From: John Lee Date: Wed, 3 Sep 2008 09:45:31 +0000 (+0800) Subject: dropbear: improve dropbear security by listening only on usb0 by default X-Git-Tag: Release-2010-05/1~5569^2~14 X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=294c894b7a89c8cc28098a0086fa2d9e8884361b;p=openembedded.git dropbear: improve dropbear security by listening only on usb0 by default trac #1853, originated by RuiSeabra --- diff --git a/packages/dropbear/dropbear.inc b/packages/dropbear/dropbear.inc index 31edd26cc8..37ce47cba5 100644 --- a/packages/dropbear/dropbear.inc +++ b/packages/dropbear/dropbear.inc @@ -14,6 +14,9 @@ SRC_URI = "\ file://allow-nopw.patch \ file://init \ " +SRC_URI_append_openmoko = "\ + file://default \ +" inherit autotools update-rc.d @@ -56,6 +59,8 @@ do_install() { -e 's,/usr/bin,${bindir},g' \ -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear chmod 755 ${D}${sysconfdir}/init.d/dropbear + test -e ${WORKDIR}/default && \ + install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/dropbear } pkg_postinst () { @@ -73,3 +78,5 @@ pkg_postrm_append () { update-alternatives --remove ssh ${bindir}/dropbearmulti update-alternatives --remove scp ${bindir}/dropbearmulti } + +CONFFILES_${PN} += "${sysconfdir}/default/dropbear" diff --git a/packages/dropbear/dropbear/openmoko/default b/packages/dropbear/dropbear/openmoko/default new file mode 100644 index 0000000000..19816b32a6 --- /dev/null +++ b/packages/dropbear/dropbear/openmoko/default @@ -0,0 +1 @@ +DROPBEAR_PORT=`ip addr list usb0 | awk 'BEGIN { FS="[ /]+" } /inet / { print $3 }'`:22 diff --git a/packages/dropbear/dropbear_0.51.bb b/packages/dropbear/dropbear_0.51.bb index 888819c0e5..2566fbbd9b 100644 --- a/packages/dropbear/dropbear_0.51.bb +++ b/packages/dropbear/dropbear_0.51.bb @@ -1,4 +1,4 @@ require dropbear.inc -PR = "r1" +PR = "r1.01" -SRC_URI += "file://no-host-lookup.patch;patch=1" \ No newline at end of file +SRC_URI += "file://no-host-lookup.patch;patch=1"