-signed-overflow-in-pointer-arithmatic.patch @@ -11,14 +11,17 @@ would lead to program abort. Upstream-Status: Submitted [http://bugzilla.mindrot.org/show_bug.cgi?id=2608] Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> + +Complete the fix +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- - openbsd-compat/strlcat.c | 8 ++++++-- - openbsd-compat/strlcpy.c | 8 ++++++-- - openbsd-compat/strnlen.c | 8 ++++++-- - 3 files changed, 18 insertions(+), 6 deletions(-) + openbsd-compat/strlcat.c | 10 +++++++--- + openbsd-compat/strlcpy.c | 8 ++++++-- + openbsd-compat/strnlen.c | 8 ++++++-- + 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/openbsd-compat/strlcat.c b/openbsd-compat/strlcat.c -index bcc1b61..e758ebf 100644 +index bcc1b61..124e1e3 100644 --- a/openbsd-compat/strlcat.c +++ b/openbsd-compat/strlcat.c @@ -23,6 +23,7 @@ @@ -29,6 +32,15 @@ index bcc1b61..e758ebf 100644 /* * Appends src to string dst of size siz (unlike strncat, siz is the +@@ -42,7 +43,7 @@ strlcat(char *dst, const char *src, size_t siz) + /* Find the end of dst and adjust bytes left but don't go past end */ + while (n-- != 0 && *d != '\0') + d++; +- dlen = d - dst; ++ dlen = (uintptr_t)d - (uintptr_t)dst; + n = siz - dlen; + + if (n == 0) @@ -55,8 +56,11 @@ strlcat(char *dst, const char *src, size_t siz) s++; } @@ -70,7 +82,7 @@ index b4b1b60..b06f374 100644 #endif /* !HAVE_STRLCPY */ diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c -index 93d5155..9b8de5d 100644 +index 7ad3573..7040f1f 100644 --- a/openbsd-compat/strnlen.c +++ b/openbsd-compat/strnlen.c @@ -23,6 +23,7 @@ @@ -95,5 +107,5 @@ index 93d5155..9b8de5d 100644 } #endif -- -1.9.1 +2.17.1 diff --git a/meta/recipes-connectivity/openssh/openssh/run-ptest b/meta/recipes-connectivity/openssh/openssh/run-ptest index 36a3d2a7b7..8a9b770d59 100755 --- a/meta/recipes-connectivity/openssh/openssh/run-ptest +++ b/meta/recipes-connectivity/openssh/openssh/run-ptest @@ -1,11 +1,12 @@ #!/bin/sh export TEST_SHELL=sh +export SKIP_UNIT=1 cd regress sed -i "/\t\tagent-ptrace /d" Makefile -make -k .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \ - | sed -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' +make -k BUILDDIR=`pwd`/.. .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \ + | sed -u -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' SSHAGENT=`which ssh-agent` GDB=`which gdb` diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.socket b/meta/recipes-connectivity/openssh/openssh/sshd.socket index 12c39b26b5..8d76d62309 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd.socket +++ b/meta/recipes-connectivity/openssh/openssh/sshd.socket @@ -1,5 +1,6 @@ [Unit] Conflicts=sshd.service +Wants=sshdgenkeys.service [Socket] ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd diff --git a/meta/recipes-connectivity/openssh/openssh/sshd@.service b/meta/recipes-connectivity/openssh/openssh/sshd@.service index 9d83dfb2bb..9d9965e624 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd@.service +++ b/meta/recipes-connectivity/openssh/openssh/sshd@.service @@ -1,13 +1,10 @@ [Unit] Description=OpenSSH Per-Connection Daemon -Wants=sshdgenkeys.service After=sshdgenkeys.service [Service] Environment="SSHD_OPTS=" EnvironmentFile=-/etc/default/ssh ExecStart=-@SBINDIR@/sshd -i $SSHD_OPTS -ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID StandardInput=socket -StandardError=syslog KillMode=process diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys index 1931dc7153..ef117de897 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys @@ -6,6 +6,7 @@ generate_key() { local DIR="$(dirname "$FILE")" mkdir -p "$DIR" + rm -f ${FILE}.tmp ssh-keygen -q -f "${FILE}.tmp" -N '' -t $TYPE # Atomically rename file public key diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index 603c33787f..fd81793d51 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -6,3 +6,4 @@ RequiresMountsFor=/var /run ExecStart=@LIBEXECDIR@/sshd_check_keys Type=oneshot RemainAfterExit=yes +Nice=10 diff --git a/meta/recipes-connectivity/openssh/openssh_7.7p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index 6b67782695..6c5c1912e8 100644 --- a/meta/recipes-connectivity/openssh/openssh_7.7p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -5,11 +5,10 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/" SECTION = "console/network" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENCE;md5=429658c6612f3a9b1293782366ab29d8" +LICENSE = "BSD-2-Clause & BSD-3-Clause & ISC & MIT" +LIC_FILES_CHKSUM = "file://LICENCE;md5=8baf365614c9bdd63705f298c9afbfb9" -# openssl 1.1 patches are proposed at https://github.com/openssh/openssh-portable/pull/48 -DEPENDS = "zlib openssl10" +DEPENDS = "zlib openssl virtual/crypt" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ @@ -25,41 +24,61 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ - file://disable-ciphers-not-supported-by-OpenSSL-DES.patch \ + file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \ " +SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7" -PAM_SRC_URI = "file://sshd" +# This CVE is specific to OpenSSH with the pam opie which we don't build/use here +CVE_CHECK_IGNORE += "CVE-2007-2768" + +# This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 +# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded +CVE_CHECK_IGNORE += "CVE-2014-9278" + +# CVE only applies to some distributed RHEL binaries +CVE_CHECK_IGNORE += "CVE-2008-3844" -SRC_URI[md5sum] = "68ba883aff6958297432e5877e9a0fe2" -SRC_URI[sha256sum] = "d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f" +PAM_SRC_URI = "file://sshd" -inherit useradd update-rc.d update-alternatives systemd +inherit manpages useradd update-rc.d update-alternatives systemd USERADD_PACKAGES = "${PN}-sshd" -USERADD_PARAM_${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd" +USERADD_PARAM:${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd" INITSCRIPT_PACKAGES = "${PN}-sshd" -INITSCRIPT_NAME_${PN}-sshd = "sshd" -INITSCRIPT_PARAMS_${PN}-sshd = "defaults 9" +INITSCRIPT_NAME:${PN}-sshd = "sshd" +INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9" SYSTEMD_PACKAGES = "${PN}-sshd" -SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket" +SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket" inherit autotools-brokensep ptest +PACKAGECONFIG ??