diff options
author | Michael Lauer <mickey@vanille-media.de> | 2008-03-05 17:12:38 +0000 |
---|---|---|
committer | Michael Lauer <mickey@vanille-media.de> | 2008-03-05 17:12:38 +0000 |
commit | 64197d831371bd8450d65a9349be5ab55f366f59 (patch) | |
tree | 10da615da5ef2a2ccf2cefe5883d2c6de738fa1f | |
parent | b63eeefdc195007d494f73316fb205857161c1db (diff) | |
parent | a516a5a18205b21b4daddeb5374da8836c2f296c (diff) |
merge of '05ad3485b42ecb00f88755641322f85ba7842784'
and 'db7e324079b29569e9e6a52a22576a281140b12a'
-rw-r--r-- | packages/dropbear/dropbear-0.50/.mtn2git_empty | 0 | ||||
-rw-r--r-- | packages/dropbear/dropbear-0.50/configure.patch | 27 | ||||
-rw-r--r-- | packages/dropbear/dropbear-0.50/fix-2kb-keys.patch | 12 | ||||
-rw-r--r-- | packages/dropbear/dropbear-0.50/urandom-xauth-changes-to-options.h.patch | 13 | ||||
-rw-r--r-- | packages/dropbear/dropbear/chansession-security-fix.patch | 74 | ||||
-rw-r--r-- | packages/dropbear/dropbear_0.45.bb | 5 | ||||
-rw-r--r-- | packages/dropbear/dropbear_0.46.bb | 5 | ||||
-rw-r--r-- | packages/dropbear/dropbear_0.47.bb | 3 | ||||
-rw-r--r-- | packages/dropbear/dropbear_0.48.1.bb | 1 | ||||
-rw-r--r-- | packages/dropbear/dropbear_0.50.bb | 6 | ||||
-rw-r--r-- | packages/opkg/opkg_svn.bb | 13 |
11 files changed, 62 insertions, 97 deletions
diff --git a/packages/dropbear/dropbear-0.50/.mtn2git_empty b/packages/dropbear/dropbear-0.50/.mtn2git_empty new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/packages/dropbear/dropbear-0.50/.mtn2git_empty diff --git a/packages/dropbear/dropbear-0.50/configure.patch b/packages/dropbear/dropbear-0.50/configure.patch new file mode 100644 index 0000000000..fa24efc066 --- /dev/null +++ b/packages/dropbear/dropbear-0.50/configure.patch @@ -0,0 +1,27 @@ +Index: dropbear-0.50/configure.in +=================================================================== +--- dropbear-0.50.orig/configure.in ++++ dropbear-0.50/configure.in +@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, + AC_MSG_NOTICE(Not using openpty) + else + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + fi + ], + [ + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + ] + ) ++ ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) ++ no_ptc_check=yes ++ no_ptmx_check=yes ++fi + + + AC_ARG_ENABLE(syslog, diff --git a/packages/dropbear/dropbear-0.50/fix-2kb-keys.patch b/packages/dropbear/dropbear-0.50/fix-2kb-keys.patch new file mode 100644 index 0000000000..bb7a4d32ac --- /dev/null +++ b/packages/dropbear/dropbear-0.50/fix-2kb-keys.patch @@ -0,0 +1,12 @@ +Index: dropbear-0.50/kex.h +=================================================================== +--- dropbear-0.50.orig/kex.h ++++ dropbear-0.50/kex.h +@@ -59,6 +59,6 @@ struct KEXState { + + }; + +-#define MAX_KEXHASHBUF 2000 ++#define MAX_KEXHASHBUF 3000 + + #endif /* _KEX_H_ */ diff --git a/packages/dropbear/dropbear-0.50/urandom-xauth-changes-to-options.h.patch b/packages/dropbear/dropbear-0.50/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..787b801643 --- /dev/null +++ b/packages/dropbear/dropbear-0.50/urandom-xauth-changes-to-options.h.patch @@ -0,0 +1,13 @@ +Index: dropbear-0.50/options.h +=================================================================== +--- dropbear-0.50.orig/options.h ++++ dropbear-0.50/options.h +@@ -197,7 +197,7 @@ etc) slower (perhaps by 50%). Recommende + /* The command to invoke for xauth when using X11 forwarding. + * "-q" for quiet */ + #ifndef XAUTH_COMMAND +-#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" ++#define XAUTH_COMMAND "xauth -q" + #endif + + /* if you want to enable running an sftp server (such as the one included with diff --git a/packages/dropbear/dropbear/chansession-security-fix.patch b/packages/dropbear/dropbear/chansession-security-fix.patch deleted file mode 100644 index bc4c461fee..0000000000 --- a/packages/dropbear/dropbear/chansession-security-fix.patch +++ /dev/null @@ -1,74 +0,0 @@ -Date: Sun, 11 Dec 2005 23:30:02 +0800 -From: Matt Johnston <matt@ucc.asn.au> -To: dropbear@ucc.gu.uwa.edu.au -Subject: Dropbear 0.47 (and security fix) -Message-ID: <20051211153002.GH28839@ucc.gu.uwa.edu.au> - -Hi all. - -I've put up a new release 0.47 of Dropbear, which has -various fixes and new features - see the change summary -below. -http://matt.ucc.asn.au/dropbear/dropbear.html