the comment says RAND_pseudo_bytes should be RAND_bytes. make it so.

ok deraadt

2 files changed, 2 insertions, 12 deletions

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index b53f27a47d..481cf37bef 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -2137,12 +2137,7 @@ ssl3_get_client_key_exchange(SSL *s)
                         i = SSL_MAX_MASTER_KEY_LENGTH;
                         p[0] = s->client_version >> 8;
                         p[1] = s->client_version & 0xff;
-                        /*
-                         * Should be RAND_bytes, but we cannot work around a
-                         * failure.
-                         */
-                        if (RAND_pseudo_bytes(p+2, i-2) <= 0)
-                                goto err;
+                        RAND_bytes(p+2, i-2);
                 }
 
                 s->session->master_key_length =
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index b53f27a47d..481cf37bef 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -2137,12 +2137,7 @@ ssl3_get_client_key_exchange(SSL *s)
                         i = SSL_MAX_MASTER_KEY_LENGTH;
                         p[0] = s->client_version >> 8;
                         p[1] = s->client_version & 0xff;
-                        /*
-                         * Should be RAND_bytes, but we cannot work around a
-                         * failure.
-                         */
-                        if (RAND_pseudo_bytes(p+2, i-2) <= 0)
-                                goto err;
+                        RAND_bytes(p+2, i-2);
                 }
 
                 s->session->master_key_length =