dropbear: upgrade to 2013.62

LIC_FILES_CHKSUM has changed with the introduction of a BSD-3-Clause algorithm (curve25519-donna); this has prompted a re-evaluation of the LICENSE value which should now reflect the licenses declared in the upstream documentation. Thanks to Beth Flanagan for helping with this. (From OE-Core rev: 232e8b96988ffa6e5107917fbf41222d26e4e90b) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Paul Eggleton <paul.eggleton@linux.intel.com> 2013-12-17 12:04:15 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-01-14 11:33:52 +0000
commit: 6c93994dee481d8cd6e92adc11e50a113736b98e (patch)
tree: 9625c39eb89539eab7d20652371616af2e5977a1 /meta/recipes-core/dropbear/dropbear
parent: ad6f3ea1b4e2d05a9308e957bc7431fa8f96a342 (diff)
download: poky-6c93994dee481d8cd6e92adc11e50a113736b98e.tar.gz
7 files changed, 342 insertions, 0 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
new file mode 100644
index 0000000000..71a4666b5c
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
@@ -0,0 +1,23 @@
+Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h
+Upstream-Status: Inappropriate [configuration]
+---
+ options.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/options.h b/options.h
+index 7d06322..71a21c2 100644
+--- a/options.h
+++ b/options.h
+@@ -247,7 +247,7 @@ much traffic. */
+ /* The command to invoke for xauth when using X11 forwarding.
+  * "-q" for quiet */
+ #ifndef XAUTH_COMMAND
+-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q"
+#define XAUTH_COMMAND "xauth -q"
+ #endif
+ 
+ /* if you want to enable running an sftp server (such as the one included with
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch
new file mode 100644
index 0000000000..552bee8996
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch
@@ -0,0 +1,64 @@
+Subject: [PATCH 2/6] static_build_fix
+Upstream-Status: Submitted
+dropbear: fix static build
+A more appropriate fix is to remove @CRYPTLIB@ from the objs
+line, since it will cause problems with target checking,
+this change also meets the goals of the orignal change which
+was to not link libcrypt to all binaries.
+svr-authpasswd.o: In function `svr_auth_password':
+svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt'
+collect2: ld returned 1 exit status
+Signed-off-by: Saul Wold <sgw@linux.intel.com>
+---
+ Makefile.in | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+diff --git a/Makefile.in b/Makefile.in
+index 4bdd845..e82e561 100644
+--- a/Makefile.in
+++ b/Makefile.in
+@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
+                loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
+                listener.h fake-rfc2553.h
+ 
+-dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ 
+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
+ dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
+ dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
+ dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
+@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs)
+ dropbearkey: $(dropbearkeyobjs)
+ dropbearconvert: $(dropbearconvertobjs)
+ 
+-dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
+dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
+       $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@
+
+dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
+        $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)
+ 
+ # scp doesn't use the libs so is special.
+@@ -169,14 +172,14 @@ scp: $(SCPOBJS)  $(HEADERS) Makefile
+ # multi-binary compilation.
+ MULTIOBJS=
+ ifeq ($(MULTI),1)
+-       MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ 
+       MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs)))
+        CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI
+ endif
+ 
+ dropbearmulti: multilink 
+ 
+ multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile
+-       $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS)
+       $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@
+ 
+ multilink: multibinary $(addprefix link, $(PROGRAMS))
+ 
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/0003-configure.patch b/meta/recipes-core/dropbear/dropbear/0003-configure.patch
new file mode 100644
index 0000000000..2baf665ae4
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0003-configure.patch
@@ -0,0 +1,40 @@
+From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
+Date: Thu, 25 Apr 2013 00:27:25 +0200
+Subject: [PATCH 3/6] configure
+---
+ configure.ac | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+diff --git a/configure.ac b/configure.ac
+index 05461f3..9c16d90 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty,
+                        AC_MSG_NOTICE(Not using openpty)
+                else
+                        AC_MSG_NOTICE(Using openpty if available)
+-                       AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
+                       AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+                fi
+        ],
+        [
+                AC_MSG_NOTICE(Using openpty if available)
+-               AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
+               AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+        ]
+ )
+-               
+
+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
+       AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
+       no_ptc_check=yes
+       no_ptmx_check=yes
+fi
+ 
+ AC_ARG_ENABLE(syslog,
+        [  --disable-syslog        Don't include syslog support],
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch
new file mode 100644
index 0000000000..7539d2034f
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch
@@ -0,0 +1,22 @@
+Subject: [PATCH 4/6] fix 2kb keys
+Upstream-Status: Inappropriate [configuration]
+---
+ kex.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/kex.h b/kex.h
+index 72430e9..375c677 100644
+--- a/kex.h
+++ b/kex.h
+@@ -67,6 +67,6 @@ struct KEXState {
+ };
+ 
+ 
+-#define MAX_KEXHASHBUF 2000
+#define MAX_KEXHASHBUF 3000
+ 
+ #endif /* _KEX_H_ */
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
new file mode 100644
index 0000000000..e9307339ce
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
@@ -0,0 +1,31 @@
+Subject: [PATCH 5/6] dropbear enable pam
+dropbear: We need modify file option.h besides enabling pam in \
+configure if we want dropbear to support pam.
