diff options
-rw-r--r-- | packages/dropbear/.gitignore | 6 | ||||
-rw-r--r-- | packages/dropbear/Jenkinsfile | 30 | ||||
-rwxr-xr-x | packages/dropbear/build.sh | 23 | ||||
-rw-r--r-- | packages/dropbear/patches/0001-Enable-PAM-support.patch | 46 |
4 files changed, 105 insertions, 0 deletions
diff --git a/packages/dropbear/.gitignore b/packages/dropbear/.gitignore new file mode 100644 index 00000000..249ed456 --- /dev/null +++ b/packages/dropbear/.gitignore @@ -0,0 +1,6 @@ +dropbear/ +*.deb +*.dsc +*.buildinfo +*.changes +*.git diff --git a/packages/dropbear/Jenkinsfile b/packages/dropbear/Jenkinsfile new file mode 100644 index 00000000..3a29c378 --- /dev/null +++ b/packages/dropbear/Jenkinsfile @@ -0,0 +1,30 @@ +// Copyright (C) 2022 VyOS maintainers and contributors +// +// This program is free software; you can redistribute it and/or modify +// in order to easy exprort images built to "external" world +// it under the terms of the GNU General Public License version 2 or later as +// published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +@NonCPS + +// Using a version specifier library, use 'current' branch. The underscore (_) +// is not a typo! You need this underscore if the line immediately after the +// @Library annotation is not an import statement! +@Library('vyos-build@current')_ + +def pkgList = [ + ['name': 'dropbear', + 'scmCommit': 'debian/2020.81-5', + 'scmUrl': 'https://salsa.debian.org/debian/dropbear.git', + 'buildCmd': 'cd ..; ./build.sh'], +] + +// Start package build using library function from https://github.com/vyos/vyos-build +buildPackage('dropbear', pkgList, null, true, "**/packages/dropbear/*") diff --git a/packages/dropbear/build.sh b/packages/dropbear/build.sh new file mode 100755 index 00000000..0934f4f7 --- /dev/null +++ b/packages/dropbear/build.sh @@ -0,0 +1,23 @@ +#!/bin/sh +CWD=$(pwd) +set -e + +SRC=dropbear +if [ ! -d ${SRC} ]; then + echo "Source directory does not exists, please 'git clone'" + exit 1 +fi + +PATCH_DIR=${CWD}/patches +if [ -d $PATCH_DIR ]; then + for patch in $(ls ${PATCH_DIR}) + do + echo "I: Apply patch: ${patch} to main repository" + cp ${PATCH_DIR}/${patch} ${SRC}/debian/patches/ + echo ${patch} >> ${SRC}/debian/patches/series + done +fi + +cd ${SRC} +echo "I: Build Debian Package" +dpkg-buildpackage -uc -us -tc -b diff --git a/packages/dropbear/patches/0001-Enable-PAM-support.patch b/packages/dropbear/patches/0001-Enable-PAM-support.patch new file mode 100644 index 00000000..a9713225 --- /dev/null +++ b/packages/dropbear/patches/0001-Enable-PAM-support.patch @@ -0,0 +1,46 @@ +From 3ac8b338e248801eca917e6091ff6b601e55a1fc Mon Sep 17 00:00:00 2001 +From: Christian Poessinger <christian@poessinger.com> +Date: Sun, 16 Jan 2022 21:04:35 +0100 +Subject: [PATCH] Enable PAM support + +--- + debian/rules | 2 +- + default_options.h | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/debian/rules b/debian/rules +index 673a5a3..4092be7 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -27,5 +27,5 @@ override_dh_installinit: + dh_installinit -R --name dropbear + + override_dh_auto_configure: +- dh_auto_configure -- --disable-bundled-libtom \ ++ dh_auto_configure -- --disable-bundled-libtom --enable-pam \ + CC='$(CC)' CFLAGS='$(CFLAGS)' $(CONFFLAGS) +diff --git a/default_options.h b/default_options.h +index 375506d..e4fc5bf 100644 +--- a/default_options.h ++++ b/default_options.h +@@ -193,7 +193,7 @@ group1 in Dropbear server too */ + + /* Authentication Types - at least one required. + RFC Draft requires pubkey auth, and recommends password */ +-#define DROPBEAR_SVR_PASSWORD_AUTH 1 ++#define DROPBEAR_SVR_PASSWORD_AUTH 0 + + /* Note: PAM auth is quite simple and only works for PAM modules which just do + * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). +@@ -201,7 +201,7 @@ group1 in Dropbear server too */ + * but there's an interface via a PAM module. It won't work for more complex + * PAM challenge/response. + * You can't enable both PASSWORD and PAM. */ +-#define DROPBEAR_SVR_PAM_AUTH 0 ++#define DROPBEAR_SVR_PAM_AUTH 1 + + /* ~/.ssh/authorized_keys authentication */ + #define DROPBEAR_SVR_PUBKEY_AUTH 1 +-- +2.20.1 + |