mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2025-01-27 07:51:06 +02:00
hostapd: make entropy collection contribute to the kernel pool
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26272 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
957986717f
commit
2dbaa78d91
120
package/hostapd/patches/700-random_pool_add_kernel.patch
Normal file
120
package/hostapd/patches/700-random_pool_add_kernel.patch
Normal file
@ -0,0 +1,120 @@
|
|||||||
|
--- a/src/crypto/random.c
|
||||||
|
+++ b/src/crypto/random.c
|
||||||
|
@@ -47,6 +47,8 @@
|
||||||
|
#define EXTRACT_LEN 16
|
||||||
|
#define MIN_READY_MARK 2
|
||||||
|
|
||||||
|
+#ifndef CONFIG_NO_RANDOM_POOL
|
||||||
|
+
|
||||||
|
static u32 pool[POOL_WORDS];
|
||||||
|
static unsigned int input_rotate = 0;
|
||||||
|
static unsigned int pool_pos = 0;
|
||||||
|
@@ -120,7 +122,7 @@ static void random_extract(u8 *out)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
-void random_add_randomness(const void *buf, size_t len)
|
||||||
|
+static void random_pool_add_randomness(const void *buf, size_t len)
|
||||||
|
{
|
||||||
|
struct os_time t;
|
||||||
|
static unsigned int count = 0;
|
||||||
|
@@ -260,3 +262,22 @@ void random_mark_pool_ready(void)
|
||||||
|
wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
|
||||||
|
"ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+#endif /* CONFIG_NO_RANDOM_POOL */
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+void random_add_randomness(const void *buf, size_t len)
|
||||||
|
+{
|
||||||
|
+#ifdef __linux__
|
||||||
|
+ int fd;
|
||||||
|
+
|
||||||
|
+ fd = open("/dev/random", O_RDWR);
|
||||||
|
+ if (fd >= 0) {
|
||||||
|
+ write(fd, buf, len);
|
||||||
|
+ close(fd);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+#ifndef CONFIG_NO_RANDOM_POOL
|
||||||
|
+ random_pool_add_randomness(buf, len);
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
--- a/hostapd/Makefile
|
||||||
|
+++ b/hostapd/Makefile
|
||||||
|
@@ -698,11 +698,11 @@ endif
|
||||||
|
ifdef CONFIG_NO_RANDOM_POOL
|
||||||
|
CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
||||||
|
else
|
||||||
|
-OBJS += ../src/crypto/random.o
|
||||||
|
-HOBJS += ../src/crypto/random.o
|
||||||
|
HOBJS += $(SHA1OBJS)
|
||||||
|
HOBJS += ../src/crypto/md5.o
|
||||||
|
endif
|
||||||
|
+OBJS += ../src/crypto/random.o
|
||||||
|
+HOBJS += ../src/crypto/random.o
|
||||||
|
|
||||||
|
ifdef CONFIG_RADIUS_SERVER
|
||||||
|
CFLAGS += -DRADIUS_SERVER
|
||||||
|
--- a/wpa_supplicant/Makefile
|
||||||
|
+++ b/wpa_supplicant/Makefile
|
||||||
|
@@ -1101,9 +1101,8 @@ endif
|
||||||
|
|
||||||
|
ifdef CONFIG_NO_RANDOM_POOL
|
||||||
|
CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
||||||
|
-else
|
||||||
|
-OBJS += ../src/crypto/random.o
|
||||||
|
endif
|
||||||
|
+OBJS += ../src/crypto/random.o
|
||||||
|
|
||||||
|
ifdef CONFIG_CTRL_IFACE
|
||||||
|
ifeq ($(CONFIG_CTRL_IFACE), y)
|
||||||
|
--- a/wpa_supplicant/Android.mk
|
||||||
|
+++ b/wpa_supplicant/Android.mk
|
||||||
|
@@ -1102,9 +1102,8 @@ endif
|
||||||
|
|
||||||
|
ifdef CONFIG_NO_RANDOM_POOL
|
||||||
|
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
||||||
|
-else
|
||||||
|
-OBJS += src/crypto/random.c
|
||||||
|
endif
|
||||||
|
+OBJS += src/crypto/random.c
|
||||||
|
|
||||||
|
ifdef CONFIG_CTRL_IFACE
|
||||||
|
ifeq ($(CONFIG_CTRL_IFACE), y)
|
||||||
|
--- a/hostapd/Android.mk
|
||||||
|
+++ b/hostapd/Android.mk
|
||||||
|
@@ -717,11 +717,11 @@ endif
|
||||||
|
ifdef CONFIG_NO_RANDOM_POOL
