xref: /OK3568_Linux_fs/buildroot/package/openssh/openssh.mk (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1################################################################################
2#
3# openssh
4#
5################################################################################
6
7OPENSSH_VERSION_MAJOR = 8.8
8OPENSSH_VERSION_MINOR = p1
9OPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR)
10OPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR)
11OPENSSH_CPE_ID_UPDATE = $(OPENSSH_VERSION_MINOR)
12OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
13OPENSSH_LICENSE = BSD-4-Clause, BSD-3-Clause, BSD-2-Clause, Public Domain
14OPENSSH_LICENSE_FILES = LICENCE
15OPENSSH_CONF_ENV = \
16	LD="$(TARGET_CC)" \
17	LDFLAGS="$(TARGET_CFLAGS)" \
18	LIBS=`$(PKG_CONFIG_HOST_BINARY) --libs openssl`
19OPENSSH_CPE_ID_VENDOR = openbsd
20OPENSSH_CONF_OPTS = \
21	--sysconfdir=/etc/ssh \
22	--with-default-path=$(BR2_SYSTEM_DEFAULT_PATH) \
23	--disable-lastlog \
24	--disable-utmp \
25	--disable-utmpx \
26	--disable-wtmp \
27	--disable-wtmpx \
28	--disable-strip
29
30define OPENSSH_PERMISSIONS
31	/var/empty d 755 root root - - - - -
32endef
33
34ifeq ($(BR2_TOOLCHAIN_SUPPORTS_PIE),)
35OPENSSH_CONF_OPTS += --without-pie
36endif
37
38OPENSSH_DEPENDENCIES = host-pkgconf zlib openssl
39
40ifeq ($(BR2_PACKAGE_CRYPTODEV_LINUX),y)
41OPENSSH_DEPENDENCIES += cryptodev-linux
42OPENSSH_CONF_OPTS += --with-ssl-engine
43else
44OPENSSH_CONF_OPTS += --without-ssl-engine
45endif
46
47ifeq ($(BR2_PACKAGE_AUDIT),y)
48OPENSSH_DEPENDENCIES += audit
49OPENSSH_CONF_OPTS += --with-audit=linux
50else
51OPENSSH_CONF_OPTS += --without-audit
52endif
53
54ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
55define OPENSSH_INSTALL_PAM_CONF
56	$(INSTALL) -D -m 644 $(@D)/contrib/sshd.pam.generic $(TARGET_DIR)/etc/pam.d/sshd
57	$(SED) '\%password   required     /lib/security/pam_cracklib.so%d' $(TARGET_DIR)/etc/pam.d/sshd
58	$(SED) 's/\#UsePAM no/UsePAM yes/' $(TARGET_DIR)/etc/ssh/sshd_config
59endef
60
61OPENSSH_DEPENDENCIES += linux-pam
62OPENSSH_CONF_OPTS += --with-pam
63OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_PAM_CONF
64else
65OPENSSH_CONF_OPTS += --without-pam
66endif
67
68ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
69OPENSSH_DEPENDENCIES += libselinux
70OPENSSH_CONF_OPTS += --with-selinux
71else
72OPENSSH_CONF_OPTS += --without-selinux
73endif
74
75ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y)
76define OPENSSH_INSTALL_SYSTEMD_SYSUSERS
77	$(INSTALL) -m 0644 -D package/openssh/sshd-sysusers.conf \
78		$(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf
79endef
80else
81define OPENSSH_USERS
82	sshd -1 sshd -1 * /var/empty - - SSH drop priv user
83endef
84endif
85
86# Let the default install rule only install the configuration file.
87# The programs will be installed based on the config options selected.
88OPENSSH_INSTALL_TARGET_OPTS = DESTDIR=$(TARGET_DIR) install-sysconf
89
90ifeq ($(BR2_PACKAGE_OPENSSH_CLIENT),y)
91define OPENSSH_INSTALL_CLIENT_PROGRAMS
92	$(INSTALL) -D -m 0755 $(@D)/ssh $(TARGET_DIR)/usr/bin/ssh
93	$(INSTALL) -D -m 0755 $(@D)/scp $(TARGET_DIR)/usr/bin/scp
94	$(INSTALL) -D -m 0755 $(@D)/sftp $(TARGET_DIR)/usr/bin/sftp
95	$(INSTALL) -D -m 0755 $(@D)/ssh-agent $(TARGET_DIR)/usr/bin/ssh-agent
96	$(INSTALL) -D -m 0755 $(@D)/ssh-add $(TARGET_DIR)/usr/bin/ssh-add
97	$(INSTALL) -D -m 4711 $(@D)/ssh-keysign $(TARGET_DIR)/usr/libexec/ssh-keysign
98	$(INSTALL) -D -m 0755 $(@D)/ssh-pkcs11-helper $(TARGET_DIR)/usr/libexec/ssh-pkcs11-helper
99	$(INSTALL) -D -m 0755 $(@D)/contrib/ssh-copy-id $(TARGET_DIR)/usr/bin/ssh-copy-id
100endef
101OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_CLIENT_PROGRAMS
102endif
103
104ifeq ($(BR2_PACKAGE_OPENSSH_SERVER),y)
105define OPENSSH_INSTALL_SERVER_PROGRAMS
106	$(INSTALL) -D -m 0755 $(@D)/sshd $(TARGET_DIR)/usr/sbin/sshd
107	$(INSTALL) -D -m 0755 $(@D)/sftp-server $(TARGET_DIR)/usr/libexec/sftp-server
108endef
109OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
110
111define OPENSSH_INSTALL_INIT_SYSTEMD
112	$(INSTALL) -D -m 644 package/openssh/sshd.service \
113		$(TARGET_DIR)/usr/lib/systemd/system/sshd.service
114	$(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
115endef
116
117define OPENSSH_INSTALL_INIT_SYSV
118	$(INSTALL) -D -m 755 package/openssh/S50sshd \
119		$(TARGET_DIR)/etc/init.d/S50sshd
120endef
121endif
122
123ifeq ($(BR2_PACKAGE_OPENSSH_KEY_UTILS),y)
124define OPENSSH_INSTALL_KEY_UTILS
125	$(INSTALL) -D -m 0755 $(@D)/ssh-keygen $(TARGET_DIR)/usr/bin/ssh-keygen
126	$(INSTALL) -D -m 0755 $(@D)/ssh-keyscan $(TARGET_DIR)/usr/bin/ssh-keyscan
127endef
128OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_KEY_UTILS
129endif
130
131ifeq ($(BR2_PACKAGE_OPENSSH_GEN_KEYS),y)
132define OPENSSH_GEN_KEYS
133	ssh-keygen -A -f $(TARGET_DIR)/
134endef
135OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_GEN_KEYS
136endif
137
138ifeq ($(BR2_PACKAGE_OPENSSH_ENABLE_ROOT_LOGIN),y)
139define OPENSSH_ENABLE_ROOT_LOGIN
140	$(SED) 's/^#\(PermitRootLogin\).*/\1 yes/' \
141		$(TARGET_DIR)/etc/ssh/sshd_config
142endef
143OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_ENABLE_ROOT_LOGIN
144endif
145
146$(eval $(autotools-package))
147