From b7fc9d09d9d80b3e3406cef112e7610802ed0d3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rogelio=20Dom=C3=ADnguez=20Hern=C3=A1ndez?= Date: Wed, 26 Oct 2016 12:28:19 -0500 Subject: [PATCH] remove usage of deprecated RAND_pseudo_bytes Ignore the @strongRandom in SSL_Cipher::randomize because OpenSSL does not offer a "weak" random generator --- encfs/SSL_Cipher.cpp | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/encfs/SSL_Cipher.cpp b/encfs/SSL_Cipher.cpp index 4d14755..f2f8294 100644 --- a/encfs/SSL_Cipher.cpp +++ b/encfs/SSL_Cipher.cpp @@ -488,19 +488,15 @@ static uint64_t _checksum_64(SSLKey *key, const unsigned char *data, /** * Write "len" bytes of random data into "buf" * - * See "man 3 RAND_bytes" for the effect of strongRandom + * We ignore the @strongRandom parameter because OpenSSL + * does not * offer a "weak" random generator */ bool SSL_Cipher::randomize(unsigned char *buf, int len, - bool strongRandom) const { + bool /*strongRandom*/) const { // to avoid warnings of uninitialized data from valgrind memset(buf, 0, len); - int result; - if (strongRandom) { - result = RAND_bytes(buf, len); - } else { - result = RAND_pseudo_bytes(buf, len); - } + int result = RAND_bytes(buf, len); if (result != 1) { char errStr[120]; // specs require string at least 120 bytes long.. unsigned long errVal = 0;