OpenIPC
/
firmware
mirror of https://github.com/OpenIPC/firmware.git
1
0
Fork 0
Code Activity

Update dropbear files

pull/192/head
Igor Zalatov (from Citadel PC) 2022-02-24 13:09:58 +03:00
parent 3ac2750179
commit 7f0c71ba3d
4 changed files with 77 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
br-ext-chip-hisilicon/Config.in
View File

@ -1,6 +1,7 @@
source "$BR2_EXTERNAL_HISILICON_PATH/linux/Config.ext.in" source "$BR2_EXTERNAL_HISILICON_PATH/linux/Config.ext.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/hisi_patcher/Config.in" source "$BR2_EXTERNAL_HISILICON_PATH/package/hisi_patcher/Config.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/aura-httpd/Config.in" source "$BR2_EXTERNAL_HISILICON_PATH/package/aura-httpd/Config.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/dropbear-openipc/Config.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/f2fs-tools-openipc/Config.in" source "$BR2_EXTERNAL_HISILICON_PATH/package/f2fs-tools-openipc/Config.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/fdk-aac-openipc/Config.in" source "$BR2_EXTERNAL_HISILICON_PATH/package/fdk-aac-openipc/Config.in"
source "$BR2_EXTERNAL_HISILICON_PATH/package/fwprintenv-openipc/Config.in" source "$BR2_EXTERNAL_HISILICON_PATH/package/fwprintenv-openipc/Config.in"

3
br-ext-chip-hisilicon/external.mk
View File

@ -1,10 +1,11 @@
include $(BR2_EXTERNAL_HISILICON_PATH)/linux/linux-ext-hisi_patcher.mk include $(BR2_EXTERNAL_HISILICON_PATH)/linux/linux-ext-hisi_patcher.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisi_patcher/hisi_patcher.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisi_patcher/hisi_patcher.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/aura-httpd/aura-httpd.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/aura-httpd/aura-httpd.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/gdbserver-lite/gdbserver-lite.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/f2fs-tools-openipc/f2fs-tools-openipc.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/f2fs-tools-openipc/f2fs-tools-openipc.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/dropbear-openipc/dropbear-openipc.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/fdk-aac-openipc/fdk-aac-openipc.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/fdk-aac-openipc/fdk-aac-openipc.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/fwprintenv-openipc/fwprintenv-openipc.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/fwprintenv-openipc/fwprintenv-openipc.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/gdbserver-lite/gdbserver-lite.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisi_gpio/hisi_gpio.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisi_gpio/hisi_gpio.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisilicon-opensdk/hisilicon-opensdk.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisilicon-opensdk/hisilicon-opensdk.mk
include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisilicon-osdrv-hi3516av100/hisilicon-osdrv-hi3516av100.mk include $(BR2_EXTERNAL_HISILICON_PATH)/package/hisilicon-osdrv-hi3516av100/hisilicon-osdrv-hi3516av100.mk

