aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--package/network/services/dropbear/Config.in12
-rw-r--r--package/network/services/dropbear/Makefile11
2 files changed, 19 insertions, 4 deletions
diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in
index e2a761034f..19ef71c0b2 100644
--- a/package/network/services/dropbear/Config.in
+++ b/package/network/services/dropbear/Config.in
@@ -1,6 +1,15 @@
menu "Configuration"
depends on PACKAGE_dropbear
+config DROPBEAR_CURVE25519
+ bool "Curve25519 support"
+ default n
+ help
+ This enables the following key exchange algorithm:
+ curve25519-sha256@libssh.org
+
+ Increases binary size by about 13 kB uncompressed (MIPS).
+
config DROPBEAR_ECC
bool "Elliptic curve cryptography (ECC)"
default n
@@ -12,7 +21,6 @@ config DROPBEAR_ECC
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
- curve25519-sha256@libssh.org
Public key algorithms:
ecdsa-sha2-nistp256
@@ -22,6 +30,6 @@ config DROPBEAR_ECC
Does not generate ECC host keys by default (ECC key exchange will not be used,
only ECC public key auth).
- Increases binary size by about 36 kB (MIPS).
+ Increases binary size by about 23 kB (MIPS).
endmenu
diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile
index 4515165ad4..ca67ed3c60 100644
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -23,7 +23,7 @@ PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
-PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC
+PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_CURVE25519
include $(INCLUDE_DIR)/package.mk
@@ -80,9 +80,16 @@ TARGET_LDFLAGS += -Wl,--gc-sections
define Build/Configure
$(Build/Configure/Default)
+ awk 'BEGIN { rc = 1 } \
+ /'DROPBEAR_CURVE25519'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_CURVE25519),,// )#define 'DROPBEAR_CURVE25519'"; rc = 0 } \
+ { print } \
+ END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \
+ >$(PKG_BUILD_DIR)/options.h.new && \
+ mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h
+
# Enforce that all replacements are made, otherwise options.h has changed
# format and this logic is broken.
- for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \
+ for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH; do \
awk 'BEGIN { rc = 1 } \
/'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \
{ print } \