Update of /cvsroot/leaf/src/bering-uclibc/apps/dropbear
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv7333
Modified Files:
buildtool.cfg buildtool.mk options.h
Added Files:
dropbear-0.52.tar.gz
Log Message:
new upstream version 0.52
Index: options.h
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/apps/dropbear/options.h,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** options.h 27 Mar 2008 19:35:23 -0000 1.14
--- options.h 22 Nov 2008 19:03:57 -0000 1.15
***************
*** 67,83 ****
#define ENABLE_AGENTFWD
/* Encryption - at least one required.
! * RFC Draft requires 3DES and recommends AES128 for interoperability.
* Including multiple keysize variants the same cipher
* (eg AES256 as well as AES128) will result in a minimal size increase.*/
! /*#define DROPBEAR_AES128_CBC*/
! #define DROPBEAR_3DES_CBC
! /*#define DROPBEAR_AES256_CBC*/
! /*#define DROPBEAR_BLOWFISH_CBC*/
! /*#define DROPBEAR_TWOFISH256_CBC*/
! /*#define DROPBEAR_TWOFISH128_CBC*/
/* Message Integrity - at least one required.
! * RFC Draft requires sha1 and recommends sha1-96.
* sha1-96 may be of use for slow links, as it has a smaller overhead.
*
--- 67,100 ----
#define ENABLE_AGENTFWD
+
+ /* Note: Both ENABLE_CLI_PROXYCMD and ENABLE_CLI_NETCAT must be set to
+ * allow multihop dbclient connections */
+
+ /* Allow using -J <proxycommand> to run the connection through a
+ pipe to a program, rather the normal TCP connection */
+ #define ENABLE_CLI_PROXYCMD
+
+ /* Enable "Netcat mode" option. This will forward standard input/output
+ * to a remote TCP-forwarded connection */
+ #define ENABLE_CLI_NETCAT
+
/* Encryption - at least one required.
! * Protocol RFC requires 3DES and recommends AES128 for interoperability.
* Including multiple keysize variants the same cipher
* (eg AES256 as well as AES128) will result in a minimal size increase.*/
! /*#define DROPBEAR_AES128*/
! #define DROPBEAR_3DES
! /*#define DROPBEAR_AES256*/
! /*#define DROPBEAR_BLOWFISH*/
! /*#define DROPBEAR_TWOFISH256*/
! /*#define DROPBEAR_TWOFISH128*/
!
! /* Enable "Counter Mode" for ciphers. This is more secure than normal
! * CBC mode against certain attacks. This adds around 1kB to binary
! * size and is recommended for most cases */
! #define DROPBEAR_ENABLE_CTR_MODE
/* Message Integrity - at least one required.
! * Protocol RFC requires sha1 and recommends sha1-96.
* sha1-96 may be of use for slow links, as it has a smaller overhead.
*
***************
*** 134,140 ****
#define ENABLE_SVR_PASSWORD_AUTH
! /*#define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
#define ENABLE_SVR_PUBKEY_AUTH
#define ENABLE_CLI_PASSWORD_AUTH
#define ENABLE_CLI_PUBKEY_AUTH
--- 151,163 ----
#define ENABLE_SVR_PASSWORD_AUTH
! /* PAM requires ./configure --enable-pam */
! /*#define ENABLE_SVR_PAM_AUTH*/
#define ENABLE_SVR_PUBKEY_AUTH
+ /* Wether to ake public key options in authorized_keys file into account */
+ #ifdef ENABLE_SVR_PUBKEY_AUTH
+ #define ENABLE_SVR_PUBKEY_OPTIONS
+ #endif
+
#define ENABLE_CLI_PASSWORD_AUTH
#define ENABLE_CLI_PUBKEY_AUTH
***************
*** 236,439 ****
#define DEFAULT_KEEPALIVE 0
! /*******************************************************************
! * You shouldn't edit below here unless you know you need to.
! *******************************************************************/
!
! #ifndef DROPBEAR_VERSION
! #define DROPBEAR_VERSION "0.51"
! #endif
!
! #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
! #define PROGNAME "dropbear"
!
! /* Spec recommends after one hour or 1 gigabyte of data. One hour
! * is a bit too verbose, so we try 8 hours */
! #ifndef KEX_REKEY_TIMEOUT
! #define KEX_REKEY_TIMEOUT (3600 * 8)
! #endif
! #ifndef KEX_REKEY_DATA
! #define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */
! #endif
! /* Close connections to clients which haven't authorised after AUTH_TIMEOUT */
! #ifndef AUTH_TIMEOUT
! #define AUTH_TIMEOUT 300 /* we choose 5 minutes */
! #endif
!
