summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--packages/dropbear/.gitignore6
-rw-r--r--packages/dropbear/Jenkinsfile30
-rwxr-xr-xpackages/dropbear/build.sh23
-rw-r--r--packages/dropbear/patches/0001-Enable-PAM-support.patch46
4 files changed, 105 insertions, 0 deletions
diff --git a/packages/dropbear/.gitignore b/packages/dropbear/.gitignore
new file mode 100644
index 00000000..249ed456
--- /dev/null
+++ b/packages/dropbear/.gitignore
@@ -0,0 +1,6 @@
+dropbear/
+*.deb
+*.dsc
+*.buildinfo
+*.changes
+*.git
diff --git a/packages/dropbear/Jenkinsfile b/packages/dropbear/Jenkinsfile
new file mode 100644
index 00000000..3a29c378
--- /dev/null
+++ b/packages/dropbear/Jenkinsfile
@@ -0,0 +1,30 @@
+// Copyright (C) 2022 VyOS maintainers and contributors
+//
+// This program is free software; you can redistribute it and/or modify
+// in order to easy exprort images built to "external" world
+// it under the terms of the GNU General Public License version 2 or later as
+// published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <http://www.gnu.org/licenses/>.
+@NonCPS
+
+// Using a version specifier library, use 'current' branch. The underscore (_)
+// is not a typo! You need this underscore if the line immediately after the
+// @Library annotation is not an import statement!
+@Library('vyos-build@current')_
+
+def pkgList = [
+ ['name': 'dropbear',
+ 'scmCommit': 'debian/2020.81-5',
+ 'scmUrl': 'https://salsa.debian.org/debian/dropbear.git',
+ 'buildCmd': 'cd ..; ./build.sh'],
+]
+
+// Start package build using library function from https://github.com/vyos/vyos-build
+buildPackage('dropbear', pkgList, null, true, "**/packages/dropbear/*")
diff --git a/packages/dropbear/build.sh b/packages/dropbear/build.sh
new file mode 100755
index 00000000..0934f4f7
--- /dev/null
+++ b/packages/dropbear/build.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+CWD=$(pwd)
+set -e
+
+SRC=dropbear
+if [ ! -d ${SRC} ]; then
+ echo "Source directory does not exists, please 'git clone'"
+ exit 1
+fi
+
+PATCH_DIR=${CWD}/patches
+if [ -d $PATCH_DIR ]; then
+ for patch in $(ls ${PATCH_DIR})
+ do
+ echo "I: Apply patch: ${patch} to main repository"
+ cp ${PATCH_DIR}/${patch} ${SRC}/debian/patches/
+ echo ${patch} >> ${SRC}/debian/patches/series
+ done
+fi
+
+cd ${SRC}
+echo "I: Build Debian Package"
+dpkg-buildpackage -uc -us -tc -b
diff --git a/packages/dropbear/patches/0001-Enable-PAM-support.patch b/packages/dropbear/patches/0001-Enable-PAM-support.patch
new file mode 100644
index 00000000..a9713225
--- /dev/null
+++ b/packages/dropbear/patches/0001-Enable-PAM-support.patch
@@ -0,0 +1,46 @@
+From 3ac8b338e248801eca917e6091ff6b601e55a1fc Mon Sep 17 00:00:00 2001
+From: Christian Poessinger <christian@poessinger.com>
+Date: Sun, 16 Jan 2022 21:04:35 +0100
+Subject: [PATCH] Enable PAM support
+
+---
+ debian/rules | 2 +-
+ default_options.h | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/debian/rules b/debian/rules
+index 673a5a3..4092be7 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -27,5 +27,5 @@ override_dh_installinit:
+ dh_installinit -R --name dropbear
+
+ override_dh_auto_configure:
+- dh_auto_configure -- --disable-bundled-libtom \
++ dh_auto_configure -- --disable-bundled-libtom --enable-pam \
+ CC='$(CC)' CFLAGS='$(CFLAGS)' $(CONFFLAGS)
+diff --git a/default_options.h b/default_options.h
+index 375506d..e4fc5bf 100644
+--- a/default_options.h
++++ b/default_options.h
+@@ -193,7 +193,7 @@ group1 in Dropbear server too */
+
+ /* Authentication Types - at least one required.
+ RFC Draft requires pubkey auth, and recommends password */
+-#define DROPBEAR_SVR_PASSWORD_AUTH 1
++#define DROPBEAR_SVR_PASSWORD_AUTH 0
+
+ /* Note: PAM auth is quite simple and only works for PAM modules which just do
+ * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c).
+@@ -201,7 +201,7 @@ group1 in Dropbear server too */
+ * but there's an interface via a PAM module. It won't work for more complex
+ * PAM challenge/response.
+ * You can't enable both PASSWORD and PAM. */
+-#define DROPBEAR_SVR_PAM_AUTH 0
++#define DROPBEAR_SVR_PAM_AUTH 1
+
+ /* ~/.ssh/authorized_keys authentication */
+ #define DROPBEAR_SVR_PUBKEY_AUTH 1
+--
+2.20.1
+