diff options
Diffstat (limited to 'source4/heimdal/lib/hcrypto')
| -rw-r--r-- | source4/heimdal/lib/hcrypto/hmac.c | 4 | ||||
| -rw-r--r-- | source4/heimdal/lib/hcrypto/rand-unix.c | 12 | ||||
| -rw-r--r-- | source4/heimdal/lib/hcrypto/rand.c | 19 | ||||
| -rw-r--r-- | source4/heimdal/lib/hcrypto/randi.h | 1 |
4 files changed, 24 insertions, 12 deletions
diff --git a/source4/heimdal/lib/hcrypto/hmac.c b/source4/heimdal/lib/hcrypto/hmac.c index dcd836d0be..d11bd98769 100644 --- a/source4/heimdal/lib/hcrypto/hmac.c +++ b/source4/heimdal/lib/hcrypto/hmac.c @@ -52,12 +52,12 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx) ctx->buf = NULL; } if (ctx->opad) { - memset(ctx->ipad, 0, ctx->key_length); + memset(ctx->opad, 0, EVP_MD_block_size(ctx->md)); free(ctx->opad); ctx->opad = NULL; } if (ctx->ipad) { - memset(ctx->ipad, 0, ctx->key_length); + memset(ctx->ipad, 0, EVP_MD_block_size(ctx->md)); free(ctx->ipad); ctx->ipad = NULL; } diff --git a/source4/heimdal/lib/hcrypto/rand-unix.c b/source4/heimdal/lib/hcrypto/rand-unix.c index 4c1f33da59..63dc97fbfa 100644 --- a/source4/heimdal/lib/hcrypto/rand-unix.c +++ b/source4/heimdal/lib/hcrypto/rand-unix.c @@ -46,8 +46,8 @@ * Unix /dev/random */ -static int -get_device_fd(int flags) +int +_hc_unix_device_fd(int flags, char **fn) { static const char *rnd_devices[] = { "/dev/urandom", @@ -61,6 +61,8 @@ get_device_fd(int flags) for(p = rnd_devices; *p; p++) { int fd = open(*p, flags | O_NDELAY); if(fd >= 0) { + if (fn) + *fn = *p; rk_cloexec(fd); return fd; } @@ -76,7 +78,7 @@ unix_seed(const void *indata, int size) if (size <= 0) return; - fd = get_device_fd(O_WRONLY); + fd = _hc_unix_device_fd(O_WRONLY, NULL); if (fd < 0) return; @@ -97,7 +99,7 @@ unix_bytes(unsigned char *outdata, int size) else if (size == 0) return 1; - fd = get_device_fd(O_RDONLY); + fd = _hc_unix_device_fd(O_RDONLY, NULL); if (fd < 0) return 0; @@ -139,7 +141,7 @@ unix_status(void) { int fd; - fd = get_device_fd(O_RDONLY); + fd = _hc_unix_device_fd(O_RDONLY, NULL); if (fd < 0) return 0; close(fd); diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c index 9f0438a34e..d360ffcab4 100644 --- a/source4/heimdal/lib/hcrypto/rand.c +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -342,23 +342,32 @@ RAND_write_file(const char *filename) const char * RAND_file_name(char *filename, size_t size) { - const char *e = NULL; + char *e = NULL; int pathp = 0, ret; if (!issuid()) { e = getenv("RANDFILE"); - if (e == NULL) { + if (e == NULL) e = getenv("HOME"); - if (e) - pathp = 1; - } + if (e) + pathp = 1; } /* * Here we really want to call getpwuid(getuid()) but this will * cause recursive lookups if the nss library uses * gssapi/krb5/hcrypto to authenticate to the ldap servers. + * + * So at least return the unix /dev/random if we have one */ +#ifndef _WIN32 + if (e == NULL) { + int fd; + fd = _hc_unix_device_fd(O_RDONLY, &e); + if (fd >= 0) + close(fd); + } +#endif if (e == NULL) return NULL; diff --git a/source4/heimdal/lib/hcrypto/randi.h b/source4/heimdal/lib/hcrypto/randi.h index c6c617af22..a6d921413a 100644 --- a/source4/heimdal/lib/hcrypto/randi.h +++ b/source4/heimdal/lib/hcrypto/randi.h @@ -45,5 +45,6 @@ extern const RAND_METHOD hc_rand_timer_method; extern const RAND_METHOD hc_rand_w32crypto_method; const RAND_METHOD * RAND_timer_method(void); +int _hc_unix_device_fd(int, char **); #endif /* _HEIM_RANDI_H */ |