From: Greg Hudson Date: Mon, 3 Oct 2011 19:32:28 +0000 (+0000) Subject: Fix a Fortuna PRNG failure case X-Git-Tag: krb5-1.10-alpha1~80 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1236b9e96d7a3522517a0e2eb8dfa752709ccf9a;p=krb5.git Fix a Fortuna PRNG failure case If we don't have entropy when krb5_c_random_make_octets is called, unlock the mutex before returning an error. From kevin.wasserman@painless-security.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25295 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c index f559df75e..e40d341ee 100644 --- a/src/lib/crypto/krb/prng_fortuna.c +++ b/src/lib/crypto/krb/prng_fortuna.c @@ -417,8 +417,10 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *outdata) if (ret) return ret; - if (!have_entropy) + if (!have_entropy) { + k5_mutex_unlock(&fortuna_lock); return KRB5_CRYPTO_INTERNAL; + } if (pid != last_pid) { /* We forked; make sure child's PRNG stream differs from parent's. */