From a8f849034f097e92e1967068bc530d8ce7412515 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Fri, 14 Jan 2005 03:24:48 +0000 Subject: [PATCH] * yarrow.c (yarrow_reseed_locked): Renamed from krb5int_yarrow_reseed and made static. (Yarrow_detect_fork, yarrow_input_maybe_locking, krb5int_yarrow_output_Block): Call it. (krb5int_yarrow_reseed): New function, grabs lock and calls the old version. (krb5int_yarrow_final): Hold the lock until after clearing the Yarrow context data. ticket: 2878 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17032 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/yarrow/ChangeLog | 11 +++++++++++ src/lib/crypto/yarrow/yarrow.c | 22 ++++++++++++++++------ 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog index 5aa069bf2..cf08dc9ed 100644 --- a/src/lib/crypto/yarrow/ChangeLog +++ b/src/lib/crypto/yarrow/ChangeLog @@ -1,3 +1,14 @@ +2005-01-13 Ken Raeburn + + * yarrow.c (yarrow_reseed_locked): Renamed from + krb5int_yarrow_reseed and made static. + (Yarrow_detect_fork, yarrow_input_maybe_locking, + krb5int_yarrow_output_Block): Call it. + (krb5int_yarrow_reseed): New function, grabs lock and calls the + old version. + (krb5int_yarrow_final): Hold the lock until after clearing the + Yarrow context data. + 2005-01-13 Ezra Peisach * yarrow.c: Declare yarrow_gate_locked static before first use. diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c index 54d30e1fa..29c10f79e 100644 --- a/src/lib/crypto/yarrow/yarrow.c +++ b/src/lib/crypto/yarrow/yarrow.c @@ -119,6 +119,8 @@ static void krb5int_yarrow_init_Limits(Yarrow_CTX* y) } } +static int yarrow_reseed_locked( Yarrow_CTX* y, int pool ); + /* if the program was forked, the child must not operate on the same PRNG state */ #ifdef YARROW_DETECT_FORK @@ -146,7 +148,7 @@ static int Yarrow_detect_fork(Yarrow_CTX *y) sizeof (newpid), 0)); TRY (yarrow_input_locked (y, 0, &newpid, sizeof (newpid), 0)); - TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL)); + TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL)); } CATCH: @@ -304,7 +306,7 @@ int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, { if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh) { - ret = krb5int_yarrow_reseed(y, YARROW_FAST_POOL); + ret = yarrow_reseed_locked(y, YARROW_FAST_POOL); if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) { THROW( ret ); @@ -321,7 +323,7 @@ int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, if (y->slow_k_of_n >= y->slow_k_of_n_thresh) { y->slow_k_of_n = 0; - ret = krb5int_yarrow_reseed(y, YARROW_SLOW_POOL); + ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL); if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED ) { THROW( ret ); @@ -435,7 +437,7 @@ static int krb5int_yarrow_output_Block( Yarrow_CTX* y, void* out ) TRACE( printf( "OUTPUT LIMIT REACHED," ); ); - TRY( krb5int_yarrow_reseed( y, YARROW_SLOW_POOL ) ); + TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) ); } } @@ -667,7 +669,7 @@ static int Yarrow_Save_State( Yarrow_CTX *y ) #endif -int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool) +static int yarrow_reseed_locked(Yarrow_CTX* y, int pool) { EXCEP_DECL; HASH_CTX* fast_pool = &y->pool[YARROW_FAST_POOL]; @@ -814,6 +816,14 @@ int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool) EXCEP_RET; } +int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool) +{ + int r; + LOCK(); + r = yarrow_reseed_locked(y, pool); + UNLOCK(); + return r; +} int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_size) { @@ -907,9 +917,9 @@ int krb5int_yarrow_final(Yarrow_CTX* y) #endif CATCH: - if ( locked ) { TRY( UNLOCK() ); } krb5int_yarrow_cipher_final(&y->cipher); mem_zero( y, sizeof(Yarrow_CTX) ); + if ( locked ) { TRY( UNLOCK() ); } EXCEP_RET; } -- 2.26.2