xref: /OK3568_Linux_fs/buildroot/package/dropbear/dropbear.mk (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1################################################################################
2#
3# dropbear
4#
5################################################################################
6
7DROPBEAR_VERSION = 2022.82
8DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
9DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
10DROPBEAR_LICENSE = MIT, BSD-2-Clause, Public domain
11DROPBEAR_LICENSE_FILES = LICENSE
12DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp
13DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS)
14DROPBEAR_CPE_ID_VENDOR = dropbear_ssh_project
15DROPBEAR_CPE_ID_PRODUCT = dropbear_ssh
16
17# Disable hardening flags added by dropbear configure.ac, and let
18# Buildroot add them when the relevant options are enabled. This
19# prevents dropbear from using SSP support when not available.
20DROPBEAR_CONF_OPTS = --disable-harden
21
22ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y)
23# Build dbclient, and create a convenience symlink named ssh
24DROPBEAR_PROGRAMS += dbclient
25DROPBEAR_TARGET_BINS += dbclient ssh
26endif
27
28DROPBEAR_MAKE = \
29	$(MAKE) MULTI=1 SCPPROGRESS=1 \
30	PROGRAMS="$(DROPBEAR_PROGRAMS)"
31
32# With BR2_SHARED_STATIC_LIBS=y the generic infrastructure adds a
33# --enable-static flags causing dropbear to be built as a static
34# binary. Adding a --disable-static reverts this
35ifeq ($(BR2_SHARED_STATIC_LIBS),y)
36DROPBEAR_CONF_OPTS += --disable-static
37endif
38
39ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
40define DROPBEAR_SVR_PAM_AUTH
41	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
42	echo '#define DROPBEAR_SVR_PAM_AUTH 1'          >> $(@D)/localoptions.h
43endef
44define DROPBEAR_INSTALL_PAM_CONF
45	$(INSTALL) -D -m 644 package/dropbear/etc-pam.d-sshd $(TARGET_DIR)/etc/pam.d/sshd
46endef
47DROPBEAR_DEPENDENCIES += linux-pam
48DROPBEAR_CONF_OPTS += --enable-pam
49DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PAM_AUTH
50DROPBEAR_POST_INSTALL_TARGET_HOOKS += DROPBEAR_INSTALL_PAM_CONF
51else
52# Ensure that dropbear doesn't use crypt() when it's not available
53define DROPBEAR_SVR_PASSWORD_AUTH
54	echo '#if !HAVE_CRYPT'                          >> $(@D)/localoptions.h
55	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
56	echo '#endif'                                   >> $(@D)/localoptions.h
57endef
58DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH
59endif
60
61ifeq ($(BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO),y)
62define DROPBEAR_ENABLE_LEGACY_CRYPTO
63	echo '#define DROPBEAR_3DES 1'                  >> $(@D)/localoptions.h
64	echo '#define DROPBEAR_ENABLE_CBC_MODE 1'       >> $(@D)/localoptions.h
65	echo '#define DROPBEAR_SHA1_96_HMAC 1'          >> $(@D)/localoptions.h
66	echo '#define DROPBEAR_DH_GROUP1 1'             >> $(@D)/localoptions.h
67endef
68DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_LEGACY_CRYPTO
69else
70define DROPBEAR_DISABLE_LEGACY_CRYPTO
71	echo '#define DROPBEAR_DSS 0'                   >> $(@D)/localoptions.h
72endef
73DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_LEGACY_CRYPTO
74endif
75
76ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS),)
77define DROPBEAR_ENABLE_REVERSE_DNS
78	echo '#define DO_HOST_LOOKUP 1'                 >> $(@D)/localoptions.h
79endef
80DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
81endif
82
83ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
84DROPBEAR_LICENSE += , Unlicense, WTFPL
85DROPBEAR_LICENSE_FILES += libtommath/LICENSE libtomcrypt/LICENSE
86DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
87else
88define DROPBEAR_BUILD_FEATURED
89	echo '#define DROPBEAR_SMALL_CODE 0'            >> $(@D)/localoptions.h
90endef
91DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED
92DROPBEAR_DEPENDENCIES += zlib libtomcrypt
93DROPBEAR_CONF_OPTS += --disable-bundled-libtom
94endif
95
96define DROPBEAR_CUSTOM_PATH
97	echo '#define DEFAULT_PATH $(BR2_SYSTEM_DEFAULT_PATH)' >>$(@D)/localoptions.h
98endef
99DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_CUSTOM_PATH
100
101define DROPBEAR_INSTALL_INIT_SYSTEMD
102	$(INSTALL) -D -m 644 package/dropbear/dropbear.service \
103		$(TARGET_DIR)/usr/lib/systemd/system/dropbear.service
104endef
105
106ifeq ($(BR2_USE_MMU),y)
107define DROPBEAR_INSTALL_INIT_SYSV
108	$(INSTALL) -D -m 755 package/dropbear/S50dropbear \
109		$(TARGET_DIR)/etc/init.d/S50dropbear
110endef
111else
112define DROPBEAR_DISABLE_STANDALONE
113	echo '#define NON_INETD_MODE 0'                 >> $(@D)/localoptions.h
114endef
115DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_STANDALONE
116endif
117
118ifneq ($(BR2_PACKAGE_DROPBEAR_WTMP),y)
119DROPBEAR_CONF_OPTS += --disable-wtmp
120endif
121
122ifneq ($(BR2_PACKAGE_DROPBEAR_LASTLOG),y)
123DROPBEAR_CONF_OPTS += --disable-lastlog
124endif
125
126DROPBEAR_LOCALOPTIONS_FILE = $(call qstrip,$(BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE))
127ifneq ($(DROPBEAR_LOCALOPTIONS_FILE),)
128define DROPBEAR_APPEND_LOCALOPTIONS_FILE
129	cat $(DROPBEAR_LOCALOPTIONS_FILE) >> $(@D)/localoptions.h
130endef
131DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_APPEND_LOCALOPTIONS_FILE
132endif
133
134define DROPBEAR_INSTALL_TARGET_CMDS
135	$(INSTALL) -m 755 $(@D)/dropbearmulti $(TARGET_DIR)/usr/sbin/dropbear
136	for f in $(DROPBEAR_TARGET_BINS); do \
137		ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/$$f ; \
138	done
139	ln -snf /var/run/dropbear $(TARGET_DIR)/etc/dropbear
140endef
141
142$(eval $(autotools-package))
143