From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 27 Jun 2016 15:27:54 +0000 (+0200)
Subject: openssl: Don't use deprecated RAND_pseudo_bytes()
X-Git-Tag: 5.5.0rc1~9^2~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cd08eb84cbb30c03792ae15560fd52044aa8fd56;p=thirdparty%2Fstrongswan.git

openssl: Don't use deprecated RAND_pseudo_bytes()
---

diff --git a/src/libstrongswan/plugins/openssl/openssl_rng.c b/src/libstrongswan/plugins/openssl/openssl_rng.c
index f8e98fc0f5..a25b6b4b66 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rng.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rng.c
@@ -49,13 +49,6 @@ struct private_openssl_rng_t {
 METHOD(rng_t, get_bytes, bool,
 	private_openssl_rng_t *this, size_t bytes, uint8_t *buffer)
 {
-	if (this->quality == RNG_WEAK)
-	{
-		/* RAND_pseudo_bytes() returns 1 if returned bytes are strong,
-		 * 0 if of not. Both is acceptable for RNG_WEAK. */
-		return RAND_pseudo_bytes((char*)buffer, bytes) != -1;
-	}
-	/* A 0 return value is a failure for RAND_bytes() */
 	return RAND_bytes((char*)buffer, bytes) == 1;
 }