ssl: add zero strenght arguments to BN and RAND RNG calls

Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
author: Pauli <pauli@openssl.org> 2021-05-28 14:45:57 +1000
committer: Pauli <pauli@openssl.org> 2021-05-29 17:17:12 +1000
commit: 0f8815aace625f869a42cfc5c254c08d5a668077 (patch)
tree: 3bbf7b2aaec23023be2232920f5b0011744e4126 /ssl/ssl_lib.c
parent: 23e97567be012ff1b5082bf149810c72816c29bd (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f35eaf07c5..af95f2e056 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3284,15 +3284,15 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
 
     /* Setup RFC5077 ticket keys */
     if ((RAND_bytes_ex(libctx, ret->ext.tick_key_name,
-                       sizeof(ret->ext.tick_key_name)) <= 0)
+                       sizeof(ret->ext.tick_key_name), 0) <= 0)
         || (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_hmac_key,
-                               sizeof(ret->ext.secure->tick_hmac_key)) <= 0)
+                               sizeof(ret->ext.secure->tick_hmac_key), 0) <= 0)
         || (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_aes_key,
-                               sizeof(ret->ext.secure->tick_aes_key)) <= 0))
+                               sizeof(ret->ext.secure->tick_aes_key), 0) <= 0))
         ret->options |= SSL_OP_NO_TICKET;
 
     if (RAND_priv_bytes_ex(libctx, ret->ext.cookie_hmac_key,
-                           sizeof(ret->ext.cookie_hmac_key)) <= 0)
+                           sizeof(ret->ext.cookie_hmac_key), 0) <= 0)
         goto err;
 
 #ifndef OPENSSL_NO_SRP
author	Pauli <pauli@openssl.org>	2021-05-28 14:45:57 +1000
committer	Pauli <pauli@openssl.org>	2021-05-29 17:17:12 +1000
commit	0f8815aace625f869a42cfc5c254c08d5a668077 (patch)
tree	3bbf7b2aaec23023be2232920f5b0011744e4126 /ssl/ssl_lib.c
parent	23e97567be012ff1b5082bf149810c72816c29bd (diff)