11 files changed, 109 insertions, 164 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch
index 4acc3974d6..71a4666b5c 100644
--- a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch
@@ -1,10 +1,15 @@
+Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h
 Upstream-Status: Inappropriate [configuration]
+---
+ options.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/options.h b/options.h
-index d309ab4..7fbe97b 100644
+index 7d06322..71a21c2 100644
 --- a/options.h
 +++ b/options.h
-@@ -236,7 +236,7 @@ much traffic. */
+@@ -247,7 +247,7 @@ much traffic. */
 /* The command to invoke for xauth when using X11 forwarding.
  * "-q" for quiet */
 #ifndef XAUTH_COMMAND
@@ -13,3 +18,6 @@ index d309ab4..7fbe97b 100644
 #endif
 
 /* if you want to enable running an sftp server (such as the one included with
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch
index d1256161c4..552bee8996 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch
@@ -1,6 +1,6 @@
+Subject: [PATCH 2/6] static_build_fix
 Upstream-Status: Submitted
 dropbear: fix static build
 A more appropriate fix is to remove @CRYPTLIB@ from the objs
@@ -13,12 +13,15 @@ svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt'
 collect2: ld returned 1 exit status
 Signed-off-by: Saul Wold <sgw@linux.intel.com>
+---
+ Makefile.in | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
-Index: dropbear-2011.54/Makefile.in
+diff --git a/Makefile.in b/Makefile.in
-===================================================================
+index 4bdd845..e82e561 100644
--- dropbear-2011.54.orig/Makefile.in   2011-11-08 04:48:15.000000000 -0800
+--- a/Makefile.in
-+++ dropbear-2011.54/Makefile.in        2011-12-27 13:44:41.644354442 -0800
+++ b/Makefile.in
-@@ -56,7 +56,7 @@
+@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
                loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
                listener.h fake-rfc2553.h
 
@@ -27,7 +30,7 @@ Index: dropbear-2011.54/Makefile.in
 dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
 dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
 dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
-@@ -158,7 +158,10 @@
+@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs)
 dropbearkey: $(dropbearkeyobjs)
 dropbearconvert: $(dropbearconvertobjs)
 
@@ -39,7 +42,7 @@ Index: dropbear-2011.54/Makefile.in
        $(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)
 
 # scp doesn't use the libs so is special.
-@@ -169,14 +172,14 @@
+@@ -169,14 +172,14 @@ scp: $(SCPOBJS)  $(HEADERS) Makefile
 # multi-binary compilation.
 MULTIOBJS=
 ifeq ($(MULTI),1)
@@ -56,3 +59,6 @@ Index: dropbear-2011.54/Makefile.in
 
 multilink: multibinary $(addprefix link, $(PROGRAMS))
 
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear-2012.55/configure.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch
index aeb7c0a4ac..2baf665ae4 100644
--- a/meta/recipes-core/dropbear/dropbear-2012.55/configure.patch
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch
@@ -1,10 +1,17 @@
-Upstream-Status: Pending
+From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
+Date: Thu, 25 Apr 2013 00:27:25 +0200
+Subject: [PATCH 3/6] configure
-Index: dropbear-0.49/configure.in
+---
-===================================================================
+ configure.ac | 11 ++++++++---
--- dropbear-0.49.orig/configure.in
+ 1 file changed, 8 insertions(+), 3 deletions(-)
-+++ dropbear-0.49/configure.in
-@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty,
+diff --git a/configure.ac b/configure.ac
+index 05461f3..9c16d90 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty,
                        AC_MSG_NOTICE(Not using openpty)
                else
                        AC_MSG_NOTICE(Using openpty if available)
@@ -18,12 +25,16 @@ Index: dropbear-0.49/configure.in
 +               AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
        ]
 )
+-               
 +
 +if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
 +       AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
 +       no_ptc_check=yes
 +       no_ptmx_check=yes
 +fi
-                
 
