#
-# Copyright (C) 2006,2008 OpenWrt.org
+# Copyright (C) 2006-2011 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
-# $Id$
include $(TOPDIR)/rules.mk
PKG_NAME:=openssh
-PKG_VERSION:=5.0p1
-PKG_RELEASE:=1
+PKG_VERSION:=6.3p1
+PKG_RELEASE:=2
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
ftp://openbsd.wiretapped.net/pub/OpenBSD/OpenSSH/portable/ \
ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ \
ftp://ftp.de.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/
-PKG_MD5SUM:=1f1dfaa775f33dd3328169de9bdc292a
+PKG_MD5SUM:=225e75c9856f76011966013163784038
-PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=libopenssl
include $(INCLUDE_DIR)/package.mk
-define Package/openssh-client
+define Package/openssh/Default
SECTION:=net
CATEGORY:=Network
- DEPENDS:=+libopenssl +zlib
- TITLE:=OpenSSH client
+ DEPENDS:=+libopenssl +zlib +SSP_SUPPORT:libssp
+ TITLE:=OpenSSH
+ MAINTAINER:=Peter Wagner <tripolar@gmx.at>
URL:=http://www.openssh.com/
SUBMENU:=SSH
+ VARIANT:=without-pam
+endef
+
+define Package/openssh-moduli
+ $(call Package/openssh/Default)
+ DEPENDS+= +openssh-keygen
+ TITLE+= moduli file
+endef
+
+define Package/openssh-moduli/description
+OpenSSH server moduli file.
+endef
+
+define Package/openssh-client
+ $(call Package/openssh/Default)
+ TITLE+= client
endef
define Package/openssh-client/description
endef
define Package/openssh-client-utils
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=openssh-client
- TITLE:=OpenSSH client utilities
- URL:=http://www.openssh.com/
- SUBMENU:=SSH
+ $(call Package/openssh/Default)
+ DEPENDS+= +openssh-client +openssh-keygen
+ TITLE+= client utilities
endef
define Package/openssh-client-utils/description
OpenSSH client utilities.
endef
+define Package/openssh-keygen
+ $(call Package/openssh/Default)
+ TITLE+= keygen
+endef
+
+define Package/openssh-keygen/description
+OpenSSH keygen.
+endef
+
define Package/openssh-server
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=+libopenssl +zlib
- TITLE:=OpenSSH server
- URL:=http://www.openssh.com/
- SUBMENU:=SSH
+ $(call Package/openssh/Default)
+ DEPENDS+= +openssh-keygen
+ TITLE+= server
endef
define Package/openssh-server/description
/etc/ssh/sshd_config
endef
+define Package/openssh-server-pam
+ $(call Package/openssh/Default)
+ DEPENDS+= +libpthread +openssh-keygen +libpam
+ TITLE+= server (with PAM support)
+ VARIANT:=with-pam
+endef
+
+define Package/openssh-server-pam/description
+OpenSSH server (with PAM support).
+endef
+
+define Package/openssh-server-pam/conffiles
+/etc/pam.d/sshd
+/etc/security/access-sshd-local.conf
+/etc/ssh/sshd_config
+endef
+
define Package/openssh-sftp-client
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=+libopenssl +zlib
- TITLE:=OpenSSH SFTP client
- URL:=http://www.openssh.com/
- SUBMENU:=SSH
+ $(call Package/openssh/Default)
+ TITLE+= SFTP client
endef
define Package/openssh-sftp-client/description
endef
define Package/openssh-sftp-server
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=
- TITLE:=OpenSSH SFTP server
- URL:=http://www.openssh.com/
- SUBMENU:=SSH
+ $(call Package/openssh/Default)
+ TITLE+= SFTP server
endef
define Package/openssh-sftp-server/description
OpenSSH SFTP server.
