[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Setting EGD random device with 2.0.7



On Tue, Mar 13, 2001 at 01:46:12PM -0700, Karl Bolingbroke wrote:
> > I know that setting the environment variable
> > RANDFILE is a workaround
> > but would rather set the path explicitly.
> 
> Furthermore, the RANDFILE environment variable workaround
> does not work.  (At least with OpenLDAP 2.0.7/HP-UX
> 11.00/gcc/OpenSSL 0.9.6.)

The patch below should fix RANDFILE.

-- 
albert chin (china@thewrittenword.com)

-- snip snip
--- libraries/libldap/tls.c.orig	Tue Mar 13 17:23:29 2001
+++ libraries/libldap/tls.c	Tue Mar 13 17:59:02 2001
@@ -880,7 +880,6 @@
 	 * certificate....
 	 */
 
-
 	{
 		void *ssl;
 		const char *authid;
@@ -1020,21 +1019,15 @@
 		 * an error occurs.    - From RAND_file_name() man page.
 		 * The fact is that when $HOME is NULL, .rnd is used.
 		 */
-		randfile = RAND_file_name( buffer, sizeof( buffer ) );
-
-	} else if (RAND_egd(randfile) > 0) {
-		/* EGD socket */
-		return 0;
-	}
-
-	if (randfile == NULL) {
-		Debug( LDAP_DEBUG_ANY,
-			"TLS: Use configuration file or $RANDFILE to define seed PRNG\n",
-			0, 0, 0);
-		return -1;
+		if (!RAND_file_name( buffer, sizeof( buffer ))) {
+			Debug( LDAP_DEBUG_ANY,
+				"TLS: RAND_file_name error\n", 0, 0, 0);
+			return -1;
+		}
+	} else {
+		strncpy( buffer, randfile, sizeof( buffer ) - 1);
 	}
-
-	RAND_load_file(randfile, -1);
+	RAND_egd(buffer);
 
 	if (RAND_status() == 0) {
 		Debug( LDAP_DEBUG_ANY,
--- libraries/libldap/cyrus.c.orig	Tue Mar 13 17:58:55 2001
+++ libraries/libldap/cyrus.c	Tue Mar 13 17:59:00 2001
@@ -661,13 +661,18 @@
 	ber_len_t ssf )
 {
 	int sc;
-	sasl_conn_t *ctx = ld->ld_defconn->lconn_sasl_ctx;
+	sasl_conn_t *ctx;
 	sasl_external_properties_t extprops;
     
+	if( ld->ld_defconn == NULL ) {
+		return -1;
+	}
+
+	ctx = ld->ld_defconn->lconn_sasl_ctx;
 	if ( ctx == NULL ) {
 		return LDAP_LOCAL_ERROR;
 	}
-    
+
 	memset( &extprops, '\0', sizeof(extprops) );
 	extprops.ssf = ssf;
 	extprops.auth_id = (char *) authid;