+Upstream-Status: Pending
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+ options.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/options.h b/options.h
+index 71a21c2..305f789 100644
+--- a/options.h
+++ b/options.h
+@@ -174,9 +174,9 @@ much traffic. */
+  * PAM challenge/response.
+  * You can't enable both PASSWORD and PAM. */
+ 
+-#define ENABLE_SVR_PASSWORD_AUTH
+//#define ENABLE_SVR_PASSWORD_AUTH
+ /* PAM requires ./configure --enable-pam */
+-//#define ENABLE_SVR_PAM_AUTH
+#define ENABLE_SVR_PAM_AUTH
+ #define ENABLE_SVR_PUBKEY_AUTH
+ 
+ /* Whether to take public key options in 
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
new file mode 100644
index 0000000000..fa4c8d0a67
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
@@ -0,0 +1,22 @@
+Subject: [PATCH 6/6] dropbear configuration file
+dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
+to "/etc/pam.d/dropbear for dropbear when enabling pam supporting"
+Upstream-Status: Inappropriate [configuration]
+Signed-off-by: Maxin B. John <maxin.john@enea.com>
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c
+--- dropbear-2013.60-orig/svr-authpam.c 2013-10-16 16:34:53.000000000 +0200
+++ dropbear-2013.60/svr-authpam.c      2013-10-21 17:04:04.969416055 +0200
+@@ -211,7 +211,7 @@
+        userData.passwd = password;
+ 
+        /* Init pam */
+-       if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+       if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+                dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", 
+                                rc, pam_strerror(pamHandlep, rc));
+                goto cleanup;
diff --git a/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch b/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch
new file mode 100644
index 0000000000..b4501211c3
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch
@@ -0,0 +1,140 @@
+Upstream-Status: Pending
+The dropbearkey utility built in x32 abi format, when generating ssh
+keys, was getting lost in the infinite loop.
+This patch fixes the issue by fixing types of variables and
+parameters of functions used in the code, which were getting
+undesired size, when compiled with the x32 abi toolchain.
+2013/05/23
+Received this fix from H J Lu.
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344079 25200
+# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
+# Parent  e76614145aea67f66e4a4257685c771efba21aa1
+Typdef mp_digit to unsigned long long for MP_64BIT
+When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned
+long long instead of unsigned long since for x32, unsigned long is
+32-bit and unsigned long long is 64-bit and it is safe to use unsigned
+long long for 64-bit integer with GCC.
+diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h
+--- a/libtommath/tommath.h      Thu Apr 18 22:57:47 2013 +0800
+++ b/libtommath/tommath.h      Thu May 23 14:21:19 2013 -0700
+@@ -73,7 +73,7 @@
+    typedef signed long long   long64;
+ #endif
+-   typedef unsigned long      mp_digit;
+   typedef unsigned long long mp_digit;
+    typedef unsigned long      mp_word __attribute__ ((mode(TI)));
+    #define DIGIT_BIT          60
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344241 25200
+# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536
+# Parent  a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
+Cast to mp_digit when updating *rho
+There is
+int
+mp_montgomery_setup (mp_int * n, mp_digit * rho)
+We should cast to mp_digit instead of unsigned long when updating
+*rho since mp_digit may be unsigned long long and unsigned long long
+may be different from unsigned long, like in x32.
+diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c
+--- a/libtommath/bn_mp_montgomery_setup.c       Thu May 23 14:21:19 2013 -0700
+++ b/libtommath/bn_mp_montgomery_setup.c       Thu May 23 14:24:01 2013 -0700
+@@ -48,7 +48,7 @@
+ #endif
+   /* rho = -1/m mod b */
+-  *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
+  *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
+   return MP_OKAY;
+ }
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344541 25200
+# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a
+# Parent  c7555a4cb7ded3a88409ba85f4027baa7af5f536
+Define LTC_FAST_TYPE to unsigned long long for __x86_64__
+We should define LTC_FAST_TYPE to unsigned long long instead of unsigned
+long if __x86_64__ to support x32 where unsigned long long is 64-bit
+and unsigned long is 32-bit.
+diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h
+--- a/libtomcrypt/src/headers/tomcrypt_cfg.h    Thu May 23 14:24:01 2013 -0700
+++ b/libtomcrypt/src/headers/tomcrypt_cfg.h    Thu May 23 14:29:01 2013 -0700
+@@ -74,7 +74,7 @@
+    #define ENDIAN_LITTLE
+    #define ENDIAN_64BITWORD
+    #define LTC_FAST
+-   #define LTC_FAST_TYPE    unsigned long
+   #define LTC_FAST_TYPE    unsigned long long
+ #endif
+ /* detect PPC32 */
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344730 25200
+# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee
+# Parent  7c656e7071a6412688b2f30a529a9afac6c7bf5a
+Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC
+We should use unsigned long long instead of unsigned long as unsigned
+64-bit integer for x86-64 GCC to support x32 where unsigned long is
+32-bit.
+diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h
+--- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700
+++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700
+@@ -343,7 +343,7 @@
+ /* 64-bit Rotates */
+ #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
+-static inline unsigned long ROL64(unsigned long word, int i)
+static inline unsigned long long ROL64(unsigned long long word, int i)
+ {
+    asm("rolq %%cl,%0"
+       :"=r" (word)
+@@ -351,7 +351,7 @@
+    return word;
+ }
+-static inline unsigned long ROR64(unsigned long word, int i)
+static inline unsigned long long ROR64(unsigned long long word, int i)
+ {
+    asm("rorq %%cl,%0"
+       :"=r" (word)
+@@ -361,7 +361,7 @@
+ #ifndef LTC_NO_ROLC
+-static inline unsigned long ROL64c(unsigned long word, const int i)
+static inline unsigned long long ROL64c(unsigned long long word, const int i)
+ {
+    asm("rolq %2,%0"
+       :"=r" (word)
+@@ -369,7 +369,7 @@
+    return word;
+ }
+-static inline unsigned long ROR64c(unsigned long word, const int i)
+static inline unsigned long long ROR64c(unsigned long long word, const int i)
+ {
+    asm("rorq %2,%0"
+       :"=r" (word)
author	Paul Eggleton <paul.eggleton@linux.intel.com>	2013-12-17 12:04:15 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-01-14 11:33:52 +0000
commit	6c93994dee481d8cd6e92adc11e50a113736b98e (patch)
tree	9625c39eb89539eab7d20652371616af2e5977a1 /meta/recipes-core/dropbear/dropbear
parent	ad6f3ea1b4e2d05a9308e957bc7431fa8f96a342 (diff)
download	poky-6c93994dee481d8cd6e92adc11e50a113736b98e.tar.gz

diff --git a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..71a4666b5c --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
@@ -0,0 +1,23 @@
	1	Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h
	2
	3	Upstream-Status: Inappropriate [configuration]
	4	---
	5	options.h \| 2 +-
	6	1 file changed, 1 insertion(+), 1 deletion(-)
	7
	8	diff --git a/options.h b/options.h
	9	index 7d06322..71a21c2 100644
	10	--- a/options.h
	11	+++ b/options.h
	12	@@ -247,7 +247,7 @@ much traffic. */
	13	/* The command to invoke for xauth when using X11 forwarding.
