package/network/services/dropbear/patches/001-add-if-DROPBEAR_RSA-guards.patch

   1 From 36a03132634a17c667c0fac0a8e1519b3d1b71c6 Mon Sep 17 00:00:00 2001
   2 From: Matt Johnston <matt@ucc.asn.au>
   3 Date: Mon, 28 Nov 2022 21:12:23 +0800
   4 Subject: Add #if DROPBEAR_RSA guards
   5
   6 Fixes building with DROPBEAR_RSA disabled.
   7 Closes #197
   8 ---
   9  signkey.c    | 8 +++++++-
  10  signkey.h    | 2 ++
  11  sysoptions.h | 5 +----
  12  3 files changed, 10 insertions(+), 5 deletions(-)
  13
  14 --- a/signkey.c
  15 +++ b/signkey.c
  16 @@ -120,6 +120,7 @@ enum signkey_type signkey_type_from_name
  17  /* Special case for rsa-sha2-256. This could be generalised if more
  18     signature names are added that aren't 1-1 with public key names */
  19  const char* signature_name_from_type(enum signature_type type, unsigned int *namelen) {
  20 +#if DROPBEAR_RSA
  21  #if DROPBEAR_RSA_SHA256
  22         if (type == DROPBEAR_SIGNATURE_RSA_SHA256) {
  23                 if (namelen) {
  24 @@ -136,11 +137,13 @@ const char* signature_name_from_type(enu
  25                 return SSH_SIGNKEY_RSA;
  26         }
  27  #endif
  28 +#endif /* DROPBEAR_RSA */
  29         return signkey_name_from_type((enum signkey_type)type, namelen);
  30  }
  31
  32  /* Returns DROPBEAR_SIGNATURE_NONE if none match */
  33  enum signature_type signature_type_from_name(const char* name, unsigned int namelen) {
  34 +#if DROPBEAR_RSA
  35  #if DROPBEAR_RSA_SHA256
  36         if (namelen == strlen(SSH_SIGNATURE_RSA_SHA256)
  37                 && memcmp(name, SSH_SIGNATURE_RSA_SHA256, namelen) == 0) {
  38 @@ -153,10 +156,11 @@ enum signature_type signature_type_from_
  39                 return DROPBEAR_SIGNATURE_RSA_SHA1;
  40         }
  41  #endif
  42 +#endif /* DROPBEAR_RSA */
  43         return (enum signature_type)signkey_type_from_name(name, namelen);
  44  }
  45
  46 -/* Returns the signature type from a key type. Must not be called
  47 +/* Returns the signature type from a key type. Must not be called
  48     with RSA keytype */
  49  enum signature_type signature_type_from_signkey(enum signkey_type keytype) {
  50  #if DROPBEAR_RSA
  51 @@ -167,6 +171,7 @@ enum signature_type signature_type_from_
  52  }
  53
  54  enum signkey_type signkey_type_from_signature(enum signature_type sigtype) {
  55 +#if DROPBEAR_RSA
  56  #if DROPBEAR_RSA_SHA256
  57         if (sigtype == DROPBEAR_SIGNATURE_RSA_SHA256) {
  58                 return DROPBEAR_SIGNKEY_RSA;
  59 @@ -177,6 +182,7 @@ enum signkey_type signkey_type_from_sign
  60                 return DROPBEAR_SIGNKEY_RSA;
  61         }
  62  #endif
  63 +#endif /* DROPBEAR_RSA */
  64         assert((int)sigtype < (int)DROPBEAR_SIGNKEY_NUM_NAMED);
  65         return (enum signkey_type)sigtype;
  66  }
  67 --- a/signkey.h
  68 +++ b/signkey.h
  69 @@ -79,12 +79,14 @@ enum signature_type {
  70         DROPBEAR_SIGNATURE_SK_ED25519 = DROPBEAR_SIGNKEY_SK_ED25519,
  71  #endif
  72  #endif
  73 +#if DROPBEAR_RSA
  74  #if DROPBEAR_RSA_SHA1
  75         DROPBEAR_SIGNATURE_RSA_SHA1 = 100, /* ssh-rsa signature (sha1) */
  76  #endif
  77  #if DROPBEAR_RSA_SHA256
  78         DROPBEAR_SIGNATURE_RSA_SHA256 = 101, /* rsa-sha2-256 signature. has a ssh-rsa key */
  79  #endif
  80 +#endif /* DROPBEAR_RSA */
  81         DROPBEAR_SIGNATURE_NONE = DROPBEAR_SIGNKEY_NONE,
  82  };
  83
  84 --- a/sysoptions.h
  85 +++ b/sysoptions.h
  86 @@ -137,7 +137,7 @@
  87
  88  /* Debian doesn't define this in system headers */
  89  #if !defined(LTM_DESC) && (DROPBEAR_ECC)
  90 -#define LTM_DESC
  91 +#define LTM_DESC
  92  #endif
  93
  94  #define DROPBEAR_ECC_256 (DROPBEAR_ECC)
  95 @@ -151,9 +151,6 @@
  96   * signing operations slightly slower. */
  97  #define DROPBEAR_RSA_BLINDING 1
  98
  99 -#ifndef DROPBEAR_RSA_SHA1
 100 -#define DROPBEAR_RSA_SHA1 DROPBEAR_RSA
 101 -#endif
 102  #ifndef DROPBEAR_RSA_SHA256
 103  #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA
 104  #endif