Contents of /smage/trunk/core/dropbear/dropbear-2020.80-r2.smage2
Parent Directory | Revision Log
Revision 15267 -
(show annotations)
(download)
Fri Aug 7 10:59:12 2020 UTC (3 years, 8 months ago) by niro
File size: 3957 byte(s)
Fri Aug 7 10:59:12 2020 UTC (3 years, 8 months ago) by niro
File size: 3957 byte(s)
-keep ssh symlink
1 | # $Id$ |
2 | |
3 | PNAME="dropbear" |
4 | PVER="2020.80" |
5 | PBUILD="r2" |
6 | |
7 | PCAT="net-misc" |
8 | |
9 | DESCRIPTION="Dropbear SSH2 has a small memory footprint and is suitable for memory-constrained environments." |
10 | HOMEPAGE="http://matt.ucc.asn.au/dropbear/dropbear.html" |
11 | |
12 | DEPEND=">= sys-libs/zlib-1.2.5 |
13 | >= dev-libs/libtommath-1.1" |
14 | |
15 | SDEPEND=">= sys-libs/zlib-dev-1.2.5 |
16 | >= dev-libs/libtommath-dev-1.1" |
17 | |
18 | PROVIDE="virtual/ssh-server |
19 | virtual/ssh-client" |
20 | |
21 | SRCFILE="${PNAME}-${PVER}.tar.bz2" |
22 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" |
23 | |
24 | DROPBEAR_SVC_REV=1.2 |
25 | KEYGEN_DSS_SVC_REV=1.2 |
26 | KEYGEN_RSA_SVC_REV=1.2 |
27 | KEYGEN_ECDSA_SVC_REV=1.2 |
28 | |
29 | # no check target in Makefile |
30 | msetfeature "!check" |
31 | |
32 | # todo: remove dbclient too? |
33 | ALX_PKG_KEEP="etc |
34 | usr/bin/dbclient |
35 | usr/bin/dropbearkey |
36 | usr/bin/dropbearconvert |
37 | usr/bin/scp |
38 | usr/bin/ssh |
39 | usr/sbin/dropbear |
40 | usr/bin/dropbearmulti |
41 | usr/lib/systemd |
42 | var" |
43 | sminclude mbuild mtools systemd alx-split |
44 | |
45 | SRC_URI=( |
46 | http://matt.ucc.asn.au/${PNAME}/releases/${SRCFILE} |
47 | mirror://${PNAME}/${SRCFILE} |
48 | mirror://${PNAME}/dropbear.service-${DROPBEAR_SVC_REV} |
49 | mirror://${PNAME}/dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} |
50 | mirror://${PNAME}/dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} |
51 | mirror://${PNAME}/dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} |
52 | mirror://${PNAME}/dropbear.conf.tempfile |
53 | ) |
54 | |
55 | UP2DATE="updatecmd 'http://matt.ucc.asn.au/dropbear/releases/?C=M;O=A' | grep ${PNAME}- | lasttarball" |
56 | |
57 | src_prepare() |
58 | { |
59 | munpack ${SRCFILE} || die |
60 | cd ${SRCDIR} |
61 | |
62 | # see: https://github.com/balena-os/meta-balena/issues/1161 |
63 | # and check: https://github.com/arthepsy/ssh-audit |
64 | echo > ${SRCDIR}/localoptions.h || die |
65 | # disable weak cyphers/options for security reasons |
66 | echo '#define DROPBEAR_ENABLE_CBC_MODE 0' >> ${SRCDIR}/localoptions.h || die |
67 | echo '#define DROPBEAR_SHA1_HMAC 0' >> ${SRCDIR}/localoptions.h || die |
68 | echo '#define DROPBEAR_SHA1_96_HMAC 0' >> ${SRCDIR}/localoptions.h || die |
69 | # enable twofish |
70 | echo '#define DROPBEAR_TWOFISH128 1' >> ${SRCDIR}/localoptions.h || die |
71 | echo '#define DROPBEAR_TWOFISH256 1' >> ${SRCDIR}/localoptions.h || die |
72 | # disable x11 fwd by default |
73 | echo '#define DROPBEAR_X11FWD 0' >> ${SRCDIR}/localoptions.h || die |
74 | } |
75 | src_compile() |
76 | { |
77 | cd ${SRCDIR} |
78 | |
79 | mconfigure --enable-zlib --disable-pam || die |
80 | mmake PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 || die |
81 | } |
82 | |
83 | alx_generic_src_install() |
84 | { |
85 | cd ${SRCDIR} |
86 | mmake DESTDIR=${BINDIR} PROGRAMS="dbclient scp dropbearkey dropbearconvert dropbear" MULTI=1 install || die |
87 | |
88 | # create missing symlinks |
89 | minstalldir /usr/sbin || die |
90 | mlink dropbearmulti /usr/bin/dbclient || die |
91 | mlink dropbearmulti /usr/bin/scp || die |
92 | mlink dropbearmulti /usr/bin/ssh || die |
93 | mlink dropbearmulti /usr/bin/dropbearkey || die |
94 | mlink ../bin/dropbearmulti /usr/sbin/dropbear || die |
95 | |
96 | # systemd units |
97 | minstallunit dropbear.service-${DROPBEAR_SVC_REV} dropbear.service || die |
98 | minstallunit dropbear-keygen-dss.service-${KEYGEN_DSS_SVC_REV} dropbear-keygen-dss.service || die |
99 | minstallunit dropbear-keygen-rsa.service-${KEYGEN_RSA_SVC_REV} dropbear-keygen-rsa.service || die |
100 | minstallunit dropbear-keygen-ecdsa.service-${KEYGEN_ECDSA_SVC_REV} dropbear-keygen-ecdsa.service || die |
101 | minstalltmp dropbear.conf.tempfile dropbear.conf || die |
102 | |
103 | # needed to run sshd |
104 | mkeepdir /etc/dropbear || die |
105 | mkeepdir /var/empty || die |
106 | mchown root:sys /var/empty || die |
107 | |
108 | minstalldocs CHANGES INSTALL LICENSE _MTN MULTI SMALL TODO || die |
109 | } |
110 | |
111 | preinstall_dropbear() |
112 | { |
113 | add_conf_prot_mask /etc/tmpfiles.d |
114 | |
115 | # adding ssh user |
116 | ${MLIBDIR}/mgroupadd -o "-g 22" sshd |
117 | ${MLIBDIR}/museradd -o "-u 22 -g sshd -d /var/empty -s /bin/false" sshd |
118 | } |
119 | |
120 | postinstall_dropbear() |
121 | { |
122 | # cleanup old symlinks |
123 | local i |
124 | for i in dsa rsa ecdsa |
125 | do |
126 | if [ -L ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service ] |
127 | then |
128 | rm ${MROOT}/etc/systemd/system/multi-user.target.wants/dropbear-keygen-${i}.service |
129 | fi |
130 | done |
131 | |
132 | mstartunit dropbear.service |
133 | } |
134 | |
135 | postremove_dropbear() |
136 | { |
137 | mstopunit dropbear.service |
138 | } |