Re: Can't get BIND to use GSSAPI from /usr/local on FreeBSD

  I've also reported this as a bind bug, but I'm posting it here as I 
think it answers the case for the BSD user in the thread entitled: Can't 
get BIND to use GSSAPI from /usr/local on FreeBSD
(Patch attached which fixes it for me)

   I've traced my problem to what looks like a mismatch of expectations
between heimdal 1.3.3 and bind 9 (BIND 9.7.1-P2)

in lib/dns/openssl_link.c, entropy_get returns the number of bytes if
successful - always equal to argument num (if successful).

entropy_get is registered as a delegate for openSSL's RAND_bytes in

My man page for RAND_bytes states:
         RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
         obtained by ERR_get_error(3). RAND_pseudo_bytes() returns 1 if the
         bytes generated are cryptographically strong, 0 otherwise. Both
         functions return -1 if they are not supported by the current RAND
and entropy_get varies from that behaviour.

This causes problems with heimdal 1.3.3, in heimdal's lib/krb5/crypto.c:
3995        if (RAND_bytes(buf, len) != 1)
3996        krb5_abortx(NULL, "Failed to generate random block");

So "nsupdate -g" fails when linked with heimdal 1.3.3

It looks like bind 9 is at fault even though heimdal could be more accepting.

I don't know if there are other similar errors in other openssl_link.c

[FSF Associate Member #2325] 

--- src/lib/dns/openssl_link.c.o	2010-08-25 02:38:23.000000000 -0700
+++ src/lib/dns/openssl_link.c	2010-08-25 02:39:05.000000000 -0700
@@ -79,7 +79,7 @@
 	if (num < 0)
 		return (-1);
 	result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE);
-	return (result == ISC_R_SUCCESS ? num : -1);
+	return (result == ISC_R_SUCCESS ? 1 : -1);
 static int
@@ -93,7 +93,7 @@
 	if (num < 0)
 		return (-1);
 	result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE);
-	return (result == ISC_R_SUCCESS ? num : -1);
+	return (result == ISC_R_SUCCESS ? 1 : -1);
 static void

0 Replies

>-Mike Wrote >When I enter an id in the Entry widget and click on the button, I get the >following error message: you need to use -textvariable my $ent = $right->Entry(-width=>8,-background=>'white', -textvariable => \my $string)->pack(-side=>'left'); my $go = $right->Button(-text=>'Get Data',-command=>sub{compute($string)})->pack(-side=>'top'); ...

