Dropbear of r9733 does not anymore compile, patch fails

Hello

New patches seems not to compile anymore dropbear at least on OpenSuse Leap 15.0
Today cloned repostory with
git clone https://github.com/openwrt/openwrt.git
I see that dropbear was modifed one day ago.

BTW: Wanted to create an issue but there is no option nor in dropbear nor in root of github. What's the right way to create an ticket/issue of dropbear?

make[3]: Entering directory '/Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/package/network/services/dropbear'
touch /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/build_dir/target-mipsel_24kc_musl/dropbear-2017.75/.prepared_248000bae5ef3b6a36dba2efe39128c4_6664517399ebbbc92a37c5bb081b5c53_check
. /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/include/shell.sh; bzcat /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/dl/dropbear-2017.75.tar.bz2 | tar -C /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/build_dir/target-mipsel_24kc_musl/dropbear-2017.75/.. -xf -
[ ! -d ./src/ ] || cp -fpR ./src/. /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/build_dir/target-mipsel_24kc_musl/dropbear-2017.75

Applying ./patches/010-tty-modes-werent-reset-for-client.patch using plaintext:
patching file cli-chansession.c
Hunk #1 FAILED at 35.
Hunk #2 FAILED at 51.
Hunk #3 FAILED at 84.
Hunk #4 FAILED at 388.
4 out of 4 hunks FAILED -- saving rejects to file cli-chansession.c.rej
Patch failed!  Please fix ./patches/010-tty-modes-werent-reset-for-client.patch!
make[3]: *** [Makefile:162: /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/build_dir/target-mipsel_24kc_musl/dropbear-2017.75/.prepared_248000bae5ef3b6a36dba2efe39128c4_6664517399ebbbc92a37c5bb081b5c53] Error 1
make[3]: Leaving directory '/Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/package/network/services/dropbear'
time: package/network/services/dropbear/compile#0.37#0.08#0.42
make[2]: *** [package/Makefile:109: package/network/services/dropbear/compile] Error 2
make[2]: Leaving directory '/Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w'
make[1]: *** [package/Makefile:103: /Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/staging_dir/target-mipsel_24kc_musl/stamp/.package_compile] Error 2
make[1]: Leaving directory '/Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w'
make: *** [/Devel/OpenWRT/OpenWRT-18.06.2-r9733-r1-w/include/toplevel.mk:218: world] Error 2

Do you already have

01964148c6 dropbear: split ECC support to basic and full
5eb7864aad dropbear: rewrite init script startup logic to handle both host key files
6145e59881 dropbear: change type of config option "Port" to scalar type "port"
5d27b10c61 dropbear: introduce config option "keyfile" (replacement for "rsakeyfile")
efc533cc2f dropbear: add initial support for ECC host key
c40a84cc15 dropbear: fix regression where TTY modes weren't reset for client
ddf1a06326 dropbear: honour CFLAGS while building bundled libtomcrypt/libtommath
9c3bfd0906 dropbear: fix hardening flags during configure
a1099edf32 dropbear: bump to 2019.77

Guessing, a clean will fix things. Otherwise all the builds would be broken.

Spot-checking an ar71xx Archer C7v2 build.

(Will be a bit, as it looks like the toolchain has changed.)

master builds OK for me. I don't see any recent changes to dropbear on openwrt-18.06

Edit: Also note that “old” releases aren’t “guaranteed” to build with package sources other than those they were released with. Same for master. This is because patches in the OpenWrt tree are applied to downloaded sources, which change with time, along with API compatibility.

It's built from scratch. The built stopped 3 times with an error.
Running again went on until dropbear...

I delete patches for dropbear from master branch (the changes you published) and copied patches from 18.06.2 branch instead, dropbear compiles and whole distro compiles after that.

Problem seems to be order of patching dropbear maybe on my host?
How is the order defined of all the patches? I guess of the number of the file but could this change of some systems?

One more question: The hash in front of the change you posted is the hash of the patch file? How can I generate it? It's not sha256sum nor md5sum

Let me answer the easier one first -- 01964148c6 is a "git hash" -- it is a hash over the entire state of the "known" file system and the commit message (probably a few other things as well). Assuming you don't have any untracked or "ignored" files in the tree, if I'm on 01964148c6 and you're on 01964148c6, then we have exactly the same files on our computers. If we talk about that as a commit, then we are talking about exactly the same commit.

I have set shorter hashes than usual using git config --global log.abbrevcommit true for all the git work I do on my machine. You could also do it as --local for just one repo, or as --abbrev-commit as an argument to git log. The full hash is what you'll see with something like

openwrt-archer-c7$ git log -1 --no-abbrev-commit 01964148c6
commit 01964148c638e88d2ec29e63880c12c84b84c5a4
Author: Konstantin Demin <redacted>
Date:   Mon Mar 25 22:00:28 2019 +0300

    dropbear: split ECC support to basic and full
    
    - limit ECC support to ec*-sha2-nistp256:
      * DROPBEAR_ECC now provides only basic support for ECC
    - provide full ECC support as an option:
      * DROPBEAR_ECC_FULL brings back support for ec{dh,dsa}-sha2-nistp{384,521}
    - update feature costs in binary size
    
    Signed-off-by: Konstantin Demin <redacted>

(--no-abbrev-commit is to "reverse" my personal customization)

The lines I posted were from looking at the "headlines" of commits on master with something like

git log --pretty=oneline openwrt/master 

(since I have multiple remotes in my tree, I have renamed what is probably origin on your machine to openwrt)



OK, back to the problem at hand. Given that the buildbots are churning out the builds and that I had no errors in building from scratch yesterday, I have to consider that there is something about your environment or process that is causing the errors.

