From: Bodo Möller <bodo@openssl.org>
Date: Thu, 13 Jan 2000 21:20:26 +0000 (+0000)
Subject: note about things still to do with RAND_bytes
X-Git-Tag: OpenSSL_0_9_5beta1~286
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0983760dfce8f6accfa257163dcfce9624dce373;p=oweals%2Fopenssl.git

note about things still to do with RAND_bytes
---

diff --git a/CHANGES b/CHANGES
index 48053f2201..326b5cf7a1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,8 +5,13 @@
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
   *) Precautions against using the PRNG uninitialized: RAND_bytes() now
-     has a return value which indicated the quality of the random data
-     (1 = ok, 0 = not seeded).
+     has a return value which indicates the quality of the random data
+     (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
+     error queue.
+     (TO DO: always check the result of RAND_bytes when it is used in the
+     library, because leaving the error in the error queue but reporting
+     success in a function that uses RAND_bytes could confuse things
+     considerably.)
      [Ulf Möller]
 
   *) Do more iterations of Rabin-Miller probable prime test (specifically,