1################################################################################ 2# 3# openssh 4# 5################################################################################ 6 7OPENSSH_VERSION_MAJOR = 9.7 8OPENSSH_VERSION_MINOR = p1 9OPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR) 10OPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR) 11OPENSSH_CPE_ID_UPDATE = $(OPENSSH_VERSION_MINOR) 12OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable 13OPENSSH_LICENSE = BSD-3-Clause, BSD-2-Clause, Public Domain 14OPENSSH_LICENSE_FILES = LICENCE 15 16OPENSSH_CONF_ENV = \ 17 LD="$(TARGET_CC)" \ 18 LDFLAGS="$(TARGET_CFLAGS)" \ 19 LIBS=`$(PKG_CONFIG_HOST_BINARY) --libs openssl` 20OPENSSH_CPE_ID_VENDOR = openbsd 21OPENSSH_CONF_OPTS = \ 22 --sysconfdir=/etc/ssh \ 23 --with-default-path=$(BR2_SYSTEM_DEFAULT_PATH) \ 24 $(if $(BR2_PACKAGE_OPENSSH_SANDBOX),--with-sandbox,--without-sandbox) \ 25 --disable-lastlog \ 26 --disable-utmp \ 27 --disable-utmpx \ 28 --disable-wtmp \ 29 --disable-wtmpx \ 30 --disable-strip 31 32OPENSSH_SELINUX_MODULES = ssh 33 34define OPENSSH_PERMISSIONS 35 /var/empty d 755 root root - - - - - 36endef 37 38ifeq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_110934),y) 39OPENSSH_CONF_OPTS += --without-hardening 40endif 41 42ifeq ($(BR2_TOOLCHAIN_SUPPORTS_PIE),) 43OPENSSH_CONF_OPTS += --without-pie 44endif 45 46OPENSSH_DEPENDENCIES = host-pkgconf zlib openssl 47 48# crypt() in libcrypt only required for sshd. 49ifeq ($(BR2_PACKAGE_OPENSSH_SERVER)$(BR2_PACKAGE_LIBXCRYPT),yy) 50OPENSSH_DEPENDENCIES += libxcrypt 51endif 52 53ifeq ($(BR2_PACKAGE_CRYPTODEV_LINUX),y) 54OPENSSH_DEPENDENCIES += cryptodev-linux 55OPENSSH_CONF_OPTS += --with-ssl-engine 56else 57OPENSSH_CONF_OPTS += --without-ssl-engine 58endif 59 60ifeq ($(BR2_PACKAGE_AUDIT),y) 61OPENSSH_DEPENDENCIES += audit 62OPENSSH_CONF_OPTS += --with-audit=linux 63else 64OPENSSH_CONF_OPTS += --without-audit 65endif 66 67ifeq ($(BR2_PACKAGE_LINUX_PAM),y) 68define OPENSSH_INSTALL_PAM_CONF 69 $(INSTALL) -D -m 644 $(@D)/contrib/sshd.pam.generic $(TARGET_DIR)/etc/pam.d/sshd 70 $(SED) '\%password required /lib/security/pam_cracklib.so%d' $(TARGET_DIR)/etc/pam.d/sshd 71 $(SED) 's/\#UsePAM no/UsePAM yes/' $(TARGET_DIR)/etc/ssh/sshd_config 72endef 73 74OPENSSH_DEPENDENCIES += linux-pam 75OPENSSH_CONF_OPTS += --with-pam 76OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_PAM_CONF 77else 78OPENSSH_CONF_OPTS += --without-pam 79endif 80 81ifeq ($(BR2_PACKAGE_LIBSELINUX),y) 82OPENSSH_DEPENDENCIES += libselinux 83OPENSSH_CONF_OPTS += --with-selinux 84else 85OPENSSH_CONF_OPTS += --without-selinux 86endif 87 88ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y) 89define OPENSSH_INSTALL_SYSTEMD_SYSUSERS 90 $(INSTALL) -m 0644 -D package/openssh/sshd-sysusers.conf \ 91 $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf 92endef 93else 94define OPENSSH_USERS 95 sshd -1 sshd -1 * /var/empty - - SSH drop priv user 96endef 97endif 98 99# Let the default install rule only install the configuration file. 100# The programs will be installed based on the config options selected. 101OPENSSH_INSTALL_TARGET_OPTS = DESTDIR=$(TARGET_DIR) install-sysconf 102 103ifeq ($(BR2_PACKAGE_OPENSSH_CLIENT),y) 104define OPENSSH_INSTALL_CLIENT_PROGRAMS 105 $(INSTALL) -D -m 0755 $(@D)/ssh $(TARGET_DIR)/usr/bin/ssh 106 $(INSTALL) -D -m 0755 $(@D)/scp $(TARGET_DIR)/usr/bin/scp 107 $(INSTALL) -D -m 0755 $(@D)/sftp $(TARGET_DIR)/usr/bin/sftp 108 $(INSTALL) -D -m 0755 $(@D)/ssh-agent $(TARGET_DIR)/usr/bin/ssh-agent 109 $(INSTALL) -D -m 0755 $(@D)/ssh-add $(TARGET_DIR)/usr/bin/ssh-add 110 $(INSTALL) -D -m 4711 $(@D)/ssh-keysign $(TARGET_DIR)/usr/libexec/ssh-keysign 111 $(INSTALL) -D -m 0755 $(@D)/ssh-pkcs11-helper $(TARGET_DIR)/usr/libexec/ssh-pkcs11-helper 112 $(INSTALL) -D -m 0755 $(@D)/contrib/ssh-copy-id $(TARGET_DIR)/usr/bin/ssh-copy-id 113endef 114OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_CLIENT_PROGRAMS 115endif 116 117ifeq ($(BR2_PACKAGE_OPENSSH_SERVER),y) 118define OPENSSH_INSTALL_SERVER_PROGRAMS 119 $(INSTALL) -D -m 0755 $(@D)/sshd $(TARGET_DIR)/usr/sbin/sshd 120 $(INSTALL) -D -m 0755 $(@D)/sftp-server $(TARGET_DIR)/usr/libexec/sftp-server 121endef 122OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS 123 124define OPENSSH_INSTALL_INIT_SYSTEMD 125 $(INSTALL) -D -m 644 package/openssh/sshd.service \ 126 $(TARGET_DIR)/usr/lib/systemd/system/sshd.service 127 $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) 128endef 129 130define OPENSSH_INSTALL_INIT_SYSV 131 $(INSTALL) -D -m 755 package/openssh/S50sshd \ 132 $(TARGET_DIR)/etc/init.d/S50sshd 133endef 134endif 135 136ifeq ($(BR2_PACKAGE_OPENSSH_KEY_UTILS),y) 137define OPENSSH_INSTALL_KEY_UTILS 138 $(INSTALL) -D -m 0755 $(@D)/ssh-keygen $(TARGET_DIR)/usr/bin/ssh-keygen 139 $(INSTALL) -D -m 0755 $(@D)/ssh-keyscan $(TARGET_DIR)/usr/bin/ssh-keyscan 140endef 141OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_KEY_UTILS 142endif 143 144$(eval $(autotools-package)) 145