From cfd0a40fdb8d1b1dccb53c3cbbaf34af037dbb55 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Wed, 20 Feb 2008 17:00:44 +0000
Subject: [PATCH] 2008-02-21  Tatsuhiro Tsujikawa  <tujikawa at rednoah dot
 com>

	Proper return value handling for OpenSSL functions.
	* src/LibsslDHKeyExchange.h
---
 ChangeLog                 |  5 +++++
 src/LibsslDHKeyExchange.h | 14 ++++++++------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7388e706..4de39e27 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2008-02-21  Tatsuhiro Tsujikawa  <tujikawa at rednoah dot com>
+
+	Proper return value handling for OpenSSL functions.
+	* src/LibsslDHKeyExchange.h
+
 2008-02-21  Tatsuhiro Tsujikawa  <tujikawa at rednoah dot com>
 
 	Random bytes generation using libgcrypt and OpenSSL.
diff --git a/src/LibsslDHKeyExchange.h b/src/LibsslDHKeyExchange.h
index 1f311d15..1f18849d 100644
--- a/src/LibsslDHKeyExchange.h
+++ b/src/LibsslDHKeyExchange.h
@@ -101,7 +101,7 @@ public:
       handleError();
     }
     _privateKey = BN_new();
-    if(!BN_rand(_privateKey, privateKeyBits, -1, false)) {
+    if(BN_rand(_privateKey, privateKeyBits, -1, false) == 0) {
       handleError();
     }
   }
@@ -120,12 +120,13 @@ public:
 
   size_t getPublicKey(unsigned char* out, size_t outLength) const
   {
-    if(outLength < publicKeyLength()) {
+    size_t pubKeyLen = publicKeyLength();
+    if(outLength < pubKeyLen) {
       throw new DlAbortEx("Insufficient buffer for public key. expect:%u, actual:%u",
 			  publicKeyLength(), outLength);
     }
     size_t nwritten = BN_bn2bin(_publicKey, out);
-    if(!nwritten) {
+    if(nwritten != pubKeyLen) {
       handleError();
     }
     return nwritten;
@@ -133,7 +134,7 @@ public:
 
   void generateNonce(unsigned char* out, size_t outLength) const
   {
-    if(!RAND_bytes(out, outLength)) {
+    if(RAND_bytes(out, outLength) != 1) {
       handleError();
     }
   }
@@ -142,7 +143,8 @@ public:
 		       const unsigned char* peerPublicKeyData,
 		       size_t peerPublicKeyLength) const
   {
-    if(outLength < publicKeyLength()) {
+    size_t pubKeyLen = publicKeyLength();
+    if(outLength < pubKeyLen) {
       throw new DlAbortEx("Insufficient buffer for secret. expect:%u, actual:%u",
 			  publicKeyLength(), outLength);
     }
@@ -159,7 +161,7 @@ public:
 
     size_t nwritten = BN_bn2bin(secret, out);
     BN_free(secret);
-    if(!nwritten) {
+    if(nwritten != pubKeyLen) {
       handleError();
     }
     return nwritten;