99b681934d
- update dropbear to latest stable 2026.91; for the changes see https://matt.ucc.asn.au/dropbear/CHANGES - cherry-pick upstream patches: - sntrup: Fix 64-bit literals - Increase MAX_HOSTKEYS to 6 - Fix too-low pubkey key query count - automatically refresh patches Fixes: CVE-2019-6111, CVE-2026-35385 Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> Link: https://github.com/openwrt/openwrt/pull/23217 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
24 lines
619 B
Diff
24 lines
619 B
Diff
From a05569c6124006bd9b4823db30e824953c5024de Mon Sep 17 00:00:00 2001
|
|
From: Matt Johnston <matt@ucc.asn.au>
|
|
Date: Wed, 13 May 2026 08:40:17 +0800
|
|
Subject: Increase MAX_HOSTKEYS to 6
|
|
|
|
This allows all key types to be loaded at once, including different
|
|
ecdsa sizes.
|
|
Suggested by Darren Tucker.
|
|
---
|
|
src/sysoptions.h | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
--- a/src/sysoptions.h
|
|
+++ b/src/sysoptions.h
|
|
@@ -283,7 +283,7 @@
|
|
#define MAX_KEX_PARTS 1000
|
|
#endif
|
|
|
|
-#define MAX_HOSTKEYS 4
|
|
+#define MAX_HOSTKEYS 6
|
|
|
|
/* The maximum size of the bignum portion of the kexhash buffer */
|
|
/* K_S + Q_C + Q_S + K */
|