From 80ada635f156a1df7c621e1469b03a4b4a4d5752 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 4 Jan 2007 12:54:09 +0000
Subject: [PATCH] (_kdc_as_rep): check if krb5_generate_random_keyblock failes.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19686 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c |  4 +++-
 kdc/pkinit.c    | 16 ++++++++++++----
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index f92caadb6..f4d7ee9d0 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -1345,7 +1345,9 @@ _kdc_as_rep(krb5_context context,
 	goto out;
     }
 
-    krb5_generate_random_keyblock(context, sessionetype, &et.key);
+    ret = krb5_generate_random_keyblock(context, sessionetype, &et.key);
+    if (ret)
+	goto out;
     copy_PrincipalName(&rep.cname, &et.cname);
     copy_Realm(&rep.crealm, &et.crealm);
     
diff --git a/kdc/pkinit.c b/kdc/pkinit.c
index b4b1ede8a..196aa36cc 100644
--- a/kdc/pkinit.c
+++ b/kdc/pkinit.c
@@ -971,8 +971,12 @@ _kdc_pk_mk_pa_reply(krb5_context context,
 
 	    rep.element = choice_PA_PK_AS_REP_encKeyPack;
 
-	    krb5_generate_random_keyblock(context, enctype, 
-					  &client_params->reply_key);
+	    ret = krb5_generate_random_keyblock(context, enctype, 
+						&client_params->reply_key);
+	    if (ret) {
+		free_PA_PK_AS_REP(&rep);
+		goto out;
+	    }
 	    ret = pk_mk_pa_reply_enckey(context,
 					client_params,
 					req,
@@ -1062,8 +1066,12 @@ _kdc_pk_mk_pa_reply(krb5_context context,
 	pa_type = KRB5_PADATA_PK_AS_REP_19;
 	rep.element = choice_PA_PK_AS_REP_encKeyPack;
 
-	krb5_generate_random_keyblock(context, enctype, 
-				      &client_params->reply_key);
+	ret = krb5_generate_random_keyblock(context, enctype, 
+					    &client_params->reply_key);
+	if (ret) {
+	    free_PA_PK_AS_REP_Win2k(&rep);
+	    goto out;
+	}
 	ret = pk_mk_pa_reply_enckey(context,
 				    client_params,
 				    req,