8 files changed, 577 insertions, 0 deletions

diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch
new file mode 100644
index 0000000000..71a4666b5c
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch
@@ -0,0 +1,23 @@
+Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h
+
+Upstream-Status: Inappropriate [configuration]
+---
+ options.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/options.h b/options.h
+index 7d06322..71a21c2 100644
+--- a/options.h
++++ b/options.h
+@@ -247,7 +247,7 @@ much traffic. */
+ /* The command to invoke for xauth when using X11 forwarding.
+  * "-q" for quiet */
+ #ifndef XAUTH_COMMAND
+-#define XAUTH_COMMAND "/usr/bin/X11/xauth -q"
++#define XAUTH_COMMAND "xauth -q"
+ #endif
+ 
+ /* if you want to enable running an sftp server (such as the one included with
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch
new file mode 100644
index 0000000000..552bee8996
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch
@@ -0,0 +1,64 @@
+Subject: [PATCH 2/6] static_build_fix
+Upstream-Status: Submitted
+
+dropbear: fix static build
+
+A more appropriate fix is to remove @CRYPTLIB@ from the objs
+line, since it will cause problems with target checking,
+this change also meets the goals of the orignal change which
+was to not link libcrypt to all binaries.
+
+svr-authpasswd.o: In function `svr_auth_password':
+svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt'
+collect2: ld returned 1 exit status
+
+Signed-off-by: Saul Wold <sgw@linux.intel.com>
+---
+ Makefile.in | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 4bdd845..e82e561 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
+                loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
+                listener.h fake-rfc2553.h
+ 
+-dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ 
++dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
+ dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
+ dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
+ dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
+@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs)
+ dropbearkey: $(dropbearkeyobjs)
+ dropbearconvert: $(dropbearconvertobjs)
+ 
+-dropbear dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
++dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
++       $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS) @CRYPTLIB@
++
++dbclient dropbearkey dropbearconvert: $(HEADERS) $(LIBTOM_DEPS) Makefile
+        $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)
+ 
+ # scp doesn't use the libs so is special.
+@@ -169,14 +172,14 @@ scp: $(SCPOBJS)  $(HEADERS) Makefile
+ # multi-binary compilation.
+ MULTIOBJS=
+ ifeq ($(MULTI),1)
+-       MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ 
++       MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs)))
+        CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI
+ endif
+ 
+ dropbearmulti: multilink 
+ 
+ multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile
+-       $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS)
++       $(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS) @CRYPTLIB@
+ 
+ multilink: multibinary $(addprefix link, $(PROGRAMS))
+ 
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch
new file mode 100644
index 0000000000..2baf665ae4
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch
@@ -0,0 +1,40 @@
+From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
+Date: Thu, 25 Apr 2013 00:27:25 +0200
+Subject: [PATCH 3/6] configure
+
+---
+ configure.ac | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 05461f3..9c16d90 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty,
+                        AC_MSG_NOTICE(Not using openpty)
+                else
+                        AC_MSG_NOTICE(Using openpty if available)
+-                       AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
++                       AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+                fi
+        ],
+        [
+                AC_MSG_NOTICE(Using openpty if available)
+-               AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
++               AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
+        ]
+ )
+-               
++
++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
++       AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
++       no_ptc_check=yes
++       no_ptmx_check=yes
++fi
+ 
+ AC_ARG_ENABLE(syslog,
+        [  --disable-syslog        Don't include syslog support],
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch
new file mode 100644
index 0000000000..7539d2034f
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch
@@ -0,0 +1,22 @@
+Subject: [PATCH 4/6] fix 2kb keys
+
+Upstream-Status: Inappropriate [configuration]
+---
+ kex.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kex.h b/kex.h
+index 72430e9..375c677 100644
+--- a/kex.h
++++ b/kex.h
+@@ -67,6 +67,6 @@ struct KEXState {
+ };
+ 
+ 
+-#define MAX_KEXHASHBUF 2000
++#define MAX_KEXHASHBUF 3000
+ 
+ #endif /* _KEX_H_ */
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch
new file mode 100644
index 0000000000..e9307339ce
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch
@@ -0,0 +1,31 @@
+Subject: [PATCH 5/6] dropbear enable pam
+
+dropbear: We need modify file option.h besides enabling pam in \
+configure if we want dropbear to support pam.
