CC: dropbear: split out curve25519 support into a separate config option

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
master
Felix Fietkau 2017-08-31 08:46:10 +02:00 committed by Zoltan HERPAI
parent cb8e4a76ba
commit 3e107d670c
2 changed files with 19 additions and 4 deletions

View File

@ -1,6 +1,15 @@
menu "Configuration"
depends on PACKAGE_dropbear
config DROPBEAR_CURVE25519
bool "Curve25519 support"
default n
help
This enables the following key exchange algorithm:
curve25519-sha256@libssh.org
Increases binary size by about 13 kB uncompressed (MIPS).
config DROPBEAR_ECC
bool "Elliptic curve cryptography (ECC)"
default n
@ -12,7 +21,6 @@ config DROPBEAR_ECC
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256@libssh.org
Public key algorithms:
ecdsa-sha2-nistp256
@ -22,6 +30,6 @@ config DROPBEAR_ECC
Does not generate ECC host keys by default (ECC key exchange will not be used,
only ECC public key auth).
Increases binary size by about 36 kB (MIPS).
Increases binary size by about 23 kB (MIPS).
endmenu

View File

@ -23,7 +23,7 @@ PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC
PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_CURVE25519
include $(INCLUDE_DIR)/package.mk
@ -80,9 +80,16 @@ TARGET_LDFLAGS += -Wl,--gc-sections
define Build/Configure
$(Build/Configure/Default)
awk 'BEGIN { rc = 1 } \
/'DROPBEAR_CURVE25519'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_CURVE25519),,// )#define 'DROPBEAR_CURVE25519'"; rc = 0 } \
{ print } \
END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \
>$(PKG_BUILD_DIR)/options.h.new && \
mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h
# Enforce that all replacements are made, otherwise options.h has changed
# format and this logic is broken.
for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \
for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH; do \
awk 'BEGIN { rc = 1 } \
/'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \
{ print } \