From: Felix Fietkau Date: Tue, 22 Mar 2011 21:00:54 +0000 (+0000) Subject: hostapd: make entropy collection contribute to the kernel pool X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;hb=d4d24c40fce4a19aac34bfa01783d15b3d663fe6 hostapd: make entropy collection contribute to the kernel pool SVN-Revision: 26272 --- diff --git a/package/hostapd/patches/700-random_pool_add_kernel.patch b/package/hostapd/patches/700-random_pool_add_kernel.patch new file mode 100644 index 0000000000..1edaff9e77 --- /dev/null +++ b/package/hostapd/patches/700-random_pool_add_kernel.patch @@ -0,0 +1,120 @@ +--- a/src/crypto/random.c ++++ b/src/crypto/random.c +@@ -47,6 +47,8 @@ + #define EXTRACT_LEN 16 + #define MIN_READY_MARK 2 + ++#ifndef CONFIG_NO_RANDOM_POOL ++ + static u32 pool[POOL_WORDS]; + static unsigned int input_rotate = 0; + static unsigned int pool_pos = 0; +@@ -120,7 +122,7 @@ static void random_extract(u8 *out) + } + + +-void random_add_randomness(const void *buf, size_t len) ++static void random_pool_add_randomness(const void *buf, size_t len) + { + struct os_time t; + static unsigned int count = 0; +@@ -260,3 +262,22 @@ void random_mark_pool_ready(void) + wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be " + "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK); + } ++ ++#endif /* CONFIG_NO_RANDOM_POOL */ ++ ++ ++void random_add_randomness(const void *buf, size_t len) ++{ ++#ifdef __linux__ ++ int fd; ++ ++ fd = open("/dev/random", O_RDWR); ++ if (fd >= 0) { ++ write(fd, buf, len); ++ close(fd); ++ } ++#endif ++#ifndef CONFIG_NO_RANDOM_POOL ++ random_pool_add_randomness(buf, len); ++#endif ++} +--- a/hostapd/Makefile ++++ b/hostapd/Makefile +@@ -698,11 +698,11 @@ endif + ifdef CONFIG_NO_RANDOM_POOL + CFLAGS += -DCONFIG_NO_RANDOM_POOL + else +-OBJS += ../src/crypto/random.o +-HOBJS += ../src/crypto/random.o + HOBJS += $(SHA1OBJS) + HOBJS += ../src/crypto/md5.o + endif ++OBJS += ../src/crypto/random.o ++HOBJS += ../src/crypto/random.o + + ifdef CONFIG_RADIUS_SERVER + CFLAGS += -DRADIUS_SERVER +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -1101,9 +1101,8 @@ endif + + ifdef CONFIG_NO_RANDOM_POOL + CFLAGS += -DCONFIG_NO_RANDOM_POOL +-else +-OBJS += ../src/crypto/random.o + endif ++OBJS += ../src/crypto/random.o + + ifdef CONFIG_CTRL_IFACE + ifeq ($(CONFIG_CTRL_IFACE), y) +--- a/wpa_supplicant/Android.mk ++++ b/wpa_supplicant/Android.mk +@@ -1102,9 +1102,8 @@ endif + + ifdef CONFIG_NO_RANDOM_POOL + L_CFLAGS += -DCONFIG_NO_RANDOM_POOL +-else +-OBJS += src/crypto/random.c + endif ++OBJS += src/crypto/random.c + + ifdef CONFIG_CTRL_IFACE + ifeq ($(CONFIG_CTRL_IFACE), y) +--- a/hostapd/Android.mk ++++ b/hostapd/Android.mk +@@ -717,11 +717,11 @@ endif + ifdef CONFIG_NO_RANDOM_POOL + L_CFLAGS += -DCONFIG_NO_RANDOM_POOL + else +-OBJS += src/crypto/random.c +-HOBJS += src/crypto/random.c + HOBJS += $(SHA1OBJS) + HOBJS += src/crypto/md5.c + endif ++OBJS += src/crypto/random.c ++HOBJS += src/crypto/random.c + + ifdef CONFIG_RADIUS_SERVER + L_CFLAGS += -DRADIUS_SERVER +--- a/src/crypto/random.h ++++ b/src/crypto/random.h +@@ -16,15 +16,14 @@ + #define RANDOM_H + + #ifdef CONFIG_NO_RANDOM_POOL +-#define random_add_randomness(b, l) do { } while (0) + #define random_get_bytes(b, l) os_get_random((b), (l)) + #define random_pool_ready() 1 + #define random_mark_pool_ready() do { } while (0) + #else /* CONFIG_NO_RANDOM_POOL */ +-void random_add_randomness(const void *buf, size_t len); + int random_get_bytes(void *buf, size_t len); + int random_pool_ready(void); + void random_mark_pool_ready(void); + #endif /* CONFIG_NO_RANDOM_POOL */ ++void random_add_randomness(const void *buf, size_t len); + + #endif /* RANDOM_H */ diff --git a/package/hostapd/patches/700-use_dev_urandom.patch b/package/hostapd/patches/700-use_dev_urandom.patch deleted file mode 100644 index b72319ff17..0000000000 --- a/package/hostapd/patches/700-use_dev_urandom.patch +++ /dev/null @@ -1,47 +0,0 @@ ---- a/src/crypto/random.c -+++ b/src/crypto/random.c -@@ -202,16 +202,16 @@ int random_pool_ready(void) - - /* - * Try to fetch some more data from the kernel high quality -- * /dev/random. There may not be enough data available at this point, -+ * /dev/urandom. There may not be enough data available at this point, - * so use non-blocking read to avoid blocking the application - * completely. - */ -- fd = open("/dev/random", O_RDONLY | O_NONBLOCK); -+ fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK); - if (fd < 0) { - #ifndef CONFIG_NO_STDOUT_DEBUG - int error = errno; -- perror("open(/dev/random)"); -- wpa_printf(MSG_ERROR, "random: Cannot open /dev/random: %s", -+ perror("open(/dev/urandom)"); -+ wpa_printf(MSG_ERROR, "random: Cannot open /dev/urandom: %s", - strerror(error)); - #endif /* CONFIG_NO_STDOUT_DEBUG */ - return -1; -@@ -220,12 +220,12 @@ int random_pool_ready(void) - res = read(fd, dummy_key + dummy_key_avail, - sizeof(dummy_key) - dummy_key_avail); - if (res < 0) { -- wpa_printf(MSG_ERROR, "random: Cannot read from /dev/random: " -+ wpa_printf(MSG_ERROR, "random: Cannot read from /dev/urandom: " - "%s", strerror(errno)); - res = 0; - } - wpa_printf(MSG_DEBUG, "random: Got %u/%u bytes from " -- "/dev/random", (unsigned) res, -+ "/dev/urandom", (unsigned) res, - (unsigned) (sizeof(dummy_key) - dummy_key_avail)); - dummy_key_avail += res; - close(fd); -@@ -234,7 +234,7 @@ int random_pool_ready(void) - return 1; - - wpa_printf(MSG_INFO, "random: Only %u/%u bytes of strong " -- "random data available from /dev/random", -+ "random data available from /dev/urandom", - (unsigned) dummy_key_avail, (unsigned) sizeof(dummy_key)); - - if (own_pool_ready >= MIN_READY_MARK ||