aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--core/busybox/checksums7
-rw-r--r--core/busybox/files/.config6
-rw-r--r--core/busybox/files/.config-suid6
-rw-r--r--core/busybox/patches/libressl.patch44
-rw-r--r--core/busybox/sources3
-rwxr-xr-xcore/curl/build5
-rw-r--r--core/curl/depends3
-rw-r--r--core/curl/version2
-rwxr-xr-xcore/libressl/build (renamed from extra/libressl/build)0
-rw-r--r--core/libressl/checksums (renamed from extra/libressl/checksums)0
-rwxr-xr-xcore/libressl/files/update-certdata.sh (renamed from extra/libressl/files/update-certdata.sh)0
-rwxr-xr-xcore/libressl/post-install (renamed from extra/libressl/post-install)0
-rw-r--r--core/libressl/sources (renamed from extra/libressl/sources)0
-rwxr-xr-xcore/libressl/test (renamed from extra/libressl/test)0
-rw-r--r--core/libressl/version (renamed from extra/libressl/version)0
-rwxr-xr-xextra/openssh/build3
-rw-r--r--extra/openssh/checksums2
-rw-r--r--extra/openssh/depends3
-rw-r--r--extra/openssh/sources2
19 files changed, 60 insertions, 26 deletions
diff --git a/core/busybox/checksums b/core/busybox/checksums
index 76d0f4b0..91dd1880 100644
--- a/core/busybox/checksums
+++ b/core/busybox/checksums
@@ -1,6 +1,6 @@
-5416643ac976310a864b1c1ff5a683508258c38441c19912980cd651bcdb45ea busybox-1.33.0.tar.gz
-03f4244bffd116f621659bde52d9454a49160e61cc61e9db024186da80c06e13 .config
-93e5b0c5395bcc695a578f1e7d30ba65434c77ee856343b2124d35a0ef66148b .config-suid
+d568681c91a85edc6710770cebc1e80e042ad74d305b5c2e6d57a5f3de3b8fbd busybox-1.33.0.tar.bz2
+4b6e42049ce4cf78b109741917aa5f44b9daf8ada37860cdc8af6b21a59faf2c .config
+4e6932d1b5fd50758b7c1d94783897782d8f04fefa4daa8245a9252600f6cb8c .config-suid
ebd61afac770d3d9cae5c411f44002496fb18b28cf7b77520072a3909852246e acpid.run
814dea14ac612125e97dcc1d619219b2c9dfc14850bf48d858421fb2c98eca12 crond.run
c8b3502bf493336542247683f8d291753130141e5b20ecfda7077936751e83a7 inittab
@@ -15,3 +15,4 @@ e31be17d2e058c0bde645f12b38dd6d5a22f8751204304a2df994fc7e523ae9c modprobe-kerne
09c2f601fec4e5c10664c22f787dafb9424efe219bf826727c356da90dfd60d5 adduser-no-setgid.patch
f0e17fefc0af6b10205d72b242b6ef7481a58ff07726c62890ebc5893b96a396 install-fix-chown.patch
68e0c7d5e96902d3b890e89d9b018ae11d53ed3104bfedd624a1485df58b11cb print-unicode.patch
+6d50ac2d96fcdbf140cd70c48bc4b661c94d634189e6ae08ecacfc7d91f6efe8 libressl.patch
diff --git a/core/busybox/files/.config b/core/busybox/files/.config
index 27045dc1..ecf6c334 100644
--- a/core/busybox/files/.config
+++ b/core/busybox/files/.config
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Busybox version: 1.33.0
-# Thu Feb 18 03:12:21 2021
+# Fri Jan 1 16:14:15 2021
#
CONFIG_HAVE_DOT_CONFIG=y
@@ -979,9 +979,7 @@ CONFIG_FEATURE_WGET_STATUSBAR=y
CONFIG_FEATURE_WGET_AUTHENTICATION=y
CONFIG_FEATURE_WGET_TIMEOUT=y
CONFIG_FEATURE_WGET_HTTPS=y
-CONFIG_FEATURE_WGET_BEARSSL=y
-CONFIG_WGET_BEARSSL_CA_CERTIFICATE=y
-CONFIG_WGET_BEARSSL_CA_CERTIFICATE_FILE="/etc/certificates/cert.pem"
+CONFIG_FEATURE_WGET_OPENSSL=y
CONFIG_WHOIS=y
