reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-core/dropbear/dropbear.inc b/poky/meta/recipes-core/dropbear/dropbear.inc
index b6b436c..d92a2f3 100644
--- a/poky/meta/recipes-core/dropbear/dropbear.inc
+++ b/poky/meta/recipes-core/dropbear/dropbear.inc
@@ -7,21 +7,19 @@
LICENSE = "MIT & BSD-3-Clause & BSD-2-Clause & PD"
LIC_FILES_CHKSUM = "file://LICENSE;md5=a5ec40cafba26fc4396d0b550f824e01"
-DEPENDS = "zlib"
+DEPENDS = "zlib virtual/crypt"
RPROVIDES_${PN} = "ssh sshd"
DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
+ file://CVE-2018-15599.patch \
file://0001-urandom-xauth-changes-to-options.h.patch \
- file://0003-configure.patch \
- file://0004-fix-2kb-keys.patch \
- file://0007-dropbear-fix-for-x32-abi.patch \
- file://fix-libtomcrypt-libtommath-ordering.patch \
file://init \
file://dropbearkey.service \
file://dropbear@.service \
file://dropbear.socket \
+ file://dropbear.default \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
@@ -52,6 +50,10 @@
EXTRA_OECONF += "\
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
+# This option appends to CFLAGS and LDFLAGS from OE
+# This is causing [textrel] QA warning
+EXTRA_OECONF += "--disable-harden"
+
do_install() {
install -d ${D}${sysconfdir} \
${D}${sysconfdir}/init.d \
@@ -61,6 +63,8 @@
${D}${sbindir} \
${D}${localstatedir}
+ install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear
+
install -m 0755 dropbearmulti ${D}${sbindir}/
ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch b/poky/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
index dc9d578..684641d 100644
--- a/poky/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
+++ b/poky/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
@@ -2,20 +2,20 @@
Upstream-Status: Inappropriate [configuration]
---
- options.h | 2 +-
+ default_options.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/options.h b/options.h
-index 7d06322..71a21c2 100644
---- a/options.h
-+++ b/options.h
-@@ -247,7 +247,7 @@ much traffic. */
+diff --git a/default_options.h b/default_options.h
+index 3b75eb8..1fd8082 100644
+--- a/default_options.h
++++ b/default_options.h
+@@ -243,7 +243,7 @@ Homedir is prepended unless path begins with / */
+
/* The command to invoke for xauth when using X11 forwarding.
* "-q" for quiet */
- #ifndef XAUTH_COMMAND
-#define XAUTH_COMMAND "/usr/bin/xauth -q"
+#define XAUTH_COMMAND "xauth -q"
- #endif
+
/* if you want to enable running an sftp server (such as the one included with
--
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0003-configure.patch b/poky/meta/recipes-core/dropbear/dropbear/0003-configure.patch
deleted file mode 100644
index 8469a50..0000000
--- a/poky/meta/recipes-core/dropbear/dropbear/0003-configure.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 58dd24a80ca0f400d0761afd9ce2b7f684fc9125 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com>
-Date: Thu, 25 Apr 2013 00:27:25 +0200
-Subject: [PATCH] configure: add a variable to allow openpty check to be cached
-
-Upstream-Status: Submitted [ https://github.com/mkj/dropbear/pull/48 ]
-
-Signed-off-by: Dengke Du <dengke.du@windriver.com>
----
- configure.ac | 11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 893b904..245408d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -177,15 +177,20 @@ AC_ARG_ENABLE(openpty,