	14	* "-q" for quiet */
	15	#ifndef XAUTH_COMMAND
	16	-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q"
	17	+#define XAUTH_COMMAND "xauth -q"
	18	#endif
	19
	20	/* if you want to enable running an sftp server (such as the one included with
	21	--
	22	1.7.11.7
	23


diff --git a/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch new file mode 100644 index 0000000000..552bee8996 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0002-static_build_fix.patch
@@ -0,0 +1,64 @@
	1	Subject: [PATCH 2/6] static_build_fix
	2	Upstream-Status: Submitted
	3
	4	dropbear: fix static build
	5
	6	A more appropriate fix is to remove @CRYPTLIB@ from the objs
	7	line, since it will cause problems with target checking,
	8	this change also meets the goals of the orignal change which
	9	was to not link libcrypt to all binaries.
	10
	11	svr-authpasswd.o: In function `svr_auth_password':
	12	svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt'
	13	collect2: ld returned 1 exit status
	14
	15	Signed-off-by: Saul Wold <sgw@linux.intel.com>
	16	---
	17	Makefile.in \| 11 +++++++----
	18	1 file changed, 7 insertions(+), 4 deletions(-)
	19
	20	diff --git a/Makefile.in b/Makefile.in
	21	index 4bdd845..e82e561 100644
	22	--- a/Makefile.in
	23	+++ b/Makefile.in
	24	@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
	25	loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
	26	listener.h fake-rfc2553.h
	27
	28	-dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@
	29	+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
	30	dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
	31	dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
	32	dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
	33	@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs)
	34	dropbearkey: $(dropbearkeyobjs)
	35	dropbearconvert: $(dropbearconvertobjs)
	36
	37	-dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
	38	+dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
	39	+ $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@
	40	+
	41	+dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
	42	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)
	43
	44	# scp doesn't use the libs so is special.
	45	@@ -169,14 +172,14 @@ scp: $(SCPOBJS) $(HEADERS) Makefile
	46	# multi-binary compilation.
	47	MULTIOBJS=
	48	ifeq ($(MULTI),1)
	49	- MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@
	50	+ MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs)))
	51	CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI
	52	endif
	53
	54	dropbearmulti: multilink
	55
	56	multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile
	57	- $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS)
	58	+ $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@
	59
	60	multilink: multibinary $(addprefix link, $(PROGRAMS))
	61
	62	--
	63	1.7.11.7
	64


diff --git a/meta/recipes-core/dropbear/dropbear/0003-configure.patch b/meta/recipes-core/dropbear/dropbear/0003-configure.patch new file mode 100644 index 0000000000..2baf665ae4 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0003-configure.patch
@@ -0,0 +1,40 @@
	1	From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
	3	Date: Thu, 25 Apr 2013 00:27:25 +0200
	4	Subject: [PATCH 3/6] configure
	5
	6	---
	7	configure.ac \| 11 ++++++++---
	8	1 file changed, 8 insertions(+), 3 deletions(-)
	9
	10	diff --git a/configure.ac b/configure.ac
	11	index 05461f3..9c16d90 100644
	12	--- a/configure.ac
	13	+++ b/configure.ac
	14	@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty,
	15	AC_MSG_NOTICE(Not using openpty)
	16	else
	17	AC_MSG_NOTICE(Using openpty if available)
	18	- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
	19	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
	20	fi
	21	],
	22	[
	23	AC_MSG_NOTICE(Using openpty if available)
	24	- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
	25	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
	26	]
	27	)
	28	-
	29	+
	30	+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
	31	+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
	32	+ no_ptc_check=yes
	33	+ no_ptmx_check=yes
	34	+fi
	35
	36	AC_ARG_ENABLE(syslog,
	37	[ --disable-syslog Don't include syslog support],
	38	--
	39	1.7.11.7
	40


diff --git a/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch new file mode 100644 index 0000000000..7539d2034f --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch
@@ -0,0 +1,22 @@
	1	Subject: [PATCH 4/6] fix 2kb keys
	2
	3	Upstream-Status: Inappropriate [configuration]
	4	---
	5	kex.h \| 2 +-
	6	1 file changed, 1 insertion(+), 1 deletion(-)
	7
	8	diff --git a/kex.h b/kex.h
	9	index 72430e9..375c677 100644
	10	--- a/kex.h
	11	+++ b/kex.h
	12	@@ -67,6 +67,6 @@ struct KEXState {
	13	};
	14
	15
	16	-#define MAX_KEXHASHBUF 2000
	17	+#define MAX_KEXHASHBUF 3000
	18
	19	#endif /* _KEX_H_ */
	20	--
	21	1.7.11.7
	22


diff --git a/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch new file mode 100644 index 0000000000..e9307339ce --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
@@ -0,0 +1,31 @@
	1	Subject: [PATCH 5/6] dropbear enable pam
	2
	3	dropbear: We need modify file option.h besides enabling pam in \
	4	configure if we want dropbear to support pam.
