diff options
author | Eric Bénard <eric@eukrea.com> | 2011-03-05 22:20:52 +0100 |
---|---|---|
committer | Eric Bénard <eric@eukrea.com> | 2011-03-08 22:43:49 +0100 |
commit | 0ca2b9eb2ef6c8477402c3eff2f787ab9f752c70 (patch) | |
tree | 20b21fa06b60a083ea2e212bff43d2e244c00ec5 /recipes | |
parent | 1be67ccc1c3dc87ec14aece3d38e17c86d3b52e5 (diff) | |
download | openembedded-0ca2b9eb2ef6c8477402c3eff2f787ab9f752c70.tar.gz |
dropbear: add 0.53.1
* 0.53.1 brings some improvements over 0.52 which was released
more than 2 years ago. For more details, check the changelog here :
http://matt.ucc.asn.au/dropbear/CHANGES
* we are using DROPBEAR_SMALL_CODE as a default which saves ~50kB
but makes the symmetrical ciphers (AES, DES etc) slower (perhaps by 50%)
if you need performance you can remove the line in do_configure_prepend
Signed-off-by: Eric Bénard <eric@eukrea.com>
Acked-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'recipes')
6 files changed, 117 insertions, 0 deletions
diff --git a/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch new file mode 100644 index 0000000000..3f3e8b167f --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch @@ -0,0 +1,40 @@ +Index: dropbear-0.51/svr-auth.c +=================================================================== +--- dropbear-0.51.orig/svr-auth.c ++++ dropbear-0.51/svr-auth.c +@@ -270,7 +270,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#ifdef DISALLOW_EMPTY_PW + /* check for an empty password */ + if (ses.authstate.pw_passwd[0] == '\0') { + TRACE(("leave checkusername: empty pword")) +@@ -279,7 +279,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#endif + TRACE(("shell is %s", ses.authstate.pw_shell)) + + /* check that the shell is set */ +Index: dropbear-0.51/svr-authpasswd.c +=================================================================== +--- dropbear-0.51.orig/svr-authpasswd.c ++++ dropbear-0.51/svr-authpasswd.c +@@ -64,9 +64,13 @@ void svr_auth_password() { + * since the shadow password may differ to that tested + * in auth.c */ + if (passwdcrypt[0] == '\0') { ++#ifdef DISALLOW_EMPTY_PW + dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); ++#else ++ send_msg_userauth_success(); ++#endif + return; + } + diff --git a/recipes/dropbear/dropbear-0.53.1/configure.patch b/recipes/dropbear/dropbear-0.53.1/configure.patch new file mode 100644 index 0000000000..fa24efc066 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/configure.patch @@ -0,0 +1,27 @@ +Index: dropbear-0.50/configure.in +=================================================================== +--- dropbear-0.50.orig/configure.in ++++ dropbear-0.50/configure.in +@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, + AC_MSG_NOTICE(Not using openpty) + else + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + fi + ], + [ + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + ] + ) ++ ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) ++ no_ptc_check=yes ++ no_ptmx_check=yes ++fi + + + AC_ARG_ENABLE(syslog, diff --git a/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch new file mode 100644 index 0000000000..bb7a4d32ac --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch @@ -0,0 +1,12 @@ +Index: dropbear-0.50/kex.h +=================================================================== +--- dropbear-0.50.orig/kex.h ++++ dropbear-0.50/kex.h +@@ -59,6 +59,6 @@ struct KEXState { + + }; + +-#define MAX_KEXHASHBUF 2000 ++#define MAX_KEXHASHBUF 3000 + + #endif /* _KEX_H_ */ diff --git a/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch new file mode 100644 index 0000000000..d7c2ccdc62 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch @@ -0,0 +1,12 @@ +diff -urN dropbear-0.51/options.h dropbear-0.51.new/options.h +--- dropbear-0.51/options.h 2008-03-27 14:34:39.000000000 +0100 ++++ dropbear-0.51.new/options.h 2008-06-22 00:22:09.000000000 +0200 +@@ -112,7 +112,7 @@ + /* #define DSS_PROTOK */ + + /* Whether to do reverse DNS lookups. */ +-#define DO_HOST_LOOKUP ++/* #define DO_HOST_LOOKUP */ + + /* Whether to print the message of the day (MOTD). This doesn't add much code + * size */ diff --git a/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..bd1657dc97 --- /dev/null +++ b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch @@ -0,0 +1,13 @@ +diff --git a/options.h b/options.h +index d309ab4..7fbe97b 100644 +--- a/options.h ++++ b/options.h +@@ -236,7 +236,7 @@ much traffic. */ + /* The command to invoke for xauth when using X11 forwarding. + * "-q" for quiet */ + #ifndef XAUTH_COMMAND +-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" ++#define XAUTH_COMMAND "xauth -q" + #endif + + /* if you want to enable running an sftp server (such as the one included with diff --git a/recipes/dropbear/dropbear_0.53.1.bb b/recipes/dropbear/dropbear_0.53.1.bb new file mode 100644 index 0000000000..d26b9e8873 --- /dev/null +++ b/recipes/dropbear/dropbear_0.53.1.bb @@ -0,0 +1,13 @@ +require dropbear.inc +PR = "${INC_PR}.0" + +SRC_URI += "file://no-host-lookup.patch" + +do_configure_prepend() { + echo "#define DROPBEAR_SMALL_CODE" >>${S}/options.h +} + +DEFAULT_PREFERENCE = "-1" + +SRC_URI[md5sum] = "0284ea239083f04c8b874e08e1aca243" +SRC_URI[sha256sum] = "e24d3cbecd3bc850b2b336b8eb50c845a285ceef8e22544938a582e163d36393" |