KDC on Tru64 was hanging because of another case where Yarrow code

assumes locks are recursive.  Probably didn't trigger on Linux,
Solaris, or NetBSD because they have /dev/random and Tru64 does not.

* yarrow.c (yarrow_input_maybe_locking): Renamed from
yarrow_input_maybe_locking, made static.  New argument indicates whether or not
to do locking.
(krb5int_yarrow_input): New wrapper function.
(yarrow_input_locked): New wrapper function.
(Yarrow_detect_fork): Call yarrow_input_locked.

ticket: 2755
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16903 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 47 insertions, 12 deletions

diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog
index 666ed1a64..f3e566664 100644
--- a/src/lib/crypto/yarrow/ChangeLog
+++ b/src/lib/crypto/yarrow/ChangeLog
@@ -1,3 +1,12 @@
+2004-11-22  Ken Raeburn  <raeburn@mit.edu>
+
+	* yarrow.c (yarrow_input_maybe_locking): Renamed from
+	yarrow_input_maybe_locking, made static.  New argument indicates
+	whether or not to do locking.
+	(krb5int_yarrow_input): New wrapper function.
+	(yarrow_input_locked): New wrapper function.
+	(Yarrow_detect_fork): Call yarrow_input_locked.
+
 2004-11-15  Sam Hartman  <hartmans@mit.edu>
 
 	* ycipher.h: Use AES256 not 3des
diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c
index ae55801c9..a619c5b2e 100644
--- a/src/lib/crypto/yarrow/yarrow.c
+++ b/src/lib/crypto/yarrow/yarrow.c
@@ -121,6 +121,11 @@ static void krb5int_yarrow_init_Limits(Yarrow_CTX* y)
    PRNG state */
 #ifdef YARROW_DETECT_FORK
 
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+		     const void *sample,
+		     size_t size, size_t entropy_bits );
+
 static int Yarrow_detect_fork(Yarrow_CTX *y)
 {
     pid_t newpid;
@@ -135,12 +140,12 @@ static int Yarrow_detect_fork(Yarrow_CTX *y)
 	 * Then we reseed.  This doesn't really increase entropy, but does make the
 	 * streams distinct assuming we already have good entropy*/
 	y->pid = newpid;
-	TRY (krb5int_yarrow_input (y, 0, &newpid,
-				   sizeof (newpid), 0));
-		TRY (krb5int_yarrow_input (y, 0, &newpid,
-				   sizeof (newpid), 0));
-		TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL));
-		    }
+	TRY (yarrow_input_locked (y, 0, &newpid,
+				  sizeof (newpid), 0));
+	TRY (yarrow_input_locked (y, 0, &newpid,
+				  sizeof (newpid), 0));
+	TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL));
+    }
 
  CATCH:
     EXCEP_RET;
@@ -241,10 +246,11 @@ int krb5int_yarrow_init(Yarrow_CTX* y, const char *filename)
     EXCEP_RET;
 }
 
-YARROW_DLL
-int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, 
-		  const void* sample, 
-		  size_t size, size_t entropy_bits )
+static
+int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, 
+				const void* sample, 
+				size_t size, size_t entropy_bits,
+				int do_lock )
 {
     EXCEP_DECL;
     int ret;
@@ -264,8 +270,10 @@ int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
 	THROW( YARROW_BAD_SOURCE );
     }
 
-    TRY( LOCK() );
-    locked = 1;
+    if (do_lock) {
+	    TRY( LOCK() );
+	    locked = 1;
+    }
 
     /* hash in the sample */
 
@@ -331,6 +339,24 @@ int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
 }
 
 YARROW_DLL
+int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, 
+		  const void* sample, 
+		  size_t size, size_t entropy_bits )
+{
+    return yarrow_input_maybe_locking(y, source_id, sample, size,
+				      entropy_bits, 1);
+}
+
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+		     const void *sample,
+		     size_t size, size_t entropy_bits )
+{
+    return yarrow_input_maybe_locking(y, source_id, sample, size,
+				      entropy_bits, 0);
+}
+
+YARROW_DLL
 int krb5int_yarrow_new_source(Yarrow_CTX* y, unsigned* source_id)
 {
     EXCEP_DECL;