! /* Minimum key sizes for DSS and RSA */
! #ifndef MIN_DSS_KEYLEN
! #define MIN_DSS_KEYLEN 512
! #endif
! #ifndef MIN_RSA_KEYLEN
! #define MIN_RSA_KEYLEN 512
! #endif
!
! #define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */
! #define MAX_BANNER_LINES 20 /* How many lines the client will display */
!
! /* the number of NAME=VALUE pairs to malloc for environ, if we don't have
! * the clearenv() function */
! #define ENV_SIZE 100
!
! #define MAX_CMD_LEN 1024 /* max length of a command */
! #define MAX_TERM_LEN 200 /* max length of TERM name */
!
! #define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */
! #define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */
!
! #define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified,
! ipv4 and ipv6
don't count twice */
!
! /* Each port might have at least a v4 and a v6 address */
! #define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3)
!
! #define _PATH_TTY "/dev/tty"
!
! #define _PATH_CP "/bin/cp"
!
! /* success/failure defines */
! #define DROPBEAR_SUCCESS 0
! #define DROPBEAR_FAILURE -1
!
! /* various algorithm identifiers */
! #define DROPBEAR_KEX_DH_GROUP1 0
!
! #define DROPBEAR_SIGNKEY_ANY 0
! #define DROPBEAR_SIGNKEY_RSA 1
! #define DROPBEAR_SIGNKEY_DSS 2
! #define DROPBEAR_SIGNKEY_NONE 3
!
! #define DROPBEAR_COMP_NONE 0
! #define DROPBEAR_COMP_ZLIB 1
!
! /* Required for pubkey auth */
! #if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
! #define DROPBEAR_SIGNKEY_VERIFY
! #endif
!
! /* SHA1 is 20 bytes == 160 bits */
! #define SHA1_HASH_SIZE 20
! /* SHA512 is 64 bytes == 512 bits */
! #define SHA512_HASH_SIZE 64
! /* MD5 is 16 bytes = 128 bits */
! #define MD5_HASH_SIZE 16
!
! /* largest of MD5 and SHA1 */
! #define MAX_MAC_LEN SHA1_HASH_SIZE
!
!
! #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */
! #define MAX_IV_LEN 20 /* must be same as max blocksize,
! and >= SHA1_HASH_SIZE */
! #define MAX_MAC_KEY 20
!
! #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't
! explicitly specified for all
protocols (just
! for algos) but seems valid */
!
! #define MAX_PROPOSED_ALGO 20
!
! /* size/count limits */
! #define MIN_PACKET_LEN 16
!
! #define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100)))
!
! /* for channel code */
! #define TRANS_MAX_WINDOW 500000000 /* 500MB is sufficient, stopping overflow
*/
! #define TRANS_MAX_WIN_INCR 500000000 /* overflow prevention */
!
! #define RECV_WINDOWEXTEND (opts.recv_window / 3) /* We send a "window extend"
every
!
RECV_WINDOWEXTEND bytes */
! #define MAX_RECV_WINDOW (1024*1024) /* 1 MB should be enough */
!
! #define MAX_CHANNELS 100 /* simple mem restriction, includes each tcp/x11
! connection, so can't be
_too_ small */
!
! #define MAX_STRING_LEN 1400 /* ~= MAX_PROPOSED_ALGO * MAX_NAME_LEN, also
! is the max length
for a password etc */
!
! /* For a 4096 bit DSS key, empirically determined */
! #define MAX_PUBKEY_SIZE 1700
! /* For a 4096 bit DSS key, empirically determined */
! #define MAX_PRIVKEY_SIZE 1700
!
! /* The maximum size of the bignum portion of the kexhash buffer */
! /* Sect. 8 of the transport draft, K_S + e + f + K */
! #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130)
!
! #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit
! in a few years
time.... */
!
! #define DROPBEAR_MAX_CLI_PASS 1024
!
! #define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll
!
accept for keyb-interactive
!
auth */
!
! #if defined(DROPBEAR_AES256_CBC) || defined(DROPBEAR_AES128_CBC)
! #define DROPBEAR_AES_CBC
! #endif
!
! #if defined(DROPBEAR_TWOFISH256_CBC) || defined(DROPBEAR_TWOFISH128_CBC)
! #define DROPBEAR_TWOFISH_CBC
! #endif
!
! #ifndef ENABLE_X11FWD
! #define DISABLE_X11FWD
! #endif
!
! #ifndef ENABLE_AGENTFWD
! #define DISABLE_AGENTFWD
! #endif
!
! #if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD)
! #define ENABLE_CLI_ANYTCPFWD
! #endif
!
