X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fs3_srvr.c;h=d6158dbc65e76c03e4e32dd5f3ac023d3ef75ca3;hb=dd9d233e2aa493fa1398b527afbf6aa5cdb23f23;hp=9e08b75ee313cebeef7d3c323589ba138c69ec21;hpb=f2d9a32cf47ed8c4e4d025a2258154f3dbe5eca6;p=oweals%2Fopenssl.git

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 9e08b75ee3..d6158dbc65 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -113,7 +113,7 @@ int ssl3_accept(SSL *s)
 	int ret= -1;
 	int new_state,state,skip=0;
 
-	RAND_seed(&Time,sizeof(Time));
+	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
 	clear_sys_error();
 
@@ -270,8 +270,8 @@ int ssl3_accept(SSL *s)
 			    || (l & (SSL_DH|SSL_kFZA))
 			    || ((l & SSL_kRSA)
 				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
-				    || (SSL_IS_EXPORT(l)
-					&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_EXPORT_PKEYLENGTH(l)
+				    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+					&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
 					)
 				    )
 				)
@@ -503,7 +503,7 @@ static int ssl3_send_hello_request(SSL *s)
 	if (s->state == SSL3_ST_SW_HELLO_REQ_A)
 		{
 		p=(unsigned char *)s->init_buf->data;
-		*(p++)=SSL3_MT_CLIENT_REQUEST;
+		*(p++)=SSL3_MT_HELLO_REQUEST;
 		*(p++)=0;
 		*(p++)=0;
 		*(p++)=0;
@@ -816,7 +816,7 @@ static int ssl3_send_server_hello(SSL *s)
 		p=s->s3->server_random;
 		Time=time(NULL);			/* Time */
 		l2n(Time,p);
-		RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
 		/* Do the message type and length last */
 		d=p= &(buf[4]);
 
@@ -900,6 +900,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
 	int j,num;
 	RSA *rsa;
 	unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+	unsigned int u;
 #endif
 #ifndef NO_DH
 	DH *dh,*dhp;
@@ -907,7 +908,6 @@ static int ssl3_send_server_key_exchange(SSL *s)
 	EVP_PKEY *pkey;
 	unsigned char *p,*d;
 	int al,i;
-	unsigned int u;
 	unsigned long type;
 	int n;
 	CERT *cert;
@@ -1292,7 +1292,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 				{
 				p[0]=(s->version>>8);
 				p[1]=(s->version & 0xff);
-				RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+				RAND_pseudo_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
 				i=SSL_MAX_MASTER_KEY_LENGTH;
 				}
 			/* else, an SSLeay bug, ssl only server, tls client */