<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Ich sehe da keine Verbindung. Das Tool liest auch aus urandom:<br>
<span class="blob-code-inner">f = <span class="pl-c1">fopen</span>(<span
class="pl-s"><span class="pl-pds">"</span>/dev/urandom<span
class="pl-pds">"</span></span>, <span class="pl-s"><span
class="pl-pds">"</span>r<span class="pl-pds">"</span></span>);<br>
aber sonst nix.</span></p>
<p><span class="blob-code-inner">Ich biege hier nur von /dev/random
nach /dev/urandom um. <br>
Aus urandom sprudelt halt nich so viel Entropie, was aber egal
ist, da wir nichts verschluesseln.</span></p>
<p><span class="blob-code-inner">Eigentlich hat mich nur die
Warterei nach dem flashen von Uplinkroutern genervt.</span></p>
<p><span class="blob-code-inner">Ist also kein Systemrelevanter
Patch, aber angenehm beim Testen wenn man immer wieder mal neu
flasht.<br>
</span></p>
<p><span class="blob-code-inner">Robert<br>
</span></p>
<div class="moz-cite-prefix">Am 14.11.2017 um 11:59 schrieb Adrian
Schmutzler:<br>
</div>
<blockquote type="cite"
cite="mid:008601d35d37$a6c88560$f4599020$@adrianschmutzler.de">
<pre wrap="">Wir hatten doch mal einen Patch mit einem neu gebauten random-Tool:
<a class="moz-txt-link-freetext" href="https://github.com/FreifunkFranken/firmware/commit/daa613722ca8b74dde508088a">https://github.com/FreifunkFranken/firmware/commit/daa613722ca8b74dde508088a</a>
baeb73b7ebad41f
Interferiert das irgendwie?
Grüße
Adrian
</pre>
<blockquote type="cite">
<pre wrap="">-----Original Message-----
From: franken-dev [<a class="moz-txt-link-freetext" href="mailto:franken-dev-bounces@freifunk.net">mailto:franken-dev-bounces@freifunk.net</a>] On Behalf
Of Robert Langhammer
Sent: Dienstag, 14. November 2017 01:15
To: <a class="moz-txt-link-abbreviated" href="mailto:franken-dev@freifunk.net">franken-dev@freifunk.net</a>
Subject: [PATCH] fastd: generate the key from urandom
We do not use encrypted tunnels, so we can use urandom generating the
keys to prevent blocking due to low entropy.
Signed-off-by: Robert Langhammer <a class="moz-txt-link-rfc2396E" href="mailto:rlanghammer@web.de"><rlanghammer@web.de></a>
---
.../0020-fastd_generate_key_from_urandom.patch | 33
++++++++++++++++++++++
buildscript | 3 +-
2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644
build_patches/openwrt/fastd/0020-
fastd_generate_key_from_urandom.patch
diff --git a/build_patches/openwrt/fastd/0020-
fastd_generate_key_from_urandom.patch
b/build_patches/openwrt/fastd/0020-
fastd_generate_key_from_urandom.patch
new file mode 100644
index 0000000..252af39
--- /dev/null
+++ b/build_patches/openwrt/fastd/0020-
fastd_generate_key_from_urandom.p
+++ atch
@@ -0,0 +1,33 @@
+From 4a451ac5b17b1a7e8ce3d094067df7e21e61927d Mon Sep 17 00:00:00
2001
+From: Robert Langhammer <a class="moz-txt-link-rfc2396E" href="mailto:rlanghammer@web.de"><rlanghammer@web.de></a>
+Date: Mon, 13 Nov 2017 21:04:55 +0100
+Subject: [PATCH] fastd_generate_key_from_urandom
+
+---
+ net/fastd/patches/001-generate_key_from_urandom.patch | 14
+++++++++++++++
+ 1 file changed, 14 insertions(+)
+ create mode 100644
+net/fastd/patches/001-generate_key_from_urandom.patch
+
+diff --git a/net/fastd/patches/001-generate_key_from_urandom.patch
+b/net/fastd/patches/001-generate_key_from_urandom.patch
+new file mode 100644
+index 00000000..47280e52
+--- /dev/null
++++ b/net/fastd/patches/001-generate_key_from_urandom.patch
+@@ -0,0 +1,14 @@
++--- a/src/protocols/ec25519_fhmqvc/util.c
+++++ b/src/protocols/ec25519_fhmqvc/util.c
++@@ -47,9 +47,9 @@ void fastd_protocol_ec25519_fhmqvc_gener
++ ecc_int256_t public_key;
++
++ if (!conf.machine_readable)
++- pr_info("Reading 32 bytes from /dev/random...");
+++ pr_info("Reading 32 bytes from /dev/urandom...");
++
++- fastd_random_bytes(secret_key.p, SECRETKEYBYTES, true);
+++ fastd_random_bytes(secret_key.p, SECRETKEYBYTES, false);
++ ecc_25519_gf_sanitize_secret(&secret_key, &secret_key);
++
++ ecc_25519_work_t work;
+--
+2.11.0
+
diff --git a/buildscript b/buildscript
index 2fb1794..b2030ba 100755
--- a/buildscript
+++ b/buildscript
@@ -23,7 +23,8 @@ PACKAGEURL=<a class="moz-txt-link-rfc2396E" href="https://git.lede-project.org/feed/packages.git">"https://git.lede-
project.org/feed/packages.git"</a>
#official openwrt packages
OPENWRT=(openwrt
$PACKAGEURL
- $PACKAGEREV)
+ $PACKAGEREV
+ fastd/0020-fastd_generate_key_from_urandom.patch)
OPENWRT_PKGS="gpioctl-sysfs libugpio fastd haserl"
## Be careful: FFF uses COMPAT_VERSION 15 as default at the moment.
--
2.11.0
--
franken-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:franken-dev@freifunk.net">franken-dev@freifunk.net</a>
<a class="moz-txt-link-freetext" href="http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net">http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<br>
</body>
</html>