7 files changed, 277 insertions, 0 deletions
diff --git a/meta/recipes-core/dropbear/dropbear-0.52/configure.patch b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch
new file mode 100644
index 0000000000..8d11b23f14
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch
@@ -0,0 +1,27 @@
+Index: dropbear-0.49/configure.in
+===================================================================
+--- dropbear-0.49.orig/configure.in
+++ dropbear-0.49/configure.in
+@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty,
+                        AC_MSG_NOTICE(Not using openpty)
+                else
+                        AC_MSG_NOTICE(Using openpty if available)
+-                       AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
+                       AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+                fi
+        ],
+        [
+                AC_MSG_NOTICE(Using openpty if available)
+-               AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
+               AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+        ]
+ )
+
+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
+       AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
+       no_ptc_check=yes
+       no_ptmx_check=yes
+fi
+                
+ 
+ AC_ARG_ENABLE(syslog,
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
new file mode 100644
index 0000000000..1d78d5c59b
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -0,0 +1,80 @@
+DESCRIPTION = "Dropbear is a lightweight SSH and SCP Implementation"
+HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
+SECTION = "console/network"
+# some files are from other projects and have others license terms:
+#   public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
+DEPENDS = "zlib"
+PROVIDES = "ssh sshd"
+RPROVIDES = "ssh sshd"
+SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
+                 file://urandom-xauth-changes-to-options.h.patch \
+                 file://configure.patch \
+                 file://fix-2kb-keys.patch \
+                 file://allow-nopw.patch;apply=no \
+                 file://init"
+inherit autotools update-rc.d
+INITSCRIPT_NAME = "dropbear"
+INITSCRIPT_PARAMS = "defaults 10"
+CFLAGS_prepend = " -I. "
+LD = "${CC}"
+SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
+BINCOMMANDS = "dbclient ssh scp"
+EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
+DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
+do_configure_prepend() {
+        if [ "x${DISTRO}" != "xfamiliar" -a "${DISTRO_TYPE}" = "debug" ]; then
+                oenote "WARNING: applying allow-nopw.patch which allows password-less logins!"
+                patch -p1 < ${WORKDIR}/allow-nopw.patch
+        fi
+}
+do_install() {
+        install -d ${D}${sysconfdir} \
+                   ${D}${sysconfdir}/init.d \
+                   ${D}${sysconfdir}/default \
+                   ${D}${sysconfdir}/dropbear \
+                   ${D}${bindir} \
+                   ${D}${sbindir} \
+                   ${D}${localstatedir}
+        install -m 0755 dropbearmulti ${D}${sbindir}/
+        ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient
+        
+        for i in ${SBINCOMMANDS}
+        do
+                ln -s ./dropbearmulti ${D}${sbindir}/$i
+        done
+        cat ${WORKDIR}/init | sed -e 's,/etc,${sysconfdir},g' \
+                                  -e 's,/usr/sbin,${sbindir},g' \
+                                  -e 's,/var,${localstatedir},g' \
+                                  -e 's,/usr/bin,${bindir},g' \
+                                  -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear
+        chmod 755 ${D}${sysconfdir}/init.d/dropbear
+}
+pkg_postinst () {
+        update-alternatives --install ${bindir}/scp scp ${sbindir}/dropbearmulti 20
+        update-alternatives --install ${bindir}/ssh ssh ${sbindir}/dropbearmulti 20
+}
+pkg_postrm_append () {
+  if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then
+        rm ${sysconfdir}/dropbear/dropbear_rsa_host_key
+  fi
+  if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then
+        rm ${sysconfdir}/dropbear/dropbear_dss_host_key
+  fi
+  update-alternatives --remove ssh ${bindir}/dropbearmulti
+  update-alternatives --remove scp ${bindir}/dropbearmulti
+}
diff --git a/meta/recipes-core/dropbear/dropbear/allow-nopw.patch b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch
new file mode 100644
index 0000000000..2ae361c63e
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch
@@ -0,0 +1,38 @@
+diff --git a/svr-auth.c b/svr-auth.c
+index 5da0aa7..4de4964 100644
