|
|
@@ -1,56 +0,0 @@
|
|
|
---- dropbear-0.45/options.h
|
|
|
-+++ dropbear-0.45/options.h
|
|
|
-@@ -148,6 +148,10 @@
|
|
|
- /* prngd must be manually set up to produce output */
|
|
|
- /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
|
|
|
-
|
|
|
-+/* If the normal random source would block for a while, fall back to
|
|
|
-+ * the urandom source so that connections don't hang forever. */
|
|
|
-+#define DROPBEAR_URANDOM_DEV "/dev/urandom"
|
|
|
-+
|
|
|
- /* Specify the number of clients we will allow to be connected but
|
|
|
- * not yet authenticated. After this limit, connections are rejected */
|
|
|
- #ifndef MAX_UNAUTH_CLIENTS
|
|
|
---- dropbear-0.45/random.c
|
|
|
-+++ dropbear-0.45/random.c
|
|
|
-@@ -57,9 +57,14 @@
|
|
|
- struct sockaddr_un egdsock;
|
|
|
- char egdcmd[2];
|
|
|
- #endif
|
|
|
-+ mode_t readmode = O_RDONLY;
|
|
|
-+#ifdef DROPBEAR_URANDOM_DEV
|
|
|
-+ unsigned int readtries = 0;
|
|
|
-+ readmode |= O_NONBLOCK;
|
|
|
-+#endif
|
|
|
-
|
|
|
- #ifdef DROPBEAR_RANDOM_DEV
|
|
|
-- readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
|
|
|
-+ readfd = open(DROPBEAR_RANDOM_DEV, readmode);
|
|
|
- if (readfd < 0) {
|
|
|
- dropbear_exit("couldn't open random device");
|
|
|
- }
|
|
|
-@@ -97,6 +102,24 @@
|
|
|
- if (readlen < 0 && errno == EINTR) {
|
|
|
- continue;
|
|
|
- }
|
|
|
-+#ifdef DROPBEAR_URANDOM_DEV
|
|
|
-+ /* if the main random source blocked, lets retry a few times,
|
|
|
-+ * but then give up and try a constant random source. */
|
|
|
-+ if (readlen < 0 && errno == EAGAIN) {
|
|
|
-+ ++readtries;
|
|
|
-+ if (readtries < 5) {
|
|
|
-+ sleep(1);
|
|
|
-+ continue;
|
|
|
-+ } else if (readtries == 5) {
|
|
|
-+ close (readfd);
|
|
|
-+ readfd = open(DROPBEAR_URANDOM_DEV, readmode);
|
|
|
-+ if (readfd < 0) {
|
|
|
-+ dropbear_exit("couldn't open secondary random device");
|
|
|
-+ }
|
|
|
-+ continue;
|
|
|
-+ }
|
|
|
-+ }
|
|
|
-+#endif
|
|
|
- dropbear_exit("error reading random source");
|
|
|
- }
|
|
|
- readpos += readlen;
|
Mike Frysinger