hostapd: properly mark random data as ready if initialization succeeds without reasso...

[openwrt-10.03/.git] / package / hostapd / patches / 700-random_pool_add_kernel.patch

diff --git a/package/hostapd/patches/700-random_pool_add_kernel.patch b/package/hostapd/patches/700-random_pool_add_kernel.patch
index 1edaff9e7732f93339f98ed31bb6732aa7f85880..84e556b45828b3614d14f0c8a1352a45cb8775ec 100644 (file)
--- a/package/hostapd/patches/700-random_pool_add_kernel.patch
+++ b/package/hostapd/patches/700-random_pool_add_kernel.patch
@@ -1,6 +1,15 @@
 --- a/src/crypto/random.c
 +++ b/src/crypto/random.c
 --- a/src/crypto/random.c
 +++ b/src/crypto/random.c

-@@ -47,6 +47,8 @@
+@@ -38,6 +38,8 @@
+ #include "sha1.h"
+ #include "random.h"
+ 
++#define RANDOM_STAMPFILE "/var/run/.random_available"
++
+ #define POOL_WORDS 32
+ #define POOL_WORDS_MASK (POOL_WORDS - 1)
+ #define POOL_TAP1 26
+@@ -48,6 +50,8 @@

  #define EXTRACT_LEN 16
  #define MIN_READY_MARK 2
  
  #define EXTRACT_LEN 16
  #define MIN_READY_MARK 2
  


@@ -9,7 +18,7 @@
  static u32 pool[POOL_WORDS];
  static unsigned int input_rotate = 0;
  static unsigned int pool_pos = 0;
  static u32 pool[POOL_WORDS];
  static unsigned int input_rotate = 0;
  static unsigned int pool_pos = 0;

-@@ -120,7 +122,7 @@ static void random_extract(u8 *out)
+@@ -122,7 +126,7 @@ static void random_extract(u8 *out)

  }
  
  
  }
  
  


@@ -18,9 +27,69 @@
  {
        struct os_time t;
        static unsigned int count = 0;
  {
        struct os_time t;
        static unsigned int count = 0;

-@@ -260,3 +262,22 @@ void random_mark_pool_ready(void)
+@@ -191,16 +195,22 @@ int random_get_bytes(void *buf, size_t l
+ int random_pool_ready(void)
+ {
+ #ifdef __linux__
++      struct stat st;
+       int fd;
+       ssize_t res;
+ 
++      if (stat(RANDOM_STAMPFILE, &st) == 0)
++              return 1;
++
+       /*
+        * Make sure that there is reasonable entropy available before allowing
+        * some key derivation operations to proceed.
+        */
+ 
+-      if (dummy_key_avail == sizeof(dummy_key))
++      if (dummy_key_avail == sizeof(dummy_key)) {
++              random_mark_pool_ready();
+               return 1; /* Already initialized - good to continue */
++      }
+ 
+       /*
+        * Try to fetch some more data from the kernel high quality
+@@ -232,8 +242,10 @@ int random_pool_ready(void)
+       dummy_key_avail += res;
+       close(fd);
+ 
+-      if (dummy_key_avail == sizeof(dummy_key))
++      if (dummy_key_avail == sizeof(dummy_key)) {
++              random_mark_pool_ready();
+               return 1;
++      }
+ 
+       wpa_printf(MSG_INFO, "random: Only %u/%u bytes of strong "
+                  "random data available from /dev/random",
+@@ -243,6 +255,7 @@ int random_pool_ready(void)
+           total_collected + 10 * own_pool_ready > MIN_COLLECT_ENTROPY) {
+               wpa_printf(MSG_INFO, "random: Allow operation to proceed "
+                          "based on internal entropy");
++              random_mark_pool_ready();
+               return 1;
+       }
+ 
+@@ -258,9 +271,15 @@ int random_pool_ready(void)
+ 
+ void random_mark_pool_ready(void)
+ {
++      int fd;
++
+       own_pool_ready++;

        wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
                   "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);
        wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
                   "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);

++
++      fd = open(RANDOM_STAMPFILE, O_CREAT | O_WRONLY | O_EXCL | O_NOFOLLOW, 0600);
++      if (fd >= 0)
++              close(fd);
+ }
+ 
+ 
+@@ -335,3 +354,22 @@ void random_deinit(void)
+       random_close_fd();
+ #endif /* __linux__ */

  }
 +
 +#endif /* CONFIG_NO_RANDOM_POOL */
  }
 +
 +#endif /* CONFIG_NO_RANDOM_POOL */


@@ -101,15 +170,17 @@
  L_CFLAGS += -DRADIUS_SERVER
 --- a/src/crypto/random.h
 +++ b/src/crypto/random.h
  L_CFLAGS += -DRADIUS_SERVER
 --- a/src/crypto/random.h
 +++ b/src/crypto/random.h

-@@ -16,15 +16,14 @@
- #define RANDOM_H
- 
+@@ -18,17 +18,16 @@

  #ifdef CONFIG_NO_RANDOM_POOL
  #ifdef CONFIG_NO_RANDOM_POOL

+ #define random_init() do { } while (0)
+ #define random_deinit() do { } while (0)

 -#define random_add_randomness(b, l) do { } while (0)
  #define random_get_bytes(b, l) os_get_random((b), (l))
  #define random_pool_ready() 1
  #define random_mark_pool_ready() do { } while (0)
  #else /* CONFIG_NO_RANDOM_POOL */
 -#define random_add_randomness(b, l) do { } while (0)
  #define random_get_bytes(b, l) os_get_random((b), (l))
  #define random_pool_ready() 1
  #define random_mark_pool_ready() do { } while (0)
  #else /* CONFIG_NO_RANDOM_POOL */

+ void random_init(void);
+ void random_deinit(void);

 -void random_add_randomness(const void *buf, size_t len);
  int random_get_bytes(void *buf, size_t len);
  int random_pool_ready(void);
 -void random_add_randomness(const void *buf, size_t len);
  int random_get_bytes(void *buf, size_t len);
  int random_pool_ready(void);