diff options
author | Pauli <pauli@openssl.org> | 2021-05-28 14:45:57 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-29 17:17:12 +1000 |
commit | 0f8815aace625f869a42cfc5c254c08d5a668077 (patch) | |
tree | 3bbf7b2aaec23023be2232920f5b0011744e4126 /ssl/record | |
parent | 23e97567be012ff1b5082bf149810c72816c29bd (diff) |
ssl: add zero strenght arguments to BN and RAND RNG calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15513)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/ssl3_record.c | 2 | ||||
-rw-r--r-- | ssl/record/tls_pad.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index ec7d448d39..8788d49e4c 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -997,7 +997,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } else if (RAND_bytes_ex(s->ctx->libctx, recs[ctr].input, - ivlen) <= 0) { + ivlen, 0) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c index 8383ce8d1c..54ff9cdf36 100644 --- a/ssl/record/tls_pad.c +++ b/ssl/record/tls_pad.c @@ -253,7 +253,7 @@ static int ssl3_cbc_copy_mac(size_t *reclen, } /* Create the random MAC we will emit if padding is bad */ - if (!RAND_bytes_ex(libctx, randmac, mac_size)) + if (!RAND_bytes_ex(libctx, randmac, mac_size, 0)) return 0; if (!ossl_assert(mac != NULL && alloced != NULL)) |