From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: In-Reply-To: <20200311132408.11924-3-ada@thorsis.com> MIME-Version: 1.0 Message-Id: From: Michael Olbrich Date: Fri, 27 Mar 2020 10:52:14 +0100 Subject: Re: [ptxdist] [2/3] dropbear: version bump 2017.75 -> 2019.78 List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de Cc: Alexander Dahl Thanks, applied. Michael [sent from post-receive hook] On Fri, 27 Mar 2020 10:52:14 +0100, Alexander Dahl wrote: > The major change with 2018.76 was in configuration, moving from editing > 'options.h' to adding things to 'localoptions.h'. The latter file must > be created in the extracted sources, a pragmatic approach was used to > add the defines, as seen in the buildroot project. > > All options were compared to 'default_options.h' and 'sysoptions.h' from > the dropbear source. Not all options are in default_options, e.g. the > deprecated md5 hmac. A warning for that one was added. > > Various things were fixed and improved in dropbear, changes notable: > > + 2019.78 / 2019.77 > - Fix 2018.76 regressions > - Improve failure delay consistency > - Change handling of failed authentication to avoid disclosing valid > usernames, CVE-2018-15599. > > + 2018.76 > - Enable hardening build flags > - New key exchange options > - Improved DSS and RSA pubkey validation > - Fix null pointer crash on malformed keys > - Update curve25519-donna implementation > > Signed-off-by: Alexander Dahl > --- > > Notes: > Just omitting --disable-fuzz wouldn't require that patch, it just pins down > what is the default anyway, but for that the patch is needed. > > .../0001-configure-Fix-disable-fuzz.patch | 47 +++++++ > patches/dropbear-2019.78/autogen.sh | 1 + > patches/dropbear-2019.78/series | 4 + > rules/dropbear.make | 129 ++++++++++-------- > 4 files changed, 121 insertions(+), 60 deletions(-) > create mode 100644 patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch > create mode 120000 patches/dropbear-2019.78/autogen.sh > create mode 100644 patches/dropbear-2019.78/series > > diff --git a/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch b/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch > new file mode 100644 > index 000000000..03aec183a > --- /dev/null > +++ b/patches/dropbear-2019.78/0001-configure-Fix-disable-fuzz.patch > @@ -0,0 +1,47 @@ > +From: Alexander Dahl > +Date: Wed, 11 Mar 2020 10:50:45 +0100 > +Subject: [PATCH] configure: Fix --disable-fuzz > + > +When explicitly passing --disable-fuzz to ./configure fuzz was actually > +enabled. > + > +Signed-off-by: Alexander Dahl > +--- > + > +Notes: > + Sent upstream: https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2020q1/002202.html > + > + configure.ac | 17 ++++++++++++----- > + 1 file changed, 12 insertions(+), 5 deletions(-) > + > +diff --git a/configure.ac b/configure.ac > +index 7199d7cb2300..104d60cfaf53 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -326,14 +326,21 @@ AC_ARG_ENABLE(shadow, > + AC_ARG_ENABLE(fuzz, > + [ --enable-fuzz Build fuzzing. Not recommended for deployment.], > + [ > +- AC_DEFINE(DROPBEAR_FUZZ, 1, Fuzzing) > +- AC_MSG_NOTICE(Enabling fuzzing) > +- DROPBEAR_FUZZ=1 > +- # libfuzzer needs linking with c++ libraries > +- AC_PROG_CXX > ++ if test "x$enableval" = "xyes"; then > ++ AC_DEFINE(DROPBEAR_FUZZ, 1, Fuzzing) > ++ AC_MSG_NOTICE(Enabling fuzzing) > ++ DROPBEAR_FUZZ=1 > ++ # libfuzzer needs linking with c++ libraries > ++ AC_PROG_CXX > ++ else > ++ AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing) > ++ AC_MSG_NOTICE(Disabling fuzzing) > ++ DROPBEAR_FUZZ=0 > ++ fi > + ], > + [ > + AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing) > ++ AC_MSG_NOTICE(Disabling fuzzing) > + DROPBEAR_FUZZ=0 > + ] > + > diff --git a/patches/dropbear-2019.78/autogen.sh b/patches/dropbear-2019.78/autogen.sh > new file mode 120000 > index 000000000..9f8a4cb7d > --- /dev/null > +++ b/patches/dropbear-2019.78/autogen.sh > @@ -0,0 +1 @@ > +../autogen.sh > \ No newline at end of file > diff --git a/patches/dropbear-2019.78/series b/patches/dropbear-2019.78/series > new file mode 100644 > index 000000000..3e5a5247e > --- /dev/null > +++ b/patches/dropbear-2019.78/series > @@ -0,0 +1,4 @@ > +# generated by git-ptx-patches > +#tag:base --start-number 1 > +0001-configure-Fix-disable-fuzz.patch > +# c03ca050bdd0c61ac96e5bd22c9d0947 - git-ptx-patches magic > diff --git a/rules/dropbear.make b/rules/dropbear.make > index a3b867817..8d80ed295 100644 > --- a/rules/dropbear.make > +++ b/rules/dropbear.make > @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear > # > # Paths and names > # > -DROPBEAR_VERSION := 2017.75 > -DROPBEAR_MD5 := e57e9b9d25705dcb073ba15c416424fd > +DROPBEAR_VERSION := 2019.78 > +DROPBEAR_MD5 := a972c85ed678ad0fdcb7844e1294fb54 > DROPBEAR := dropbear-$(DROPBEAR_VERSION) > DROPBEAR_SUFFIX := tar.bz2 > DROPBEAR_URL := http://matt.ucc.asn.au/dropbear/releases/$(DROPBEAR).