4 files changed, 29 insertions, 17 deletions

diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog
index c283504610..b929e89d75 100644
--- a/src/lib/crypto/ChangeLog
+++ b/src/lib/crypto/ChangeLog
@@ -1,3 +1,12 @@
+2004-10-29  Ken Raeburn  <raeburn@mit.edu>
+
+	* prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro,
+	and change to be non-static.
+	(krb5int_prng_init): Call do_yarrow_init here.
+	(krb5_c_random_add_entropy): Don't call it here.  Don't lock the
+	mutex, either.
+	(krb5_c_random_make_octets): Don't lock the mutex.
+
 2004-06-16  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in (MAC_SUBDIRS): Don't set.
diff --git a/src/lib/crypto/prng.c b/src/lib/crypto/prng.c
index f9ea8696dc..338eaf0dd4 100644
--- a/src/lib/crypto/prng.c
+++ b/src/lib/crypto/prng.c
@@ -31,7 +31,8 @@
 #include "yarrow.h"
 static Yarrow_CTX y_ctx;
 static int inited, init_error;
-static k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+#define yarrow_lock krb5int_yarrow_lock
+k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 
 /* Helper function to estimate entropy based on sample length
  * and where it comes from.
@@ -56,8 +57,12 @@ entropy_estimate (unsigned int randsource, size_t length)
 return (0);
 }
 
+static void do_yarrow_init(void);
 int krb5int_prng_init(void)
 {
+    do_yarrow_init();
+    if (init_error)
+	return KRB5_CRYPTO_INTERNAL;
     return k5_mutex_finish_init(&yarrow_lock);
 }
 
@@ -95,21 +100,11 @@ krb5_c_random_add_entropy (krb5_context context, unsigned int randsource,
   if (yerr)
       return yerr;
   /* Now, finally, feed in the data.  */
-  yerr = k5_mutex_lock(&yarrow_lock);
-  if (yerr)
-      return yerr;
-  if (!inited)
-      do_yarrow_init();
-  if (init_error) {
-      k5_mutex_unlock(&yarrow_lock);
-      return KRB5_CRYPTO_INTERNAL;
-  }
   yerr = krb5int_yarrow_input (&y_ctx, randsource,
 			       data->data, data->length,
 			       entropy_estimate (randsource, data->length));
-  k5_mutex_unlock(&yarrow_lock);
   if (yerr != YARROW_OK)
-    return (KRB5_CRYPTO_INTERNAL);
+      return (KRB5_CRYPTO_INTERNAL);
   return (0);
 }
 
@@ -124,16 +119,12 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *data)
 {
     int yerr;
     assert (inited);
-    yerr = k5_mutex_lock(&yarrow_lock);
-    if (yerr)
-	return yerr;
     yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
     if (yerr == YARROW_NOT_SEEDED) {
       yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL);
       if (yerr == YARROW_OK)
 	yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
     }
-    k5_mutex_unlock(&yarrow_lock);
     if ( yerr != YARROW_OK)
       return (KRB5_CRYPTO_INTERNAL);
     return(0);
diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog
index 38d6fe7c63..bab1a67b4b 100644
--- a/src/lib/crypto/yarrow/ChangeLog
+++ b/src/lib/crypto/yarrow/ChangeLog
@@ -1,3 +1,9 @@
+2004-10-29  Ken Raeburn  <raeburn@mit.edu>
+
+	* ylock.h: Include k5-thread.h.
+	(krb5int_yarrow_lock): Declare.
+	(LOCK, UNLOCK): Define as macros using the k5_mutex_ macros.
+
 2004-06-04  Ken Raeburn  <raeburn@mit.edu>
 
 	* yarrow.c (yarrow_str_error): Now const.
diff --git a/src/lib/crypto/yarrow/ylock.h b/src/lib/crypto/yarrow/ylock.h
index 21d3911b77..9c032dc61d 100644
--- a/src/lib/crypto/yarrow/ylock.h
+++ b/src/lib/crypto/yarrow/ylock.h
@@ -11,8 +11,14 @@
  *    and YARROW_LOCKING on failure
  */
 
-
+#if 0
 static int LOCK( void ) {  return (YARROW_OK); }
 static int UNLOCK( void ) {  return (YARROW_OK); }
+#else
+#include "k5-thread.h"
+extern k5_mutex_t krb5int_yarrow_lock;
+#define LOCK()	(k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#endif
 
 #endif /* YLOCK_H */