[uClibc-cvs] svn commit: trunk/buildroot/package/dropbear_sshd

andersen at uclibc.org andersen at uclibc.org
Wed Mar 9 08:30:48 UTC 2005


Author: andersen
Date: 2005-03-09 01:30:47 -0700 (Wed, 09 Mar 2005)
New Revision: 9983

Log:
Update dropbear to the new version.
Add a config option to handle low entropy system.


Modified:
   trunk/buildroot/package/dropbear_sshd/Config.in
   trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk


Changeset:
Modified: trunk/buildroot/package/dropbear_sshd/Config.in
===================================================================
--- trunk/buildroot/package/dropbear_sshd/Config.in	2005-03-09 05:44:07 UTC (rev 9982)
+++ trunk/buildroot/package/dropbear_sshd/Config.in	2005-03-09 08:30:47 UTC (rev 9983)
@@ -5,3 +5,17 @@
 	  A small SSH 2 server designed for small memory environments.
 
 	  http://matt.ucc.asn.au/dropbear/
+
+config BR2_PACKAGE_DROPBEAR_SSHD_URANDOM
+	bool "  Use /dev/urandom (low entropy systems only)?"
+	default n
+	depends on BR2_PACKAGE_DROPBEAR_SSHD
+	help
+	  By default, dropbear uses the much more secure /dev/random.  If you
+	  are using a system lacking usable entropy sources, this could cause
+	  the dropbear ssh daemon to block forever waiting for entropy that
+	  will never arrive.  By making dropbear use /dev/urandom, you can
+	  prevent Dropbear from blocking while waiting on the random device.
+	  This could however significantly reduce the security of your ssh
+	  connections.  Make sure you know what you are doing if you enable
+	  this option -- most people should answer N.

Modified: trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk
===================================================================
--- trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk	2005-03-09 05:44:07 UTC (rev 9982)
+++ trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk	2005-03-09 08:30:47 UTC (rev 9983)
@@ -3,9 +3,9 @@
 # dropbear_sshd
 #
 #############################################################
-DROPBEAR_SSHD_SOURCE:=dropbear-0.44.tar.bz2
+DROPBEAR_SSHD_SOURCE:=dropbear-0.45.tar.bz2
 DROPBEAR_SSHD_SITE:=http://matt.ucc.asn.au/dropbear/releases/
-DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.44
+DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.45
 DROPBEAR_SSHD_CAT:=bzcat
 DROPBEAR_SSHD_BINARY:=dropbearmulti
 DROPBEAR_SSHD_TARGET_BINARY:=usr/sbin/dropbear
@@ -44,6 +44,10 @@
 		$(DISABLE_NLS) \
 		--with-shared \
 	);
+ifeq ($(strip $(BR2_PACKAGE_DROPBEAR_SSHD_URANDOM)),y)
+	$(SED) 's,^#define DROPBEAR_RANDOM_DEV.*,#define DROPBEAR_RANDOM_DEV \"/dev/urandom\",' \
+		$(DROPBEAR_SSHD_DIR)/options.h
+endif
 	touch  $(DROPBEAR_SSHD_DIR)/.configured
 
 $(DROPBEAR_SSHD_DIR)/$(DROPBEAR_SSHD_BINARY): $(DROPBEAR_SSHD_DIR)/.configured




More information about the uClibc-cvs mailing list