[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Francois Perrad]

with this new version:
  - "configure --enable-static" should now be used instead of
    "make STATIC=1"
  - any customised options should be put in localoptions.h

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
---
 package/dropbear/dropbear.hash |  2 +-
 package/dropbear/dropbear.mk   | 31 ++++++++++++++-----------------
 2 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
index 98776e717..ef2011d90 100644
--- a/package/dropbear/dropbear.hash
+++ b/package/dropbear/dropbear.hash
@@ -1,2 +1,2 @@
 # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
-sha256 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c dropbear-2017.75.tar.bz2
+sha256 f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 dropbear-2018.76.tar.bz2
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index 01a1a07b7..25859a382 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DROPBEAR_VERSION = 2017.75
+DROPBEAR_VERSION = 2018.76
 DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
 DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
 DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause
@@ -12,6 +12,8 @@ DROPBEAR_LICENSE_FILES = LICENSE
 DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp
 DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS)
 
+DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH
+
 ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y)
 # Build dbclient, and create a convenience symlink named ssh
 DROPBEAR_PROGRAMS += dbclient
@@ -23,32 +25,28 @@ DROPBEAR_MAKE = \
 	PROGRAMS="$(DROPBEAR_PROGRAMS)"
 
 ifeq ($(BR2_STATIC_LIBS),y)
-DROPBEAR_MAKE += STATIC=1
+DROPBEAR_CONF_OPTS += --enable-static
 endif
 
-define DROPBEAR_FIX_XAUTH
-	$(SED) 's,^#define XAUTH_COMMAND.*/xauth,#define XAUTH_COMMAND "/usr/bin/xauth,g' $(@D)/options.h
+define DROPBEAR_SVR_PASSWORD_AUTH
+	echo '#if !HAVE_CRYPT'                          >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
+	echo '#endif'                                   >> $(@D)/localoptions.h
 endef
 
-DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_FIX_XAUTH
-
 define DROPBEAR_ENABLE_REVERSE_DNS
-	$(SED) 's:.*\(#define DO_HOST_LOOKUP\).*:\1:' $(@D)/options.h
-endef
-
-define DROPBEAR_BUILD_SMALL
-	$(SED) 's:.*\(#define NO_FAST_EXPTMOD\).*:\1:' $(@D)/options.h
+	echo '#define DO_HOST_LOOKUP 1'                 >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_BUILD_FEATURED
-	$(SED) 's:^#define DROPBEAR_SMALL_CODE::' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_BLOWFISH\).*:\1:' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_TWOFISH128\).*:\1:' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_TWOFISH256\).*:\1:' $(@D)/options.h
+	echo '#define DROPBEAR_SMALL_CODE 0'            >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_BLOWFISH 1'              >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_TWOFISH128 1'            >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_TWOFISH256 1'            >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_DISABLE_STANDALONE
-	$(SED) 's:\(#define NON_INETD_MODE\):/*\1 */:' $(@D)/options.h
+	echo '#define NON_INETD_MODE 0'                 >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_INSTALL_INIT_SYSTEMD
@@ -73,7 +71,6 @@ DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
 endif
 
 ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
-DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_SMALL
 DROPBEAR_CONF_OPTS += --disable-zlib
 else
 DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED
-- 
2.11.0

[Buildroot] [V4 2/2] dropbear: unbundle libtomath & libtomcrypt

[Francois Perrad]

DROPBEAR_SMALL_CODE could be only honored with bundled libtomcrypt

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
---
 package/dropbear/Config.in   | 1 +
 package/dropbear/dropbear.mk | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index 670077816..5d6b83b6d 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -1,6 +1,7 @@
 config BR2_PACKAGE_DROPBEAR
 	bool "dropbear"
 	select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
+	select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
 	help
 	  A small SSH 2 server designed for small memory environments.
 
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index 25859a382..fa6ee8bd0 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -71,10 +71,11 @@ DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
 endif
 
 ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
-DROPBEAR_CONF_OPTS += --disable-zlib
+DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
 else
 DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED
-DROPBEAR_DEPENDENCIES += zlib
+DROPBEAR_DEPENDENCIES += zlib libtomcrypt
+DROPBEAR_CONF_OPTS += --disable-bundled-libtom
 endif
 
 ifneq ($(BR2_PACKAGE_DROPBEAR_WTMP),y)
-- 
2.11.0

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Thomas Petazzoni]

Hello,

On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:

> +define DROPBEAR_SVR_PASSWORD_AUTH
> +	echo '#if !HAVE_CRYPT'                          >> $(@D)/localoptions.h
> +	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
> +	echo '#endif'                                   >> $(@D)/localoptions.h
>  endef

Since this is really a bug in dropbear, shouldn't this be handled by a
patch, which gets submitted upstream ?