is the -url as usual or directly at -http://matt.ucc.asn.au/dropbear/dropbear-0.47.tar.bz2 - -This release also fixes a potential security issue, which -may allow authenticated users to run arbitrary code as the -server user. I'm unsure exactly how likely it is to be -exploitable, but anyone who's running a multi-user server is -advised to upgrade. For older releases, the patch is: -(against chanesssion.c for 0.43 and earlier). - ---- dropbear/svr-chansession.c -+++ dropbear/svr-chansession.c -@@ -810,7 +810,7 @@ - /* need to increase size */ - if (i == svr_ses.childpidsize) { - svr_ses.childpids = (struct ChildPid*)m_realloc(svr_ses.childpids, -- sizeof(struct ChildPid) * svr_ses.childpidsize+1); -+ sizeof(struct ChildPid) * (svr_ses.childpidsize+1)); - svr_ses.childpidsize++; - } - - -Matt - - -0.47 - Thurs Dec 8 2005 - -- SECURITY: fix for buffer allocation error in server code, could potentially - allow authenticated users to gain elevated privileges. All multi-user systems - running the server should upgrade (or apply the patch available on the - Dropbear webpage). - -- Fix channel handling code so that redirecting to /dev/null doesn't use - 100% CPU. - -- Turn on zlib compression for dbclient. - -- Set "low delay" TOS bit, can significantly improve interactivity - over some links. - -- Added client keyboard-interactive mode support, allows operation with - newer OpenSSH servers in default config. - -- Log when pubkey auth fails because of bad ~/.ssh/authorized_keys permissions - -- Improve logging of assertions - -- Added aes-256 cipher and sha1-96 hmac. - -- Fix twofish so that it actually works. - -- Improve PAM prompt comparison. - -- Added -g (dbclient) and -a (dropbear server) options to allow - connections to listening forwarded ports from remote machines. - -- Various other minor fixes - -- Compile fixes for glibc 2.1 (ss_family vs __ss_family) and NetBSD - (netinet/in_systm.h needs to be included). - - diff --git a/packages/dropbear/dropbear_0.45.bb b/packages/dropbear/dropbear_0.45.bb deleted file mode 100644 index 68c6e87e75..0000000000 --- a/packages/dropbear/dropbear_0.45.bb +++ /dev/null @@ -1,5 +0,0 @@ -require dropbear.inc - -PR = "r4" - -SRC_URI += "file://chansession-security-fix.patch;patch=1 " diff --git a/packages/dropbear/dropbear_0.46.bb b/packages/dropbear/dropbear_0.46.bb deleted file mode 100644 index d34787fa64..0000000000 --- a/packages/dropbear/dropbear_0.46.bb +++ /dev/null @@ -1,5 +0,0 @@ -require dropbear.inc - -PR = "r6" - -SRC_URI += "file://chansession-security-fix.patch;patch=1 " diff --git a/packages/dropbear/dropbear_0.47.bb b/packages/dropbear/dropbear_0.47.bb deleted file mode 100644 index b8467e1e7c..0000000000 --- a/packages/dropbear/dropbear_0.47.bb +++ /dev/null @@ -1,3 +0,0 @@ -require dropbear.inc - -PR = "r2" diff --git a/packages/dropbear/dropbear_0.48.1.bb b/packages/dropbear/dropbear_0.48.1.bb deleted file mode 100644 index f98c0ac8f6..0000000000 --- a/packages/dropbear/dropbear_0.48.1.bb +++ /dev/null @@ -1 +0,0 @@ -require dropbear.inc diff --git a/packages/dropbear/dropbear_0.50.bb b/packages/dropbear/dropbear_0.50.bb new file mode 100644 index 0000000000..21d46ef59c --- /dev/null +++ b/packages/dropbear/dropbear_0.50.bb @@ -0,0 +1,6 @@ +PR = "r0" + +require dropbear.inc + +# testing +DEFAULT_PREFERENCE = "-1" diff --git a/packages/opkg/opkg_svn.bb b/packages/opkg/opkg_svn.bb index 51c83f8968..149f3050cf 100644 --- a/packages/opkg/opkg_svn.bb +++ b/packages/opkg/opkg_svn.bb @@ -1,26 +1,21 @@ DESCRIPTION = "Open Package Manager" -DESCRIPTION_libipkg = "Open Package Manager Library" +DESCRIPTION_libopkg = "Open Package Manager Library" SECTION = "base" LICENSE = "GPL" DEPENDS = "curl gpgme" PV = "0.0+svnr${SRCREV}" -SRC_URI = "svn://svn.openmoko.org/trunk/src/target/;module=opkg;proto=http" +PR = "r1" +SRC_URI = "svn://svn.openmoko.org/trunk/src/target/;module=opkg;proto=http" S = "${WORKDIR}/opkg" inherit autotools pkgconfig do_stage() { - oe_libinstall -so libopkg ${STAGING_LIBDIR} - install -d ${STAGING_INCDIR}/libopkg/ - for f in *.h - do - install -m 0644 $f ${STAGING_INCDIR}/libopkg/ - done + autotools_stage_all } PACKAGES =+ "libopkg-dev libopkg" FILES_libopkg-dev = "${libdir}/*.a ${libdir}/*.la ${libdir}/*.so" FILES_libopkg = "${libdir}/*.so.*" - |