Message ID | 20180328083827.31540-1-francois.perrad@gadz.org |
---|---|
State | Accepted |
Headers | show |
Series | [V4,1/2] dropbear: bump to version 2018.76 | expand |
Hello, On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote: > +define DROPBEAR_SVR_PASSWORD_AUTH > + echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h > + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h > + echo '#endif' >> $(@D)/localoptions.h > endef Since this is really a bug in dropbear, shouldn't this be handled by a patch, which gets submitted upstream ? Thomas
2018-03-28 13:51 GMT+02:00 Thomas Petazzoni <thomas.petazzoni@bootlin.com>: > Hello, > > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote: > > > +define DROPBEAR_SVR_PASSWORD_AUTH > > + echo '#if !HAVE_CRYPT' >> > $(@D)/localoptions.h > > + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> > $(@D)/localoptions.h > > + echo '#endif' >> > $(@D)/localoptions.h > > endef > > Since this is really a bug in dropbear, shouldn't this be handled by a > patch, which gets submitted upstream ? > > The average Dropbear user puts only #define in localoptions.h BR supports various toolchains with many differences, so we need some logic in localoptions.h There is no upstream bug. François > Thomas > -- > Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons) > Embedded Linux and Kernel engineering > https://bootlin.com > _______________________________________________ > buildroot mailing list > buildroot@busybox.net > http://lists.busybox.net/mailman/listinfo/buildroot > <div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">2018-03-28 13:51 GMT+02:00 Thomas Petazzoni <span dir="ltr"><<a href="mailto:thomas.petazzoni@bootlin.com" target="_blank">thomas.petazzoni@bootlin.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br> <span class=""><br> On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:<br> <br> > +define DROPBEAR_SVR_PASSWORD_AUTH<br> > + echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h<br> > + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h<br> > + echo '#endif' >> $(@D)/localoptions.h<br> > endef<br> <br> </span>Since this is really a bug in dropbear, shouldn't this be handled by a<br> patch, which gets submitted upstream ?<br> <span class="HOEnZb"><font color="#888888"><br></font></span></blockquote><div><br></div><div>The average Dropbear user puts only #define in localoptions.h<br></div><div>BR supports various toolchains with many differences, so we need some logic in localoptions.h<br></div><div>There is no upstream bug.<br><br></div><div>François<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="HOEnZb"><font color="#888888"> Thomas<br> --<br> Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)<br> Embedded Linux and Kernel engineering<br> <a href="https://bootlin.com" rel="noreferrer" target="_blank">https://bootlin.com</a><br> ______________________________<wbr>_________________<br> buildroot mailing list<br> <a href="mailto:buildroot@busybox.net">buildroot@busybox.net</a><br> <a href="http://lists.busybox.net/mailman/listinfo/buildroot" rel="noreferrer" target="_blank">http://lists.busybox.net/<wbr>mailman/listinfo/buildroot</a><br> </font></span></blockquote></div><br></div></div>
Hello, On Wed, 28 Mar 2018 16:41:03 +0200, François Perrad wrote: > > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote: > > > > > +define DROPBEAR_SVR_PASSWORD_AUTH > > > + echo '#if !HAVE_CRYPT' >> > > $(@D)/localoptions.h > > > + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> > > $(@D)/localoptions.h > > > + echo '#endif' >> > > $(@D)/localoptions.h > > > endef > > > > Since this is really a bug in dropbear, shouldn't this be handled by a > > patch, which gets submitted upstream ? > > > > > The average Dropbear user puts only #define in localoptions.h > BR supports various toolchains with many differences, so we need some logic > in localoptions.h > There is no upstream bug. I think there's an upstream bug if the configure script detects the presence/absence of crypt(), but then doesn't use this information to disable features that require crypt() when it's not available. Best regards, Thomas
Hello, On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote: > with this new version: > - "configure --enable-static" should now be used instead of > "make STATIC=1" > - any customised options should be put in localoptions.h > > Signed-off-by: Francois Perrad <francois.perrad@gadz.org> > --- > package/dropbear/dropbear.hash | 2 +- > package/dropbear/dropbear.mk | 31 ++++++++++++++----------------- > 2 files changed, 15 insertions(+), 18 deletions(-) I've applied to master, after doing some minor changes: - DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH was moved closer to where DROPBEAR_SVR_PASSWORD_AUTH is defined - A comment was added on top of DROPBEAR_SVR_PASSWORD_AUTH to explain why we're doing this. In addition, after applying/pushing your commit, I had a build failure with non-SSP toolchains, so I made a separate commit to fix this: https://git.buildroot.org/buildroot/commit/?id=b0aafef6198ee292c4f426295e92cc9b601c2338 Best regards, Thomas
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes: > Hello, > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote: >> with this new version: >> - "configure --enable-static" should now be used instead of >> "make STATIC=1" >> - any customised options should be put in localoptions.h >> >> Signed-off-by: Francois Perrad <francois.perrad@gadz.org> >> --- >> package/dropbear/dropbear.hash | 2 +- >> package/dropbear/dropbear.mk | 31 ++++++++++++++----------------- >> 2 files changed, 15 insertions(+), 18 deletions(-) > I've applied to master, after doing some minor changes: > - DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH was moved > closer to where DROPBEAR_SVR_PASSWORD_AUTH is defined > - A comment was added on top of DROPBEAR_SVR_PASSWORD_AUTH to explain > why we're doing this. > In addition, after applying/pushing your commit, I had a build failure > with non-SSP toolchains, so I made a separate commit to fix this: > https://git.buildroot.org/buildroot/commit/?id=b0aafef6198ee292c4f426295e92cc9b601c2338 Committed to 2018.02.x, thanks.
diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash index 98776e717..ef2011d90 100644 --- a/package/dropbear/dropbear.hash +++ b/package/dropbear/dropbear.hash @@ -1,2 +1,2 @@ # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc -sha256 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c dropbear-2017.75.tar.bz2 +sha256 f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 dropbear-2018.76.tar.bz2 diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk index 01a1a07b7..25859a382 100644 --- a/package/dropbear/dropbear.mk +++ b/package/dropbear/dropbear.mk @@ -4,7 +4,7 @@ # ################################################################################ -DROPBEAR_VERSION = 2017.75 +DROPBEAR_VERSION = 2018.76 DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2 DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause @@ -12,6 +12,8 @@ DROPBEAR_LICENSE_FILES = LICENSE DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS) +DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH + ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y) # Build dbclient, and create a convenience symlink named ssh DROPBEAR_PROGRAMS += dbclient @@ -23,32 +25,28 @@ DROPBEAR_MAKE = \ PROGRAMS="$(DROPBEAR_PROGRAMS)" ifeq ($(BR2_STATIC_LIBS),y) -DROPBEAR_MAKE += STATIC=1 +DROPBEAR_CONF_OPTS += --enable-static endif -define DROPBEAR_FIX_XAUTH - $(SED) 's,^#define XAUTH_COMMAND.*/xauth,#define XAUTH_COMMAND "/usr/bin/xauth,g' $(@D)/options.h +define DROPBEAR_SVR_PASSWORD_AUTH + echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h + echo '#endif' >> $(@D)/localoptions.h endef -DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_FIX_XAUTH - define DROPBEAR_ENABLE_REVERSE_DNS - $(SED) 's:.*\(#define DO_HOST_LOOKUP\).*:\1:' $(@D)/options.h -endef - -define DROPBEAR_BUILD_SMALL - $(SED) 's:.*\(#define NO_FAST_EXPTMOD\).*:\1:' $(@D)/options.h + echo '#define DO_HOST_LOOKUP 1' >> $(@D)/localoptions.h endef define DROPBEAR_BUILD_FEATURED - $(SED) 's:^#define DROPBEAR_SMALL_CODE::' $(@D)/options.h - $(SED) 's:.*\(#define DROPBEAR_BLOWFISH\).*:\1:' $(@D)/options.h - $(SED) 's:.*\(#define DROPBEAR_TWOFISH128\).*:\1:' $(@D)/options.h - $(SED) 's:.*\(#define DROPBEAR_TWOFISH256\).*:\1:' $(@D)/options.h + echo '#define DROPBEAR_SMALL_CODE 0' >> $(@D)/localoptions.h + echo '#define DROPBEAR_BLOWFISH 1' >> $(@D)/localoptions.h + echo '#define DROPBEAR_TWOFISH128 1' >> $(@D)/localoptions.h + echo '#define DROPBEAR_TWOFISH256 1' >> $(@D)/localoptions.h endef define DROPBEAR_DISABLE_STANDALONE - $(SED) 's:\(#define NON_INETD_MODE\):/*\1 */:' $(@D)/options.h + echo '#define NON_INETD_MODE 0' >> $(@D)/localoptions.h endef define DROPBEAR_INSTALL_INIT_SYSTEMD @@ -73,7 +71,6 @@ DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS endif ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y) -DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_SMALL DROPBEAR_CONF_OPTS += --disable-zlib else DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED
with this new version: - "configure --enable-static" should now be used instead of "make STATIC=1" - any customised options should be put in localoptions.h Signed-off-by: Francois Perrad <francois.perrad@gadz.org> --- package/dropbear/dropbear.hash | 2 +- package/dropbear/dropbear.mk | 31 ++++++++++++++----------------- 2 files changed, 15 insertions(+), 18 deletions(-)