On Mon, Mar 7, 2011 at 4:33 PM, Eric Bénard <[email protected]> wrote: > * 0.53.1 brings some improvements over 0.52 which was released > more than 2 years ago. For more details, check the changelog here : > http://matt.ucc.asn.au/dropbear/CHANGES > > Signed-off-by: Eric Bénard <[email protected]>
a line or two about the define would be nice so people can disable/enable it if they want otherwise it looks better. Acked-by: Khem Raj <[email protected]> > --- > recipes/dropbear/dropbear-0.53.1/allow-nopw.patch | 40 > ++++++++++++++++++++ > recipes/dropbear/dropbear-0.53.1/configure.patch | 27 +++++++++++++ > .../dropbear/dropbear-0.53.1/fix-2kb-keys.patch | 12 ++++++ > .../dropbear/dropbear-0.53.1/no-host-lookup.patch | 12 ++++++ > .../urandom-xauth-changes-to-options.h.patch | 13 ++++++ > recipes/dropbear/dropbear_0.53.1.bb | 13 ++++++ > 6 files changed, 117 insertions(+), 0 deletions(-) > create mode 100644 recipes/dropbear/dropbear-0.53.1/allow-nopw.patch > create mode 100644 recipes/dropbear/dropbear-0.53.1/configure.patch > create mode 100644 recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch > create mode 100644 recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch > create mode 100644 > recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch > create mode 100644 recipes/dropbear/dropbear_0.53.1.bb > > diff --git a/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch > b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch > new file mode 100644 > index 0000000..3f3e8b1 > --- /dev/null > +++ b/recipes/dropbear/dropbear-0.53.1/allow-nopw.patch > @@ -0,0 +1,40 @@ > +Index: dropbear-0.51/svr-auth.c > +=================================================================== > +--- dropbear-0.51.orig/svr-auth.c > ++++ dropbear-0.51/svr-auth.c > +@@ -270,7 +270,7 @@ static int checkusername(unsigned char * > + send_msg_userauth_failure(0, 1); > + return DROPBEAR_FAILURE; > + } > +- > ++#ifdef DISALLOW_EMPTY_PW > + /* check for an empty password */ > + if (ses.authstate.pw_passwd[0] == '\0') { > + TRACE(("leave checkusername: empty pword")) > +@@ -279,7 +279,7 @@ static int checkusername(unsigned char * > + send_msg_userauth_failure(0, 1); > + return DROPBEAR_FAILURE; > + } > +- > ++#endif > + TRACE(("shell is %s", ses.authstate.pw_shell)) > + > + /* check that the shell is set */ > +Index: dropbear-0.51/svr-authpasswd.c > +=================================================================== > +--- dropbear-0.51.orig/svr-authpasswd.c > ++++ dropbear-0.51/svr-authpasswd.c > +@@ -64,9 +64,13 @@ void svr_auth_password() { > + * since the shadow password may differ to that tested > + * in auth.c */ > + if (passwdcrypt[0] == '\0') { > ++#ifdef DISALLOW_EMPTY_PW > + dropbear_log(LOG_WARNING, "user '%s' has blank password, > rejected", > + ses.authstate.pw_name); > + send_msg_userauth_failure(0, 1); > ++#else > ++ send_msg_userauth_success(); > ++#endif > + return; > + } > + > diff --git a/recipes/dropbear/dropbear-0.53.1/configure.patch > b/recipes/dropbear/dropbear-0.53.1/configure.patch > new file mode 100644 > index 0000000..fa24efc > --- /dev/null > +++ b/recipes/dropbear/dropbear-0.53.1/configure.patch > @@ -0,0 +1,27 @@ > +Index: dropbear-0.50/configure.in > +=================================================================== > +--- dropbear-0.50.orig/configure.in > ++++ dropbear-0.50/configure.in > +@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, > + AC_MSG_NOTICE(Not using openpty) > + else > + AC_MSG_NOTICE(Using openpty if