Initial import

author: wbx <wbx@hydrogenium.(none)> 2009-05-17 14:41:34 +0200
committer: wbx <wbx@hydrogenium.(none)> 2009-05-17 14:41:34 +0200
commit: 219a6dab8995aad9ac4860cc1a84d6f3509a03a4 (patch)
tree: b9c0f3c43aebba2fcfef777592d0add39f2072f4 /package/dropbear
9 files changed, 232 insertions, 0 deletions
diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
new file mode 100644
index 000000000..0729a7422
--- /dev/null
+++ b/package/dropbear/Config.in
@@ -0,0 +1,14 @@
+config ADK_PACKAGE_DROPBEAR
+	prompt "dropbear.......................... Small SSH 2 client/server"
+	tristate
+	default y
+	help
+	  A small SSH 2 server/client designed for small memory environments.
+	  
+	  http://matt.ucc.asn.au/dropbear/
+
+config ADK_PACKAGE_DBCONVERT
+	prompt   "dropbearconvert................. Utility for converting SSH keys"
+	tristate
+	default n
+	depends ADK_PACKAGE_DROPBEAR
diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile
new file mode 100644
index 000000000..63b3e54e7
--- /dev/null
+++ b/package/dropbear/Makefile
@@ -0,0 +1,72 @@
+# $Id$
+#-
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=		dropbear
+PKG_VERSION:=		0.52
+PKG_RELEASE:=		1
+PKG_MD5SUM:=		1c69ec674481d7745452f68f2ea5597e
+MASTER_SITES:=		http://matt.ucc.asn.au/dropbear/releases/ \
+			http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/
+
+include $(TOPDIR)/mk/package.mk
+
+$(eval $(call PKG_template,DROPBEAR,$(PKG_NAME),$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,DBCONVERT,dropbearconvert,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+CONFIGURE_STYLE=	gnu
+CONFIGURE_ARGS+=	--disable-pam \
+			--enable-openpty \
+			--enable-syslog \
+			--disable-shadow \
+			--disable-lastlog \
+			--disable-utmp \
+			--disable-utmpx \
+			--disable-wtmp \
+			--disable-wtmpx \
+			--disable-loginfunc \
+			--disable-pututline \
+			--disable-pututxline \
+			--disable-zlib
+
+pre-configure:
+	$(SED) 's,^/\* #define PKG_MULTI.*,#define PKG_MULTI,g' $(WRKBUILD)/options.h
+	$(SED) 's,^#define DO_HOST_LOOKUP,/* & */,g' $(WRKBUILD)/options.h
+
+do-build:
+	cd ${WRKBUILD} && env ${MAKE_ENV} ${MAKE} \
+	    PROGRAMS="dropbear dbclient dropbearkey scp" MULTI=1 SCPPROGRESS=1
+	cd ${WRKBUILD} && env ${MAKE_ENV} ${MAKE} \
+	    PROGRAMS=dropbearconvert
+
+# evaluate startup options according to menuconfig selection
+DROPBEAR-OPTS-y							= -g
+DROPBEAR-OPTS-$(ADK_RUNTIME_SSH_DISABLE_NOTHING)		=
+DROPBEAR-OPTS-$(ADK_RUNTIME_SSH_DISABLE_PASSWORD_FOR_ROOT)	= -g
+DROPBEAR-OPTS-$(ADK_RUNTIME_SSH_DISABLE_PASSWORD)		= -s
+DROPBEAR-OPTS-$(ADK_RUNTIME_SSH_DISABLE_ROOT)			= -w
+DROPBEAR-OPTS-$(ADK_RUNTIME_SSH_DISABLE_ROOT_AND_PASSWORD)	= -w -s
+
+do-install:
+	# main package
+	$(INSTALL_DIR) $(IDIR_DROPBEAR)/etc/init.d
+	$(INSTALL_DIR) $(IDIR_DROPBEAR)/usr/bin
+	$(INSTALL_DIR) $(IDIR_DROPBEAR)/usr/sbin
+	$(INSTALL_BIN) $(WRKBUILD)/dropbearmulti \
+		$(IDIR_DROPBEAR)/usr/sbin/dropbear
+	ln -sf ../sbin/dropbear $(IDIR_DROPBEAR)/usr/bin/scp
+	ln -sf ../sbin/dropbear $(IDIR_DROPBEAR)/usr/bin/ssh
+	ln -sf ../sbin/dropbear $(IDIR_DROPBEAR)/usr/bin/dbclient
+	ln -sf ../sbin/dropbear $(IDIR_DROPBEAR)/usr/bin/dropbearkey
+	$(INSTALL_DATA) ./files/dropbear.init \
+		$(IDIR_DROPBEAR)/etc/init.d/dropbear
+	$(SED) "s/@OPTIONS@/$(DROPBEAR-OPTS-y)/g" $(IDIR_DROPBEAR)/CONTROL/postinst
+	# subpackage dropbearconvert
+	$(INSTALL_DIR) $(IDIR_DBCONVERT)/usr/bin
+	$(INSTALL_BIN) $(WRKBUILD)/dropbearconvert \
+		$(IDIR_DBCONVERT)/usr/bin/dropbearconvert
