Changeset 40297


Ignore:
Timestamp:
2014-03-29T17:59:26+01:00 (4 years ago)
Author:
nbd
Message:

dropbear: update to 2014.63

Upstream changelog:
https://matt.ucc.asn.au/dropbear/CHANGES

This adds elliptic curve cryptography (ECC) support as an option, disabled
by default.

dropbear mips 34kc uClibc binary size:
before: 161,672 bytes
after, without ECC (default): 164,968
after, with ECC: 198,008

Signed-off-by: Catalin Patulea <cat@…>

Location:
trunk/package/network/services/dropbear
Files:
1 added
1 deleted
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/package/network/services/dropbear/Makefile

    r38413 r40297  
    99 
    1010PKG_NAME:=dropbear 
    11 PKG_VERSION:=2013.59 
     11PKG_VERSION:=2014.63 
    1212PKG_RELEASE:=1 
    1313 
     
    1616        http://matt.ucc.asn.au/dropbear/releases/ \ 
    1717        https://dropbear.nl/mirror/releases/ 
    18 PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 
     18PKG_MD5SUM:=7066bb9a2da708f3ed06314fdc9c47fd 
    1919 
    2020PKG_LICENSE:=MIT 
     
    2323PKG_BUILD_PARALLEL:=1 
    2424 
     25PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC 
     26 
    2527include $(INCLUDE_DIR)/package.mk 
    2628 
    2729define Package/dropbear/Default 
    2830  URL:=http://matt.ucc.asn.au/dropbear/ 
     31endef 
     32 
     33define Package/dropbear/config 
     34        source "$(SOURCE)/Config.in" 
    2935endef 
    3036 
     
    7379TARGET_LDFLAGS += -Wl,--gc-sections 
    7480 
     81define Build/Prepare 
     82        $(call Build/Prepare/Default) 
     83        # Enforce that all replacements are made, otherwise options.h has changed 
     84        # format and this logic is broken. 
     85        for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ 
     86          awk 'BEGIN { rc = 1 } \ 
     87               /'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \ 
     88               { print } \ 
     89               END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \ 
     90               >$(PKG_BUILD_DIR)/options.h.new && \ 
     91          mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || exit 1; \ 
     92        done 
     93endef 
     94 
    7595define Build/Compile 
    7696        +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ 
  • trunk/package/network/services/dropbear/patches/100-pubkey_path.patch

    r20460 r40297  
    11--- a/svr-authpubkey.c 
    22+++ b/svr-authpubkey.c 
    3 @@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al 
     3@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al 
    44                goto out; 
    55        } 
     
    3434                goto out; 
    3535        } 
    36 @@ -372,26 +376,35 @@ static int checkpubkeyperms() { 
     36@@ -371,26 +375,35 @@ static int checkpubkeyperms() { 
    3737                goto out; 
    3838        } 
  • trunk/package/network/services/dropbear/patches/120-openwrt_options.patch

    r38356 r40297  
    11--- a/options.h 
    22+++ b/options.h 
    3 @@ -38,7 +38,7 @@ 
     3@@ -41,7 +41,7 @@ 
    44  * Both of these flags can be defined at once, don't compile without at least 
    55  * one of them. */ 
     
    1010 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is 
    1111  * perhaps 20% slower for pubkey operations (it is probably worth experimenting 
    12 @@ -49,7 +49,7 @@ 
    13  several kB in binary size however will make the symmetrical ciphers and hashes 
    14  slower, perhaps by 50%. Recommended for small systems that aren't doing 
    15  much traffic. */ 
    16 -/*#define DROPBEAR_SMALL_CODE*/ 
    17 +#define DROPBEAR_SMALL_CODE 
    18   
    19  /* Enable X11 Forwarding - server only */ 
    20  #define ENABLE_X11FWD 
    21 @@ -78,7 +78,7 @@ much traffic. */ 
     12@@ -81,7 +81,7 @@ much traffic. */ 
    2213  
    2314 /* Enable "Netcat mode" option. This will forward standard input/output 
     
    2819 /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ 
    2920 #define ENABLE_USER_ALGO_LIST 
    30 @@ -92,8 +92,8 @@ much traffic. */ 
     21@@ -95,8 +95,8 @@ much traffic. */ 
    3122 #define DROPBEAR_AES256 
    3223 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ 
     
    3930 /* Enable "Counter Mode" for ciphers. This is more secure than normal 
    4031  * CBC mode against certain attacks. This adds around 1kB to binary  
    41 @@ -119,7 +119,7 @@ much traffic. */ 
     32@@ -122,7 +122,7 @@ much traffic. */ 
    4233  * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, 
    4334  * which are not the standard form. */ 
     
    4839 /*#define DROPBEAR_SHA2_512_HMAC*/ 
    4940 #define DROPBEAR_MD5_HMAC 
    50 @@ -157,7 +157,7 @@ much traffic. */ 
     41@@ -175,7 +175,7 @@ much traffic. */ 
    5142  
    5243 /* Whether to print the message of the day (MOTD). This doesn't add much code 
     
    5748 /* The MOTD file path */ 
    5849 #ifndef MOTD_FILENAME 
    59 @@ -195,7 +195,7 @@ much traffic. */ 
     50@@ -213,7 +213,7 @@ much traffic. */ 
    6051  * note that it will be provided for all "hidden" client-interactive 
    6152  * style prompts - if you want something more sophisticated, use  
  • trunk/package/network/services/dropbear/patches/150-dbconvert_standalone.patch

    r20460 r40297  
    1010+#endif 
    1111+ 
    12  /****************************************************************** 
    13   * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif" 
    14   * parts are to allow for commandline -DDROPBEAR_XXX options etc. 
     12 /* Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif" 
     13  * parts are to allow for commandline -DDROPBEAR_XXX options etc. */ 
     14  
  • trunk/package/network/services/dropbear/patches/500-set-default-path.patch

    r38356 r40297  
    11--- a/options.h 
    22+++ b/options.h 
    3 @@ -301,7 +301,7 @@ be overridden at runtime with -I. 0 disa 
     3@@ -318,7 +318,7 @@ be overridden at runtime with -I. 0 disa 
    44 #define DEFAULT_IDLE_TIMEOUT 0 
    55  
Note: See TracChangeset for help on using the changeset viewer.