+
+Upstream-Status: Pending
+
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+ options.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/options.h b/options.h
+index 71a21c2..305f789 100644
+--- a/options.h
++++ b/options.h
+@@ -174,9 +174,9 @@ much traffic. */
+  * PAM challenge/response.
+  * You can't enable both PASSWORD and PAM. */
+ 
+-#define ENABLE_SVR_PASSWORD_AUTH
++//#define ENABLE_SVR_PASSWORD_AUTH
+ /* PAM requires ./configure --enable-pam */
+-//#define ENABLE_SVR_PAM_AUTH
++#define ENABLE_SVR_PAM_AUTH
+ #define ENABLE_SVR_PUBKEY_AUTH
+ 
+ /* Whether to take public key options in 
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch
new file mode 100644
index 0000000000..7e38663981
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch
@@ -0,0 +1,28 @@
+Subject: [PATCH 6/6] dropbear configuration file
+
+dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
+to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" 
+
+Upstream-Status: Inappropriate [configuration] 
+
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+ svr-authpam.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/svr-authpam.c b/svr-authpam.c
+index e84f076..e28be7d 100644
+--- a/svr-authpam.c
++++ b/svr-authpam.c
+@@ -195,7 +195,7 @@ void svr_auth_pam() {
+        userData.passwd = password;
+ 
+        /* Init pam */
+-       if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
++       if ((rc = pam_start("dropbear", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+                dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", 
+                                rc, pam_strerror(pamHandlep, rc));
+                goto cleanup;
+-- 
+1.7.11.7
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch
new file mode 100644
index 0000000000..b4501211c3
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0007-dropbear-fix-for-x32-abi.patch
@@ -0,0 +1,140 @@
+Upstream-Status: Pending
+
+The dropbearkey utility built in x32 abi format, when generating ssh
+keys, was getting lost in the infinite loop.
+
+This patch fixes the issue by fixing types of variables and
+parameters of functions used in the code, which were getting
+undesired size, when compiled with the x32 abi toolchain.
+
+2013/05/23
+Received this fix from H J Lu.
+
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
+
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344079 25200
+# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
+# Parent  e76614145aea67f66e4a4257685c771efba21aa1
+Typdef mp_digit to unsigned long long for MP_64BIT
+
+When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned
+long long instead of unsigned long since for x32, unsigned long is
+32-bit and unsigned long long is 64-bit and it is safe to use unsigned
+long long for 64-bit integer with GCC.
+
+diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h
+--- a/libtommath/tommath.h      Thu Apr 18 22:57:47 2013 +0800
++++ b/libtommath/tommath.h      Thu May 23 14:21:19 2013 -0700
+@@ -73,7 +73,7 @@
+    typedef signed long long   long64;
+ #endif
+
+-   typedef unsigned long      mp_digit;
++   typedef unsigned long long mp_digit;
+    typedef unsigned long      mp_word __attribute__ ((mode(TI)));
+
+    #define DIGIT_BIT          60
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344241 25200
+# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536
+# Parent  a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
+Cast to mp_digit when updating *rho
+
+There is
+
+int
+mp_montgomery_setup (mp_int * n, mp_digit * rho)
+
+We should cast to mp_digit instead of unsigned long when updating
+*rho since mp_digit may be unsigned long long and unsigned long long
+may be different from unsigned long, like in x32.
