diff options
author | Eric Bénard <eric@eukrea.com> | 2013-04-25 00:56:13 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-04-29 14:45:07 +0100 |
commit | 213d204308afddae803007fbee17071beb773a30 (patch) | |
tree | ff41a15724070e05d999fe405b4245ec36c87e7b /meta/recipes-core/dropbear/dropbear | |
parent | f94519c617b23df28d93e1313c3325eddf59d59d (diff) | |
download | poky-213d204308afddae803007fbee17071beb773a30.tar.gz |
dropbear: update to 2013.58
- patches updated
- nopw-option.patch dropped as the option is integrated since 2013.56
- compile tested for ARMv5 target
(From OE-Core rev: ce92c707f26aff8f02021c757056af4ecddb315d)
Signed-off-by: Eric Bénard <eric@eukrea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear')
6 files changed, 0 insertions, 232 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch deleted file mode 100644 index d1256161c4..0000000000 --- a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch +++ /dev/null | |||
@@ -1,58 +0,0 @@ | |||
1 | Upstream-Status: Submitted | ||
2 | |||
3 | |||
4 | dropbear: fix static build | ||
5 | |||
6 | A more appropriate fix is to remove @CRYPTLIB@ from the objs | ||
7 | line, since it will cause problems with target checking, | ||
8 | this change also meets the goals of the orignal change which | ||
9 | was to not link libcrypt to all binaries. | ||
10 | |||
11 | svr-authpasswd.o: In function `svr_auth_password': | ||
12 | svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt' | ||
13 | collect2: ld returned 1 exit status | ||
14 | |||
15 | Signed-off-by: Saul Wold <sgw@linux.intel.com> | ||
16 | |||
17 | Index: dropbear-2011.54/Makefile.in | ||
18 | =================================================================== | ||
19 | --- dropbear-2011.54.orig/Makefile.in 2011-11-08 04:48:15.000000000 -0800 | ||
20 | +++ dropbear-2011.54/Makefile.in 2011-12-27 13:44:41.644354442 -0800 | ||
21 | @@ -56,7 +56,7 @@ | ||
22 | loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ | ||
23 | listener.h fake-rfc2553.h | ||
24 | |||
25 | -dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ | ||
26 | +dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) | ||
27 | dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) | ||
28 | dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS) | ||
29 | dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS) | ||
30 | @@ -158,7 +158,10 @@ | ||
31 | dropbearkey: $(dropbearkeyobjs) | ||
32 | dropbearconvert: $(dropbearconvertobjs) | ||
33 | |||
34 | -dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile | ||
35 | +dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile | ||
36 | + $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@ | ||
37 | + | ||
38 | +dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile | ||
39 | $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) | ||
40 | |||
41 | # scp doesn't use the libs so is special. | ||
42 | @@ -169,14 +172,14 @@ | ||
43 | # multi-binary compilation. | ||
44 | MULTIOBJS= | ||
45 | ifeq ($(MULTI),1) | ||
46 | - MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ | ||
47 | + MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) | ||
48 | CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI | ||
49 | endif | ||
50 | |||
51 | dropbearmulti: multilink | ||
52 | |||
53 | multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile | ||
54 | - $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) | ||
55 | + $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@ | ||
56 | |||
57 | multilink: multibinary $(addprefix link, $(PROGRAMS)) | ||
58 | |||
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch deleted file mode 100644 index 5e9455363a..0000000000 --- a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch +++ /dev/null | |||
