diff options
author | Robbie Harwood <rharwood@redhat.com> | 2016-10-20 23:34:28 +0000 |
---|---|---|
committer | Robbie Harwood <rharwood@redhat.com> | 2016-10-20 23:34:55 +0000 |
commit | 821dac42eda537c5ade066007252c6c454eecaba (patch) | |
tree | 6123ab3535d8822af7ee998033376b6ae2ea04c0 /Add-OS-prng-intended-for-use-with-getrandom.patch | |
parent | 895d0bdfea59408674c84f07a8ce9382e616e449 (diff) | |
download | krb5-821dac42eda537c5ade066007252c6c454eecaba.tar.gz krb5-821dac42eda537c5ade066007252c6c454eecaba.tar.xz krb5-821dac42eda537c5ade066007252c6c454eecaba.zip |
Upstream release 1.15-beta1
Also update selinux with RHEL hygene.
Resolves: #1314096
Diffstat (limited to 'Add-OS-prng-intended-for-use-with-getrandom.patch')
-rw-r--r-- | Add-OS-prng-intended-for-use-with-getrandom.patch | 100 |
1 files changed, 0 insertions, 100 deletions
diff --git a/Add-OS-prng-intended-for-use-with-getrandom.patch b/Add-OS-prng-intended-for-use-with-getrandom.patch deleted file mode 100644 index 964eca6..0000000 --- a/Add-OS-prng-intended-for-use-with-getrandom.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 5d38da6d4eb29bf87e98a5cb4577b870dbf405ed Mon Sep 17 00:00:00 2001 -From: Robbie Harwood <rharwood@redhat.com> -Date: Wed, 14 Sep 2016 16:12:57 -0400 -Subject: [PATCH] Add OS prng intended for use with getrandom() - -Add the prng_os.c module, using the name previously occupied by what -is now prng_device.c. Unlike prng_device.c, this PRNG module -maintains no file descriptor and just uses k5_os_random(), which is -most efficient on platforms which have a getrandom() system call. - -[ghudson@mit.edu: expanded on commit message] - -ticket: 8499 -(cherry picked from commit 0be7642b2b6f7b9e0acebb2c3d60aa6c3f7543aa) ---- - src/lib/crypto/krb/prng_os.c | 72 ++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 72 insertions(+) - create mode 100644 src/lib/crypto/krb/prng_os.c - -diff --git a/src/lib/crypto/krb/prng_os.c b/src/lib/crypto/krb/prng_os.c -new file mode 100644 -index 0000000..8ea13e7 ---- /dev/null -+++ b/src/lib/crypto/krb/prng_os.c -@@ -0,0 +1,72 @@ -+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -+/* lib/crypto/krb/prng_os.c - OS PRNG implementation */ -+/* -+ * Copyright (C) 2016 by the Massachusetts Institute of Technology. -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * * Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * * Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+/* -+ * This file implements a PRNG module which relies on the system's PRNG. An -+ * OS packager can select this module given sufficient confidence in the -+ * operating system's native PRNG quality. -+ */ -+ -+#include "crypto_int.h" -+ -+int -+k5_prng_init(void) -+{ -+ return 0; -+} -+ -+void -+k5_prng_cleanup(void) -+{ -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, -+ const krb5_data *indata) -+{ -+ return 0; -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_make_octets(krb5_context context, krb5_data *outdata) -+{ -+ krb5_boolean res; -+ -+ res = k5_get_os_entropy((uint8_t *)outdata->data, outdata->length, 0); -+ return res ? 0 : KRB5_CRYPTO_INTERNAL; -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_os_entropy(krb5_context context, int strong, int *success) -+{ -+ return 0; -+} --- -2.9.3 - |