- AC_MSG_NOTICE(Not using openpty)
- else
- AC_MSG_NOTICE(Using openpty if available)
-- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
-+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
- fi
- ],
- [
- AC_MSG_NOTICE(Using openpty if available)
-- AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY)])
-+ AC_SEARCH_LIBS(openpty, util, [dropbear_cv_func_have_openpty=yes])
- ]
- )
--
-+
-+if test "x$dropbear_cv_func_have_openpty" = "xyes"; then
-+ AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)
-+ no_ptc_check=yes
-+ no_ptmx_check=yes
-+fi
-
- AC_ARG_ENABLE(syslog,
- [ --disable-syslog Don't include syslog support],
---
-2.8.1
-
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch b/poky/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch
deleted file mode 100644
index 60c6a29..0000000
--- a/poky/meta/recipes-core/dropbear/dropbear/0004-fix-2kb-keys.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Subject: [PATCH 4/6] fix 2kb keys
-
-Upstream-Status: Inappropriate [configuration]
----
- kex.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: dropbear-2017.75/kex.h
-===================================================================
---- dropbear-2017.75.orig/kex.h
-+++ dropbear-2017.75/kex.h
-@@ -106,6 +106,6 @@ int curve25519_donna(unsigned char *out,
- #endif
-
-
--#define MAX_KEXHASHBUF 2000
-+#define MAX_KEXHASHBUF 3000
-
- #endif /* DROPBEAR_KEX_H_ */
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch b/poky/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
index 539cb12..8576815 100644
--- a/poky/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
+++ b/poky/meta/recipes-core/dropbear/dropbear/0005-dropbear-enable-pam.patch
@@ -3,7 +3,7 @@
Date: Wed, 2 Dec 2015 11:36:02 +0200
Subject: Enable pam
-We need modify file option.h besides enabling pam in
+We need modify file default_options.h besides enabling pam in
configure if we want dropbear to support pam.
Upstream-Status: Pending
@@ -11,26 +11,32 @@
Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
---
- options.h | 4 ++--
+ default_options.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/options.h b/options.h
-index 94261f6..90bfe2f 100644
---- a/options.h
-+++ b/options.h
-@@ -208,10 +208,10 @@ If you test it please contact the Dropbear author */
+diff --git a/default_options.h b/default_options.h
+index 3b75eb8..8617cd0 100644
+--- a/default_options.h
++++ b/default_options.h
+@@ -179,7 +179,7 @@ group1 in Dropbear server too */
- /* This requires crypt() */
- #ifdef HAVE_CRYPT
--#define ENABLE_SVR_PASSWORD_AUTH
-+/*#define ENABLE_SVR_PASSWORD_AUTH*/
- #endif
- /* PAM requires ./configure --enable-pam */
--/*#define ENABLE_SVR_PAM_AUTH */
-+#define ENABLE_SVR_PAM_AUTH
- #define ENABLE_SVR_PUBKEY_AUTH
+ /* Authentication Types - at least one required.
+ RFC Draft requires pubkey auth, and recommends password */
+-#define DROPBEAR_SVR_PASSWORD_AUTH 1
++#define DROPBEAR_SVR_PASSWORD_AUTH 0
- /* Whether to take public key options in
+ /* Note: PAM auth is quite simple and only works for PAM modules which just do
+ * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c).
+@@ -187,7 +187,7 @@ group1 in Dropbear server too */
+ * but there's an interface via a PAM module. It won't work for more complex
+ * PAM challenge/response.