	5
	6	Upstream-Status: Pending
	7
	8	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
	9	---
	10	options.h \| 4 ++--
	11	1 file changed, 2 insertions(+), 2 deletions(-)
	12
	13	diff --git a/options.h b/options.h
	14	index 71a21c2..305f789 100644
	15	--- a/options.h
	16	+++ b/options.h
	17	@@ -174,9 +174,9 @@ much traffic. */
	18	* PAM challenge/response.
	19	* You can't enable both PASSWORD and PAM. */
	20
	21	-#define ENABLE_SVR_PASSWORD_AUTH
	22	+//#define ENABLE_SVR_PASSWORD_AUTH
	23	/* PAM requires ./configure --enable-pam */
	24	-//#define ENABLE_SVR_PAM_AUTH
	25	+#define ENABLE_SVR_PAM_AUTH
	26	#define ENABLE_SVR_PUBKEY_AUTH
	27
	28	/* Whether to take public key options in
	29	--
	30	1.7.11.7
	31


diff --git a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch new file mode 100644 index 0000000000..fa4c8d0a67 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
@@ -0,0 +1,22 @@
	1	Subject: [PATCH 6/6] dropbear configuration file
	2
	3	dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
	4	to "/etc/pam.d/dropbear for dropbear when enabling pam supporting"
	5
	6	Upstream-Status: Inappropriate [configuration]
	7
	8	Signed-off-by: Maxin B. John <maxin.john@enea.com>
	9	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
	10	---
	11	diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c
	12	--- dropbear-2013.60-orig/svr-authpam.c 2013-10-16 16:34:53.000000000 +0200
	13	+++ dropbear-2013.60/svr-authpam.c 2013-10-21 17:04:04.969416055 +0200
	14	@@ -211,7 +211,7 @@
	15	userData.passwd = password;
	16
	17	/* Init pam */
	18	- if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
	19	+ if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
	20	dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
	21	rc, pam_strerror(pamHandlep, rc));
	22	goto cleanup;


diff --git a/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch b/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch new file mode 100644 index 0000000000..b4501211c3 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch
@@ -0,0 +1,140 @@
	1	Upstream-Status: Pending
	2
	3	The dropbearkey utility built in x32 abi format, when generating ssh
	4	keys, was getting lost in the infinite loop.
	5
	6	This patch fixes the issue by fixing types of variables and
	7	parameters of functions used in the code, which were getting
	8	undesired size, when compiled with the x32 abi toolchain.
	9
	10	2013/05/23
	11	Received this fix from H J Lu.
	12
	13	Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
	14
	15	# HG changeset patch
	16	# User H.J. Lu <hjl.tools@gmail.com>
	17	# Date 1369344079 25200
	18	# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
	19	# Parent e76614145aea67f66e4a4257685c771efba21aa1
	20	Typdef mp_digit to unsigned long long for MP_64BIT
	21
	22	When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned
	23	long long instead of unsigned long since for x32, unsigned long is
	24	32-bit and unsigned long long is 64-bit and it is safe to use unsigned
	25	long long for 64-bit integer with GCC.
