diff options
Diffstat (limited to 'meta/recipes-core/dropbear')
-rw-r--r-- | meta/recipes-core/dropbear/dropbear-0.52/configure.patch | 27 | ||||
-rw-r--r-- | meta/recipes-core/dropbear/dropbear.inc | 80 | ||||
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/allow-nopw.patch | 38 | ||||
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch | 11 | ||||
-rwxr-xr-x | meta/recipes-core/dropbear/dropbear/init | 106 | ||||
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch | 12 | ||||
-rw-r--r-- | meta/recipes-core/dropbear/dropbear_0.52.bb | 3 |
7 files changed, 277 insertions, 0 deletions
diff --git a/meta/recipes-core/dropbear/dropbear-0.52/configure.patch b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch new file mode 100644 index 0000000000..8d11b23f14 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | Index: dropbear-0.49/configure.in | ||
2 | =================================================================== | ||
3 | --- dropbear-0.49.orig/configure.in | ||
4 | +++ dropbear-0.49/configure.in | ||
5 | @@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, | ||
6 | AC_MSG_NOTICE(Not using openpty) | ||
7 | else | ||
8 | AC_MSG_NOTICE(Using openpty if available) | ||
9 | - AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) | ||
10 | + AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) | ||
11 | fi | ||
12 | ], | ||
13 | [ | ||
14 | AC_MSG_NOTICE(Using openpty if available) | ||
15 | - AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) | ||
16 | + AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) | ||
17 | ] | ||
18 | ) | ||
19 | + | ||
20 | +if test "x$dropbear_cv_func_have_openpty" = "xyes"; then | ||
21 | + AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) | ||
22 | + no_ptc_check=yes | ||
23 | + no_ptmx_check=yes | ||
24 | +fi | ||
25 | |||
26 | |||
27 | AC_ARG_ENABLE(syslog, | ||
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc new file mode 100644 index 0000000000..1d78d5c59b --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear.inc | |||
@@ -0,0 +1,80 @@ | |||
1 | DESCRIPTION = "Dropbear is a lightweight SSH and SCP Implementation" | ||
2 | HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html" | ||
3 | SECTION = "console/network" | ||
4 | |||
5 | # some files are from other projects and have others license terms: | ||
6 | # public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY | ||
7 | LICENSE = "MIT" | ||
8 | LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c" | ||
9 | |||
10 | DEPENDS = "zlib" | ||
11 | PROVIDES = "ssh sshd" | ||
12 | RPROVIDES = "ssh sshd" | ||
13 | |||
14 | SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \ | ||
15 | file://urandom-xauth-changes-to-options.h.patch \ | ||
16 | file://configure.patch \ | ||
17 | file://fix-2kb-keys.patch \ | ||
18 | file://allow-nopw.patch;apply=no \ | ||
19 | file://init" | ||
20 | |||
21 | inherit autotools update-rc.d | ||
22 | |||
23 | INITSCRIPT_NAME = "dropbear" | ||
24 | INITSCRIPT_PARAMS = "defaults 10" | ||
25 | |||
26 | CFLAGS_prepend = " -I. " | ||
27 | LD = "${CC}" | ||
28 | |||
29 | SBINCOMMANDS = "dropbear dropbearkey dropbearconvert" | ||
30 | BINCOMMANDS = "dbclient ssh scp" | ||
31 | EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"' | ||
32 | |||
33 | DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}" | ||
34 | |||
35 | do_configure_prepend() { | ||
36 | if [ "x${DISTRO}" != "xfamiliar" -a "${DISTRO_TYPE}" = "debug" ]; then | ||
37 | oenote "WARNING: applying allow-nopw.patch which allows password-less logins!" | ||
38 | patch -p1 < ${WORKDIR}/allow-nopw.patch | ||
39 | fi | ||
40 | } | ||
41 | |||
42 | do_install() { | ||
43 | install -d ${D}${sysconfdir} \ | ||
44 | ${D}${sysconfdir}/init.d \ | ||
45 | ${D}${sysconfdir}/default \ | ||
46 | ${D}${sysconfdir}/dropbear \ | ||
47 | ${D}${bindir} \ | ||
48 | ${D}${sbindir} \ | ||
49 | ${D}${localstatedir} | ||
50 | |||
51 | install -m 0755 dropbearmulti ${D}${sbindir}/ | ||
52 | ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient | ||
53 | |||
