Annotation of /smage/branches/alx07x-unstable/core/dropbear/dropbear-2020.80-r1.smage2
Parent Directory | Revision Log
Revision 14372 -
(hide annotations)
(download)
Thu Jul 9 13:21:15 2020 UTC (3 years, 10 months ago) by niro
Original Path: smage/trunk/core/dropbear/dropbear-2020.80-r1.smage2
File size: 3903 byte(s)
Thu Jul 9 13:21:15 2020 UTC (3 years, 10 months ago) by niro
Original Path: smage/trunk/core/dropbear/dropbear-2020.80-r1.smage2
File size: 3903 byte(s)
auto added: ver bump to 2020.80-r1
1 | niro | 14372 | # $Id$ |
2 | |||
3 | PNAME="dropbear" | ||
4 | PVER="2020.80" | ||
5 | PBUILD="r1" | ||
6 | |||
7 | PCAT="net-misc" | ||
8 | |||
9 | DESCRIPTION="Dropbear SSH2 has a small memory footprint and is suitable for memory-constrained environments." | ||
10 | HOMEPAGE="http://matt.ucc.asn.au/dropbear/dropbear.html" | ||
11 | |||
12 | DEPEND=">= sys-libs/zlib-1.2.5 | ||
13 | >= dev-libs/libtommath-1.1" | ||
14 | |||
15 | SDEPEND=">= sys-libs/zlib-dev-1.2.5 | ||
16 | >= dev-libs/libtommath-dev-1.1" | ||
17 | |||
18 | PROVIDE="virtual/ssh-server | ||
19 | virtual/ssh-client" | ||
20 | |||
21 | SRCFILE="${PNAME}-${PVER}.tar.bz2" | ||
22 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" | ||
23 | |||
24 | DROPBEAR_SVC_REV=1.2 | ||
25 | KEYGEN_DSS_SVC_REV=1.2 | ||
26 | KEYGEN_RSA_SVC_REV=1.2 | ||
27 | KEYGEN_ECDSA_SVC_REV=1.2 | ||
28 | |||
29 | # no check target in Makefile | ||
30 | msetfeature "!check" | ||
31 | |||
32 | # todo: remove dbclient too? | ||
33 | ALX_PKG_KEEP="etc | ||
34 | usr/bin/dbclient | ||
35 | usr/bin/dropbearkey | ||
36 | usr/bin/dropbearconvert | ||
37 | usr/bin/scp | ||
38 | usr/sbin/dropbear | ||
39 | usr/bin/dropbearmulti | ||
40 | usr/lib/systemd | ||
41 | var" | ||
42 | sminclude mbuild mtools systemd alx-split | ||
43 | |||
44 | SRC_URI=( | ||
45 | http://matt.ucc.asn.au/${PNAME}/releases/${SRCFILE} | ||
46 | mirror://${PNAME}/${SRCFILE} | ||
47 | mirror://${PNAME}/dropbear.service-${DROPBEAR_SVC_REV} | ||
48 | mirror://${PNAME}/dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} | ||
49 | mirror://${PNAME}/dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} | ||
50 | mirror://${PNAME}/dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} | ||
51 | mirror://${PNAME}/dropbear.conf.tempfile | ||
52 | ) | ||
53 | |||
54 | UP2DATE="updatecmd 'http://matt.ucc.asn.au/dropbear/releases/?C=M;O=A' | grep ${PNAME}- | lasttarball" | ||
55 | |||
56 | src_prepare() | ||
57 | { | ||
58 | munpack ${SRCFILE} || die | ||
59 | cd ${SRCDIR} | ||
60 | |||
61 | # see: https://github.com/balena-os/meta-balena/issues/1161 | ||
62 | # and check: https://github.com/arthepsy/ssh-audit | ||
63 | echo > ${SRCDIR}/localoptions.h || die | ||
64 | # disable weak cyphers/options for security reasons | ||
65 | echo '#define DROPBEAR_ENABLE_CBC_MODE 0' >> ${SRCDIR}/localoptions.h || die | ||
66 | echo '#define DROPBEAR_SHA1_HMAC 0' >> ${SRCDIR}/localoptions.h || die | ||
67 | echo '#define DROPBEAR_SHA1_96_HMAC 0' >> ${SRCDIR}/localoptions.h || die | ||
68 | # enable twofish | ||
69 | echo '#define DROPBEAR_TWOFISH128 1' >> ${SRCDIR}/localoptions.h || die | ||
70 | echo '#define DROPBEAR_TWOFISH256 1' >> ${SRCDIR}/localoptions.h || die | ||
71 | # disable x11 fwd by default | ||
72 | echo '#define DROPBEAR_X11FWD 0' >> ${SRCDIR}/localoptions.h || die | ||
73 | } | ||
74 | src_compile() | ||
75 | { | ||
76 | cd ${SRCDIR} | ||
77 | |||
78 | mconfigure --enable-zlib --disable-pam || die | ||
79 | mmake PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 || die | ||
80 | } | ||
81 | |||
82 | alx_generic_src_install() | ||
83 | { | ||
84 | cd ${SRCDIR} | ||
85 | mmake DESTDIR=${BINDIR} PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 install || die | ||
86 | |||
87 | # create missing symlinks | ||
88 | minstalldir /usr/sbin || die | ||
89 | mlink dropbearmulti /usr/bin/dbclient || die | ||
90 | mlink dropbearmulti /usr/bin/scp || die | ||
91 | mlink dropbearmulti /usr/bin/dropbearkey || die | ||
92 | mlink ../bin/dropbearmulti /usr/sbin/dropbear || die | ||
93 | |||
94 | # systemd units | ||
95 | minstallunit dropbear.service-${DROPBEAR_SVC_REV} dropbear.service || die | ||
96 | minstallunit dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} dropbear-keygen-dss.service || die | ||
97 | minstallunit dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} dropbear-keygen-rsa.service || die | ||
98 | minstallunit dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} dropbear-keygen-ecdsa.service || die | ||
99 | minstalltmp dropbear.conf.tempfile dropbear.conf || die | ||
100 | |||
101 | # needed to run sshd | ||
102 | mkeepdir /etc/dropbear || die | ||
103 | mkeepdir /var/empty || die | ||
104 | mchown root:sys /var/empty || die | ||
105 | |||
106 | minstalldocs CHANGES INSTALL LICENSE _MTN MULTI SMALL TODO || die | ||
107 | } | ||
108 | |||
109 | preinstall_dropbear() | ||
110 | { | ||
111 | add_conf_prot_mask /etc/tmpfiles.d | ||
112 | |||
113 | # adding ssh user | ||
114 | ${MLIBDIR}/mgroupadd -o "-g 22" sshd | ||
115 | ${MLIBDIR}/museradd -o "-u 22 -g sshd -d /var/empty -s /bin/false" sshd | ||
116 | } | ||
117 | |||
118 | postinstall_dropbear() | ||
119 | { | ||
120 | # cleanup old symlinks | ||
121 | local i | ||
122 | for i in dsa rsa ecdsa | ||
123 | do | ||
124 | if [ -L ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service ] | ||
125 | then | ||
126 | rm ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service | ||
127 | fi | ||
128 | done | ||
129 | |||
130 | mstartunit dropbear.service | ||
131 | } | ||
132 | |||
133 | postremove_dropbear() | ||
134 | { | ||
135 | mstopunit dropbear.service | ||
136 | } |