diff options
Diffstat (limited to 'Add-getrandom-to-k5_get_os_entropy-using-syscall.patch')
-rw-r--r-- | Add-getrandom-to-k5_get_os_entropy-using-syscall.patch | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/Add-getrandom-to-k5_get_os_entropy-using-syscall.patch b/Add-getrandom-to-k5_get_os_entropy-using-syscall.patch deleted file mode 100644 index d694f3c..0000000 --- a/Add-getrandom-to-k5_get_os_entropy-using-syscall.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 3a8bf57bd3008b2f5338bbd8ba1db5e9e2622c92 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood <rharwood@redhat.com> -Date: Wed, 14 Sep 2016 16:10:34 -0400 -Subject: [PATCH] Add getrandom to k5_get_os_entropy() using syscall - -ticket: 8499 -(cherry picked from commit a9a48392c088b53d8dd86b8008b4059ab78a3679) ---- - src/lib/crypto/krb/prng.c | 30 ++++++++++++++++++++++++++++++ - 1 file changed, 30 insertions(+) - -diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c -index 9ad24c1..22948a4 100644 ---- a/src/lib/crypto/krb/prng.c -+++ b/src/lib/crypto/krb/prng.c -@@ -58,6 +58,9 @@ k5_get_os_entropy(unsigned char *buf, size_t len, int strong) - #ifdef HAVE_SYS_STAT_H - #include <sys/stat.h> - #endif -+#ifdef __linux__ -+#include <sys/syscall.h> -+#endif /* __linux__ */ - - /* Open device, ensure that it is not a regular file, and read entropy. Return - * true on success, false on failure. */ -@@ -96,6 +99,33 @@ krb5_boolean - k5_get_os_entropy(unsigned char *buf, size_t len, int strong) - { - const char *device; -+#if defined(__linux__) && defined(SYS_getrandom) -+ int r; -+ -+ while (len > 0) { -+ /* -+ * Pull from the /dev/urandom pool, but it to have been seeded. This -+ * ensures strong randomness while only blocking during first system -+ * boot. -+ * -+ * glibc does not currently provide a binding for getrandom: -+ * https://sourceware.org/bugzilla/show_bug.cgi?id=17252 -+ */ -+ errno = 0; -+ r = syscall(SYS_getrandom, buf, len, 0); -+ if (r <= 0) { -+ if (errno == EINTR) -+ continue; -+ -+ /* ENOSYS or other unrecoverable failure */ -+ break; -+ } -+ len -= r; -+ buf += r; -+ } -+ if (len == 0) -+ return TRUE; -+#endif /* defined(__linux__) && defined(SYS_getrandom) */ - - device = strong ? "/dev/random" : "/dev/urandom"; - return read_entropy_from_device(device, buf, len); --- -2.9.3 - |