From 76e8b841d19789fe54ef650d6e8b42950fd27ceb Mon Sep 17 00:00:00 2001 From: "Maxin B. John" Date: Mon, 21 Oct 2013 17:36:42 +0200 Subject: dropbear: update to 2013.60 version update to latest version 2013.60 Update 0006-dropbear-configuration-file.patch for 2013.60 Signed-off-by: Maxin B. John Signed-off-by: Saul Wold --- .../0001-urandom-xauth-changes-to-options.h.patch | 23 ---- .../dropbear-2013.58/0002-static_build_fix.patch | 64 ---------- .../dropbear/dropbear-2013.58/0003-configure.patch | 40 ------ .../dropbear-2013.58/0004-fix-2kb-keys.patch | 22 ---- .../0005-dropbear-enable-pam.patch | 31 ----- .../0006-dropbear-configuration-file.patch | 28 ----- .../0007-dropbear-fix-for-x32-abi.patch | 140 --------------------- .../0001-urandom-xauth-changes-to-options.h.patch | 23 ++++ .../dropbear-2013.60/0002-static_build_fix.patch | 64 ++++++++++ .../dropbear/dropbear-2013.60/0003-configure.patch | 40 ++++++ .../dropbear-2013.60/0004-fix-2kb-keys.patch | 22 ++++ .../0005-dropbear-enable-pam.patch | 31 +++++ .../0006-dropbear-configuration-file.patch | 22 ++++ .../0007-dropbear-fix-for-x32-abi.patch | 140 +++++++++++++++++++++ meta/recipes-core/dropbear/dropbear.inc | 4 +- meta/recipes-core/dropbear/dropbear_2013.58.bb | 6 - meta/recipes-core/dropbear/dropbear_2013.60.bb | 4 + 17 files changed, 347 insertions(+), 357 deletions(-) delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch delete mode 100644 meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0001-urandom-xauth-changes-to-options.h.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0002-static_build_fix.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0003-configure.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0004-fix-2kb-keys.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0005-dropbear-enable-pam.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0006-dropbear-configuration-file.patch create mode 100644 meta/recipes-core/dropbear/dropbear-2013.60/0007-dropbear-fix-for-x32-abi.patch delete mode 100644 meta/recipes-core/dropbear/dropbear_2013.58.bb create mode 100644 meta/recipes-core/dropbear/dropbear_2013.60.bb (limited to 'meta/recipes-core/dropbear') diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch deleted file mode 100644 index 71a4666b5c..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch +++ /dev/null @@ -1,23 +0,0 @@ -Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h - -Upstream-Status: Inappropriate [configuration] ---- - options.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/options.h b/options.h -index 7d06322..71a21c2 100644 ---- a/options.h -+++ b/options.h -@@ -247,7 +247,7 @@ much traffic. */ - /* The command to invoke for xauth when using X11 forwarding. - * "-q" for quiet */ - #ifndef XAUTH_COMMAND --#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" -+#define XAUTH_COMMAND "xauth -q" - #endif - - /* if you want to enable running an sftp server (such as the one included with --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch deleted file mode 100644 index 552bee8996..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch +++ /dev/null @@ -1,64 +0,0 @@ -Subject: [PATCH 2/6] static_build_fix -Upstream-Status: Submitted - -dropbear: fix static build - -A more appropriate fix is to remove @CRYPTLIB@ from the objs -line, since it will cause problems with target checking, -this change also meets the goals of the orignal change which -was to not link libcrypt to all binaries. - -svr-authpasswd.o: In function `svr_auth_password': -svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt' -collect2: ld returned 1 exit status - -Signed-off-by: Saul Wold ---- - Makefile.in | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/Makefile.in b/Makefile.in -index 4bdd845..e82e561 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \ - loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ - listener.h fake-rfc2553.h - --dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ -+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) - dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) - dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS) - dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS) -@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs) - dropbearkey: $(dropbearkeyobjs) - dropbearconvert: $(dropbearconvertobjs) - --dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile -+dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile -+ $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@ -+ -+dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile - $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) - - # scp doesn't use the libs so is special. -@@ -169,14 +172,14 @@ scp: $(SCPOBJS) $(HEADERS) Makefile - # multi-binary compilation. - MULTIOBJS= - ifeq ($(MULTI),1) -- MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ -+ MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) - CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI - endif - - dropbearmulti: multilink - - multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile -- $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) -+ $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@ - - multilink: multibinary $(addprefix link, $(PROGRAMS)) - --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch deleted file mode 100644 index 2baf665ae4..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch +++ /dev/null @@ -1,40 +0,0 @@ -From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Eric=20B=C3=A9nard?= -Date: Thu, 25 Apr 2013 00:27:25 +0200 -Subject: [PATCH 3/6] configure - ---- - configure.ac | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 05461f3..9c16d90 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty, - AC_MSG_NOTICE(Not using openpty) - else - AC_MSG_NOTICE(Using openpty if available) -- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) -+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) - fi - ], - [ - AC_MSG_NOTICE(Using openpty if available) -- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) -+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) - ] - ) -- -+ -+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then -+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) -+ no_ptc_check=yes -+ no_ptmx_check=yes -+fi - - AC_ARG_ENABLE(syslog, - [ --disable-syslog Don't include syslog support], --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch deleted file mode 100644 index 7539d2034f..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch +++ /dev/null @@ -1,22 +0,0 @@ -Subject: [PATCH 4/6] fix 2kb keys - -Upstream-Status: Inappropriate [configuration] ---- - kex.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/kex.h b/kex.h -index 72430e9..375c677 100644 ---- a/kex.h -+++ b/kex.h -@@ -67,6 +67,6 @@ struct KEXState { - }; - - --#define MAX_KEXHASHBUF 2000 -+#define MAX_KEXHASHBUF 3000 - - #endif /* _KEX_H_ */ --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch deleted file mode 100644 index e9307339ce..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch +++ /dev/null @@ -1,31 +0,0 @@ -Subject: [PATCH 5/6] dropbear enable pam - -dropbear: We need modify file option.h besides enabling pam in \ -configure if we want dropbear to support pam. - -Upstream-Status: Pending - -Signed-off-by: Xiaofeng Yan ---- - options.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/options.h b/options.h -index 71a21c2..305f789 100644 ---- a/options.h -+++ b/options.h -@@ -174,9 +174,9 @@ much traffic. */ - * PAM challenge/response. - * You can't enable both PASSWORD and PAM. */ - --#define ENABLE_SVR_PASSWORD_AUTH -+//#define ENABLE_SVR_PASSWORD_AUTH - /* PAM requires ./configure --enable-pam */ --//#define ENABLE_SVR_PAM_AUTH -+#define ENABLE_SVR_PAM_AUTH - #define ENABLE_SVR_PUBKEY_AUTH - - /* Whether to take public key options in --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch deleted file mode 100644 index 7e38663981..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch +++ /dev/null @@ -1,28 +0,0 @@ -Subject: [PATCH 6/6] dropbear configuration file - -dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \ -to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" - -Upstream-Status: Inappropriate [configuration] - -Signed-off-by: Xiaofeng Yan ---- - svr-authpam.