packages: sort network related packages into package/network/

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33688 3c298f89-4303-0410-b956-a3cf2f4a3e73

13 files changed, 0 insertions, 677 deletions

diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile
deleted file mode 100644
index 63cf86e14..000000000
--- a/package/dropbear/Makefile
+++ /dev/null
@@ -1,114 +0,0 @@
-#
-# Copyright (C) 2006-2012 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dropbear
-PKG_VERSION:=2011.54
-PKG_RELEASE:=2
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:= \
-	http://matt.ucc.asn.au/dropbear/releases/ \
-	http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/
-PKG_MD5SUM:=c627ffe09570fad7aa94d8eac2b9320c
-
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/dropbear/Default
-  URL:=http://matt.ucc.asn.au/dropbear/
-endef
-
-define Package/dropbear
-  $(call Package/dropbear/Default)
-  SECTION:=net
-  CATEGORY:=Base system
-  TITLE:=Small SSH2 client/server
-endef
-
-define Package/dropbear/description
- A small SSH2 server/client designed for small memory environments.
-endef
-
-define Package/dropbear/conffiles
-/etc/dropbear/dropbear_rsa_host_key
-/etc/dropbear/dropbear_dss_host_key 
-/etc/config/dropbear 
-endef
-
-define Package/dropbearconvert
-  $(call Package/dropbear/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE:=Utility for converting SSH keys
-endef
-
-CONFIGURE_ARGS += \
-	--with-shared \
-	--disable-pam \
-	--enable-openpty \
-	--enable-syslog \
-	$(if $(CONFIG_SHADOW_PASSWORDS),,--disable-shadow) \
-	--disable-lastlog \
-	--disable-utmp \
-	--disable-utmpx \
-	--disable-wtmp \
-	--disable-wtmpx \
-	--disable-loginfunc \
-	--disable-pututline \
-	--disable-pututxline \
-	--disable-zlib \
-	--enable-bundled-libtom
-
-TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections
-TARGET_LDFLAGS += -Wl,--gc-sections
-
-define Build/Configure
-	$(SED) 's,^/\* #define PKG_MULTI.*,#define PKG_MULTI,g' $(PKG_BUILD_DIR)/options.h
-	$(SED) 's,^#define DO_HOST_LOOKUP,/* & */,g' $(PKG_BUILD_DIR)/options.h
-	$(call Build/Configure/Default)
-endef
-
-define Build/Compile
-	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
-		$(TARGET_CONFIGURE_OPTS) \
-		LD="$(TARGET_CC)" \
-		PROGRAMS="dropbear dbclient dropbearkey scp" \
-		MULTI=1 SCPPROGRESS=1
-	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
-		$(TARGET_CONFIGURE_OPTS) \
-		LD="$(TARGET_CC)" \
-		PROGRAMS="dropbearconvert"
-endef
-
-define Package/dropbear/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dropbearmulti $(1)/usr/sbin/dropbear
-	$(INSTALL_DIR) $(1)/usr/bin
-	ln -sf ../sbin/dropbear $(1)/usr/bin/scp
-	ln -sf ../sbin/dropbear $(1)/usr/bin/ssh
-	ln -sf ../sbin/dropbear $(1)/usr/bin/dbclient
-	ln -sf ../sbin/dropbear $(1)/usr/bin/dropbearkey
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DATA) ./files/dropbear.config $(1)/etc/config/dropbear
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/dropbear.init $(1)/etc/init.d/dropbear
-	$(INSTALL_DIR) $(1)/usr/lib/opkg/info
-	$(INSTALL_DIR) $(1)/etc/dropbear
-	touch $(1)/etc/dropbear/dropbear_rsa_host_key
-	touch $(1)/etc/dropbear/dropbear_dss_host_key
-endef
-
-define Package/dropbearconvert/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dropbearconvert $(1)/usr/bin/dropbearconvert
-endef
-
-$(eval $(call BuildPackage,dropbear))
-$(eval $(call BuildPackage,dropbearconvert))
diff --git a/package/dropbear/files/dropbear.config b/package/dropbear/files/dropbear.config
deleted file mode 100644
index 2139ba0bb..000000000
--- a/package/dropbear/files/dropbear.config
+++ /dev/null
@@ -1,5 +0,0 @@
-config dropbear
-	option PasswordAuth 'on'
-	option RootPasswordAuth 'on'
-	option Port         '22'
-#	option BannerFile   '/etc/banner'
diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init
deleted file mode 100755
index c909d2896..000000000
--- a/package/dropbear/files/dropbear.init
+++ /dev/null
@@ -1,191 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2010 OpenWrt.org
-# Copyright (C) 2006 Carlos Sobrinho
-
-START=50
-STOP=50
-
-SERVICE_USE_PID=1
-
-NAME=dropbear
-PROG=/usr/sbin/dropbear
-PIDCOUNT=0
-EXTRA_COMMANDS="killclients"
-EXTRA_HELP="	killclients Kill ${NAME} processes except servers and yourself"
-
-dropbear_start()
-{
-	append_ports()
-	{
-		local ifname="$1"
-		local port="$2"
-
-		grep -qs "^ *$ifname:" /proc/net/dev || {
-			append args "-p $port"
-			return
-		}
-
-		for addr in $(
-			ifconfig "$ifname" | sed -ne '
-				/addr: *fe[89ab][0-9a-f]:/d
-				s/.* addr: *\([0-9a-f:\.]*\).*/\1/p
-			'
-		); do
-			append args "-p $addr:$port"
-		done
-	}
-
-
-	local section="$1"
-
-	# check if section is enabled (default)
-	local enabled
-	config_get_bool enabled "${section}" enable 1
-	[ "${enabled}" -eq 0 ] && return 1
-
-	# verbose parameter
-	local verbosed
-	config_get_bool verbosed "${section}" verbose 0
-
-	# increase pid file count to handle multiple instances correctly
-	PIDCOUNT="$(( ${PIDCOUNT} + 1))"
-
-	# prepare parameters (initialise with pid file)
-	local pid_file="/var/run/${NAME}.${PIDCOUNT}.pid"
-	local args="-P $pid_file"
-	local val
-	# A) password authentication
-	config_get_bool val "${section}" PasswordAuth 1
-	[ "${val}" -eq 0 ] && append args "-s"
-	# B) listen interface and port
-	local port
-	local interface
-	config_get interface "${section}" Interface
-	config_get interface "${interface}" ifname "$interface"
-	config_get port "${section}" Port 22
-	append_ports "$interface" "$port"
-	# C) banner file
-	config_get val "${section}" BannerFile
-	[ -f "${val}" ] && append args "-b ${val}"
-	# D) gatewayports
-	config_get_bool val "${section}" GatewayPorts 0
-	[ "${val}" -eq 1 ] && append args "-a"
-	# E) root password authentication
-	config_get_bool val "${section}" RootPasswordAuth 1
-	[ "${val}" -eq 0 ] && append args "-g"
-	# F) root login
-	config_get_bool val "${section}" RootLogin 1
-	[ "${val}" -eq 0 ] && append args "-w"
-	# G) host keys
-	config_get val "${section}" rsakeyfile
-	[ -f "${val}" ] && append args "-r ${val}"
-	config_get val "${section}" dsskeyfile
-	[ -f "${val}" ] && append args "-d ${val}"
-
-	# execute program and return its exit code
-	[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
-	SERVICE_PID_FILE="$pid_file" service_start ${PROG} ${args}
-}
-
-keygen()
-{
-	for keytype in rsa dss; do
-		# check for keys
-		key=dropbear/dropbear_${keytype}_host_key
-		[ -f /tmp/$key -o -s /etc/$key ] || {
-			# generate missing keys
-			mkdir -p /tmp/dropbear
-			[ -x /usr/bin/dropbearkey ] && {
-				/usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start
-			} &
-		exit 0
-		}
-	done
-
-	lock /tmp/.switch2jffs
-	mkdir -p /etc/dropbear
-	mv /tmp/dropbear/dropbear_* /etc/dropbear/
-	lock -u /tmp/.switch2jffs
-	chown root /etc/dropbear
-	chmod 0700 /etc/dropbear
-}
-
-start()
-{
-	[ -s /etc/dropbear/dropbear_rsa_host_key -a \
-	  -s /etc/dropbear/dropbear_dss_host_key ] || keygen
-
-	include /lib/network
-	scan_interfaces
-	config_load "${NAME}"
-	config_foreach dropbear_start dropbear
-}
-
-stop()
-{
-	local pid_file pid_files
-	
-	pid_files=`ls /var/run/${NAME}.*.pid 2>/dev/null`
-	
-	[ -z "$pid_files" ] && return 1
-	
-	for pid_file in $pid_files; do
-		SERVICE_PID_FILE="$pid_file" service_stop ${PROG} && {
-			rm -f ${pid_file}
-		}
-	done
-}
-
-killclients()
-{
-	local ignore=''
-	local server
-	local pid
-
-	# if this script is run from inside a client session, then ignore that session
-	pid="$$"
-	while [ "${pid}" -ne 0 ]
-	 do
