projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b1c1b4e)
In krb5int_generate_and_save_subkey, check the return value of
authorGreg Hudson <ghudson@mit.edu>
Mon, 23 Feb 2009 20:15:05 +0000 (20:15 +0000)
committerGreg Hudson <ghudson@mit.edu>
Mon, 23 Feb 2009 20:15:05 +0000 (20:15 +0000)
krb5_crypto_us_timeofday.  It can't really fail in practice, but if it
did we'd be passing stack garbage to krb5_c_random_add_entropy.
That's harmless, but poor form.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22049 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/mk_req_ext.c patch | blob | history

diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c
index ed23fef4b73fd534ed1da3a4238f2265905f96de..2cf1ddf13bef6fb0b12e7850f60ce5b98430729b 100644 (file)
--- a/src/lib/krb5/krb/mk_req_ext.c
+++ b/src/lib/krb5/krb/mk_req_ext.c
@@ -94,10 +94,11 @@ krb5int_generate_and_save_subkey (krb5_context context,
     krb5_data d;
     krb5_error_code retval;
 
-    krb5_crypto_us_timeofday (&rnd_data.sec, &rnd_data.usec);
-    d.length = sizeof (rnd_data);
-    d.data = (char *) &rnd_data;
-    (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_TIMING, &d);
+    if (krb5_crypto_us_timeofday(&rnd_data.sec, &rnd_data.usec) == 0) {
+       d.length = sizeof(rnd_data);
+       d.data = (char *) &rnd_data;
+       krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_TIMING, &d);
+    }
 
     if (auth_context->send_subkey)
        krb5_free_keyblock(context, auth_context->send_subkey);
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.