available) > +- AC_SEARCH_LIBS(openpty, util, > [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) > ++ AC_SEARCH_LIBS(openpty, util, > [dropbear_cv_func_have_openpty=yes]) > + fi > + ], > + [ > + AC_MSG_NOTICE(Using openpty if available) > +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) > ++ AC_SEARCH_LIBS(openpty, util, > [dropbear_cv_func_have_openpty=yes]) > + ] > + ) > ++ > ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then > ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) > ++ no_ptc_check=yes > ++ no_ptmx_check=yes > ++fi > + > + > + AC_ARG_ENABLE(syslog, > diff --git a/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch > b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch > new file mode 100644 > index 0000000..bb7a4d3 > --- /dev/null > +++ b/recipes/dropbear/dropbear-0.53.1/fix-2kb-keys.patch > @@ -0,0 +1,12 @@ > +Index: dropbear-0.50/kex.h > +=================================================================== > +--- dropbear-0.50.orig/kex.h > ++++ dropbear-0.50/kex.h > +@@ -59,6 +59,6 @@ struct KEXState { > + > + }; > + > +-#define MAX_KEXHASHBUF 2000 > ++#define MAX_KEXHASHBUF 3000 > + > + #endif /* _KEX_H_ */ > diff --git a/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch > b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch > new file mode 100644 > index 0000000..d7c2ccd > --- /dev/null > +++ b/recipes/dropbear/dropbear-0.53.1/no-host-lookup.patch > @@ -0,0 +1,12 @@ > +diff -urN dropbear-0.51/options.h dropbear-0.51.new/options.h > +--- dropbear-0.51/options.h 2008-03-27 14:34:39.000000000 +0100 > ++++ dropbear-0.51.new/options.h 2008-06-22 00:22:09.000000000 +0200 > +@@ -112,7 +112,7 @@ > + /* #define DSS_PROTOK */ > + > + /* Whether to do reverse DNS lookups. */ > +-#define DO_HOST_LOOKUP > ++/* #define DO_HOST_LOOKUP */ > + > + /* Whether to print the message of the day (MOTD). This doesn't add much > code > + * size */ > diff --git > a/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch > b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch > new file mode 100644 > index 0000000..bd1657d > --- /dev/null > +++ > b/recipes/dropbear/dropbear-0.53.1/urandom-xauth-changes-to-options.h.patch > @@ -0,0 +1,13 @@ > +diff --git a/options.h b/options.h > +index d309ab4..7fbe97b 100644 > +--- a/options.h > ++++ b/options.h > +@@ -236,7 +236,7 @@ much traffic. */ > + /* The command to invoke for xauth when using X11 forwarding. > + * "-q" for quiet */ > + #ifndef XAUTH_COMMAND > +-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" > ++#define XAUTH_COMMAND "xauth -q" > + #endif > + > + /* if you want to enable running an sftp server (such as the one included > with > diff --git a/recipes/dropbear/dropbear_0.53.1.bb > b/recipes/dropbear/dropbear_0.53.1.bb > new file mode 100644 > index 0000000..d26b9e8 > --- /dev/null > +++ b/recipes/dropbear/dropbear_0.53.1.bb > @@ -0,0 +1,13 @@ > +require dropbear.inc > +PR = "${INC_PR}.0" > + > +SRC_URI += "file://no-host-lookup.patch" > + > +do_configure_prepend() { > + echo "#define DROPBEAR_SMALL_CODE" >>${S}/options.h > +} > + > +DEFAULT_PREFERENCE = "-1" > + > +SRC_URI[md5sum] = "0284ea239083f04c8b874e08e1aca243" > +SRC_URI[sha256sum] = > "e24d3cbecd3bc850b2b336b8eb50c845a285ceef8e22544938a582e163d36393" > -- > 1.7.0.4 > > > _______________________________________________ > Openembedded-devel mailing list > [email protected] > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel > _______________________________________________ Openembedded-devel mailing list [email protected] http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
