typo

[openssl.git] / ssl / d1_enc.c

diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
index 7f3e57fc1e2f9227bc631698e053c04ef422e015..07a5e97ce5cda574154f7a91b3906e765a1692f7 100644 (file)
--- a/ssl/d1_enc.c
+++ b/ssl/d1_enc.c
@@ -155,7 +155,7 @@ int dtls1_enc(SSL *s, int send)
                                        __FILE__, __LINE__);
                        else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
                                {
-                               if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)))
+                               if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0)
                                        return -1;
                                }
                        }
@@ -231,11 +231,7 @@ int dtls1_enc(SSL *s, int send)
                if (!send)
                        {
                        if (l == 0 || l%bs != 0)
-                               {
-                               SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-                               ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
-                               return 0;
-                               }
+                               return -1;
                        }
                
                EVP_Cipher(ds,rec->data,rec->input,l);
@@ -264,7 +260,7 @@ int dtls1_enc(SSL *s, int send)
                                }
                        /* TLS 1.0 does not bound the number of padding bytes by the block size.
                         * All of them must have value 'padding_length'. */
-                       if (i > (int)rec->length)
+                       if (i + bs > (int)rec->length)
                                {
                                /* Incorrect padding. SSLerr() and ssl3_alert are done
                                 * by caller: we don't want to reveal whether this is