+++ /dev/null
---- dropbear-0.45/options.h
-+++ dropbear-0.45/options.h
-@@ -148,6 +148,10 @@
- /* prngd must be manually set up to produce output */
- /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
-
-+/* If the normal random source would block for a while, fall back to
-+ * the urandom source so that connections don't hang forever. */
-+#define DROPBEAR_URANDOM_DEV "/dev/urandom"
-+
- /* Specify the number of clients we will allow to be connected but
- * not yet authenticated. After this limit, connections are rejected */
- #ifndef MAX_UNAUTH_CLIENTS
---- dropbear-0.45/random.c
-+++ dropbear-0.45/random.c
-@@ -57,9 +57,14 @@
- struct sockaddr_un egdsock;
- char egdcmd[2];
- #endif
-+ mode_t readmode = O_RDONLY;
-+#ifdef DROPBEAR_URANDOM_DEV
-+ unsigned int readtries = 0;
-+ readmode |= O_NONBLOCK;
-+#endif
-
- #ifdef DROPBEAR_RANDOM_DEV
-- readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
-+ readfd = open(DROPBEAR_RANDOM_DEV, readmode);
- if (readfd < 0) {
- dropbear_exit("couldn't open random device");
- }
-@@ -97,6 +102,24 @@
- if (readlen < 0 && errno == EINTR) {
- continue;
- }
-+#ifdef DROPBEAR_URANDOM_DEV
-+ /* if the main random source blocked, lets retry a few times,
-+ * but then give up and try a constant random source. */
-+ if (readlen < 0 && errno == EAGAIN) {
-+ ++readtries;
-+ if (readtries < 5) {
-+ sleep(1);
-+ continue;
-+ } else if (readtries == 5) {
-+ close (readfd);
-+ readfd = open(DROPBEAR_URANDOM_DEV, readmode);
-+ if (readfd < 0) {
-+ dropbear_exit("couldn't open secondary random device");
-+ }
-+ continue;
-+ }
-+ }
-+#endif
- dropbear_exit("error reading random source");
- }
- readpos += readlen;
projects / buildroot.git / commitdiff