From 0da193ee6943fc7afd100d2378cd1989d1f1cc03 Mon Sep 17 00:00:00 2001 From: Kyle Copperfield Date: Tue, 19 Nov 2019 18:50:00 +0000 Subject: dropbear: move failsafe code out of base-files The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Failsafe code of dropbear should be in the dropbear package not the base-files package. Signed-off-by: Kyle Copperfield --- package/network/services/dropbear/Makefile | 3 ++- package/network/services/dropbear/files/dropbear.failsafe | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100755 package/network/services/dropbear/files/dropbear.failsafe (limited to 'package/network') diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index d92b94915b..8b5bc17c9d 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear PKG_VERSION:=2019.78 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ @@ -158,6 +158,7 @@ define Package/dropbear/install $(INSTALL_BIN) ./files/dropbear.init $(1)/etc/init.d/dropbear $(INSTALL_DIR) $(1)/usr/lib/opkg/info $(INSTALL_DIR) $(1)/etc/dropbear + $(INSTALL_DIR) ./files/dropbear.failsafe $(1)/lib/preinit/99_10_failsafe_dropbear $(if $(CONFIG_DROPBEAR_ECC),touch $(1)/etc/dropbear/dropbear_ecdsa_host_key) touch $(1)/etc/dropbear/dropbear_rsa_host_key endef diff --git a/package/network/services/dropbear/files/dropbear.failsafe b/package/network/services/dropbear/files/dropbear.failsafe new file mode 100755 index 0000000000..a98ede459a --- /dev/null +++ b/package/network/services/dropbear/files/dropbear.failsafe @@ -0,0 +1,8 @@ +#!/bin/sh + +failsafe_dropbear () { + dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key + dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1 +} + +boot_hook_add failsafe failsafe_dropbear -- cgit v1.2.3