www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

* modules/ssl/ssl_engine_kernel.c (ssl_callback_SessionTicket): Fail

Browse Source 
if RAND_bytes() fails; possible per API, although not in practice
  with the OpenSSL implementation.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757147 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2016-08-22 11:10:58 +00:00
parent 45d8216e5f
commit b70d7ae5b5
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/ssl/ssl_engine_kernel.c
View File

@@ -2306,7 +2306,9 @@ int ssl_callback_SessionTicket(SSL *ssl,
}
memcpy(keyname, ticket_key->key_name, 16);
RAND_bytes(iv, EVP_MAX_IV_LENGTH);
if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) != 1) {
return -1;
}
EVP_EncryptInit_ex(cipher_ctx, EVP_aes_128_cbc(), NULL,
ticket_key->aes_key, iv);
HMAC_Init_ex(hctx, ticket_key->hmac_secret, 16, tlsext_tick_md(), NULL);