summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/hcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/hcrypto')
-rw-r--r--source4/heimdal/lib/hcrypto/hmac.c4
-rw-r--r--source4/heimdal/lib/hcrypto/rand-unix.c12
-rw-r--r--source4/heimdal/lib/hcrypto/rand.c19
-rw-r--r--source4/heimdal/lib/hcrypto/randi.h1
4 files changed, 24 insertions, 12 deletions
diff --git a/source4/heimdal/lib/hcrypto/hmac.c b/source4/heimdal/lib/hcrypto/hmac.c
index dcd836d0be..d11bd98769 100644
--- a/source4/heimdal/lib/hcrypto/hmac.c
+++ b/source4/heimdal/lib/hcrypto/hmac.c
@@ -52,12 +52,12 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx)
ctx->buf = NULL;
}
if (ctx->opad) {
- memset(ctx->ipad, 0, ctx->key_length);
+ memset(ctx->opad, 0, EVP_MD_block_size(ctx->md));
free(ctx->opad);
ctx->opad = NULL;
}
if (ctx->ipad) {
- memset(ctx->ipad, 0, ctx->key_length);
+ memset(ctx->ipad, 0, EVP_MD_block_size(ctx->md));
free(ctx->ipad);
ctx->ipad = NULL;
}
diff --git a/source4/heimdal/lib/hcrypto/rand-unix.c b/source4/heimdal/lib/hcrypto/rand-unix.c
index 4c1f33da59..63dc97fbfa 100644
--- a/source4/heimdal/lib/hcrypto/rand-unix.c
+++ b/source4/heimdal/lib/hcrypto/rand-unix.c
@@ -46,8 +46,8 @@
* Unix /dev/random
*/
-static int
-get_device_fd(int flags)
+int
+_hc_unix_device_fd(int flags, char **fn)
{
static const char *rnd_devices[] = {
"/dev/urandom",
@@ -61,6 +61,8 @@ get_device_fd(int flags)
for(p = rnd_devices; *p; p++) {
int fd = open(*p, flags | O_NDELAY);
if(fd >= 0) {
+ if (fn)
+ *fn = *p;
rk_cloexec(fd);
return fd;
}
@@ -76,7 +78,7 @@ unix_seed(const void *indata, int size)
if (size <= 0)
return;
- fd = get_device_fd(O_WRONLY);
+ fd = _hc_unix_device_fd(O_WRONLY, NULL);
if (fd < 0)
return;
@@ -97,7 +99,7 @@ unix_bytes(unsigned char *outdata, int size)
else if (size == 0)
return 1;
- fd = get_device_fd(O_RDONLY);
+ fd = _hc_unix_device_fd(O_RDONLY, NULL);
if (fd < 0)
return 0;
@@ -139,7 +141,7 @@ unix_status(void)
{
int fd;
- fd = get_device_fd(O_RDONLY);
+ fd = _hc_unix_device_fd(O_RDONLY, NULL);
if (fd < 0)
return 0;
close(fd);
diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c
index 9f0438a34e..d360ffcab4 100644
--- a/source4/heimdal/lib/hcrypto/rand.c
+++ b/source4/heimdal/lib/hcrypto/rand.c
@@ -342,23 +342,32 @@ RAND_write_file(const char *filename)
const char *
RAND_file_name(char *filename, size_t size)
{
- const char *e = NULL;
+ char *e = NULL;
int pathp = 0, ret;
if (!issuid()) {
e = getenv("RANDFILE");
- if (e == NULL) {
+ if (e == NULL)
e = getenv("HOME");
- if (e)
- pathp = 1;
- }
+ if (e)
+ pathp = 1;
}
/*
* Here we really want to call getpwuid(getuid()) but this will
* cause recursive lookups if the nss library uses
* gssapi/krb5/hcrypto to authenticate to the ldap servers.
+ *
+ * So at least return the unix /dev/random if we have one
*/
+#ifndef _WIN32
+ if (e == NULL) {
+ int fd;
+ fd = _hc_unix_device_fd(O_RDONLY, &e);
+ if (fd >= 0)
+ close(fd);
+ }
+#endif
if (e == NULL)
return NULL;
diff --git a/source4/heimdal/lib/hcrypto/randi.h b/source4/heimdal/lib/hcrypto/randi.h
index c6c617af22..a6d921413a 100644
--- a/source4/heimdal/lib/hcrypto/randi.h
+++ b/source4/heimdal/lib/hcrypto/randi.h
@@ -45,5 +45,6 @@ extern const RAND_METHOD hc_rand_timer_method;
extern const RAND_METHOD hc_rand_w32crypto_method;
const RAND_METHOD * RAND_timer_method(void);
+int _hc_unix_device_fd(int, char **);
#endif /* _HEIM_RANDI_H */