[oe-commits] John Lee : dropbear: improve dropbear security by listening only on usb0 by default

GIT User account git at amethyst.openembedded.net
Wed Oct 29 13:04:21 UTC 2008 

Module: openembedded.git
Branch: org.openembedded.dev
Commit: 294c894b7a89c8cc28098a0086fa2d9e8884361b
URL:    http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=294c894b7a89c8cc28098a0086fa2d9e8884361b

Author: John Lee <john_lee at openmoko.com>
Date:   Wed Sep  3 17:45:31 2008 +0800

dropbear: improve dropbear security by listening only on usb0 by default
trac #1853, originated by RuiSeabra

---

 packages/dropbear/dropbear.inc              |    7 +++++++
 packages/dropbear/dropbear/openmoko/default |    1 +
 packages/dropbear/dropbear_0.51.bb          |    4 ++--
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/packages/dropbear/dropbear.inc b/packages/dropbear/dropbear.inc
index 31edd26..37ce47c 100644
--- a/packages/dropbear/dropbear.inc
+++ b/packages/dropbear/dropbear.inc
@@ -14,6 +14,9 @@ SRC_URI = "\
   file://allow-nopw.patch \
   file://init \
 "
+SRC_URI_append_openmoko = "\
+  file://default \
+"
 
 inherit autotools update-rc.d
 
@@ -56,6 +59,8 @@ do_install() {
 				  -e 's,/usr/bin,${bindir},g' \
 				  -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear
 	chmod 755 ${D}${sysconfdir}/init.d/dropbear
+	test -e ${WORKDIR}/default && \
+	install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/dropbear
 }
 
 pkg_postinst () {
@@ -73,3 +78,5 @@ pkg_postrm_append () {
 	update-alternatives --remove ssh ${bindir}/dropbearmulti
 	update-alternatives --remove scp ${bindir}/dropbearmulti
 }
+
+CONFFILES_${PN} += "${sysconfdir}/default/dropbear"
diff --git a/packages/dropbear/dropbear/openmoko/default b/packages/dropbear/dropbear/openmoko/default
new file mode 100644
index 0000000..19816b3
--- /dev/null
+++ b/packages/dropbear/dropbear/openmoko/default
@@ -0,0 +1 @@
+DROPBEAR_PORT=`ip addr list usb0 | awk 'BEGIN { FS="[ /]+" } /inet / { print  $3 }'`:22
diff --git a/packages/dropbear/dropbear_0.51.bb b/packages/dropbear/dropbear_0.51.bb
index 888819c..2566fbb 100644
--- a/packages/dropbear/dropbear_0.51.bb
+++ b/packages/dropbear/dropbear_0.51.bb
@@ -1,4 +1,4 @@
 require dropbear.inc
-PR = "r1"
+PR = "r1.01"
 
-SRC_URI += "file://no-host-lookup.patch;patch=1"
\ No newline at end of file
+SRC_URI += "file://no-host-lookup.patch;patch=1"

More information about the Openembedded-commits mailing list