From: Grazvydas Ignotas Date: Sun, 5 Jul 2015 13:46:02 +0000 (+0300) Subject: dropbear: update to 0.53.1 X-Git-Tag: sz_173~44 X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=919587a1c39607ba2a9246993ec347c11a8de890;p=openembedded.git dropbear: update to 0.53.1 --- diff --git a/conf/distro/include/angstrom-2008-preferred-versions.inc b/conf/distro/include/angstrom-2008-preferred-versions.inc index 8edfcf4db0..219a22e704 100644 --- a/conf/distro/include/angstrom-2008-preferred-versions.inc +++ b/conf/distro/include/angstrom-2008-preferred-versions.inc @@ -6,7 +6,7 @@ PREFERRED_VERSION_automake-native = "1.11.1" PREFERRED_VERSION_busybox = "1.13.2" PREFERRED_VERSION_cairo = "1.12.16" PREFERRED_VERSION_dbus = "1.2.22" -PREFERRED_VERSION_dropbear = "0.51" +PREFERRED_VERSION_dropbear = "0.53.1" PREFERRED_VERSION_fontconfig = "2.8.0" PREFERRED_VERSION_glib-2.0 = "2.42.0" PREFERRED_VERSION_glib-2.0-native = "2.42.0" diff --git a/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch new file mode 100644 index 0000000000..3f3e8b167f --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch @@ -0,0 +1,40 @@ +Index: dropbear-0.51/svr-auth.c +=================================================================== +--- dropbear-0.51.orig/svr-auth.c ++++ dropbear-0.51/svr-auth.c +@@ -270,7 +270,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#ifdef DISALLOW_EMPTY_PW + /* check for an empty password */ + if (ses.authstate.pw_passwd[0] == '\0') { + TRACE(("leave checkusername: empty pword")) +@@ -279,7 +279,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#endif + TRACE(("shell is %s", ses.authstate.pw_shell)) + + /* check that the shell is set */ +Index: dropbear-0.51/svr-authpasswd.c +=================================================================== +--- dropbear-0.51.orig/svr-authpasswd.c ++++ dropbear-0.51/svr-authpasswd.c +@@ -64,9 +64,13 @@ void svr_auth_password() { + * since the shadow password may differ to that tested + * in auth.c */ + if (passwdcrypt[0] == '\0') { ++#ifdef DISALLOW_EMPTY_PW + dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); ++#else ++ send_msg_userauth_success(); ++#endif + return; + } + diff --git a/recipes/dropbear/dropbear-0.53.1/configure.patch b/recipes/dropbear/dropbear-0.53.1/configure.patch new file mode 100644 index 0000000000..fa24efc066 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/configure.patch @@ -0,0 +1,27 @@ +Index: dropbear-0.50/configure.in +=================================================================== +--- dropbear-0.50.orig/configure.in ++++ dropbear-0.50/configure.in +@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, + AC_MSG_NOTICE(Not using openpty) + else + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + fi + ], + [ + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + ] + ) ++ ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) ++ no_ptc_check=yes ++ no_ptmx_check=yes ++fi + + + AC_ARG_ENABLE(syslog, diff --git a/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch new file mode 100644 index 0000000000..bb7a4d32ac --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch @@ -0,0 +1,12 @@ +Index: dropbear-0.50/kex.h +=================================================================== +--- dropbear-0.50.orig/kex.h ++++ dropbear-0.50/kex.h +@@ -59,6 +59,6 @@ struct KEXState { + + }; + +-#define MAX_KEXHASHBUF 2000 ++#define MAX_KEXHASHBUF 3000 + + #endif /* _KEX_H_ */ diff --git