diff options
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear')
4 files changed, 33 insertions, 38 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch index 684641dcbd..c74f09e484 100644 --- a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch +++ b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch | |||
@@ -2,14 +2,14 @@ Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h | |||
2 | 2 | ||
3 | Upstream-Status: Inappropriate [configuration] | 3 | Upstream-Status: Inappropriate [configuration] |
4 | --- | 4 | --- |
5 | default_options.h | 2 +- | 5 | src/default_options.h | 2 +- |
6 | 1 file changed, 1 insertion(+), 1 deletion(-) | 6 | 1 file changed, 1 insertion(+), 1 deletion(-) |
7 | 7 | ||
8 | diff --git a/default_options.h b/default_options.h | 8 | diff --git a/src/default_options.h b/src/default_options.h |
9 | index 3b75eb8..1fd8082 100644 | 9 | index 6e970bb..ccc8b47 100644 |
10 | --- a/default_options.h | 10 | --- a/src/default_options.h |
11 | +++ b/default_options.h | 11 | +++ b/src/default_options.h |
12 | @@ -243,7 +243,7 @@ Homedir is prepended unless path begins with / */ | 12 | @@ -311,7 +311,7 @@ group1 in Dropbear server too */ |
13 | 13 | ||
14 | /* The command to invoke for xauth when using X11 forwarding. | 14 | /* The command to invoke for xauth when using X11 forwarding. |
15 | * "-q" for quiet */ | 15 | * "-q" for quiet */ |
@@ -17,7 +17,7 @@ index 3b75eb8..1fd8082 100644 | |||
17 | +#define XAUTH_COMMAND "xauth -q" | 17 | +#define XAUTH_COMMAND "xauth -q" |
18 | 18 | ||
19 | 19 | ||
20 | /* if you want to enable running an sftp server (such as the one included with | 20 | /* If you want to enable running an sftp server (such as the one included with |
21 | -- | 21 | -- |
22 | 1.7.11.7 | 22 | 2.34.1 |
23 | 23 | ||
diff --git a/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch index 857681520c..fe667ddc25 100644 --- a/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch +++ b/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch | |||
@@ -11,14 +11,14 @@ Upstream-Status: Pending | |||
11 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> | 11 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> |
12 | Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> | 12 | Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> |
13 | --- | 13 | --- |
14 | default_options.h | 4 ++-- | 14 | src/default_options.h | 4 ++-- |
15 | 1 file changed, 2 insertions(+), 2 deletions(-) | 15 | 1 file changed, 2 insertions(+), 2 deletions(-) |
16 | 16 | ||
17 | diff --git a/default_options.h b/default_options.h | 17 | diff --git a/src/default_options.h b/src/default_options.h |
18 | index 3b75eb8..8617cd0 100644 | 18 | index 0e3d027..349338c 100644 |
19 | --- a/default_options.h | 19 | --- a/src/default_options.h |
20 | +++ b/default_options.h | 20 | +++ b/src/default_options.h |
21 | @@ -179,7 +179,7 @@ group1 in Dropbear server too */ | 21 | @@ -210,7 +210,7 @@ group1 in Dropbear server too */ |
22 | 22 | ||
23 | /* Authentication Types - at least one required. | 23 | /* Authentication Types - at least one required. |
24 | RFC Draft requires pubkey auth, and recommends password */ | 24 | RFC Draft requires pubkey auth, and recommends password */ |
@@ -27,16 +27,15 @@ index 3b75eb8..8617cd0 100644 | |||
27 | 27 | ||
28 | /* Note: PAM auth is quite simple and only works for PAM modules which just do | 28 | /* Note: PAM auth is quite simple and only works for PAM modules which just do |
29 | * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). | 29 | * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). |
30 | @@ -187,7 +187,7 @@ group1 in Dropbear server too */ | 30 | @@ -218,7 +218,7 @@ group1 in Dropbear server too */ |
31 | * but there's an interface via a PAM module. It won't work for more complex | 31 | * but there's an interface via a PAM module. It won't work for more complex |
32 | * PAM challenge/response. | 32 | * PAM challenge/response. |
33 | * You can't enable both PASSWORD and PAM. */ | 33 | * You can't enable both PASSWORD and PAM. */ |