	26
	27	diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h
	28	--- a/libtommath/tommath.h Thu Apr 18 22:57:47 2013 +0800
	29	+++ b/libtommath/tommath.h Thu May 23 14:21:19 2013 -0700
	30	@@ -73,7 +73,7 @@
	31	typedef signed long long long64;
	32	#endif
	33
	34	- typedef unsigned long mp_digit;
	35	+ typedef unsigned long long mp_digit;
	36	typedef unsigned long mp_word __attribute__ ((mode(TI)));
	37
	38	#define DIGIT_BIT 60
	39	# HG changeset patch
	40	# User H.J. Lu <hjl.tools@gmail.com>
	41	# Date 1369344241 25200
	42	# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536
	43	# Parent a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
	44	Cast to mp_digit when updating *rho
	45
	46	There is
	47
	48	int
	49	mp_montgomery_setup (mp_int * n, mp_digit * rho)
	50
	51	We should cast to mp_digit instead of unsigned long when updating
	52	*rho since mp_digit may be unsigned long long and unsigned long long
	53	may be different from unsigned long, like in x32.
	54
	55	diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c
	56	--- a/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:21:19 2013 -0700
	57	+++ b/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:24:01 2013 -0700
	58	@@ -48,7 +48,7 @@
	59	#endif
	60
	61	/* rho = -1/m mod b */
	62	- *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
	63	+ *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
	64
	65	return MP_OKAY;
	66	}
	67	# HG changeset patch
	68	# User H.J. Lu <hjl.tools@gmail.com>
	69	# Date 1369344541 25200
	70	# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a
	71	# Parent c7555a4cb7ded3a88409ba85f4027baa7af5f536
	72	Define LTC_FAST_TYPE to unsigned long long for __x86_64__
	73
	74	We should define LTC_FAST_TYPE to unsigned long long instead of unsigned
	75	long if __x86_64__ to support x32 where unsigned long long is 64-bit
	76	and unsigned long is 32-bit.
	77
	78	diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h
	79	--- a/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:24:01 2013 -0700
	80	+++ b/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:29:01 2013 -0700
	81	@@ -74,7 +74,7 @@
	82	#define ENDIAN_LITTLE
	83	#define ENDIAN_64BITWORD
	84	#define LTC_FAST
	85	- #define LTC_FAST_TYPE unsigned long
	86	+ #define LTC_FAST_TYPE unsigned long long
	87	#endif
	88
	89	/* detect PPC32 */
	90	# HG changeset patch
	91	# User H.J. Lu <hjl.tools@gmail.com>
	92	# Date 1369344730 25200
	93	# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee
	94	# Parent 7c656e7071a6412688b2f30a529a9afac6c7bf5a
	95	Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC
	96
	97	We should use unsigned long long instead of unsigned long as unsigned
	98	64-bit integer for x86-64 GCC to support x32 where unsigned long is
	99	32-bit.
	100
	101	diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h
	102	--- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700
	103	+++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700
	104	@@ -343,7 +343,7 @@
	105	/* 64-bit Rotates */
	106	#if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
	107
	108	-static inline unsigned long ROL64(unsigned long word, int i)
	109	+static inline unsigned long long ROL64(unsigned long long word, int i)
	110	{
	111	asm("rolq %%cl,%0"
	112	:"=r" (word)
	113	@@ -351,7 +351,7 @@
	114	return word;
	115	}
	116
	117	-static inline unsigned long ROR64(unsigned long word, int i)
	118	+static inline unsigned long long ROR64(unsigned long long word, int i)
	119	{
	120	asm("rorq %%cl,%0"
	121	:"=r" (word)
	122	@@ -361,7 +361,7 @@
	123
	124	#ifndef LTC_NO_ROLC
	125
	126	-static inline unsigned long ROL64c(unsigned long word, const int i)
	127	+static inline unsigned long long ROL64c(unsigned long long word, const int i)
	128	{
	129	asm("rolq %2,%0"
	130	:"=r" (word)
	131	@@ -369,7 +369,7 @@
	132	return word;
	133	}
	134
	135	-static inline unsigned long ROR64c(unsigned long word, const int i)
	136	+static inline unsigned long long ROR64c(unsigned long long word, const int i)
	137	{
	138	asm("rorq %2,%0"
	139	:"=r" (word)
	140