-		# get parent process id
-		pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
-		[ "${pid}" -eq 0 ] && break
-
-		# check if client connection
-		grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" && {
-			append ignore "${pid}"
-			break
-		}
-	done
-
-	# get all server pids that should be ignored
-	for server in `cat /var/run/${NAME}.*.pid`
-	 do
-		append ignore "${server}"
-	done
-
-	# get all running pids and kill client connections
-	local skip
-	for pid in `pidof "${NAME}"`
-	 do
-		# check if correct program, otherwise process next pid
-		grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" || {
-			continue
-		}
-
-		# check if pid should be ignored (servers, ourself)
-		skip=0
-		for server in ${ignore}
-		 do
-			if [ "${pid}" == "${server}" ]
-			 then
-				skip=1
-				break
-			fi
-		done
-		[ "${skip}" -ne 0 ] && continue
-
-		# kill process
-		echo "${initscript}: Killing ${pid}..."
-		kill -KILL ${pid}
-	done
-}
diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch
deleted file mode 100644
index c1802f51e..000000000
--- a/package/dropbear/patches/100-pubkey_path.patch
+++ /dev/null
@@ -1,91 +0,0 @@
---- a/svr-authpubkey.c
-+++ b/svr-authpubkey.c
-@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al
- 		goto out;
- 	}
- 
--	/* we don't need to check pw and pw_dir for validity, since
--	 * its been done in checkpubkeyperms. */
--	len = strlen(ses.authstate.pw_dir);
--	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
--				ses.authstate.pw_dir);
--
--	/* open the file */
--	authfile = fopen(filename, "r");
-+	if (ses.authstate.pw_uid != 0) {
-+		/* we don't need to check pw and pw_dir for validity, since
-+		 * its been done in checkpubkeyperms. */
-+		len = strlen(ses.authstate.pw_dir);
-+		/* allocate max required pathname storage,
-+		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-+		filename = m_malloc(len + 22);
-+		snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
-+		         ses.authstate.pw_dir);
-+
-+		/* open the file */
-+		authfile = fopen(filename, "r");
-+	} else {
-+		authfile = fopen("/etc/dropbear/authorized_keys","r");
-+	}
- 	if (authfile == NULL) {
- 		goto out;
- 	}
-@@ -372,26 +376,35 @@ static int checkpubkeyperms() {
- 		goto out;
- 	}
- 
--	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	strncpy(filename, ses.authstate.pw_dir, len+1);
--
--	/* check ~ */
--	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
--		goto out;
--	}
--
--	/* check ~/.ssh */
--	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
--	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
--		goto out;
--	}
--
--	/* now check ~/.ssh/authorized_keys */
--	strncat(filename, "/authorized_keys", 16);
--	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
--		goto out;
-+	if (ses.authstate.pw_uid == 0) {
-+		if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+		if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+	} else {
-+		/* allocate max required pathname storage,
-+		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-+		filename = m_malloc(len + 22);
-+		strncpy(filename, ses.authstate.pw_dir, len+1);
-+
-+		/* check ~ */
-+		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+
-+		/* check ~/.ssh */
-+		strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
-+		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
-+
-+		/* now check ~/.ssh/authorized_keys */
-+		strncat(filename, "/authorized_keys", 16);
-+		if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-+			goto out;
-+		}
- 	}
- 
- 	/* file looks ok, return success */
diff --git a/package/dropbear/patches/110-change_user.patch b/package/dropbear/patches/110-change_user.patch
deleted file mode 100644
index 55747bc4d..000000000
