krb5_abortx()
Andrew Bartlett
abartlet at samba.org
Mon Jun 18 01:28:29 GMT 2007
On Fri, 2007-06-15 at 08:56 -0700, Love Hörnquist Åstrand wrote:
> 14 jun 2007 kl. 05.26 skrev Stefan (metze) Metzmacher:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi Love, hi Andrew,
> >
> > I just noticed we panic on some older platforms
> > (HP-UX and Solaris) because seed_something() in
> > krb5_generate_random_block() fails, it would be cool
> > if this could be fixed...
>
> What should I use for a random source on those platforms without /dev/
> *random to generate cryptographic keys ?
>
> I can use the old method from libdes that fell out when I
> restructured the random code, but its questionable if that is really
> secure, it "works" though.
Perhaps allow the app to supply a random callback? (At least then it
can be just as bad as samba without /dev/random).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070618/4df9ad15/attachment.bin
More information about the samba-technical
mailing list