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/svr-authpam.c b/svr-authpam.c -index e84f076..e28be7d 100644 ---- a/svr-authpam.c -+++ b/svr-authpam.c -@@ -195,7 +195,7 @@ void svr_auth_pam() { - userData.passwd = password; - - /* Init pam */ -- if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { -+ if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { - dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", - rc, pam_strerror(pamHandlep, rc)); - goto cleanup; --- -1.7.11.7 - diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch deleted file mode 100644 index b4501211c3..0000000000 --- a/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch +++ /dev/null @@ -1,140 +0,0 @@ -Upstream-Status: Pending - -The dropbearkey utility built in x32 abi format, when generating ssh -keys, was getting lost in the infinite loop. - -This patch fixes the issue by fixing types of variables and -parameters of functions used in the code, which were getting -undesired size, when compiled with the x32 abi toolchain. - -2013/05/23 -Received this fix from H J Lu. - -Signed-Off-By: Nitin A Kamble - -# HG changeset patch -# User H.J. Lu -# Date 1369344079 25200 -# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f -# Parent e76614145aea67f66e4a4257685c771efba21aa1 -Typdef mp_digit to unsigned long long for MP_64BIT - -When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned -long long instead of unsigned long since for x32, unsigned long is -32-bit and unsigned long long is 64-bit and it is safe to use unsigned -long long for 64-bit integer with GCC. - -diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h ---- a/libtommath/tommath.h Thu Apr 18 22:57:47 2013 +0800 -+++ b/libtommath/tommath.h Thu May 23 14:21:19 2013 -0700 -@@ -73,7 +73,7 @@ - typedef signed long long long64; - #endif - -- typedef unsigned long mp_digit; -+ typedef unsigned long long mp_digit; - typedef unsigned long mp_word __attribute__ ((mode(TI))); - - #define DIGIT_BIT 60 -# HG changeset patch -# User H.J. Lu -# Date 1369344241 25200 -# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536 -# Parent a10a1c46b857cc8a3923c3bb6d1504aa25b6052f -Cast to mp_digit when updating *rho - -There is - -int -mp_montgomery_setup (mp_int * n, mp_digit * rho) - -We should cast to mp_digit instead of unsigned long when updating -*rho since mp_digit may be unsigned long long and unsigned long long -may be different from unsigned long, like in x32. - -diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c ---- a/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:21:19 2013 -0700 -+++ b/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:24:01 2013 -0700 -@@ -48,7 +48,7 @@ - #endif - - /* rho = -1/m mod b */ -- *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; -+ *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; - - return MP_OKAY; - } -# HG changeset patch -# User H.J. Lu -# Date 1369344541 25200 -# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a -# Parent c7555a4cb7ded3a88409ba85f4027baa7af5f536 -Define LTC_FAST_TYPE to unsigned long long for __x86_64__ - -We should define LTC_FAST_TYPE to unsigned long long instead of unsigned -long if __x86_64__ to support x32 where unsigned long long is 64-bit -and unsigned long is 32-bit. - -diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h ---- a/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:24:01 2013 -0700 -+++ b/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:29:01 2013 -0700 -@@ -74,7 +74,7 @@ - #define ENDIAN_LITTLE - #define ENDIAN_64BITWORD - #define LTC_FAST -- #define LTC_FAST_TYPE unsigned long -+ #define LTC_FAST_TYPE unsigned long long - #endif - - /* detect PPC32 */ -# HG changeset patch -# User H.J. Lu -# Date 1369344730 25200 -# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee -# Parent 7c656e7071a6412688b2f30a529a9afac6c7bf5a -Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC - -We should use unsigned long long instead of unsigned long as unsigned -64-bit integer for x86-64 GCC to support x32 where unsigned long is -32-bit. - -diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h ---- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700 -+++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700 -@@ -343,7 +343,7 @@ - /* 64-bit Rotates */ - #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM) - --static inline unsigned long ROL64(unsigned long word, int i) -+static inline unsigned long long ROL64(unsigned long long word, int i) - { - asm("rolq %%cl,%0" - :"=r" (word) -@@ -351,7 +351,7 @@ - return word; - } - --static inline unsigned long ROR64(unsigned long word, int i) -+static inline unsigned long long ROR64(unsigned long long word, int i) - { - asm("rorq %%cl,%0" - :"=r" (word) -@@ -361,7 +361,7 @@ - - #ifndef LTC_NO_ROLC - --static inline unsigned long ROL64c(unsigned long word, const int i) -+static inline unsigned long long ROL64c(unsigned long long word, const int i) - { - asm("rolq %2,%0" - :"=r" (word) -@@ -369,7 +369,7 @@ - return word; - } - --static inline unsigned long ROR64c(unsigned long word, const int i) -+static inline unsigned long long ROR64c(unsigned long long word, const int i) - { - asm("rorq %2,%0" - :"=r" (word) - diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0001-urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..71a4666b5c --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0001-urandom-xauth-changes-to-options.h.patch @@ -0,0 +1,23 @@ +Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h + +Upstream-Status: Inappropriate [configuration] +--- + options.