oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

accept >= 0 and valid return codes from RAND_bytes due to broken engine from the isc bind implementation, reported by Sam Liddicott

Browse Source
This commit is contained in:
Love Hornquist Astrand
2010-09-01 21:00:07 -07:00
parent 33e0d2c32e
commit 856c1c0a86
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/krb5/crypto.c
View File

@@ -3991,7 +3991,7 @@ krb5_generate_random_block(void *buf, size_t len)
rng_initialized = 1; rng_initialized = 1;
} }
HEIMDAL_MUTEX_unlock(&crypto_mutex); HEIMDAL_MUTEX_unlock(&crypto_mutex);
if (RAND_bytes(buf, len) != 1) if (RAND_bytes(buf, len) <= 0)
krb5_abortx(NULL, "Failed to generate random block"); krb5_abortx(NULL, "Failed to generate random block");
} }

2
lib/krb5/generate_seq_number.c
View File

@@ -38,7 +38,7 @@ krb5_generate_seq_number(krb5_context context,
const krb5_keyblock *key, const krb5_keyblock *key,
uint32_t *seqno) uint32_t *seqno)
{ {
if (RAND_bytes((void *)seqno, sizeof(*seqno)) != 1) if (RAND_bytes((void *)seqno, sizeof(*seqno)) <= 0)
krb5_abortx(context, "Failed to generate random block"); krb5_abortx(context, "Failed to generate random block");
/* MIT used signed numbers, lets not stomp into that space directly */ /* MIT used signed numbers, lets not stomp into that space directly */
*seqno &= 0x3fffffff; *seqno &= 0x3fffffff;