24
general/package/dropbear-openipc/Config.in
View File

@ -1,7 +1,7 @@
config BR2_PACKAGE_DROPBEAR config BR2_PACKAGE_DROPBEAR_OPENIPC
bool "dropbear" bool "dropbear-openipc"
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_OPENIPC_SMALL
select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_OPENIPC_SMALL
help help
A small SSH 2 server designed for small memory environments. A small SSH 2 server designed for small memory environments.
@ -16,9 +16,9 @@ config BR2_PACKAGE_DROPBEAR
https://matt.ucc.asn.au/dropbear/dropbear.html https://matt.ucc.asn.au/dropbear/dropbear.html
if BR2_PACKAGE_DROPBEAR if BR2_PACKAGE_DROPBEAR_OPENIPC
config BR2_PACKAGE_DROPBEAR_CLIENT config BR2_PACKAGE_DROPBEAR_OPENIPC_CLIENT
bool "client programs" bool "client programs"
default y default y
help help
@ -28,14 +28,14 @@ config BR2_PACKAGE_DROPBEAR_CLIENT
and are therefore always build regardless this setting: and are therefore always build regardless this setting:
dropbear, dropbearkey, dropbearconvert, scp dropbear, dropbearkey, dropbearconvert, scp
config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS config BR2_PACKAGE_DROPBEAR_OPENIPC_DISABLE_REVERSEDNS
bool "disable reverse DNS lookups" bool "disable reverse DNS lookups"
help help
Disable reverse DNS lookups on connection. This can be handy Disable reverse DNS lookups on connection. This can be handy
on systems without working DNS, as connections otherwise on systems without working DNS, as connections otherwise
stall until DNS times out. stall until DNS times out.
config BR2_PACKAGE_DROPBEAR_SMALL config BR2_PACKAGE_DROPBEAR_OPENIPC_SMALL
bool "optimize for size" bool "optimize for size"
default y default y
help help
@ -44,19 +44,19 @@ config BR2_PACKAGE_DROPBEAR_SMALL
Tradeoffs are slower hashes and ciphers, and disabling of the Tradeoffs are slower hashes and ciphers, and disabling of the
blowfish cipher and zlib. blowfish cipher and zlib.
config BR2_PACKAGE_DROPBEAR_WTMP config BR2_PACKAGE_DROPBEAR_OPENIPC_WTMP
bool "log dropbear access to wtmp" bool "log dropbear access to wtmp"
help help
Enable logging of dropbear access to wtmp. Notice that Enable logging of dropbear access to wtmp. Notice that
Buildroot does not generate wtmp by default. Buildroot does not generate wtmp by default.
config BR2_PACKAGE_DROPBEAR_LASTLOG config BR2_PACKAGE_DROPBEAR_OPENIPC_LASTLOG
bool "log dropbear access to lastlog" bool "log dropbear access to lastlog"
help help
Enable logging of dropbear access to lastlog. Notice that Enable logging of dropbear access to lastlog. Notice that
Buildroot does not generate lastlog by default. Buildroot does not generate lastlog by default.
config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO config BR2_PACKAGE_DROPBEAR_OPENIPC_LEGACY_CRYPTO
bool "enable legacy crypto" bool "enable legacy crypto"
help help
Enable legacy and possibly insecure algorithms: Enable legacy and possibly insecure algorithms:
@ -66,7 +66,7 @@ config BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO
DSA public keys DSA public keys
Diffie-Hellman Group1 key exchange Diffie-Hellman Group1 key exchange
config BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE config BR2_PACKAGE_DROPBEAR_OPENIPC_LOCALOPTIONS_FILE
string "path to custom localoptions.h definitions file" string "path to custom localoptions.h definitions file"
help help
Path to a file whose contents will be appended to Dropbear Path to a file whose contents will be appended to Dropbear

