From ac4800f8b3f893426a64b16f1f691ba954232822 Mon Sep 17 00:00:00 2001
From: Bruno Thomsen <bth@kamstrup.com>
Date: Fri, 20 Feb 2015 10:51:17 +0100
Subject: dropbear: version bump 2014.65 -> 2015.67

The new version contain options to enable/disable cipher modes.
Default security level increased by disabling CBC mode and enabling CTR mode.

Tenable Network Security - Nessus:
http://www.tenable.com/plugins/index.php?view=single&id=70658

Signed-off-by: Bruno Thomsen <bth@kamstrup.com>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
---
 rules/dropbear.make | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'rules/dropbear.make')

diff --git a/rules/dropbear.make b/rules/dropbear.make
index f03d0fc0d..ab9da5d29 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear
 #
 # Paths and names
 #
-DROPBEAR_VERSION	:= 2014.65
-DROPBEAR_MD5		:= 1918604238817385a156840fa2c39490
+DROPBEAR_VERSION	:= 2015.67
+DROPBEAR_MD5		:= e967e320344cd4bfebe321e3ab8514d6
 DROPBEAR		:= dropbear-$(DROPBEAR_VERSION)
 DROPBEAR_SUFFIX		:= tar.bz2
 DROPBEAR_URL		:= http://matt.ucc.asn.au/dropbear/releases/$(DROPBEAR).$(DROPBEAR_SUFFIX)
@@ -163,7 +163,21 @@ else
 	@$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_TWOFISH128)
 endif
 
+ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
+	@echo "ptxdist: enabling cbc ciphers"
+	@$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CBC_MODE)
+else
+	@echo "ptxdist: disabling cbc ciphers"
+	@$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CBC_MODE)
+endif
 
+ifdef PTXCONF_DROPBEAR_CTR_CIPHERS
+	@echo "ptxdist: enabling ctr ciphers"
+	@$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CTR_MODE)
+else
+	@echo "ptxdist: disabling ctr ciphers"
+	@$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CTR_MODE)
+endif
 
 ifdef PTXCONF_DROPBEAR_SHA1
 	@echo "ptxdist: enabling sha1"
-- 
cgit v1.2.3