diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 4 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 2 |
2 files changed, 2 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index c170eed5e1..5ecbc3c554 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4568,7 +4568,7 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, } else { ret = RAND_bytes(result, len); } -#ifndef OPENSSL_NO_TLS13DOWNGRADE + if (ret > 0) { if (!ossl_assert(sizeof(tls11downgrade) < len) || !ossl_assert(sizeof(tls12downgrade) < len)) @@ -4580,7 +4580,7 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, memcpy(result + len - sizeof(tls11downgrade), tls11downgrade, sizeof(tls11downgrade)); } -#endif + return ret; } diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index d04f8773de..38121b7fd2 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1914,7 +1914,6 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions) if (s->version != vent->version) continue; -#ifndef OPENSSL_NO_TLS13DOWNGRADE /* Check for downgrades */ if (s->version == TLS1_2_VERSION && highver > s->version) { if (memcmp(tls12downgrade, @@ -1941,7 +1940,6 @@ int ssl_choose_client_version(SSL *s, int version, RAW_EXTENSION *extensions) return 0; } } -#endif s->method = method; return 1; |