+--- a/svr-auth.c
+++ b/svr-auth.c
+@@ -249,6 +249,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
+        }
+ 
+        /* check for an empty password */
+#ifdef DISALLOW_EMPTY_PW
+        if (ses.authstate.pw_passwd[0] == '\0') {
+                TRACE(("leave checkusername: empty pword"))
+                dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
+@@ -256,6 +257,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
+                send_msg_userauth_failure(0, 1);
+                return DROPBEAR_FAILURE;
+        }
+#endif
+ 
+        TRACE(("shell is %s", ses.authstate.pw_shell))
+ 
+diff --git a/svr-authpasswd.c b/svr-authpasswd.c
+index 53550a2..7b896bd 100644
+--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
+@@ -64,9 +64,13 @@ void svr_auth_password() {
+         * since the shadow password may differ to that tested
+         * in auth.c */
+        if (passwdcrypt[0] == '\0') {
+#ifdef DISALLOW_EMPTY_PASSWD
+                dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
+                                ses.authstate.pw_name);
+                send_msg_userauth_failure(0, 1);
+#else
+               send_msg_userauth_success();
+#endif
+                return;
+        }
+ 
diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch
new file mode 100644
index 0000000000..ba2b19d44a
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch
@@ -0,0 +1,11 @@
+diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h
+--- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800
+++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800
+@@ -64,6 +64,6 @@
+ 
+ };
+ 
+-#define MAX_KEXHASHBUF 2000
+#define MAX_KEXHASHBUF 3000
+ 
+ #endif /* _KEX_H_ */
diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init
new file mode 100755
index 0000000000..e882bae689
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/init
@@ -0,0 +1,106 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:             sshd
+# Required-Start:       $remote_fs $syslog $networking
+# Required-Stop:        $remote_fs $syslog
+# Default-Start:        2 3 4 5
+# Default-Stop:         1
+# Short-Description:    Dropbear Secure Shell server
+### END INIT INFO
+#
+# Do not configure this file. Edit /etc/default/dropbear instead!
+#
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dropbear
+NAME=dropbear
+DESC="Dropbear SSH server"
+DROPBEAR_PORT=22
+DROPBEAR_EXTRA_ARGS=
+NO_START=0
+set -e
+test ! -r /etc/default/dropbear || . /etc/default/dropbear
+test "$NO_START" = "0" || exit 0
+test -x "$DAEMON" || exit 0
+test ! -h /var/service/dropbear || exit 0
+readonly_rootfs=0
+for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do
+  case $flag in
+   ro)
+     readonly_rootfs=1
+     ;;
+  esac
+done
+if [ $readonly_rootfs = "1" ]; then
+  mkdir -p /var/lib/dropbear
+  DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key"
+  DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key"
+else
+  DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key"
+  DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key"
+fi
+test -z "$DROPBEAR_BANNER" || \
+  DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
+test -n "$DROPBEAR_RSAKEY" || \
+  DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT
+test -n "$DROPBEAR_DSSKEY" || \
+  DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT
+test -n "$DROPBEAR_KEYTYPES" || \
+  DROPBEAR_KEYTYPES="rsa"
+gen_keys() {
+for t in $DROPBEAR_KEYTYPES; do
+  case $t in
+    rsa)
+        test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
+        ;;
+    dsa)
+        test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
+        ;;
+  esac
+done
+}
+case "$1" in
+  start)
+        echo -n "Starting $DESC: "
+        gen_keys
+        KEY_ARGS=""
+        test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
+        test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
+        start-stop-daemon -S \
+          -x "$DAEMON" -- $KEY_ARGS \
+            -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
+        echo "$NAME."
+        ;;
+  stop)
+        echo -n "Stopping $DESC: "
+        start-stop-daemon -K -x "$DAEMON"
+        echo "$NAME."
+        ;;
+  restart|force-reload)
+        echo -n "Restarting $DESC: "
+        start-stop-daemon -K -x "$DAEMON"
+        sleep 1
+        KEY_ARGS=""
+        test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
+        test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
+        start-stop-daemon -S \
+          -x "$DAEMON" -- $KEY_ARGS \
+            -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
+        echo "$NAME."
