svn commit: trunk/buildroot/package/dropbear_sshd

Thu Sep 8 00:54:03 UTC 2005

Author: vapier
Date: 2005-09-07 17:54:01 -0700 (Wed, 07 Sep 2005)
New Revision: 11367

Log:
fall back to /dev/urandom if /dev/random is out of entropy Bug 138 by rireland

Added:
   trunk/buildroot/package/dropbear_sshd/dropbear-0.45-urandom.patch

Modified:
   trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk


Changeset:
Added: trunk/buildroot/package/dropbear_sshd/dropbear-0.45-urandom.patch
===================================================================

--- trunk/buildroot/package/dropbear_sshd/dropbear-0.45-urandom.patch	2005-09-08 00:51:14 UTC (rev 11366)
+++ trunk/buildroot/package/dropbear_sshd/dropbear-0.45-urandom.patch	2005-09-08 00:54:01 UTC (rev 11367)
@@ -0,0 +1,56 @@
+--- dropbear-0.45/options.h
++++ dropbear-0.45/options.h
+@@ -148,6 +148,10 @@
+ /* prngd must be manually set up to produce output */
+ /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
+ 
++/* If the normal random source would block for a while, fall back to 
++ * the urandom source so that connections don't hang forever. */
++#define DROPBEAR_URANDOM_DEV "/dev/urandom"
++
+ /* Specify the number of clients we will allow to be connected but
+  * not yet authenticated. After this limit, connections are rejected */
+ #ifndef MAX_UNAUTH_CLIENTS
+--- dropbear-0.45/random.c
++++ dropbear-0.45/random.c
+@@ -57,9 +57,14 @@
+ 	struct sockaddr_un egdsock;
+ 	char egdcmd[2];
+ #endif
++	mode_t readmode = O_RDONLY;
++#ifdef DROPBEAR_URANDOM_DEV
++	unsigned int readtries = 0;
++	readmode |= O_NONBLOCK;
++#endif
+ 
+ #ifdef DROPBEAR_RANDOM_DEV
+-	readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
++	readfd = open(DROPBEAR_RANDOM_DEV, readmode);
+ 	if (readfd < 0) {
+ 		dropbear_exit("couldn't open random device");
+ 	}
+@@ -97,6 +102,24 @@
+ 			if (readlen < 0 && errno == EINTR) {
+ 				continue;
+ 			}
++#ifdef DROPBEAR_URANDOM_DEV
++			/* if the main random source blocked, lets retry a few times, 
++			 * but then give up and try a constant random source. */
++			if (readlen < 0 && errno == EAGAIN) {
++				++readtries;
++				if (readtries < 5) {
++					sleep(1);
++					continue;
++				} else if (readtries == 5) {
++					close (readfd);
++					readfd = open(DROPBEAR_URANDOM_DEV, readmode);
++					if (readfd < 0) {
++						dropbear_exit("couldn't open secondary random device");
++					}
++					continue;
++				}
++			}
++#endif
+ 			dropbear_exit("error reading random source");
+ 		}
+ 		readpos += readlen;

Modified: trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk
===================================================================
--- trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk	2005-09-08 00:51:14 UTC (rev 11366)
+++ trunk/buildroot/package/dropbear_sshd/dropbear_sshd.mk	2005-09-08 00:54:01 UTC (rev 11367)
@@ -3,9 +3,10 @@
 # dropbear_sshd
 #
 #############################################################
-DROPBEAR_SSHD_SOURCE:=dropbear-0.46.tar.bz2
+DROPBEAR_SSHD_VER:=0.46
+DROPBEAR_SSHD_SOURCE:=dropbear-$(DROPBEAR_SSHD_VER).tar.bz2
 DROPBEAR_SSHD_SITE:=http://matt.ucc.asn.au/dropbear/releases/
-DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.46
+DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-$(DROPBEAR_SSHD_VER)
 DROPBEAR_SSHD_CAT:=bzcat
 DROPBEAR_SSHD_BINARY:=dropbearmulti
 DROPBEAR_SSHD_TARGET_BINARY:=usr/sbin/dropbear


