Check rng return value when generating TLS session identifiers

This commit is contained in:
Martin Willi 2012-07-06 13:55:42 +02:00
parent 6a3e4ed916
commit bb5eb15ccc
1 changed files with 3 additions and 3 deletions

View File

@ -313,11 +313,11 @@ static status_t process_client_hello(private_tls_server_t *this,
return NEED_MORE;
}
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
if (rng)
if (!rng || !rng->allocate_bytes(rng, SESSION_ID_SIZE, &this->session))
{
rng->allocate_bytes(rng, SESSION_ID_SIZE, &this->session);
rng->destroy(rng);
DBG1(DBG_TLS, "generating TLS session identifier failed, skipped");
}
DESTROY_IF(rng);
DBG1(DBG_TLS, "negotiated %N using suite %N",
tls_version_names, this->tls->get_version(this->tls),
tls_cipher_suite_names, this->suite);