Make sure we use RAND_bytes_ex and RAND_priv_bytes_ex in libssl

Now that libssl knows about libctx we should use it wherever we generate a random number. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10927)
author: Matt Caswell <matt@openssl.org> 2020-01-15 18:12:59 +0000
committer: Matt Caswell <matt@openssl.org> 2020-01-24 15:12:56 +0000
commit: 8f21260b09eca6226255763e1856c12fbc71985c (patch)
tree: aa28cc741f8b5a26aeb66a3b5e52c6b6dedb66c1 /ssl/record
parent: d80bf693faaa8ad08ca76f52228837306d77bb32 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index a725583929..36e8d86902 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1015,7 +1015,8 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
                         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC,
                                  ERR_R_INTERNAL_ERROR);
                         return -1;
-                    } else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) {
+                    } else if (RAND_bytes_ex(s->ctx->libctx, recs[ctr].input,
+                                             ivlen) <= 0) {
                         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC,
                                  ERR_R_INTERNAL_ERROR);
                         return -1;
author	Matt Caswell <matt@openssl.org>	2020-01-15 18:12:59 +0000
committer	Matt Caswell <matt@openssl.org>	2020-01-24 15:12:56 +0000
commit	8f21260b09eca6226255763e1856c12fbc71985c (patch)
tree	aa28cc741f8b5a26aeb66a3b5e52c6b6dedb66c1 /ssl/record
parent	d80bf693faaa8ad08ca76f52228837306d77bb32 (diff)