@@ -1,18 +0,0 @@ | |||
1 | dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \ | ||
2 | to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" | ||
3 | |||
4 | Upstream-Status: Inappropriate [configuration] | ||
5 | |||
6 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> | ||
7 | |||
8 | --- a/svr-authpam.c 2008-11-11 22:09:03.000000000 +0800 | ||
9 | +++ b/svr-authpam.c.new 2011-08-29 09:53:24.000000000 +0800 | ||
10 | @@ -199,7 +199,7 @@ | ||
11 | userData.passwd = password; | ||
12 | |||
13 | /* Init pam */ | ||
14 | - if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { | ||
15 | + if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { | ||
16 | dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", | ||
17 | rc, pam_strerror(pamHandlep, rc)); | ||
18 | goto cleanup; | ||
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch deleted file mode 100644 index 004d773dc3..0000000000 --- a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch +++ /dev/null | |||
@@ -1,22 +0,0 @@ | |||
1 | dropbear: We need modify file option.h besides enabling pam in \ | ||
2 | configure if we want dropbear to support pam. | ||
3 | |||
4 | Upstream-Status: Pending | ||
5 | |||
6 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> | ||
7 | |||
8 | --- a/options.h 2011-07-12 13:27:39.008819183 +0800 | ||
9 | +++ b/options.h.new 2011-07-12 13:37:37.780819308 +0800 | ||
10 | @@ -149,9 +149,9 @@ | ||
11 | * but there's an interface via a PAM module - don't bother using it otherwise. | ||
12 | * You can't enable both PASSWORD and PAM. */ | ||
13 | |||
14 | -#define ENABLE_SVR_PASSWORD_AUTH | ||
15 | +//#define ENABLE_SVR_PASSWORD_AUTH | ||
16 | /* PAM requires ./configure --enable-pam */ | ||
17 | -/*#define ENABLE_SVR_PAM_AUTH*/ | ||
18 | +#define ENABLE_SVR_PAM_AUTH | ||
19 | #define ENABLE_SVR_PUBKEY_AUTH | ||
20 | |||
21 | /* Wether to ake public key options in authorized_keys file into account */ | ||
22 | |||
diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch deleted file mode 100644 index 3b919f6759..0000000000 --- a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch +++ /dev/null | |||
@@ -1,13 +0,0 @@ | |||
1 | Upstream-Status: Inappropriate [configuration] | ||
2 | |||
3 | diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h | ||
4 | --- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800 | ||
5 | +++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800 | ||
6 | @@ -64,6 +64,6 @@ | ||
7 | |||
8 | }; | ||
9 | |||
10 | -#define MAX_KEXHASHBUF 2000 | ||
11 | +#define MAX_KEXHASHBUF 3000 | ||
12 | |||
13 | #endif /* _KEX_H_ */ | ||
diff --git a/meta/recipes-core/dropbear/dropbear/nopw-option.patch b/meta/recipes-core/dropbear/dropbear/nopw-option.patch deleted file mode 100644 index 2ff84d24b3..0000000000 --- a/meta/recipes-core/dropbear/dropbear/nopw-option.patch +++ /dev/null | |||
@@ -1,106 +0,0 @@ | |||
1 | Allow configuring "allow blank password option" at runtime | ||
2 | |||
3 | Changes this from a compile-time switch to a command-line option. | ||
4 | |||
5 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
6 | |||
7 | Upstream-Status: Accepted [expected in next release after 2012.55] | ||
8 | |||
9 | diff --git a/options.h b/options.h | ||
10 | index 00f6179..b8d0ccb 100644 | ||
11 | --- a/options.h | ||
12 | +++ b/options.h | ||
13 | @@ -176,12 +176,6 @@ much traffic. */ | ||
14 | #define ENABLE_SVR_PUBKEY_OPTIONS | ||
15 | #endif | ||
16 | |||
17 | -/* Define this to allow logging in to accounts that have no password specified. | ||
18 | - * Public key logins are allowed for blank-password accounts regardless of this | ||
19 | - * setting. PAM is not affected by this setting, it uses the normal pam.d | ||
20 | - * settings ('nullok' option) */ | ||
