hostapd: make entropy collection contribute to the kernel pool

SVN-Revision: 26272
master
Felix Fietkau 14 years ago
parent 771d6f18f6
commit 85b859a2b6
  1. 120
      package/hostapd/patches/700-random_pool_add_kernel.patch
  2. 47
      package/hostapd/patches/700-use_dev_urandom.patch

@ -0,0 +1,120 @@
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -47,6 +47,8 @@
#define EXTRACT_LEN 16
#define MIN_READY_MARK 2
+#ifndef CONFIG_NO_RANDOM_POOL
+
static u32 pool[POOL_WORDS];
static unsigned int input_rotate = 0;
static unsigned int pool_pos = 0;
@@ -120,7 +122,7 @@ static void random_extract(u8 *out)
}
-void random_add_randomness(const void *buf, size_t len)
+static void random_pool_add_randomness(const void *buf, size_t len)
{
struct os_time t;
static unsigned int count = 0;
@@ -260,3 +262,22 @@ void random_mark_pool_ready(void)
wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
"ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);
}
+
+#endif /* CONFIG_NO_RANDOM_POOL */
+
+
+void random_add_randomness(const void *buf, size_t len)
+{
+#ifdef __linux__
+ int fd;
+
+ fd = open("/dev/random", O_RDWR);
+ if (fd >= 0) {
+ write(fd, buf, len);
+ close(fd);
+ }
+#endif
+#ifndef CONFIG_NO_RANDOM_POOL
+ random_pool_add_randomness(buf, len);
+#endif
+}
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -698,11 +698,11 @@ endif
ifdef CONFIG_NO_RANDOM_POOL
CFLAGS += -DCONFIG_NO_RANDOM_POOL
else
-OBJS += ../src/crypto/random.o
-HOBJS += ../src/crypto/random.o
HOBJS += $(SHA1OBJS)
HOBJS += ../src/crypto/md5.o
endif
+OBJS += ../src/crypto/random.o
+HOBJS += ../src/crypto/random.o
ifdef CONFIG_RADIUS_SERVER
CFLAGS += -DRADIUS_SERVER
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1101,9 +1101,8 @@ endif
ifdef CONFIG_NO_RANDOM_POOL
CFLAGS += -DCONFIG_NO_RANDOM_POOL
-else
-OBJS += ../src/crypto/random.o
endif
+OBJS += ../src/crypto/random.o
ifdef CONFIG_CTRL_IFACE
ifeq ($(CONFIG_CTRL_IFACE), y)
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1102,9 +1102,8 @@ endif
ifdef CONFIG_NO_RANDOM_POOL
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
-else
-OBJS += src/crypto/random.c
endif
+OBJS += src/crypto/random.c
ifdef CONFIG_CTRL_IFACE
ifeq ($(CONFIG_CTRL_IFACE), y)
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -717,11 +717,11 @@ endif
ifdef CONFIG_NO_RANDOM_POOL
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
else
-OBJS += src/crypto/random.c
-HOBJS += src/crypto/random.c
HOBJS += $(SHA1OBJS)
HOBJS += src/crypto/md5.c
endif
+OBJS += src/crypto/random.c
+HOBJS += src/crypto/random.c
ifdef CONFIG_RADIUS_SERVER
L_CFLAGS += -DRADIUS_SERVER
--- a/src/crypto/random.h
+++ b/src/crypto/random.h
@@ -16,15 +16,14 @@
#define RANDOM_H
#ifdef CONFIG_NO_RANDOM_POOL
-#define random_add_randomness(b, l) do { } while (0)
#define random_get_bytes(b, l) os_get_random((b), (l))
#define random_pool_ready() 1
#define random_mark_pool_ready() do { } while (0)
#else /* CONFIG_NO_RANDOM_POOL */
-void random_add_randomness(const void *buf, size_t len);
int random_get_bytes(void *buf, size_t len);
int random_pool_ready(void);
void random_mark_pool_ready(void);
#endif /* CONFIG_NO_RANDOM_POOL */
+void random_add_randomness(const void *buf, size_t len);
#endif /* RANDOM_H */

@ -1,47 +0,0 @@
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -202,16 +202,16 @@ int random_pool_ready(void)
/*
* Try to fetch some more data from the kernel high quality
- * /dev/random. There may not be enough data available at this point,
+ * /dev/urandom. There may not be enough data available at this point,
* so use non-blocking read to avoid blocking the application
* completely.
*/
- fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
+ fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK);
if (fd < 0) {
#ifndef CONFIG_NO_STDOUT_DEBUG
int error = errno;
- perror("open(/dev/random)");
- wpa_printf(MSG_ERROR, "random: Cannot open /dev/random: %s",
+ perror("open(/dev/urandom)");
+ wpa_printf(MSG_ERROR, "random: Cannot open /dev/urandom: %s",
strerror(error));
#endif /* CONFIG_NO_STDOUT_DEBUG */
return -1;
@@ -220,12 +220,12 @@ int random_pool_ready(void)
res = read(fd, dummy_key + dummy_key_avail,
sizeof(dummy_key) - dummy_key_avail);
if (res < 0) {
- wpa_printf(MSG_ERROR, "random: Cannot read from /dev/random: "
+ wpa_printf(MSG_ERROR, "random: Cannot read from /dev/urandom: "
"%s", strerror(errno));
res = 0;
}
wpa_printf(MSG_DEBUG, "random: Got %u/%u bytes from "
- "/dev/random", (unsigned) res,
+ "/dev/urandom", (unsigned) res,
(unsigned) (sizeof(dummy_key) - dummy_key_avail));
dummy_key_avail += res;
close(fd);
@@ -234,7 +234,7 @@ int random_pool_ready(void)
return 1;
wpa_printf(MSG_INFO, "random: Only %u/%u bytes of strong "
- "random data available from /dev/random",
+ "random data available from /dev/urandom",
(unsigned) dummy_key_avail, (unsigned) sizeof(dummy_key));
if (own_pool_ready >= MIN_READY_MARK ||
Loading…
Cancel
Save