From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001 From: takeshi_hoshina Date: Mon, 2 Nov 2020 11:07:33 +0900 Subject: basesystem-jj recipes --- .../poky/meta/recipes-core/dropbear/dropbear.inc | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) (limited to 'external/poky/meta/recipes-core/dropbear/dropbear.inc') diff --git a/external/poky/meta/recipes-core/dropbear/dropbear.inc b/external/poky/meta/recipes-core/dropbear/dropbear.inc index d92a2f39..7269888a 100644 --- a/external/poky/meta/recipes-core/dropbear/dropbear.inc +++ b/external/poky/meta/recipes-core/dropbear/dropbear.inc @@ -9,18 +9,19 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5ec40cafba26fc4396d0b550f824e01" DEPENDS = "zlib virtual/crypt" RPROVIDES_${PN} = "ssh sshd" +RCONFLICTS_${PN} = "openssh-sshd openssh" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ - file://CVE-2018-15599.patch \ file://0001-urandom-xauth-changes-to-options.h.patch \ file://init \ file://dropbearkey.service \ file://dropbear@.service \ file://dropbear.socket \ file://dropbear.default \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} " + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} " PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \ file://0006-dropbear-configuration-file.patch \ @@ -35,6 +36,8 @@ RDEPENDS_${PN} += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS inherit autotools update-rc.d systemd +CVE_PRODUCT = "dropbear_ssh" + INITSCRIPT_NAME = "dropbear" INITSCRIPT_PARAMS = "defaults 10" @@ -44,8 +47,9 @@ SBINCOMMANDS = "dropbear dropbearkey dropbearconvert" BINCOMMANDS = "dbclient ssh scp" EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"' -PACKAGECONFIG ?= "" +PACKAGECONFIG ?= "disable-weak-ciphers" PACKAGECONFIG[system-libtom] = "--disable-bundled-libtom,--enable-bundled-libtom,libtommath libtomcrypt" +PACKAGECONFIG[disable-weak-ciphers] = "" EXTRA_OECONF += "\ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}" @@ -66,8 +70,13 @@ do_install() { install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear install -m 0755 dropbearmulti ${D}${sbindir}/ - ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient + for i in ${BINCOMMANDS} + do + # ssh and scp symlinks are created by update-alternatives + if [ $i = ssh ] || [ $i = scp ]; then continue; fi + ln -s ${sbindir}/dropbearmulti ${D}${bindir}/$i + done for i in ${SBINCOMMANDS} do ln -s ./dropbearmulti ${D}${sbindir}/$i @@ -97,7 +106,7 @@ do_install() { inherit update-alternatives ALTERNATIVE_PRIORITY = "20" -ALTERNATIVE_${PN} = "scp ssh" +ALTERNATIVE_${PN} = "${@bb.utils.filter('BINCOMMANDS', 'scp ssh', d)}" ALTERNATIVE_TARGET = "${sbindir}/dropbearmulti" @@ -109,3 +118,5 @@ pkg_postrm_append_${PN} () { rm ${sysconfdir}/dropbear/dropbear_dss_host_key fi } + +FILES_${PN} += "${bindir}" -- cgit 1.2.3-korg