summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto/prng.c
Commit message (Collapse)AuthorAgeFilesLines
* Crypto modularity proj: Separate files under crypto directory based on their ↵Zhanna Tsitkov2009-08-031-215/+0
| | | | | | | | functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder. bigredbutton: whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22477 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a few incompatible-pointer warnings that aren't just about signednessKen Raeburn2008-06-021-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20351 dc483132-0cff-0310-8789-dd5450dbe970
* Set close-on-exec flag in most places where file descriptors areKen Raeburn2007-10-221-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* read_entropy_from_device on partial read will not fill bufferEzra Peisach2007-08-201-4/+6
| | | | | | | | | | | | | | | read_entropy_from_device() will loop in read until the desired number of bytes are read from the device (/dev/random, /dev/urandom). I have observed that for /dev/random, if there is not enough bits available for reading - it will return a partial read. The code would loop in this case, but never advance the location to place the new bytes - hence the start of the buffer would be filled again - leaving the tail end as stack garbage. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19845 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (init_error): Unused variable deletedKen Raeburn2006-11-021-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18756 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (krb5int_prng_init): Incorporate do_yarrow_init body. Don't checkKen Raeburn2005-01-141-28/+10
| | | | | | | | | | | | inited variable. (inited): Variable deleted. (krb5_c_random_make_octets, krb5int_prng_cleanup): Don't check it. (do_yarrow_init): Deleted. ticket: 2878 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17033 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (read_entropy_from_device): Use ssize_t, not size_t, soTom Yu2005-01-131-1/+1
| | | | | | | | | read() returning -1 doesn't cause trouble. ticket: 2871 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17020 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (do_yarrow_init): Move mutex initialization here.Ken Raeburn2004-11-171-1/+7
| | | | | | (krb5int_prng_init): Don't do it here. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16880 dc483132-0cff-0310-8789-dd5450dbe970
* push yarrow locking down into the yarrow code to reduce contentionKen Raeburn2004-10-301-16/+7
| | | | | | | | | | | | | | | | | | This seems to speed up creating a krb5_context a little bit, when it happens a lot in multiple threads. * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro, and change to be non-static. (krb5int_prng_init): Call do_yarrow_init here. (krb5_c_random_add_entropy): Don't call it here. Don't lock the mutex, either. (krb5_c_random_make_octets): Don't lock the mutex. * yarrow/ylock.h: Include k5-thread.h. (krb5int_yarrow_lock): Declare. (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16846 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (init_once): Variable deleted.Ken Raeburn2004-06-021-9/+7
| | | | | | | (krb5_c_random_add_entropy): Do the initialization once, using the yarrow_lock mutex instead of k5_once to protect it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16392 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (krb5int_prng_cleanup): Destroy the mutexKen Raeburn2004-05-011-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16294 dc483132-0cff-0310-8789-dd5450dbe970
* Add a mutex for the shared static storage used by YarrowKen Raeburn2004-05-011-22/+55
| | | | | | | | | | | | | | | | | | | | | | | * crypto_libinit.c (initialized): Variable deleted. (cryptoint_initialize_library, cryptoint_cleanup_library): Use new macros for automatic shared library init/fini functions. (prng_cleanup): Declaration deleted. (krb5int_prng_init, krb5int_prng_cleanup): Declare. (cryptoint_initialize_library): Call krb5int_prng_init. (krb5int_crypto_init): New function, checks that cryptoint_initialize_library was called successfully. (cryptoint_cleanup_library): Call krb5int_prng_cleanup only if the initializer ran. * crypto_libinit.h: Deleted. * prng.c: Include k5-thread.h. (init_once, init_error, yarrow_lock): New variables. (krb5int_prng_init): New function; finish initializing the mutex lock. (do_yarrow_init): New function. (krb5_c_random_add_entropy): Call it once only. Lock the mutex before processing the input. (krb5_c_random_make_octets): Lock the mutex before extracting random bytes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16290 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (krb5int_prng_cleanup): Renamed from prng_cleanup.Ken Raeburn2004-03-181-1/+1
| | | | | | | * crypto_libinit.c: Include k5-int.h. (cryptoint_cleanup_library): Updated call. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16179 dc483132-0cff-0310-8789-dd5450dbe970
* protoizeKen Raeburn2004-02-191-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16102 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c: use Unix randomness sources on Mac OS XAlexandra Ellwood2003-03-061-4/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15249 dc483132-0cff-0310-8789-dd5450dbe970
* Implement code to get random data from /dev/{random,urandom}. ForSam Hartman2002-01-081-1/+91
| | | | | | | init_context use /dev/urandom; for database creation use /dev/random if it exists. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14087 dc483132-0cff-0310-8789-dd5450dbe970
* * Link Yarrow into the buildSam Hartman2001-11-161-120/+74
| | | | | | | | | * Use Yarrow as the PRNG with the compatibility API * Write most of new PRNG entropy API * Write but (currently) do not use PRNG test harness * Fix Yarrow ciphers not to depend on libkrb5 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13982 dc483132-0cff-0310-8789-dd5450dbe970
* Danilo says we can get rid of the DLLIMP stuff nowKen Raeburn2001-10-041-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13775 dc483132-0cff-0310-8789-dd5450dbe970
* more casting cleanupKen Raeburn2001-04-101-4/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13171 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5int_ prefix for internal "provider" structuresKen Raeburn2001-03-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13066 dc483132-0cff-0310-8789-dd5450dbe970
* prng.c: use des3 nowKen Raeburn2001-03-061-14/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13057 dc483132-0cff-0310-8789-dd5450dbe970
* * nfold.c (krb5_nfold): inbots and outbits are now unsigned intEzra Peisach2000-10-171-1/+1
| | | | | | * prng.c: Local variable random_count is now unsigned int. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12776 dc483132-0cff-0310-8789-dd5450dbe970
* prng.c (prng_cleanup): Ensure memory allocated before calling freeEzra Peisach2000-06-291-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12458 dc483132-0cff-0310-8789-dd5450dbe970
* pullup from 1.2 branchKen Raeburn2000-06-271-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12442 dc483132-0cff-0310-8789-dd5450dbe970
* Moved krb5, gss, and crypto library initialization/cleanup code into new ↵Miro Jurisic2000-01-221-0/+6
| | | | | | dedicated functions; added code to release global state allocated in prng.c git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11960 dc483132-0cff-0310-8789-dd5450dbe970
* Various changes to:Ken Raeburn2000-01-221-2/+2
| | | | | | | | | | | | | | * make most non-changing data const * silence "gcc -Wall -Werror" complaints on sparc-solaris2.6 ** delete unused functions and variables ** change if(a=b) ... to if((a=b)) or if((a=b)!=0) [yeah, kinda gratuitous] ** insert extra braces for 2-D arrays * some basic thread safety checks Not changing afsstring2key.c until I make sure I've got some tests for it. Currently, prng.c and afsstring2key.c, at least, still aren't thread-safe. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11959 dc483132-0cff-0310-8789-dd5450dbe970
* * prng.c (enc): Now static and const, and points to constKen Raeburn2000-01-221-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11958 dc483132-0cff-0310-8789-dd5450dbe970
* Added KRB5_DLLIMP and KRB5_CALLCONV so that these files buildTheodore Tso1998-12-051-2/+2
| | | | | | under Windows. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11069 dc483132-0cff-0310-8789-dd5450dbe970
* pull up 3des implementation from the marc-3des branchMarc Horowitz1998-10-301-0/+155
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11001 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-07 07:35:29 +0000