 AC_ARG_ENABLE(syslog,
+        [  --disable-syslog        Don't include syslog support],
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch
new file mode 100644
index 0000000000..7539d2034f
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch
@@ -0,0 +1,22 @@
+Subject: [PATCH 4/6] fix 2kb keys
+Upstream-Status: Inappropriate [configuration]
+---
+ kex.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/kex.h b/kex.h
+index 72430e9..375c677 100644
+--- a/kex.h
+++ b/kex.h
+@@ -67,6 +67,6 @@ struct KEXState {
+ };
+ 
+ 
+-#define MAX_KEXHASHBUF 2000
+#define MAX_KEXHASHBUF 3000
+ 
+ #endif /* _KEX_H_ */
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch
index 004d773dc3..e9307339ce 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch
@@ -1,22 +1,31 @@
+Subject: [PATCH 5/6] dropbear enable pam
 dropbear: We need modify file option.h besides enabling pam in \
 configure if we want dropbear to support pam.
 Upstream-Status: Pending
 Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+ options.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
--- a/options.h 2011-07-12 13:27:39.008819183 +0800
+diff --git a/options.h b/options.h
-+++ b/options.h.new     2011-07-12 13:37:37.780819308 +0800
+index 71a21c2..305f789 100644
-@@ -149,9 +149,9 @@
+--- a/options.h
-  * but there's an interface via a PAM module - don't bother using it otherwise.
+++ b/options.h
+@@ -174,9 +174,9 @@ much traffic. */
+  * PAM challenge/response.
  * You can't enable both PASSWORD and PAM. */
 
 -#define ENABLE_SVR_PASSWORD_AUTH
 +//#define ENABLE_SVR_PASSWORD_AUTH
 /* PAM requires ./configure --enable-pam */
-/*#define ENABLE_SVR_PAM_AUTH*/
+-//#define ENABLE_SVR_PAM_AUTH
 +#define ENABLE_SVR_PAM_AUTH
 #define ENABLE_SVR_PUBKEY_AUTH
 
- /* Wether to ake public key options in authorized_keys file into account */
+ /* Whether to take public key options in 
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch
index 5e9455363a..7e38663981 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch
+++ b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch
@@ -1,13 +1,20 @@
+Subject: [PATCH 6/6] dropbear configuration file
 dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
 to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" 
 Upstream-Status: Inappropriate [configuration] 
 Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+---
+ svr-authpam.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/svr-authpam.c     2008-11-11 22:09:03.000000000 +0800
+diff --git a/svr-authpam.c b/svr-authpam.c
-+++ b/svr-authpam.c.new 2011-08-29 09:53:24.000000000 +0800
+index e84f076..e28be7d 100644
-@@ -199,7 +199,7 @@
+--- a/svr-authpam.c
+++ b/svr-authpam.c
+@@ -195,7 +195,7 @@ void svr_auth_pam() {
        userData.passwd = password;
 
