--- /dev/null
+--- dropbear-0.45.orig/options.h 2005-03-08 14:43:07.000000000 -0500
++++ dropbear-0.45/options.h 2005-03-08 14:44:41.000000000 -0500
+@@ -148,6 +148,10 @@
+ /* prngd must be manually set up to produce output */
+ /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
+
++/* If the normal random source would block for a while, fall back to
++ * the urandom source so that connections don't hang forever. */
++#define DROPBEAR_URANDOM_DEV "/dev/urandom"
++
+ /* Specify the number of clients we will allow to be connected but
+ * not yet authenticated. After this limit, connections are rejected */
+ #ifndef MAX_UNAUTH_CLIENTS
+diff -ur dropbear-0.45.orig/random.c dropbear-0.45/random.c
+--- dropbear-0.45.orig/random.c 2005-03-08 14:43:07.000000000 -0500
++++ dropbear-0.45/random.c 2005-03-08 14:57:31.000000000 -0500
+@@ -57,9 +57,14 @@
+ struct sockaddr_un egdsock;
+ char egdcmd[2];
+ #endif
++ mode_t readmode = O_RDONLY;
++#ifdef DROPBEAR_URANDOM_DEV
++ unsigned int readtries = 0;
++ readmode |= O_NONBLOCK;
++#endif
+
+ #ifdef DROPBEAR_RANDOM_DEV
+- readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
++ readfd = open(DROPBEAR_RANDOM_DEV, readmode);
+ if (readfd < 0) {
+ dropbear_exit("couldn't open random device");
+ }
+@@ -97,6 +102,24 @@
+ if (readlen < 0 && errno == EINTR) {
+ continue;
+ }
++#ifdef DROPBEAR_URANDOM_DEV
++ /* if the main random source blocked, lets retry a few times,
++ * but then give up and try a constant random source. */
++ if (readlen < 0 && errno == EAGAIN) {
++ ++readtries;
++ if (readtries < 5) {
++ sleep(1);
++ continue;
++ } else if (readtries == 5) {
++ close (readfd);
++ readfd = open(DROPBEAR_URANDOM_DEV, readmode);
++ if (readfd < 0) {
++ dropbear_exit("couldn't open secondary random device");
++ }
++ continue;
++ }
++ }
++#endif
+ dropbear_exit("error reading random source");
+ }
+ readpos += readlen;
git.wh0rd.org / patches.git / blobdiff