54 | for i in ${SBINCOMMANDS} | ||
55 | do | ||
56 | ln -s ./dropbearmulti ${D}${sbindir}/$i | ||
57 | done | ||
58 | cat ${WORKDIR}/init | sed -e 's,/etc,${sysconfdir},g' \ | ||
59 | -e 's,/usr/sbin,${sbindir},g' \ | ||
60 | -e 's,/var,${localstatedir},g' \ | ||
61 | -e 's,/usr/bin,${bindir},g' \ | ||
62 | -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear | ||
63 | chmod 755 ${D}${sysconfdir}/init.d/dropbear | ||
64 | } | ||
65 | |||
66 | pkg_postinst () { | ||
67 | update-alternatives --install ${bindir}/scp scp ${sbindir}/dropbearmulti 20 | ||
68 | update-alternatives --install ${bindir}/ssh ssh ${sbindir}/dropbearmulti 20 | ||
69 | } | ||
70 | |||
71 | pkg_postrm_append () { | ||
72 | if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then | ||
73 | rm ${sysconfdir}/dropbear/dropbear_rsa_host_key | ||
74 | fi | ||
75 | if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then | ||
76 | rm ${sysconfdir}/dropbear/dropbear_dss_host_key | ||
77 | fi | ||
78 | update-alternatives --remove ssh ${bindir}/dropbearmulti | ||
79 | update-alternatives --remove scp ${bindir}/dropbearmulti | ||
80 | } | ||
diff --git a/meta/recipes-core/dropbear/dropbear/allow-nopw.patch b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch new file mode 100644 index 0000000000..2ae361c63e --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | diff --git a/svr-auth.c b/svr-auth.c | ||
2 | index 5da0aa7..4de4964 100644 | ||
3 | --- a/svr-auth.c | ||
4 | +++ b/svr-auth.c | ||
5 | @@ -249,6 +249,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) { | ||
6 | } | ||
7 | |||
8 | /* check for an empty password */ | ||
9 | +#ifdef DISALLOW_EMPTY_PW | ||
10 | if (ses.authstate.pw_passwd[0] == '\0') { | ||
11 | TRACE(("leave checkusername: empty pword")) | ||
12 | dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", | ||
13 | @@ -256,6 +257,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) { | ||
14 | send_msg_userauth_failure(0, 1); | ||
15 | return DROPBEAR_FAILURE; | ||
16 | } | ||
17 | +#endif | ||
18 | |||
19 | TRACE(("shell is %s", ses.authstate.pw_shell)) | ||
20 | |||
21 | diff --git a/svr-authpasswd.c b/svr-authpasswd.c | ||
22 | index 53550a2..7b896bd 100644 | ||
23 | --- a/svr-authpasswd.c | ||
24 | +++ b/svr-authpasswd.c | ||
25 | @@ -64,9 +64,13 @@ void svr_auth_password() { | ||
26 | * since the shadow password may differ to that tested | ||
27 | * in auth.c */ | ||
28 | if (passwdcrypt[0] == '\0') { | ||
29 | +#ifdef DISALLOW_EMPTY_PASSWD | ||
30 | dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", | ||
31 | ses.authstate.pw_name); | ||
32 | send_msg_userauth_failure(0, 1); | ||
33 | +#else | ||
34 | + send_msg_userauth_success(); | ||
35 | +#endif | ||
36 | return; | ||
37 | } | ||
38 | |||
diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch new file mode 100644 index 0000000000..ba2b19d44a --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch | |||
@@ -0,0 +1,11 @@ | |||
1 | diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h | ||
2 | --- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800 | ||
3 | +++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800 | ||
4 | @@ -64,6 +64,6 @@ | ||
5 | |||
6 | }; | ||
7 | |||
8 | -#define MAX_KEXHASHBUF 2000 | ||
9 | +#define MAX_KEXHASHBUF 3000 | ||
10 | |||
11 | #endif /* _KEX_H_ */ | ||
diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init new file mode 100755 index 0000000000..e882bae689 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/init | |||
@@ -0,0 +1,106 @@ | |||
1 | #!/bin/sh | ||
2 | ### BEGIN INIT INFO | ||
3 | # Provides: sshd | ||
4 | # Required-Start: $remote_fs $syslog $networking | ||
5 | # Required-Stop: $remote_fs $syslog | ||
6 | # Default-Start: 2 3 4 5 | ||
7 | # Default-Stop: 1 | ||
8 | # Short-Description: Dropbear Secure Shell server | ||
9 | ### END INIT INFO | ||
10 | # | ||
11 | # Do not configure this file. Edit /etc/default/dropbear instead! | ||
12 | # | ||
13 | |||
14 | PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin | ||
15 | DAEMON=/usr/sbin/dropbear | ||
