dropbear: add options SSHKeepAlive and IdleTimeout.

Without timeout mechanism, if ssh client disconnected without sending
FIN or RST, forked dropbear servers would hang there for
KEX_RETRY_TIMEOUT seconds (8 hours).

TCP keepalive is not implemented in dropbear yet, thus the name
SSHKeepAlive.

300 seconds in this patch is selected from the default value of
ServerAliveInterval for Debian ssh client (See man ssh_config).

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 40299

diff --git a/package/network/services/dropbear/files/dropbear.init b/package/network/services/dropbear/files/dropbear.init
index 93dc3d96946535da6f77656446f02fc581cadfd7..19aab3653bf7ba356c6ed8abe9c3157b37f1e08b 100755 (executable)
--- a/package/network/services/dropbear/files/dropbear.init
+++ b/package/network/services/dropbear/files/dropbear.init
@@ -44,7 +44,9 @@ validate_section_dropbear()
                'rsakeyfile:file' \
                'dsskeyfile:file' \
                'BannerFile:file' \
-               'Port:list(port):22'
+               'Port:list(port):22' \
+               'SSHKeepAlive:uinteger:300' \
+               'IdleTimeout:uinteger:0'
        return $?
 }
 
@@ -74,6 +76,8 @@ dropbear_instance()
        [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}"
        [ -n "${Interface}" ] && network_get_device Interface "${Interface}"
        append_ports "${Interface}" "${Port}"
+       [ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}"
+       [ "${SSHKeepAlive}" -ne 0 ] && procd_append_param command -K "${SSHKeepAlive}"
        procd_close_instance
 }