From a1099edf32cac9e35b6635f81d356ed20d46a534 Mon Sep 17 00:00:00 2001 From: Konstantin Demin Date: Mon, 25 Mar 2019 21:40:38 +0300 Subject: dropbear: bump to 2019.77 - drop patches applied upstream: * 010-runtime-maxauthtries.patch * 020-Wait-to-fail-invalid-usernames.patch * 150-dbconvert_standalone.patch * 610-skip-default-keys-in-custom-runs.patch - refresh patches - move OpenWrt configuration from patch to Build/Configure recipe, thus drop patch 120-openwrt_options.patch Signed-off-by: Konstantin Demin --- .../dropbear/patches/120-openwrt_options.patch | 82 ---------------------- 1 file changed, 82 deletions(-) delete mode 100644 package/network/services/dropbear/patches/120-openwrt_options.patch (limited to 'package/network/services/dropbear/patches/120-openwrt_options.patch') diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch deleted file mode 100644 index 7f47a74304..0000000000 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ /dev/null @@ -1,82 +0,0 @@ ---- a/options.h -+++ b/options.h -@@ -41,7 +41,7 @@ - * Both of these flags can be defined at once, don't compile without at least - * one of them. */ - #define NON_INETD_MODE --#define INETD_MODE -+/*#define INETD_MODE*/ - - /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is - * perhaps 20% slower for pubkey operations (it is probably worth experimenting -@@ -81,7 +81,7 @@ much traffic. */ - - /* Enable "Netcat mode" option. This will forward standard input/output - * to a remote TCP-forwarded connection */ --#define ENABLE_CLI_NETCAT -+/*#define ENABLE_CLI_NETCAT*/ - - /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ - #define ENABLE_USER_ALGO_LIST -@@ -91,16 +91,16 @@ much traffic. */ - * Including multiple keysize variants the same cipher - * (eg AES256 as well as AES128) will result in a minimal size increase.*/ - #define DROPBEAR_AES128 --#define DROPBEAR_3DES -+/*#define DROPBEAR_3DES*/ - #define DROPBEAR_AES256 - /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ - /*#define DROPBEAR_BLOWFISH*/ --#define DROPBEAR_TWOFISH256 --#define DROPBEAR_TWOFISH128 -+/*#define DROPBEAR_TWOFISH256*/ -+/*#define DROPBEAR_TWOFISH128*/ - - /* Enable CBC mode for ciphers. This has security issues though - * is the most compatible with older SSH implementations */ --#define DROPBEAR_ENABLE_CBC_MODE -+/*#define DROPBEAR_ENABLE_CBC_MODE*/ - - /* Enable "Counter Mode" for ciphers. This is more secure than normal - * CBC mode against certain attacks. It is recommended for security -@@ -131,10 +131,10 @@ If you test it please contact the Dropbe - * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, - * which are not the standard form. */ - #define DROPBEAR_SHA1_HMAC --#define DROPBEAR_SHA1_96_HMAC -+/*#define DROPBEAR_SHA1_96_HMAC*/ - #define DROPBEAR_SHA2_256_HMAC --#define DROPBEAR_SHA2_512_HMAC --#define DROPBEAR_MD5_HMAC -+/*#define DROPBEAR_SHA2_512_HMAC*/ -+/*#define DROPBEAR_MD5_HMAC*/ - - /* You can also disable integrity. Don't bother disabling this if you're - * still using a cipher, it's relatively cheap. If you disable this it's dead -@@ -146,7 +146,7 @@ If you test it please contact the Dropbe - * Removing either of these won't save very much space. - * SSH2 RFC Draft requires dss, recommends rsa */ - #define DROPBEAR_RSA --#define DROPBEAR_DSS -+/*#define DROPBEAR_DSS*/ - /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC - * code (either ECDSA or ECDH) increases binary size - around 30kB - * on x86-64 */ -@@ -194,7 +194,7 @@ If you test it please contact the Dropbe - - /* Whether to print the message of the day (MOTD). This doesn't add much code - * size */ --#define DO_MOTD -+/*#define DO_MOTD*/ - - /* The MOTD file path */ - #ifndef MOTD_FILENAME -@@ -242,7 +242,7 @@ Homedir is prepended unless path begins - * note that it will be provided for all "hidden" client-interactive - * style prompts - if you want something more sophisticated, use - * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ --#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD" -+/*#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"*/ - - /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of - * a helper program for the ssh client. The helper program should be -- cgit v1.2.3