Contents of /smage/trunk/core/dropbear/dropbear-2020.80-r1.smage2
Parent Directory | Revision Log
Revision 14372 -
(show annotations)
(download)
Thu Jul 9 13:21:15 2020 UTC (4 years, 2 months ago) by niro
File size: 3903 byte(s)
Thu Jul 9 13:21:15 2020 UTC (4 years, 2 months ago) by niro
File size: 3903 byte(s)
auto added: ver bump to 2020.80-r1
1 | # $Id$ |
2 | |
3 | PNAME="dropbear" |
4 | PVER="2020.80" |
5 | PBUILD="r1" |
6 | |
7 | PCAT="net-misc" |
8 | |
9 | DESCRIPTION="Dropbear SSH2 has a small memory footprint and is suitable for memory-constrained environments." |
10 | HOMEPAGE="http://matt.ucc.asn.au/dropbear/dropbear.html" |
11 | |
12 | DEPEND=">= sys-libs/zlib-1.2.5 |
13 | >= dev-libs/libtommath-1.1" |
14 | |
15 | SDEPEND=">= sys-libs/zlib-dev-1.2.5 |
16 | >= dev-libs/libtommath-dev-1.1" |
17 | |
18 | PROVIDE="virtual/ssh-server |
19 | virtual/ssh-client" |
20 | |
21 | SRCFILE="${PNAME}-${PVER}.tar.bz2" |
22 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" |
23 | |
24 | DROPBEAR_SVC_REV=1.2 |
25 | KEYGEN_DSS_SVC_REV=1.2 |
26 | KEYGEN_RSA_SVC_REV=1.2 |
27 | KEYGEN_ECDSA_SVC_REV=1.2 |
28 | |
29 | # no check target in Makefile |
30 | msetfeature "!check" |
31 | |
32 | # todo: remove dbclient too? |
33 | ALX_PKG_KEEP="etc |
34 | usr/bin/dbclient |
35 | usr/bin/dropbearkey |
36 | usr/bin/dropbearconvert |
37 | usr/bin/scp |
38 | usr/sbin/dropbear |
39 | usr/bin/dropbearmulti |
40 | usr/lib/systemd |
41 | var" |
42 | sminclude mbuild mtools systemd alx-split |
43 | |
44 | SRC_URI=( |
45 | http://matt.ucc.asn.au/${PNAME}/releases/${SRCFILE} |
46 | mirror://${PNAME}/${SRCFILE} |
47 | mirror://${PNAME}/dropbear.service-${DROPBEAR_SVC_REV} |
48 | mirror://${PNAME}/dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} |
49 | mirror://${PNAME}/dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} |
50 | mirror://${PNAME}/dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} |
51 | mirror://${PNAME}/dropbear.conf.tempfile |
52 | ) |
53 | |
54 | UP2DATE="updatecmd 'http://matt.ucc.asn.au/dropbear/releases/?C=M;O=A' | grep ${PNAME}- | lasttarball" |
55 | |
56 | src_prepare() |
57 | { |
58 | munpack ${SRCFILE} || die |
59 | cd ${SRCDIR} |
60 | |
61 | # see: https://github.com/balena-os/meta-balena/issues/1161 |
62 | # and check: https://github.com/arthepsy/ssh-audit |
63 | echo > ${SRCDIR}/localoptions.h || die |
64 | # disable weak cyphers/options for security reasons |
65 | echo '#define DROPBEAR_ENABLE_CBC_MODE 0' >> ${SRCDIR}/localoptions.h || die |
66 | echo '#define DROPBEAR_SHA1_HMAC 0' >> ${SRCDIR}/localoptions.h || die |
67 | echo '#define DROPBEAR_SHA1_96_HMAC 0' >> ${SRCDIR}/localoptions.h || die |
68 | # enable twofish |
69 | echo '#define DROPBEAR_TWOFISH128 1' >> ${SRCDIR}/localoptions.h || die |
70 | echo '#define DROPBEAR_TWOFISH256 1' >> ${SRCDIR}/localoptions.h || die |
71 | # disable x11 fwd by default |
72 | echo '#define DROPBEAR_X11FWD 0' >> ${SRCDIR}/localoptions.h || die |
73 | } |
74 | src_compile() |
75 | { |
76 | cd ${SRCDIR} |
77 | |
78 | mconfigure --enable-zlib --disable-pam || die |
79 | mmake PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 || die |
80 | } |
81 | |
82 | alx_generic_src_install() |
83 | { |
84 | cd ${SRCDIR} |
85 | mmake DESTDIR=${BINDIR} PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 install || die |
86 | |
87 | # create missing symlinks |
88 | minstalldir /usr/sbin || die |
89 | mlink dropbearmulti /usr/bin/dbclient || die |
90 | mlink dropbearmulti /usr/bin/scp || die |
91 | mlink dropbearmulti /usr/bin/dropbearkey || die |
92 | mlink ../bin/dropbearmulti /usr/sbin/dropbear || die |
93 | |
94 | # systemd units |
95 | minstallunit dropbear.service-${DROPBEAR_SVC_REV} dropbear.service || die |
96 | minstallunit dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} dropbear-keygen-dss.service || die |
97 | minstallunit dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} dropbear-keygen-rsa.service || die |
98 | minstallunit dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} dropbear-keygen-ecdsa.service || die |
99 | minstalltmp dropbear.conf.tempfile dropbear.conf || die |
100 | |
101 | # needed to run sshd |
102 | mkeepdir /etc/dropbear || die |
103 | mkeepdir /var/empty || die |
104 | mchown root:sys /var/empty || die |
105 | |
106 | minstalldocs CHANGES INSTALL LICENSE _MTN MULTI SMALL TODO || die |
107 | } |
108 | |
109 | preinstall_dropbear() |
110 | { |
111 | add_conf_prot_mask /etc/tmpfiles.d |
112 | |
113 | # adding ssh user |
114 | ${MLIBDIR}/mgroupadd -o "-g 22" sshd |
115 | ${MLIBDIR}/museradd -o "-u 22 -g sshd -d /var/empty -s /bin/false" sshd |
116 | } |
117 | |
118 | postinstall_dropbear() |
119 | { |
120 | # cleanup old symlinks |
121 | local i |
122 | for i in dsa rsa ecdsa |
123 | do |
124 | if [ -L ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service ] |
125 | then |
126 | rm ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service |
127 | fi |
128 | done |
129 | |
130 | mstartunit dropbear.service |
131 | } |
132 | |
133 | postremove_dropbear() |
134 | { |
135 | mstopunit dropbear.service |
136 | } |