Annotation of /smage/trunk/core/dropbear/dropbear-2020.80-r2.smage2
Parent Directory | Revision Log
Revision 15267 -
(hide annotations)
(download)
Fri Aug 7 10:59:12 2020 UTC (3 years, 9 months ago) by niro
File size: 3957 byte(s)
Fri Aug 7 10:59:12 2020 UTC (3 years, 9 months ago) by niro
File size: 3957 byte(s)
-keep ssh symlink
1 | niro | 15267 | # $Id$ |
2 | |||
3 | PNAME="dropbear" | ||
4 | PVER="2020.80" | ||
5 | PBUILD="r2" | ||
6 | |||
7 | PCAT="net-misc" | ||
8 | |||
9 | DESCRIPTION="Dropbear SSH2 has a small memory footprint and is suitable for memory-constrained environments." | ||
10 | HOMEPAGE="http://matt.ucc.asn.au/dropbear/dropbear.html" | ||
11 | |||
12 | DEPEND=">= sys-libs/zlib-1.2.5 | ||
13 | >= dev-libs/libtommath-1.1" | ||
14 | |||
15 | SDEPEND=">= sys-libs/zlib-dev-1.2.5 | ||
16 | >= dev-libs/libtommath-dev-1.1" | ||
17 | |||
18 | PROVIDE="virtual/ssh-server | ||
19 | virtual/ssh-client" | ||
20 | |||
21 | SRCFILE="${PNAME}-${PVER}.tar.bz2" | ||
22 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" | ||
23 | |||
24 | DROPBEAR_SVC_REV=1.2 | ||
25 | KEYGEN_DSS_SVC_REV=1.2 | ||
26 | KEYGEN_RSA_SVC_REV=1.2 | ||
27 | KEYGEN_ECDSA_SVC_REV=1.2 | ||
28 | |||
29 | # no check target in Makefile | ||
30 | msetfeature "!check" | ||
31 | |||
32 | # todo: remove dbclient too? | ||
33 | ALX_PKG_KEEP="etc | ||
34 | usr/bin/dbclient | ||
35 | usr/bin/dropbearkey | ||
36 | usr/bin/dropbearconvert | ||
37 | usr/bin/scp | ||
38 | usr/bin/ssh | ||
39 | usr/sbin/dropbear | ||
40 | usr/bin/dropbearmulti | ||
41 | usr/lib/systemd | ||
42 | var" | ||
43 | sminclude mbuild mtools systemd alx-split | ||
44 | |||
45 | SRC_URI=( | ||
46 | http://matt.ucc.asn.au/${PNAME}/releases/${SRCFILE} | ||
47 | mirror://${PNAME}/${SRCFILE} | ||
48 | mirror://${PNAME}/dropbear.service-${DROPBEAR_SVC_REV} | ||
49 | mirror://${PNAME}/dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} | ||
50 | mirror://${PNAME}/dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} | ||
51 | mirror://${PNAME}/dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} | ||
52 | mirror://${PNAME}/dropbear.conf.tempfile | ||
53 | ) | ||
54 | |||
55 | UP2DATE="updatecmd 'http://matt.ucc.asn.au/dropbear/releases/?C=M;O=A' | grep ${PNAME}- | lasttarball" | ||
56 | |||
57 | src_prepare() | ||
58 | { | ||
59 | munpack ${SRCFILE} || die | ||
60 | cd ${SRCDIR} | ||
61 | |||
62 | # see: https://github.com/balena-os/meta-balena/issues/1161 | ||
63 | # and check: https://github.com/arthepsy/ssh-audit | ||
64 | echo > ${SRCDIR}/localoptions.h || die | ||
65 | # disable weak cyphers/options for security reasons | ||
66 | echo '#define DROPBEAR_ENABLE_CBC_MODE 0' >> ${SRCDIR}/localoptions.h || die | ||
67 | echo '#define DROPBEAR_SHA1_HMAC 0' >> ${SRCDIR}/localoptions.h || die | ||
68 | echo '#define DROPBEAR_SHA1_96_HMAC 0' >> ${SRCDIR}/localoptions.h || die | ||
69 | # enable twofish | ||
70 | echo '#define DROPBEAR_TWOFISH128 1' >> ${SRCDIR}/localoptions.h || die | ||
71 | echo '#define DROPBEAR_TWOFISH256 1' >> ${SRCDIR}/localoptions.h || die | ||
72 | # disable x11 fwd by default | ||
73 | echo '#define DROPBEAR_X11FWD 0' >> ${SRCDIR}/localoptions.h || die | ||
74 | } | ||
75 | src_compile() | ||
76 | { | ||
77 | cd ${SRCDIR} | ||
78 | |||
79 | mconfigure --enable-zlib --disable-pam || die | ||
80 | mmake PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 || die | ||
81 | } | ||
82 | |||
83 | alx_generic_src_install() | ||
84 | { | ||
85 | cd ${SRCDIR} | ||
86 | mmake DESTDIR=${BINDIR} PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 install || die | ||
87 | |||
88 | # create missing symlinks | ||
89 | minstalldir /usr/sbin || die | ||
90 | mlink dropbearmulti /usr/bin/dbclient || die | ||
91 | mlink dropbearmulti /usr/bin/scp || die | ||
92 | mlink dropbearmulti /usr/bin/ssh || die | ||
93 | mlink dropbearmulti /usr/bin/dropbearkey || die | ||
94 | mlink ../bin/dropbearmulti /usr/sbin/dropbear || die | ||
95 | |||
96 | # systemd units | ||
97 | minstallunit dropbear.service-${DROPBEAR_SVC_REV} dropbear.service || die | ||
98 | minstallunit dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} dropbear-keygen-dss.service || die | ||
99 | minstallunit dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} dropbear-keygen-rsa.service || die | ||
100 | minstallunit dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} dropbear-keygen-ecdsa.service || die | ||
101 | minstalltmp dropbear.conf.tempfile dropbear.conf || die | ||
102 | |||
103 | # needed to run sshd | ||
104 | mkeepdir /etc/dropbear || die | ||
105 | mkeepdir /var/empty || die | ||
106 | mchown root:sys /var/empty || die | ||
107 | |||
108 | minstalldocs CHANGES INSTALL LICENSE _MTN MULTI SMALL TODO || die | ||
109 | } | ||
110 | |||
111 | preinstall_dropbear() | ||
112 | { | ||
113 | add_conf_prot_mask /etc/tmpfiles.d | ||
114 | |||
115 | # adding ssh user | ||
116 | ${MLIBDIR}/mgroupadd -o "-g 22" sshd | ||
117 | ${MLIBDIR}/museradd -o "-u 22 -g sshd -d /var/empty -s /bin/false" sshd | ||
118 | } | ||
119 | |||
120 | postinstall_dropbear() | ||
121 | { | ||
122 | # cleanup old symlinks | ||
123 | local i | ||
124 | for i in dsa rsa ecdsa | ||
125 | do | ||
126 | if [ -L ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service ] | ||
127 | then | ||
128 | rm ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service | ||
129 | fi | ||
130 | done | ||
131 | |||
132 | mstartunit dropbear.service | ||
133 | } | ||
134 | |||
135 | postremove_dropbear() | ||
136 | { | ||
137 | mstopunit dropbear.service | ||
138 | } |