34 | -#define DROPBEAR_SVR_PAM_AUTH 0 | 34 | -#define DROPBEAR_SVR_PAM_AUTH 0 |
35 | +#define DROPBEAR_SVR_PAM_AUTH 1 | 35 | +#define DROPBEAR_SVR_PAM_AUTH 1 |
36 | 36 | ||
37 | /* ~/.ssh/authorized_keys authentication */ | 37 | /* ~/.ssh/authorized_keys authentication. |
38 | #define DROPBEAR_SVR_PUBKEY_AUTH 1 | 38 | * You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins. */ |
39 | |||
40 | -- | 39 | -- |
41 | 2.1.4 | 40 | 2.25.1 |
42 | 41 | ||
diff --git a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch index deed78ffb9..f54f634a4e 100644 --- a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch +++ b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch | |||
@@ -12,13 +12,13 @@ Signed-off-by: Maxin B. John <maxin.john@enea.com> | |||
12 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> | 12 | Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> |
13 | Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> | 13 | Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> |
14 | --- | 14 | --- |
15 | svr-authpam.c | 2 +- | 15 | src/svr-authpam.c | 2 +- |
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | 16 | 1 file changed, 1 insertion(+), 1 deletion(-) |
17 | 17 | ||
18 | diff --git a/svr-authpam.c b/svr-authpam.c | 18 | diff --git a/srec/svr-authpam.c b/src/svr-authpam.c |
19 | index d201bc9..165ec5c 100644 | 19 | index d201bc9..165ec5c 100644 |
20 | --- a/svr-authpam.c | 20 | --- a/src/svr-authpam.c |
21 | +++ b/svr-authpam.c | 21 | +++ b/src/svr-authpam.c |
22 | @@ -223,7 +223,7 @@ void svr_auth_pam(int valid_user) { | 22 | @@ -223,7 +223,7 @@ void svr_auth_pam(int valid_user) { |
23 | } | 23 | } |
24 | 24 | ||
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch b/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch index b54581f17a..f998caa255 100644 --- a/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch +++ b/meta/recipes-core/dropbear/dropbear/dropbear-disable-weak-ciphers.patch | |||
@@ -9,27 +9,23 @@ and we want to support the stong algorithms. | |||
9 | 9 | ||
10 | Upstream-Status: Inappropriate [configuration] | 10 | Upstream-Status: Inappropriate [configuration] |
11 | Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com> | 11 | Signed-off-by: Joseph Reynolds <joseph.reynolds1@ibm.com> |
12 | |||
13 | --- | 12 | --- |
14 | default_options.h | 4 ++-- | 13 | src/default_options.h | 2 +- |
15 | 1 file changed, 2 insertions(+), 2 deletions(-) | 14 | 1 file changed, 1 insertion(+), 1 deletion(-) |
16 | 15 | ||
17 | diff --git a/default_options.h b/default_options.h | 16 | diff --git a/src/default_options.h b/src/default_options.h |
18 | index 1aa2297..7ff1394 100644 | 17 | index d417588..bc5200f 100644 |
19 | --- a/default_options.h | 18 | --- a/src/default_options.h |
20 | +++ b/default_options.h | 19 | +++ b/src/default_options.h |
21 | @@ -163,12 +163,12 @@ IMPORTANT: Some options will require "make clean" after changes */ | 20 | @@ -180,7 +180,7 @@ IMPORTANT: Some options will require "make clean" after changes */ |
22 | * Small systems should generally include either curve25519 or ecdh for performance. | 21 | * Small systems should generally include either curve25519 or ecdh for performance. |
23 | * curve25519 is less widely supported but is faster | 22 | * curve25519 is less widely supported but is faster |
24 | */ | 23 | */ |
25 | -#define DROPBEAR_DH_GROUP14_SHA1 1 | 24 | -#define DROPBEAR_DH_GROUP14_SHA1 1 |
26 | +#define DROPBEAR_DH_GROUP14_SHA1 0 | 25 | +#define DROPBEAR_DH_GROUP14_SHA1 0 |
27 | #define DROPBEAR_DH_GROUP14_SHA256 1 | 26 | #define DROPBEAR_DH_GROUP14_SHA256 1 |
28 | #define DROPBEAR_DH_GROUP16 0 | 27 | #define DROPBEAR_DH_GROUP16 0 |
29 | #define DROPBEAR_CURVE25519 1 | 28 | #define DROPBEAR_CURVE25519 1 |
30 | #define DROPBEAR_ECDH 1 | 29 | -- |
31 | -#define DROPBEAR_DH_GROUP1 1 | 30 | 2.25.1 |
32 | +#define DROPBEAR_DH_GROUP1 0 | 31 | |
33 | |||
34 | /* When group1 is enabled it will only be allowed by Dropbear client | ||
35 | not as a server, due to concerns over its strength. Set to 0 to allow | ||