]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
Improve error message for PRNG seeding failure
authorGreg Hudson <ghudson@mit.edu>
Wed, 16 Jul 2014 00:23:15 +0000 (20:23 -0400)
committerGreg Hudson <ghudson@mit.edu>
Wed, 16 Jul 2014 01:19:33 +0000 (21:19 -0400)
In prng_fortuna.c, if krb5_c_random_make_octets detects that we do not
have entropy, set an error message saying that the random number
generator could not be seeded, as we likely failed previously to read
from /dev/urandom or the Windows equivalent.

ticket: 7968 (new)

src/lib/crypto/krb/prng_fortuna.c

index 7a695a3f2e35ab94daf0f68fa0f249a900f7d8fd..e70ffa34ff6b8a3dee8c62d81ddeaa2e852db2e4 100644 (file)
@@ -423,6 +423,10 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *outdata)
 
     if (!have_entropy) {
         k5_mutex_unlock(&fortuna_lock);
+        if (context != NULL) {
+            k5_set_error(&context->err, KRB5_CRYPTO_INTERNAL,
+                         _("Random number generator could not be seeded"));
+        }
         return KRB5_CRYPTO_INTERNAL;
     }