dropbear: safely support remote restarting of dropbear process; bump pkg revision (#5498)

SVN-Revision: 17113
master
Jo-Philipp Wich 16 years ago
parent 25b42557da
commit 498fe852f8
  1. 2
      package/dropbear/Makefile
  2. 138
      package/dropbear/files/dropbear.init

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dropbear PKG_NAME:=dropbear
PKG_VERSION:=0.52 PKG_VERSION:=0.52
PKG_RELEASE:=2 PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \ PKG_SOURCE_URL:= \

@ -1,28 +1,52 @@
#!/bin/sh /etc/rc.common #!/bin/sh /etc/rc.common
# Copyright (C) 2006 OpenWrt.org # Copyright (C) 2006-2009 OpenWrt.org
START=50
# Copyright (C) 2006 Carlos Sobrinho # Copyright (C) 2006 Carlos Sobrinho
config_cb() { NAME=dropbear
local cfg="$CONFIG_SECTION" PROG=/usr/sbin/dropbear
START=50
PIDCOUNT=0
EXTRA_COMMANDS="killclients"
EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself"
dropbear_start()
{
local section="$1"
# check if section is enabled (default)
local enabled
config_get_bool enabled "${section}" enable 1
[ "${enabled}" -eq 0 ] && return 1
# verbose parameter
local verbosed
config_get_bool verbosed "${section}" verbose 0
# increase pid file count to handle multiple instances correctly
PIDCOUNT="$(( ${PIDCOUNT} + 1))"
# prepare parameters
# A) password authentication
local nopasswd local nopasswd
local cfgt local passauth
config_get cfgt "$cfg" TYPE config_get_bool passauth "${section}" PasswordAuth 1
[ "${passauth}" -eq 0 ] && nopasswd=1
case "$cfgt" in # B) listen port
dropbear) local port
config_get passauth $cfg PasswordAuth config_get port "${section}" Port
config_get port $cfg Port
# concatenate parameters
case "$passauth" in local args
no|off|disabled|0) nopasswd=1;; args="${nopasswd:+-s }${port:+-p ${port}} -P /var/run/${NAME}.${PIDCOUNT}.pid"
esac
DROPBEAR_ARGS="${nopasswd:+-s }${port:+-p $port}" # execute program and return its exit code
;; [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
esac ${PROG} ${args}
return $?
} }
keygen() { keygen()
{
for keytype in rsa dss; do for keytype in rsa dss; do
# check for keys # check for keys
key=dropbear/dropbear_${keytype}_host_key key=dropbear/dropbear_${keytype}_host_key
@ -44,14 +68,78 @@ keygen() {
chmod 0700 /etc/dropbear chmod 0700 /etc/dropbear
} }
start() { start()
{
[ -s /etc/dropbear/dropbear_rsa_host_key -a \ [ -s /etc/dropbear/dropbear_rsa_host_key -a \
-s /etc/dropbear/dropbear_dss_host_key ] || keygen -s /etc/dropbear/dropbear_dss_host_key ] || keygen
config_load dropbear config_load "${NAME}"
/usr/sbin/dropbear $DROPBEAR_ARGS config_foreach dropbear_start dropbear
}
stop()
{
# killing all server processes
local pidfile
for pidfile in `ls /var/run/${NAME}.*.pid`
do
start-stop-daemon -K -s KILL -p "${pidfile}" -n "${NAME}" >/dev/null
rm -f "${pidfile}"
done
[ -z "${pidfile}" ] && echo "${initscript}: no pid files, if you get problems with start then try killclients"
} }
stop() { killclients()
killall dropbear {
local ignore=''
local server
local pid
# if this script is run from inside a client session, then ignore that session
pid="$$"
while [ "${pid}" -ne 0 ]
do
# get parent process id
pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
[ "${pid}" -eq 0 ] && break
# check if client connection
ps | grep -e "^[ ]*${pid} " | grep "${PROG}" >/dev/null
if [ $? -eq 0 ]
then
append ignore "${pid}"
break
fi
done
# get all server pids that should be ignored
for server in `cat /var/run/${NAME}.*.pid`
do
append ignore "${server}"
done
# get all running pids and kill client connections
local skip
for pid in `pidof "${NAME}"`
do
# check if correct program
ps | grep -e "^[ ]*${pid} " | grep "${PROG}" >/dev/null
[ $? -ne 0 ] && continue
# check if pid should be ignored (servers, ourself)
skip=0
for server in ${ignore}
do
if [ "${pid}" == "${server}" ]
then
skip=1
break
fi
done
[ "${skip}" -ne 0 ] && continue
# kill process
echo "${initscript}: Killing ${pid}..."
kill -KILL ${pid}
done
} }

Loading…
Cancel
Save