diff options
author | Damien Miller <djm@mindrot.org> | 2003-03-17 16:13:53 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-03-17 16:13:53 +1100 |
commit | cafbcc73349f4e14afed5207b81a1205afc2cee2 (patch) | |
tree | 5cca4638acb6fbaa67f84e1ac2a9f45d872e579b | |
parent | c51d0735a4a68ddcd927f003ffb3fc917cb207c2 (diff) |
- (djm) Fix return value checks for RAND_bytes. Report from
Steve G <linux_4ever@yahoo.com>
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | openbsd-compat/bsd-arc4random.c | 4 | ||||
-rw-r--r-- | ssh-rand-helper.c | 8 |
3 files changed, 12 insertions, 6 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20030317 | ||
2 | - (djm) Fix return value checks for RAND_bytes. Report from | ||
3 | Steve G <linux_4ever@yahoo.com> | ||
4 | |||
1 | 20030315 | 5 | 20030315 |
2 | - (djm) OpenBSD CVS Sync | 6 | - (djm) OpenBSD CVS Sync |
3 | - markus@cvs.openbsd.org 2003/03/13 11:42:19 | 7 | - markus@cvs.openbsd.org 2003/03/13 11:42:19 |
@@ -1214,4 +1218,4 @@ | |||
1214 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1218 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1215 | ok provos@ | 1219 | ok provos@ |
1216 | 1220 | ||
1217 | $Id: ChangeLog,v 1.2629 2003/03/15 00:37:09 djm Exp $ | 1221 | $Id: ChangeLog,v 1.2630 2003/03/17 05:13:53 djm Exp $ |
diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index ab4e1431e..dd08130d5 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c | |||
@@ -25,7 +25,7 @@ | |||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | #include "log.h" | 26 | #include "log.h" |
27 | 27 | ||
28 | RCSID("$Id: bsd-arc4random.c,v 1.5 2002/05/08 22:57:18 tim Exp $"); | 28 | RCSID("$Id: bsd-arc4random.c,v 1.6 2003/03/17 05:13:53 djm Exp $"); |
29 | 29 | ||
30 | #ifndef HAVE_ARC4RANDOM | 30 | #ifndef HAVE_ARC4RANDOM |
31 | 31 | ||
@@ -66,7 +66,7 @@ void arc4random_stir(void) | |||
66 | unsigned char rand_buf[SEED_SIZE]; | 66 | unsigned char rand_buf[SEED_SIZE]; |
67 | 67 | ||
68 | memset(&rc4, 0, sizeof(rc4)); | 68 | memset(&rc4, 0, sizeof(rc4)); |
69 | if (!RAND_bytes(rand_buf, sizeof(rand_buf))) | 69 | if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) |
70 | fatal("Couldn't obtain random bytes (error %ld)", | 70 | fatal("Couldn't obtain random bytes (error %ld)", |
71 | ERR_get_error()); | 71 | ERR_get_error()); |
72 | RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); | 72 | RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); |
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index 375ba3cbf..68b77b208 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c | |||
@@ -39,7 +39,7 @@ | |||
39 | #include "pathnames.h" | 39 | #include "pathnames.h" |
40 | #include "log.h" | 40 | #include "log.h" |
41 | 41 | ||
42 | RCSID("$Id: ssh-rand-helper.c,v 1.9 2002/10/21 00:13:37 djm Exp $"); | 42 | RCSID("$Id: ssh-rand-helper.c,v 1.10 2003/03/17 05:13:53 djm Exp $"); |
43 | 43 | ||
44 | /* Number of bytes we write out */ | 44 | /* Number of bytes we write out */ |
45 | #define OUTPUT_SEED_SIZE 48 | 45 | #define OUTPUT_SEED_SIZE 48 |
@@ -562,7 +562,8 @@ prng_write_seedfile(void) | |||
562 | 562 | ||
563 | debug("writing PRNG seed to file %.100s", filename); | 563 | debug("writing PRNG seed to file %.100s", filename); |
564 | 564 | ||
565 | RAND_bytes(seed, sizeof(seed)); | 565 | if (RAND_bytes(seed, sizeof(seed)) <= 0) |
566 | fatal("PRNG seed extration failed"); | ||
566 | 567 | ||
567 | /* Don't care if the seed doesn't exist */ | 568 | /* Don't care if the seed doesn't exist */ |
568 | prng_check_seedfile(filename); | 569 | prng_check_seedfile(filename); |
@@ -849,7 +850,8 @@ main(int argc, char **argv) | |||
849 | if (!RAND_status()) | 850 | if (!RAND_status()) |
850 | fatal("Not enough entropy in RNG"); | 851 | fatal("Not enough entropy in RNG"); |
851 | 852 | ||
852 | RAND_bytes(buf, bytes); | 853 | if (RAND_bytes(buf, bytes) <= 0) |
854 | fatal("Couldn't extract entropy from PRNG"); | ||
853 | 855 | ||
854 | if (output_hex) { | 856 | if (output_hex) { |
855 | for(ret = 0; ret < bytes; ret++) | 857 | for(ret = 0; ret < bytes; ret++) |