From patchwork Fri Jan 18 14:47:34 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: dropbear: Deal with truncated host keys by removing them Date: Fri, 18 Jan 2013 14:47:34 -0000 From: Holger Hans Peter Freyther X-Patchwork-Id: 42891 Message-Id: <1358520454-31595-1-git-send-email-holger@moiji-mobile.com> To: openembedded-core@lists.openembedded.org Cc: Holger Hans Peter Freyther Dropbear does not start when the host key is empty and it is possible that a device is switched off before the host key is generated. This is possible because the dropbearkey code doesn't create a temporary file first. Detect truncated keys and then remove them which will lead to the re-generation. This way the dropbear process will always start. --- meta/recipes-core/dropbear/dropbear.inc | 2 +- meta/recipes-core/dropbear/dropbear/init | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index 3e430f2..3a39c95 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -2,7 +2,7 @@ DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation" HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html" SECTION = "console/network" -INC_PR = "r1" +INC_PR = "r2" # some files are from other projects and have others license terms: # public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init index e882bae..5cc2d65 100755 --- a/meta/recipes-core/dropbear/dropbear/init +++ b/meta/recipes-core/dropbear/dropbear/init @@ -58,9 +58,15 @@ gen_keys() { for t in $DROPBEAR_KEYTYPES; do case $t in rsa) + if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then + rm $DROPBEAR_RSAKEY || true + fi test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY ;; dsa) + if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then + rm $DROPBEAR_DSSKEY || true + fi test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY ;; esac