diff options
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear.inc')
-rw-r--r-- | meta/recipes-core/dropbear/dropbear.inc | 66 |
1 files changed, 43 insertions, 23 deletions
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index a2c736e174..78f9f9adbd 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -1,27 +1,28 @@ SUMMARY = "A lightweight SSH and SCP implementation" HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html" +DESCRIPTION = "Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers." SECTION = "console/network" # some files are from other projects and have others license terms: # public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY LICENSE = "MIT & BSD-3-Clause & BSD-2-Clause & PD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=a5ec40cafba26fc4396d0b550f824e01" +LIC_FILES_CHKSUM = "file://LICENSE;md5=25cf44512b7bc8966a48b6b1a9b7605f" -DEPENDS = "zlib" -RPROVIDES_${PN} = "ssh sshd" +DEPENDS = "zlib virtual/crypt" +RPROVIDES:${PN} = "ssh sshd" +RCONFLICTS:${PN} = "openssh-sshd openssh" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://0001-urandom-xauth-changes-to-options.h.patch \ - file://0003-configure.patch \ - file://0004-fix-2kb-keys.patch \ - file://0007-dropbear-fix-for-x32-abi.patch \ file://init \ file://dropbearkey.service \ file://dropbear@.service \ file://dropbear.socket \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} " + file://dropbear.default \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} " PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \ file://0006-dropbear-configuration-file.patch \ @@ -32,24 +33,34 @@ PAM_PLUGINS = "libpam-runtime \ pam-plugin-permit \ pam-plugin-unix \ " -RDEPENDS_${PN} += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}" +RDEPENDS:${PN} += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}" inherit autotools update-rc.d systemd +CVE_PRODUCT = "dropbear_ssh" + INITSCRIPT_NAME = "dropbear" INITSCRIPT_PARAMS = "defaults 10" -SYSTEMD_SERVICE_${PN} = "dropbear.socket" - -CFLAGS_prepend = " -I. " -LD = "${CC}" +SYSTEMD_SERVICE:${PN} = "dropbear.socket" SBINCOMMANDS = "dropbear dropbearkey dropbearconvert" BINCOMMANDS = "dbclient ssh scp" EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"' + +PACKAGECONFIG ?= "disable-weak-ciphers" +PACKAGECONFIG[system-libtom] = "--disable-bundled-libtom,--enable-bundled-libtom,libtommath libtomcrypt" +PACKAGECONFIG[disable-weak-ciphers] = "" + EXTRA_OECONF += "\ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}" -CFLAGS += "-DSFTPSERVER_PATH=\\"${libdir}/openssh/sftp-server\\"" + +# This option appends to CFLAGS and LDFLAGS from OE +# This is causing [textrel] QA warning +EXTRA_OECONF += "--disable-harden" + +# musl does not implement wtmp/logwtmp APIs +EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog" do_install() { install -d ${D}${sysconfdir} \ @@ -60,9 +71,16 @@ do_install() { ${D}${sbindir} \ ${D}${localstatedir} + install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear + install -m 0755 dropbearmulti ${D}${sbindir}/ - ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient - + + for i in ${BINCOMMANDS} + do + # ssh and scp symlinks are created by update-alternatives + if [ $i = ssh ] || [ $i = scp ]; then continue; fi + ln -s ${sbindir}/dropbearmulti ${D}${bindir}/$i + done for i in ${SBINCOMMANDS} do ln -s ./dropbearmulti ${D}${sbindir}/$i @@ -73,30 +91,30 @@ do_install() { -e 's,/usr/bin,${bindir},g' \ -e 's,/usr,${prefix},g' ${WORKDIR}/init > ${D}${sysconfdir}/init.d/dropbear chmod 755 ${D}${sysconfdir}/init.d/dropbear - if [ "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then install -d ${D}${sysconfdir}/pam.d install -m 0644 ${WORKDIR}/dropbear ${D}${sysconfdir}/pam.d/ fi # deal with systemd unit files - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dropbearkey.service ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dropbear@.service ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dropbear.socket ${D}${systemd_unitdir}/system + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/dropbearkey.service ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/dropbear@.service ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/dropbear.socket ${D}${systemd_system_unitdir} sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ -e 's,@BINDIR@,${bindir},g' \ -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/dropbear.socket ${D}${systemd_unitdir}/system/*.service + ${D}${systemd_system_unitdir}/dropbear.socket ${D}${systemd_system_unitdir}/*.service } inherit update-alternatives ALTERNATIVE_PRIORITY = "20" -ALTERNATIVE_${PN} = "scp ssh" +ALTERNATIVE:${PN} = "${@bb.utils.filter('BINCOMMANDS', 'scp ssh', d)}" ALTERNATIVE_TARGET = "${sbindir}/dropbearmulti" -pkg_postrm_append_${PN} () { +pkg_postrm:${PN} () { if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then rm ${sysconfdir}/dropbear/dropbear_rsa_host_key fi @@ -104,3 +122,5 @@ pkg_postrm_append_${PN} () { rm ${sysconfdir}/dropbear/dropbear_dss_host_key fi } + +FILES:${PN} += "${bindir}" |