$(DROPBEAR_SUFFIX) > @@ -38,12 +38,14 @@ DROPBEAR_LICENSE_FILES := \ > DROPBEAR_CONF_TOOL := autoconf > DROPBEAR_CONF_OPT := \ > $(CROSS_AUTOCONF_USR) \ > + --enable-harden \ > $(GLOBAL_LARGE_FILE_OPTION) \ > --$(call ptx/endis, PTXCONF_DROPBEAR_ZLIB)-zlib \ > --disable-pam \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_OPENPTY)-openpty \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_SYSLOG)-syslog \ > --enable-shadow \ > + --disable-fuzz \ > --enable-bundled-libtom \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_LASTLOG)-lastlog \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_UTMP)-utmp \ > @@ -54,206 +56,213 @@ DROPBEAR_CONF_OPT := \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_PUTUTLINE)-pututline \ > --$(call ptx/disen, PTXCONF_DROPBEAR_DIS_PUTUTXLINE)-pututxline > > +DROPBEAR_LOCALOPTIONS := $(DROPBEAR_DIR)/localoptions.h > + > $(STATEDIR)/dropbear.prepare: > @$(call targetinfo) > @$(call world/prepare, DROPBEAR) > > + @echo "/* localoptions.h created by ptxdist */" > $(DROPBEAR_LOCALOPTIONS) > + > ifdef PTXCONF_DROPBEAR_DIS_X11 > @echo "ptxdist: disabling x11 forwarding" > - $(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_X11FWD) > + @echo "#define DROPBEAR_X11FWD 0" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: enabling x11 forwarding" > - $(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_X11FWD) > + @echo "#define DROPBEAR_X11FWD 1" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_DIS_TCP > @echo "ptxdist: disabling tcp" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_LOCALTCPFWD) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_REMOTETCPFWD) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_LOCALTCPFWD) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_REMOTETCPFWD) > + @echo "#define DROPBEAR_CLI_LOCALTCPFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_REMOTETCPFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_SVR_LOCALTCPFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_SVR_REMOTETCPFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: enabling tcp" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_LOCALTCPFWD) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_REMOTETCPFWD) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_LOCALTCPFWD) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_REMOTETCPFWD) > + @echo "#define DROPBEAR_CLI_LOCALTCPFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_REMOTETCPFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_SVR_LOCALTCPFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_SVR_REMOTETCPFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_DIS_AGENT > @echo "ptxdist: disabling agent" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_AGENTFWD) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_AGENTFWD) > + @echo "#define DROPBEAR_SVR_AGENTFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_AGENTFWD 0" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: enabling agent" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_AGENTFWD) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_AGENTFWD) > + @echo "#define DROPBEAR_SVR_AGENTFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_AGENTFWD 1" >> $(DROPBEAR_LOCALOPTIONS) > endif > > > ifdef PTXCONF_DROPBEAR_AES128 > @echo "ptxdist: enabling aes128" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_AES128) > + @echo "#define DROPBEAR_AES128 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling aes128" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_AES128) > + @echo "#define DROPBEAR_AES128 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_3DES > @echo "ptxdist: enabling 3des" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_3DES) > + @echo "#define DROPBEAR_3DES 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling 3des" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_3DES) > + @echo "#define DROPBEAR_3DES 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_AES256 > @echo "ptxdist: enabling aes256" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_AES256) > + @echo "#define DROPBEAR_AES256 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling aes256" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_AES256) > + @echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_BLOWFISH > @echo "ptxdist: enabling blowfish" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_BLOWFISH) > + @echo "#define DROPBEAR_BLOWFISH 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling blowfish" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_BLOWFISH) > + @echo "#define DROPBEAR_BLOWFISH 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_TWOFISH256 > @echo "ptxdist: enabling twofish256" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_TWOFISH256) > + @echo "#define DROPBEAR_TWOFISH256 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling twofish256" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_TWOFISH256) > + @echo "#define DROPBEAR_TWOFISH256 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_TWOFISH128 > @echo "ptxdist: enabling twofish128" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_TWOFISH128) > + @echo "#define DROPBEAR_TWOFISH128 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling twofish128" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_TWOFISH128) > + @echo "#define DROPBEAR_TWOFISH128 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_CBC_CIPHERS > @echo "ptxdist: enabling cbc ciphers" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CBC_MODE) > + @echo "#define DROPBEAR_ENABLE_CBC_MODE 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling cbc ciphers" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CBC_MODE) > + @echo "#define DROPBEAR_ENABLE_CBC_MODE 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > + > ifdef PTXCONF_DROPBEAR_CTR_CIPHERS > @echo "ptxdist: enabling ctr