1 files changed, 14 insertions, 17 deletions

diff --git a/src/lib/crypto/prng.c b/src/lib/crypto/prng.c
index f9ea869..7656a23 100644
--- a/src/lib/crypto/prng.c
+++ b/src/lib/crypto/prng.c
@@ -31,7 +31,8 @@
 #include "yarrow.h"
 static Yarrow_CTX y_ctx;
 static int inited, init_error;
-static k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+#define yarrow_lock krb5int_yarrow_lock
+k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 
 /* Helper function to estimate entropy based on sample length
  * and where it comes from.
@@ -56,9 +57,13 @@ entropy_estimate (unsigned int randsource, size_t length)
 return (0);
 }
 
+static void do_yarrow_init(void);
 int krb5int_prng_init(void)
 {
-    return k5_mutex_finish_init(&yarrow_lock);
+    do_yarrow_init();
+    if (init_error)
+	return KRB5_CRYPTO_INTERNAL;
+    return 0;
 }
 
 static void do_yarrow_init(void)
@@ -66,6 +71,12 @@ static void do_yarrow_init(void)
     unsigned i;
     int yerr;
 
+    yerr = k5_mutex_finish_init(&yarrow_lock);
+    if (yerr) {
+	init_error = yerr;
+	return;
+    }
+
     yerr = krb5int_yarrow_init (&y_ctx, NULL);
     if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED)) {
 	init_error = yerr;
@@ -95,21 +106,11 @@ krb5_c_random_add_entropy (krb5_context context, unsigned int randsource,
   if (yerr)
       return yerr;
   /* Now, finally, feed in the data.  */
-  yerr = k5_mutex_lock(&yarrow_lock);
-  if (yerr)
-      return yerr;
-  if (!inited)
-      do_yarrow_init();
-  if (init_error) {
-      k5_mutex_unlock(&yarrow_lock);
-      return KRB5_CRYPTO_INTERNAL;
-  }
   yerr = krb5int_yarrow_input (&y_ctx, randsource,
 			       data->data, data->length,
 			       entropy_estimate (randsource, data->length));
-  k5_mutex_unlock(&yarrow_lock);
   if (yerr != YARROW_OK)
-    return (KRB5_CRYPTO_INTERNAL);
+      return (KRB5_CRYPTO_INTERNAL);
   return (0);
 }
 
@@ -124,16 +125,12 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *data)
 {
     int yerr;
     assert (inited);
-    yerr = k5_mutex_lock(&yarrow_lock);
-    if (yerr)
-	return yerr;
     yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
     if (yerr == YARROW_NOT_SEEDED) {
       yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL);
       if (yerr == YARROW_OK)
 	yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
     }
-    k5_mutex_unlock(&yarrow_lock);
     if ( yerr != YARROW_OK)
       return (KRB5_CRYPTO_INTERNAL);
     return(0);