diff options
5 files changed, 390 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh-5.6p1/init b/meta/recipes-connectivity/openssh/openssh-5.6p1/init new file mode 100644 index 0000000000..b16cbd61a6 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.6p1/init | |||
@@ -0,0 +1,88 @@ | |||
1 | #! /bin/sh | ||
2 | set -e | ||
3 | |||
4 | # /etc/init.d/ssh: start and stop the OpenBSD "secure shell" daemon | ||
5 | |||
6 | test -x /usr/sbin/sshd || exit 0 | ||
7 | ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 | ||
8 | |||
9 | if test -f /etc/default/ssh; then | ||
10 | . /etc/default/ssh | ||
11 | fi | ||
12 | |||
13 | check_for_no_start() { | ||
14 | # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists | ||
15 | if [ -e /etc/ssh/sshd_not_to_be_run ]; then | ||
16 | echo "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" | ||
17 | exit 0 | ||
18 | fi | ||
19 | } | ||
20 | |||
21 | check_privsep_dir() { | ||
22 | # Create the PrivSep empty dir if necessary | ||
23 | if [ ! -d /var/run/sshd ]; then | ||
24 | mkdir /var/run/sshd | ||
25 | chmod 0755 /var/run/sshd | ||
26 | fi | ||
27 | } | ||
28 | |||
29 | check_config() { | ||
30 | /usr/sbin/sshd -t || exit 1 | ||
31 | } | ||
32 | |||
33 | check_keys() { | ||
34 | # create keys if necessary | ||
35 | if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then | ||
36 | echo " generating ssh RSA key..." | ||
37 | ssh-keygen -q -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa | ||
38 | fi | ||
39 | if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then | ||
40 | echo " generating ssh DSA key..." | ||
41 | ssh-keygen -q -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa | ||
42 | fi | ||
43 | } | ||
44 | |||
45 | export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" | ||
46 | |||
47 | case "$1" in | ||
48 | start) | ||
49 | check_for_no_start | ||
50 | echo "Starting OpenBSD Secure Shell server: sshd" | ||
51 | check_keys | ||
52 | check_privsep_dir | ||
53 | start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS | ||
54 | echo "done." | ||
55 | ;; | ||
56 | stop) | ||
57 | echo -n "Stopping OpenBSD Secure Shell server: sshd" | ||
58 | start-stop-daemon -K -x /usr/sbin/sshd | ||
59 | echo "." | ||
60 | ;; | ||
61 | |||
62 | reload|force-reload) | ||
63 | check_for_no_start | ||
64 | check_keys | ||
65 | check_config | ||
66 | echo -n "Reloading OpenBSD Secure Shell server's configuration" | ||
67 | start-stop-daemon -K -s 1 -x /usr/sbin/sshd | ||
68 | echo "." | ||
69 | ;; | ||
70 | |||
71 | restart) | ||
72 | check_keys | ||
73 | check_config | ||
74 | echo -n "Restarting OpenBSD Secure Shell server: sshd" | ||
75 | start-stop-daemon -K -x /usr/sbin/sshd | ||
76 | check_for_no_start | ||
77 | check_privsep_dir | ||
78 | sleep 2 | ||
79 | start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS | ||
80 | echo "." | ||
81 | ;; | ||
82 | |||
83 | *) | ||
84 | echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}" | ||
85 | exit 1 | ||
86 | esac | ||
87 | |||
88 | exit 0 | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.6p1/nostrip.patch b/meta/recipes-connectivity/openssh/openssh-5.6p1/nostrip.patch new file mode 100644 index 0000000000..a88e18e354 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.6p1/nostrip.patch | |||
@@ -0,0 +1,16 @@ | |||
1 | # Disable stripping binaries during make install. | ||
2 | # | ||
3 | # Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
4 | |||
5 | diff -ur openssh-5.6p1.orig/Makefile.in openssh-5.6p1/Makefile.in | ||
6 | --- openssh-5.6p1.orig/Makefile.in 2010-05-11 23:51:39.000000000 -0700 | ||
7 | +++ openssh-5.6p1/Makefile.in 2010-08-30 16:49:54.000000000 -0700 | ||
8 | @@ -29,7 +29,7 @@ | ||
9 | RAND_HELPER=$(libexecdir)/ssh-rand-helper | ||
10 | PRIVSEP_PATH=@PRIVSEP_PATH@ | ||
11 | SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ | ||
12 | -STRIP_OPT=@STRIP_OPT@ | ||
13 | +STRIP_OPT= | ||
