diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2018-03-08 22:30:28 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-03-19 15:04:40 +0100 |
| commit | 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 (patch) | |
| tree | dab155d1453fce5e7e2a5d6c2d4d02557227cb41 /ssl/s3_lib.c | |
| parent | 7caf122e717e79afcb986fe217e77a630b67bf4c (diff) | |
Don't use a ssl specific DRBG anymore
Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5547)
Diffstat (limited to 'ssl/s3_lib.c')
| -rw-r--r-- | ssl/s3_lib.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index f230b5ff46..bbf49a205d 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4524,12 +4524,12 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, unsigned char *p = result; l2n(Time, p); - ret = ssl_randbytes(s, p, len - 4); + ret = RAND_bytes(p, len - 4); } else { - ret = ssl_randbytes(s, result, len); + ret = RAND_bytes(result, len); } #ifndef OPENSSL_NO_TLS13DOWNGRADE - if (ret) { + if (ret > 0) { if (!ossl_assert(sizeof(tls11downgrade) < len) || !ossl_assert(sizeof(tls12downgrade) < len)) return 0; |