Commit e4ca8657 authored by David Woodhouse's avatar David Woodhouse

Add openconnect_random() function

Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
parent af19e152
......@@ -35,7 +35,6 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include "openconnect-internal.h"
......@@ -108,7 +107,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
/* Create (new) random master key for DTLS connection, if needed */
if (vpninfo->dtls_times.last_rekey + vpninfo->dtls_times.rekey <
time(NULL) + 300 &&
RAND_bytes(vpninfo->dtls_secret, sizeof(vpninfo->dtls_secret)) != 1) {
openconnect_random(vpninfo->dtls_secret, sizeof(vpninfo->dtls_secret))) {
fprintf(stderr, _("Failed to initialise DTLS secret\n"));
exit(1);
}
......
......@@ -56,4 +56,5 @@ OPENCONNECT_PRIVATE {
openconnect_get_cert_details;
openconnect_get_cert_DER;
openconnect_sha1;
openconnect_random;
};
......@@ -293,6 +293,7 @@ void openconnect_report_ssl_errors(struct openconnect_info *vpninfo);
/* ${SSL_LIBRARY}.c */
int openconnect_sha1(unsigned char *result, void *data, int len);
int openconnect_random(void *bytes, int len);
/* mainloop.c */
int vpn_add_pollfd(struct openconnect_info *vpninfo, int fd, short events);
......
......@@ -25,6 +25,7 @@
#include <errno.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include "openconnect-internal.h"
......@@ -62,3 +63,10 @@ int openconnect_get_cert_DER(struct openconnect_info *vpninfo,
BIO_free(bp);
return l;
}
int openconnect_random(void *bytes, int len)
{
if (RAND_bytes(bytes, len) != 1)
return -EIO;
return 0;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment