Commit Graph

57 Commits

Author SHA1 Message Date
Maxime Hadjinlian
fe823b6374 dropbear: fix missing directory with systemd
The current SysV startup script create a directory which is necessary
for dropbear to correctly work.
This creation is not done with systemd.

Instead of both init creating the directory, we add the creation of this
directory to the INSTALL_TARGET_CMDS to make sure it's present.

[Peter: use make syntax for TARGET_DIR as pointed out by Thomas]
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-05-28 10:01:44 +02:00
Peter Korsgaard
171fb7aa0c dropbear: bump version
Fixes a number of issues. From the changelog:

- Avoid getting stuck in a loop writing huge key files, reported by Bruno
  Thomsen
- Avoid crash on exit due to cleaned up keys before last packets are sent,
  debugged by Ronald Wahl
- Fix a race condition in rekeying where Dropbear would exit if it received a
  still-in-flight packet after initiating rekeying. Reported by Oliver Metz.
  This is a longstanding bug but is triggered more easily since 2013.57
- Ensure that generated RSA keys are always exactly the length
  requested. Previously Dropbear always generated N+16 or N+15 bit keys.
  Thanks to Unit 193
- Fix DROPBEAR_CLI_IMMEDIATE_AUTH mode which saves a network round trip if the
  first public key succeeds. Still not enabled by default, needs more
  compatibility testing with other implementations.
- Fix signal handlers so that errno is saved, thanks to Erik Ahlén for a patch
  and Mark Wickham for independently spotting the same problem.

And at the same time get rid of the TIMEVAL_TO_TIMESPEC as dropbear provides a
fallback implementation if not available (and has done so since 2006).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-02-19 21:46:01 +01:00
Gustavo Zacarias
408743d29d dropbear: bump to version 2013.62
Bump to version 2013.62 with ECC support.
Switch the initscript to on-demand key generation and add systemd unit
file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-04 14:29:11 +01:00
Gustavo Zacarias
a95b9d77d1 dropbear: bump to version 2013.60
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-22 11:30:06 +02:00
Peter Korsgaard
69b37ad7cc dropbear: bump version
Fixes two security issues:

- The Dropbear server could be made to consume large amounts
of memory because decompressed packet sizes weren't checked.
Depending on the OS and hardware this might be a denial of
service.

- Valid users could be identified due to timing variations.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-04 16:54:40 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Gustavo Zacarias
494d5c9665 dropbear: disable standalone mode for nommu
dropbear for nommu targets must disable the standalone (non-inetd) mode
since the platform lacks fork(), fixes:
http://autobuild.buildroot.net/results/ecbdfab10f54bec75c112bbf005bba9ae2b18dc8/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-05-07 16:30:30 +02:00
Gustavo Zacarias
9e5fcda1c5 dropbear: bump to version 2013.58
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-04-22 10:54:43 +02:00
Gustavo Zacarias
af2522c07b dropbear: bump to version 2013.57
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-04-17 21:43:46 +02:00
Gustavo Zacarias
4593438650 dropbear: bump to version 2013.56
Switch ECHOs to SEDs to avoid issues with defines changing after
sysoptions.h was included - and it's cleaner.
Enable hmac-sha2-256 and hmac-sha2-512 support for the full featured.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-03-24 14:30:38 +01:00
Arnout Vandecappelle (Essensium/Mind)
c763412080 dropbear: add license info
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-11-14 22:32:35 +01:00
Arnout Vandecappelle (Essensium/Mind)
e1502ebc0c all packages: rename XXXTARGETS to xxx-package
Also remove the redundant $(call ...).

This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
  xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
               -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
               -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-17 20:23:05 +02:00
Peter Korsgaard
086bdfd378 dropbear: bump version, fixes CVE-2012-0920
From the release notes:

Security: Fix use-after-free bug that could be triggered if command="..."
authorized_keys restrictions are used.  Could allow arbitrary code
execution or bypass of the command="..." restriction to an authenticated
user.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-02-24 14:11:16 +01:00
Gustavo Zacarias
8b56bfe838 dropbear: bump to version 2011.54
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-11-11 21:42:26 +01:00
Will Moore
aeea387d82 dropbear: add options to disable wtmp / lastlog logging
Buildroot does not have wtmp or lastlog support by default so allow dropbear
to be configured to stop using them and hence to stop generating system log
error messages.

[Peter: invert to positive options, and disable by default]
Signed-off-by: Will Moore <will.moore@beraninstruments.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-10-26 11:24:30 +02:00
Thomas Petazzoni
300f9c9c9d package: remove useless arguments from AUTOTARGETS
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.

[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-29 23:12:27 +02:00
Alexander Clouter
a7e78f974e dropbear: disable zlib support when built with small option
Closes #3733

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-05-16 22:41:54 +02:00
Peter Korsgaard
7fec8e8b75 dropbear: link statically if BR2_PREFER_STATIC_LIB
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-05-13 12:04:10 +02:00
Peter Korsgaard
635b6a17dd dropbear: remove shared config.cache workaround
Now that the shared config.cache handling has been removed.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-05-12 21:41:53 +02:00
Gustavo Zacarias
baa8b69303 dropbear: bump to version 0.53.1
Changelog @ http://matt.ucc.asn.au/dropbear/CHANGES

Since some build-time defaults have changed that make dropbear somewhat
bigger we introduce a new option to optimize dropbear for size.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-03-05 15:37:16 +01:00
Peter Korsgaard
36a5ccd023 dropbear: really fix xauth tweak since dbcec2b2
Commit d5576fd2 tried to fix this, but introduced a new typo.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-10-06 09:45:12 +02:00
Peter Korsgaard
d5576fd2f0 dropbear: fix xauth tweak since dbcec2b2
The recent conversion to new-style hooks didn't actually enable the
xauth tweaking. Also rename to FIX_XAUTH as it just tweaks the path,
it doesn't disable anything.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-09-28 09:22:19 +02:00
Thomas Petazzoni
dbcec2b28e dropbear: convert old-style hook and commands to new-style
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-09-12 19:26:49 +02:00
Peter Korsgaard
dd0d0f96d8 dropbear: add option to disable reverse DNS lookups
Add option to disable reverse DNS lookups on client connection, as
connections otherwise stall until DNS times out in configurations without
working reverse DNS.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-09-06 14:37:22 +02:00
Peter Korsgaard
c59d700786 dropbear: override detection of struct sockaddr_storage
Configure misdetects this as no, but the result is not used for anything.
Unfortunately it breaks the build for other packages also checking for
struct sockaddr_storage (like rsync) when using a shared config cache,
so force it to yes.

Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-06-25 23:18:43 +02:00
Will Newton
422ce6536b package: Remove unnecessary dependencies on uclibc.
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.

Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-09-03 20:22:38 +02:00
Marc Gauthier
4088a5294d dropbear: fix initscript install
The -D option to install only works portably when the destination is
a file. Specifying the filename avoids the following build error (at
least on some hosts):

"/usr/bin/install: cannot overwrite directory `/tmp/buildroot/
project_build_foobar/uclibc/root/etc/init.d' with non-directory"

Signed-off-by: Marc Gauthier <marc@tensilica.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-05-28 14:31:20 +02:00
Peter Korsgaard
24991a4784 dropbear: convert to Makefile.autotools.in format
Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>

