kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for RAND_bytes failures in the ClientHello.

Browse Source 
(Imported from upstream's e1b568dd2462f7cacf98f3d117936c34e2849a6b.)

Our RAND_bytes secretly can't actually fail, but we should propagate the check
upwards.

Change-Id: Ieaaea98dad00bf73b1c0a42c039507d76b10ac78
Reviewed-on: https://boringssl-review.googlesource.com/4003
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-03-18 19:40:51 -04:00 committed by Adam Langley
parent 3305858342
commit 2ddba8cd48
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/s3_clnt.c
View File

@ -629,8 +629,9 @@ int ssl3_send_client_hello(SSL *s) {
/* If resending the ClientHello in DTLS after a HelloVerifyRequest, don't
* renegerate the client_random. The random must be reused. */
if (!SSL_IS_DTLS(s) || !s->d1->send_cookie) {
ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random));
if ((!SSL_IS_DTLS(s) || !s->d1->send_cookie) &&
!ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random))) {
goto err;
}
/* Do the message type and length last. Note: the final argument to