dropbear: rc-once: Regenerate key if invalid key is found

Previously just existence of a key file was checked, which allowed empty key files or invalid key files to persist. That would have prevented dropbear server daemon startup. Note: this does not always regenerate keys, only if rc-once is triggered and run again for whatever reason. Signed-off-by: Alexander Dahl <ada@thorsis.com> Message-Id: <20211105154734.19983-8-ada@thorsis.com> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
author: Alexander Dahl <ada@thorsis.com> 2021-11-05 16:47:33 +0100
committer: Michael Olbrich <m.olbrich@pengutronix.de> 2021-11-12 10:12:15 +0100
commit: 2e864fb02dbb3733f2ef3808b86364441da364a2 (patch)
tree: 6ba0fea8cb54b82615ec11e6f6c8d542eaaea6ff
parent: ea8fb9e68ff16f7537f89217201fbea63ef347c9 (diff)
download: ptxdist-2e864fb02dbb3733f2ef3808b86364441da364a2.tar.gz
ptxdist-2e864fb02dbb3733f2ef3808b86364441da364a2.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/projectroot/etc/rc.once.d/dropbear b/projectroot/etc/rc.once.d/dropbear
index b1c40fdbb..8a0440624 100644
--- a/projectroot/etc/rc.once.d/dropbear
+++ b/projectroot/etc/rc.once.d/dropbear
@@ -8,7 +8,8 @@ gen_key() {
 	key_type=$1
 	key_file=$2
 
-	[ -e "$key_file" ] && return
+	# do not overwrite valid key files
+	[ -s "$key_file" ] && dropbearkey -y -f "$key_file" > /dev/null 2>&1 && return
 
 	rm -f $key_file > /dev/null 2>&1
author	Alexander Dahl <ada@thorsis.com>	2021-11-05 16:47:33 +0100
committer	Michael Olbrich <m.olbrich@pengutronix.de>	2021-11-12 10:12:15 +0100
commit	2e864fb02dbb3733f2ef3808b86364441da364a2 (patch)
tree	6ba0fea8cb54b82615ec11e6f6c8d542eaaea6ff
parent	ea8fb9e68ff16f7537f89217201fbea63ef347c9 (diff)
download	ptxdist-2e864fb02dbb3733f2ef3808b86364441da364a2.tar.gz ptxdist-2e864fb02dbb3733f2ef3808b86364441da364a2.tar.xz