RAND_bytes updates

Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-02-26 11:57:37 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-25 12:38:07 +0000
commit: 266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree: 42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /apps/s_server.c
parent: 8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)
download: openssl-new-266483d2f56b0764849797f31866bfd84f9c3aa8.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/apps/s_server.c b/apps/s_server.c
index 97aa23da19..c3884d26ab 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -3199,7 +3199,8 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
 {
     unsigned int count = 0;
     do {
-        RAND_pseudo_bytes(id, *id_len);
+        if (RAND_bytes(id, *id_len) <= 0)
+            return 0;
         /*
          * Prefix the session_id with the required prefix. NB: If our prefix
          * is too long, clip it - but there will be worse effects anyway, eg.
author	Matt Caswell <matt@openssl.org>	2015-02-26 11:57:37 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-25 12:38:07 +0000
commit	266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree	42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /apps/s_server.c
parent	8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)
download	openssl-new-266483d2f56b0764849797f31866bfd84f9c3aa8.tar.gz