endef
-CONFIGURE_OPTS+= \
+CONFIGURE_ARGS+= \
+ $(DISABLE_NLS) \
+ --sysconfdir=/etc/ssh \
+ --with-privsep-user=sshd \
+ --with-privsep-path=/var/empty \
--enable-shared \
--disable-static \
--disable-debug \
--disable-wtmpx \
--without-bsd-auth \
--without-kerberos5 \
- --without-pam \
--without-x
+ifeq ($(BUILD_VARIANT),with-pam)
+CONFIGURE_ARGS += \
+ --with-pam
+else
+CONFIGURE_ARGS += \
+ --without-pam
+endif
+
+ifeq ($(CONFIG_OPENSSL_ENGINE),y)
+CONFIGURE_ARGS+= \
+ --with-ssl-engine
+endif
+
ifneq ($(CONFIG_SSP_SUPPORT),y)
-CONFIGURE_OPTS+= \
+CONFIGURE_ARGS += \
--without-stackprotect
endif
-
-define Build/Configure
- (cd $(PKG_BUILD_DIR); rm -f config.cache; \
- $(TARGET_CONFIGURE_OPTS) \
- CFLAGS="$(TARGET_CFLAGS)" \
- CPPFLAGS="-I$(STAGING_DIR)/usr/include" \
- LD="$(TARGET_CC)" \
- LDFLAGS="-L$(STAGING_DIR)/usr/lib" \
- ./configure \
- --target=$(GNU_TARGET_NAME) \
- --host=$(GNU_TARGET_NAME) \
- --build=$(GNU_HOST_NAME) \
- --program-prefix="" \
- --program-suffix="" \
- --prefix=/usr \
- --exec-prefix=/usr \
- --bindir=/usr/bin \
- --datadir=/usr/share \
- --includedir=/usr/include \
- --infodir=/usr/share/info \
- --libdir=/usr/lib \
- --libexecdir=/usr/lib \
- --localstatedir=/var \
- --mandir=/usr/share/man \
- --sbindir=/usr/sbin \
- --sysconfdir=/etc/ssh \
- $(DISABLE_LARGEFILE) \
- $(DISABLE_NLS) \
- $(CONFIGURE_OPTS) \
- );
-endef
+
+CONFIGURE_VARS += LD="$(TARGET_CC)"
+
+ifeq ($(BUILD_VARIANT),with-pam)
+TARGET_LDFLAGS += -lpthread
+endif
define Build/Compile
- rm -rf $(PKG_INSTALL_DIR)
- mkdir -p $(PKG_INSTALL_DIR)
$(MAKE) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \
LIBS="" \
sftp-server
$(MAKE) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \
+ STRIP_OPT="" \
all install
endef
+define Package/openssh-moduli/install
+ $(INSTALL_DIR) $(1)/etc/ssh
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/moduli $(1)/etc/ssh/
+endef
+
define Package/openssh-client/install
$(INSTALL_DIR) $(1)/etc/ssh
chmod 0700 $(1)/etc/ssh
$(INSTALL_BIN) $(foreach bin,add agent keyscan keysign,$(PKG_BUILD_DIR)/ssh-$(bin)) $(1)/usr/bin/
endef
+define Package/openssh-keygen/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh-keygen $(1)/usr/bin/
+endef
+
+
define Package/openssh-server/install
$(INSTALL_DIR) $(1)/etc/ssh
chmod 0700 $(1)/etc/ssh
- $(CP) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
- $(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh-keygen $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
endef
-define Package/openssh-server/postinst
-#!/bin/sh
-
-name=sshd
-id=99
-
-# do not change below
-# check if we are on real system
-if [ -z "$${IPKG_INSTROOT}" ]; then
- # create copies of passwd and group, if we use squashfs
- rootfs=`mount |awk '/root/ { print $$5 }'`
- if [ "$$rootfs" = "squashfs" ]; then
- if [ -h /etc/group ]; then
- rm /etc/group
- cp /rom/etc/group /etc/group
- fi
- if [ -h /etc/passwd ]; then
- rm /etc/passwd
- cp /rom/etc/passwd /etc/passwd
- fi
- fi
-fi
-
-echo ""
-if [ -z "$$(grep ^\\$${name}: $${IPKG_INSTROOT}/etc/group)" ]; then
- echo "adding group $$name to /etc/group"
- echo "$${name}:x:$${id}:" >> $${IPKG_INSTROOT}/etc/group
-fi
-
-if [ -z "$$(grep ^\\$${name}: $${IPKG_INSTROOT}/etc/passwd)" ]; then
- echo "adding user $$name to /etc/passwd"
- echo "$${name}:x:$${id}:$${id}:$${name}:/var/empty/.$${name}:/bin/false" >> $${IPKG_INSTROOT}/etc/passwd
-fi
-
-grep -q '^ssh[[:space:]]*22/tcp' $${IPKG_INSTROOT}/etc/services 2>/dev/null
-if [ $$? -ne 0 ]; then
-echo "ssh 22/tcp" >>$${IPKG_INSTROOT}/etc/services
-fi
+define Package/openssh-server-pam/install
+ $(INSTALL_DIR) $(1)/etc/ssh
+ chmod 0700 $(1)/etc/ssh
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
+ $(INSTALL_DIR) $(1)/etc/pam.d
+ $(INSTALL_DATA) ./files/sshd.pam $(1)/etc/pam.d/sshd
+ $(INSTALL_DIR) $(1)/etc/security
+ $(INSTALL_DATA) ./files/sshd.pam-access $(1)/etc/security/access-sshd-local.conf
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
endef
define Package/openssh-sftp-client/install
endef
$(eval $(call BuildPackage,openssh-client))
+$(eval $(call BuildPackage,openssh-moduli))
$(eval $(call BuildPackage,openssh-client-utils))
+$(eval $(call BuildPackage,openssh-keygen))
$(eval $(call BuildPackage,openssh-server))
+$(eval $(call BuildPackage,openssh-server-pam))
$(eval $(call BuildPackage,openssh-sftp-client))
$(eval $(call BuildPackage,openssh-sftp-server))