dropbear: bump to 2019.77

[openwrt/openwrt.git] / package / network / services / dropbear / Makefile

diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile
index 0ed7199e68bd1d72b6221a920cd632978e0bd105..768cc813fa1f2664597cf78f1ea65336334a00ec 100644 (file)
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dropbear
-PKG_VERSION:=2017.75
-PKG_RELEASE:=9
+PKG_VERSION:=2019.77
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
        http://matt.ucc.asn.au/dropbear/releases/ \
        https://dropbear.nl/mirror/releases/
-PKG_HASH:=6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c
+PKG_HASH:=d91f78ebe633be1d071fd1b7e5535b9693794048b019e9f4bea257e1992b458d
 
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE
@@ -23,6 +23,7 @@ PKG_CPE_ID:=cpe:/a:matt_johnston:dropbear_ssh_server
 
 PKG_BUILD_PARALLEL:=1
 PKG_USE_MIPS16:=0
+PKG_FIXUP:=autoreconf
 
 PKG_CONFIG_DEPENDS:= \
        CONFIG_TARGET_INIT_PATH CONFIG_DROPBEAR_ECC \
@@ -90,33 +91,33 @@ TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections -flto
 TARGET_LDFLAGS += -Wl,--gc-sections -flto=jobserver
 
 define Build/Configure
+       : > $(PKG_BUILD_DIR)/localoptions.h
+
        $(Build/Configure/Default)
 
-       $(SED) 's,^#define DEFAULT_PATH .*$$$$,#define DEFAULT_PATH "$(TARGET_INIT_PATH)",g' \
-               $(PKG_BUILD_DIR)/options.h
+       echo '#define DEFAULT_PATH "$(TARGET_INIT_PATH)"' >> \
+               $(PKG_BUILD_DIR)/localoptions.h
 
-       awk 'BEGIN { rc = 1 } \
-            /'DROPBEAR_CURVE25519'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_CURVE25519),,// )#define 'DROPBEAR_CURVE25519'"; rc = 0 } \
-            { print } \
-            END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \
-            >$(PKG_BUILD_DIR)/options.h.new && \
-       mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h
+       echo '#define DROPBEAR_CURVE25519 $(if $(CONFIG_DROPBEAR_CURVE25519),1,0)' >> \
+               $(PKG_BUILD_DIR)/localoptions.h
 
-       # Enforce that all replacements are made, otherwise options.h has changed
-       # format and this logic is broken.
        for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH; do \
-         awk 'BEGIN { rc = 1 } \
-              /'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \
-              { print } \
-              END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \
-              >$(PKG_BUILD_DIR)/options.h.new && \
-         mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || exit 1; \
+               echo "#define $$$$OPTION $(if $(CONFIG_DROPBEAR_ECC),1,0)" >> \
+                       $(PKG_BUILD_DIR)/localoptions.h; \
        done
 
        # remove protocol idented software version number
-       $(SED) 's,^#define LOCAL_IDENT .*$$$$,#define LOCAL_IDENT "SSH-2.0-dropbear",g' \
+       $(ESED) 's,^(#define LOCAL_IDENT) .*$$$$,\1 "SSH-2.0-dropbear",g' \
                $(PKG_BUILD_DIR)/sysoptions.h
 
+       # disable legacy/unsafe methods and unused functionality
+       for OPTION in INETD_MODE DROPBEAR_CLI_NETCAT \
+       DROPBEAR_3DES DROPBEAR_DSS DROPBEAR_ENABLE_CBC_MODE \
+       DROPBEAR_SHA1_96_HMAC DROPBEAR_USE_PASSWORD_ENV; do \
+               echo "#define $$$$OPTION 0" >> \
+                       $(PKG_BUILD_DIR)/localoptions.h; \
+       done
+
        # Enforce rebuild of svr-chansession.c
        rm -f $(PKG_BUILD_DIR)/svr-chansession.o
 endef