        /* Init pam */
@@ -16,3 +23,6 @@ Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
                dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", 
                                rc, pam_strerror(pamHandlep, rc));
                goto cleanup;
+-- 
+1.7.11.7
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 8d94e5bb22..9864ae8186 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -2,7 +2,7 @@ DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation"
 HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
 SECTION = "console/network"
-INC_PR = "r2"
+INC_PR = "r0"
 # some files are from other projects and have others license terms:
 #   public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
@@ -14,17 +14,16 @@ RPROVIDES_${PN} = "ssh sshd"
 DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
-SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
+SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
-                 file://urandom-xauth-changes-to-options.h.patch \
+           file://0001-urandom-xauth-changes-to-options.h.patch \
-                 file://dropbear-0.53.1-static_build_fix.patch \
+           file://0002-static_build_fix.patch \
-                 file://configure.patch \
+           file://0003-configure.patch \
-                 file://fix-2kb-keys.patch \
+           file://0004-fix-2kb-keys.patch \
-                 file://nopw-option.patch \
+           file://init \
-                 file://init \
+           ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
-                 ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
+PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
-PAM_SRC_URI = "file://dropbear-enable-pam.patch \
+               file://0006-dropbear-configuration-file.patch \
-               file://dropbear-configuration-file.patch \
               file://dropbear"
 inherit autotools update-rc.d
diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch
deleted file mode 100644
index 3b919f6759..0000000000
--- a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h
--- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800
-+++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800
-@@ -64,6 +64,6 @@
- 
- };
- 
-#define MAX_KEXHASHBUF 2000
-+#define MAX_KEXHASHBUF 3000
- 
- #endif /* _KEX_H_ */
diff --git a/meta/recipes-core/dropbear/dropbear/nopw-option.patch b/meta/recipes-core/dropbear/dropbear/nopw-option.patch
deleted file mode 100644
index 2ff84d24b3..0000000000
--- a/meta/recipes-core/dropbear/dropbear/nopw-option.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-Allow configuring "allow blank password option" at runtime
-Changes this from a compile-time switch to a command-line option.
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-Upstream-Status: Accepted [expected in next release after 2012.55]
-diff --git a/options.h b/options.h
-index 00f6179..b8d0ccb 100644
--- a/options.h
-+++ b/options.h
-@@ -176,12 +176,6 @@ much traffic. */
- #define ENABLE_SVR_PUBKEY_OPTIONS
- #endif
- 
-/* Define this to allow logging in to accounts that have no password specified.
- * Public key logins are allowed for blank-password accounts regardless of this
- * setting.  PAM is not affected by this setting, it uses the normal pam.d
- * settings ('nullok' option) */
-/* #define ALLOW_BLANK_PASSWORD */
-
- #define ENABLE_CLI_PASSWORD_AUTH
- #define ENABLE_CLI_PUBKEY_AUTH
- #define ENABLE_CLI_INTERACT_AUTH
-diff --git a/runopts.h b/runopts.h
-index 83b5861..126585b 100644
--- a/runopts.h
-+++ b/runopts.h
-@@ -85,6 +85,7 @@ typedef struct svr_runopts {
- 
-        int noauthpass;
-        int norootpass;
-+       int allowblankpass;
- 
- #ifdef ENABLE_SVR_REMOTETCPFWD
-        int noremotetcp;
-diff --git a/svr-authpasswd.c b/svr-authpasswd.c
-index 54b4889..d9b7928 100644
--- a/svr-authpasswd.c
-+++ b/svr-authpasswd.c
-@@ -29,6 +29,7 @@
- #include "buffer.h"
- #include "dbutil.h"
- #include "auth.h"
-+#include "runopts.h"
- 
- #ifdef ENABLE_SVR_PASSWORD_AUTH
- 
-@@ -78,16 +79,17 @@ void svr_auth_password() {
- 
-        /* check for empty password */
-        if (passwdcrypt[0] == '\0') {
-#ifdef ALLOW_BLANK_PASSWORD
-               if (passwordlen == 0) {
-                       success_blank = 1;
-+               if (svr_opts.allowblankpass) {
-+                       if (passwordlen == 0) {
-+                               success_blank = 1;
-+                       }
-+               }
-+               else {
-+                       dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
-+                                       ses.authstate.pw_name);
-+                       send_msg_userauth_failure(0, 1);
-+                       return;
-                }
-#else
-               dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
-                               ses.authstate.pw_name);
-               send_msg_userauth_failure(0, 1);
-               return;
-#endif
-        }
- 
-        if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) {
-diff --git a/svr-runopts.c b/svr-runopts.c
-index c6e3508..b39ffb2 100644
--- a/svr-runopts.c
-+++ b/svr-runopts.c
-@@ -63,6 +63,7 @@ static void printhelp(const char * progname) {
- #if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH)
-                                        "-s             Disable password logins\n"
-                                        "-g             Disable password logins for root\n"
-+                                       "-B             Allow blank password logins\n"
- #endif
- #ifdef ENABLE_SVR_LOCALTCPFWD
-                                        "-j             Disable local port forwarding\n"
-@@ -115,6 +116,7 @@ void svr_getopts(int argc, char ** argv) {
-        svr_opts.norootlogin = 0;
-        svr_opts.noauthpass = 0;
-        svr_opts.norootpass = 0;
-+       svr_opts.allowblankpass = 0;
-        svr_opts.inetdmode = 0;
-        svr_opts.portcount = 0;
-        svr_opts.hostkey = NULL;
-@@ -234,6 +236,9 @@ void svr_getopts(int argc, char ** argv) {
-                                case 'g':
-                                        svr_opts.norootpass = 1;
-                                        break;
-+                               case 'B':
-+                                       svr_opts.allowblankpass = 1;
-+                                       break;
- #endif
-                                case 'h':
-                                        printhelp(argv[0]);
diff --git a/meta/recipes-core/dropbear/dropbear_2012.55.bb b/meta/recipes-core/dropbear/dropbear_2012.55.bb
deleted file mode 100644
index 99163abd00..0000000000
--- a/meta/recipes-core/dropbear/dropbear_2012.55.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require dropbear.inc
-SRC_URI[md5sum] = "44836e5a0419ba12557f9ea46880077e"
-SRC_URI[sha256sum] = "808df243c61bb60f2f18fa64bca628cbba0918b2a14139f10e6d59d4ac5a17ce"
-PR = "${INC_PR}.1"
diff --git a/meta/recipes-core/dropbear/dropbear_2013.58.bb b/meta/recipes-core/dropbear/dropbear_2013.58.bb
new file mode 100644
index 0000000000..99a24a713f
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear_2013.58.bb
@@ -0,0 +1,6 @@
+require dropbear.inc
+SRC_URI[md5sum] = "8d3579bbbfcea48404a3219643076450"
+SRC_URI[sha256sum] = "d866189b1d14e15353aeb4feb616f6132a63ea7c25ca8aa12b63a3a397822e55"
+PR = "${INC_PR}.0"