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/options.h b/options.h +index 7d06322..71a21c2 100644 +--- a/options.h ++++ b/options.h +@@ -247,7 +247,7 @@ much traffic. */ + /* The command to invoke for xauth when using X11 forwarding. + * "-q" for quiet */ + #ifndef XAUTH_COMMAND +-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" ++#define XAUTH_COMMAND "xauth -q" + #endif + + /* if you want to enable running an sftp server (such as the one included with +-- +1.7.11.7 + diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0002-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0002-static_build_fix.patch new file mode 100644 index 0000000000..552bee8996 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0002-static_build_fix.patch @@ -0,0 +1,64 @@ +Subject: [PATCH 2/6] static_build_fix +Upstream-Status: Submitted + +dropbear: fix static build + +A more appropriate fix is to remove @CRYPTLIB@ from the objs +line, since it will cause problems with target checking, +this change also meets the goals of the orignal change which +was to not link libcrypt to all binaries. + +svr-authpasswd.o: In function `svr_auth_password': +svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt' +collect2: ld returned 1 exit status + +Signed-off-by: Saul Wold +--- + Makefile.in | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index 4bdd845..e82e561 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \ + loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ + listener.h fake-rfc2553.h + +-dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ ++dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) + dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) + dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS) + dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS) +@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs) + dropbearkey: $(dropbearkeyobjs) + dropbearconvert: $(dropbearconvertobjs) + +-dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile ++dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile ++ $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@ ++ ++dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile + $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) + + # scp doesn't use the libs so is special. +@@ -169,14 +172,14 @@ scp: $(SCPOBJS) $(HEADERS) Makefile + # multi-binary compilation. + MULTIOBJS= + ifeq ($(MULTI),1) +- MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ ++ MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) + CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI + endif + + dropbearmulti: multilink + + multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile +- $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) ++ $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@ + + multilink: multibinary $(addprefix link, $(PROGRAMS)) + +-- +1.7.11.7 + diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0003-configure.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0003-configure.patch new file mode 100644 index 0000000000..2baf665ae4 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0003-configure.patch @@ -0,0 +1,40 @@ +From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Eric=20B=C3=A9nard?= +Date: Thu, 25 Apr 2013 00:27:25 +0200 +Subject: [PATCH 3/6] configure + +--- + configure.ac | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 05461f3..9c16d90 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty, + AC_MSG_NOTICE(Not using openpty) + else + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + fi + ], + [ + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + ] + ) +- ++ ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) ++ no_ptc_check=yes ++ no_ptmx_check=yes ++fi + + AC_ARG_ENABLE(syslog, + [ --disable-syslog Don't include syslog support], +-- +1.7.11.7 + diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0004-fix-2kb-keys.patch new file mode 100644 index 0000000000..7539d2034f --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0004-fix-2kb-keys.patch @@ -0,0 +1,22 @@ +Subject: [PATCH 4/6] fix 2kb keys + +Upstream-Status: Inappropriate [configuration] +--- + kex.