dropbear: add options SSHKeepAlive and IdleTimeout.

Without timeout mechanism, if ssh client disconnected without sending
FIN or RST, forked dropbear servers would hang there for
KEX_RETRY_TIMEOUT seconds (8 hours).

TCP keepalive is not implemented in dropbear yet, thus the name
SSHKeepAlive.

300 seconds in this patch is selected from the default value of
ServerAliveInterval for Debian ssh client (See man ssh_config).

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40299 3c298f89-4303-0410-b956-a3cf2f4a3e73
master
Felix Fietkau 2014-03-29 17:05:35 +00:00
parent 49be87f44e
commit 31c24e7253
1 changed files with 5 additions and 1 deletions

View File

@ -44,7 +44,9 @@ validate_section_dropbear()
'rsakeyfile:file' \ 'rsakeyfile:file' \
'dsskeyfile:file' \ 'dsskeyfile:file' \
'BannerFile:file' \ 'BannerFile:file' \
'Port:list(port):22' 'Port:list(port):22' \
'SSHKeepAlive:uinteger:300' \
'IdleTimeout:uinteger:0'
return $? return $?
} }
@ -74,6 +76,8 @@ dropbear_instance()
[ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}" [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}"
[ -n "${Interface}" ] && network_get_device Interface "${Interface}" [ -n "${Interface}" ] && network_get_device Interface "${Interface}"
append_ports "${Interface}" "${Port}" append_ports "${Interface}" "${Port}"
[ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}"
[ "${SSHKeepAlive}" -ne 0 ] && procd_append_param command -K "${SSHKeepAlive}"
procd_close_instance procd_close_instance
} }