+ * You can't enable both PASSWORD and PAM. */
+-#define DROPBEAR_SVR_PAM_AUTH 0
++#define DROPBEAR_SVR_PAM_AUTH 1
+
+ /* ~/.ssh/authorized_keys authentication */
+ #define DROPBEAR_SVR_PUBKEY_AUTH 1
+
--
2.1.4
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch b/poky/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
index fa4c8d0..deed78f 100644
--- a/poky/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
+++ b/poky/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch
@@ -1,4 +1,7 @@
-Subject: [PATCH 6/6] dropbear configuration file
+From e3a5db1b6d3f6382a15b2266458c26c645a10f18 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <Mingli.Yu@windriver.com>
+Date: Thu, 6 Sep 2018 15:54:00 +0800
+Subject: [PATCH] dropbear configuration file
dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \
to "/etc/pam.d/dropbear for dropbear when enabling pam supporting"
@@ -7,12 +10,17 @@
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
---
-diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c
---- dropbear-2013.60-orig/svr-authpam.c 2013-10-16 16:34:53.000000000 +0200
-+++ dropbear-2013.60/svr-authpam.c 2013-10-21 17:04:04.969416055 +0200
-@@ -211,7 +211,7 @@
- userData.passwd = password;
+ svr-authpam.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/svr-authpam.c b/svr-authpam.c
+index d201bc9..165ec5c 100644
+--- a/svr-authpam.c
++++ b/svr-authpam.c
+@@ -223,7 +223,7 @@ void svr_auth_pam(int valid_user) {
+ }
/* Init pam */
- if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
@@ -20,3 +28,6 @@
dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
rc, pam_strerror(pamHandlep, rc));
goto cleanup;
+--
+2.7.4
+
diff --git a/poky/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch b/poky/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch
deleted file mode 100644
index 60b302b..0000000
--- a/poky/meta/recipes-core/dropbear/dropbear/0007-dropbear-fix-for-x32-abi.patch
+++ /dev/null
@@ -1,140 +0,0 @@
-Upstream-Status: Pending
-
-The dropbearkey utility built in x32 abi format, when generating ssh
-keys, was getting lost in the infinite loop.
-
-This patch fixes the issue by fixing types of variables and
-parameters of functions used in the code, which were getting
-undesired size, when compiled with the x32 abi toolchain.
-
-2013/05/23
-Received this fix from H J Lu.
-
-Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
-
-# HG changeset patch
-# User H.J. Lu <hjl.tools@gmail.com>
-# Date 1369344079 25200
-# Node ID a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
-# Parent e76614145aea67f66e4a4257685c771efba21aa1
-Typdef mp_digit to unsigned long long for MP_64BIT
-
-When GCC is used with MP_64BIT, we should typedef mp_digit to unsigned
-long long instead of unsigned long since for x32, unsigned long is
-32-bit and unsigned long long is 64-bit and it is safe to use unsigned
-long long for 64-bit integer with GCC.
-
-diff -r e76614145aea -r a10a1c46b857 libtommath/tommath.h
---- a/libtommath/tommath.h Thu Apr 18 22:57:47 2013 +0800
-+++ b/libtommath/tommath.h Thu May 23 14:21:19 2013 -0700
-@@ -73,7 +73,7 @@
- typedef signed long long long64;
- #endif
-
-- typedef unsigned long mp_digit;
-+ typedef unsigned long long mp_digit;
- typedef unsigned long mp_word __attribute__ ((mode(TI)));
-
- #define DIGIT_BIT 60
-# HG changeset patch
-# User H.J. Lu <hjl.tools@gmail.com>
-# Date 1369344241 25200
-# Node ID c7555a4cb7ded3a88409ba85f4027baa7af5f536
-# Parent a10a1c46b857cc8a3923c3bb6d1504aa25b6052f
-Cast to mp_digit when updating *rho
-
-There is
-
-int
-mp_montgomery_setup (mp_int * n, mp_digit * rho)
-
-We should cast to mp_digit instead of unsigned long when updating
-*rho since mp_digit may be unsigned long long and unsigned long long
-may be different from unsigned long, like in x32.
-
-diff -r a10a1c46b857 -r c7555a4cb7de libtommath/bn_mp_montgomery_setup.c
---- a/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:21:19 2013 -0700
-+++ b/libtommath/bn_mp_montgomery_setup.c Thu May 23 14:24:01 2013 -0700
-@@ -48,7 +48,7 @@
- #endif
-
- /* rho = -1/m mod b */
-- *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
-+ *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK;
-
- return MP_OKAY;
- }
-# HG changeset patch
-# User H.J. Lu <hjl.tools@gmail.com>
-# Date 1369344541 25200
-# Node ID 7c656e7071a6412688b2f30a529a9afac6c7bf5a
-# Parent c7555a4cb7ded3a88409ba85f4027baa7af5f536
-Define LTC_FAST_TYPE to unsigned long long for __x86_64__
-
-We should define LTC_FAST_TYPE to unsigned long long instead of unsigned
-long if __x86_64__ to support x32 where unsigned long long is 64-bit
-and unsigned long is 32-bit.
