- (djm) Fix return value checks for RAND_bytes. Report from
Steve G <linux_4ever@yahoo.com>
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c
index 375ba3c..68b77b2 100644
--- a/ssh-rand-helper.c
+++ b/ssh-rand-helper.c
@@ -39,7 +39,7 @@
#include "pathnames.h"
#include "log.h"
-RCSID("$Id: ssh-rand-helper.c,v 1.9 2002/10/21 00:13:37 djm Exp $");
+RCSID("$Id: ssh-rand-helper.c,v 1.10 2003/03/17 05:13:53 djm Exp $");
/* Number of bytes we write out */
#define OUTPUT_SEED_SIZE 48
@@ -562,7 +562,8 @@
debug("writing PRNG seed to file %.100s", filename);
- RAND_bytes(seed, sizeof(seed));
+ if (RAND_bytes(seed, sizeof(seed)) <= 0)
+ fatal("PRNG seed extration failed");
/* Don't care if the seed doesn't exist */
prng_check_seedfile(filename);
@@ -849,7 +850,8 @@
if (!RAND_status())
fatal("Not enough entropy in RNG");
- RAND_bytes(buf, bytes);
+ if (RAND_bytes(buf, bytes) <= 0)
+ fatal("Couldn't extract entropy from PRNG");
if (output_hex) {
for(ret = 0; ret < bytes; ret++)