diff options
author | Greg Hudson <ghudson@mit.edu> | 2011-10-03 19:32:28 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2011-10-03 19:32:28 +0000 |
commit | 1236b9e96d7a3522517a0e2eb8dfa752709ccf9a (patch) | |
tree | 3c4c2bde9df8e9b7e6443072dec9486c5c69f5ad /src/lib/crypto | |
parent | 1329c7742c951596efbf06186828a14155194993 (diff) | |
download | krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.gz krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.xz krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.zip |
Fix a Fortuna PRNG failure case
If we don't have entropy when krb5_c_random_make_octets is called,
unlock the mutex before returning an error. From
kevin.wasserman@painless-security.com.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25295 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto')
-rw-r--r-- | src/lib/crypto/krb/prng_fortuna.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c index f559df75ee..e40d341ee9 100644 --- a/src/lib/crypto/krb/prng_fortuna.c +++ b/src/lib/crypto/krb/prng_fortuna.c @@ -417,8 +417,10 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *outdata) if (ret) return ret; - if (!have_entropy) + if (!have_entropy) { + k5_mutex_unlock(&fortuna_lock); return KRB5_CRYPTO_INTERNAL; + } if (pid != last_pid) { /* We forked; make sure child's PRNG stream differs from parent's. */ |