dropbear: move failsafe code out of base-files
authorKyle Copperfield <kmcopper@danwin1210.me>
Tue, 19 Nov 2019 18:50:00 +0000 (18:50 +0000)
committerJohn Crispin <john@phrozen.org>
Wed, 15 Jan 2020 19:04:06 +0000 (20:04 +0100)
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Failsafe code of dropbear should be in the dropbear package not the
base-files package.

Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
package/base-files/Makefile
package/base-files/files/lib/preinit/99_10_failsafe_login
package/network/services/dropbear/Makefile
package/network/services/dropbear/files/dropbear.failsafe [new file with mode: 0755]

index 268d7d4..e389148 100644 (file)
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/version.mk
 include $(INCLUDE_DIR)/feeds.mk
 
 PKG_NAME:=base-files
-PKG_RELEASE:=212
+PKG_RELEASE:=213
 PKG_FLAGS:=nonshared
 
 PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/
index 728c63b..16ad84f 100644 (file)
@@ -2,11 +2,6 @@
 # Copyright (C) 2006-2015 OpenWrt.org
 # Copyright (C) 2010 Vertical Communications
 
-failsafe_netlogin () {
-       dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key
-       dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1
-}
-
 failsafe_shell() {
        local console="$(sed -e 's/ /\n/g' /proc/cmdline | grep '^console=' | head -1 | sed -e 's/^console=//' -e 's/,.*//')"
        [ -n "$console" ] || console=console
@@ -17,5 +12,4 @@ failsafe_shell() {
        done &
 }
 
-boot_hook_add failsafe failsafe_netlogin
 boot_hook_add failsafe failsafe_shell
index d92b949..8b5bc17 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dropbear
 PKG_VERSION:=2019.78
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
@@ -158,6 +158,7 @@ define Package/dropbear/install
        $(INSTALL_BIN) ./files/dropbear.init $(1)/etc/init.d/dropbear
        $(INSTALL_DIR) $(1)/usr/lib/opkg/info
        $(INSTALL_DIR) $(1)/etc/dropbear
+       $(INSTALL_DIR) ./files/dropbear.failsafe $(1)/lib/preinit/99_10_failsafe_dropbear
        $(if $(CONFIG_DROPBEAR_ECC),touch $(1)/etc/dropbear/dropbear_ecdsa_host_key)
        touch $(1)/etc/dropbear/dropbear_rsa_host_key
 endef
diff --git a/package/network/services/dropbear/files/dropbear.failsafe b/package/network/services/dropbear/files/dropbear.failsafe
new file mode 100755 (executable)
index 0000000..a98ede4
--- /dev/null
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+failsafe_dropbear () {
+       dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key
+       dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1
+}
+
+boot_hook_add failsafe failsafe_dropbear