7f723e4ea3
Fixes the following security vulnerabilities: - CVE-2019-14889: Unsanitized location in scp could lead to unwanted command execution. And adds various hardening improvements. For details, see the announcement: https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/ Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
46 lines
1.2 KiB
Makefile
46 lines
1.2 KiB
Makefile
################################################################################
|
|
#
|
|
# libssh
|
|
#
|
|
################################################################################
|
|
|
|
LIBSSH_VERSION_MAJOR = 0.9
|
|
LIBSSH_VERSION = $(LIBSSH_VERSION_MAJOR).3
|
|
LIBSSH_SOURCE = libssh-$(LIBSSH_VERSION).tar.xz
|
|
LIBSSH_SITE = https://www.libssh.org/files/$(LIBSSH_VERSION_MAJOR)
|
|
LIBSSH_LICENSE = LGPL-2.1
|
|
LIBSSH_LICENSE_FILES = COPYING
|
|
LIBSSH_INSTALL_STAGING = YES
|
|
LIBSSH_SUPPORTS_IN_SOURCE_BUILD = NO
|
|
LIBSSH_CONF_OPTS = \
|
|
-DWITH_STACK_PROTECTOR=OFF \
|
|
-DWITH_EXAMPLES=OFF
|
|
|
|
# cmake older than 3.10 require this to avoid try_run() in FindThreads
|
|
LIBSSH_CONF_OPTS += -DTHREADS_PTHREAD_ARG=OFF
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBSSH_SERVER),y)
|
|
LIBSSH_CONF_OPTS += -DWITH_SERVER=ON
|
|
else
|
|
LIBSSH_CONF_OPTS += -DWITH_SERVER=OFF
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_ZLIB),y)
|
|
LIBSSH_CONF_OPTS += -DWITH_ZLIB=ON
|
|
LIBSSH_DEPENDENCIES += zlib
|
|
else
|
|
LIBSSH_CONF_OPTS += -DWITH_ZLIB=OFF
|
|
endif
|
|
|
|
# Dependency is either on libgcrypt or openssl, guaranteed in Config.in.
|
|
# Favour libgcrypt.
|
|
ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
|
|
LIBSSH_CONF_OPTS += -DWITH_GCRYPT=ON
|
|
LIBSSH_DEPENDENCIES += libgcrypt
|
|
else
|
|
LIBSSH_CONF_OPTS += -DWITH_GCRYPT=OFF
|
|
LIBSSH_DEPENDENCIES += openssl
|
|
endif
|
|
|
|
$(eval $(cmake-package))
|