From cd1c8d463fff62f0798e514959d104be9320c87f Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Mon, 18 Nov 2013 13:54:26 +0000 Subject: hostapd: remove random pool support - the entropy it gathers is questionable and we have better entropy sources on common platforms now Signed-off-by: Felix Fietkau SVN-Revision: 38852 --- .../services/hostapd/files/hostapd-full.config | 1 + .../services/hostapd/files/hostapd-mini.config | 1 + .../hostapd/files/wpa_supplicant-full.config | 1 + .../hostapd/files/wpa_supplicant-mini.config | 1 + .../hostapd/files/wpa_supplicant-p2p.config | 1 + .../patches/500-random_pool_add_kernel.patch | 177 --------------------- 6 files changed, 5 insertions(+), 177 deletions(-) delete mode 100644 package/network/services/hostapd/patches/500-random_pool_add_kernel.patch (limited to 'package/network') diff --git a/package/network/services/hostapd/files/hostapd-full.config b/package/network/services/hostapd/files/hostapd-full.config index ae0c7cc012..2b71781181 100644 --- a/package/network/services/hostapd/files/hostapd-full.config +++ b/package/network/services/hostapd/files/hostapd-full.config @@ -158,6 +158,7 @@ CONFIG_INTERNAL_LIBTOMMATH=y CONFIG_INTERNAL_AES=y NEED_AES_DEC=y +CONFIG_NO_RANDOM_POOL=y CONFIG_NO_DUMP_STATE=y CONFIG_WPS=y diff --git a/package/network/services/hostapd/files/hostapd-mini.config b/package/network/services/hostapd/files/hostapd-mini.config index eada893a6a..0f0284bdc0 100644 --- a/package/network/services/hostapd/files/hostapd-mini.config +++ b/package/network/services/hostapd/files/hostapd-mini.config @@ -154,6 +154,7 @@ CONFIG_NO_RADIUS=y CONFIG_TLS=internal +CONFIG_NO_RANDOM_POOL=y CONFIG_NO_DUMP_STATE=y CONFIG_UBUS=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-full.config b/package/network/services/hostapd/files/wpa_supplicant-full.config index f5abbad94f..bbfaa73c1b 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-full.config +++ b/package/network/services/hostapd/files/wpa_supplicant-full.config @@ -403,6 +403,7 @@ CONFIG_INTERNAL_LIBTOMMATH_FAST=y #LIBS_p += -lbfd -liberty -lz #LIBS_c += -lbfd -liberty -lz +CONFIG_NO_RANDOM_POOL=y NEED_80211_COMMON=y CONFIG_IBSS_RSN=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-mini.config b/package/network/services/hostapd/files/wpa_supplicant-mini.config index 772e1d9809..a33e6f0a6f 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-mini.config +++ b/package/network/services/hostapd/files/wpa_supplicant-mini.config @@ -403,4 +403,5 @@ CONFIG_TLS=internal #LIBS_p += -lbfd -liberty -lz #LIBS_c += -lbfd -liberty -lz +CONFIG_NO_RANDOM_POOL=y NEED_80211_COMMON=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-p2p.config b/package/network/services/hostapd/files/wpa_supplicant-p2p.config index 2ec32aba88..82e0bf0c2a 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-p2p.config +++ b/package/network/services/hostapd/files/wpa_supplicant-p2p.config @@ -403,6 +403,7 @@ CONFIG_INTERNAL_LIBTOMMATH_FAST=y #LIBS_p += -lbfd -liberty -lz #LIBS_c += -lbfd -liberty -lz +CONFIG_NO_RANDOM_POOL=y NEED_80211_COMMON=y CONFIG_IBSS_RSN=y diff --git a/package/network/services/hostapd/patches/500-random_pool_add_kernel.patch b/package/network/services/hostapd/patches/500-random_pool_add_kernel.patch deleted file mode 100644 index b47143d00f..0000000000 --- a/package/network/services/hostapd/patches/500-random_pool_add_kernel.patch +++ /dev/null @@ -1,177 +0,0 @@ ---- a/src/crypto/random.c -+++ b/src/crypto/random.c -@@ -25,6 +25,7 @@ - #include "utils/includes.h" - #ifdef __linux__ - #include -+#include - #endif /* __linux__ */ - - #include "utils/common.h" -@@ -33,6 +34,8 @@ - #include "sha1.h" - #include "random.h" - -+#define RANDOM_STAMPFILE "/var/run/.random_available" -+ - #define POOL_WORDS 32 - #define POOL_WORDS_MASK (POOL_WORDS - 1) - #define POOL_TAP1 26 -@@ -43,6 +46,8 @@ - #define EXTRACT_LEN 16 - #define MIN_READY_MARK 2 - -+#ifndef CONFIG_NO_RANDOM_POOL -+ - static u32 pool[POOL_WORDS]; - static unsigned int input_rotate = 0; - static unsigned int pool_pos = 0; -@@ -123,7 +128,7 @@ static void random_extract(u8 *out) - } - - --void random_add_randomness(const void *buf, size_t len) -+static void random_pool_add_randomness(const void *buf, size_t len) - { - struct os_time t; - static unsigned int count = 0; -@@ -213,16 +218,22 @@ int random_get_bytes(void *buf, size_t l - int random_pool_ready(void) - { - #ifdef __linux__ -+ struct stat st; - int fd; - ssize_t res; - -+ if (stat(RANDOM_STAMPFILE, &st) == 0) -+ return 1; -+ - /* - * Make sure that there is reasonable entropy available before allowing - * some key derivation operations to proceed. - */ - -- if (dummy_key_avail == sizeof(dummy_key)) -+ if (dummy_key_avail == sizeof(dummy_key)) { -+ random_mark_pool_ready(); - return 1; /* Already initialized - good to continue */ -+ } - - /* - * Try to fetch some more data from the kernel high quality -@@ -257,6 +268,7 @@ int random_pool_ready(void) - if (dummy_key_avail == sizeof(dummy_key)) { - if (own_pool_ready < MIN_READY_MARK) - own_pool_ready = MIN_READY_MARK; -+ random_mark_pool_ready(); - random_write_entropy(); - return 1; - } -@@ -269,6 +281,7 @@ int random_pool_ready(void) - total_collected + 10 * own_pool_ready > MIN_COLLECT_ENTROPY) { - wpa_printf(MSG_INFO, "random: Allow operation to proceed " - "based on internal entropy"); -+ random_mark_pool_ready(); - return 1; - } - -@@ -284,10 +297,16 @@ int random_pool_ready(void) - - void random_mark_pool_ready(void) - { -+ int fd; -+ - own_pool_ready++; - wpa_printf(MSG_DEBUG, "random: Mark internal entropy pool to be " - "ready (count=%u/%u)", own_pool_ready, MIN_READY_MARK); - random_write_entropy(); -+ -+ fd = open(RANDOM_STAMPFILE, O_CREAT | O_WRONLY | O_EXCL | O_NOFOLLOW, 0600); -+ if (fd >= 0) -+ close(fd); - } - - -@@ -444,3 +463,22 @@ void random_deinit(void) - os_free(random_entropy_file); - random_entropy_file = NULL; - } -+ -+#endif /* CONFIG_NO_RANDOM_POOL */ -+ -+ -+void random_add_randomness(const void *buf, size_t len) -+{ -+#ifdef __linux__ -+ int fd; -+ -+ fd = open("/dev/random", O_RDWR); -+ if (fd >= 0) { -+ write(fd, buf, len); -+ close(fd); -+ } -+#endif -+#ifndef CONFIG_NO_RANDOM_POOL -+ random_pool_add_randomness(buf, len); -+#endif -+} ---- a/wpa_supplicant/Makefile -+++ b/wpa_supplicant/Makefile -@@ -1236,9 +1236,8 @@ endif - - ifdef CONFIG_NO_RANDOM_POOL - CFLAGS += -DCONFIG_NO_RANDOM_POOL --else --OBJS += ../src/crypto/random.o - endif -+OBJS += ../src/crypto/random.o - - ifdef CONFIG_CTRL_IFACE - ifeq ($(CONFIG_CTRL_IFACE), y) ---- a/wpa_supplicant/Android.mk -+++ b/wpa_supplicant/Android.mk -@@ -1208,9 +1208,8 @@ endif - - ifdef CONFIG_NO_RANDOM_POOL - L_CFLAGS += -DCONFIG_NO_RANDOM_POOL --else --OBJS += src/crypto/random.c - endif -+OBJS += src/crypto/random.c - - ifdef CONFIG_CTRL_IFACE - ifeq ($(CONFIG_CTRL_IFACE), y) ---- a/hostapd/Android.mk -+++ b/hostapd/Android.mk -@@ -785,12 +785,12 @@ endif - ifdef CONFIG_NO_RANDOM_POOL - L_CFLAGS += -DCONFIG_NO_RANDOM_POOL - else --OBJS += src/crypto/random.c --HOBJS += src/crypto/random.c - HOBJS += src/utils/eloop.c - HOBJS += $(SHA1OBJS) - HOBJS += src/crypto/md5.c - endif -+OBJS += src/crypto/random.c -+HOBJS += src/crypto/random.c - - ifdef CONFIG_RADIUS_SERVER - L_CFLAGS += -DRADIUS_SERVER ---- a/hostapd/Makefile -+++ b/hostapd/Makefile -@@ -755,12 +755,12 @@ endif - ifdef CONFIG_NO_RANDOM_POOL - CFLAGS += -DCONFIG_NO_RANDOM_POOL - else --OBJS += ../src/crypto/random.o --HOBJS += ../src/crypto/random.o - HOBJS += ../src/utils/eloop.o - HOBJS += $(SHA1OBJS) - HOBJS += ../src/crypto/md5.o - endif -+OBJS += ../src/crypto/random.o -+HOBJS += ../src/crypto/random.o - - ifdef CONFIG_RADIUS_SERVER - CFLAGS += -DRADIUS_SERVER -- cgit v1.2.3 ight .w { color: #bbbbbb } /* Text.Whitespace */ .highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */ .highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */ .highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */ .highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */
#
# Copyright (C) 2011-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#

include $(TOPDIR)/rules.mk

PKG_NAME:=scons
PKG_VERSION:=2.3.5

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/scons
PKG_MD5SUM:=8b0d1041266f89b18e47f26d943f8aa5

include $(INCLUDE_DIR)/host-build.mk

define Host/Configure
endef

define Host/Compile
endef

define Host/Install
	./files/pywrap.sh $(HOST_BUILD_DIR)/setup.py install --prefix=$(STAGING_DIR_HOST)
	rm -f $(STAGING_DIR_HOST)/bin/scons*.py
	for bin in $(STAGING_DIR_HOST)/bin/scons*; do \
		mv "$$$$bin" "$$$$bin.py";                \
		cp ./files/pywrap.sh "$$$$bin";           \
	done
endef

$(eval $(call HostBuild))