From 70027238e1b53ea20b0297ffca72a48d1627b121 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 23 Feb 2009 20:15:05 +0000
Subject: [PATCH] In krb5int_generate_and_save_subkey, check the return value
 of krb5_crypto_us_timeofday.  It can't really fail in practice, but if it did
 we'd be passing stack garbage to krb5_c_random_add_entropy. That's harmless,
 but poor form.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22049 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb5/krb/mk_req_ext.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c
index ed23fef4b..2cf1ddf13 100644
--- a/src/lib/krb5/krb/mk_req_ext.c
+++ b/src/lib/krb5/krb/mk_req_ext.c
@@ -94,10 +94,11 @@ krb5int_generate_and_save_subkey (krb5_context context,
     krb5_data d;
     krb5_error_code retval;
 
-    krb5_crypto_us_timeofday (&rnd_data.sec, &rnd_data.usec);
-    d.length = sizeof (rnd_data);
-    d.data = (char *) &rnd_data;
-    (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_TIMING, &d);
+    if (krb5_crypto_us_timeofday(&rnd_data.sec, &rnd_data.usec) == 0) {
+	d.length = sizeof(rnd_data);
+	d.data = (char *) &rnd_data;
+	krb5_c_random_add_entropy(context, KRB5_C_RANDSOURCE_TIMING, &d);
+    }
 
     if (auth_context->send_subkey)
 	krb5_free_keyblock(context, auth_context->send_subkey);
-- 
2.26.2