+        ;;
+  *)
+        N=/etc/init.d/$NAME
+        echo "Usage: $N {start|stop|restart|force-reload}" >&2
+        exit 1
+        ;;
+esac
+exit 0
diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch
new file mode 100644
index 0000000000..75ba306565
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch
@@ -0,0 +1,12 @@
+diff -Nurd dropbear-0.45/options.h dropbear-0.45.patched/options.h
+--- dropbear-0.45/options.h     2005-03-06 20:27:02.000000000 -0800
+++ dropbear-0.45.patched/options.h     2005-03-08 15:25:09.368742090 -0800
+@@ -167,7 +167,7 @@
+ /* The command to invoke for xauth when using X11 forwarding.
+  * "-q" for quiet */
+ #ifndef XAUTH_COMMAND
+-#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
+#define XAUTH_COMMAND "xauth -q"
+ #endif
+ 
+ /* if you want to enable running an sftp server (such as the one included with
diff --git a/meta/recipes-core/dropbear/dropbear_0.52.bb b/meta/recipes-core/dropbear/dropbear_0.52.bb
new file mode 100644
index 0000000000..51217ea39d
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear_0.52.bb
@@ -0,0 +1,3 @@
+require dropbear.inc
+PR="r0"

diff --git a/meta/recipes-core/dropbear/dropbear-0.52/configure.patch b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch new file mode 100644 index 0000000000..8d11b23f14 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-0.52/configure.patch
@@ -0,0 +1,27 @@
	1	Index: dropbear-0.49/configure.in
	2	===================================================================
	3	--- dropbear-0.49.orig/configure.in
	4	+++ dropbear-0.49/configure.in
	5	@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty,
	6	AC_MSG_NOTICE(Not using openpty)
	7	else
	8	AC_MSG_NOTICE(Using openpty if available)
	9	- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
	10	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
	11	fi
	12	],
	13	[
	14	AC_MSG_NOTICE(Using openpty if available)
	15	- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
	16	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
	17	]
	18	)
	19	+
	20	+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
	21	+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
	22	+ no_ptc_check=yes
	23	+ no_ptmx_check=yes
	24	+fi
	25
	26
	27	AC_ARG_ENABLE(syslog,


diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc new file mode 100644 index 0000000000..1d78d5c59b --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -0,0 +1,80 @@
	1	DESCRIPTION = "Dropbear is a lightweight SSH and SCP Implementation"
	2	HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
	3	SECTION = "console/network"
	4
	5	# some files are from other projects and have others license terms:
	6	# public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
	7	LICENSE = "MIT"
	8	LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
	9
	10	DEPENDS = "zlib"
	11	PROVIDES = "ssh sshd"
	12	RPROVIDES = "ssh sshd"
	13
	14	SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
	15	file://urandom-xauth-changes-to-options.h.patch \
	16	file://configure.patch \
	17	file://fix-2kb-keys.patch \
	18	file://allow-nopw.patch;apply=no \
	19	file://init"
	20
	21	inherit autotools update-rc.d
	22
	23	INITSCRIPT_NAME = "dropbear"
	24	INITSCRIPT_PARAMS = "defaults 10"
	25
	26	CFLAGS_prepend = " -I. "
	27	LD = "${CC}"
	28
	29	SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
	30	BINCOMMANDS = "dbclient ssh scp"
	31	EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
	32
	33	DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
	34
	35	do_configure_prepend() {
	36	if [ "x${DISTRO}" != "xfamiliar" -a "${DISTRO_TYPE}" = "debug" ]; then
	37	oenote "WARNING: applying allow-nopw.patch which allows password-less logins!"
