X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fssl_sess.c;h=9273eb6c48b64ebed739a8cff12162f87d8db466;hb=e5bf62f716f71e4df6995a07d1fbc4cad82a2637;hp=cf019c8346d1ccc6b348053271ee8d9465c1ab2d;hpb=b7c9187b32a14b5b4a850161aed5c044d2130d5a;p=oweals%2Fopenssl.git

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index cf019c8346..9273eb6c48 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -257,7 +257,7 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
 {
     unsigned int retry = 0;
     do
-        if (RAND_pseudo_bytes(id, *id_len) <= 0)
+        if (RAND_bytes(id, *id_len) <= 0)
             return 0;
     while (SSL_has_matching_session_id(ssl, id, *id_len) &&
            (++retry < MAX_SESS_ID_ATTEMPTS)) ;
@@ -510,12 +510,14 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
              */
             if (!
                 (s->session_ctx->session_cache_mode &
-                 SSL_SESS_CACHE_NO_INTERNAL_STORE))
+                 SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
                 /*
                  * The following should not return 1, otherwise, things are
                  * very strange
                  */
-                SSL_CTX_add_session(s->session_ctx, ret);
+                if(SSL_CTX_add_session(s->session_ctx, ret))
+                    goto err;
+            }
         }
     }