ciphers" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CTR_MODE) > + @echo "#define DROPBEAR_ENABLE_CTR_MODE 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling ctr ciphers" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ENABLE_CTR_MODE) > + @echo "#define DROPBEAR_ENABLE_CTR_MODE 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_SHA1 > @echo "ptxdist: enabling sha1" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA1_HMAC) > + @echo "#define DROPBEAR_SHA1_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling sha1" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA1_HMAC) > + @echo "#define DROPBEAR_SHA1_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_SHA1_96 > @echo "ptxdist: enabling sha1-96" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA1_96_HMAC) > + @echo "#define DROPBEAR_SHA1_96_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling sha1-96" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA1_96_HMAC) > + @echo "#define DROPBEAR_SHA1_96_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_SHA256 > @echo "ptxdist: enabling sha256" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA2_256_HMAC) > + @echo "#define DROPBEAR_SHA2_256_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling sha256" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA2_256_HMAC) > + @echo "#define DROPBEAR_SHA2_256_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_SHA512 > @echo "ptxdist: enabling sha512" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA2_512_HMAC) > + @echo "#define DROPBEAR_SHA2_512_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling sha512" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_SHA2_512_HMAC) > + @echo "#define DROPBEAR_SHA2_512_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_MD5 > @echo "ptxdist: enabling md5" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_MD5_HMAC) > + @echo "WARNING: md5 is considered broken and is deactivated in upstream dropbear by default!" > + @echo "#define DROPBEAR_MD5_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling md5" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_MD5_HMAC) > + @echo "#define DROPBEAR_MD5_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > > ifdef PTXCONF_DROPBEAR_RSA > @echo "ptxdist: enabling rsa" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_RSA) > + @echo "#define DROPBEAR_RSA 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling rsa" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_RSA) > + @echo "#define DROPBEAR_RSA 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_DSS > @echo "ptxdist: enabling dss" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_DSS) > + @echo "#define DROPBEAR_DSS 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling dss" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_DSS) > + @echo "#define DROPBEAR_DSS 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_ECDSA > @echo "ptxdist: enabling ecdsa" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ECDSA) > + @echo "#define DROPBEAR_ECDSA 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling ecdsa" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ECDSA) > + @echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_ECDH > @echo "ptxdist: enabling ecdh" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ECDH) > + @echo "#define DROPBEAR_ECDH 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling ecdh" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_ECDH) > + @echo "#define DROPBEAR_ECDH 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_CURVE25519 > @echo "ptxdist: enabling curve25519" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_CURVE25519) > + @echo "#define DROPBEAR_CURVE25519 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling curve25519" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,DROPBEAR_CURVE25519) > + @echo "#define DROPBEAR_CURVE25519 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > + > ifdef PTXCONF_DROPBEAR_PASSWD > @echo "ptxdist: enabling passwd" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_PASSWORD_AUTH) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_PASSWORD_AUTH) > + @echo "#define DROPBEAR_SVR_PASSWORD_AUTH 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_PASSWORD_AUTH 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling passwd" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_PASSWORD_AUTH) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_PASSWORD_AUTH) > + @echo "#define DROPBEAR_SVR_PASSWORD_AUTH 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_PASSWORD_AUTH 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_PUBKEY > @echo "ptxdist: enabling pubkey" > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_PUBKEY_AUTH) > - @$(call enable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_PUBKEY_AUTH) > + @echo "#define DROPBEAR_SVR_PUBKEY_AUTH 1" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_PUBKEY_AUTH 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling pubkey" > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_SVR_PUBKEY_AUTH) > - @$(call disable_c, $(DROPBEAR_DIR)/options.h,ENABLE_CLI_PUBKEY_AUTH) > + @echo "#define DROPBEAR_SVR_PUBKEY_AUTH 0" >> $(DROPBEAR_LOCALOPTIONS) > + @echo "#define DROPBEAR_CLI_PUBKEY_AUTH 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > @$(call touch) > _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de