|
||||||
|
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
||||||
|
else
|
||||||
|
-OBJS += src/crypto/random.c
|
||||||
|
-HOBJS += src/crypto/random.c
|
||||||
|
HOBJS += $(SHA1OBJS)
|
||||||
|
HOBJS += src/crypto/md5.c
|
||||||
|
endif
|
||||||
|
+OBJS += src/crypto/random.c
|
||||||
|
+HOBJS += src/crypto/random.c
|
||||||
|
|
||||||
|
ifdef CONFIG_RADIUS_SERVER
|
||||||
|
L_CFLAGS += -DRADIUS_SERVER
|
||||||
|
--- a/src/crypto/random.h
|
||||||
|
+++ b/src/crypto/random.h
|
||||||
|
@@ -16,15 +16,14 @@
|
||||||
|
#define RANDOM_H
|
||||||
|
|
||||||
|
#ifdef CONFIG_NO_RANDOM_POOL
|
||||||
|
-#define random_add_randomness(b, l) do { } while (0)
|
||||||
|
#define random_get_bytes(b, l) os_get_random((b), (l))
|
||||||
|
#define random_pool_ready() 1
|
||||||
|
#define random_mark_pool_ready() do { } while (0)
|
||||||
|
#else /* CONFIG_NO_RANDOM_POOL */
|
||||||
|
-void random_add_randomness(const void *buf, size_t len);
|
||||||
|
int random_get_bytes(void *buf, size_t len);
|
||||||
|
int random_pool_ready(void);
|
||||||
|
void random_mark_pool_ready(void);
|
||||||
|
#endif /* CONFIG_NO_RANDOM_POOL */
|
||||||
|
+void random_add_randomness(const void *buf, size_t len);
|
||||||
|
|
||||||
|
#endif /* RANDOM_H */
|
@ -1,47 +0,0 @@
|
|||||||
--- a/src/crypto/random.c
|
|
||||||
+++ b/src/crypto/random.c
|
|
||||||
@@ -202,16 +202,16 @@ int random_pool_ready(void)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Try to fetch some more data from the kernel high quality
|
|
||||||
- * /dev/random. There may not be enough data available at this point,
|
|
||||||
+ * /dev/urandom. There may not be enough data available at this point,
|
|
||||||
* so use non-blocking read to avoid blocking the application
|
|
||||||
* completely.
|
|
||||||
*/
|
|
||||||
- fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
|
|
||||||
+ fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK);
|
|
||||||
if (fd < 0) {
|
|
||||||
#ifndef CONFIG_NO_STDOUT_DEBUG
|
|
||||||
int error = errno;
|
|
||||||
- perror("open(/dev/random)");
|
|
||||||
- wpa_printf(MSG_ERROR, "random: Cannot open /dev/random: %s",
|
|
||||||
+ perror("open(/dev/urandom)");
|
|
||||||
+ wpa_printf(MSG_ERROR, "random: Cannot open /dev/urandom: %s",
|
|
||||||
strerror(error));
|
|
||||||
#endif /* CONFIG_NO_STDOUT_DEBUG */
|
|
||||||
return -1;
|
|
||||||
@@ -220,12 +220,12 @@ int random_pool_ready(void)
|
|
||||||
res = read(fd, dummy_key + dummy_key_avail,
|
|
||||||
sizeof(dummy_key) - dummy_key_avail);
|
|
||||||
if (res < 0) {
|
|
||||||
- wpa_printf(MSG_ERROR, "random: Cannot read from /dev/random: "
|
|
||||||
+ wpa_printf(MSG_ERROR, "random: Cannot read from /dev/urandom: "
|
|
||||||
"%s", strerror(errno));
|
|
||||||
res = 0;
|
|
||||||
}
|
|
||||||
wpa_printf(MSG_DEBUG, "random: Got %u/%u bytes from "
|
|
||||||
- "/dev/random", (unsigned) res,
|
|
||||||
+ "/dev/urandom", (unsigned) res,
|
|
||||||
(unsigned) (sizeof(dummy_key) - dummy_key_avail));
|
|
||||||
dummy_key_avail += res;
|
|
||||||
close(fd);
|
|
||||||
@@ -234,7 +234,7 @@ int random_pool_ready(void)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
wpa_printf(MSG_INFO, "random: Only %u/%u bytes of strong "
|
|
||||||
- "random data available from /dev/random",
|
|
||||||
+ "random data available from /dev/urandom",
|
|
||||||
(unsigned) dummy_key_avail, (unsigned) sizeof(dummy_key));
|
|
||||||
|
|
||||||
if (own_pool_ready >= MIN_READY_MARK ||
|
|
Loading…
x
Reference in New Issue
Block a user