[V4,1/2] dropbear: bump to version 2018.76

Message ID 20180328083827.31540-1-francois.perrad@gadz.org
State Accepted
Headers show
Series
  • [V4,1/2] dropbear: bump to version 2018.76
Related show

Commit Message

Francois Perrad March 28, 2018, 8:38 a.m.
with this new version:
  - "configure --enable-static" should now be used instead of
    "make STATIC=1"
  - any customised options should be put in localoptions.h

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
---
 package/dropbear/dropbear.hash |  2 +-
 package/dropbear/dropbear.mk   | 31 ++++++++++++++-----------------
 2 files changed, 15 insertions(+), 18 deletions(-)

Comments

Thomas Petazzoni March 28, 2018, 11:51 a.m. | #1
Hello,

On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:

> +define DROPBEAR_SVR_PASSWORD_AUTH
> +	echo '#if !HAVE_CRYPT'                          >> $(@D)/localoptions.h
> +	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
> +	echo '#endif'                                   >> $(@D)/localoptions.h
>  endef

Since this is really a bug in dropbear, shouldn't this be handled by a
patch, which gets submitted upstream ?

Thomas
François Perrad March 28, 2018, 2:41 p.m. | #2
2018-03-28 13:51 GMT+02:00 Thomas Petazzoni <thomas.petazzoni@bootlin.com>:

> Hello,
>
> On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
>
> > +define DROPBEAR_SVR_PASSWORD_AUTH
> > +     echo '#if !HAVE_CRYPT'                          >>
> $(@D)/localoptions.h
> > +     echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >>
> $(@D)/localoptions.h
> > +     echo '#endif'                                   >>
> $(@D)/localoptions.h
> >  endef
>
> Since this is really a bug in dropbear, shouldn't this be handled by a
> patch, which gets submitted upstream ?
>
>
The average Dropbear user puts only #define in localoptions.h
BR supports various toolchains with many differences, so we need some logic
in localoptions.h
There is no upstream bug.

François


> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
> Embedded Linux and Kernel engineering
> https://bootlin.com
> _______________________________________________
> buildroot mailing list
> buildroot@busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
>
<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">2018-03-28 13:51 GMT+02:00 Thomas Petazzoni <span dir="ltr">&lt;<a href="mailto:thomas.petazzoni@bootlin.com" target="_blank">thomas.petazzoni@bootlin.com</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<span class=""><br>
On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:<br>
<br>
&gt; +define DROPBEAR_SVR_PASSWORD_AUTH<br>
&gt; +     echo &#39;#if !HAVE_CRYPT&#39;                          &gt;&gt; $(@D)/localoptions.h<br>
&gt; +     echo &#39;#define DROPBEAR_SVR_PASSWORD_AUTH 0&#39;     &gt;&gt; $(@D)/localoptions.h<br>
&gt; +     echo &#39;#endif&#39;                                   &gt;&gt; $(@D)/localoptions.h<br>
&gt;  endef<br>
<br>
</span>Since this is really a bug in dropbear, shouldn&#39;t this be handled by a<br>
patch, which gets submitted upstream ?<br>
<span class="HOEnZb"><font color="#888888"><br></font></span></blockquote><div><br></div><div>The average Dropbear user puts only #define in localoptions.h<br></div><div>BR supports various toolchains with many differences, so we need some logic in localoptions.h<br></div><div>There is no upstream bug.<br><br></div><div>François<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="HOEnZb"><font color="#888888">
Thomas<br>
--<br>
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)<br>
Embedded Linux and Kernel engineering<br>
<a href="https://bootlin.com" rel="noreferrer" target="_blank">https://bootlin.com</a><br>
______________________________<wbr>_________________<br>
buildroot mailing list<br>
<a href="mailto:buildroot@busybox.net">buildroot@busybox.net</a><br>
<a href="http://lists.busybox.net/mailman/listinfo/buildroot" rel="noreferrer" target="_blank">http://lists.busybox.net/<wbr>mailman/listinfo/buildroot</a><br>
</font></span></blockquote></div><br></div></div>
Thomas Petazzoni March 28, 2018, 2:42 p.m. | #3
Hello,

On Wed, 28 Mar 2018 16:41:03 +0200, François Perrad wrote:

> > On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
> >  
> > > +define DROPBEAR_SVR_PASSWORD_AUTH
> > > +     echo '#if !HAVE_CRYPT'                          >>  
> > $(@D)/localoptions.h  
> > > +     echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >>  
> > $(@D)/localoptions.h  
> > > +     echo '#endif'                                   >>  
> > $(@D)/localoptions.h  
> > >  endef  
> >
> > Since this is really a bug in dropbear, shouldn't this be handled by a
> > patch, which gets submitted upstream ?
> >
> >  
> The average Dropbear user puts only #define in localoptions.h
> BR supports various toolchains with many differences, so we need some logic
> in localoptions.h
> There is no upstream bug.