Reading "copy" files from one place to another has me thinking that you've got some mix of files from multiple branches or points in time, which could easily lead to the kinds of problem you're seeing.

What do the following commands return?

git log -1 --pretty=oneline     # A single-line summary of your latest commit
git status                      # Shows what might have been changed, and what is not "tracked" or "ignored"

Have you tried a clean build of HEAD of your branch for a representative device? That would help rule out configuration problems (which I don't suspect, at this point).

I'm still puzzled by the directory name OpenWRT-18.06.2-r9733-r1-w. What are you trying to accomplish? Not that it's "wrong", but it might provide more insight into what is going wrong and how to get you to a successful build that meets your objectives.

1 Like

You are trying to apply the patch 010-tty-modes-werent-reset-for-client.patch, which is only valid against dropbear-2019.77, against dropbear-2017.75 and this fails as expected.

It looks like you are compiling a mixture of openwrt 18.06 and master and this fails like expected.

2 Likes

The only I have done was to download the repository with
git clone https://github.com/openwrt/openwrt.git
nothing more.
Copied my .config file from 18.06.02 version and tried to compile wrt841n V13 version

I change the banner file end /etc/openwrt_release to add my compiliation cycles to distinct
and modify /etc/shadow etc. with some defaults for me and /usr/local/bin/ stuff to install by default. BTW: This does not work anymore, will post other thread...

Jeff: Thanks for the nice explication of git log and "git hash" info!

Hauke: Yoou are right, my dropbear makefile will download 2017.75 version.
What is the right way to dowload the latest development version which works if its not the git command I put at first? Or Why I have drpbear patches which are not for my dropbear version
I want to compile a version with latest mt76 drivers :frowning:
I'm still beginner with git :frowning: and branches
Is there a document how OpenWRT is using branches, which should a beta tester ir developer use? Have not found anything

output of: git log -1 --pretty=oneline
e1444ab59cfcd330cfac6f51aa14106961585ee1 (HEAD -> master, origin/master, origin/HEAD) ar71xx: add support for MikroTik RouterBOARD 922UAGS-5HPacD

As noted I have copied patch files from 18.06.2 version and removed the downloaded after failing compile, at least to see what's the problem...

output of: git status
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add/rm <file>..." to update what will be committed)
  (use "git checkout -- <file>..." to discard changes in working directory)

        modified:   package/base-files/files/etc/banner
        modified:   package/base-files/files/etc/openwrt_release
        modified:   package/base-files/files/etc/shadow
        modified:   package/network/config/firewall/files/firewall.config
        modified:   package/network/services/dnsmasq/files/dhcp.conf
        modified:   package/network/services/dropbear/Makefile
        deleted:    package/network/services/dropbear/patches/010-tty-modes-werent-reset-for-client.patch
        modified:   package/network/services/dropbear/patches/100-pubkey_path.patch
        modified:   package/network/services/dropbear/patches/110-change_user.patch
        modified:   package/network/services/dropbear/patches/130-ssh_ignore_x_args.patch
        modified:   package/network/services/dropbear/patches/140-disable_assert.patch
        deleted:    package/network/services/dropbear/patches/160-lto-jobserver.patch
        modified:   package/network/services/dropbear/patches/600-allow-blank-root-password.patch
        deleted:    package/network/services/dropbear/patches/900-configure-hardening.patch
        deleted:    package/network/services/dropbear/patches/901-bundled-libs-cflags.patch

Untracked files:
  (use "git add <file>..." to include in what will be committed)

        OpenWRT-18.06.2-r9733-r1-w_BuilImageFromScratch
        PatchAll
        output.make
        output.make.dropbear
        package/base-files/files/usr/bin/
        package/base-files/files/usr/local/
        package/network/services/dropbear/files/dropbear.authorized_keys
        package/network/services/dropbear/patches.new/
        package/network/services/dropbear/patches/010-runtime-maxauthtries.patch
        package/network/services/dropbear/patches/020-Wait-to-fail-invalid-usernames.patch
        package/network/services/dropbear/patches/120-openwrt_options.patch
        package/network/services/dropbear/patches/150-dbconvert_standalone.patch
        package/network/services/dropbear/patches/610-skip-default-keys-in-custom-runs.patch

If you want to "work with the latest" then you should be working with master, not openwrt-18.06. It is a complex task to "backport" changes from one development branch to another. Copying the patch files is only one part of that task. The farther in the past (number of commits) that the "other" branch is, the more difficult.

Something like

git checkout master            # use the development branch
git pull                       # get the absolute latest changes
git reset --hard HEAD          # get rid of any "known" changes you've made
git tag built-on-2019-03-27    # a marker for you, of your choice
make dirclean                  # Since you've made some "interesting" changes, make sure they're "completely" gone
./scripts/feeds update -a      # get the package sources
./scripts/feeds install -a     # and make sure the build system knows about them
make menuconfig                # select your device, add the packages you want (LuCI is not default)
make -j12 clean download world # get rid of old artifacts, then make sure you've got the sources, then build everything

My build machine has 12 cores, so that -j12 means I probably can continue to use it, though it will be heavily loaded. A rule of thumb is one more than your cores for a build on a machine that is doing nothing else. If you need to use the machine for other things while you're building, maybe half the number of cores is a good compromise.

More information at https://openwrt.org/docs/guide-developer/build-system/start