116
general/package/dropbear-openipc/dropbear-openipc.mk
View File

@ -4,130 +4,138 @@
# #
################################################################################ ################################################################################
DROPBEAR_VERSION = 2019.78 DROPBEAR_OPENIPC_VERSION = 2020.81
DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases DROPBEAR_OPENIPC_SITE = https://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2 DROPBEAR_OPENIPC_SOURCE = dropbear-$(DROPBEAR_OPENIPC_VERSION).tar.bz2
DROPBEAR_LICENSE = MIT, BSD-2-Clause, BSD-3-Clause DROPBEAR_OPENIPC_LICENSE = MIT, BSD-2-Clause, Public domain
DROPBEAR_LICENSE_FILES = LICENSE DROPBEAR_OPENIPC_LICENSE_FILES = LICENSE
DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp DROPBEAR_OPENIPC_TARGET_BINS = dropbearkey dropbearconvert scp
DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS) DROPBEAR_OPENIPC_PROGRAMS = dropbear $(DROPBEAR_OPENIPC_TARGET_BINS)
DROPBEAR_OPENIPC_CPE_ID_VENDOR = dropbear_ssh_project
DROPBEAR_OPENIPC_CPE_ID_PRODUCT = dropbear_ssh
# Disable hardening flags added by dropbear configure.ac, and let # Disable hardening flags added by dropbear configure.ac, and let
# Buildroot add them when the relevant options are enabled. This # Buildroot add them when the relevant options are enabled. This
# prevents dropbear from using SSP support when not available. # prevents dropbear from using SSP support when not available.
DROPBEAR_CONF_OPTS = --disable-harden DROPBEAR_OPENIPC_CONF_OPTS = --disable-harden
ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y) ifeq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_CLIENT),y)
# Build dbclient, and create a convenience symlink named ssh # Build dbclient, and create a convenience symlink named ssh
DROPBEAR_PROGRAMS += dbclient DROPBEAR_OPENIPC_PROGRAMS += dbclient
DROPBEAR_TARGET_BINS += dbclient ssh DROPBEAR_OPENIPC_TARGET_BINS += dbclient ssh
endif endif
DROPBEAR_MAKE = \ DROPBEAR_OPENIPC_MAKE = \
$(MAKE) MULTI=1 SCPPROGRESS=1 \ $(MAKE) MULTI=1 SCPPROGRESS=1 \
PROGRAMS="$(DROPBEAR_PROGRAMS)" PROGRAMS="$(DROPBEAR_OPENIPC_PROGRAMS)"
# With BR2_SHARED_STATIC_LIBS=y the generic infrastructure adds a # With BR2_SHARED_STATIC_LIBS=y the generic infrastructure adds a
# --enable-static flags causing dropbear to be built as a static # --enable-static flags causing dropbear to be built as a static
# binary. Adding a --disable-static reverts this # binary. Adding a --disable-static reverts this
ifeq ($(BR2_SHARED_STATIC_LIBS),y) ifeq ($(BR2_SHARED_STATIC_LIBS),y)
DROPBEAR_CONF_OPTS += --disable-static DROPBEAR_OPENIPC_CONF_OPTS += --disable-static
endif endif
ifeq ($(BR2_PACKAGE_LINUX_PAM),y) ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
define DROPBEAR_SVR_PAM_AUTH define DROPBEAR_OPENIPC_SVR_PAM_AUTH
echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h
echo '#define DROPBEAR_SVR_PAM_AUTH 1' >> $(@D)/localoptions.h echo '#define DROPBEAR_SVR_PAM_AUTH 1' >> $(@D)/localoptions.h
endef endef
define DROPBEAR_INSTALL_PAM_CONF define DROPBEAR_OPENIPC_INSTALL_PAM_CONF
$(INSTALL) -D -m 644 package/dropbear/etc-pam.d-sshd $(TARGET_DIR)/etc/pam.d/sshd $(INSTALL) -D -m 644 package/dropbear/etc-pam.d-sshd $(TARGET_DIR)/etc/pam.d/sshd
endef endef
DROPBEAR_DEPENDENCIES += linux-pam DROPBEAR_OPENIPC_DEPENDENCIES += linux-pam
DROPBEAR_CONF_OPTS += --enable-pam DROPBEAR_OPENIPC_CONF_OPTS += --enable-pam
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PAM_AUTH DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_SVR_PAM_AUTH
DROPBEAR_POST_INSTALL_TARGET_HOOKS += DROPBEAR_INSTALL_PAM_CONF DROPBEAR_OPENIPC_POST_INSTALL_TARGET_HOOKS += DROPBEAR_OPENIPC_INSTALL_PAM_CONF
else else
# Ensure that dropbear doesn't use crypt() when it's not available # Ensure that dropbear doesn't use crypt() when it's not available
define DROPBEAR_SVR_PASSWORD_AUTH define DROPBEAR_OPENIPC_SVR_PASSWORD_AUTH
echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h
echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h
echo '#endif' >> $(@D)/localoptions.h echo '#endif' >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_SVR_PASSWORD_AUTH
endif endif
ifneq ($(BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO),y) ifeq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_LEGACY_CRYPTO),y)
define DROPBEAR_DISABLE_LEGACY_CRYPTO define DROPBEAR_OPENIPC_ENABLE_LEGACY_CRYPTO
echo '#define DROPBEAR_3DES 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_3DES 1' >> $(@D)/localoptions.h
echo '#define DROPBEAR_ENABLE_CBC_MODE 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_ENABLE_CBC_MODE 1' >> $(@D)/localoptions.h
echo '#define DROPBEAR_SHA1_96_HMAC 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_SHA1_96_HMAC 1' >> $(@D)/localoptions.h
endef
DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_ENABLE_LEGACY_CRYPTO
