generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

RAND_bytes updates

Browse Source 
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
2015-02-26 11:57:37 +00:00
parent 8817e2e0c9
commit 266483d2f5
36 changed files with 100 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/ssl_lib.c
View File

@@ -1957,7 +1957,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->tlsext_servername_callback = 0;
ret->tlsext_servername_arg = NULL;
/* Setup RFC4507 ticket keys */
if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
|| (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
|| (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
ret->options |= SSL_OP_NO_TICKET;