]> git.wh0rd.org Git - patches.git/blob - dropbear-0.45-urandom.patch
more random patches. who knows.
[patches.git] / dropbear-0.45-urandom.patch
1 --- dropbear-0.45.orig/options.h        2005-03-08 14:43:07.000000000 -0500
2 +++ dropbear-0.45/options.h     2005-03-08 14:44:41.000000000 -0500
3 @@ -148,6 +148,10 @@
4  /* prngd must be manually set up to produce output */
5  /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
6  
7 +/* If the normal random source would block for a while, fall back to 
8 + * the urandom source so that connections don't hang forever. */
9 +#define DROPBEAR_URANDOM_DEV "/dev/urandom"
10 +
11  /* Specify the number of clients we will allow to be connected but
12   * not yet authenticated. After this limit, connections are rejected */
13  #ifndef MAX_UNAUTH_CLIENTS
14 diff -ur dropbear-0.45.orig/random.c dropbear-0.45/random.c
15 --- dropbear-0.45.orig/random.c 2005-03-08 14:43:07.000000000 -0500
16 +++ dropbear-0.45/random.c      2005-03-08 14:57:31.000000000 -0500
17 @@ -57,9 +57,14 @@
18         struct sockaddr_un egdsock;
19         char egdcmd[2];
20  #endif
21 +       mode_t readmode = O_RDONLY;
22 +#ifdef DROPBEAR_URANDOM_DEV
23 +       unsigned int readtries = 0;
24 +       readmode |= O_NONBLOCK;
25 +#endif
26  
27  #ifdef DROPBEAR_RANDOM_DEV
28 -       readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
29 +       readfd = open(DROPBEAR_RANDOM_DEV, readmode);
30         if (readfd < 0) {
31                 dropbear_exit("couldn't open random device");
32         }
33 @@ -97,6 +102,24 @@
34                         if (readlen < 0 && errno == EINTR) {
35                                 continue;
36                         }
37 +#ifdef DROPBEAR_URANDOM_DEV
38 +                       /* if the main random source blocked, lets retry a few times, 
39 +                        * but then give up and try a constant random source. */
40 +                       if (readlen < 0 && errno == EAGAIN) {
41 +                               ++readtries;
42 +                               if (readtries < 5) {
43 +                                       sleep(1);
44 +                                       continue;
45 +                               } else if (readtries == 5) {
46 +                                       close (readfd);
47 +                                       readfd = open(DROPBEAR_URANDOM_DEV, readmode);
48 +                                       if (readfd < 0) {
49 +                                               dropbear_exit("couldn't open secondary random device");
50 +                                       }
51 +                                       continue;
52 +                               }
53 +                       }
54 +#endif
55                         dropbear_exit("error reading random source");
56                 }
57                 readpos += readlen;