else
define DROPBEAR_OPENIPC_DISABLE_LEGACY_CRYPTO
echo '#define DROPBEAR_DSS 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_DSS 0' >> $(@D)/localoptions.h
echo '#define DROPBEAR_DH_GROUP1 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_DH_GROUP1 0' >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_LEGACY_CRYPTO DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_DISABLE_LEGACY_CRYPTO
endif endif
ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS),) ifeq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_DISABLE_REVERSEDNS),)
define DROPBEAR_ENABLE_REVERSE_DNS define DROPBEAR_OPENIPC_ENABLE_REVERSE_DNS
echo '#define DO_HOST_LOOKUP 1' >> $(@D)/localoptions.h echo '#define DO_HOST_LOOKUP 1' >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_ENABLE_REVERSE_DNS
endif endif
ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y) ifeq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_SMALL),y)
DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom DROPBEAR_OPENIPC_LICENSE += , Unlicense, WTFPL
DROPBEAR_OPENIPC_LICENSE_FILES += libtommath/LICENSE libtomcrypt/LICENSE
DROPBEAR_OPENIPC_CONF_OPTS += --disable-zlib --enable-bundled-libtom
else else
define DROPBEAR_BUILD_FEATURED define DROPBEAR_OPENIPC_BUILD_FEATURED
echo '#define DROPBEAR_SMALL_CODE 0' >> $(@D)/localoptions.h echo '#define DROPBEAR_SMALL_CODE 0' >> $(@D)/localoptions.h
echo '#define DROPBEAR_TWOFISH128 1' >> $(@D)/localoptions.h echo '#define DROPBEAR_TWOFISH128 1' >> $(@D)/localoptions.h
echo '#define DROPBEAR_TWOFISH256 1' >> $(@D)/localoptions.h echo '#define DROPBEAR_TWOFISH256 1' >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_BUILD_FEATURED
DROPBEAR_DEPENDENCIES += zlib libtomcrypt DROPBEAR_OPENIPC_DEPENDENCIES += zlib libtomcrypt
DROPBEAR_CONF_OPTS += --disable-bundled-libtom DROPBEAR_OPENIPC_CONF_OPTS += --disable-bundled-libtom
endif endif
define DROPBEAR_CUSTOM_PATH define DROPBEAR_OPENIPC_CUSTOM_PATH
echo '#define DEFAULT_PATH $(BR2_SYSTEM_DEFAULT_PATH)' >>$(@D)/localoptions.h echo '#define DEFAULT_PATH $(BR2_SYSTEM_DEFAULT_PATH)' >>$(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_CUSTOM_PATH DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_CUSTOM_PATH
define DROPBEAR_INSTALL_INIT_SYSTEMD define DROPBEAR_OPENIPC_INSTALL_INIT_SYSTEMD
$(INSTALL) -D -m 644 package/dropbear/dropbear.service \ $(INSTALL) -D -m 644 package/dropbear/dropbear.service \
$(TARGET_DIR)/usr/lib/systemd/system/dropbear.service $(TARGET_DIR)/usr/lib/systemd/system/dropbear.service
endef endef
ifeq ($(BR2_USE_MMU),y) ifeq ($(BR2_USE_MMU),y)
define DROPBEAR_INSTALL_INIT_SYSV define DROPBEAR_OPENIPC_INSTALL_INIT_SYSV
$(INSTALL) -D -m 755 package/dropbear/S50dropbear \ $(INSTALL) -D -m 755 package/dropbear/S50dropbear \
$(TARGET_DIR)/etc/init.d/S50dropbear $(TARGET_DIR)/etc/init.d/S50dropbear
endef endef
else else
define DROPBEAR_DISABLE_STANDALONE define DROPBEAR_OPENIPC_DISABLE_STANDALONE
echo '#define NON_INETD_MODE 0' >> $(@D)/localoptions.h echo '#define NON_INETD_MODE 0' >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_STANDALONE DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_DISABLE_STANDALONE
endif endif
ifneq ($(BR2_PACKAGE_DROPBEAR_WTMP),y) ifneq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_WTMP),y)
DROPBEAR_CONF_OPTS += --disable-wtmp DROPBEAR_OPENIPC_CONF_OPTS += --disable-wtmp
endif endif
ifneq ($(BR2_PACKAGE_DROPBEAR_LASTLOG),y) ifneq ($(BR2_PACKAGE_DROPBEAR_OPENIPC_LASTLOG),y)
DROPBEAR_CONF_OPTS += --disable-lastlog DROPBEAR_OPENIPC_CONF_OPTS += --disable-lastlog
endif endif
DROPBEAR_LOCALOPTIONS_FILE = $(call qstrip,$(BR2_PACKAGE_DROPBEAR_LOCALOPTIONS_FILE)) DROPBEAR_OPENIPC_LOCALOPTIONS_FILE = $(call qstrip,$(BR2_PACKAGE_DROPBEAR_OPENIPC_LOCALOPTIONS_FILE))
ifneq ($(DROPBEAR_LOCALOPTIONS_FILE),) ifneq ($(DROPBEAR_OPENIPC_LOCALOPTIONS_FILE),)
define DROPBEAR_APPEND_LOCALOPTIONS_FILE define DROPBEAR_OPENIPC_APPEND_LOCALOPTIONS_FILE
cat $(DROPBEAR_LOCALOPTIONS_FILE) >> $(@D)/localoptions.h cat $(DROPBEAR_OPENIPC_LOCALOPTIONS_FILE) >> $(@D)/localoptions.h
endef endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_APPEND_LOCALOPTIONS_FILE DROPBEAR_OPENIPC_POST_EXTRACT_HOOKS += DROPBEAR_OPENIPC_APPEND_LOCALOPTIONS_FILE
endif endif
define DROPBEAR_INSTALL_TARGET_CMDS define DROPBEAR_OPENIPC_INSTALL_TARGET_CMDS
$(INSTALL) -m 755 $(@D)/dropbearmulti $(TARGET_DIR)/usr/sbin/dropbear $(INSTALL) -m 755 $(@D)/dropbearmulti $(TARGET_DIR)/usr/sbin/dropbear
for f in $(DROPBEAR_TARGET_BINS); do \ for f in $(DROPBEAR_OPENIPC_TARGET_BINS); do \
ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/$$f ; \ ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/$$f ; \
done done
ln -snf /var/run/dropbear $(TARGET_DIR)/etc/dropbear ln -snf /var/run/dropbear $(TARGET_DIR)/etc/dropbear