diff --git a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch index 4acc3974d6..71a4666b5c 100644 --- a/meta/recipes-core/dropbear/dropbear/urandom-xauth-changes-to-options.h.patch +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0001-urandom-xauth-changes-to-options.h.patch
@@ -1,10 +1,15 @@
		1	Subject: [PATCH 1/6] urandom-xauth-changes-to-options.h
		2
1	Upstream-Status: Inappropriate [configuration]	3	Upstream-Status: Inappropriate [configuration]
		4	---
		5	options.h \| 2 +-
		6	1 file changed, 1 insertion(+), 1 deletion(-)
2		7
3	diff --git a/options.h b/options.h	8	diff --git a/options.h b/options.h
4	index d309ab4..7fbe97b 100644	9	index 7d06322..71a21c2 100644
5	--- a/options.h	10	--- a/options.h
6	+++ b/options.h	11	+++ b/options.h
7	@@ -236,7 +236,7 @@ much traffic. */	12	@@ -247,7 +247,7 @@ much traffic. */
8	/* The command to invoke for xauth when using X11 forwarding.	13	/* The command to invoke for xauth when using X11 forwarding.
9	* "-q" for quiet */	14	* "-q" for quiet */
10	#ifndef XAUTH_COMMAND	15	#ifndef XAUTH_COMMAND
@@ -13,3 +18,6 @@ index d309ab4..7fbe97b 100644
13	#endif	18	#endif
14		19
15	/* if you want to enable running an sftp server (such as the one included with	20	/* if you want to enable running an sftp server (such as the one included with
		21	--
		22	1.7.11.7
		23


diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch index d1256161c4..552bee8996 100644 --- a/meta/recipes-core/dropbear/dropbear/dropbear-0.53.1-static_build_fix.patch +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0002-static_build_fix.patch
@@ -1,6 +1,6 @@
		1	Subject: [PATCH 2/6] static_build_fix
1	Upstream-Status: Submitted	2	Upstream-Status: Submitted
2		3
3
4	dropbear: fix static build	4	dropbear: fix static build
5		5
6	A more appropriate fix is to remove @CRYPTLIB@ from the objs	6	A more appropriate fix is to remove @CRYPTLIB@ from the objs
@@ -13,12 +13,15 @@ svr-authpasswd.c:(.text+0xfc): undefined reference to `crypt'
13	collect2: ld returned 1 exit status	13	collect2: ld returned 1 exit status
14		14
15	Signed-off-by: Saul Wold <sgw@linux.intel.com>	15	Signed-off-by: Saul Wold <sgw@linux.intel.com>
		16	---
		17	Makefile.in \| 11 +++++++----
		18	1 file changed, 7 insertions(+), 4 deletions(-)
16		19
17	Index: dropbear-2011.54/Makefile.in	20	diff --git a/Makefile.in b/Makefile.in
18	===================================================================	21	index 4bdd845..e82e561 100644
19	--- dropbear-2011.54.orig/Makefile.in 2011-11-08 04:48:15.000000000 -0800	22	--- a/Makefile.in
20	+++ dropbear-2011.54/Makefile.in 2011-12-27 13:44:41.644354442 -0800	23	+++ b/Makefile.in
21	@@ -56,7 +56,7 @@	24	@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
22	loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \	25	loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
23	listener.h fake-rfc2553.h	26	listener.h fake-rfc2553.h
24		27
@@ -27,7 +30,7 @@ Index: dropbear-2011.54/Makefile.in
27	dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)	30	dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
28	dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)	31	dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
29	dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)	32	dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
30	@@ -158,7 +158,10 @@	33	@@ -158,7 +158,10 @@ dbclient: $(dbclientobjs)
31	dropbearkey: $(dropbearkeyobjs)	34	dropbearkey: $(dropbearkeyobjs)
32	dropbearconvert: $(dropbearconvertobjs)	35	dropbearconvert: $(dropbearconvertobjs)
33		36
@@ -39,7 +42,7 @@ Index: dropbear-2011.54/Makefile.in
39	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)	42	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBS)
40		43
41	# scp doesn't use the libs so is special.	44	# scp doesn't use the libs so is special.
42	@@ -169,14 +172,14 @@	45	@@ -169,14 +172,14 @@ scp: $(SCPOBJS) $(HEADERS) Makefile
43	# multi-binary compilation.	46	# multi-binary compilation.
44	MULTIOBJS=	47	MULTIOBJS=
45	ifeq ($(MULTI),1)	48	ifeq ($(MULTI),1)
@@ -56,3 +59,6 @@ Index: dropbear-2011.54/Makefile.in
56		59
57	multilink: multibinary $(addprefix link, $(PROGRAMS))	60	multilink: multibinary $(addprefix link, $(PROGRAMS))
58		61
		62	--
		63	1.7.11.7
		64


diff --git a/meta/recipes-core/dropbear/dropbear-2012.55/configure.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch index aeb7c0a4ac..2baf665ae4 100644 --- a/meta/recipes-core/dropbear/dropbear-2012.55/configure.patch +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0003-configure.patch
@@ -1,10 +1,17 @@
1	Upstream-Status: Pending	1	From c5f5c5054c1b15539dccf866e2c3faba7ed68456 Mon Sep 17 00:00:00 2001
		2	From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
		3	Date: Thu, 25 Apr 2013 00:27:25 +0200
		4	Subject: [PATCH 3/6] configure
2		5
3	Index: dropbear-0.49/configure.in	6	---
4	===================================================================	7	configure.ac \| 11 ++++++++---
5	--- dropbear-0.49.orig/configure.in	8	1 file changed, 8 insertions(+), 3 deletions(-)
6	+++ dropbear-0.49/configure.in	9
7	@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty,	10	diff --git a/configure.ac b/configure.ac
		11	index 05461f3..9c16d90 100644
		12	--- a/configure.ac
		13	+++ b/configure.ac
		14	@@ -166,15 +166,20 @@ AC_ARG_ENABLE(openpty,
8	AC_MSG_NOTICE(Not using openpty)	15	AC_MSG_NOTICE(Not using openpty)
9	else	16	else
10	AC_MSG_NOTICE(Using openpty if available)	17	AC_MSG_NOTICE(Using openpty if available)
@@ -18,12 +25,16 @@ Index: dropbear-0.49/configure.in
18	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])	25	+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
19	]	26	]
20	)	27	)
		28	-
21	+	29	+
22	+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then	30	+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
23	+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)	31	+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
24	+ no_ptc_check=yes	32	+ no_ptc_check=yes
25	+ no_ptmx_check=yes	33	+ no_ptmx_check=yes
26	+fi	34	+fi
27
28		35
29	AC_ARG_ENABLE(syslog,	36	AC_ARG_ENABLE(syslog,
		37	[ --disable-syslog Don't include syslog support],
		38	--
		39	1.7.11.7
		40


