From 1a0c0b3596a31c65f9059708b31b74227206f992 Mon Sep 17 00:00:00 2001
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Mon, 5 Aug 2019 00:10:53 +1200
Subject: [PATCH] util/genrand: don't ignore errors in random number generation

In this case it is probably better to crash out.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15103

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
---
 lib/util/genrand.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index 18ffa0d95e6..99c725de0a7 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -34,7 +34,10 @@
 _PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
 {
 	/* Random number generator for temporary keys. */
-	gnutls_rnd(GNUTLS_RND_RANDOM, out, len);
+	int ret = gnutls_rnd(GNUTLS_RND_RANDOM, out, len);
+	if (ret != 0) {
+		smb_panic("GnuTLS could not generate a random buffer");
+	}
 }
 
 _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
@@ -48,7 +51,10 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
 	 * the limit for a re-seed. For its re-seed it mixes mixes data obtained
 	 * from the OS random device with the previous key.
 	 */
-	gnutls_rnd(GNUTLS_RND_KEY, out, len);
+	int ret = gnutls_rnd(GNUTLS_RND_KEY, out, len);
+	if (ret != 0) {
+		smb_panic("GnuTLS could not generate a random buffer");
+	}
 }
 
 _PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len)
@@ -60,5 +66,8 @@ _PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len)
 	 * bytes (typically few megabytes), or after few hours of operation
 	 * without reaching the limit has passed.
 	 */
-	gnutls_rnd(GNUTLS_RND_NONCE, out, len);
+	int ret = gnutls_rnd(GNUTLS_RND_NONCE, out, len);
+	if (ret != 0) {
+		smb_panic("GnuTLS could not generate a random buffer");
+	}
 }
-- 
2.30.2