From 3bddcefdde968020c7b8b6cdf2bb7b7081b9e811 Mon Sep 17 00:00:00 2001 From: Michael 'Mickey' Lauer Date: Tue, 17 Feb 2009 20:29:04 +0100 Subject: dropbear: add latest stable version 0.52; untested, hence DP = -1 --- packages/dropbear/dropbear-0.52/allow-nopw.patch | 40 ++++++++++++++++++++++ packages/dropbear/dropbear-0.52/configure.patch | 27 +++++++++++++++ packages/dropbear/dropbear-0.52/fix-2kb-keys.patch | 12 +++++++ .../dropbear/dropbear-0.52/no-host-lookup.patch | 12 +++++++ .../urandom-xauth-changes-to-options.h.patch | 13 +++++++ 5 files changed, 104 insertions(+) create mode 100644 packages/dropbear/dropbear-0.52/allow-nopw.patch create mode 100644 packages/dropbear/dropbear-0.52/configure.patch create mode 100644 packages/dropbear/dropbear-0.52/fix-2kb-keys.patch create mode 100644 packages/dropbear/dropbear-0.52/no-host-lookup.patch create mode 100644 packages/dropbear/dropbear-0.52/urandom-xauth-changes-to-options.h.patch (limited to 'packages/dropbear/dropbear-0.52') diff --git a/packages/dropbear/dropbear-0.52/allow-nopw.patch b/packages/dropbear/dropbear-0.52/allow-nopw.patch new file mode 100644 index 0000000000..3f3e8b167f --- /dev/null +++ b/packages/dropbear/dropbear-0.52/allow-nopw.patch @@ -0,0 +1,40 @@ +Index: dropbear-0.51/svr-auth.c +=================================================================== +--- dropbear-0.51.orig/svr-auth.c ++++ dropbear-0.51/svr-auth.c +@@ -270,7 +270,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#ifdef DISALLOW_EMPTY_PW + /* check for an empty password */ + if (ses.authstate.pw_passwd[0] == '\0') { + TRACE(("leave checkusername: empty pword")) +@@ -279,7 +279,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#endif + TRACE(("shell is %s", ses.authstate.pw_shell)) + + /* check that the shell is set */ +Index: dropbear-0.51/svr-authpasswd.c +=================================================================== +--- dropbear-0.51.orig/svr-authpasswd.c ++++ dropbear-0.51/svr-authpasswd.c +@@ -64,9 +64,13 @@ void svr_auth_password() { + * since the shadow password may differ to that tested + * in auth.c */ + if (passwdcrypt[0] == '\0') { ++#ifdef DISALLOW_EMPTY_PW + dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); ++#else ++ send_msg_userauth_success(); ++#endif + return; + } + diff --git a/packages/dropbear/dropbear-0.52/configure.patch b/packages/dropbear/dropbear-0.52/configure.patch new file mode 100644 index 0000000000..fa24efc066 --- /dev/null +++ b/packages/dropbear/dropbear-0.52/configure.patch @@ -0,0 +1,27 @@ +Index: dropbear-0.50/configure.in +=================================================================== +--- dropbear-0.50.orig/configure.in ++++ dropbear-0.50/configure.in +@@ -164,14 +164,20 @@ AC_ARG_ENABLE(openpty, + AC_MSG_NOTICE(Not using openpty) + else + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + fi + ], + [ + AC_MSG_NOTICE(Using openpty if available) +- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)]) ++ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes]) + ] + ) ++ ++if test "x$dropbear_cv_func_have_openpty" = "xyes"; then ++ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function) ++ no_ptc_check=yes ++ no_ptmx_check=yes ++fi + + + AC_ARG_ENABLE(syslog, diff --git a/packages/dropbear/dropbear-0.52/fix-2kb-keys.patch b/packages/dropbear/dropbear-0.52/fix-2kb-keys.patch new file mode 100644 index 0000000000..bb7a4d32ac --- /dev/null +++ b/packages/dropbear/dropbear-0.52/fix-2kb-keys.patch @@ -0,0 +1,12 @@ +Index: dropbear-0.50/kex.h +=================================================================== +--- dropbear-0.50.orig/kex.h ++++ dropbear-0.50/kex.h +@@ -59,6 +59,6 @@ struct KEXState { + + }; + +-#define MAX_KEXHASHBUF 2000 ++#define MAX_KEXHASHBUF 3000 + + #endif /* _KEX_H_ */ diff --git a/packages/dropbear/dropbear-0.52/no-host-lookup.patch b/packages/dropbear/dropbear-0.52/no-host-lookup.patch new file mode 100644 index 0000000000..d7c2ccdc62 --- /dev/null +++ b/packages/dropbear/dropbear-0.52/no-host-lookup.patch @@ -0,0 +1,12 @@ +diff -urN dropbear-0.51/options.h dropbear-0.51.new/options.h +--- dropbear-0.51/options.h 2008-03-27 14:34:39.000000000 +0100 ++++ dropbear-0.51.new/options.h 2008-06-22 00:22:09.000000000 +0200 +@@ -112,7 +112,7 @@ + /* #define DSS_PROTOK */ + + /* Whether to do reverse DNS lookups. */ +-#define DO_HOST_LOOKUP ++/* #define DO_HOST_LOOKUP */ + + /* Whether to print the message of the day (MOTD). This doesn't add much code + * size */ diff --git a/packages/dropbear/dropbear-0.52/urandom-xauth-changes-to-options.h.patch b/packages/dropbear/dropbear-0.52/urandom-xauth-changes-to-options.h.patch new file mode 100644 index 0000000000..787b801643 --- /dev/null +++ b/packages/dropbear/dropbear-0.52/urandom-xauth-changes-to-options.h.patch @@ -0,0 +1,13 @@ +Index: dropbear-0.50/options.h +=================================================================== +--- dropbear-0.50.orig/options.h ++++ dropbear-0.50/options.h +@@ -197,7 +197,7 @@ etc) slower (perhaps by 50%). Recommende + /* The command to invoke for xauth when using X11 forwarding. + * "-q" for quiet */ + #ifndef XAUTH_COMMAND +-#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" ++#define XAUTH_COMMAND "xauth -q" + #endif + + /* if you want to enable running an sftp server (such as the one included with -- cgit v1.2.3