+
+diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c
+--- a/libtommath/bn_mp_montgomery_setup.c       Thu May 23 14:21:19 2013 -0700
++++ b/libtommath/bn_mp_montgomery_setup.c       Thu May 23 14:24:01 2013 -0700
+@@ -48,7 +48,7 @@
+ #endif
+
+   /* rho = -1/m mod b */
+-  *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
++  *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
+
+   return MP_OKAY;
+ }
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344541 25200
+# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a
+# Parent  c7555a4cb7ded3a88409ba85f4027baa7af5f536
+Define LTC_FAST_TYPE to unsigned long long for __x86_64__
+
+We should define LTC_FAST_TYPE to unsigned long long instead of unsigned
+long if __x86_64__ to support x32 where unsigned long long is 64-bit
+and unsigned long is 32-bit.
+
+diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h
+--- a/libtomcrypt/src/headers/tomcrypt_cfg.h    Thu May 23 14:24:01 2013 -0700
++++ b/libtomcrypt/src/headers/tomcrypt_cfg.h    Thu May 23 14:29:01 2013 -0700
+@@ -74,7 +74,7 @@
+    #define ENDIAN_LITTLE
+    #define ENDIAN_64BITWORD
+    #define LTC_FAST
+-   #define LTC_FAST_TYPE    unsigned long
++   #define LTC_FAST_TYPE    unsigned long long
+ #endif
+
+ /* detect PPC32 */
+# HG changeset patch
+# User H.J. Lu <hjl.tools@gmail.com>
+# Date 1369344730 25200
+# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee
+# Parent  7c656e7071a6412688b2f30a529a9afac6c7bf5a
+Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC
+
+We should use unsigned long long instead of unsigned long as unsigned
+64-bit integer for x86-64 GCC to support x32 where unsigned long is
+32-bit.
+
+diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h
+--- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700
++++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700
+@@ -343,7 +343,7 @@
+ /* 64-bit Rotates */
+ #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
+
+-static inline unsigned long ROL64(unsigned long word, int i)
++static inline unsigned long long ROL64(unsigned long long word, int i)
+ {
+    asm("rolq %%cl,%0"
+       :"=r" (word)
+@@ -351,7 +351,7 @@
+    return word;
+ }
+
+-static inline unsigned long ROR64(unsigned long word, int i)
++static inline unsigned long long ROR64(unsigned long long word, int i)
+ {
+    asm("rorq %%cl,%0"
+       :"=r" (word)
+@@ -361,7 +361,7 @@
+
+ #ifndef LTC_NO_ROLC
+
+-static inline unsigned long ROL64c(unsigned long word, const int i)
++static inline unsigned long long ROL64c(unsigned long long word, const int i)
+ {
+    asm("rolq %2,%0"
+       :"=r" (word)
+@@ -369,7 +369,7 @@
+    return word;
+ }
+
+-static inline unsigned long ROR64c(unsigned long word, const int i)
++static inline unsigned long long ROR64c(unsigned long long word, const int i)
+ {
+    asm("rorq %2,%0"
+       :"=r" (word)
+
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/build_test.patch b/meta/recipes-core/dropbear/dropbear-2013.58/build_test.patch
new file mode 100644
index 0000000000..6f828cfc51
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/build_test.patch
@@ -0,0 +1,229 @@
+Fix various linkage errors for LibTomCrypt library in order to run tests
+using ANSI-C PRNG algorithm. Also check that XCLOCKS_PER_SEC is larger than 1000000
+so that there may be a valid PRNG (Pseudo Random Number Generator).
+Customize the tests output to be ptest-compliant <result: testname>.
+
+Upstream-Status: Pending
+Signed-off-by: Dorin Gheorghe<dorin.gheorghe@enea.com>
+
+diff -Naur dropbear-2012.55/libtomcrypt/Makefile.in dropbear-2012.55.modified/libtomcrypt/Makefile.in
+--- dropbear-2012.55/libtomcrypt/Makefile.in    2013-04-16 14:20:45.270448945 +0200
++++ dropbear-2012.55.modified/libtomcrypt/Makefile.in   2013-04-16 11:00:06.517614900 +0200
+@@ -19,7 +19,7 @@
+ 
+ # Compilation flags. Note the += does not write over the user's CFLAGS!