diff --git a/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch new file mode 100644 index 0000000000..7539d2034f --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0004-fix-2kb-keys.patch
@@ -0,0 +1,22 @@
		1	Subject: [PATCH 4/6] fix 2kb keys
		2
		3	Upstream-Status: Inappropriate [configuration]
		4	---
		5	kex.h \| 2 +-
		6	1 file changed, 1 insertion(+), 1 deletion(-)
		7
		8	diff --git a/kex.h b/kex.h
		9	index 72430e9..375c677 100644
		10	--- a/kex.h
		11	+++ b/kex.h
		12	@@ -67,6 +67,6 @@ struct KEXState {
		13	};
		14
		15
		16	-#define MAX_KEXHASHBUF 2000
		17	+#define MAX_KEXHASHBUF 3000
		18
		19	#endif /* _KEX_H_ */
		20	--
		21	1.7.11.7
		22


diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch index 004d773dc3..e9307339ce 100644 --- a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0005-dropbear-enable-pam.patch
@@ -1,22 +1,31 @@
		1	Subject: [PATCH 5/6] dropbear enable pam
		2
1	dropbear: We need modify file option.h besides enabling pam in \	3	dropbear: We need modify file option.h besides enabling pam in \
2	configure if we want dropbear to support pam.	4	configure if we want dropbear to support pam.
3		5
4	Upstream-Status: Pending	6	Upstream-Status: Pending
5		7
6	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>	8	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
		9	---
		10	options.h \| 4 ++--
		11	1 file changed, 2 insertions(+), 2 deletions(-)
7		12
8	--- a/options.h 2011-07-12 13:27:39.008819183 +0800	13	diff --git a/options.h b/options.h
9	+++ b/options.h.new 2011-07-12 13:37:37.780819308 +0800	14	index 71a21c2..305f789 100644
10	@@ -149,9 +149,9 @@	15	--- a/options.h
11	* but there's an interface via a PAM module - don't bother using it otherwise.	16	+++ b/options.h
		17	@@ -174,9 +174,9 @@ much traffic. */
		18	* PAM challenge/response.
12	* You can't enable both PASSWORD and PAM. */	19	* You can't enable both PASSWORD and PAM. */
13		20
14	-#define ENABLE_SVR_PASSWORD_AUTH	21	-#define ENABLE_SVR_PASSWORD_AUTH
15	+//#define ENABLE_SVR_PASSWORD_AUTH	22	+//#define ENABLE_SVR_PASSWORD_AUTH
16	/* PAM requires ./configure --enable-pam */	23	/* PAM requires ./configure --enable-pam */
17	-/#define ENABLE_SVR_PAM_AUTH/	24	-//#define ENABLE_SVR_PAM_AUTH
18	+#define ENABLE_SVR_PAM_AUTH	25	+#define ENABLE_SVR_PAM_AUTH
19	#define ENABLE_SVR_PUBKEY_AUTH	26	#define ENABLE_SVR_PUBKEY_AUTH
20		27
21	/* Wether to ake public key options in authorized_keys file into account */	28	/* Whether to take public key options in
		29	--
		30	1.7.11.7
22		31


diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch index 5e9455363a..7e38663981 100644 --- a/meta/recipes-core/dropbear/dropbear/dropbear-configuration-file.patch +++ b/meta/recipes-core/dropbear/dropbear-2013.58/0006-dropbear-configuration-file.patch
@@ -1,13 +1,20 @@
		1	Subject: [PATCH 6/6] dropbear configuration file
		2
1	dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \	3	dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
2	to "/etc/pam.d/dropbear for dropbear when enabling pam supporting"	4	to "/etc/pam.d/dropbear for dropbear when enabling pam supporting"
3		5
4	Upstream-Status: Inappropriate [configuration]	6	Upstream-Status: Inappropriate [configuration]
5		7
6	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>	8	Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
		9	---
		10	svr-authpam.c \| 2 +-
		11	1 file changed, 1 insertion(+), 1 deletion(-)
7		12
8	--- a/svr-authpam.c 2008-11-11 22:09:03.000000000 +0800	13	diff --git a/svr-authpam.c b/svr-authpam.c
9	+++ b/svr-authpam.c.new 2011-08-29 09:53:24.000000000 +0800	14	index e84f076..e28be7d 100644
10	@@ -199,7 +199,7 @@	15	--- a/svr-authpam.c
		16	+++ b/svr-authpam.c
		17	@@ -195,7 +195,7 @@ void svr_auth_pam() {
11	userData.passwd = password;	18	userData.passwd = password;
12		19
13	/* Init pam */	20	/* Init pam */
@@ -16,3 +23,6 @@ Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
16	dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n",	23	dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n",
17	rc, pam_strerror(pamHandlep, rc));	24	rc, pam_strerror(pamHandlep, rc));
18	goto cleanup;	25	goto cleanup;
		26	--
		27	1.7.11.7
		28


diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index 8d94e5bb22..9864ae8186 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -2,7 +2,7 @@ DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation"
2	HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"	2	HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
3	SECTION = "console/network"	3	SECTION = "console/network"
4		4
5	INC_PR = "r2"	5	INC_PR = "r0"
6		6
7	# some files are from other projects and have others license terms:	7	# some files are from other projects and have others license terms:
8	# public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY	8	# public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
@@ -14,17 +14,16 @@ RPROVIDES_${PN} = "ssh sshd"
14		14
15	DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"	15	DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
16		16
17	SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \	17	SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
18	file://urandom-xauth-changes-to-options.h.patch \	18	file://0001-urandom-xauth-changes-to-options.h.patch \
19	file://dropbear-0.53.1-static_build_fix.patch \	19	file://0002-static_build_fix.patch \
20	file://configure.patch \	20	file://0003-configure.patch \
21	file://fix-2kb-keys.patch \	21	file://0004-fix-2kb-keys.patch \
22	file://nopw-option.patch \	22	file://init \
23	file://init \	23	${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
24	${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "	24
25		25	PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
26	PAM_SRC_URI = "file://dropbear-enable-pam.patch \	26	file://0006-dropbear-configuration-file.patch \
27	file://dropbear-configuration-file.patch \
28	file://dropbear"	27	file://dropbear"
29		28
30	inherit autotools update-rc.d	29	inherit autotools update-rc.d


diff --git a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch b/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch deleted file mode 100644 index 3b919f6759..0000000000 --- a/meta/recipes-core/dropbear/dropbear/fix-2kb-keys.patch +++ /dev/null
@@ -1,13 +0,0 @@
1	Upstream-Status: Inappropriate [configuration]
2
3	diff -Nurd dropbear-0.45/kex.h dropbear-0.45.patched/kex.h
4	--- dropbear-0.45/kex.h 2005-03-06 20:27:02.000000000 -0800
5	+++ dropbear-0.45.patched/kex.h 2005-03-08 15:22:44.064583279 -0800
6	@@ -64,6 +64,6 @@
7
8	};
9
10	-#define MAX_KEXHASHBUF 2000
11	+#define MAX_KEXHASHBUF 3000
12
13	#endif /* _KEX_H_ */


