diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2005-02-25 05:49:44 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2005-02-25 05:49:44 +0000 |
| commit | 5203f6dc3ae2c7c6e0b432ab2068ac8b29ceccc7 (patch) | |
| tree | a843375628b8f7847c8a433651d5c12a4660558c /crypto/openssl/ssl | |
| parent | eb8fd19957d8ba13ddd6e3581ca140dd4a66268d (diff) | |
Notes
Diffstat (limited to 'crypto/openssl/ssl')
| -rw-r--r-- | crypto/openssl/ssl/s23_clnt.c | 7 | ||||
| -rw-r--r-- | crypto/openssl/ssl/s2_clnt.c | 7 | ||||
| -rw-r--r-- | crypto/openssl/ssl/s2_srvr.c | 9 |
3 files changed, 16 insertions, 7 deletions
diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c index 64ee4269ec10..b1db0fb7b2b0 100644 --- a/crypto/openssl/ssl/s23_clnt.c +++ b/crypto/openssl/ssl/s23_clnt.c @@ -235,7 +235,8 @@ static int ssl23_client_hello(SSL *s) #endif p=s->s3->client_random; - RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE); + if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0) + return -1; /* Do the message type and length last */ d= &(buf[2]); @@ -296,7 +297,9 @@ static int ssl23_client_hello(SSL *s) i=ch_len; s2n(i,d); memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); - RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); + if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0) + return -1; + memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); p+=i; diff --git a/crypto/openssl/ssl/s2_clnt.c b/crypto/openssl/ssl/s2_clnt.c index 43b32eb4159f..c67829f4957c 100644 --- a/crypto/openssl/ssl/s2_clnt.c +++ b/crypto/openssl/ssl/s2_clnt.c @@ -612,7 +612,8 @@ static int client_hello(SSL *s) s->s2->challenge_length=SSL2_CHALLENGE_LENGTH; s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */ /*challenge id data*/ - RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH); + if(RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0) + return -1; memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH); d+=SSL2_CHALLENGE_LENGTH; @@ -660,7 +661,9 @@ static int client_master_key(SSL *s) SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR); return -1; } - if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); + if (i > 0) + if(RAND_pseudo_bytes(sess->key_arg,i) <= 0) + return -1; /* make a master key */ i=EVP_CIPHER_key_length(c); diff --git a/crypto/openssl/ssl/s2_srvr.c b/crypto/openssl/ssl/s2_srvr.c index 5da2a54af37f..853871f28c4d 100644 --- a/crypto/openssl/ssl/s2_srvr.c +++ b/crypto/openssl/ssl/s2_srvr.c @@ -498,7 +498,8 @@ static int get_client_master_key(SSL *s) i=ek; else i=EVP_CIPHER_key_length(c); - RAND_pseudo_bytes(p,i); + if(RAND_pseudo_bytes(p,i) <= 0) + return 0; } #else if (i < 0) @@ -804,7 +805,8 @@ static int server_hello(SSL *s) /* make and send conn_id */ s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */ s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH; - RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length); + if(RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0) + return -1; memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH); d+=SSL2_CONNECTION_ID_LENGTH; @@ -949,7 +951,8 @@ static int request_certificate(SSL *s) p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_REQUEST_CERTIFICATE; *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION; - RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); + if(RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0) + return -1; memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH); s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B; |