= "rng-tools" +PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" +PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" +PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" +PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" + +# Add RRECOMMENDS to rng-tools for sshd package +PACKAGECONFIG[rng-tools] = "" + EXTRA_AUTORECONF += "--exclude=aclocal" # login path is hardcoded in sshd EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ --without-zlib-version-check \ - --with-privsep-path=/var/run/sshd \ + --with-privsep-path=${localstatedir}/run/sshd \ --sysconfdir=${sysconfdir}/ssh \ - --with-xauth=/usr/bin/xauth \ + --with-xauth=${bindir}/xauth \ --disable-strip \ " -# musl doesn't implement wtmp/utmp -EXTRA_OECONF_append_libc-musl = " --disable-wtmp" +# musl doesn't implement wtmp/utmp and logwtmp +EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog" + +# https://bugzilla.mindrot.org/show_bug.cgi?id=3398 +EXTRA_OECONF:append:powerpc = " --with-sandbox=no" # Since we do not depend on libbsd, we do not want configure to use it # just because it finds libutil.h. But, specifying --disable-libutil @@ -72,19 +91,17 @@ CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" # We don't want to depend on libblockfile CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no" -do_configure_prepend () { +do_configure:prepend () { export LD="${CC}" install -m 0644 ${WORKDIR}/sshd_config ${B}/ install -m 0644 ${WORKDIR}/ssh_config ${B}/ } do_compile_ptest() { - # skip regress/unittests/ binaries: this will silently skip - # unittests in run-ptests which is good because they are so slow. - oe_runmake regress/modpipe regress/setuid-allowed regress/netcat + oe_runmake regress-binaries regress-unit-binaries } -do_install_append () { +do_install:append () { if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config @@ -110,15 +127,15 @@ do_install_append () { echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - install -d ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_unitdir}/system - install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_unitdir}/system + install -d ${D}${systemd_system_unitdir} + install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_system_unitdir} + install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_system_unitdir} + install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_system_unitdir} sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ -e 's,@SBINDIR@,${sbindir},g' \ -e 's,@BINDIR@,${bindir},g' \ -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ - ${D}${systemd_unitdir}/system/sshd.socket ${D}${systemd_unitdir}/system/*.service + ${D}${systemd_system_unitdir}/sshd.socket ${D}${systemd_system_unitdir}/*.service sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \ ${D}${sysconfdir}/init.d/sshd @@ -129,34 +146,42 @@ do_install_append () { do_install_ptest () { sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh cp -r regress ${D}${PTEST_PATH} + cp config.h ${D}${PTEST_PATH} } -ALLOW_EMPTY_${PN} = "1" +ALLOW_EMPTY:${PN} = "1" PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server" -FILES_${PN}-scp = "${bindir}/scp.${BPN}" -FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" -FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_unitdir}/system" -FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" -FILES_${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys" -FILES_${PN}-sftp = "${bindir}/sftp" -FILES_${PN}-sftp-server = "${libexecdir}/sftp-server" -FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" -FILES_${PN}-keygen = "${bindir}/ssh-keygen" - -RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" -RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" -RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make" - -RPROVIDES_${PN}-ssh = "ssh" -RPROVIDES_${PN}-sshd = "sshd" - -RCONFLICTS_${PN} = "dropbear" -RCONFLICTS_${PN}-sshd = "dropbear" - -CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config" -CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config" +FILES:${PN}-scp = "${bindir}/scp.${BPN}" +FILES:${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" +FILES:${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_system_unitdir}" +FILES:${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" +FILES:${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys" +FILES:${PN}-sftp = "${bindir}/sftp" +FILES:${PN}-sftp-server = "${libexecdir}/sftp-server" +FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" +FILES:${PN}-keygen = "${bindir}/ssh-keygen" + +RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" +RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" +RRECOMMENDS:${PN}-sshd:append:class-target = "\ + ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \ +" + +# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies +RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" + +RPROVIDES:${PN}-ssh = "ssh" +RPROVIDES:${PN}-sshd = "sshd" + +RCONFLICTS:${PN} = "dropbear" +RCONFLICTS:${PN}-sshd = "dropbear" + +CONFFILES:${PN}-sshd = "${sysconfdir}/ssh/sshd_config" +CONFFILES:${PN}-ssh = "${sysconfdir}/ssh/ssh_config" ALTERNATIVE_PRIORITY = "90" -ALTERNATIVE_${PN}-scp = "scp" -ALTERNATIVE_${PN}-ssh = "ssh" +ALTERNATIVE:${PN}-scp = "scp" +ALTERNATIVE:${PN}-ssh = "ssh" + +BBCLASSEXTEND += "nativesdk" |