a/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch new file mode 100644 index 0000000000..d7c2ccdc62 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch @@ -0,0 +1,12 @@ +diff -urN dropbear-0.51/options.h dropbear-0.51.new/options.h +--- dropbear-0.51/options.h 2008-03-27 14:34:39.000000000 +0100 ++++ dropbear-0.51.new/options.h 2008-06-22 00:22:09.000000000 +0200 +@@ -112,7 +112,7 @@ + /* #define DSS_PROTOK */ + + /* Whether to do reverse DNS lookups. */ +-#define DO_HOST_LOOKUP ++/* #define DO_HOST_LOOKUP */ + + /* Whether to print the message of the day (MOTD). This doesn't add much code + * size */ diff --git a/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..bd1657dc97 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch @@ -0,0 +1,13 @@ +diff --git a/options.h b/options.h +index d309ab4..7fbe97b 100644 +--- a/options.h ++++ b/options.h +@@ -236,7 +236,7 @@ much traffic. */ + /* The command to invoke for xauth when using X11 forwarding. + * "-q" for quiet */ + #ifndef XAUTH_COMMAND +-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" ++#define XAUTH_COMMAND "xauth -q" + #endif + + /* if you want to enable running an sftp server (such as the one included with diff --git a/recipes/dropbear/dropbear.inc b/recipes/dropbear/dropbear.inc index 364799f12e..f1cbfc11e5 100644 --- a/recipes/dropbear/dropbear.inc +++ b/recipes/dropbear/dropbear.inc @@ -4,17 +4,17 @@ SECTION = "console/network" LICENSE = "MIT" DEPENDS = "zlib" PROVIDES = "ssh sshd" -RPROVIDES = "ssh sshd" +RPROVIDES_${PN} = "ssh sshd" + +INC_PR = "r7" SRC_URI = "\ - http://matt.ucc.asn.au/dropbear/dropbear-${PV}.tar.bz2 \ + http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://urandom-xauth-changes-to-options.h.patch;patch=1 \ file://configure.patch;patch=1 \ file://fix-2kb-keys.patch;patch=1 \ - file://allow-nopw.patch \ + file://allow-nopw.patch;apply=no \ file://init \ -" -SRC_URI_append_openmoko = "\ file://default \ " @@ -80,4 +80,4 @@ pkg_postrm_append () { update-alternatives --remove scp ${bindir}/dropbearmulti } -CONFFILES_${PN}_openmoko += "${sysconfdir}/default/dropbear" +CONFFILES_${PN} += "${sysconfdir}/default/dropbear" diff --git a/recipes/dropbear/dropbear/default b/recipes/dropbear/dropbear/default new file mode 100644 index 0000000000..a4f2bfd3e4 --- /dev/null +++ b/recipes/dropbear/dropbear/default @@ -0,0 +1,4 @@ +# DROPBEAR_BANNER="" +# DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key" +# DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key" +# DROPBEAR_KEYTYPES="rsa" diff --git a/recipes/dropbear/dropbear/init b/recipes/dropbear/dropbear/init index 5c8dfc12a8..d3d25b0ac6 100755 --- a/recipes/dropbear/dropbear/init +++ b/recipes/dropbear/dropbear/init @@ -7,18 +7,20 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/dropbear NAME=dropbear DESC="Dropbear SSH server" +PIDFILE=/var/run/dropbear.pid DROPBEAR_PORT=22 DROPBEAR_EXTRA_ARGS= NO_START=0 -set -e - test ! -r /etc/default/dropbear || . /etc/default/dropbear test "$NO_START" = "0" || exit 0 test -x "$DAEMON" || exit 0 test ! -h /var/service/dropbear || exit 0 +# Allows comma-separated list of addresses/ports +DROPBEAR_PORT=`echo $DROPBEAR_PORT | sed "s/,/ -p /g"` + readonly_rootfs=0 for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' >${S}/options.h +} + +DEFAULT_PREFERENCE = "-1" + +SRC_URI[md5sum] = "0284ea239083f04c8b874e08e1aca243" +SRC_URI[sha256sum] = "e24d3cbecd3bc850b2b336b8eb50c845a285ceef8e22544938a582e163d36393"