Changeset View
Changeset View
Standalone View
Standalone View
crypto/heimdal/lib/krb5/crypto-rand.c
Show First 20 Lines • Show All 57 Lines • ▼ Show 20 Lines | RAND_add(buf, ret, 0.0); | ||||
seedfile[0] = '\0'; | seedfile[0] = '\0'; | ||||
} else | } else | ||||
seedfile[0] = '\0'; | seedfile[0] = '\0'; | ||||
/* Calling RAND_status() will try to use /dev/urandom if it exists so | /* Calling RAND_status() will try to use /dev/urandom if it exists so | ||||
we do not have to deal with it. */ | we do not have to deal with it. */ | ||||
if (RAND_status() != 1) { | if (RAND_status() != 1) { | ||||
#ifndef _WIN32 | #ifndef _WIN32 | ||||
#ifndef OPENSSL_NO_EGD | |||||
bjk: As something of a side note, it was pretty impressive how much stuff broke when I disabled EGD… | |||||
krb5_context context; | krb5_context context; | ||||
const char *p; | const char *p; | ||||
/* Try using egd */ | /* Try using egd */ | ||||
if (!krb5_init_context(&context)) { | if (!krb5_init_context(&context)) { | ||||
p = krb5_config_get_string(context, NULL, "libdefaults", | p = krb5_config_get_string(context, NULL, "libdefaults", | ||||
"egd_socket", NULL); | "egd_socket", NULL); | ||||
if (p != NULL) | if (p != NULL) | ||||
RAND_egd_bytes(p, ENTROPY_NEEDED); | RAND_egd_bytes(p, ENTROPY_NEEDED); | ||||
krb5_free_context(context); | krb5_free_context(context); | ||||
} | } | ||||
#endif | |||||
#else | #else | ||||
/* TODO: Once a Windows CryptoAPI RAND method is defined, we | /* TODO: Once a Windows CryptoAPI RAND method is defined, we | ||||
can use that and failover to another method. */ | can use that and failover to another method. */ | ||||
#endif | #endif | ||||
} | } | ||||
if (RAND_status() == 1) { | if (RAND_status() == 1) { | ||||
/* Update the seed file */ | /* Update the seed file */ | ||||
Show All 25 Lines |
As something of a side note, it was pretty impressive how much stuff broke when I disabled EGD support in the default openssl configuration.