From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 23 Dec 2016 14:29:01 +0000 (+0100)
Subject: openssl-random: check return code when asking for random
X-Git-Tag: curl-7_53_0~153
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=00c817068ed9e73974b3fedf6b9d7cb085db69f4;p=curl

openssl-random: check return code when asking for random

and fail appropriately if it returns error
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index d92e71365..df8f11f34 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3275,6 +3275,7 @@ size_t Curl_ossl_version(char *buffer, size_t size)
 int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
                      size_t length)
 {
+  int rc;
   if(data) {
     if(Curl_ossl_seed(data)) /* Initiate the seed if not already done */
       return 1; /* couldn't seed for some reason */
@@ -3283,8 +3284,9 @@ int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
     if(!rand_enough())
       return 1;
   }
-  RAND_bytes(entropy, curlx_uztosi(length));
-  return 0; /* 0 as in no problem */
+  /* RAND_bytes() returns 1 on success, 0 otherwise.  */
+  rc = RAND_bytes(entropy, curlx_uztosi(length));
+  return rc^1;
 }
 
 void Curl_ossl_md5sum(unsigned char *tmp, /* input */