Closes #179.
2009-03-11 20:32:39 +00:00
Peter Korsgaard
4a7bfd2775 package/: convert to DOWNLOAD helper 2009-01-16 11:42:52 +00:00
Peter Korsgaard
ac1d92c425 package/: get rid of unneeded $(strip ..) 2008-12-08 08:15:27 +00:00
Thiago A. Corrêa
8033ef6fe2 Fix build. Use TARGET_CONFIGURE_OPTS as environment rather than as argument of make to avoid overwriting dropbear's CFLAGS 2008-11-14 11:06:01 +00:00
Peter Korsgaard
0eba4ce2fd dropbear: bump version 2008-11-14 08:47:04 +00:00
Peter Korsgaard
47da7b0618 dropbear: look for xauth in /usr/bin
The xauth package installs into /usr/bin, so look for it there.
2008-06-30 13:35:14 +00:00
Nigel Kukard
65ee2746a4 * Removed dropbear init patch
* Added dropbear init script
* Added more verbose messages about key generation
2008-04-09 07:35:12 +00:00
Peter Korsgaard
e31e0f6817 dropbear: bump version 2008-03-27 15:59:39 +00:00
Peter Korsgaard
dfe689229d buildroot: cleanup <package>-clean targets.
Based on input from Arndt Kritzner & Bernhard Fischer.
2008-03-27 15:42:42 +00:00
Bernhard Reutner-Fischer
14a71561a3 - just use the strip binary to avoid confusing libtool (quotes)
- use $(STRIPCMD) in packages to avoid clashes with $(STRIP)
2007-10-01 16:15:31 +00:00
Bernhard Reutner-Fischer
e67d464bc4 - need to mkdir etc/init.d. Closes #1465 2007-09-19 14:11:28 +00:00
Bernhard Reutner-Fischer
6c6cb06709 - sed -i -e "/;$/s/;$//g" $(egrep ";$" package/* package/*/*.mk toolchain/* toolchain/*/*.mk */Makefile.in -l) 2007-08-21 19:20:18 +00:00
Ulf Samuelsson
e4ead9c13c Remove switches if sstrip is run 2007-08-21 01:53:57 +00:00
Ulf Samuelsson
cdb736cea0 Bump dropbear to 0.50, /dev/urandom is now default 2007-08-11 18:43:58 +00:00
Ulf Samuelsson
e1621a4a2a Use <package>_VERSION in all <package>.mk instead of <package>_VER 2007-07-11 14:06:06 +00:00
Bernhard Reutner-Fischer
74d518dc2a - add endian handling, mmap, memcmp checks to TARGET_CONFIGURE_ARGS
- use TARGET_CONFIGURE_ARGS where appropriate.
2007-06-27 12:01:27 +00:00
Peter Korsgaard
e92ad5bc97 Bump version 2007-04-24 13:42:03 +00:00
Eric Andersen
85d7f6f05f fixup package LDFLAGS handling 2007-03-13 22:59:59 +00:00
Bernhard Reutner-Fischer
2208a62d71 - some more CONFIG_UPDATEs by Haavard Skinnemoen 2007-03-07 14:32:22 +00:00
Eric Andersen
732d94d25f fixup a whole steaming pile of insanity. When packages are configured,
they should be configured with --prefix=/usr and we then need to use
make DESTDIR=$(STAGING_DIR) install to get things installed into the
staging directory.  The current situation for many packages, which use
--prefix=$(STAGING_DIR) results in the staging_dir paths getting compiled
into the binary itself.

This also adds in a pile of libtool fixups.  Between broken pkgconfig,
broken libtool handling, and broken --prefix settings, its a wonder
things have worked as well as they have up till now.
 -Erik
2007-01-14 03:52:21 +00:00
Bernhard Reutner-Fischer
6342c83201 - use $(ZCAT) as configured by the user instead of hardcoded 'zcat' that may not exist; Closes #971
Silly, unchecked sed -i -e "/[^b]zcat/s/zcat/\$\(ZCAT\)/g" $(svngrep "[^b]zcat" * -rl | grep -v Config.in)
2006-10-01 15:17:52 +00:00
Eric Andersen
e8b1af7638 bump version, merely a compile fix for scp 2006-04-11 00:29:56 +00:00
Eric Andersen
986418d19e seems the dropbear folk forgot to make a .bz2 package this release 2006-03-19 17:18:56 +00:00