+ # The rest of the flags come from the parent Dropbear makefile
+-CFLAGS += -c -I$(srcdir)/src/headers/ -I$(srcdir)/../
++CFLAGS += -c -I$(srcdir)/src/headers/ -I$(srcdir)/../ -I./testprof
+ 
+ # additional warnings (newer GCC 3.4 and higher)
+ ifdef GCC_34
+@@ -175,6 +175,7 @@
+ MULTIS=demos/multi.o
+ TIMINGS=demos/timing.o
+ TESTS=demos/test.o
++YARROW=src/prngs/yarrow.o src/prngs/rng_make_prng.o src/prngs/rng_get_bytes.o
+ 
+ #Files left over from making the crypt.pdf.
+ LEFTOVERS=*.dvi *.log *.aux *.toc *.idx *.ilg *.ind *.out
+@@ -227,8 +228,8 @@
+ timing: library testprof/$(LIBTEST) $(TIMINGS)
+        $(CC) $(LDFLAGS) $(TIMINGS) testprof/$(LIBTEST) $(LIBNAME) $(EXTRALIBS) -o $(TIMING)
+ 
+-test: library testprof/$(LIBTEST) $(TESTS)
+-       $(CC) $(LDFLAGS) $(TESTS) testprof/$(LIBTEST) $(LIBNAME) $(EXTRALIBS) -o $(TEST)
++test: library testprof/$(LIBTEST) $(TESTS) $(YARROW)
++       $(CC) $(LDFLAGS) $(TESTS) $(YARROW) testprof/$(LIBTEST) $(LIBNAME) $(EXTRALIBS) -o $(TEST)
+ 
+ #This rule installs the library and the header files. This must be run
+ #as root in order to have a high enough permission to write to the correct
+diff -Naur dropbear-2012.55/libtomcrypt/demos/test.c dropbear-2012.55.modified/libtomcrypt/demos/test.c
+--- dropbear-2012.55/libtomcrypt/demos/test.c   2012-02-23 14:47:05.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/demos/test.c  2013-04-18 14:30:44.519839797 +0200
+@@ -12,21 +12,21 @@
+ #elif defined(USE_GMP)
+    ltc_mp = gmp_desc;
+ #else
+-   extern ltc_math_descriptor EXT_MATH_LIB;
++   ltc_math_descriptor EXT_MATH_LIB;
+    ltc_mp = EXT_MATH_LIB;
+ #endif
+ 
+    printf("build == \n%s\n", crypt_build_settings);
+-   printf("\nstore_test...."); fflush(stdout); x = store_test();       printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\ncipher_test..."); fflush(stdout); x = cipher_hash_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\nmodes_test...."); fflush(stdout); x = modes_test();       printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\nder_test......"); fflush(stdout); x = der_tests();        printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\nmac_test......"); fflush(stdout); x = mac_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\npkcs_1_test..."); fflush(stdout); x = pkcs_1_test();      printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\nrsa_test......"); fflush(stdout); x = rsa_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\necc_test......"); fflush(stdout); x = ecc_tests();        printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); 
+-   printf("\ndsa_test......"); fflush(stdout); x = dsa_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+-   printf("\nkatja_test...."); fflush(stdout); x = katja_test();       printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = store_test();       printf(x ? "FAIL: " : "PASS: "); printf("store_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = cipher_hash_test(); printf(x ? "FAIL: " : "PASS: "); printf("cipher_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = modes_test();       printf(x ? "FAIL: " : "PASS: "); printf("modes_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = der_tests();        printf(x ? "FAIL: " : "PASS: "); printf("der_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = mac_test();         printf(x ? "FAIL: " : "PASS: "); printf("mac_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = pkcs_1_test();      printf(x ? "FAIL: " : "PASS: "); printf("pkcs_1_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = rsa_test();         printf(x ? "FAIL: " : "PASS: "); printf("rsa_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = ecc_tests();        printf(x ? "FAIL: " : "PASS: "); printf("ecc_test\n"); if (x) exit(EXIT_FAILURE); 
++   fflush(stdout); x = dsa_test();         printf(x ? "FAIL: " : "PASS: "); printf("dsa_test\n"); if (x) exit(EXIT_FAILURE);
++   fflush(stdout); x = katja_test();       printf(x ? "FAIL: " : "PASS: "); printf("katja_test\n"); if (x) exit(EXIT_FAILURE);
+    printf("\n");
+    return EXIT_SUCCESS;
+ }
+diff -Naur dropbear-2012.55/libtomcrypt/src/ciphers/des.c dropbear-2012.55.modified/libtomcrypt/src/ciphers/des.c
+--- dropbear-2012.55/libtomcrypt/src/ciphers/des.c      2012-02-23 14:47:05.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/src/ciphers/des.c     2013-04-16 11:05:46.171309548 +0200
+@@ -20,7 +20,7 @@
+ #define EN0 0 
+ #define DE1 1
+ 
+-#if 0
++#if 1
+ const struct ltc_cipher_descriptor des_desc =
+ {
+     "des",
+@@ -1520,7 +1520,7 @@
+ }
+ #endif
+ 
+-#if 0
++#if 1
+  /**
+     Initialize the DES block cipher
+     @param key The symmetric key you wish to pass
+@@ -1581,7 +1581,7 @@
+     return CRYPT_OK;
+ }
+ 
+-#if 0
++#if 1
+ /**
+   Encrypts a block of text with DES
+   @param pt The input plaintext (8 bytes)
+@@ -1672,7 +1672,7 @@
+     return CRYPT_OK;
+ }
+ 
+-#if 0
++#if 1
+ /**
+   Performs a self-test of the DES block cipher
+   @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
+@@ -1857,7 +1857,7 @@
+  #endif
+ }
+ 
+-#if 0
++#if 1
+ /** Terminate the context 
+    @param skey    The scheduled key
+ */
+@@ -1874,7 +1874,7 @@
+ }
+ 
+ 
+-#if 0
++#if 1
+ /**
+   Gets suitable key size
+   @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
+diff -Naur dropbear-2012.55/libtomcrypt/src/headers/tomcrypt_cipher.h dropbear-2012.55.modified/libtomcrypt/src/headers/tomcrypt_cipher.h
+--- dropbear-2012.55/libtomcrypt/src/headers/tomcrypt_cipher.h  2012-02-23 14:47:05.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/src/headers/tomcrypt_cipher.h 2013-04-16 10:41:21.916943343 +0200
+@@ -187,6 +187,7 @@
+    void   *data;
+ } symmetric_key;
+ 
++#define LTC_ECB_MODE
+ #ifdef LTC_ECB_MODE
+ /** A block cipher ECB structure */
+ typedef struct {
+diff -Naur dropbear-2012.55/libtomcrypt/src/headers/tomcrypt_custom.h dropbear-2012.55.modified/libtomcrypt/src/headers/tomcrypt_custom.h
+--- dropbear-2012.55/libtomcrypt/src/headers/tomcrypt_custom.h  2012-02-23 14:47:05.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/src/headers/tomcrypt_custom.h 2013-04-16 14:02:10.794122645 +0200
+@@ -72,13 +72,15 @@
+ 
+ /* Enable self-test test vector checking */
+ /* Not for dropbear */
+-/*#define LTC_TEST*/
++#define LTC_TEST 
++
++#define YARROW
+ 
