| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.
Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
|
|
|
|
|
|
|
|
| |
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.
Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the dropbear package to version 2016.73, refresh patches.
The measured .ipk sizes on an x86_64 build are:
94588 dropbear_2015.71-3_x86_64.ipk
95316 dropbear_2016.73-1_x86_64.ipk
This is an increase of roughly 700 bytes after compression.
Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48679
|
|
|
|
|
|
|
|
|
| |
Update dropbear to version 2015.71, released on 3 Dec 2015.
Refresh patches.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 48243
|
|
|
|
|
|
|
|
|
| |
While technically required by the RFC, they are usually completely
unused (DSA), or have security issues (3DES, CBC)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46814
|
|
|
|
|
|
|
|
|
|
| |
This enables passworldless login for root via SSH whenever no root
password is set (e.g. after reset, flashing without keeping config
or in failsafe) and removes telnet support alltogether.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46809
|
|
|
|
|
|
| |
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46769
|
|
|
|
|
|
|
|
|
|
|
| |
fixes dbclient login into OpenSSH 6.8p1
error: "Bad hostkey signature"
reported on irc, replicated with Arch Linux
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45493
|
|
|
|
|
|
|
|
|
|
|
| |
Add a further upstream commit to more closely match the keepalive
to OpenSSH.
Should now really fix #17523.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 42249
|
|
|
|
|
|
|
|
|
|
|
| |
Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses, which broke
at least putty.
Fixes #17522 / #17523.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 42162
|
|
|
|
|
|
| |
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 42131
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream changelog:
https://matt.ucc.asn.au/dropbear/CHANGES
This adds elliptic curve cryptography (ECC) support as an option, disabled
by default.
dropbear mips 34kc uClibc binary size:
before: 161,672 bytes
after, without ECC (default): 164,968
after, with ECC: 198,008
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
SVN-Revision: 40297
|
|
|
|
|
|
|
|
|
|
|
| |
- drop mirror www.mirrors.wiretapped.net (not working anymore)
- drop patch 300-ipv6_addr_port_split.patch, included upstream
- refresh patches
- various upstream changes: http://matt.ucc.asn.au/dropbear/CHANGES
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
SVN-Revision: 38356
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream has a few code cleanups, more eagerly burns sensitive memory and
includes the fix for CVE-2012-0920. Full changelog:
https://matt.ucc.asn.au/dropbear/CHANGES
Local changes:
- Removed PKG_MULTI which is no longer in options.h (even before 2011.54)
- Merged DO_HOST_LOOKUP into 120-openwrt_options.patch
- Removed LD from make opts (now included in TARGET_CONFIGURE_OPTS)
- Removed 400-CVE-2012-0920.patch which is included in 2012.55
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 34496
|
|
SVN-Revision: 33688
|