From d6f68fa3149102bc6778935c700af5c7b4044d7d Mon Sep 17 00:00:00 2001
From: Bodo Möller <bodo@openssl.org>
Date: Fri, 3 Mar 2000 07:51:25 +0000
Subject: Fix for previous patch: If RAND_pseudo_bytes returns 0, this is not
 an error.

---
 crypto/asn1/p5_pbe.c     | 2 +-
 crypto/asn1/p5_pbev2.c   | 5 +++--
 crypto/pem/pem_lib.c     | 2 +-
 crypto/pkcs12/p12_mutl.c | 2 +-
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index 380c5283b1..a147ac3295 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -129,7 +129,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
 	}
 	pbe->salt->length = saltlen;
 	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) <= 0)
+	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
 		return NULL;
 
 	if (!(astype = ASN1_TYPE_new())) {
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index 648983e7f8..1bbdb10c71 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -194,7 +194,8 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
 
 	/* Create random IV */
-	RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher));
+	if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+		goto err;
 
 	/* Dummy cipherinit to just setup the IV */
 	EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
@@ -212,7 +213,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if (!(osalt->data = Malloc (saltlen))) goto merr;
 	osalt->length = saltlen;
 	if (salt) memcpy (osalt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (osalt->data, saltlen) <= 0) goto merr;
+	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
 
 	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
 	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index b19ad2c818..b5e0a650f8 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -373,7 +373,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 			kstr=(unsigned char *)buf;
 			}
 		RAND_add(data,i,0);/* put in the RSA key. */
-		if (RAND_pseudo_bytes(iv,8) <= 0)	/* Generate a salt */
+		if (RAND_pseudo_bytes(iv,8) < 0)	/* Generate a salt */
 			goto err;
 		/* The 'iv' is used as the iv and as a salt.  It is
 		 * NOT taken from the BytesToKey function */
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 4e0a7cbed8..369257ed4c 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -157,7 +157,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
 		return 0;
 	}
 	if (!salt) {
-		if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) <= 0)
+		if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0)
 			return 0;
 	}
 	else memcpy (p12->mac->salt->data, salt, saltlen);
-- 
cgit v1.2.3