more random patches. who knows.
[patches.git] / dropbear-0.45-urandom.patch
1 --- dropbear-0.45.orig/options.h 2005-03-08 14:43:07.000000000 -0500
2 +++ dropbear-0.45/options.h 2005-03-08 14:44:41.000000000 -0500
3 @@ -148,6 +148,10 @@
4 /* prngd must be manually set up to produce output */
5 /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
6
7 +/* If the normal random source would block for a while, fall back to
8 + * the urandom source so that connections don't hang forever. */
9 +#define DROPBEAR_URANDOM_DEV "/dev/urandom"
10 +
11 /* Specify the number of clients we will allow to be connected but
12 * not yet authenticated. After this limit, connections are rejected */
13 #ifndef MAX_UNAUTH_CLIENTS
14 diff -ur dropbear-0.45.orig/random.c dropbear-0.45/random.c
15 --- dropbear-0.45.orig/random.c 2005-03-08 14:43:07.000000000 -0500
16 +++ dropbear-0.45/random.c 2005-03-08 14:57:31.000000000 -0500
17 @@ -57,9 +57,14 @@
18 struct sockaddr_un egdsock;
19 char egdcmd[2];
20 #endif
21 + mode_t readmode = O_RDONLY;
22 +#ifdef DROPBEAR_URANDOM_DEV
23 + unsigned int readtries = 0;
24 + readmode |= O_NONBLOCK;
25 +#endif
26
27 #ifdef DROPBEAR_RANDOM_DEV
28 - readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
29 + readfd = open(DROPBEAR_RANDOM_DEV, readmode);
30 if (readfd < 0) {
31 dropbear_exit("couldn't open random device");
32 }
33 @@ -97,6 +102,24 @@
34 if (readlen < 0 && errno == EINTR) {
35 continue;
36 }
37 +#ifdef DROPBEAR_URANDOM_DEV
38 + /* if the main random source blocked, lets retry a few times,
39 + * but then give up and try a constant random source. */
40 + if (readlen < 0 && errno == EAGAIN) {
41 + ++readtries;
42 + if (readtries < 5) {
43 + sleep(1);
44 + continue;
45 + } else if (readtries == 5) {
46 + close (readfd);
47 + readfd = open(DROPBEAR_URANDOM_DEV, readmode);
48 + if (readfd < 0) {
49 + dropbear_exit("couldn't open secondary random device");
50 + }
51 + continue;
52 + }
53 + }
54 +#endif
55 dropbear_exit("error reading random source");
56 }
57 readpos += readlen;