summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src/ssl/s3_clnt.c
diff options
context:
space:
mode:
authordjm <djm@openbsd.org>2005-04-29 05:39:09 +0000
committerdjm <djm@openbsd.org>2005-04-29 05:39:09 +0000
commit40d8aef356a70d0b13395f0805e3044b85d91347 (patch)
tree22edbfd34c49ce1b7988794a7a74d65829c13819 /lib/libssl/src/ssl/s3_clnt.c
parentimport of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@ (diff)
downloadwireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.tar.xz
wireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.zip
resolve conflicts
Diffstat (limited to 'lib/libssl/src/ssl/s3_clnt.c')
-rw-r--r--lib/libssl/src/ssl/s3_clnt.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c
index 36f4a8b4c3b..ebf83b03226 100644
--- a/lib/libssl/src/ssl/s3_clnt.c
+++ b/lib/libssl/src/ssl/s3_clnt.c
@@ -117,6 +117,7 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
+#include <openssl/fips.h>
static SSL_METHOD *ssl3_get_client_method(int ver);
static int ssl3_client_hello(SSL *s);
@@ -534,7 +535,8 @@ static int ssl3_client_hello(SSL *s)
p=s->s3->client_random;
Time=time(NULL); /* Time */
l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+ goto err;
/* Do the message type and length last */
d=p= &(buf[4]);
@@ -1160,11 +1162,14 @@ static int ssl3_get_key_exchange(SSL *s)
q=md_buf;
for (num=2; num > 0; num--)
{
+ EVP_MD_CTX_set_flags(&md_ctx,
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(&md_ctx,(num == 2)
?s->ctx->md5:s->ctx->sha1, NULL);
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,param,param_len);
+
EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
q+=i;
j+=i;
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.