14 | |||
15 | PATHS= -DSSHDIR=\"$(sysconfdir)\" \ | ||
16 | -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.6p1/ssh_config b/meta/recipes-connectivity/openssh/openssh-5.6p1/ssh_config new file mode 100644 index 0000000000..4a4a649ba8 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.6p1/ssh_config | |||
@@ -0,0 +1,46 @@ | |||
1 | # $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $ | ||
2 | |||
3 | # This is the ssh client system-wide configuration file. See | ||
4 | # ssh_config(5) for more information. This file provides defaults for | ||
5 | # users, and the values can be changed in per-user configuration files | ||
6 | # or on the command line. | ||
7 | |||
8 | # Configuration data is parsed as follows: | ||
9 | # 1. command line options | ||
10 | # 2. user-specific file | ||
11 | # 3. system-wide file | ||
12 | # Any configuration value is only changed the first time it is set. | ||
13 | # Thus, host-specific definitions should be at the beginning of the | ||
14 | # configuration file, and defaults at the end. | ||
15 | |||
16 | # Site-wide defaults for some commonly used options. For a comprehensive | ||
17 | # list of available options, their meanings and defaults, please see the | ||
18 | # ssh_config(5) man page. | ||
19 | |||
20 | Host * | ||
21 | ForwardAgent yes | ||
22 | ForwardX11 yes | ||
23 | # RhostsRSAAuthentication no | ||
24 | # RSAAuthentication yes | ||
25 | # PasswordAuthentication yes | ||
26 | # HostbasedAuthentication no | ||
27 | # GSSAPIAuthentication no | ||
28 | # GSSAPIDelegateCredentials no | ||
29 | # BatchMode no | ||
30 | # CheckHostIP yes | ||
31 | # AddressFamily any | ||
32 | # ConnectTimeout 0 | ||
33 | # StrictHostKeyChecking ask | ||
34 | # IdentityFile ~/.ssh/identity | ||
35 | # IdentityFile ~/.ssh/id_rsa | ||
36 | # IdentityFile ~/.ssh/id_dsa | ||
37 | # Port 22 | ||
38 | # Protocol 2,1 | ||
39 | # Cipher 3des | ||
40 | # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc | ||
41 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 | ||
42 | # EscapeChar ~ | ||
43 | # Tunnel no | ||
44 | # TunnelDevice any:any | ||
45 | # PermitLocalCommand no | ||
46 | # VisualHostKey no | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.6p1/sshd_config b/meta/recipes-connectivity/openssh/openssh-5.6p1/sshd_config new file mode 100644 index 0000000000..4f9b626fbd --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.6p1/sshd_config | |||
@@ -0,0 +1,119 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ | ||
2 | |||
3 | # This is the sshd server system-wide configuration file. See | ||
4 | # sshd_config(5) for more information. | ||
5 | |||
6 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin | ||
7 | |||
8 | # The strategy used for options in the default sshd_config shipped with | ||
9 | # OpenSSH is to specify options with their default value where | ||
10 | # possible, but leave them commented. Uncommented options change a | ||
11 | # default value. | ||
12 | |||
13 | #Port 22 | ||
14 | #AddressFamily any | ||
15 | #ListenAddress 0.0.0.0 | ||
16 | #ListenAddress :: | ||
17 | |||
18 | # Disable legacy (protocol version 1) support in the server for new | ||
19 | # installations. In future the default will change to require explicit | ||
20 | # activation of protocol 1 | ||
21 | Protocol 2 | ||
22 | |||
23 | # HostKey for protocol version 1 | ||
24 | #HostKey /etc/ssh/ssh_host_key | ||
25 | # HostKeys for protocol version 2 | ||
26 | #HostKey /etc/ssh/ssh_host_rsa_key | ||
27 | #HostKey /etc/ssh/ssh_host_dsa_key | ||
28 | |||
29 | # Lifetime and size of ephemeral version 1 server key | ||
30 | #KeyRegenerationInterval 1h | ||
31 | #ServerKeyBits 1024 | ||
32 | |||
33 | # Logging | ||
34 | # obsoletes QuietMode and FascistLogging | ||
35 | #SyslogFacility AUTH | ||
36 | #LogLevel INFO | ||
37 | |||
38 | # Authentication: | ||
39 | |||
40 | #LoginGraceTime 2m | ||
