From 821dac42eda537c5ade066007252c6c454eecaba Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Thu, 20 Oct 2016 23:34:28 +0000 Subject: Upstream release 1.15-beta1 Also update selinux with RHEL hygene. Resolves: #1314096 --- Add-OS-prng-intended-for-use-with-getrandom.patch | 100 ---------------------- 1 file changed, 100 deletions(-) delete mode 100644 Add-OS-prng-intended-for-use-with-getrandom.patch (limited to 'Add-OS-prng-intended-for-use-with-getrandom.patch') diff --git a/Add-OS-prng-intended-for-use-with-getrandom.patch b/Add-OS-prng-intended-for-use-with-getrandom.patch deleted file mode 100644 index 964eca6..0000000 --- a/Add-OS-prng-intended-for-use-with-getrandom.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 5d38da6d4eb29bf87e98a5cb4577b870dbf405ed Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Wed, 14 Sep 2016 16:12:57 -0400 -Subject: [PATCH] Add OS prng intended for use with getrandom() - -Add the prng_os.c module, using the name previously occupied by what -is now prng_device.c. Unlike prng_device.c, this PRNG module -maintains no file descriptor and just uses k5_os_random(), which is -most efficient on platforms which have a getrandom() system call. - -[ghudson@mit.edu: expanded on commit message] - -ticket: 8499 -(cherry picked from commit 0be7642b2b6f7b9e0acebb2c3d60aa6c3f7543aa) ---- - src/lib/crypto/krb/prng_os.c | 72 ++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 72 insertions(+) - create mode 100644 src/lib/crypto/krb/prng_os.c - -diff --git a/src/lib/crypto/krb/prng_os.c b/src/lib/crypto/krb/prng_os.c -new file mode 100644 -index 0000000..8ea13e7 ---- /dev/null -+++ b/src/lib/crypto/krb/prng_os.c -@@ -0,0 +1,72 @@ -+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -+/* lib/crypto/krb/prng_os.c - OS PRNG implementation */ -+/* -+ * Copyright (C) 2016 by the Massachusetts Institute of Technology. -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * * Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * * Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+/* -+ * This file implements a PRNG module which relies on the system's PRNG. An -+ * OS packager can select this module given sufficient confidence in the -+ * operating system's native PRNG quality. -+ */ -+ -+#include "crypto_int.h" -+ -+int -+k5_prng_init(void) -+{ -+ return 0; -+} -+ -+void -+k5_prng_cleanup(void) -+{ -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, -+ const krb5_data *indata) -+{ -+ return 0; -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_make_octets(krb5_context context, krb5_data *outdata) -+{ -+ krb5_boolean res; -+ -+ res = k5_get_os_entropy((uint8_t *)outdata->data, outdata->length, 0); -+ return res ? 0 : KRB5_CRYPTO_INTERNAL; -+} -+ -+krb5_error_code KRB5_CALLCONV -+krb5_c_random_os_entropy(krb5_context context, int strong, int *success) -+{ -+ return 0; -+} --- -2.9.3 - -- cgit