Patchwork dropbear: Deal with truncated host keys by removing them

login
register
mail settings
Submitter Holger Hans Peter Freyther
Date Jan. 18, 2013, 2:47 p.m.
Message ID <1358520454-31595-1-git-send-email-holger@moiji-mobile.com>
Download mbox | patch
Permalink /patch/42891/
State Accepted
Commit 4a61ee99fc6b2361a67af162f1f0d278701d226c
Headers show

Comments

Holger Hans Peter Freyther - Jan. 18, 2013, 2:47 p.m.
Dropbear does not start when the host key is empty and it is possible
that a device is switched off before the host key is generated. This
is possible because the dropbearkey code doesn't create a temporary
file first. Detect truncated keys and then remove them which will lead
to the re-generation. This way the dropbear process will always start.
---
 meta/recipes-core/dropbear/dropbear.inc  |    2 +-
 meta/recipes-core/dropbear/dropbear/init |    6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

Patch

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 3e430f2..3a39c95 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -2,7 +2,7 @@  DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation"
 HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
 SECTION = "console/network"
 
-INC_PR = "r1"
+INC_PR = "r2"
 
 # some files are from other projects and have others license terms:
 #   public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init
index e882bae..5cc2d65 100755
--- a/meta/recipes-core/dropbear/dropbear/init
+++ b/meta/recipes-core/dropbear/dropbear/init
@@ -58,9 +58,15 @@  gen_keys() {
 for t in $DROPBEAR_KEYTYPES; do
   case $t in
     rsa)
+        if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
+                rm $DROPBEAR_RSAKEY || true
+        fi
         test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
 	;;
     dsa)
+        if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then
+                rm $DROPBEAR_DSSKEY || true
+        fi
         test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
 	;;
   esac