* ext/openssl/ossl_rand.c (ossl_rand_bytes): RAND_bytes could

be return -1 as an error. Therefore, added error handling.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,9 @@
+Wed Oct 21 12:10:04 2015  KOSAKI Motohiro  <kosaki.motohiro@gmail.com>
+
+	* ext/openssl/ossl_rand.c (ossl_rand_bytes): RAND_bytes could
+	  be return -1 as an error. Therefore, added error handling.
+	* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
+
 Wed Oct 21 09:04:09 2015  KOSAKI Motohiro  <kosaki.motohiro@gmail.com>
 
 	* include/ruby/util.h: remove a warning suppression C4723

ext/openssl/ossl_pkey_dsa.c

@@ -110,7 +110,7 @@ dsa_generate(int size)
     unsigned long h;
 
     if (!dsa) return 0;
-    if (!RAND_bytes(seed, seed_len)) {
+    if (RAND_bytes(seed, seed_len) <= 0) {
 	DSA_free(dsa);
 	return 0;
     }
@@ -144,7 +144,7 @@ dsa_generate(int size)
     int seed_len = 20, counter;
     unsigned long h;
 
-    if (!RAND_bytes(seed, seed_len)) {
+    if (RAND_bytes(seed, seed_len) <= 0) {
 	return 0;
     }
     dsa = DSA_generate_parameters(size, seed, seed_len, &counter, &h,

ext/openssl/ossl_rand.c

@@ -110,10 +110,16 @@ ossl_rand_bytes(VALUE self, VALUE len)
 {
     VALUE str;
     int n = NUM2INT(len);
+    int ret;
 
     str = rb_str_new(0, n);
-    if (!RAND_bytes((unsigned char *)RSTRING_PTR(str), n)) {
-	ossl_raise(eRandomError, NULL);
+    ret = RAND_bytes((unsigned char *)RSTRING_PTR(str), n);
+    if (ret == 0){
+	char buf[256];
+	ERR_error_string_n(ERR_get_error(), buf, 256);
+	ossl_raise(eRandomError, "RAND_bytes error: %s", buf);
+    } else if (ret == -1) {
+	ossl_raise(eRandomError, "RAND_bytes is not supported");
     }
 
     return str;