Refactor {client,server}_random to call an intermediate function

I'll be using this to make an option for randomizing the time.
2013-10-09 10:28:42 -04:00 · 2013-10-09 10:28:42 -04:00 · 3da721dac9
commit 3da721dac9
parent f4c93b46ed
6 changed files with 15 additions and 6 deletions
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@ -801,7 +801,7 @@ int dtls1_client_hello(SSL *s)
 		for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++) ;
 		if (i==sizeof(s->s3->client_random))
 			{
-			RAND_pseudo_bytes(p,sizeof(s->s3->client_random));
+			ssl_fill_hello_random(s,0,p,sizeof(s->s3->client_random));
 			}

 		/* Do the message type and length last */
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@ -918,7 +918,7 @@ int dtls1_send_server_hello(SSL *s)
 		{
 		buf=(unsigned char *)s->init_buf->data;
 		p=s->s3->server_random;
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
+		ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
 		/* Do the message type and length last */
 		d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);

--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@ -269,6 +269,13 @@ static int ssl23_no_ssl2_ciphers(SSL *s)
 	return 1;
 	}

+/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
+ * on failure, 1 on success. */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+	{
+	return RAND_pseudo_bytes(result, len);
+	}
+
 static int ssl23_client_hello(SSL *s)
 	{
 	unsigned char *buf;
@ -355,7 +362,7 @@ static int ssl23_client_hello(SSL *s)
 #endif

 		p=s->s3->client_random;
-		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+		if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
 			return -1;

 		if (version == TLS1_2_VERSION)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -680,7 +680,8 @@ int ssl3_client_hello(SSL *s)
 		/* else use the pre-loaded session */

 		p=s->s3->client_random;
-		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+
+		if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
 			goto err;

 		/* Do the message type and length last */
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@ -1194,8 +1194,8 @@ int ssl3_get_client_hello(SSL *s)
 	 * SessionTicket processing to use it in key derivation. */
 	{
 		unsigned char *pos;
-    		pos=s->s3->server_random;
-		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE) <= 0)
+		pos=s->s3->server_random;
+		if (ssl_fill_hello_random(s,1,pos,SSL3_RANDOM_SIZE) <= 0)
 			{
 			al=SSL_AD_INTERNAL_ERROR;
 			goto f_err;
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@ -847,6 +847,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 int ssl_verify_alarm_type(long type);
 void ssl_load_ciphers(void);
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);

 int ssl2_enc_init(SSL *s, int client);
 int ssl2_generate_key_material(SSL *s);