From cafbcc73349f4e14afed5207b81a1205afc2cee2 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 17 Mar 2003 16:13:53 +1100 Subject: [PATCH] - (djm) Fix return value checks for RAND_bytes. Report from Steve G --- ChangeLog | 6 +++++- openbsd-compat/bsd-arc4random.c | 4 ++-- ssh-rand-helper.c | 8 +++++--- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index c692c2785..9346f1351 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20030317 + - (djm) Fix return value checks for RAND_bytes. Report from + Steve G + 20030315 - (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/03/13 11:42:19 @@ -1214,4 +1218,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2629 2003/03/15 00:37:09 djm Exp $ +$Id: ChangeLog,v 1.2630 2003/03/17 05:13:53 djm Exp $ diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index ab4e1431e..dd08130d5 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c @@ -25,7 +25,7 @@ #include "includes.h" #include "log.h" -RCSID("$Id: bsd-arc4random.c,v 1.5 2002/05/08 22:57:18 tim Exp $"); +RCSID("$Id: bsd-arc4random.c,v 1.6 2003/03/17 05:13:53 djm Exp $"); #ifndef HAVE_ARC4RANDOM @@ -66,7 +66,7 @@ void arc4random_stir(void) unsigned char rand_buf[SEED_SIZE]; memset(&rc4, 0, sizeof(rc4)); - if (!RAND_bytes(rand_buf, sizeof(rand_buf))) + if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) fatal("Couldn't obtain random bytes (error %ld)", ERR_get_error()); RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index 375ba3cbf..68b77b208 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c @@ -39,7 +39,7 @@ #include "pathnames.h" #include "log.h" -RCSID("$Id: ssh-rand-helper.c,v 1.9 2002/10/21 00:13:37 djm Exp $"); +RCSID("$Id: ssh-rand-helper.c,v 1.10 2003/03/17 05:13:53 djm Exp $"); /* Number of bytes we write out */ #define OUTPUT_SEED_SIZE 48 @@ -562,7 +562,8 @@ prng_write_seedfile(void) debug("writing PRNG seed to file %.100s", filename); - RAND_bytes(seed, sizeof(seed)); + if (RAND_bytes(seed, sizeof(seed)) <= 0) + fatal("PRNG seed extration failed"); /* Don't care if the seed doesn't exist */ prng_check_seedfile(filename); @@ -849,7 +850,8 @@ main(int argc, char **argv) if (!RAND_status()) fatal("Not enough entropy in RNG"); - RAND_bytes(buf, bytes); + if (RAND_bytes(buf, bytes) <= 0) + fatal("Couldn't extract entropy from PRNG"); if (output_hex) { for(ret = 0; ret < bytes; ret++)