-
Jason A. Donenfeld authored
It's not safe to use weak random data here, especially for the challenge response randomness. Since we're always in process context, it's safe to simply wait until we have enough randomness to carry out the authentication correctly. While we're at it, we clean up a small memleak during an error condition. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Cc: "Nicholas A. Bellinger" <nab@linux-iscsi.org> Cc: Lee Duncan <lduncan@suse.com> Cc: Chris Leech <cleech@redhat.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6787ab81