Loading package/dropbear_sshd/dropbear-0.45-urandom.patch 0 → 100644 +56 −0 Original line number Diff line number Diff line --- dropbear-0.45/options.h +++ dropbear-0.45/options.h @@ -148,6 +148,10 @@ /* prngd must be manually set up to produce output */ /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ +/* If the normal random source would block for a while, fall back to + * the urandom source so that connections don't hang forever. */ +#define DROPBEAR_URANDOM_DEV "/dev/urandom" + /* Specify the number of clients we will allow to be connected but * not yet authenticated. After this limit, connections are rejected */ #ifndef MAX_UNAUTH_CLIENTS --- dropbear-0.45/random.c +++ dropbear-0.45/random.c @@ -57,9 +57,14 @@ struct sockaddr_un egdsock; char egdcmd[2]; #endif + mode_t readmode = O_RDONLY; +#ifdef DROPBEAR_URANDOM_DEV + unsigned int readtries = 0; + readmode |= O_NONBLOCK; +#endif #ifdef DROPBEAR_RANDOM_DEV - readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY); + readfd = open(DROPBEAR_RANDOM_DEV, readmode); if (readfd < 0) { dropbear_exit("couldn't open random device"); } @@ -97,6 +102,24 @@ if (readlen < 0 && errno == EINTR) { continue; } +#ifdef DROPBEAR_URANDOM_DEV + /* if the main random source blocked, lets retry a few times, + * but then give up and try a constant random source. */ + if (readlen < 0 && errno == EAGAIN) { + ++readtries; + if (readtries < 5) { + sleep(1); + continue; + } else if (readtries == 5) { + close (readfd); + readfd = open(DROPBEAR_URANDOM_DEV, readmode); + if (readfd < 0) { + dropbear_exit("couldn't open secondary random device"); + } + continue; + } + } +#endif dropbear_exit("error reading random source"); } readpos += readlen; package/dropbear_sshd/dropbear_sshd.mk +3 −2 Original line number Diff line number Diff line Loading @@ -3,9 +3,10 @@ # dropbear_sshd # ############################################################# DROPBEAR_SSHD_SOURCE:=dropbear-0.46.tar.bz2 DROPBEAR_SSHD_VER:=0.46 DROPBEAR_SSHD_SOURCE:=dropbear-$(DROPBEAR_SSHD_VER).tar.bz2 DROPBEAR_SSHD_SITE:=http://matt.ucc.asn.au/dropbear/releases/ DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.46 DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-$(DROPBEAR_SSHD_VER) DROPBEAR_SSHD_CAT:=bzcat DROPBEAR_SSHD_BINARY:=dropbearmulti DROPBEAR_SSHD_TARGET_BINARY:=usr/sbin/dropbear Loading Loading
package/dropbear_sshd/dropbear-0.45-urandom.patch 0 → 100644 +56 −0 Original line number Diff line number Diff line --- dropbear-0.45/options.h +++ dropbear-0.45/options.h @@ -148,6 +148,10 @@ /* prngd must be manually set up to produce output */ /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ +/* If the normal random source would block for a while, fall back to + * the urandom source so that connections don't hang forever. */ +#define DROPBEAR_URANDOM_DEV "/dev/urandom" + /* Specify the number of clients we will allow to be connected but * not yet authenticated. After this limit, connections are rejected */ #ifndef MAX_UNAUTH_CLIENTS --- dropbear-0.45/random.c +++ dropbear-0.45/random.c @@ -57,9 +57,14 @@ struct sockaddr_un egdsock; char egdcmd[2]; #endif + mode_t readmode = O_RDONLY; +#ifdef DROPBEAR_URANDOM_DEV + unsigned int readtries = 0; + readmode |= O_NONBLOCK; +#endif #ifdef DROPBEAR_RANDOM_DEV - readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY); + readfd = open(DROPBEAR_RANDOM_DEV, readmode); if (readfd < 0) { dropbear_exit("couldn't open random device"); } @@ -97,6 +102,24 @@ if (readlen < 0 && errno == EINTR) { continue; } +#ifdef DROPBEAR_URANDOM_DEV + /* if the main random source blocked, lets retry a few times, + * but then give up and try a constant random source. */ + if (readlen < 0 && errno == EAGAIN) { + ++readtries; + if (readtries < 5) { + sleep(1); + continue; + } else if (readtries == 5) { + close (readfd); + readfd = open(DROPBEAR_URANDOM_DEV, readmode); + if (readfd < 0) { + dropbear_exit("couldn't open secondary random device"); + } + continue; + } + } +#endif dropbear_exit("error reading random source"); } readpos += readlen;
package/dropbear_sshd/dropbear_sshd.mk +3 −2 Original line number Diff line number Diff line Loading @@ -3,9 +3,10 @@ # dropbear_sshd # ############################################################# DROPBEAR_SSHD_SOURCE:=dropbear-0.46.tar.bz2 DROPBEAR_SSHD_VER:=0.46 DROPBEAR_SSHD_SOURCE:=dropbear-$(DROPBEAR_SSHD_VER).tar.bz2 DROPBEAR_SSHD_SITE:=http://matt.ucc.asn.au/dropbear/releases/ DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-0.46 DROPBEAR_SSHD_DIR:=$(BUILD_DIR)/dropbear-$(DROPBEAR_SSHD_VER) DROPBEAR_SSHD_CAT:=bzcat DROPBEAR_SSHD_BINARY:=dropbearmulti DROPBEAR_SSHD_TARGET_BINARY:=usr/sbin/dropbear Loading