# CONFIG_ZCIP is not set
# CONFIG_UDHCPD is not set
diff --git a/core/busybox/files/.config-suid b/core/busybox/files/.config-suid
index 93a9d8fe..b4e6730a 100644
--- a/core/busybox/files/.config-suid
+++ b/core/busybox/files/.config-suid
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Busybox version: 1.33.0
-# Thu Feb 18 03:15:02 2021
+# Fri Jan 1 16:17:16 2021
#
CONFIG_HAVE_DOT_CONFIG=y
@@ -955,9 +955,7 @@ CONFIG_FEATURE_FANCY_PING=y
# CONFIG_FEATURE_WGET_AUTHENTICATION is not set
# CONFIG_FEATURE_WGET_TIMEOUT is not set
# CONFIG_FEATURE_WGET_HTTPS is not set
-# CONFIG_FEATURE_WGET_BEARSSL is not set
-# CONFIG_WGET_BEARSSL_CA_CERTIFICATE is not set
-CONFIG_WGET_BEARSSL_CA_CERTIFICATE_FILE=""
+# CONFIG_FEATURE_WGET_OPENSSL is not set
# CONFIG_WHOIS is not set
# CONFIG_ZCIP is not set
# CONFIG_UDHCPD is not set
diff --git a/core/busybox/patches/libressl.patch b/core/busybox/patches/libressl.patch
new file mode 100644
index 00000000..ac132332
--- /dev/null
+++ b/core/busybox/patches/libressl.patch
@@ -0,0 +1,44 @@
+busybox wget calls OpenSSL-specific options for higher security. It IS a
+bummer that libressl does not support these, but we are patching busybox for
+the time being.
+--- busybox/networking/wget.c.orig 2021-03-18 17:26:14.456704013 +0300
++++ busybox/networking/wget.c 2021-03-18 17:26:18.400719891 +0300
+@@ -670,8 +670,7 @@
+ pid = xvfork();
+ if (pid == 0) {
+ /* Child */
+- char *argv[13];
+- char **argp;
++ char *argv[9];
+
+ close(sp[0]);
+ xmove_fd(sp[1], 0);
+@@ -694,25 +693,13 @@
+ * TLS server_name (SNI) field are FQDNs (DNS hostnames).
+ * IPv4 and IPv6 addresses, port numbers are not allowed.
+ */
+- argp = &argv[5];
+ if (!is_ip_address(servername)) {
+- *argp++ = (char*)"-servername"; //[5]
+- *argp++ = (char*)servername; //[6]
++ argv[5] = (char*)"-servername";
++ argv[6] = (char*)servername;
+ }
+ if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
+- /* Abort on bad server certificate */
+- *argp++ = (char*)"-verify"; //[7]
+- *argp++ = (char*)"100"; //[8]
+- *argp++ = (char*)"-verify_return_error"; //[9]
+- if (!is_ip_address(servername)) {
+- *argp++ = (char*)"-verify_hostname"; //[10]
+- *argp++ = (char*)servername; //[11]
+- } else {
+- *argp++ = (char*)"-verify_ip"; //[10]
+- *argp++ = (char*)host; //[11]
+- }
++ argv[7] = (char*)"-verify_return_error";
+ }
+- //[12] (or earlier) is NULL terminator
+
+ BB_EXECVP(argv[0], argv);
+ xmove_fd(3, 2);
diff --git a/core/busybox/sources b/core/busybox/sources
index 8ea60f3c..7d7cd5e0 100644
--- a/core/busybox/sources
+++ b/core/busybox/sources
@@ -1,4 +1,4 @@
-https://git.carbslinux.org/forks/busybox/snapshot/busybox-1.33.0.tar.gz
+https://busybox.net/downloads/busybox-1.33.0.tar.bz2
files/.config
files/.config-suid
files/acpid.run
@@ -15,3 +15,4 @@ patches/modprobe-kernel-version.patch
patches/adduser-no-setgid.patch
patches/install-fix-chown.patch
patches/print-unicode.patch
+patches/libressl.patch
diff --git a/core/curl/build b/core/curl/build
index f27b1522..4e2b82ac 100755
--- a/core/curl/build
