diff options
| author | wangmy <wangmy@fujitsu.com> | 2022-04-19 18:31:18 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-04-20 13:13:59 +0100 |
| commit | a4df7ceead5532310a88b0f7b524b32c2dcb6a6b (patch) | |
| tree | 6b698d727535ace4e470d0c217a7622351cac03d /meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch | |
| parent | 41984559c8fa392d7311722a72f2fa2f19ea3065 (diff) | |
| download | poky-a4df7ceead5532310a88b0f7b524b32c2dcb6a6b.tar.gz | |
dropbear: upgrade 2020.81 -> 2022.82
refresh the following patches for new version:
0001-urandom-xauth-changes-to-options.h.patch
0005-dropbear-enable-pam.patch
dropbear-disable-weak-ciphers.patch
Changelog:
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2022.82
(From OE-Core rev: d5f9c44ede9babd0f48306cfefe4a16065e8ea30)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch')
| -rw-r--r-- | meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch b/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch index b54581f17a..5c60868ed8 100644 --- a/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch +++ b/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch | |||
| @@ -9,27 +9,23 @@ and we want to support the stong algorithms. | |||
| 9 | 9 | ||
| 10 | Upstream-Status: Inappropriate [configuration] | 10 | Upstream-Status: Inappropriate [configuration] |
| 11 | Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com> | 11 | Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com> |
| 12 | |||
| 13 | --- | 12 | --- |
| 14 | default_options.h | 4 ++-- | 13 | default_options.h | 2 +- |
| 15 | 1 file changed, 2 insertions(+), 2 deletions(-) | 14 | 1 file changed, 1 insertion(+), 1 deletion(-) |
| 16 | 15 | ||
| 17 | diff --git a/default_options.h b/default_options.h | 16 | diff --git a/default_options.h b/default_options.h |
| 18 | index 1aa2297..7ff1394 100644 | 17 | index d417588..bc5200f 100644 |
| 19 | --- a/default_options.h | 18 | --- a/default_options.h |
| 20 | +++ b/default_options.h | 19 | +++ b/default_options.h |
| 21 | @@ -163,12 +163,12 @@ IMPORTANT: Some options will require "make clean" after changes */ | 20 | @@ -180,7 +180,7 @@ IMPORTANT: Some options will require "make clean" after changes */ |
| 22 | * Small systems should generally include either curve25519 or ecdh for performance. | 21 | * Small systems should generally include either curve25519 or ecdh for performance. |
| 23 | * curve25519 is less widely supported but is faster | 22 | * curve25519 is less widely supported but is faster |
| 24 | */ | 23 | */ |
| 25 | -#define DROPBEAR_DH_GROUP14_SHA1 1 | 24 | -#define DROPBEAR_DH_GROUP14_SHA1 1 |
| 26 | +#define DROPBEAR_DH_GROUP14_SHA1 0 | 25 | +#define DROPBEAR_DH_GROUP14_SHA1 0 |
| 27 | #define DROPBEAR_DH_GROUP14_SHA256 1 | 26 | #define DROPBEAR_DH_GROUP14_SHA256 1 |
| 28 | #define DROPBEAR_DH_GROUP16 0 | 27 | #define DROPBEAR_DH_GROUP16 0 |
| 29 | #define DROPBEAR_CURVE25519 1 | 28 | #define DROPBEAR_CURVE25519 1 |
| 30 | #define DROPBEAR_ECDH 1 | 29 | -- |
| 31 | -#define DROPBEAR_DH_GROUP1 1 | 30 | 2.25.1 |
| 32 | +#define DROPBEAR_DH_GROUP1 0 | 31 | |
| 33 | |||
| 34 | /* When group1 is enabled it will only be allowed by Dropbear client | ||
| 35 | not as a server, due to concerns over its strength. Set to 0 to allow | ||