[yocto] [meta-openssl102-fips][PATCH 5/15] openssh: add generation of HMAC checksums in pkg_postinst
Hongxu Jia
hongxu.jia at windriver.com
Sun Sep 22 07:56:58 PDT 2019
Refer https://src.fedoraproject.org/rpms/openssh/c/d93958db19129e0f4615865eab22fb36e1f4fb8a
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
recipes-connectivity/openssh/openssh_fips.inc | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc
index 99a3482..df84c39 100644
--- a/recipes-connectivity/openssh/openssh_fips.inc
+++ b/recipes-connectivity/openssh/openssh_fips.inc
@@ -6,3 +6,29 @@ DEPENDS += " \
SRC_URI += " \
file://0001-openssh-8.0p1-fips.patch \
"
+
+do_install_append() {
+ install -d ${D}${libdir}/fipscheck
+}
+
+inherit qemu
+
+pkg_postinst_append_${PN}-ssh () {
+ if [ -n "$D" ]; then
+ ${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \
+ -d $D${libdir}/fipscheck $D${bindir}/ssh.${BPN}
+ else
+ ${bindir}/fipshmac -d ${libdir}/fipscheck ${bindir}/ssh.${BPN}
+ fi
+}
+
+pkg_postinst_append_${PN}-sshd () {
+ if [ -n "$D" ]; then
+ ${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \
+ -d $D${libdir}/fipscheck $D${sbindir}/sshd
+ else
+ ${bindir}/fipshmac -d ${libdir}/fipscheck ${sbindir}/sshd
+ fi
+}
+
+FILES_${PN} += "${libdir}/fipscheck"
--
2.7.4
More information about the yocto
mailing list