! #if defined(ENABLE_CLI_LOCALTCPFWD) || defined(ENABLE_SVR_REMOTETCPFWD)
! #define DROPBEAR_TCP_ACCEPT
! #endif
!
! #if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) || \
! defined(ENABLE_SVR_REMOTETCPFWD) || defined(ENABLE_SVR_LOCALTCPFWD) || \
! defined(ENABLE_AGENTFWD) || defined(ENABLE_X11FWD)
! #define USING_LISTENERS
! #endif
!
! #if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
! #define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */
! #endif
!
! #if defined(ENABLE_SVR_PASSWORD_AUTH) && defined(ENABLE_SVR_PAM_AUTH)
! #error "You can't turn on PASSWORD and PAM auth both at once. Fix it in
options.h"
! #endif
!
! #if defined(DROPBEAR_RANDOM_DEV) && defined(DROPBEAR_PRNGD_SOCKET)
! #error "You can't turn on DROPBEAR_PRNGD_SOCKET and DROPBEAR_RANDOM_DEV at
once"
! #endif
!
! #if !defined(DROPBEAR_RANDOM_DEV) && !defined(DROPBEAR_PRNGD_SOCKET)
! #error "You must choose one of DROPBEAR_PRNGD_SOCKET or DROPBEAR_RANDOM_DEV
in options.h"
! #endif
!
! /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant
! * code, if we're just compiling as client or server */
! #if defined(DROPBEAR_SERVER) && defined(DROPBEAR_CLIENT)
!
! #define IS_DROPBEAR_SERVER (ses.isserver == 1)
! #define IS_DROPBEAR_CLIENT (ses.isserver == 0)
!
! #elif defined(DROPBEAR_SERVER)
!
! #define IS_DROPBEAR_SERVER 1
! #define IS_DROPBEAR_CLIENT 0
!
! #elif defined(DROPBEAR_CLIENT)
! #define IS_DROPBEAR_SERVER 0
! #define IS_DROPBEAR_CLIENT 1
! #else
! #error You must compiled with either DROPBEAR_CLIENT or DROPBEAR_SERVER
selected
! #endif
#endif /* _OPTIONS_H_ */
--- 259,272 ----
#define DEFAULT_KEEPALIVE 0
! /* Ensure that data is received within IDLE_TIMEOUT seconds. This can
! be overridden at runtime with -I. 0 disables idle timeouts */
! #define DEFAULT_IDLE_TIMEOUT 0
! /* The default path. This will often get replaced by the shell */
! #define DEFAULT_PATH "/usr/bin:/bin"
! /* Some other defines (that mostly should be left alone) are defined
! * in sysoptions.h */
! #include "sysoptions.h"
#endif /* _OPTIONS_H_ */
Index: buildtool.cfg
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/apps/dropbear/buildtool.cfg,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -d -r1.17 -r1.18
*** buildtool.cfg 27 Mar 2008 20:23:18 -0000 1.17
--- buildtool.cfg 22 Nov 2008 19:03:57 -0000 1.18
***************
*** 5,9 ****
</File>
! <File dropbear-0.51.tar.gz>
Server = cvs-sourceforge
Revision = HEAD
--- 5,9 ----
</File>
! <File dropbear-0.52.tar.gz>
Server = cvs-sourceforge
Revision = HEAD
***************
*** 33,38 ****
<Package>
<dropbear>
! Version = 0.51
! Revision = 2
Help <<EOF
--- 33,38 ----
<Package>
<dropbear>
! Version = 0.52
! Revision = 1
Help <<EOF
***************
*** 103,108 ****
</dropbear>
<dbclient>
! Version = 0.51
! Revision = 2
Help <<EOF
--- 103,108 ----
</dropbear>
<dbclient>
! Version = 0.52
! Revision = 1
Help <<EOF
Index: buildtool.mk
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/apps/dropbear/buildtool.mk,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** buildtool.mk 27 Mar 2008 20:23:18 -0000 1.13
--- buildtool.mk 22 Nov 2008 19:03:57 -0000 1.14
***************
*** 2,6 ****
include $(MASTERMAKEFILE)
! DROPBEAR_DIR:=dropbear-0.51
DROPBEAR_TARGET_DIR:=$(BT_BUILD_DIR)/dropbear
--- 2,6 ----
include $(MASTERMAKEFILE)
! DROPBEAR_DIR:=dropbear-0.52
DROPBEAR_TARGET_DIR:=$(BT_BUILD_DIR)/dropbear
--- NEW FILE: dropbear-0.52.tar.gz ---
(This appears to be a binary file; contents omitted.)
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
leaf-cvs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-cvs-commits