	38	patch -p1 < ${WORKDIR}/allow-nopw.patch
	39	fi
	40	}
	41
	42	do_install() {
	43	install -d ${D}${sysconfdir} \
	44	${D}${sysconfdir}/init.d \
	45	${D}${sysconfdir}/default \
	46	${D}${sysconfdir}/dropbear \
	47	${D}${bindir} \
	48	${D}${sbindir} \
	49	${D}${localstatedir}
	50
	51	install -m 0755 dropbearmulti ${D}${sbindir}/
	52	ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient
	53
	54	for i in ${SBINCOMMANDS}
	55	do
	56	ln -s ./dropbearmulti ${D}${sbindir}/$i
	57	done
	58	cat ${WORKDIR}/init \| sed -e 's,/etc,${sysconfdir},g' \
	59	-e 's,/usr/sbin,${sbindir},g' \
	60	-e 's,/var,${localstatedir},g' \
	61	-e 's,/usr/bin,${bindir},g' \
	62	-e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear
	63	chmod 755 ${D}${sysconfdir}/init.d/dropbear
	64	}
	65
	66	pkg_postinst () {
	67	update-alternatives --install ${bindir}/scp scp ${sbindir}/dropbearmulti 20
	68	update-alternatives --install ${bindir}/ssh ssh ${sbindir}/dropbearmulti 20
	69	}
	70
	71	pkg_postrm_append () {
	72	if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then
	73	rm ${sysconfdir}/dropbear/dropbear_rsa_host_key
	74	fi
	75	if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then
	76	rm ${sysconfdir}/dropbear/dropbear_dss_host_key
	77	fi
	78	update-alternatives --remove ssh ${bindir}/dropbearmulti
	79	update-alternatives --remove scp ${bindir}/dropbearmulti
	80	}


diff --git a/meta/recipes-core/dropbear/dropbear/allow-nopw.patch b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch new file mode 100644 index 0000000000..2ae361c63e --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/allow-nopw.patch
@@ -0,0 +1,38 @@
	1	diff --git a/svr-auth.c b/svr-auth.c
	2	index 5da0aa7..4de4964 100644
	3	--- a/svr-auth.c
	4	+++ b/svr-auth.c
	5	@@ -249,6 +249,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
	6	}
	7
	8	/* check for an empty password */
	9	+#ifdef DISALLOW_EMPTY_PW
	10	if (ses.authstate.pw_passwd[0] == '\0') {
	11	TRACE(("leave checkusername: empty pword"))
	12	dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
	13	@@ -256,6 +257,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
	14	send_msg_userauth_failure(0, 1);
	15	return DROPBEAR_FAILURE;
	16	}
	17	+#endif
	18
	19	TRACE(("shell is %s", ses.authstate.pw_shell))
	20
	21	diff --git a/svr-authpasswd.c b/svr-authpasswd.c
	22	index 53550a2..7b896bd 100644
	23	--- a/svr-authpasswd.c
	24	+++ b/svr-authpasswd.c
	25	@@ -64,9 +64,13 @@ void svr_auth_password() {
	26	* since the shadow password may differ to that tested
	27	* in auth.c */
	28	if (passwdcrypt[0] == '\0') {
	29	+#ifdef DISALLOW_EMPTY_PASSWD
	30	dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
	31	ses.authstate.pw_name);
	32	send_msg_userauth_failure(0, 1);
	33	+#else
	34	+ send_msg_userauth_success();
	35	+#endif
	36	return;
	37	}
	38


diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch new file mode 100644 index 0000000000..ba2b19d44a --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch
@@ -0,0 +1,11 @@
	1	diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h
	2	--- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800
	3	+++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800
	4	@@ -64,6 +64,6 @@
	5
	6	};
	7
	8	-#define MAX_KEXHASHBUF 2000
	9	+#define MAX_KEXHASHBUF 3000
	10
	11	#endif /* _KEX_H_ */


diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init new file mode 100755 index 0000000000..e882bae689 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/init
@@ -0,0 +1,106 @@
	1	#!/bin/sh
	2	### BEGIN INIT INFO
	3	# Provides: sshd
	4	# Required-Start: $remote_fs $syslog $networking
	5	# Required-Stop: $remote_fs $syslog
	6	# Default-Start: 2 3 4 5
	7	# Default-Stop: 1
	8	# Short-Description: Dropbear Secure Shell server
	9	### END INIT INFO
	10	#
	11	# Do not configure this file. Edit /etc/default/dropbear instead!