16 | NAME=dropbear | ||
17 | DESC="Dropbear SSH server" | ||
18 | |||
19 | DROPBEAR_PORT=22 | ||
20 | DROPBEAR_EXTRA_ARGS= | ||
21 | NO_START=0 | ||
22 | |||
23 | set -e | ||
24 | |||
25 | test ! -r /etc/default/dropbear || . /etc/default/dropbear | ||
26 | test "$NO_START" = "0" || exit 0 | ||
27 | test -x "$DAEMON" || exit 0 | ||
28 | test ! -h /var/service/dropbear || exit 0 | ||
29 | |||
30 | readonly_rootfs=0 | ||
31 | for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do | ||
32 | case $flag in | ||
33 | ro) | ||
34 | readonly_rootfs=1 | ||
35 | ;; | ||
36 | esac | ||
37 | done | ||
38 | |||
39 | if [ $readonly_rootfs = "1" ]; then | ||
40 | mkdir -p /var/lib/dropbear | ||
41 | DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key" | ||
42 | DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key" | ||
43 | else | ||
44 | DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key" | ||
45 | DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key" | ||
46 | fi | ||
47 | |||
48 | test -z "$DROPBEAR_BANNER" || \ | ||
49 | DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" | ||
50 | test -n "$DROPBEAR_RSAKEY" || \ | ||
51 | DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT | ||
52 | test -n "$DROPBEAR_DSSKEY" || \ | ||
53 | DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT | ||
54 | test -n "$DROPBEAR_KEYTYPES" || \ | ||
55 | DROPBEAR_KEYTYPES="rsa" | ||
56 | |||
57 | gen_keys() { | ||
58 | for t in $DROPBEAR_KEYTYPES; do | ||
59 | case $t in | ||
60 | rsa) | ||
61 | test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY | ||
62 | ;; | ||
63 | dsa) | ||
64 | test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY | ||
65 | ;; | ||
66 | esac | ||
67 | done | ||
68 | } | ||
69 | |||
70 | case "$1" in | ||
71 | start) | ||
72 | echo -n "Starting $DESC: " | ||
73 | gen_keys | ||
74 | KEY_ARGS="" | ||
75 | test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY" | ||
76 | test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" | ||
77 | start-stop-daemon -S \ | ||
78 | -x "$DAEMON" -- $KEY_ARGS \ | ||
79 | -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS | ||
80 | echo "$NAME." | ||
81 | ;; | ||
82 | stop) | ||
83 | echo -n "Stopping $DESC: " | ||
84 | start-stop-daemon -K -x "$DAEMON" | ||
85 | echo "$NAME." | ||
86 | ;; | ||
87 | restart|force-reload) | ||
88 | echo -n "Restarting $DESC: " | ||
89 | start-stop-daemon -K -x "$DAEMON" | ||
90 | sleep 1 | ||
91 | KEY_ARGS="" | ||
92 | test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY" | ||
93 | test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" | ||
94 | start-stop-daemon -S \ | ||
95 | -x "$DAEMON" -- $KEY_ARGS \ | ||
96 | -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS | ||
97 | echo "$NAME." | ||
98 | ;; | ||
99 | *) | ||
100 | N=/etc/init.d/$NAME | ||
101 | echo "Usage: $N {start|stop|restart|force-reload}" >&2 | ||
102 | exit 1 | ||
103 | ;; | ||
104 | esac | ||
105 | |||
106 | exit 0 | ||
diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..75ba306565 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch | |||
@@ -0,0 +1,12 @@ | |||
1 | diff -Nurd dropbear-0.45/options.h dropbear-0.45.patched/options.h | ||
2 | --- dropbear-0.45/options.h 2005-03-06 20:27:02.000000000 -0800 | ||
3 | +++ dropbear-0.45.patched/options.h 2005-03-08 15:25:09.368742090 -0800 | ||
4 | @@ -167,7 +167,7 @@ | ||
5 | /* The command to invoke for xauth when using X11 forwarding. | ||
6 | * "-q" for quiet */ | ||
7 | #ifndef XAUTH_COMMAND | ||
8 | -#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" | ||
9 | +#define XAUTH_COMMAND "xauth -q" | ||
10 | #endif | ||
11 | |||
12 | /* if you want to enable running an sftp server (such as the one included with | ||
diff --git a/meta/recipes-core/dropbear/dropbear_0.52.bb b/meta/recipes-core/dropbear/dropbear_0.52.bb new file mode 100644 index 0000000000..51217ea39d --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear_0.52.bb | |||
@@ -0,0 +1,3 @@ | |||
1 | require dropbear.inc | ||
2 | |||
3 | PR="r0" | ||