21 | -/* #define ALLOW_BLANK_PASSWORD */ | ||
22 | - | ||
23 | #define ENABLE_CLI_PASSWORD_AUTH | ||
24 | #define ENABLE_CLI_PUBKEY_AUTH | ||
25 | #define ENABLE_CLI_INTERACT_AUTH | ||
26 | diff --git a/runopts.h b/runopts.h | ||
27 | index 83b5861..126585b 100644 | ||
28 | --- a/runopts.h | ||
29 | +++ b/runopts.h | ||
30 | @@ -85,6 +85,7 @@ typedef struct svr_runopts { | ||
31 | |||
32 | int noauthpass; | ||
33 | int norootpass; | ||
34 | + int allowblankpass; | ||
35 | |||
36 | #ifdef ENABLE_SVR_REMOTETCPFWD | ||
37 | int noremotetcp; | ||
38 | diff --git a/svr-authpasswd.c b/svr-authpasswd.c | ||
39 | index 54b4889..d9b7928 100644 | ||
40 | --- a/svr-authpasswd.c | ||
41 | +++ b/svr-authpasswd.c | ||
42 | @@ -29,6 +29,7 @@ | ||
43 | #include "buffer.h" | ||
44 | #include "dbutil.h" | ||
45 | #include "auth.h" | ||
46 | +#include "runopts.h" | ||
47 | |||
48 | #ifdef ENABLE_SVR_PASSWORD_AUTH | ||
49 | |||
50 | @@ -78,16 +79,17 @@ void svr_auth_password() { | ||
51 | |||
52 | /* check for empty password */ | ||
53 | if (passwdcrypt[0] == '\0') { | ||
54 | -#ifdef ALLOW_BLANK_PASSWORD | ||
55 | - if (passwordlen == 0) { | ||
56 | - success_blank = 1; | ||
57 | + if (svr_opts.allowblankpass) { | ||
58 | + if (passwordlen == 0) { | ||
59 | + success_blank = 1; | ||
60 | + } | ||
61 | + } | ||
62 | + else { | ||
63 | + dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", | ||
64 | + ses.authstate.pw_name); | ||
65 | + send_msg_userauth_failure(0, 1); | ||
66 | + return; | ||
67 | } | ||
68 | -#else | ||
69 | - dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", | ||
70 | - ses.authstate.pw_name); | ||
71 | - send_msg_userauth_failure(0, 1); | ||
72 | - return; | ||
73 | -#endif | ||
74 | } | ||
75 | |||
76 | if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) { | ||
77 | diff --git a/svr-runopts.c b/svr-runopts.c | ||
78 | index c6e3508..b39ffb2 100644 | ||
79 | --- a/svr-runopts.c | ||
80 | +++ b/svr-runopts.c | ||
81 | @@ -63,6 +63,7 @@ static void printhelp(const char * progname) { | ||
82 | #if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH) | ||
83 | "-s Disable password logins\n" | ||
84 | "-g Disable password logins for root\n" | ||
85 | + "-B Allow blank password logins\n" | ||
86 | #endif | ||
87 | #ifdef ENABLE_SVR_LOCALTCPFWD | ||
88 | "-j Disable local port forwarding\n" | ||
89 | @@ -115,6 +116,7 @@ void svr_getopts(int argc, char ** argv) { | ||
90 | svr_opts.norootlogin = 0; | ||
91 | svr_opts.noauthpass = 0; | ||
92 | svr_opts.norootpass = 0; | ||
93 | + svr_opts.allowblankpass = 0; | ||
94 | svr_opts.inetdmode = 0; | ||
95 | svr_opts.portcount = 0; | ||
96 | svr_opts.hostkey = NULL; | ||
97 | @@ -234,6 +236,9 @@ void svr_getopts(int argc, char ** argv) { | ||
98 | case 'g': | ||
99 | svr_opts.norootpass = 1; | ||
100 | break; | ||
101 | + case 'B': | ||
102 | + svr_opts.allowblankpass = 1; | ||
103 | + break; | ||
104 | #endif | ||
105 | case 'h': | ||
106 | printhelp(argv[0]); | ||
diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch deleted file mode 100644 index 4acc3974d6..0000000000 --- a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch +++ /dev/null | |||
@@ -1,15 +0,0 @@ | |||
1 | Upstream-Status: Inappropriate [configuration] | ||
2 | |||
3 | diff --git a/options.h b/options.h | ||
4 | index d309ab4..7fbe97b 100644 | ||
5 | --- a/options.h | ||
6 | +++ b/options.h | ||
7 | @@ -236,7 +236,7 @@ much traffic. */ | ||
8 | /* The command to invoke for xauth when using X11 forwarding. | ||
9 | * "-q" for quiet */ | ||
10 | #ifndef XAUTH_COMMAND | ||
11 | -#define XAUTH_COMMAND "/usr/bin/X11/xauth -q" | ||
12 | +#define XAUTH_COMMAND "xauth -q" | ||
13 | #endif | ||
14 | |||
15 | /* if you want to enable running an sftp server (such as the one included with | ||