From 4f41a0d4a6a62439f21aacdd650595a065f15056 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 15 Jul 2014 20:23:15 -0400 Subject: [PATCH] Improve error message for PRNG seeding failure In prng_fortuna.c, if krb5_c_random_make_octets detects that we do not have entropy, set an error message saying that the random number generator could not be seeded, as we likely failed previously to read from /dev/urandom or the Windows equivalent. ticket: 7968 (new) --- src/lib/crypto/krb/prng_fortuna.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c index 7a695a3f2e..e70ffa34ff 100644 --- a/src/lib/crypto/krb/prng_fortuna.c +++ b/src/lib/crypto/krb/prng_fortuna.c @@ -423,6 +423,10 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *outdata) if (!have_entropy) { k5_mutex_unlock(&fortuna_lock); + if (context != NULL) { + k5_set_error(&context->err, KRB5_CRYPTO_INTERNAL, + _("Random number generator could not be seeded")); + } return KRB5_CRYPTO_INTERNAL; } -- 2.47.2