dropbear: Deal with truncated host keys by removing them

Dropbear does not start when the host key is empty and it is possible
that a device is switched off before the host key is generated. This
is possible because the dropbearkey code doesn't create a temporary
file first. Detect truncated keys and then remove them which will lead
to the re-generation. This way the dropbear process will always start.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 3e430f22bfca934f7cc21868ca2e6cb11a37612d..3a39c952259f93fe4f4030bd7001b510969a60a4 100644 (file)
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -2,7 +2,7 @@ DESCRIPTION = "Dropbear is a lightweight SSH and SCP implementation"
 HOMEPAGE = "http://matt.ucc.asn.au/dropbear/dropbear.html"
 SECTION = "console/network"
 
-INC_PR = "r1"
+INC_PR = "r2"
 
 # some files are from other projects and have others license terms:
 #   public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY

diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init
index e882bae6893c428b88ba23aabbe17ddee23f11c2..5cc2d656e892d4bad1a01c9099074e3e9f995dca 100755 (executable)
--- a/meta/recipes-core/dropbear/dropbear/init
+++ b/meta/recipes-core/dropbear/dropbear/init
@@ -58,9 +58,15 @@ gen_keys() {
 for t in $DROPBEAR_KEYTYPES; do
   case $t in
     rsa)
+        if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
+                rm $DROPBEAR_RSAKEY || true
+        fi
         test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
        ;;
     dsa)
+        if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then
+                rm $DROPBEAR_DSSKEY || true
+        fi
         test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
        ;;
   esac