1*4882a593Smuzhiyun################################################################################ 2*4882a593Smuzhiyun# 3*4882a593Smuzhiyun# openssh 4*4882a593Smuzhiyun# 5*4882a593Smuzhiyun################################################################################ 6*4882a593Smuzhiyun 7*4882a593SmuzhiyunOPENSSH_VERSION_MAJOR = 8.8 8*4882a593SmuzhiyunOPENSSH_VERSION_MINOR = p1 9*4882a593SmuzhiyunOPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR) 10*4882a593SmuzhiyunOPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR) 11*4882a593SmuzhiyunOPENSSH_CPE_ID_UPDATE = $(OPENSSH_VERSION_MINOR) 12*4882a593SmuzhiyunOPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable 13*4882a593SmuzhiyunOPENSSH_LICENSE = BSD-4-Clause, BSD-3-Clause, BSD-2-Clause, Public Domain 14*4882a593SmuzhiyunOPENSSH_LICENSE_FILES = LICENCE 15*4882a593SmuzhiyunOPENSSH_CONF_ENV = \ 16*4882a593Smuzhiyun LD="$(TARGET_CC)" \ 17*4882a593Smuzhiyun LDFLAGS="$(TARGET_CFLAGS)" \ 18*4882a593Smuzhiyun LIBS=`$(PKG_CONFIG_HOST_BINARY) --libs openssl` 19*4882a593SmuzhiyunOPENSSH_CPE_ID_VENDOR = openbsd 20*4882a593SmuzhiyunOPENSSH_CONF_OPTS = \ 21*4882a593Smuzhiyun --sysconfdir=/etc/ssh \ 22*4882a593Smuzhiyun --with-default-path=$(BR2_SYSTEM_DEFAULT_PATH) \ 23*4882a593Smuzhiyun --disable-lastlog \ 24*4882a593Smuzhiyun --disable-utmp \ 25*4882a593Smuzhiyun --disable-utmpx \ 26*4882a593Smuzhiyun --disable-wtmp \ 27*4882a593Smuzhiyun --disable-wtmpx \ 28*4882a593Smuzhiyun --disable-strip 29*4882a593Smuzhiyun 30*4882a593Smuzhiyundefine OPENSSH_PERMISSIONS 31*4882a593Smuzhiyun /var/empty d 755 root root - - - - - 32*4882a593Smuzhiyunendef 33*4882a593Smuzhiyun 34*4882a593Smuzhiyunifeq ($(BR2_TOOLCHAIN_SUPPORTS_PIE),) 35*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --without-pie 36*4882a593Smuzhiyunendif 37*4882a593Smuzhiyun 38*4882a593SmuzhiyunOPENSSH_DEPENDENCIES = host-pkgconf zlib openssl 39*4882a593Smuzhiyun 40*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_CRYPTODEV_LINUX),y) 41*4882a593SmuzhiyunOPENSSH_DEPENDENCIES += cryptodev-linux 42*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --with-ssl-engine 43*4882a593Smuzhiyunelse 44*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --without-ssl-engine 45*4882a593Smuzhiyunendif 46*4882a593Smuzhiyun 47*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_AUDIT),y) 48*4882a593SmuzhiyunOPENSSH_DEPENDENCIES += audit 49*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --with-audit=linux 50*4882a593Smuzhiyunelse 51*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --without-audit 52*4882a593Smuzhiyunendif 53*4882a593Smuzhiyun 54*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_LINUX_PAM),y) 55*4882a593Smuzhiyundefine OPENSSH_INSTALL_PAM_CONF 56*4882a593Smuzhiyun $(INSTALL) -D -m 644 $(@D)/contrib/sshd.pam.generic $(TARGET_DIR)/etc/pam.d/sshd 57*4882a593Smuzhiyun $(SED) '\%password required /lib/security/pam_cracklib.so%d' $(TARGET_DIR)/etc/pam.d/sshd 58*4882a593Smuzhiyun $(SED) 's/\#UsePAM no/UsePAM yes/' $(TARGET_DIR)/etc/ssh/sshd_config 59*4882a593Smuzhiyunendef 60*4882a593Smuzhiyun 61*4882a593SmuzhiyunOPENSSH_DEPENDENCIES += linux-pam 62*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --with-pam 63*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_PAM_CONF 64*4882a593Smuzhiyunelse 65*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --without-pam 66*4882a593Smuzhiyunendif 67*4882a593Smuzhiyun 68*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_LIBSELINUX),y) 69*4882a593SmuzhiyunOPENSSH_DEPENDENCIES += libselinux 70*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --with-selinux 71*4882a593Smuzhiyunelse 72*4882a593SmuzhiyunOPENSSH_CONF_OPTS += --without-selinux 73*4882a593Smuzhiyunendif 74*4882a593Smuzhiyun 75*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y) 76*4882a593Smuzhiyundefine OPENSSH_INSTALL_SYSTEMD_SYSUSERS 77*4882a593Smuzhiyun $(INSTALL) -m 0644 -D package/openssh/sshd-sysusers.conf \ 78*4882a593Smuzhiyun $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf 79*4882a593Smuzhiyunendef 80*4882a593Smuzhiyunelse 81*4882a593Smuzhiyundefine OPENSSH_USERS 82*4882a593Smuzhiyun sshd -1 sshd -1 * /var/empty - - SSH drop priv user 83*4882a593Smuzhiyunendef 84*4882a593Smuzhiyunendif 85*4882a593Smuzhiyun 86*4882a593Smuzhiyun# Let the default install rule only install the configuration file. 87*4882a593Smuzhiyun# The programs will be installed based on the config options selected. 