Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 2390b1b6299fb1e57e6d9a94c287ce1c0b322376 / . / poky / meta / recipes-core / dropbear / dropbear_2022.82.bb
blob: 4ed4c65cc100d19f33393ef09289d4830ab57da1 [file] [log] [blame]
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]1SUMMARY = "A lightweight SSH and SCP implementation"
2HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
3DESCRIPTION = "Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers."
4SECTION = "console/network"
5
6# some files are from other projects and have others license terms:
7# public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
8LICENSE = "MIT & BSD-3-Clause & BSD-2-Clause & PD"
9LIC_FILES_CHKSUM = "file://LICENSE;md5=25cf44512b7bc8966a48b6b1a9b7605f"
10
11DEPENDS = "zlib virtual/crypt"
12RPROVIDES:${PN} = "ssh sshd"
13RCONFLICTS:${PN} = "openssh-sshd openssh"
14
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]15SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
16 file://0001-urandom-xauth-changes-to-options.h.patch \
17 file://init \
18 file://dropbearkey.service \
19 file://dropbear@.service \
20 file://dropbear.socket \
21 file://dropbear.default \
22 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
Andrew Geissler87f5cff2022-09-30 13:13:31 -0500[diff] [blame]23 ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \
24 file://0007-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch"
Patrick Williams03907ee2022-05-01 06:28:52 -0500[diff] [blame]25
26SRC_URI[sha256sum] = "3a038d2bbc02bf28bbdd20c012091f741a3ec5cbe460691811d714876aad75d1"
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]27
28PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
29 file://0006-dropbear-configuration-file.patch \
30 file://dropbear"
31
32PAM_PLUGINS = "libpam-runtime \
33 pam-plugin-deny \
34 pam-plugin-permit \
35 pam-plugin-unix \
36 "
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]37inherit autotools update-rc.d systemd
38
39CVE_PRODUCT = "dropbear_ssh"
40
41INITSCRIPT_NAME = "dropbear"
42INITSCRIPT_PARAMS = "defaults 10"
43
44SYSTEMD_SERVICE:${PN} = "dropbear.socket"
45
46SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
47BINCOMMANDS = "dbclient ssh scp"
48EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
49
Patrick Williams2390b1b2022-11-03 13:47:49 -0500[diff] [blame^]50PACKAGECONFIG ?= "disable-weak-ciphers ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}"
51PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam,${PAM_PLUGINS}"
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]52PACKAGECONFIG[system-libtom] = "--disable-bundled-libtom,--enable-bundled-libtom,libtommath libtomcrypt"
53PACKAGECONFIG[disable-weak-ciphers] = ""
Andrew Geissler87f5cff2022-09-30 13:13:31 -0500[diff] [blame]54PACKAGECONFIG[enable-x11-forwarding] = ""
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]55
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]56# This option appends to CFLAGS and LDFLAGS from OE
57# This is causing [textrel] QA warning
58EXTRA_OECONF += "--disable-harden"
59
60# musl does not implement wtmp/logwtmp APIs
61EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
62
Andrew Geissler87f5cff2022-09-30 13:13:31 -0500[diff] [blame]63do_configure:append() {
64 echo "/* Dropbear features */" > ${B}/localoptions.h
65 if ${@bb.utils.contains('PACKAGECONFIG', 'enable-x11-forwarding', 'true', 'false', d)}; then
66 echo "#define DROPBEAR_X11FWD 1" >> ${B}/localoptions.h
67 fi
68}
69
Patrick Williams92b42cb2022-09-03 06:53:57 -0500[diff] [blame]70do_install() {
71 install -d ${D}${sysconfdir} \
72 ${D}${sysconfdir}/init.d \
73 ${D}${sysconfdir}/default \
74 ${D}${sysconfdir}/dropbear \
75 ${D}${bindir} \
76 ${D}${sbindir} \
77 ${D}${localstatedir}
78
79 install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear
80
81 install -m 0755 dropbearmulti ${D}${sbindir}/
82
83 for i in ${BINCOMMANDS}
84 do
85 # ssh and scp symlinks are created by update-alternatives
86 if [ $i = ssh ] || [ $i = scp ]; then continue; fi
87 ln -s ${sbindir}/dropbearmulti ${D}${bindir}/$i
88 done
89 for i in ${SBINCOMMANDS}
90 do
91 ln -s ./dropbearmulti ${D}${sbindir}/$i
92 done
93 sed -e 's,/etc,${sysconfdir},g' \
94 -e 's,/usr/sbin,${sbindir},g' \
95 -e 's,/var,${localstatedir},g' \
96 -e 's,/usr/bin,${bindir},g' \
97 -e 's,/usr,${prefix},g' ${WORKDIR}/init > ${D}${sysconfdir}/init.d/dropbear
98 chmod 755 ${D}${sysconfdir}/init.d/dropbear
99 if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
100 install -d ${D}${sysconfdir}/pam.d
101 install -m 0644 ${WORKDIR}/dropbear ${D}${sysconfdir}/pam.d/
102 fi
103
104 # deal with systemd unit files
105 install -d ${D}${systemd_system_unitdir}
106 install -m 0644 ${WORKDIR}/dropbearkey.service ${D}${systemd_system_unitdir}
107 install -m 0644 ${WORKDIR}/dropbear@.service ${D}${systemd_system_unitdir}
108 install -m 0644 ${WORKDIR}/dropbear.socket ${D}${systemd_system_unitdir}
109 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
110 -e 's,@BINDIR@,${bindir},g' \
111 -e 's,@SBINDIR@,${sbindir},g' \
112 ${D}${systemd_system_unitdir}/dropbear.socket ${D}${systemd_system_unitdir}/*.service
113}
114
115inherit update-alternatives
116
117ALTERNATIVE_PRIORITY = "20"
118ALTERNATIVE:${PN} = "${@bb.utils.filter('BINCOMMANDS', 'scp ssh', d)}"
119
120ALTERNATIVE_TARGET = "${sbindir}/dropbearmulti"
121
122pkg_postrm:${PN} () {
123 if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then
124 rm ${sysconfdir}/dropbear/dropbear_rsa_host_key
125 fi
126 if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then
127 rm ${sysconfdir}/dropbear/dropbear_dss_host_key
128 fi
129}
130
131CONFFILES:${PN} = "${sysconfdir}/default/dropbear"
132
133FILES:${PN} += "${bindir}"