<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>Ich sehe da keine Verbindung. Das Tool liest auch aus urandom:<br>

      <span class="blob-code-inner">f = <span class="pl-c1">fopen</span>(<span

          class="pl-s"><span class="pl-pds">"</span>/dev/urandom<span

            class="pl-pds">"</span></span>, <span class="pl-s"><span

            class="pl-pds">"</span>r<span class="pl-pds">"</span></span>);<br>

        aber sonst nix.</span></p>

    <p><span class="blob-code-inner">Ich biege hier nur von /dev/random

        nach /dev/urandom um. <br>

        Aus urandom sprudelt halt nich so viel Entropie, was aber egal

        ist, da wir nichts verschluesseln.</span></p>

    <p><span class="blob-code-inner">Eigentlich hat mich nur die

        Warterei nach dem flashen von Uplinkroutern genervt.</span></p>

    <p><span class="blob-code-inner">Ist also kein Systemrelevanter

        Patch, aber angenehm beim Testen wenn man immer wieder mal neu

        flasht.<br>

      </span></p>

    <p><span class="blob-code-inner">Robert<br>

      </span></p>

    <div class="moz-cite-prefix">Am 14.11.2017 um 11:59 schrieb Adrian

      Schmutzler:<br>

    </div>

    <blockquote type="cite"

      cite="mid:008601d35d37$a6c88560$f4599020$@adrianschmutzler.de">

      <pre wrap="">Wir hatten doch mal einen Patch mit einem neu gebauten random-Tool:

<a class="moz-txt-link-freetext" href="https://github.com/FreifunkFranken/firmware/commit/daa613722ca8b74dde508088a">https://github.com/FreifunkFranken/firmware/commit/daa613722ca8b74dde508088a</a>

baeb73b7ebad41f

Interferiert das irgendwie?

Grüße

Adrian

</pre>

      <blockquote type="cite">

        <pre wrap="">-----Original Message-----

From: franken-dev [<a class="moz-txt-link-freetext" href="mailto:franken-dev-bounces@freifunk.net">mailto:franken-dev-bounces@freifunk.net</a>] On Behalf

Of Robert Langhammer

Sent: Dienstag, 14. November 2017 01:15

To: <a class="moz-txt-link-abbreviated" href="mailto:franken-dev@freifunk.net">franken-dev@freifunk.net</a>

Subject: [PATCH] fastd: generate the key from urandom

We do not use encrypted tunnels, so we can use urandom generating the

keys to prevent blocking due to low entropy.

Signed-off-by: Robert Langhammer <a class="moz-txt-link-rfc2396E" href="mailto:rlanghammer@web.de"><rlanghammer@web.de></a>

---

 .../0020-fastd_generate_key_from_urandom.patch     | 33

++++++++++++++++++++++

 buildscript                                        |  3 +-

 2 files changed, 35 insertions(+), 1 deletion(-)  create mode 100644

build_patches/openwrt/fastd/0020-

fastd_generate_key_from_urandom.patch

diff --git a/build_patches/openwrt/fastd/0020-

fastd_generate_key_from_urandom.patch

b/build_patches/openwrt/fastd/0020-

fastd_generate_key_from_urandom.patch

new file mode 100644

index 0000000..252af39

--- /dev/null

+++ b/build_patches/openwrt/fastd/0020-

fastd_generate_key_from_urandom.p

+++ atch

@@ -0,0 +1,33 @@

+From 4a451ac5b17b1a7e8ce3d094067df7e21e61927d Mon Sep 17 00:00:00

2001

+From: Robert Langhammer <a class="moz-txt-link-rfc2396E" href="mailto:rlanghammer@web.de"><rlanghammer@web.de></a>

+Date: Mon, 13 Nov 2017 21:04:55 +0100

+Subject: [PATCH] fastd_generate_key_from_urandom

+

+---

+ net/fastd/patches/001-generate_key_from_urandom.patch | 14

+++++++++++++++

+ 1 file changed, 14 insertions(+)

+ create mode 100644

+net/fastd/patches/001-generate_key_from_urandom.patch

+

+diff --git a/net/fastd/patches/001-generate_key_from_urandom.patch

+b/net/fastd/patches/001-generate_key_from_urandom.patch

+new file mode 100644

+index 00000000..47280e52

+--- /dev/null

++++ b/net/fastd/patches/001-generate_key_from_urandom.patch

+@@ -0,0 +1,14 @@

++--- a/src/protocols/ec25519_fhmqvc/util.c

+++++ b/src/protocols/ec25519_fhmqvc/util.c

++@@ -47,9 +47,9 @@ void fastd_protocol_ec25519_fhmqvc_gener

++      ecc_int256_t public_key;

++

++      if (!conf.machine_readable)

++-             pr_info("Reading 32 bytes from /dev/random...");

+++             pr_info("Reading 32 bytes from /dev/urandom...");

++

++-     fastd_random_bytes(secret_key.p, SECRETKEYBYTES, true);

+++     fastd_random_bytes(secret_key.p, SECRETKEYBYTES, false);

++      ecc_25519_gf_sanitize_secret(&secret_key, &secret_key);

++

++      ecc_25519_work_t work;

+--

+2.11.0

+

diff --git a/buildscript b/buildscript

index 2fb1794..b2030ba 100755

--- a/buildscript

+++ b/buildscript

@@ -23,7 +23,8 @@ PACKAGEURL=<a class="moz-txt-link-rfc2396E" href="https://git.lede-project.org/feed/packages.git">"https://git.lede-

project.org/feed/packages.git"</a>

 #official openwrt packages

 OPENWRT=(openwrt

          $PACKAGEURL

-         $PACKAGEREV)

+         $PACKAGEREV

+         fastd/0020-fastd_generate_key_from_urandom.patch)

 OPENWRT_PKGS="gpioctl-sysfs libugpio fastd haserl"

 ## Be careful: FFF uses COMPAT_VERSION 15 as default at the moment.

--

2.11.0

--

franken-dev mailing list

<a class="moz-txt-link-abbreviated" href="mailto:franken-dev@freifunk.net">franken-dev@freifunk.net</a>

<a class="moz-txt-link-freetext" href="http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net">http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net</a>

</pre>

      </blockquote>

      <pre wrap="">

</pre>

    </blockquote>

    <br>

  </body>

</html>