+ /* clean the stack of functions which put private information on stack */
+ /* #define LTC_CLEAN_STACK */
+ 
+ /* disable all file related functions */
+-#define LTC_NO_FILE
++//#define LTC_NO_FILE
+ 
+ /* disable all forms of ASM */
+ /* #define LTC_NO_ASM */
+diff -Naur dropbear-2012.55/libtomcrypt/src/misc/crypt/crypt.c dropbear-2012.55.modified/libtomcrypt/src/misc/crypt/crypt.c
+--- dropbear-2012.55/libtomcrypt/src/misc/crypt/crypt.c 2012-02-23 14:47:06.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/src/misc/crypt/crypt.c        2013-04-16 10:46:33.359842595 +0200
+@@ -15,7 +15,6 @@
+   Build strings, Tom St Denis
+ */
+ 
+-/*
+ const char *crypt_build_settings =
+    "LibTomCrypt " SCRYPT " (Tom St Denis, tomstdenis@gmail.com)\n"
+    "LibTomCrypt is public domain software.\n"
+@@ -358,7 +357,7 @@
+     "\n"
+     "\n\n\n"
+     ;
+-       */
++       
+ 
+ 
+ /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt.c,v $ */
+diff -Naur dropbear-2012.55/libtomcrypt/src/prngs/rng_get_bytes.c dropbear-2012.55.modified/libtomcrypt/src/prngs/rng_get_bytes.c
+--- dropbear-2012.55/libtomcrypt/src/prngs/rng_get_bytes.c      2012-02-23 14:47:06.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/src/prngs/rng_get_bytes.c     2013-04-18 14:20:03.974930313 +0200
+@@ -60,7 +60,7 @@
+    clock_t t1;
+    int l, acc, bits, a, b;
+ 
+-   if (XCLOCKS_PER_SEC < 100 || XCLOCKS_PER_SEC > 10000) {
++   if (XCLOCKS_PER_SEC < 100 || XCLOCKS_PER_SEC > 1000000) {
+       return 0;
+    }
+ 
+diff -Naur dropbear-2012.55/libtomcrypt/testprof/cipher_hash_test.c dropbear-2012.55.modified/libtomcrypt/testprof/cipher_hash_test.c
+--- dropbear-2012.55/libtomcrypt/testprof/cipher_hash_test.c    2012-02-23 14:47:06.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/testprof/cipher_hash_test.c   2013-04-16 14:08:22.042234657 +0200
+@@ -11,6 +11,8 @@
+    
+    /* test ciphers */
+    for (x = 0; cipher_descriptor[x].name != NULL; x++) {
++   /* md5 test is failing with segfault */
++   if (!strcmp(cipher_descriptor[x].name, "md5")) break;
+       DO(cipher_descriptor[x].test());
+    }
+    
+diff -Naur dropbear-2012.55/libtomcrypt/testprof/makefile dropbear-2012.55.modified/libtomcrypt/testprof/makefile
+--- dropbear-2012.55/libtomcrypt/testprof/makefile      2012-02-23 14:47:06.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/testprof/makefile     2013-04-16 10:35:21.200110690 +0200
+@@ -1,4 +1,4 @@
+-CFLAGS += -I../src/headers -I./ -Wall -W
++CFLAGS += -I../src/headers -I./ -I./../../ -Wall -W
+ 
+ # ranlib tools
+ ifndef RANLIB
+diff -Naur dropbear-2012.55/libtomcrypt/testprof/modes_test.c dropbear-2012.55.modified/libtomcrypt/testprof/modes_test.c
+--- dropbear-2012.55/libtomcrypt/testprof/modes_test.c  2012-02-23 14:47:06.000000000 +0100
++++ dropbear-2012.55.modified/libtomcrypt/testprof/modes_test.c 2013-04-16 10:50:53.820882559 +0200
+@@ -1,6 +1,8 @@
+ /* test CFB/OFB/CBC modes */
+ #include <tomcrypt_test.h>
+ 
++extern unsigned long yarrow_read(unsigned char *out, unsigned long outlen, prng_state *prng);
++
+ int modes_test(void)
+ {
+    unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];