You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
178 lines
4.1 KiB
Diff
178 lines
4.1 KiB
Diff
--- a/src/crypto/random.c
|
|
+++ b/src/crypto/random.c
|
|
@@ -25,6 +25,7 @@
|
|
#include "utils/includes.h"
|
|
#ifdef __linux__
|
|
#include <fcntl.h>
|
|
+#include <sys/stat.h>
|
|
#endif /* __linux__ */
|
|
|
|
#include "utils/common.h"
|
|
@@ -33,6 +34,8 @@
|
|
#include "sha1.h"
|
|
#include "random.h"
|
|
|
|
+#define RANDOM_STAMPFILE "/var/run/.random_available"
|
|
+
|
|
#define POOL_WORDS 32
|
|
#define POOL_WORDS_MASK (POOL_WORDS - 1)
|
|
#define POOL_TAP1 26
|
|
@@ -43,6 +46,8 @@
|
|
#define EXTRACT_LEN 16
|
|
#define MIN_READY_MARK 2
|
|
|
|
+#ifndef CONFIG_NO_RANDOM_POOL
|
|
+
|
|
static u32 pool[POOL_WORDS];
|
|
static unsigned int input_rotate = 0;
|
|
static unsigned int pool_pos = 0;
|
|
@@ -123,7 +128,7 @@ static void random_extract(u8 *out)
|
|
}
|
|
|
|
|
|
-void random_add_randomness(const void *buf, size_t len)
|
|
+static void random_pool_add_randomness(const void *buf, size_t len)
|
|
{
|
|
struct os_time t;
|
|
static unsigned int count = 0;
|
|
@@ -213,16 +218,22 @@ int random_get_bytes(void *buf, size_t l
|
|
int random_pool_ready(void)
|
|
{
|
|
#ifdef __linux__
|
|
+ struct stat st;
|
|
int fd;
|
|
ssize_t res;
|
|
|
|
+ if (stat(RANDOM_STAMPFILE, &st) == 0)
|
|
+ return 1;
|
|
+
|
|
/*
|
|
* Make sure that there is reasonable entropy available before allowing
|
|
* some key derivation operations to proceed.
|
|
*/
|
|
|
|
- if (dummy_key_avail == sizeof(dummy_key))
|
|
+ if (dummy_key_avail == sizeof(dummy_key)) {
|
|
+ random_mark_pool_ready();
|
|
return 1; /* Already initialized - good to continue */
|
|
+ }
|
|
|
|
/*
|
|
* Try to fetch some more data from the kernel high quality
|
|
@@ -257,6 +268,7 @@ int random_pool_ready(void)
|
|
if (dummy_key_avail == sizeof(dummy_key)) {
|
|
if (own_pool_ready < MIN_READY_MARK)
|
|
own_pool_ready = MIN_READY_MARK;
|
|
+ random_mark_pool_ready();
|
|
random_write_entropy();
|
|
return 1;
|
|
}
|
|
@@ -269,6 +281,7 @@ int random_pool_ready(void)
|
|
total_collected + 10 * own_pool_ready > MIN_COLLECT_ENTROPY) {
|
|
wpa_printf(MSG_INFO, "random: Allow operation to proceed "
|
|
"based on internal entropy");
|
|
+ random_mark_pool_ready();
|
|
return 1;
|
|
}
|
|
|
|
@@ -284,10 +297,16 @@ int random_pool_ready(void)
|
|
|
|
void random_mark_pool_ready(void)
|
|
{
|
|
+ int fd;
|
|
+
|
|
own_pool_ready++;
|
|
wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be "
|
|
"ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK);
|
|
random_write_entropy();
|
|
+
|
|
+ fd = open(RANDOM_STAMPFILE, O_CREAT | O_WRONLY | O_EXCL | O_NOFOLLOW, 0600);
|
|
+ if (fd >= 0)
|
|
+ close(fd);
|
|
}
|
|
|
|
|
|
@@ -444,3 +463,22 @@ void random_deinit(void)
|
|
os_free(random_entropy_file);
|
|
random_entropy_file = NULL;
|
|
}
|
|
+
|
|
+#endif /* CONFIG_NO_RANDOM_POOL */
|
|
+
|
|
+
|
|
+void random_add_randomness(const void *buf, size_t len)
|
|
+{
|
|
+#ifdef __linux__
|
|
+ int fd;
|
|
+
|
|
+ fd = open("/dev/random", O_RDWR);
|
|
+ if (fd >= 0) {
|
|
+ write(fd, buf, len);
|
|
+ close(fd);
|
|
+ }
|
|
+#endif
|
|
+#ifndef CONFIG_NO_RANDOM_POOL
|
|
+ random_pool_add_randomness(buf, len);
|
|
+#endif
|
|
+}
|
|
--- a/wpa_supplicant/Makefile
|
|
+++ b/wpa_supplicant/Makefile
|
|
@@ -1236,9 +1236,8 @@ endif
|
|
|
|
ifdef CONFIG_NO_RANDOM_POOL
|
|
CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
|
-else
|
|
-OBJS += ../src/crypto/random.o
|
|
endif
|
|
+OBJS += ../src/crypto/random.o
|
|
|
|
ifdef CONFIG_CTRL_IFACE
|
|
ifeq ($(CONFIG_CTRL_IFACE), y)
|
|
--- a/wpa_supplicant/Android.mk
|
|
+++ b/wpa_supplicant/Android.mk
|
|
@@ -1208,9 +1208,8 @@ endif
|
|
|
|
ifdef CONFIG_NO_RANDOM_POOL
|
|
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
|
-else
|
|
-OBJS += src/crypto/random.c
|
|
endif
|
|
+OBJS += src/crypto/random.c
|
|
|
|
ifdef CONFIG_CTRL_IFACE
|
|
ifeq ($(CONFIG_CTRL_IFACE), y)
|
|
--- a/hostapd/Android.mk
|
|
+++ b/hostapd/Android.mk
|
|
@@ -785,12 +785,12 @@ endif
|
|
ifdef CONFIG_NO_RANDOM_POOL
|
|
L_CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
|
else
|
|
-OBJS += src/crypto/random.c
|
|
-HOBJS += src/crypto/random.c
|
|
HOBJS += src/utils/eloop.c
|
|
HOBJS += $(SHA1OBJS)
|
|
HOBJS += src/crypto/md5.c
|
|
endif
|
|
+OBJS += src/crypto/random.c
|
|
+HOBJS += src/crypto/random.c
|
|
|
|
ifdef CONFIG_RADIUS_SERVER
|
|
L_CFLAGS += -DRADIUS_SERVER
|
|
--- a/hostapd/Makefile
|
|
+++ b/hostapd/Makefile
|
|
@@ -755,12 +755,12 @@ endif
|
|
ifdef CONFIG_NO_RANDOM_POOL
|
|
CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
|
else
|
|
-OBJS += ../src/crypto/random.o
|
|
-HOBJS += ../src/crypto/random.o
|
|
HOBJS += ../src/utils/eloop.o
|
|
HOBJS += $(SHA1OBJS)
|
|
HOBJS += ../src/crypto/md5.o
|
|
endif
|
|
+OBJS += ../src/crypto/random.o
|
|
+HOBJS += ../src/crypto/random.o
|
|
|
|
ifdef CONFIG_RADIUS_SERVER
|
|
CFLAGS += -DRADIUS_SERVER
|