dropbear: update to 2014.63

Upstream changelog: https://matt.ucc.asn.au/dropbear/CHANGES This adds elliptic curve cryptography (ECC) support as an option, disabled by default. dropbear mips 34kc uClibc binary size: before: 161,672 bytes after, without ECC (default): 164,968 after, with ECC: 198,008 Signed-off-by: Catalin Patulea <cat@vv.carleton.ca> SVN-Revision: 40297
author: Felix Fietkau <nbd@openwrt.org> 2014-03-29 16:59:26 +0000
committer: Felix Fietkau <nbd@openwrt.org> 2014-03-29 16:59:26 +0000
commit: ad52658be722f2024dd645a1a7228209e8bf7c23 (patch)
tree: 3781e39aa0e8d75676750651bfd96bbb1af89d13 /package/network/services/dropbear/patches
parent: f5fce5e0da49d27caec70d64695b4a2d9bab8d44 (diff)
download: upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.tar.gz
upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.tar.bz2
upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.zip
5 files changed, 12 insertions, 50 deletions
diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch
index c1802f51e5..456874b730 100644
--- a/package/network/services/dropbear/patches/100-pubkey_path.patch
+++ b/package/network/services/dropbear/patches/100-pubkey_path.patch
@@ -1,6 +1,6 @@
 --- a/svr-authpubkey.c
 +++ b/svr-authpubkey.c
-@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al
+@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al
  		goto out;
  	}
  
@@ -33,7 +33,7 @@
  	if (authfile == NULL) {
  		goto out;
  	}
-@@ -372,26 +376,35 @@ static int checkpubkeyperms() {
+@@ -371,26 +375,35 @@ static int checkpubkeyperms() {
  		goto out;
  	}
  
diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch
index 9300a27429..1b5c5cb1e8 100644
--- a/package/network/services/dropbear/patches/120-openwrt_options.patch
+++ b/package/network/services/dropbear/patches/120-openwrt_options.patch
@@ -1,6 +1,6 @@
 --- a/options.h
 +++ b/options.h
-@@ -38,7 +38,7 @@
+@@ -41,7 +41,7 @@
   * Both of these flags can be defined at once, don't compile without at least
   * one of them. */
  #define NON_INETD_MODE
@@ -9,16 +9,7 @@
  
  /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
   * perhaps 20% slower for pubkey operations (it is probably worth experimenting
-@@ -49,7 +49,7 @@
- several kB in binary size however will make the symmetrical ciphers and hashes
- slower, perhaps by 50%. Recommended for small systems that aren't doing
- much traffic. */
--/*#define DROPBEAR_SMALL_CODE*/
-+#define DROPBEAR_SMALL_CODE
- 
- /* Enable X11 Forwarding - server only */
- #define ENABLE_X11FWD
-@@ -78,7 +78,7 @@ much traffic. */
+@@ -81,7 +81,7 @@ much traffic. */
  
  /* Enable "Netcat mode" option. This will forward standard input/output
   * to a remote TCP-forwarded connection */
@@ -27,7 +18,7 @@
  
  /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */
  #define ENABLE_USER_ALGO_LIST
-@@ -92,8 +92,8 @@ much traffic. */
+@@ -95,8 +95,8 @@ much traffic. */
  #define DROPBEAR_AES256
  /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
  /*#define DROPBEAR_BLOWFISH*/
@@ -38,7 +29,7 @@
  
  /* Enable "Counter Mode" for ciphers. This is more secure than normal
   * CBC mode against certain attacks. This adds around 1kB to binary 
-@@ -119,7 +119,7 @@ much traffic. */
+@@ -122,7 +122,7 @@ much traffic. */
   * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
   * which are not the standard form. */
  #define DROPBEAR_SHA1_HMAC
@@ -47,7 +38,7 @@
  /*#define DROPBEAR_SHA2_256_HMAC*/
  /*#define DROPBEAR_SHA2_512_HMAC*/
  #define DROPBEAR_MD5_HMAC
-@@ -157,7 +157,7 @@ much traffic. */
+@@ -175,7 +175,7 @@ much traffic. */
  
  /* Whether to print the message of the day (MOTD). This doesn't add much code
   * size */
@@ -56,7 +47,7 @@
  
  /* The MOTD file path */
  #ifndef MOTD_FILENAME
-@@ -195,7 +195,7 @@ much traffic. */
+@@ -213,7 +213,7 @@ much traffic. */
   * note that it will be provided for all "hidden" client-interactive
   * style prompts - if you want something more sophisticated, use 
   * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
diff --git a/package/network/services/dropbear/patches/150-dbconvert_standalone.patch b/package/network/services/dropbear/patches/150-dbconvert_standalone.patch
index 3e0b008552..367dc2c681 100644
--- a/package/network/services/dropbear/patches/150-dbconvert_standalone.patch
+++ b/package/network/services/dropbear/patches/150-dbconvert_standalone.patch
@@ -9,6 +9,6 @@
 +#define DROPBEAR_CLIENT
 +#endif
 +
- /******************************************************************
-  * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif"
-  * parts are to allow for commandline -DDROPBEAR_XXX options etc.
+ /* Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif"
+  * parts are to allow for commandline -DDROPBEAR_XXX options etc. */
+ 
diff --git a/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch b/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch
deleted file mode 100644
index a5697e25f7..0000000000
--- a/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch
+++ /dev/null
@@ -1,29 +0,0 @@
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h pac
- 		loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
- 		listener.h fake-rfc2553.h
- 
--dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ 
-+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
- dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
- dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
- dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
-@@ -78,7 +78,7 @@ STRIP=@STRIP@
- INSTALL=@INSTALL@
- CPPFLAGS=@CPPFLAGS@
- CFLAGS+=-I. -I$(srcdir) $(CPPFLAGS) @CFLAGS@
--LIBS+=@LIBS@
-+LIBS+=@CRYPTLIB@ @LIBS@
- LDFLAGS=@LDFLAGS@
- 
- EXEEXT=@EXEEXT@
-@@ -168,7 +168,7 @@ scp: $(SCPOBJS)  $(HEADERS) Makefile
- # multi-binary compilation.
- MULTIOBJS=
- ifeq ($(MULTI),1)
--	MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ 
-+	MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs)))
- 	CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI
- endif
- 
diff --git a/package/network/services/dropbear/patches/500-set-default-path.patch b/package/network/services/dropbear/patches/500-set-default-path.patch
index 702ad6c398..4eea57d5ce 100644
--- a/package/network/services/dropbear/patches/500-set-default-path.patch
+++ b/package/network/services/dropbear/patches/500-set-default-path.patch
@@ -1,6 +1,6 @@
 --- a/options.h
 +++ b/options.h
-@@ -301,7 +301,7 @@ be overridden at runtime with -I. 0 disa
+@@ -318,7 +318,7 @@ be overridden at runtime with -I. 0 disa
  #define DEFAULT_IDLE_TIMEOUT 0
  
  /* The default path. This will often get replaced by the shell */
author	Felix Fietkau <nbd@openwrt.org>	2014-03-29 16:59:26 +0000
committer	Felix Fietkau <nbd@openwrt.org>	2014-03-29 16:59:26 +0000
commit	ad52658be722f2024dd645a1a7228209e8bf7c23 (patch)
tree	3781e39aa0e8d75676750651bfd96bbb1af89d13 /package/network/services/dropbear/patches
parent	f5fce5e0da49d27caec70d64695b4a2d9bab8d44 (diff)
download	upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.tar.gz upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.tar.bz2 upstream-ad52658be722f2024dd645a1a7228209e8bf7c23.zip