--- a/package/dropbear/patches/110-change_user.patch
+++ /dev/null
@@ -1,18 +0,0 @@
---- a/svr-chansession.c
-+++ b/svr-chansession.c
-@@ -884,12 +884,12 @@ static void execchild(void *user_data) {
- 	/* We can only change uid/gid as root ... */
- 	if (getuid() == 0) {
- 
--		if ((setgid(ses.authstate.pw_gid) < 0) ||
-+		if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
- 			(initgroups(ses.authstate.pw_name, 
--						ses.authstate.pw_gid) < 0)) {
-+						ses.authstate.pw_gid) < 0))) {
- 			dropbear_exit("Error changing user group");
- 		}
--		if (setuid(ses.authstate.pw_uid) < 0) {
-+		if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
- 			dropbear_exit("Error changing user");
- 		}
- 	} else {
diff --git a/package/dropbear/patches/120-openwrt_options.patch b/package/dropbear/patches/120-openwrt_options.patch
deleted file mode 100644
index 42204aa64..000000000
--- a/package/dropbear/patches/120-openwrt_options.patch
+++ /dev/null
@@ -1,67 +0,0 @@
---- a/options.h
-+++ b/options.h
-@@ -38,7 +38,7 @@
-  * Both of these flags can be defined at once, don't compile without at least
-  * one of them. */
- #define NON_INETD_MODE
--#define INETD_MODE
-+/*#define INETD_MODE*/
- 
- /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
-  * perhaps 20% slower for pubkey operations (it is probably worth experimenting
-@@ -49,7 +49,7 @@
- several kB in binary size however will make the symmetrical ciphers and hashes
- slower, perhaps by 50%. Recommended for small systems that aren't doing
- much traffic. */
--/*#define DROPBEAR_SMALL_CODE*/
-+#define DROPBEAR_SMALL_CODE
- 
- /* Enable X11 Forwarding - server only */
- #define ENABLE_X11FWD
-@@ -78,7 +78,7 @@ much traffic. */
- 
- /* Enable "Netcat mode" option. This will forward standard input/output
-  * to a remote TCP-forwarded connection */
--#define ENABLE_CLI_NETCAT
-+/*#define ENABLE_CLI_NETCAT*/
- 
- /* Encryption - at least one required.
-  * Protocol RFC requires 3DES and recommends AES128 for interoperability.
-@@ -89,8 +89,8 @@ much traffic. */
- #define DROPBEAR_AES256
- /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
- /*#define DROPBEAR_BLOWFISH*/
--#define DROPBEAR_TWOFISH256
--#define DROPBEAR_TWOFISH128
-+/*#define DROPBEAR_TWOFISH256
-+#define DROPBEAR_TWOFISH128*/
- 
- /* Enable "Counter Mode" for ciphers. This is more secure than normal
-  * CBC mode against certain attacks. This adds around 1kB to binary 
-@@ -110,7 +110,7 @@ much traffic. */
-  * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
-  * which are not the standard form. */
- #define DROPBEAR_SHA1_HMAC
--#define DROPBEAR_SHA1_96_HMAC
-+/*#define DROPBEAR_SHA1_96_HMAC*/
- #define DROPBEAR_MD5_HMAC
- 
- /* Hostkey/public key algorithms - at least one required, these are used
-@@ -148,7 +148,7 @@ much traffic. */
- 
- /* Whether to print the message of the day (MOTD). This doesn't add much code
-  * size */
--#define DO_MOTD
-+/*#define DO_MOTD*/
- 
- /* The MOTD file path */
- #ifndef MOTD_FILENAME
-@@ -192,7 +192,7 @@ much traffic. */
-  * note that it will be provided for all "hidden" client-interactive
-  * style prompts - if you want something more sophisticated, use 
-  * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/
--#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
-+/*#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"*/
- 
- /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
-  * a helper program for the ssh client. The helper program should be
diff --git a/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch
deleted file mode 100644
index 93647a99e..000000000
--- a/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch
+++ /dev/null
@@ -1,21 +0,0 @@
---- a/cli-runopts.c
-+++ b/cli-runopts.c
-@@ -287,6 +287,10 @@ void cli_getopts(int argc, char ** argv)
