Fix a Fortuna PRNG failure case

If we don't have entropy when krb5_c_random_make_octets is called, unlock the mutex before returning an error. From kevin.wasserman@painless-security.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25295 dc483132-0cff-0310-8789-dd5450dbe970
author: Greg Hudson <ghudson@mit.edu> 2011-10-03 19:32:28 +0000
committer: Greg Hudson <ghudson@mit.edu> 2011-10-03 19:32:28 +0000
commit: 1236b9e96d7a3522517a0e2eb8dfa752709ccf9a (patch)
tree: 3c4c2bde9df8e9b7e6443072dec9486c5c69f5ad /src/lib/crypto
parent: 1329c7742c951596efbf06186828a14155194993 (diff)
download: krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.gz
krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.xz
krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c
index f559df75ee..e40d341ee9 100644
--- a/src/lib/crypto/krb/prng_fortuna.c
+++ b/src/lib/crypto/krb/prng_fortuna.c
@@ -417,8 +417,10 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *outdata)
     if (ret)
         return ret;
 
-    if (!have_entropy)
+    if (!have_entropy) {
+        k5_mutex_unlock(&fortuna_lock);
         return KRB5_CRYPTO_INTERNAL;
+    }
 
     if (pid != last_pid) {
         /* We forked; make sure child's PRNG stream differs from parent's. */
author	Greg Hudson <ghudson@mit.edu>	2011-10-03 19:32:28 +0000
committer	Greg Hudson <ghudson@mit.edu>	2011-10-03 19:32:28 +0000
commit	1236b9e96d7a3522517a0e2eb8dfa752709ccf9a (patch)
tree	3c4c2bde9df8e9b7e6443072dec9486c5c69f5ad /src/lib/crypto
parent	1329c7742c951596efbf06186828a14155194993 (diff)
download	krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.gz krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.tar.xz krb5-1236b9e96d7a3522517a0e2eb8dfa752709ccf9a.zip