-
-diff -r c7555a4cb7de -r 7c656e7071a6 libtomcrypt/src/headers/tomcrypt_cfg.h
---- a/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:24:01 2013 -0700
-+++ b/libtomcrypt/src/headers/tomcrypt_cfg.h Thu May 23 14:29:01 2013 -0700
-@@ -74,7 +74,7 @@
- #define ENDIAN_LITTLE
- #define ENDIAN_64BITWORD
- #define LTC_FAST
-- #define LTC_FAST_TYPE unsigned long
-+ #define LTC_FAST_TYPE unsigned long long
- #endif
-
- /* detect PPC32 */
-# HG changeset patch
-# User H.J. Lu <hjl.tools@gmail.com>
-# Date 1369344730 25200
-# Node ID a7d4690158fae4ede2c4e5b56233e83730bf38ee
-# Parent 7c656e7071a6412688b2f30a529a9afac6c7bf5a
-Use unsigned long long aas unsigned 64-bit integer for x86-64 GCC
-
-We should use unsigned long long instead of unsigned long as unsigned
-64-bit integer for x86-64 GCC to support x32 where unsigned long is
-32-bit.
-
-diff -r 7c656e7071a6 -r a7d4690158fa libtomcrypt/src/headers/tomcrypt_macros.h
---- a/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:29:01 2013 -0700
-+++ b/libtomcrypt/src/headers/tomcrypt_macros.h Thu May 23 14:32:10 2013 -0700
-@@ -343,7 +343,7 @@
- /* 64-bit Rotates */
- #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
-
--static inline unsigned long ROL64(unsigned long word, int i)
-+static inline unsigned long long ROL64(unsigned long long word, int i)
- {
- asm("rolq %%cl,%0"
- :"=r" (word)
-@@ -351,7 +351,7 @@
- return word;
- }
-
--static inline unsigned long ROR64(unsigned long word, int i)
-+static inline unsigned long long ROR64(unsigned long long word, int i)
- {
- asm("rorq %%cl,%0"
- :"=r" (word)
-@@ -361,7 +361,7 @@
-
- #ifndef LTC_NO_ROLC
-
--static inline unsigned long ROL64c(unsigned long word, const int i)
-+static inline unsigned long long ROL64c(unsigned long long word, const int i)
- {
- asm("rolq %2,%0"
- :"=r" (word)
-@@ -369,7 +369,7 @@
- return word;
- }
-
--static inline unsigned long ROR64c(unsigned long word, const int i)
-+static inline unsigned long long ROR64c(unsigned long long word, const int i)
- {
- asm("rorq %2,%0"
- :"=r" (word)
-
diff --git a/poky/meta/recipes-core/dropbear/dropbear/CVE-2018-15599.patch b/poky/meta/recipes-core/dropbear/dropbear/CVE-2018-15599.patch
new file mode 100644
index 0000000..912545c
--- /dev/null
+++ b/poky/meta/recipes-core/dropbear/dropbear/CVE-2018-15599.patch
@@ -0,0 +1,236 @@
+From 256e2abb8150f9fea33cd026597dbe70f0379296 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Thu, 23 Aug 2018 23:43:12 +0800
+Subject: [PATCH] Wait to fail invalid usernames
+
+Wait to fail invalid usernames
+
+Upstream-Status: Backport [https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00]
+CVE: CVE-2018-15599
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+---
+ auth.h | 6 +++---
+ svr-auth.c | 19 +++++--------------
+ svr-authpam.c | 26 ++++++++++++++++++++++----