41 | #PermitRootLogin yes | ||
42 | #StrictModes yes | ||
43 | #MaxAuthTries 6 | ||
44 | #MaxSessions 10 | ||
45 | |||
46 | #RSAAuthentication yes | ||
47 | #PubkeyAuthentication yes | ||
48 | #AuthorizedKeysFile .ssh/authorized_keys | ||
49 | |||
50 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | ||
51 | #RhostsRSAAuthentication no | ||
52 | # similar for protocol version 2 | ||
53 | #HostbasedAuthentication no | ||
54 | # Change to yes if you don't trust ~/.ssh/known_hosts for | ||
55 | # RhostsRSAAuthentication and HostbasedAuthentication | ||
56 | #IgnoreUserKnownHosts no | ||
57 | # Don't read the user's ~/.rhosts and ~/.shosts files | ||
58 | #IgnoreRhosts yes | ||
59 | |||
60 | # To disable tunneled clear text passwords, change to no here! | ||
61 | #PasswordAuthentication yes | ||
62 | #PermitEmptyPasswords no | ||
63 | |||
64 | # Change to no to disable s/key passwords | ||
65 | #ChallengeResponseAuthentication yes | ||
66 | |||
67 | # Kerberos options | ||
68 | #KerberosAuthentication no | ||
69 | #KerberosOrLocalPasswd yes | ||
70 | #KerberosTicketCleanup yes | ||
71 | #KerberosGetAFSToken no | ||
72 | |||
73 | # GSSAPI options | ||
74 | #GSSAPIAuthentication no | ||
75 | #GSSAPICleanupCredentials yes | ||
76 | |||
77 | # Set this to 'yes' to enable PAM authentication, account processing, | ||
78 | # and session processing. If this is enabled, PAM authentication will | ||
79 | # be allowed through the ChallengeResponseAuthentication and | ||
80 | # PasswordAuthentication. Depending on your PAM configuration, | ||
81 | # PAM authentication via ChallengeResponseAuthentication may bypass | ||
82 | # the setting of "PermitRootLogin without-password". | ||
83 | # If you just want the PAM account and session checks to run without | ||
84 | # PAM authentication, then enable this but set PasswordAuthentication | ||
85 | # and ChallengeResponseAuthentication to 'no'. | ||
86 | #UsePAM no | ||
87 | |||
88 | #AllowAgentForwarding yes | ||
89 | #AllowTcpForwarding yes | ||
90 | #GatewayPorts no | ||
91 | #X11Forwarding no | ||
92 | #X11DisplayOffset 10 | ||
93 | #X11UseLocalhost yes | ||
94 | #PrintMotd yes | ||
95 | #PrintLastLog yes | ||
96 | #TCPKeepAlive yes | ||
97 | #UseLogin no | ||
98 | UsePrivilegeSeparation yes | ||
99 | #PermitUserEnvironment no | ||
100 | Compression no | ||
101 | ClientAliveInterval 15 | ||
102 | ClientAliveCountMax 4 | ||
103 | #UseDNS yes | ||
104 | #PidFile /var/run/sshd.pid | ||
105 | #MaxStartups 10 | ||
106 | #PermitTunnel no | ||
107 | #ChrootDirectory none | ||
108 | |||
109 | # no default banner path | ||
110 | #Banner none | ||
111 | |||
112 | # override default of no subsystems | ||
113 | Subsystem sftp /usr/libexec/sftp-server | ||
114 | |||
115 | # Example of overriding settings on a per-user basis | ||
116 | #Match User anoncvs | ||
117 | # X11Forwarding no | ||
118 | # AllowTcpForwarding no | ||
119 | # ForceCommand cvs server | ||
diff --git a/meta/recipes-connectivity/openssh/openssh_5.6p1.bb b/meta/recipes-connectivity/openssh/openssh_5.6p1.bb new file mode 100644 index 0000000000..718e03adac --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh_5.6p1.bb | |||
@@ -0,0 +1,121 @@ | |||
1 | DESCRIPTION = "Secure rlogin/rsh/rcp/telnet replacement (OpenSSH) \ | ||
2 | Ssh (Secure Shell) is a program for logging into a remote machine \ | ||
3 | and for executing commands on a remote machine." | ||
4 | HOMEPAGE = "http://openssh.org" | ||
5 | SECTION = "console/network" | ||
6 | LICENSE = "BSD" | ||
7 | LIC_FILES_CHKSUM = "file://LICENCE;md5=7ae09218173be1643c998a4b71027f9b" | ||
8 | |||
9 | PR = "r0" | ||
10 | |||
11 | DEPENDS = "zlib openssl" | ||
12 | DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | ||
13 | |||
14 | PROVIDES = "ssh sshd" | ||
15 | RPROVIDES = "ssh sshd" | ||
16 | |||
17 | CONFLICTS_${PN} = "dropbear" | ||
18 | RCONFLICTS_${PN}-sshd = "dropbear" | ||
19 | RCONFLICTS_${PN}-keygen = "ssh-keygen" | ||
20 | |||
21 | SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ | ||
22 | file://nostrip.patch \ | ||
23 | file://sshd_config \ | ||
24 | file://ssh_config \ | ||
25 | file://init \ | ||
26 | " | ||
27 | SRC_URI[md5sum] = "e6ee52e47c768bf0ec42a232b5d18fb0" | ||
28 | SRC_URI[sha256sum] = "538af53b2b8162c21a293bb004ae2bdb141abd250f61b4cea55244749f3c6c2b" | ||
29 | |||
30 | inherit autotools | ||
31 | |||
32 | # LFS support: | ||
33 | CFLAGS += "-D__FILE_OFFSET_BITS=64" | ||
34 | export LD = "${CC}" | ||
35 | |||
36 | EXTRA_OECONF = "--with-rand-helper=no \ | ||
37 | ${@base_contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ | ||
38 | --without-zlib-version-check \ | ||
39 | --with-privsep-path=/var/run/sshd \ | ||
40 | --sysconfdir=${sysconfdir}/ssh \ | ||
41 | --with-xauth=/usr/bin/xauth" | ||
42 | |||
43 | # This is a workaround for uclibc because including stdio.h | ||
44 | # pulls in pthreads.h and causes conflicts in function prototypes. | ||
45 | # This results in compilation failure, so unless this is fixed, | ||
46 | # disable pam for uclibc. | ||
47 | EXTRA_OECONF_append_libc-uclibc=" --without-pam" | ||
48 | |||
49 | do_configure_prepend () { | ||
50 | if [ ! -e acinclude.m4 -a -e aclocal.m4 ]; then | ||
51 | cp aclocal.m4 acinclude.m4 | ||
52 | fi | ||
53 | } | ||
54 | |||
55 | do_compile_append () { | ||
56 | install -m 0644 ${WORKDIR}/sshd_config ${S}/ | ||
57 | install -m 0644 ${WORKDIR}/ssh_config ${S}/ | ||
58 | } | ||
59 | |||
60 | do_install_append () { | ||
61 | install -d ${D}${sysconfdir}/init.d | ||
62 | install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd | ||
63 | mv ${D}${bindir}/scp ${D}${bindir}/scp.${PN} | ||
64 | mv ${D}${bindir}/ssh ${D}${bindir}/ssh.${PN} | ||
65 | rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin | ||
66 | rmdir ${D}/var/run/sshd ${D}/var/run ${D}/var | ||
67 | } | ||
68 | |||
69 | PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server" | ||
70 | FILES_${PN}-scp = "${bindir}/scp.${PN}" | ||
71 | FILES_${PN}-ssh = "${bindir}/ssh.${PN} ${sysconfdir}/ssh/ssh_config" | ||
72 | FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd" | ||
73 | FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config" | ||
74 | FILES_${PN}-sftp = "${bindir}/sftp" | ||
75 | FILES_${PN}-sftp-server = "${libdir}exec/sftp-server" | ||
76 | FILES_${PN}-misc = "${bindir}/ssh* ${libdir}exec/ssh*" | ||
77 | FILES_${PN}-keygen = "${bindir}/ssh-keygen" | ||
78 | |||
79 | RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" | ||
80 | DEPENDS_${PN}-sshd += "update-rc.d" | ||
81 | RDEPENDS_${PN}-sshd += "update-rc.d ${PN}-keygen" | ||
82 | |||
83 | pkg_postinst_${PN}-sshd () { | ||
84 | if [ "x$D" != "x" ]; then | ||
85 | exit 1 | ||
86 | else | ||
87 | addgroup sshd | ||
88 | adduser --system --home /var/run/sshd --no-create-home --disabled-password --ingroup sshd -s /bin/false sshd | ||
89 | update-rc.d sshd defaults 9 | ||
90 | fi | ||
91 | } | ||
92 | |||
93 | pkg_postinst_${PN}-scp () { | ||
94 | update-alternatives --install ${bindir}/scp scp scp.${PN} 90 | ||
95 | } | ||
96 | |||
97 | pkg_postinst_${PN}-ssh () { | ||
98 | update-alternatives --install ${bindir}/ssh ssh ssh.${PN} 90 | ||
99 | } | ||
100 | |||
101 | pkg_postrm_${PN}-ssh () { | ||
102 | update-alternatives --remove ${bindir}/ssh ssh.${PN} | ||
103 | } | ||
104 | |||
105 | pkg_postrm_${PN}-scp () { | ||
106 | update-alternatives --remove ${bindir}/scp scp.${PN} | ||
107 | } | ||
108 | |||
109 | pkg_postrm_${PN}-sshd () { | ||
110 | if [ "x$D" != "x" ]; then | ||
111 | exit 1 | ||
112 | else | ||
113 | ${sysconfdir}/init.d/sshd stop | ||
114 | deluser sshd | ||
115 | delgroup sshd | ||
116 | update-rc.d -f sshd remove | ||
117 | fi | ||
118 | } | ||
119 | |||
120 | CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config" | ||
121 | CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config" | ||