[gnome-continuous-yocto/gnomeostree-3.28-rocko: 5014/8267] dropbear: drop support for DSA host keys in dropbear init script

[Emmanuele Bassi <ebassi src gnome org>]

commit 5ccea3e02a3800dd0e6e41d80fb20b02035133da
Author: Andre McCurdy <armccurdy gmail com>
Date:   Mon Mar 6 17:42:25 2017 -0800

    dropbear: drop support for DSA host keys in dropbear init script
    
    Bring the dropbear init script into sync with the systemd service
    file (dropbearkey.service supports RSA host keys only) and with
    recent versions of openssh which deprecate DSA host keys.
    
      https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html
    
    (From OE-Core rev: 6bd7341a38a8bb5387ea81dbccfed327370569f3)
    
    Signed-off-by: Andre McCurdy <armccurdy gmail com>
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 meta/recipes-core/dropbear/dropbear/init |   36 +++++-------------------------
 1 files changed, 6 insertions(+), 30 deletions(-)
---
diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init
index 434bd6b..f6e1c46 100755
--- a/meta/recipes-core/dropbear/dropbear/init
+++ b/meta/recipes-core/dropbear/dropbear/init
@@ -40,49 +40,28 @@ done
 if [ $readonly_rootfs = "1" ]; then
   mkdir -p /var/lib/dropbear
   DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key"
-  DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key"
 else
   DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key"
-  DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key"
 fi
 
 test -z "$DROPBEAR_BANNER" || \
   DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
 test -n "$DROPBEAR_RSAKEY" || \
   DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT
-test -n "$DROPBEAR_DSSKEY" || \
-  DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT
-test -n "$DROPBEAR_KEYTYPES" || \
-  DROPBEAR_KEYTYPES="rsa"
 
 gen_keys() {
-for t in $DROPBEAR_KEYTYPES; do
-  case $t in
-    rsa)
-        if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
-                rm $DROPBEAR_RSAKEY || true
-        fi
-        test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY $DROPBEAR_RSAKEY_ARGS
-       ;;
-    dsa)
-        if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then
-                rm $DROPBEAR_DSSKEY || true
-        fi
-        test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY $DROPBEAR_DSSKEY_ARGS
-       ;;
-  esac
-done
+    if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
+        rm $DROPBEAR_RSAKEY || true
+    fi
+    test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY $DROPBEAR_RSAKEY_ARGS
 }
 
 case "$1" in
   start)
        echo -n "Starting $DESC: "
        gen_keys
-       KEY_ARGS=""
-       test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
-       test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
        start-stop-daemon -S -p $PIDFILE \
-         -x "$DAEMON" -- $KEY_ARGS \
+         -x "$DAEMON" -- -r $DROPBEAR_RSAKEY \
            -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
        echo "$NAME."
        ;;
@@ -95,11 +74,8 @@ case "$1" in
        echo -n "Restarting $DESC: "
        start-stop-daemon -K -x "$DAEMON" -p $PIDFILE
        sleep 1
-       KEY_ARGS=""
-       test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY"
-       test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY"
        start-stop-daemon -S -p $PIDFILE \
-         -x "$DAEMON" -- $KEY_ARGS \
+         -x "$DAEMON" -- -r $DROPBEAR_RSAKEY \
            -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
        echo "$NAME."
        ;;