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kex.h b/kex.h +index 72430e9..375c677 100644 +--- a/kex.h ++++ b/kex.h +@@ -67,6 +67,6 @@ struct KEXState { + }; + + +-#define MAX_KEXHASHBUF 2000 ++#define MAX_KEXHASHBUF 3000 + + #endif /* _KEX_H_ */ +-- +1.7.11.7 + diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0005-dropbear-enable-pam.patch new file mode 100644 index 0000000000..e9307339ce --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0005-dropbear-enable-pam.patch @@ -0,0 +1,31 @@ +Subject: [PATCH 5/6] dropbear enable pam + +dropbear: We need modify file option.h besides enabling pam in \ +configure if we want dropbear to support pam. + +Upstream-Status: Pending + +Signed-off-by: Xiaofeng Yan +--- + options.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/options.h b/options.h +index 71a21c2..305f789 100644 +--- a/options.h ++++ b/options.h +@@ -174,9 +174,9 @@ much traffic. */ + * PAM challenge/response. + * You can't enable both PASSWORD and PAM. */ + +-#define ENABLE_SVR_PASSWORD_AUTH ++//#define ENABLE_SVR_PASSWORD_AUTH + /* PAM requires ./configure --enable-pam */ +-//#define ENABLE_SVR_PAM_AUTH ++#define ENABLE_SVR_PAM_AUTH + #define ENABLE_SVR_PUBKEY_AUTH + + /* Whether to take public key options in +-- +1.7.11.7 + diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0006-dropbear-configuration-file.patch new file mode 100644 index 0000000000..fa4c8d0a67 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0006-dropbear-configuration-file.patch @@ -0,0 +1,22 @@ +Subject: [PATCH 6/6] dropbear configuration file + +dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \ +to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" + +Upstream-Status: Inappropriate [configuration] + +Signed-off-by: Maxin B. John +Signed-off-by: Xiaofeng Yan +--- +diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c +--- dropbear-2013.60-orig/svr-authpam.c 2013-10-16 16:34:53.000000000 +0200 ++++ dropbear-2013.60/svr-authpam.c 2013-10-21 17:04:04.969416055 +0200 +@@ -211,7 +211,7 @@ + userData.passwd = password; + + /* Init pam */ +- if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { ++ if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { + dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", + rc, pam_strerror(pamHandlep, rc)); + goto cleanup; diff --git a/meta/recipes-core/dropbear/dropbear-2013.60/0007-dropbear-fix-for-x32-abi.patch b/meta/recipes-core/dropbear/dropbear-2013.60/0007-dropbear-fix-for-x32-abi.patch new file mode 100644 index 0000000000..b4501211c3 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.60/0007-dropbear-fix-for-x32-abi.patch @@ -0,0 +1,140 @@ +Upstream-Status: Pending + +The dropbearkey utility built in x32 abi format, when generating ssh +keys, was getting lost in the infinite loop. + +This patch fixes the issue by fixing types of variables and +parameters of functions used in the code, which were getting +undesired size, when compiled with the x32 abi toolchain. + +2013/05/23 +Received this fix from H J Lu. + +Signed-Off-By: Nitin A Kamble + +# HG changeset patch +# User H.J. Lu +# Date 1369344079 25200 +# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f +# Parent e76614145aea67f66e4a4257685c771efba21aa1 +Typdef mp_digit to unsigned long long for MP_64BIT + +When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned +long long instead of unsigned long since for x32, unsigned long is +32-bit and unsigned long long is 64-bit and it is safe to use unsigned +long long for 64-bit integer with GCC. + +diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h +--- a/libtommath/tommath.h Thu Apr 18 22:57:47 2013 +0800 ++++ b/libtommath/tommath.h Thu May 23 14:21:19 2013 -0700 +@@ -73,7 +73,7 @@ + typedef signed long long long64; + #endif + +- typedef unsigned long mp_digit; ++ typedef unsigned long long mp_digit; + typedef unsigned long mp_word __attribute__ ((mode(TI))); + + #define DIGIT_BIT 60 +# HG changeset patch +# User H.J. Lu +# Date 1369344241 25200 +# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536 +# Parent a10a1c46b857cc8a3923c3bb6d1504aa25b6052f +Cast to mp_digit when updating *rho + +There is + +int +mp_montgomery_setup (mp_int * n, mp_digit * rho) + +We should cast to mp_digit instead of unsigned long when updating +*rho since mp_digit may be unsigned long long and unsigned long long +may be different from unsigned long, like in x32. + +diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c +--- a/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:21:19 2013 -0700 ++++ b/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:24:01 2013 -0700 +@@ -48,7 +48,7 @@ + #endif + + /* rho = -1/m mod b */ +- *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; ++ *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; + + return MP_OKAY; + } +# HG changeset patch +# User H.J. Lu +# Date 1369344541 25200 +# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a +# Parent c7555a4cb7ded3a88409ba85f4027baa7af5f536 +Define LTC_FAST_TYPE to unsigned long long for __x86_64__ + +We should define LTC_FAST_TYPE to unsigned long long instead of unsigned +long if __x86_64__ to support x32 where unsigned long long is 64-bit +and unsigned long is 32-bit. + +diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h +--- a/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:24:01 2013 -0700 ++++ b/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:29:01 2013 -0700 +@@ -74,7 +74,7 @@ + #define ENDIAN_LITTLE + #define ENDIAN_64BITWORD + #define LTC_FAST +- #define LTC_FAST_TYPE unsigned long ++ #define LTC_FAST_TYPE unsigned long long + #endif + + /* detect PPC32 */ +# HG changeset patch +# User H.J. Lu +# Date 1369344730 25200 +# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee +# Parent 7c656e7071a6412688b2f30a529a9afac6c7bf5a +Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC + +We should use unsigned long long instead of unsigned long as unsigned +64-bit integer for x86-64 GCC to support x32 where unsigned long is +32-bit. + +diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h +--- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700 ++++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700 +@@ -343,7 +343,7 @@ + /* 64-bit Rotates */ + #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM) + +-static inline unsigned long ROL64(unsigned long word, int i) ++static inline unsigned long long ROL64(unsigned long long word, int i) + { + asm("rolq %%cl,%0" + :"=r" (word) +@@ -351,7 +351,7 @@ + return word; + } + +-static inline unsigned long ROR64(unsigned long word, int i) ++static inline unsigned long long ROR64(unsigned long long word, int i) + { + asm("rorq %%cl,%0" + :"=r" (word) +@@ -361,7 +361,7 @@ + + #ifndef LTC_NO_ROLC + +-static inline unsigned long ROL64c(unsigned long word, const int i) ++static inline unsigned long long ROL64c(unsigned long long word, const int i) + { + asm("rolq %2,%0" + :"=r" (word) +@@ -369,7 +369,7 @@ + return word; + } + +-static inline unsigned long ROR64c(unsigned long word, const int i) ++static inline unsigned long long ROR64c(unsigned long long word, const int i) + { + asm("rorq %2,%0" + :"=r" (word) + diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index 9498bf8111..ee17d9f22b 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -2,12 +2,10 @@ DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation" HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html" SECTION = "console/network" -INC_PR = "r1" - # some files are from other projects and have others license terms: # public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c" +LIC_FILES_CHKSUM = "file://LICENSE;md5=de74413ba7e05b7a37c4722e75f436cd" DEPENDS = "zlib" RPROVIDES_${PN} = "ssh sshd" diff --git a/meta/recipes-core/dropbear/dropbear_2013.58.bb b/meta/recipes-core/dropbear/dropbear_2013.58.bb deleted file mode 100644 index 99a24a713f..0000000000 --- a/meta/recipes-core/dropbear/dropbear_2013.58.bb +++ /dev/null @@ -1,6 +0,0 @@ -require dropbear.inc - -SRC_URI[md5sum] = "8d3579bbbfcea48404a3219643076450" -SRC_URI[sha256sum] = "d866189b1d14e15353aeb4feb616f6132a63ea7c25ca8aa12b63a3a397822e55" - -PR = "${INC_PR}.0" diff --git a/meta/recipes-core/dropbear/dropbear_2013.60.bb b/meta/recipes-core/dropbear/dropbear_2013.60.bb new file mode 100644 index 0000000000..42d9985d7c --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear_2013.60.bb @@ -0,0 +1,4 @@ +require dropbear.inc + +SRC_URI[md5sum] = "fffa2fec0c887201bed3a3cc6df7fa35" +SRC_URI[sha256sum] = "4c0c52453b4dd96ef79e5968ed3676de008ee0cf133632acae12bbad588681bb" -- cgit 1.2.3-korg