- 					debug_trace = 1;
- 					break;
- #endif
-+				case 'o':
-+					next = &dummy;
-+				case 'x':
-+					break;
- 				case 'F':
- 				case 'e':
- 				case 'c':
-@@ -298,7 +302,6 @@ void cli_getopts(int argc, char ** argv)
- #ifndef ENABLE_CLI_LOCALTCPFWD
- 				case 'L':
- #endif
--				case 'o':
- 				case 'b':
- 					next = &dummy;
- 				default:
diff --git a/package/dropbear/patches/140-disable_assert.patch b/package/dropbear/patches/140-disable_assert.patch
deleted file mode 100644
index e99376333..000000000
--- a/package/dropbear/patches/140-disable_assert.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/dbutil.h
-+++ b/dbutil.h
-@@ -94,6 +94,10 @@ int m_str_to_uint(const char* str, unsig
- #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
- 
- /* Dropbear assertion */
--#define dropbear_assert(X) do { if (!(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0)
-+#ifndef DROPBEAR_ASSERT_ENABLED
-+#define DROPBEAR_ASSERT_ENABLED 0
-+#endif
-+
-+#define dropbear_assert(X) do { if (DROPBEAR_ASSERT_ENABLED && !(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0)
- 
- #endif /* _DBUTIL_H_ */
diff --git a/package/dropbear/patches/150-dbconvert_standalone.patch b/package/dropbear/patches/150-dbconvert_standalone.patch
deleted file mode 100644
index 3e0b00855..000000000
--- a/package/dropbear/patches/150-dbconvert_standalone.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/options.h
-+++ b/options.h
-@@ -5,6 +5,11 @@
- #ifndef _OPTIONS_H_
- #define _OPTIONS_H_
- 
-+#if !defined(DROPBEAR_CLIENT) && !defined(DROPBEAR_SERVER)
-+#define DROPBEAR_SERVER
-+#define DROPBEAR_CLIENT
-+#endif
-+
- /******************************************************************
-  * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif"
-  * parts are to allow for commandline -DDROPBEAR_XXX options etc.
diff --git a/package/dropbear/patches/200-lcrypt_bsdfix.patch b/package/dropbear/patches/200-lcrypt_bsdfix.patch
deleted file mode 100644
index 57eb9670d..000000000
--- a/package/dropbear/patches/200-lcrypt_bsdfix.patch
+++ /dev/null
@@ -1,29 +0,0 @@
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h pac
- 		loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
- 		listener.h fake-rfc2553.h
- 
--dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ 
-+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
- dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
- dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS)
- dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS)
-@@ -77,7 +77,7 @@ STRIP=@STRIP@
- INSTALL=@INSTALL@
- CPPFLAGS=@CPPFLAGS@
- CFLAGS+=-I. -I$(srcdir) $(CPPFLAGS) @CFLAGS@
--LIBS+=@LIBS@
-+LIBS+=@CRYPTLIB@ @LIBS@
- LDFLAGS=@LDFLAGS@
- 
- EXEEXT=@EXEEXT@
-@@ -169,7 +169,7 @@ scp: $(SCPOBJS)  $(HEADERS) Makefile
- # multi-binary compilation.
- MULTIOBJS=
- ifeq ($(MULTI),1)
--	MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ 
-+	MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs)))
- 	CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI
- endif
- 
diff --git a/package/dropbear/patches/300-ipv6_addr_port_split.patch b/package/dropbear/patches/300-ipv6_addr_port_split.patch
deleted file mode 100644
index 7da435ab1..000000000
--- a/package/dropbear/patches/300-ipv6_addr_port_split.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/svr-runopts.c
-+++ b/svr-runopts.c
-@@ -325,7 +325,7 @@ static void addportandaddress(char* spec
- 		myspec = m_strdup(spec);
- 
- 		/* search for ':', that separates address and port */
--		svr_opts.ports[svr_opts.portcount] = strchr(myspec, ':');
-+		svr_opts.ports[svr_opts.portcount] = strrchr(myspec, ':');
- 
- 		if (svr_opts.ports[svr_opts.portcount] == NULL) {
