ssl/s3_pkt.c: detect RAND_bytes error in multi-block.

(cherry picked from commit 701134320a)
This commit is contained in:
Andy Polyakov 2014-02-14 17:43:31 +01:00
parent 104c032b7b
commit aff78bb39a
3 changed files with 8 additions and 5 deletions

View file

@ -212,7 +212,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key,
u64 seqnum;
#endif
RAND_bytes((IVs=blocks[0].c),16*x4); /* ask for IVs in bulk */
if (RAND_bytes((IVs=blocks[0].c),16*x4)<=0) /* ask for IVs in bulk */
return 0;
ctx = (SHA1_MB_CTX *)(storage+32-((size_t)storage%32)); /* align */

View file

@ -208,7 +208,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
u64 seqnum;
#endif
RAND_bytes((IVs=blocks[0].c),16*x4); /* ask for IVs in bulk */
if (RAND_bytes((IVs=blocks[0].c),16*x4)<=0) /* ask for IVs in bulk */
return 0;
ctx = (SHA256_MB_CTX *)(storage+32-((size_t)storage%32)); /* align */

View file

@ -725,9 +725,10 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
mb_param.inp = &buf[tot];
mb_param.len = nw;
EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
if (EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
sizeof(mb_param),&mb_param);
sizeof(mb_param),&mb_param)<=0)
return -1;
s->s3->write_sequence[7] += mb_param.interleave;
if (s->s3->write_sequence[7] < mb_param.interleave)