diff options
author | Alexander Dahl <ada@thorsis.com> | 2020-03-11 14:24:07 +0100 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2020-03-20 13:18:55 +0100 |
commit | 91e5a872e2559830f180ad34eece7fbaf7adb9c6 (patch) | |
tree | 6c0a942b10314fd394e894d15ba64428e181cb8b /patches | |
parent | be84b45503a12de1301be694ae89af313ade4a5a (diff) | |
download | ptxdist-91e5a872e2559830f180ad34eece7fbaf7adb9c6.tar.gz ptxdist-91e5a872e2559830f180ad34eece7fbaf7adb9c6.tar.xz |
dropbear: version bump 2017.75 -> 2019.78
The major change with 2018.76 was in configuration, moving from editing
'options.h' to adding things to 'localoptions.h'. The latter file must
be created in the extracted sources, a pragmatic approach was used to
add the defines, as seen in the buildroot project.
All options were compared to 'default_options.h' and 'sysoptions.h' from
the dropbear source. Not all options are in default_options, e.g. the
deprecated md5 hmac. A warning for that one was added.
Various things were fixed and improved in dropbear, changes notable:
+ 2019.78 / 2019.77
- Fix 2018.76 regressions
- Improve failure delay consistency
- Change handling of failed authentication to avoid disclosing valid
usernames, CVE-2018-15599.
+ 2018.76
- Enable hardening build flags
- New key exchange options
- Improved DSS and RSA pubkey validation
- Fix null pointer crash on malformed keys
- Update curve25519-donna implementation
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Message-Id: <20200311132408.11924-3-ada@thorsis.com>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'patches')
-rw-r--r-- | patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch | 47 | ||||
l--------- | patches/dropbear-2019.78/autogen.sh | 1 | ||||
-rw-r--r-- | patches/dropbear-2019.78/series | 4 |
3 files changed, 52 insertions, 0 deletions
diff --git a/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch b/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch new file mode 100644 index 000000000..03aec183a --- /dev/null +++ b/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch @@ -0,0 +1,47 @@ +From: Alexander Dahl <ada@thorsis.com> +Date: Wed, 11 Mar 2020 10:50:45 +0100 +Subject: [PATCH] configure: Fix --disable-fuzz + +When explicitly passing --disable-fuzz to ./configure fuzz was actually +enabled. + +Signed-off-by: Alexander Dahl <ada@thorsis.com> +--- + +Notes: + Sent upstream: https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2020q1/002202.html + + configure.ac | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 7199d7cb2300..104d60cfaf53 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -326,14 +326,21 @@ AC_ARG_ENABLE(shadow, + AC_ARG_ENABLE(fuzz, + [ --enable-fuzz Build fuzzing. Not recommended for deployment.], + [ +- AC_DEFINE(DROPBEAR_FUZZ, 1, Fuzzing) +- AC_MSG_NOTICE(Enabling fuzzing) +- DROPBEAR_FUZZ=1 +- # libfuzzer needs linking with c++ libraries +- AC_PROG_CXX ++ if test "x$enableval" = "xyes"; then ++ AC_DEFINE(DROPBEAR_FUZZ, 1, Fuzzing) ++ AC_MSG_NOTICE(Enabling fuzzing) ++ DROPBEAR_FUZZ=1 ++ # libfuzzer needs linking with c++ libraries ++ AC_PROG_CXX ++ else ++ AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing) ++ AC_MSG_NOTICE(Disabling fuzzing) ++ DROPBEAR_FUZZ=0 ++ fi + ], + [ + AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing) ++ AC_MSG_NOTICE(Disabling fuzzing) + DROPBEAR_FUZZ=0 + ] + diff --git a/patches/dropbear-2019.78/autogen.sh b/patches/dropbear-2019.78/autogen.sh new file mode 120000 index 000000000..9f8a4cb7d --- /dev/null +++ b/patches/dropbear-2019.78/autogen.sh @@ -0,0 +1 @@ +../autogen.sh
\ No newline at end of file diff --git a/patches/dropbear-2019.78/series b/patches/dropbear-2019.78/series new file mode 100644 index 000000000..3e5a5247e --- /dev/null +++ b/patches/dropbear-2019.78/series @@ -0,0 +1,4 @@ +# generated by git-ptx-patches +#tag:base --start-number 1 +0001-configure-Fix-disable-fuzz.patch +# c03ca050bdd0c61ac96e5bd22c9d0947 - git-ptx-patches magic |