+
+include ${TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init
new file mode 100644
index 000000000..cb1408fa0
--- /dev/null
+++ b/package/dropbear/files/dropbear.init
@@ -0,0 +1,43 @@
+#!/bin/sh
+#FWINIT 50
+. /etc/rc.conf
+
+bothlog() {
+	echo "$*"
+}
+
+case $1 in
+autostop) ;;
+autostart)
+	[[ $dropbear_flags = NO ]] && exit 0
+	exec sh $0 start
+	;;
+start)
+	if test ! -f /etc/dropbear/dropbear_rsa_host_key; then
+		mkdir -p /etc/dropbear
+		if test ! -x /usr/bin/dropbearkey; then
+			bothlog dropbear not starting: SSH private key missing
+			exit 0
+		fi
+		bothlog "dropbear: generating SSH private key (RSA)"
+		/usr/bin/dropbearkey -f /etc/dropbear/dropbear_rsa_host_key \
+		    -t rsa; rv=$?
+		bothlog dropbear: key generation exited with code $rv
+		test $rv = 0 || exit 1
+		test -f /etc/dropbear/dropbear_rsa_host_key || exit 1
+	fi
+	/usr/sbin/dropbear $dropbear_flags
+	;;
+stop)
+	killall dropbear
+	;;
+restart)
+	sh $0 stop
+	sh $0 start
+	;;
+*)
+	echo "Usage: $0 {start | stop | restart}"
+	exit 1
+	;;
+esac
+exit $?
diff --git a/package/dropbear/ipkg/dropbear.control b/package/dropbear/ipkg/dropbear.control
new file mode 100644
index 000000000..0aa8cc5b8
--- /dev/null
+++ b/package/dropbear/ipkg/dropbear.control
@@ -0,0 +1,4 @@
+Package: dropbear
+Priority: optional
+Section: net
+Description: a small SSH 2 server/client designed for small memory environments.
diff --git a/package/dropbear/ipkg/dropbear.postinst b/package/dropbear/ipkg/dropbear.postinst
new file mode 100644
index 000000000..30a86fef6
--- /dev/null
+++ b/package/dropbear/ipkg/dropbear.postinst
@@ -0,0 +1,3 @@
+#!/bin/sh
+. $IPKG_INSTROOT/etc/functions.sh
+add_rcconf '"NO" to disable, "@OPTIONS@" otherwise' dropbear_flags "@OPTIONS@"
diff --git a/package/dropbear/ipkg/dropbearconvert.control b/package/dropbear/ipkg/dropbearconvert.control
new file mode 100644
index 000000000..2b352cea1
--- /dev/null
+++ b/package/dropbear/ipkg/dropbearconvert.control
@@ -0,0 +1,4 @@
+Package: dropbearconvert
+Priority: optional
+Section: net
+Description: Utility for converting SSH keys
diff --git a/package/dropbear/patches/patch-cli-runopts_c b/package/dropbear/patches/patch-cli-runopts_c
new file mode 100644
index 000000000..46e03dfca
--- /dev/null
+++ b/package/dropbear/patches/patch-cli-runopts_c
@@ -0,0 +1,22 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- dropbear-0.52.orig/cli-runopts.c	2008-11-11 15:09:02.000000000 +0100
++++ dropbear-0.52/cli-runopts.c	2009-03-19 19:20:16.000000000 +0100
+@@ -271,6 +271,10 @@ void cli_getopts(int argc, char ** argv)
+ 					debug_trace = 1;
+ 					break;
+ #endif
++				case 'o':
++					next = &dummy;
++				case 'x':
++					break;
+ 				case 'F':
+ 				case 'e':
+ 				case 'c':
+@@ -282,7 +286,6 @@ void cli_getopts(int argc, char ** argv)
+ #ifndef ENABLE_CLI_LOCALTCPFWD
+ 				case 'L':
+ #endif
+-				case 'o':
+ 				case 'b':
+ 					next = &dummy;
+ 				default:
diff --git a/package/dropbear/patches/patch-options_h b/package/dropbear/patches/patch-options_h
new file mode 100644
index 000000000..c25f10856
--- /dev/null
+++ b/package/dropbear/patches/patch-options_h
@@ -0,0 +1,24 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- dropbear-0.52.orig/options.h	2008-11-11 15:13:50.000000000 +0100
++++ dropbear-0.52/options.h	2009-03-19 19:24:46.000000000 +0100
+@@ -10,6 +10,11 @@
+  * parts are to allow for commandline -DDROPBEAR_XXX options etc.
+  ******************************************************************/
+ 
++#if !defined(DROPBEAR_CLIENT) && !defined(DROPBEAR_SERVER)
++#define DROPBEAR_SERVER
++#define DROPBEAR_CLIENT
++#endif
++
+ #ifndef DROPBEAR_DEFPORT
+ #define DROPBEAR_DEFPORT "22"
+ #endif
+@@ -129,7 +134,7 @@ etc) slower (perhaps by 50%). Recommende
+ /* #define DSS_PROTOK */
+ 
+ /* Whether to do reverse DNS lookups. */
+-#define DO_HOST_LOOKUP
++/* #define DO_HOST_LOOKUP */
+ 
+ /* Whether to print the message of the day (MOTD). This doesn't add much code
+  * size */
diff --git a/package/dropbear/patches/patch-svr-authpubkey_c b/package/dropbear/patches/patch-svr-authpubkey_c
new file mode 100644
index 000000000..289471f38
--- /dev/null
+++ b/package/dropbear/patches/patch-svr-authpubkey_c
@@ -0,0 +1,46 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- dropbear-0.52.orig/svr-authpubkey.c	2008-11-11 15:09:03.000000000 +0100
++++ dropbear-0.52/svr-authpubkey.c	2009-03-19 19:29:53.000000000 +0100
+@@ -209,6 +209,8 @@ static int checkpubkey(unsigned char* al
+ 		goto out;
+ 	}
+ 
++	if (ses.authstate.pw_uid != 0) {
++
+ 	/* we don't need to check pw and pw_dir for validity, since
+ 	 * its been done in checkpubkeyperms. */
+ 	len = strlen(ses.authstate.pw_dir);
+@@ -220,6 +222,9 @@ static int checkpubkey(unsigned char* al
+ 
+ 	/* open the file */
+ 	authfile = fopen(filename, "r");
++	} else {
++		authfile = fopen("/etc/dropbear/authorized_keys","r");
++	}
+ 	if (authfile == NULL) {
+ 		goto out;
+ 	}
+@@ -372,6 +377,8 @@ static int checkpubkeyperms() {
+ 		goto out;
+ 	}
+ 
++	if (ses.authstate.pw_uid != 0) {
++
+ 	/* allocate max required pathname storage,
+ 	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ 	filename = m_malloc(len + 22);
+@@ -393,6 +400,14 @@ static int checkpubkeyperms() {
+ 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
++	} else {
++		if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
++			goto out;
++		}
++		if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
++			goto out;
++		}
++	}
+ 
+ 	/* file looks ok, return success */
+ 	ret = DROPBEAR_SUCCESS;
author	wbx <wbx@hydrogenium.(none)>	2009-05-17 14:41:34 +0200
committer	wbx <wbx@hydrogenium.(none)>	2009-05-17 14:41:34 +0200
commit	219a6dab8995aad9ac4860cc1a84d6f3509a03a4 (patch)
tree	b9c0f3c43aebba2fcfef777592d0add39f2072f4 /package/dropbear