+++ b/core/curl/build
@@ -15,10 +15,7 @@
--without-icu \
--without-libpsl \
--without-zstd \
- --with-pic \
- --with-bearssl \
- --with-ca-bundle=/etc/certificates/cert.pem \
- --without-ssl
+ --with-pic
make curl_LDFLAGS=-all-static
make DESTDIR="$1" install
diff --git a/core/curl/depends b/core/curl/depends
index cf6ff53d..9ee911ae 100644
--- a/core/curl/depends
+++ b/core/curl/depends
@@ -1,3 +1,2 @@
-bearssl
-ca-certificates
+libressl
zlib
diff --git a/core/curl/version b/core/curl/version
index 31f8225b..6544806a 100644
--- a/core/curl/version
+++ b/core/curl/version
@@ -1 +1 @@
-7.75.0 1
+7.75.0 2
diff --git a/extra/libressl/build b/core/libressl/build
index 86ade623..86ade623 100755
--- a/extra/libressl/build
+++ b/core/libressl/build
diff --git a/extra/libressl/checksums b/core/libressl/checksums
index 36db443b..36db443b 100644
--- a/extra/libressl/checksums
+++ b/core/libressl/checksums
diff --git a/extra/libressl/files/update-certdata.sh b/core/libressl/files/update-certdata.sh
index 611f944d..611f944d 100755
--- a/extra/libressl/files/update-certdata.sh
+++ b/core/libressl/files/update-certdata.sh
diff --git a/extra/libressl/post-install b/core/libressl/post-install
index f39088e7..f39088e7 100755
--- a/extra/libressl/post-install
+++ b/core/libressl/post-install
diff --git a/extra/libressl/sources b/core/libressl/sources
index a598bcc5..a598bcc5 100644
--- a/extra/libressl/sources
+++ b/core/libressl/sources
diff --git a/extra/libressl/test b/core/libressl/test
index aabdfc94..aabdfc94 100755
--- a/extra/libressl/test
+++ b/core/libressl/test
diff --git a/extra/libressl/version b/core/libressl/version
index a0fab29c..a0fab29c 100644
--- a/extra/libressl/version
+++ b/core/libressl/version
diff --git a/extra/openssh/build b/extra/openssh/build
index a70f97a3..ff39eaa9 100755
--- a/extra/openssh/build
+++ b/extra/openssh/build
@@ -5,11 +5,8 @@ cpt-list libedit >/dev/null 2>&1 &&
libedit="--with-libedit" && LIBS="$(pkgconf --static --libs libedit)"
export LIBS
-
export LDFLAGS="$LDFLAGS -static"
-autoreconf -fi
-
./configure \
--prefix=/usr \
--sbindir=/usr/bin \
diff --git a/extra/openssh/checksums b/extra/openssh/checksums
index ad30e9ba..cecd0cbf 100644
--- a/extra/openssh/checksums
+++ b/extra/openssh/checksums
@@ -1,2 +1,2 @@
-bdd65f72c33a00fec5c154811c33e7b5a386c9b1aaabec3917b421af28adfc9a c80c7b3.tar.gz
+f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25 openssh-8.5p1.tar.gz
5d32a817344ac444424063d75e49afd95d7eb76d972ef5c5cfad355c8e8b1ff1 sshd.run
diff --git a/extra/openssh/depends b/extra/openssh/depends
index aefce7e1..3788ab13 100644
--- a/extra/openssh/depends
+++ b/extra/openssh/depends
@@ -1,3 +1,2 @@
-autoconf make
-bearssl make
+libressl make
zlib make
diff --git a/extra/openssh/sources b/extra/openssh/sources
index b71f0e4c..b02eef54 100644
--- a/extra/openssh/sources
+++ b/extra/openssh/sources
@@ -1,2 +1,2 @@
-https://github.com/oasislinux/openssh/archive/c80c7b3.tar.gz
+https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.5p1.tar.gz
files/sshd.run