heimdal: disable egd function calls, not available via libressl

2 files changed, 31 insertions, 1 deletions

diff --git a/package/heimdal/Makefile b/package/heimdal/Makefile
index 1e6d23e9e..c815bfe9d 100644
--- a/package/heimdal/Makefile
+++ b/package/heimdal/Makefile
@@ -5,7 +5,7 @@ include $(ADK_TOPDIR)/rules.mk
 
 PKG_NAME:=		heimdal
 PKG_VERSION:=		1.5.3
-PKG_RELEASE:=		1
+PKG_RELEASE:=		2
 PKG_HASH:=		aac27bedb33c341b6aed202af07ccc816146a893148721f8123abbbf93bbfea5
 PKG_DESCR:=		kerberos server
 PKG_SECTION:=		app/crypto
diff --git a/package/heimdal/patches/patch-lib_krb5_crypto-rand_c b/package/heimdal/patches/patch-lib_krb5_crypto-rand_c
new file mode 100644
index 000000000..bb72effe0
--- /dev/null
+++ b/package/heimdal/patches/patch-lib_krb5_crypto-rand_c
@@ -0,0 +1,30 @@
+--- heimdal-1.5.3.orig/lib/krb5/crypto-rand.c	2012-12-09 23:06:44.000000000 +0100
++++ heimdal-1.5.3/lib/krb5/crypto-rand.c	2015-11-03 19:30:39.336954603 +0100
+@@ -59,27 +59,6 @@ seed_something(void)
+     } else
+ 	seedfile[0] = '\0';
+ 
+-    /* Calling RAND_status() will try to use /dev/urandom if it exists so
+-       we do not have to deal with it. */
+-    if (RAND_status() != 1) {
+-#ifndef _WIN32
+-	krb5_context context;
+-	const char *p;
+-
+-	/* Try using egd */
+-	if (!krb5_init_context(&context)) {
+-	    p = krb5_config_get_string(context, NULL, "libdefaults",
+-				       "egd_socket", NULL);
+-	    if (p != NULL)
+-		RAND_egd_bytes(p, ENTROPY_NEEDED);
+-	    krb5_free_context(context);
+-	}
+-#else
+-	/* TODO: Once a Windows CryptoAPI RAND method is defined, we
+-	   can use that and failover to another method. */
+-#endif
+-    }
+-
+     if (RAND_status() == 1)	{
+ 	/* Update the seed file */
+ 	if (seedfile[0])