From 4c22057788314a0b3f8fcd4dfd53a7837e3f6cf0 Mon Sep 17 00:00:00 2001 From: Eric Andersen Date: Wed, 9 Mar 2005 08:30:47 +0000 Subject: [PATCH] Update dropbear to the new version. Add a config option to handle low entropy system. --- package/dropbear_sshd/Config.in | 14 ++++++++++++++ package/dropbear_sshd/dropbear_sshd.mk | 8 ++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/package/dropbear_sshd/Config.in b/package/dropbear_sshd/Config.in index 07c5218840..99d4496569 100644 --- a/package/dropbear_sshd/Config.in +++ b/package/dropbear_sshd/Config.in @@ -5,3 +5,17 @@ config BR2_PACKAGE_DROPBEAR_SSHD A small SSH 2 server designed for small memory environments. http://matt.ucc.asn.au/dropbear/ + +config BR2_PACKAGE_DROPBEAR_SSHD_URANDOM + bool " Use /dev/urandom (low entropy systems only)?" + default n + depends on BR2_PACKAGE_DROPBEAR_SSHD + help + By default, dropbear uses the much more secure /dev/random. If you + are using a system lacking usable entropy sources, this could cause + the dropbear ssh daemon to block forever waiting for entropy that + will never arrive. By making dropbear use /dev/urandom, you can + prevent Dropbear from blocking while waiting on the random device. + This could however significantly reduce the security of your ssh + connections. Make sure you know what you are doing if you enable + this option -- most people should answer N. diff --git a/package/dropbear_sshd/dropbear_sshd.mk b/package/dropbear_sshd/dropbear_sshd.mk index 0038bdf58a..d25518c5c4 100644 --- a/package/dropbear_sshd/dropbear_sshd.mk +++ b/package/dropbear_sshd/dropbear_sshd.mk @@ -3,9 +3,9 @@ # dropbear_sshd # ############################################################# -DROPBEAR_SSHD_SOURCE:=dropbear-0.44.tar.bz2 +DROPBEAR_SSHD_SOURCE:=dropbear-0.45.tar.bz2 DROPBEAR_SSHD_SITE:=http://matt.ucc.asn.au/dropbear/releases/ -DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.44 +DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.45 DROPBEAR_SSHD_CAT:=bzcat DROPBEAR_SSHD_BINARY:=dropbearmulti DROPBEAR_SSHD_TARGET_BINARY:=usr/sbin/dropbear @@ -44,6 +44,10 @@ $(DROPBEAR_SSHD_DIR)/.configured: $(DROPBEAR_SSHD_DIR)/.unpacked $(DISABLE_NLS) \ --with-shared \ ); +ifeq ($(strip $(BR2_PACKAGE_DROPBEAR_SSHD_URANDOM)),y) + $(SED) 's,^#define DROPBEAR_RANDOM_DEV.*,#define DROPBEAR_RANDOM_DEV \"/dev/urandom\",' \ + $(DROPBEAR_SSHD_DIR)/options.h +endif touch $(DROPBEAR_SSHD_DIR)/.configured $(DROPBEAR_SSHD_DIR)/$(DROPBEAR_SSHD_BINARY): $(DROPBEAR_SSHD_DIR)/.configured -- 2.30.2