From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Fri, 05 Nov 2021 16:48:43 +0100
Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33])
	by lore.white.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1mj1SN-0001I5-Ps
	for lore@lore.pengutronix.de; Fri, 05 Nov 2021 16:48:43 +0100
Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de)
	by metis.ext.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1mj1SM-0008Qe-RL; Fri, 05 Nov 2021 16:48:42 +0100
Received: from mail.thorsis.com ([92.198.35.195])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <ada@thorsis.com>)
 id 1mj1Ra-0007b0-8d; Fri, 05 Nov 2021 16:47:54 +0100
Received: from localhost (localhost [127.0.0.1])
 by mail.thorsis.com (Postfix) with ESMTP id 7F3EBE5C;
 Fri,  5 Nov 2021 16:47:53 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mail.thorsis.com
Received: from mail.thorsis.com ([127.0.0.1])
 by localhost (mail.thorsis.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id feEBAGzZf-eM; Fri,  5 Nov 2021 16:47:53 +0100 (CET)
Received: by mail.thorsis.com (Postfix, from userid 109)
 id 57F2F1DAA; Fri,  5 Nov 2021 16:47:53 +0100 (CET)
Received: from adahl by ada.ifak-system.com with local (Exim 4.92)
 (envelope-from <ada@thorsis.com>)
 id 1mj1RG-0005DQ-Rz; Fri, 05 Nov 2021 16:47:34 +0100
From: Alexander Dahl <ada@thorsis.com>
To: ptxdist@pengutronix.de
Date: Fri,  5 Nov 2021 16:47:31 +0100
Message-Id: <20211105154734.19983-6-ada@thorsis.com>
In-Reply-To: <20211105154734.19983-1-ada@thorsis.com>
References: <20211105154734.19983-1-ada@thorsis.com>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 metis.ext.pengutronix.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=4.0 tests=AWL,BAYES_00,SPF_HELO_NONE,
 SPF_PASS autolearn=ham autolearn_force=no version=3.4.2
Subject: [ptxdist] [PATCH v3 5/8] dropbear: Refactor rc-once and init to use
 KEYTYPES
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Cc: Denis Osterland-Heim <denis.osterland@diehl.com>,
 Michael Olbrich <m.olbrich@pengutronix.de>,
 Bruno Thomsen <bruno.thomsen@gmail.com>,
 Alexander Stein <alexander.stein@systec-electronic.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false

Previously DSS and RSA keys were always generated, regardless if
dropbear was built with support for that host key or not, which somehow
contradicts what commit message of 01ac7cc409b5 ("dropbear: Remove
deprecated options") promised.

No other things changed here, just considering that KEYTYPES list for
'rsa' for now.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---

Notes:
    v2 -> v3
    --------
    - adapted to DSS key support removal
    - put variable containing path in quotes

 projectroot/etc/init.d/dropbear    | 13 +++++++++++--
 projectroot/etc/rc.once.d/dropbear | 23 +++++++++++++++++++++--
 2 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/projectroot/etc/init.d/dropbear b/projectroot/etc/init.d/dropbear
index 15671c9d8..4dda9aaf7 100644
--- a/projectroot/etc/init.d/dropbear
+++ b/projectroot/etc/init.d/dropbear
@@ -15,9 +15,18 @@ test -z "$DROPBEAR_BANNER" || \
   DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
 
 dropbear_start() {
-
     KEY_ARGS=""
-    test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
+    for keytype in $DROPBEAR_KEYTYPES
+    do
+        case "$keytype" in
+            rsa)
+                test -f "$DROPBEAR_RSAKEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
+                ;;
+            *)
+                echo "Key type '$keytype' not supported"
+                ;;
+        esac
+    done
 
     echo -n "starting dropbear..."
 
diff --git a/projectroot/etc/rc.once.d/dropbear b/projectroot/etc/rc.once.d/dropbear
index b70f5f22e..0735fed38 100644
--- a/projectroot/etc/rc.once.d/dropbear
+++ b/projectroot/etc/rc.once.d/dropbear
@@ -5,10 +5,11 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 . /usr/lib/init/dropbear.sh
 
 gen_key() {
-
 	key_type=$1
 	key_file=$2
 
+	[ -e "$key_file" ] && return
+
 	rm -f $key_file > /dev/null 2>&1
 
 	echo -n "generating $key_type key..."
@@ -22,4 +23,22 @@ gen_key() {
 	fi
 }
 
-[ -e "$DROPBEAR_RSAKEY" ] || gen_key rsa "$DROPBEAR_RSAKEY"
+gen_keys() {
+	for keytype in $DROPBEAR_KEYTYPES
+	do
+		case "$keytype" in
+			rsa)
+				gen_key rsa "$DROPBEAR_RSAKEY"
+				;;
+			*)
+				echo "Key type '$keytype' not supported"
+				;;
+		esac
+	done
+}
+
+if ! gen_keys
+then
+	echo "Generating SSH keys failed!"
+	exit 1
+fi
-- 
2.30.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de