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[François Perrad]

2018-03-28 13:51 GMT+02:00 Thomas Petazzoni <thomas.petazzoni@bootlin.com>:

> Hello,
>
> On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
>
> > +define DROPBEAR_SVR_PASSWORD_AUTH
> > +     echo '#if !HAVE_CRYPT'                          >>
> $(@D)/localoptions.h
> > +     echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >>
> $(@D)/localoptions.h
> > +     echo '#endif'                                   >>
> $(@D)/localoptions.h
> >  endef
>
> Since this is really a bug in dropbear, shouldn't this be handled by a
> patch, which gets submitted upstream ?
>
>
The average Dropbear user puts only #define in localoptions.h
BR supports various toolchains with many differences, so we need some logic
in localoptions.h
There is no upstream bug.

Fran?ois


> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
> Embedded Linux and Kernel engineering
> https://bootlin.com
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20180328/dc0e6c71/attachment.html>

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Thomas Petazzoni]

Hello,

On Wed, 28 Mar 2018 16:41:03 +0200, Fran?ois Perrad wrote:

> > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
> >  
> > > +define DROPBEAR_SVR_PASSWORD_AUTH
> > > +     echo '#if !HAVE_CRYPT'                          >>  
> > $(@D)/localoptions.h  
> > > +     echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >>  
> > $(@D)/localoptions.h  
> > > +     echo '#endif'                                   >>  
> > $(@D)/localoptions.h  
> > >  endef  
> >
> > Since this is really a bug in dropbear, shouldn't this be handled by a
> > patch, which gets submitted upstream ?
> >
> >  
> The average Dropbear user puts only #define in localoptions.h
> BR supports various toolchains with many differences, so we need some logic
> in localoptions.h
> There is no upstream bug.

I think there's an upstream bug if the configure script detects the
presence/absence of crypt(), but then doesn't use this information to
disable features that require crypt() when it's not available.

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Thomas Petazzoni]

Hello,

On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
> with this new version:
>   - "configure --enable-static" should now be used instead of
>     "make STATIC=1"
>   - any customised options should be put in localoptions.h
> 
> Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
> ---
>  package/dropbear/dropbear.hash |  2 +-
>  package/dropbear/dropbear.mk   | 31 ++++++++++++++-----------------
>  2 files changed, 15 insertions(+), 18 deletions(-)

I've applied to master, after doing some minor changes:

 - DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH was moved
   closer to where DROPBEAR_SVR_PASSWORD_AUTH is defined

 - A comment was added on top of DROPBEAR_SVR_PASSWORD_AUTH to explain
   why we're doing this.

In addition, after applying/pushing your commit, I had a build failure
with non-SSP toolchains, so I made a separate commit to fix this:
https://git.buildroot.org/buildroot/commit/?id=b0aafef6198ee292c4f426295e92cc9b601c2338

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [V4 2/2] dropbear: unbundle libtomath & libtomcrypt

[Thomas Petazzoni]

Hello,

On Wed, 28 Mar 2018 10:38:27 +0200, Francois Perrad wrote:
> DROPBEAR_SMALL_CODE could be only honored with bundled libtomcrypt
> 
> Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
> ---
>  package/dropbear/Config.in   | 1 +
>  package/dropbear/dropbear.mk | 5 +++--
>  2 files changed, 4 insertions(+), 2 deletions(-)

Applied to master, thanks. The fact that it's only done with static
libraries (libtommath and libtomcrypt are only compiled as static
libraries) and only for the !small case make this pretty "specific",
but OK.

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [V4 1/2] dropbear: bump to version 2018.76

[Peter Korsgaard]

>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:

 > Hello,
 > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
 >> with this new version:
 >> - "configure --enable-static" should now be used instead of
 >> "make STATIC=1"
 >> - any customised options should be put in localoptions.h
 >> 
 >> Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
 >> ---
 >> package/dropbear/dropbear.hash |  2 +-
 >> package/dropbear/dropbear.mk   | 31 ++++++++++++++-----------------
 >> 2 files changed, 15 insertions(+), 18 deletions(-)

 > I've applied to master, after doing some minor changes:

 >  - DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH was moved
 >    closer to where DROPBEAR_SVR_PASSWORD_AUTH is defined

 >  - A comment was added on top of DROPBEAR_SVR_PASSWORD_AUTH to explain
 >    why we're doing this.

 > In addition, after applying/pushing your commit, I had a build failure
 > with non-SSP toolchains, so I made a separate commit to fix this:
 > https://git.buildroot.org/buildroot/commit/?id=b0aafef6198ee292c4f426295e92cc9b601c2338

Committed to 2018.02.x, thanks.

-- 
Bye, Peter Korsgaard