Since 2017 libssh supports to be compiled against libmbedtls instead of
libopessl, OpenWrt ships mbedtls by default, while depending on OpenSSL
increase image size by almost 1.5MB unnecessarily.
Signed-off-by: Gioacchino Mazzurco <gio@eigenlab.org>
See commit 5c545bdb "treewide: replace PKG_USE_MIPS16:=0 with
PKG_BUILD_FLAGS:=no-mips16" on the main repository.
Signed-off-by: Andre Heider <a.heider@gmail.com>
faster to compile.
A small selection of packages was tested going from:
Executed in 696.30 secs fish external
usr time 82.98 mins 395.00 micros 82.98 mins
sys time 9.02 mins 0.00 micros 9.02 mins
to:
Executed in 592.20 secs fish external
usr time 84.84 mins 361.00 micros 84.84 mins
sys time 8.85 mins 57.00 micros 8.85 mins
Tested by running make -j 12 and wiping staging/build_dir/target_x
Signed-off-by: Rosen Penev <rosenp@gmail.com>
That is endianness check is provided as option, SSP and other
flags are enabled by openwrt global flags to fix issues in unsupported
systems, and unused flags were removed.
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
This updates the library to address several CVEs, add modern
crypto, and eliminate legacy patches.
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Bump from 0.7.5 to 0.7.6. Upstream changelog:
Fixed CVE-2018-10933
Added support for OpenSSL 1.1
Added SHA256 support for ssh_get_publickey_hash()
Fixed config parsing
Fixed random memory corruption when importing pubkeys
Backported upstream patches since 0.7.6 to fix interactive
authentication issues amongst other things:
9d5cf209 libcrypto: Fix memory leak in evp_final()
10397321 gssapi: Set correct state after sending GSSAPI_RESPONSE (select mechanism OID)
7ad80ba1 server: Fix compile error
acb0e4f4 examples: Explicitly track auth state in samplesshd-kbdint
3fe7510b messages: Check that the requested service is 'ssh-connection'
734e3ce6 server: Set correct state after sending INFO_REQUEST (Kbd Interactive)
e4c6d591 packet: Add missing break in ssh_packet_incoming_filter()
f81ca616 misc: Add strndup implementation if not provides by the OS
Refresh patches.
Remove local backport for OpenSSL 1.1 support as is now in release
Remove PKG_INSTALL & CMAKE vars that are defaulted anyway
Add PKG_CPE_ID:=cpe:/a:libssh:libssh for CVE tracking
Remove BROKEN tag as is no longer broken
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
The only known user of this library is currently unable to get their
application to work with with the fixed 0.7.6 release of this library.
To prevent accidental use by unknown parties of a flawed library, mark
it as BROKEN.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Standard assignment is immediate expansion without any extraneous spacing, RFC822 compliant email addresses and consistent section assignments
Signed-off-by: Stephen Walker <stephendwalker+github@gmail.com>
Felix Fietkau