+ svr-authpasswd.c | 27 ++++++++++++++-------------
+ svr-authpubkey.c | 11 ++++++++++-
+ 5 files changed, 54 insertions(+), 35 deletions(-)
+
+diff --git a/auth.h b/auth.h
+index da498f5..98f5468 100644
+--- a/auth.h
++++ b/auth.h
+@@ -37,9 +37,9 @@ void recv_msg_userauth_request(void);
+ void send_msg_userauth_failure(int partial, int incrfail);
+ void send_msg_userauth_success(void);
+ void send_msg_userauth_banner(const buffer *msg);
+-void svr_auth_password(void);
+-void svr_auth_pubkey(void);
+-void svr_auth_pam(void);
++void svr_auth_password(int valid_user);
++void svr_auth_pubkey(int valid_user);
++void svr_auth_pam(int valid_user);
+
+ #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
+ int svr_pubkey_allows_agentfwd(void);
+diff --git a/svr-auth.c b/svr-auth.c
+index 64d97aa..1f364ca 100644
+--- a/svr-auth.c
++++ b/svr-auth.c
+@@ -149,10 +149,8 @@ void recv_msg_userauth_request() {
+ if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ strncmp(methodname, AUTH_METHOD_PASSWORD,
+ AUTH_METHOD_PASSWORD_LEN) == 0) {
+- if (valid_user) {
+- svr_auth_password();
+- goto out;
+- }
++ svr_auth_password(valid_user);
++ goto out;
+ }
+ }
+ #endif
+@@ -164,10 +162,8 @@ void recv_msg_userauth_request() {
+ if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ strncmp(methodname, AUTH_METHOD_PASSWORD,
+ AUTH_METHOD_PASSWORD_LEN) == 0) {
+- if (valid_user) {
+- svr_auth_pam();
+- goto out;
+- }
++ svr_auth_pam(valid_user);
++ goto out;
+ }
+ }
+ #endif
+@@ -177,12 +173,7 @@ void recv_msg_userauth_request() {
+ if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
+ strncmp(methodname, AUTH_METHOD_PUBKEY,
+ AUTH_METHOD_PUBKEY_LEN) == 0) {
+- if (valid_user) {
+- svr_auth_pubkey();
+- } else {
+- /* pubkey has no failure delay */
+- send_msg_userauth_failure(0, 0);
+- }
++ svr_auth_pubkey(valid_user);
+ goto out;
+ }
+ #endif
+diff --git a/svr-authpam.c b/svr-authpam.c
+index 05e4f3e..d201bc9 100644
+--- a/svr-authpam.c
++++ b/svr-authpam.c
+@@ -178,13 +178,14 @@ pamConvFunc(int num_msg,
+ * Keyboard interactive would be a lot nicer, but since PAM is synchronous, it
+ * gets very messy trying to send the interactive challenges, and read the
+ * interactive responses, over the network. */
+-void svr_auth_pam() {
++void svr_auth_pam(int valid_user) {
+
+ struct UserDataS userData = {NULL, NULL};
+ struct pam_conv pamConv = {
+ pamConvFunc,
+ &userData /* submitted to pamvConvFunc as appdata_ptr */
+ };
++ const char* printable_user = NULL;
+
+ pam_handle_t* pamHandlep = NULL;
+
+@@ -204,12 +205,23 @@ void svr_auth_pam() {
+
+ password = buf_getstring(ses.payload, &passwordlen);
+
++ /* We run the PAM conversation regardless of whether the username is valid
++ in case the conversation function has an inherent delay.
++ Use ses.authstate.username rather than ses.authstate.pw_name.
++ After PAM succeeds we then check the valid_user flag too */
++
+ /* used to pass data to the PAM conversation function - don't bother with
+ * strdup() etc since these are touched only by our own conversation
+ * function (above) which takes care of it */
+- userData.user = ses.authstate.pw_name;
++ userData.user = ses.authstate.username;
+ userData.passwd = password;
+
++ if (ses.authstate.pw_name) {
++ printable_user = ses.authstate.pw_name;
++ } else {
++ printable_user = "<invalid username>";
++ }
++
+ /* Init pam */
+ if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+ dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
+@@ -242,7 +254,7 @@ void svr_auth_pam() {
+ rc, pam_strerror(pamHandlep, rc));
+ dropbear_log(LOG_WARNING,
+ "Bad PAM password attempt for '%s' from %s",
+- ses.authstate.pw_name,
++ printable_user,
+ svr_ses.addrstring);
+ send_msg_userauth_failure(0, 1);
+ goto cleanup;
+@@ -253,12 +265,18 @@ void svr_auth_pam() {
+ rc, pam_strerror(pamHandlep, rc));
+ dropbear_log(LOG_WARNING,
+ "Bad PAM password attempt for '%s' from %s",
+- ses.authstate.pw_name,
++ printable_user,
+ svr_ses.addrstring);
+ send_msg_userauth_failure(0, 1);
+ goto cleanup;
+ }
+
++ if (!valid_user) {
++ /* PAM auth succeeded but the username isn't allowed in for another reason
++ (checkusername() failed) */
++ send_msg_userauth_failure(0, 1);
++ }
++
+ /* successful authentication */
+ dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
+ ses.authstate.pw_name,
+diff --git a/svr-authpasswd.c b/svr-authpasswd.c
+index bdee2aa..69c7d8a 100644
+--- a/svr-authpasswd.c
++++ b/svr-authpasswd.c
+@@ -48,22 +48,14 @@ static int constant_time_strcmp(const char* a, const char* b) {
+
+ /* Process a password auth request, sending success or failure messages as
+ * appropriate */
+-void svr_auth_password() {
++void svr_auth_password(int valid_user) {
+
+ char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
+ char * testcrypt = NULL; /* crypt generated from the user's password sent */
+- char * password;
++ char * password = NULL;
+ unsigned int passwordlen;
+-
+ unsigned int changepw;
+
+- passwdcrypt = ses.authstate.pw_passwd;
+-
+-#ifdef DEBUG_HACKCRYPT
+- /* debugging crypt for non-root testing with shadows */
+- passwdcrypt = DEBUG_HACKCRYPT;
+-#endif
+-
+ /* check if client wants to change password */
+ changepw = buf_getbool(ses.payload);
+ if (changepw) {
+@@ -73,12 +65,21 @@ void svr_auth_password() {
+ }
+
+ password = buf_getstring(ses.payload, &passwordlen);
+-
+- /* the first bytes of passwdcrypt are the salt */
+- testcrypt = crypt(password, passwdcrypt);
++ if (valid_user) {
++ /* the first bytes of passwdcrypt are the salt */
++ passwdcrypt = ses.authstate.pw_passwd;
++ testcrypt = crypt(password, passwdcrypt);
++ }
+ m_burn(password, passwordlen);
+ m_free(password);
+
++ /* After we have got the payload contents we can exit if the username
++ is invalid. Invalid users have already been logged. */
++ if (!valid_user) {
++ send_msg_userauth_failure(0, 1);
++ return;
++ }
++
+ if (testcrypt == NULL) {
+ /* crypt() with an invalid salt like "!!" */
+ dropbear_log(LOG_WARNING, "User account '%s' is locked",
+diff --git a/svr-authpubkey.c b/svr-authpubkey.c
+index aa6087c..ff481c8 100644
+--- a/svr-authpubkey.c
++++ b/svr-authpubkey.c
+@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
+
+ /* process a pubkey auth request, sending success or failure message as
+ * appropriate */
+-void svr_auth_pubkey() {
++void svr_auth_pubkey(int valid_user) {
+
+ unsigned char testkey; /* whether we're just checking if a key is usable */
+ char* algo = NULL; /* pubkey algo */
+@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
+ keybloblen = buf_getint(ses.payload);
+ keyblob = buf_getptr(ses.payload, keybloblen);
+
++ if (!valid_user) {
++ /* Return failure once we have read the contents of the packet
++ required to validate a public key.
++ Avoids blind user enumeration though it isn't possible to prevent
++ testing for user existence if the public key is known */
++ send_msg_userauth_failure(0, 0);
++ goto out;
++ }
++
+ /* check if the key is valid */
+ if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
+ send_msg_userauth_failure(0, 0);
diff --git a/poky/meta/recipes-core/dropbear/dropbear/dropbear.default b/poky/meta/recipes-core/dropbear/dropbear/dropbear.default
new file mode 100644
index 0000000..522453a
--- /dev/null
+++ b/poky/meta/recipes-core/dropbear/dropbear/dropbear.default
@@ -0,0 +1,2 @@
+# Disallow root logins by default
+DROPBEAR_EXTRA_ARGS="-w"
diff --git a/poky/meta/recipes-core/dropbear/dropbear/fix-libtomcrypt-libtommath-ordering.patch b/poky/meta/recipes-core/dropbear/dropbear/fix-libtomcrypt-libtommath-ordering.patch
deleted file mode 100644
index 2b05e18..0000000
--- a/poky/meta/recipes-core/dropbear/dropbear/fix-libtomcrypt-libtommath-ordering.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From f37fa9a41f248fa41dd74a41c66cb41a291c03d2 Mon Sep 17 00:00:00 2001
-From: Andre McCurdy <armccurdy@gmail.com>
-Date: Fri, 16 Sep 2016 12:18:23 -0700
-Subject: [PATCH] fix libtomcrypt/libtommath ordering
-
-To prevent build failures when using system libtom libraries and
-linking with --as-needed, LIBTOM_LIBS should be in the order
--ltomcrypt -ltommath, not the other way around, ie libs should be
-prepended to LIBTOM_LIBS as they are found, not appended.
-
-Note that LIBTOM_LIBS is not used when linking with the bundled
-libtom libs.
-
-Upstream-Status: Backport [ https://github.com/mkj/dropbear/commit/f9e6bc2aecab0f4b5b529e07a92cc63c8a66cd4b ]
-
-Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
-Signed-off-by: Dengke Du <dengke.du@windriver.com>
----
- configure.ac | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 245408d..d624853 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -393,16 +393,16 @@ AC_ARG_ENABLE(bundled-libtom,
- AC_MSG_NOTICE(Forcing bundled libtom*)
- else
- BUNDLED_LIBTOM=0
-- AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="$LIBTOM_LIBS -ltommath",
-+ AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="-ltommath $LIBTOM_LIBS",
- [AC_MSG_ERROR([Missing system libtommath and --disable-bundled-libtom was specified])] )
-- AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="$LIBTOM_LIBS -ltomcrypt",
-+ AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="-ltomcrypt $LIBTOM_LIBS",
- [AC_MSG_ERROR([Missing system libtomcrypt and --disable-bundled-libtom was specified])] )
- fi
- ],
- [
- BUNDLED_LIBTOM=0
-- AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="$LIBTOM_LIBS -ltommath", BUNDLED_LIBTOM=1)
-- AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="$LIBTOM_LIBS -ltomcrypt", BUNDLED_LIBTOM=1)
-+ AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="-ltommath $LIBTOM_LIBS", BUNDLED_LIBTOM=1)
-+ AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="-ltomcrypt $LIBTOM_LIBS", BUNDLED_LIBTOM=1)
- ]
- )
-
---
-2.8.1
-
diff --git a/poky/meta/recipes-core/dropbear/dropbear_2017.75.bb b/poky/meta/recipes-core/dropbear/dropbear_2017.75.bb
deleted file mode 100644
index cfb0d19..0000000
--- a/poky/meta/recipes-core/dropbear/dropbear_2017.75.bb
+++ /dev/null
@@ -1,5 +0,0 @@
-require dropbear.inc
-
-SRC_URI[md5sum] = "e57e9b9d25705dcb073ba15c416424fd"
-SRC_URI[sha256sum] = "6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c"
-
diff --git a/poky/meta/recipes-core/dropbear/dropbear_2018.76.bb b/poky/meta/recipes-core/dropbear/dropbear_2018.76.bb
new file mode 100644
index 0000000..36a58d5
--- /dev/null
+++ b/poky/meta/recipes-core/dropbear/dropbear_2018.76.bb
@@ -0,0 +1,5 @@
+require dropbear.inc
+
+SRC_URI[md5sum] = "c3912f7fcdcc57c99937e4a79480d2c2"
+SRC_URI[sha256sum] = "f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65"
+