commit eb952088f0d5da59e569ae2aa33e9b96bc3b586d
author Ulf Möller <ulf@openssl.org> Thu Jan 13 20:59:17 2000 +0000
committer Ulf Möller <ulf@openssl.org> Thu Jan 13 20:59:17 2000 +0000
tree 1d722a423148a6b568a1e6d42f01943aed6cfb2a
parent 22e219d90f1ea5d3b2f4abb72c846a436ea33eff

Precautions against using the PRNG uninitialized: RAND_bytes() now
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.

ssl/s23_clnt.c

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 299d2ae..6db98e9 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -102,7 +102,7 @@
 	int ret= -1;
 	int new_state,state;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/s23_srvr.c

diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 3aec65d..3717897 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -101,7 +101,7 @@
 	int ret= -1;
 	int new_state,state;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/s2_clnt.c

diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index b0a6567..01ef9a7 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -108,7 +108,7 @@
 	void (*cb)()=NULL;
 	int new_state,state;
 
-	RAND_seed(&l,sizeof(l));
+	RAND_add(&l,sizeof(l),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/s2_srvr.c

diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index e219ae5..cfc0ba0 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -109,7 +109,7 @@
 	void (*cb)()=NULL;
 	int new_state,state;
 
-	RAND_seed(&l,sizeof(l));
+	RAND_add(&l,sizeof(l),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/s3_clnt.c

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b8f6a86..9d85ba4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -110,7 +110,7 @@
 	int ret= -1;
 	int new_state,state,skip=0;;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 5ba3a28..c6cc4f7 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -113,7 +113,7 @@
 	int ret= -1;
 	int new_state,state,skip=0;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 

ssl/ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 94a0657..575c64d 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1311,7 +1311,6 @@
 #define SSL_R_BAD_AUTHENTICATION_TYPE			 102
 #define SSL_R_BAD_CHANGE_CIPHER_SPEC			 103
 #define SSL_R_BAD_CHECKSUM				 104
-#define SSL_R_BAD_HELLO_REQUEST			 	 105
 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK		 106
 #define SSL_R_BAD_DECOMPRESSION				 107
 #define SSL_R_BAD_DH_G_LENGTH				 108
@@ -1319,6 +1318,7 @@
 #define SSL_R_BAD_DH_P_LENGTH				 110
 #define SSL_R_BAD_DIGEST_LENGTH				 111
 #define SSL_R_BAD_DSA_SIGNATURE				 112
+#define SSL_R_BAD_HELLO_REQUEST				 105
 #define SSL_R_BAD_LENGTH				 271
 #define SSL_R_BAD_MAC_DECODE				 113
 #define SSL_R_BAD_MESSAGE_TYPE				 114

ssl/ssl_err.c

diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 9dd483d..ff7e1c7 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -205,7 +205,6 @@
 {SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
 {SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
 {SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
-{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
 {SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
 {SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
 {SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
@@ -213,6 +212,7 @@
 {SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
 {SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
 {SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
+{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
 {SSL_R_BAD_LENGTH                        ,"bad length"},
 {SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
 {SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},