I think there's an upstream bug if the configure script detects the
presence/absence of crypt(), but then doesn't use this information to
disable features that require crypt() when it's not available.

Best regards,

Thomas
Thomas Petazzoni April 28, 2018, 3:49 p.m. | #4
Hello,

On Wed, 28 Mar 2018 10:38:26 +0200, Francois Perrad wrote:
> with this new version:
>   - "configure --enable-static" should now be used instead of
>     "make STATIC=1"
>   - any customised options should be put in localoptions.h
> 
> Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
> ---
>  package/dropbear/dropbear.hash |  2 +-
>  package/dropbear/dropbear.mk   | 31 ++++++++++++++-----------------
>  2 files changed, 15 insertions(+), 18 deletions(-)

I've applied to master, after doing some minor changes:

 - DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH was moved
   closer to where DROPBEAR_SVR_PASSWORD_AUTH is defined

 - A comment was added on top of DROPBEAR_SVR_PASSWORD_AUTH to explain
   why we're doing this.

In addition, after applying/pushing your commit, I had a build failure
with non-SSP toolchains, so I made a separate commit to fix this:
https://git.buildroot.org/buildroot/commit/?id=b0aafef6198ee292c4f426295e92cc9b601c2338

Best regards,

Thomas

Patch

diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
index 98776e717..ef2011d90 100644
--- a/package/dropbear/dropbear.hash
+++ b/package/dropbear/dropbear.hash
@@ -1,2 +1,2 @@ 
 # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
-sha256 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c dropbear-2017.75.tar.bz2
+sha256 f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 dropbear-2018.76.tar.bz2
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index 01a1a07b7..25859a382 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -4,7 +4,7 @@ 
 #
 ################################################################################
 
-DROPBEAR_VERSION = 2017.75
+DROPBEAR_VERSION = 2018.76
 DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
 DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
 DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause
@@ -12,6 +12,8 @@  DROPBEAR_LICENSE_FILES = LICENSE
 DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp
 DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS)
 
+DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH
+
 ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y)
 # Build dbclient, and create a convenience symlink named ssh
 DROPBEAR_PROGRAMS += dbclient
@@ -23,32 +25,28 @@  DROPBEAR_MAKE = \
 	PROGRAMS="$(DROPBEAR_PROGRAMS)"
 
 ifeq ($(BR2_STATIC_LIBS),y)
-DROPBEAR_MAKE += STATIC=1
+DROPBEAR_CONF_OPTS += --enable-static
 endif
 
-define DROPBEAR_FIX_XAUTH
-	$(SED) 's,^#define XAUTH_COMMAND.*/xauth,#define XAUTH_COMMAND "/usr/bin/xauth,g' $(@D)/options.h
+define DROPBEAR_SVR_PASSWORD_AUTH
+	echo '#if !HAVE_CRYPT'                          >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0'     >> $(@D)/localoptions.h
+	echo '#endif'                                   >> $(@D)/localoptions.h
 endef
 
-DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_FIX_XAUTH
-
 define DROPBEAR_ENABLE_REVERSE_DNS
-	$(SED) 's:.*\(#define DO_HOST_LOOKUP\).*:\1:' $(@D)/options.h
-endef
-
-define DROPBEAR_BUILD_SMALL
-	$(SED) 's:.*\(#define NO_FAST_EXPTMOD\).*:\1:' $(@D)/options.h
+	echo '#define DO_HOST_LOOKUP 1'                 >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_BUILD_FEATURED
-	$(SED) 's:^#define DROPBEAR_SMALL_CODE::' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_BLOWFISH\).*:\1:' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_TWOFISH128\).*:\1:' $(@D)/options.h
-	$(SED) 's:.*\(#define DROPBEAR_TWOFISH256\).*:\1:' $(@D)/options.h
+	echo '#define DROPBEAR_SMALL_CODE 0'            >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_BLOWFISH 1'              >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_TWOFISH128 1'            >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_TWOFISH256 1'            >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_DISABLE_STANDALONE
-	$(SED) 's:\(#define NON_INETD_MODE\):/*\1 */:' $(@D)/options.h
+	echo '#define NON_INETD_MODE 0'                 >> $(@D)/localoptions.h
 endef
 
 define DROPBEAR_INSTALL_INIT_SYSTEMD
@@ -73,7 +71,6 @@  DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
 endif
 
 ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
-DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_SMALL
 DROPBEAR_CONF_OPTS += --disable-zlib
 else
 DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED