From 16023f3e3b9c06cf677c3c980e8d574e4c162827 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 26 Jul 2015 17:43:16 -0700
Subject: Fix bug #70014 - use RAND_bytes instead of deprecated
 RAND_pseudo_bytes

---
 ext/openssl/openssl.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 216a56a59f..c0e3d8a981 100755
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -5070,7 +5070,6 @@ PHP_FUNCTION(openssl_random_pseudo_bytes)
 	long buffer_length;
 	unsigned char *buffer = NULL;
 	zval *zstrong_result_returned = NULL;
-	int strong_result = 0;
 
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|z", &buffer_length, &zstrong_result_returned) == FAILURE) {
 		return;
@@ -5088,7 +5087,6 @@ PHP_FUNCTION(openssl_random_pseudo_bytes)
 	buffer = emalloc(buffer_length + 1);
 
 #ifdef PHP_WIN32
-	strong_result = 1;
 	/* random/urandom equivalent on Windows */
 	if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE) {
 		efree(buffer);
@@ -5098,7 +5096,7 @@ PHP_FUNCTION(openssl_random_pseudo_bytes)
 		RETURN_FALSE;
 	}
 #else
-	if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length)) < 0) {
+	if (RAND_bytes(buffer, buffer_length) <= 0) {
 		efree(buffer);
 		if (zstrong_result_returned) {
 			ZVAL_BOOL(zstrong_result_returned, 0);
@@ -5111,7 +5109,7 @@ PHP_FUNCTION(openssl_random_pseudo_bytes)
 	RETVAL_STRINGL((char *)buffer, buffer_length, 0);
 
 	if (zstrong_result_returned) {
-		ZVAL_BOOL(zstrong_result_returned, strong_result);
+		ZVAL_BOOL(zstrong_result_returned, 1);
 	}
 }
 /* }}} */
-- 
cgit v1.2.1