$OpenBSD: patch-lib_krb5_crypto-rand_c,v 1.2 2016/12/17 14:58:31 ajacoutot Exp $

Simpler: just use arc4random_buf(3).

--- lib/krb5/crypto-rand.c.orig	Sat Dec 17 14:01:13 2016
+++ lib/krb5/crypto-rand.c	Sat Dec 17 14:21:27 2016
@@ -36,53 +36,6 @@
 #undef HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE
 #define HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE
 
-#define ENTROPY_NEEDED 128
-
-static HEIMDAL_MUTEX crypto_mutex = HEIMDAL_MUTEX_INITIALIZER;
-
-static int
-seed_something(void)
-{
-#ifndef NO_RANDFILE
-    char buf[1024], seedfile[256];
-
-    /* If there is a seed file, load it. But such a file cannot be trusted,
-       so use 0 for the entropy estimate */
-    if (RAND_file_name(seedfile, sizeof(seedfile))) {
-	int fd;
-	fd = open(seedfile, O_RDONLY | O_BINARY | O_CLOEXEC);
-	if (fd >= 0) {
-	    ssize_t ret;
-	    rk_cloexec(fd);
-	    ret = read(fd, buf, sizeof(buf));
-	    if (ret > 0)
-		RAND_add(buf, ret, 0.0);
-	    close(fd);
-	} else
-	    seedfile[0] = '\0';
-    } else
-	seedfile[0] = '\0';
-#endif
-
-    /* Calling RAND_status() will try to use /dev/urandom if it exists so
-       we do not have to deal with it. */
-    if (RAND_status() != 1) {
-	/* TODO: Once a Windows CryptoAPI RAND method is defined, we
-	   can use that and failover to another method. */
-    }
-
-    if (RAND_status() == 1)	{
-#ifndef NO_RANDFILE
-	/* Update the seed file */
-	if (seedfile[0])
-	    RAND_write_file(seedfile);
-#endif
-
-	return 0;
-    } else
-	return -1;
-}
-
 /**
  * Fill buffer buf with len bytes of PRNG randomness that is ok to use
  * for key generation, padding and public diclosing the randomness w/o
@@ -103,24 +56,8 @@ HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE
 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
 krb5_generate_random(void *buf, size_t len)
 {
-    static int rng_initialized = 0;
-    int ret;
-
-    HEIMDAL_MUTEX_lock(&crypto_mutex);
-    if (!rng_initialized) {
-	if (seed_something()) {
-            HEIMDAL_MUTEX_unlock(&crypto_mutex);
-	    return HEIM_ERR_RANDOM_OFFLINE;
-        }
-	rng_initialized = 1;
-    }
-    if (RAND_bytes(buf, len) <= 0)
-	ret = HEIM_ERR_RANDOM_OFFLINE;
-    else
-	ret = 0;
-    HEIMDAL_MUTEX_unlock(&crypto_mutex);
-
-    return ret;
+    arc4random_buf(buf, len);
+    return (0); /* arc4random_buf(3) cannot fail */
 }
 
 /**