	12	#
	13
	14	PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	15	DAEMON=/usr/sbin/dropbear
	16	NAME=dropbear
	17	DESC="Dropbear SSH server"
	18
	19	DROPBEAR_PORT=22
	20	DROPBEAR_EXTRA_ARGS=
	21	NO_START=0
	22
	23	set -e
	24
	25	test ! -r /etc/default/dropbear \|\| . /etc/default/dropbear
	26	test "$NO_START" = "0" \|\| exit 0
	27	test -x "$DAEMON" \|\| exit 0
	28	test ! -h /var/service/dropbear \|\| exit 0
	29
	30	readonly_rootfs=0
	31	for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do
	32	case $flag in
	33	ro)
	34	readonly_rootfs=1
	35	;;
	36	esac
	37	done
	38
	39	if [ $readonly_rootfs = "1" ]; then
	40	mkdir -p /var/lib/dropbear
	41	DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key"
	42	DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key"
	43	else
	44	DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key"
	45	DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key"
	46	fi
	47
	48	test -z "$DROPBEAR_BANNER" \|\| \
	49	DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
	50	test -n "$DROPBEAR_RSAKEY" \|\| \
	51	DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT
	52	test -n "$DROPBEAR_DSSKEY" \|\| \
	53	DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT
	54	test -n "$DROPBEAR_KEYTYPES" \|\| \
	55	DROPBEAR_KEYTYPES="rsa"
	56
	57	gen_keys() {
	58	for t in $DROPBEAR_KEYTYPES; do
	59	case $t in
	60	rsa)
	61	test -f $DROPBEAR_RSAKEY \|\| dropbearkey -t rsa -f $DROPBEAR_RSAKEY
	62	;;
	63	dsa)
	64	test -f $DROPBEAR_DSSKEY \|\| dropbearkey -t dss -f $DROPBEAR_DSSKEY
	65	;;
	66	esac
	67	done
	68	}
	69
	70	case "$1" in
	71	start)
	72	echo -n "Starting $DESC: "
	73	gen_keys
	74	KEY_ARGS=""
	75	test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
	76	test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
	77	start-stop-daemon -S \
	78	-x "$DAEMON" -- $KEY_ARGS \
	79	-p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
	80	echo "$NAME."
	81	;;
	82	stop)
	83	echo -n "Stopping $DESC: "
	84	start-stop-daemon -K -x "$DAEMON"
	85	echo "$NAME."
	86	;;
	87	restart\|force-reload)
	88	echo -n "Restarting $DESC: "
	89	start-stop-daemon -K -x "$DAEMON"
	90	sleep 1
	91	KEY_ARGS=""
	92	test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
	93	test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
	94	start-stop-daemon -S \
	95	-x "$DAEMON" -- $KEY_ARGS \
	96	-p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
	97	echo "$NAME."
	98	;;
	99	*)
	100	N=/etc/init.d/$NAME
	101	echo "Usage: $N {start\|stop\|restart\|force-reload}" >&2
	102	exit 1
	103	;;
	104	esac
	105
	106	exit 0


diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..75ba306565 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch
@@ -0,0 +1,12 @@
	1	diff -Nurd dropbear-0.45/options.h dropbear-0.45.patched/options.h
	2	--- dropbear-0.45/options.h 2005-03-06 20:27:02.000000000 -0800
	3	+++ dropbear-0.45.patched/options.h 2005-03-08 15:25:09.368742090 -0800
	4	@@ -167,7 +167,7 @@
	5	/* The command to invoke for xauth when using X11 forwarding.
	6	* "-q" for quiet */
	7	#ifndef XAUTH_COMMAND
	8	-#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
	9	+#define XAUTH_COMMAND "xauth -q"
	10	#endif
	11
	12	/* if you want to enable running an sftp server (such as the one included with


diff --git a/meta/recipes-core/dropbear/dropbear_0.52.bb b/meta/recipes-core/dropbear/dropbear_0.52.bb new file mode 100644 index 0000000000..51217ea39d --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear_0.52.bb
@@ -0,0 +1,3 @@
	1	require dropbear.inc
	2
	3	PR="r0"