From 5f832336bfa23078447dfa1b61cc7ad82fdab8fc Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 3 Nov 2015 20:15:09 +0100 Subject: heimdal: disable egd function calls, not available via libressl --- package/heimdal/Makefile | 2 +- .../heimdal/patches/patch-lib_krb5_crypto-rand_c | 30 ++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 package/heimdal/patches/patch-lib_krb5_crypto-rand_c diff --git a/package/heimdal/Makefile b/package/heimdal/Makefile index 1e6d23e9e..c815bfe9d 100644 --- a/package/heimdal/Makefile +++ b/package/heimdal/Makefile @@ -5,7 +5,7 @@ include $(ADK_TOPDIR)/rules.mk PKG_NAME:= heimdal PKG_VERSION:= 1.5.3 -PKG_RELEASE:= 1 +PKG_RELEASE:= 2 PKG_HASH:= aac27bedb33c341b6aed202af07ccc816146a893148721f8123abbbf93bbfea5 PKG_DESCR:= kerberos server PKG_SECTION:= app/crypto diff --git a/package/heimdal/patches/patch-lib_krb5_crypto-rand_c b/package/heimdal/patches/patch-lib_krb5_crypto-rand_c new file mode 100644 index 000000000..bb72effe0 --- /dev/null +++ b/package/heimdal/patches/patch-lib_krb5_crypto-rand_c @@ -0,0 +1,30 @@ +--- heimdal-1.5.3.orig/lib/krb5/crypto-rand.c 2012-12-09 23:06:44.000000000 +0100 ++++ heimdal-1.5.3/lib/krb5/crypto-rand.c 2015-11-03 19:30:39.336954603 +0100 +@@ -59,27 +59,6 @@ seed_something(void) + } else + seedfile[0] = '\0'; + +- /* Calling RAND_status() will try to use /dev/urandom if it exists so +- we do not have to deal with it. */ +- if (RAND_status() != 1) { +-#ifndef _WIN32 +- krb5_context context; +- const char *p; +- +- /* Try using egd */ +- if (!krb5_init_context(&context)) { +- p = krb5_config_get_string(context, NULL, "libdefaults", +- "egd_socket", NULL); +- if (p != NULL) +- RAND_egd_bytes(p, ENTROPY_NEEDED); +- krb5_free_context(context); +- } +-#else +- /* TODO: Once a Windows CryptoAPI RAND method is defined, we +- can use that and failover to another method. */ +-#endif +- } +- + if (RAND_status() == 1) { + /* Update the seed file */ + if (seedfile[0]) -- cgit v1.2.3