diff --git a/meta/recipes-core/dropbear/dropbear/nopw-option.patch b/meta/recipes-core/dropbear/dropbear/nopw-option.patch deleted file mode 100644 index 2ff84d24b3..0000000000 --- a/meta/recipes-core/dropbear/dropbear/nopw-option.patch +++ /dev/null
@@ -1,106 +0,0 @@
1	Allow configuring "allow blank password option" at runtime
2
3	Changes this from a compile-time switch to a command-line option.
4
5	Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
6
7	Upstream-Status: Accepted [expected in next release after 2012.55]
8
9	diff --git a/options.h b/options.h
10	index 00f6179..b8d0ccb 100644
11	--- a/options.h
12	+++ b/options.h
13	@@ -176,12 +176,6 @@ much traffic. */
14	#define ENABLE_SVR_PUBKEY_OPTIONS
15	#endif
16
17	-/* Define this to allow logging in to accounts that have no password specified.
18	- * Public key logins are allowed for blank-password accounts regardless of this
19	- * setting. PAM is not affected by this setting, it uses the normal pam.d
20	- * settings ('nullok' option) */
21	-/* #define ALLOW_BLANK_PASSWORD */
22	-
23	#define ENABLE_CLI_PASSWORD_AUTH
24	#define ENABLE_CLI_PUBKEY_AUTH
25	#define ENABLE_CLI_INTERACT_AUTH
26	diff --git a/runopts.h b/runopts.h
27	index 83b5861..126585b 100644
28	--- a/runopts.h
29	+++ b/runopts.h
30	@@ -85,6 +85,7 @@ typedef struct svr_runopts {
31
32	int noauthpass;
33	int norootpass;
34	+ int allowblankpass;
35
36	#ifdef ENABLE_SVR_REMOTETCPFWD
37	int noremotetcp;
38	diff --git a/svr-authpasswd.c b/svr-authpasswd.c
39	index 54b4889..d9b7928 100644
40	--- a/svr-authpasswd.c
41	+++ b/svr-authpasswd.c
42	@@ -29,6 +29,7 @@
43	#include "buffer.h"
44	#include "dbutil.h"
45	#include "auth.h"
46	+#include "runopts.h"
47
48	#ifdef ENABLE_SVR_PASSWORD_AUTH
49
50	@@ -78,16 +79,17 @@ void svr_auth_password() {
51
52	/* check for empty password */
53	if (passwdcrypt[0] == '\0') {
54	-#ifdef ALLOW_BLANK_PASSWORD
55	- if (passwordlen == 0) {
56	- success_blank = 1;
57	+ if (svr_opts.allowblankpass) {
58	+ if (passwordlen == 0) {
59	+ success_blank = 1;
60	+ }
61	+ }
62	+ else {
63	+ dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
64	+ ses.authstate.pw_name);
65	+ send_msg_userauth_failure(0, 1);
66	+ return;
67	}
68	-#else
69	- dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
70	- ses.authstate.pw_name);
71	- send_msg_userauth_failure(0, 1);
72	- return;
73	-#endif
74	}
75
76	if (success_blank \|\| strcmp(testcrypt, passwdcrypt) == 0) {
77	diff --git a/svr-runopts.c b/svr-runopts.c
78	index c6e3508..b39ffb2 100644
79	--- a/svr-runopts.c
80	+++ b/svr-runopts.c
81	@@ -63,6 +63,7 @@ static void printhelp(const char * progname) {
82	#if defined(ENABLE_SVR_PASSWORD_AUTH) \|\| defined(ENABLE_SVR_PAM_AUTH)
83	"-s Disable password logins\n"
84	"-g Disable password logins for root\n"
85	+ "-B Allow blank password logins\n"
86	#endif
87	#ifdef ENABLE_SVR_LOCALTCPFWD
88	"-j Disable local port forwarding\n"
89	@@ -115,6 +116,7 @@ void svr_getopts(int argc, char ** argv) {
90	svr_opts.norootlogin = 0;
91	svr_opts.noauthpass = 0;
92	svr_opts.norootpass = 0;
93	+ svr_opts.allowblankpass = 0;
94	svr_opts.inetdmode = 0;
95	svr_opts.portcount = 0;
96	svr_opts.hostkey = NULL;
97	@@ -234,6 +236,9 @@ void svr_getopts(int argc, char ** argv) {
98	case 'g':
99	svr_opts.norootpass = 1;
100	break;
101	+ case 'B':
102	+ svr_opts.allowblankpass = 1;
103	+ break;
104	#endif
105	case 'h':
106	printhelp(argv[0]);


diff --git a/meta/recipes-core/dropbear/dropbear_2012.55.bb b/meta/recipes-core/dropbear/dropbear_2012.55.bb deleted file mode 100644 index 99163abd00..0000000000 --- a/meta/recipes-core/dropbear/dropbear_2012.55.bb +++ /dev/null
@@ -1,7 +0,0 @@
1	require dropbear.inc
2
3	SRC_URI[md5sum] = "44836e5a0419ba12557f9ea46880077e"
4	SRC_URI[sha256sum] = "808df243c61bb60f2f18fa64bca628cbba0918b2a14139f10e6d59d4ac5a17ce"
5
6	PR = "${INC_PR}.1"
7


diff --git a/meta/recipes-core/dropbear/dropbear_2013.58.bb b/meta/recipes-core/dropbear/dropbear_2013.58.bb new file mode 100644 index 0000000000..99a24a713f --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear_2013.58.bb
@@ -0,0 +1,6 @@
		1	require dropbear.inc
		2
		3	SRC_URI[md5sum] = "8d3579bbbfcea48404a3219643076450"
		4	SRC_URI[sha256sum] = "d866189b1d14e15353aeb4feb616f6132a63ea7c25ca8aa12b63a3a397822e55"
		5
		6	PR = "${INC_PR}.0"