88*4882a593SmuzhiyunOPENSSH_INSTALL_TARGET_OPTS = DESTDIR=$(TARGET_DIR) install-sysconf 89*4882a593Smuzhiyun 90*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_OPENSSH_CLIENT),y) 91*4882a593Smuzhiyundefine OPENSSH_INSTALL_CLIENT_PROGRAMS 92*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh $(TARGET_DIR)/usr/bin/ssh 93*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/scp $(TARGET_DIR)/usr/bin/scp 94*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/sftp $(TARGET_DIR)/usr/bin/sftp 95*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh-agent $(TARGET_DIR)/usr/bin/ssh-agent 96*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh-add $(TARGET_DIR)/usr/bin/ssh-add 97*4882a593Smuzhiyun $(INSTALL) -D -m 4711 $(@D)/ssh-keysign $(TARGET_DIR)/usr/libexec/ssh-keysign 98*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh-pkcs11-helper $(TARGET_DIR)/usr/libexec/ssh-pkcs11-helper 99*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/contrib/ssh-copy-id $(TARGET_DIR)/usr/bin/ssh-copy-id 100*4882a593Smuzhiyunendef 101*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_CLIENT_PROGRAMS 102*4882a593Smuzhiyunendif 103*4882a593Smuzhiyun 104*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_OPENSSH_SERVER),y) 105*4882a593Smuzhiyundefine OPENSSH_INSTALL_SERVER_PROGRAMS 106*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/sshd $(TARGET_DIR)/usr/sbin/sshd 107*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/sftp-server $(TARGET_DIR)/usr/libexec/sftp-server 108*4882a593Smuzhiyunendef 109*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS 110*4882a593Smuzhiyun 111*4882a593Smuzhiyundefine OPENSSH_INSTALL_INIT_SYSTEMD 112*4882a593Smuzhiyun $(INSTALL) -D -m 644 package/openssh/sshd.service \ 113*4882a593Smuzhiyun $(TARGET_DIR)/usr/lib/systemd/system/sshd.service 114*4882a593Smuzhiyun $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) 115*4882a593Smuzhiyunendef 116*4882a593Smuzhiyun 117*4882a593Smuzhiyundefine OPENSSH_INSTALL_INIT_SYSV 118*4882a593Smuzhiyun $(INSTALL) -D -m 755 package/openssh/S50sshd \ 119*4882a593Smuzhiyun $(TARGET_DIR)/etc/init.d/S50sshd 120*4882a593Smuzhiyunendef 121*4882a593Smuzhiyunendif 122*4882a593Smuzhiyun 123*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_OPENSSH_KEY_UTILS),y) 124*4882a593Smuzhiyundefine OPENSSH_INSTALL_KEY_UTILS 125*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh-keygen $(TARGET_DIR)/usr/bin/ssh-keygen 126*4882a593Smuzhiyun $(INSTALL) -D -m 0755 $(@D)/ssh-keyscan $(TARGET_DIR)/usr/bin/ssh-keyscan 127*4882a593Smuzhiyunendef 128*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_KEY_UTILS 129*4882a593Smuzhiyunendif 130*4882a593Smuzhiyun 131*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_OPENSSH_GEN_KEYS),y) 132*4882a593Smuzhiyundefine OPENSSH_GEN_KEYS 133*4882a593Smuzhiyun ssh-keygen -A -f $(TARGET_DIR)/ 134*4882a593Smuzhiyunendef 135*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_GEN_KEYS 136*4882a593Smuzhiyunendif 137*4882a593Smuzhiyun 138*4882a593Smuzhiyunifeq ($(BR2_PACKAGE_OPENSSH_ENABLE_ROOT_LOGIN),y) 139*4882a593Smuzhiyundefine OPENSSH_ENABLE_ROOT_LOGIN 140*4882a593Smuzhiyun $(SED) 's/^#\(PermitRootLogin\).*/\1 yes/' \ 141*4882a593Smuzhiyun $(TARGET_DIR)/etc/ssh/sshd_config 142*4882a593Smuzhiyunendef 143*4882a593SmuzhiyunOPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_ENABLE_ROOT_LOGIN 144*4882a593Smuzhiyunendif 145*4882a593Smuzhiyun 146*4882a593Smuzhiyun$(eval $(autotools-package)) 147