- 			/* no ':' -> the whole string specifies just a port */
diff --git a/package/dropbear/patches/400-CVE-2012-0920.patch b/package/dropbear/patches/400-CVE-2012-0920.patch
deleted file mode 100644
index 164909f56..000000000
--- a/package/dropbear/patches/400-CVE-2012-0920.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-
-# HG changeset patch
-# User Matt Johnston <matt@ucc.asn.au>
-# Date 1322947885 -28800
-# Node ID 818108bf7749bfecd4715a30e2583aac9dbe25e8
-# Parent  5e8d84f3ee7256d054ecf7e9f248765ccaa7f24f
-- Fix use-after-free if multiple command requests were sent. Move
-the original_command into chansess struct since that makes more sense
-
---- a/auth.h
-+++ b/auth.h
-@@ -133,7 +133,6 @@ struct PubKeyOptions {
- 	int no_pty_flag;
- 	/* "command=" option. */
- 	unsigned char * forced_command;
--	unsigned char * original_command;
- };
- #endif
- 
---- a/chansession.h
-+++ b/chansession.h
-@@ -69,6 +69,10 @@ struct ChanSess {
- 	char * agentfile;
- 	char * agentdir;
- #endif
-+
-+#ifdef ENABLE_SVR_PUBKEY_OPTIONS
-+	char *original_command;
-+#endif
- };
- 
- struct ChildPid {
---- a/svr-authpubkeyoptions.c
-+++ b/svr-authpubkeyoptions.c
-@@ -92,14 +92,15 @@ int svr_pubkey_allows_pty() {
-  * by any 'command' public key option. */
- void svr_pubkey_set_forced_command(struct ChanSess *chansess) {
- 	if (ses.authstate.pubkey_options) {
--		ses.authstate.pubkey_options->original_command = chansess->cmd;
--		if (!chansess->cmd)
--		{
--			ses.authstate.pubkey_options->original_command = m_strdup("");
-+		if (chansess->cmd) {
-+			/* original_command takes ownership */
-+			chansess->original_command = chansess->cmd;
-+		} else {
-+			chansess->original_command = m_strdup("");
- 		}
--		chansess->cmd = ses.authstate.pubkey_options->forced_command;
-+		chansess->cmd = m_strdup(ses.authstate.pubkey_options->forced_command);
- #ifdef LOG_COMMANDS
--		dropbear_log(LOG_INFO, "Command forced to '%s'", ses.authstate.pubkey_options->original_command);
-+		dropbear_log(LOG_INFO, "Command forced to '%s'", chansess->original_command);
- #endif
- 	}
- }
---- a/svr-chansession.c
-+++ b/svr-chansession.c
-@@ -217,6 +217,8 @@ static int newchansess(struct Channel *c
- 
- 	struct ChanSess *chansess;
- 
-+	TRACE(("new chansess %p", channel))
-+
- 	dropbear_assert(channel->typedata == NULL);
- 
- 	chansess = (struct ChanSess*)m_malloc(sizeof(struct ChanSess));
-@@ -279,6 +281,10 @@ static void closechansess(struct Channel
- 	m_free(chansess->cmd);
- 	m_free(chansess->term);
- 
-+#ifdef ENABLE_SVR_PUBKEY_OPTIONS
-+	m_free(chansess->original_command);
-+#endif
-+
- 	if (chansess->tty) {
- 		/* write the utmp/wtmp login record */
- 		li = chansess_login_alloc(chansess);
-@@ -924,10 +930,8 @@ static void execchild(void *user_data) {
- 	}
- 	
- #ifdef ENABLE_SVR_PUBKEY_OPTIONS
--	if (ses.authstate.pubkey_options &&
--			ses.authstate.pubkey_options->original_command) {
--		addnewvar("SSH_ORIGINAL_COMMAND", 
--			ses.authstate.pubkey_options->original_command);
-+	if (chansess->original_command) {
-+		addnewvar("SSH_ORIGINAL_COMMAND", chansess->original_command);
- 	}
- #endif
- 
diff --git a/package/dropbear/patches/500-set-default-path.patch b/package/dropbear/patches/500-set-default-path.patch
deleted file mode 100644
index 0bd3ffcc3..000000000
--- a/package/dropbear/patches/500-set-default-path.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/options.h
-+++ b/options.h
-@@ -297,7 +297,7 @@ be overridden at runtime with -I. 0 disa
- #define DEFAULT_IDLE_TIMEOUT 0
- 
- /* The default path. This will often get replaced by the shell */
--#define DEFAULT_PATH "/usr/bin:/bin"
-+#define DEFAULT_PATH "/bin:/sbin:/usr/bin:/usr/sbin"
- 
- /* Some other defines (that mostly should be left alone) are defined
-  * in sysoptions.h */