Remove erroneous server_random filling
Commit e481f9b90b164 removed OPENSSL_NO_TLSEXT from the code. Previously if OPENSSL_NO_TLSEXT *was not* defined then the server random was filled during getting of the ClientHello. If it *was* defined then the server random would be filled in ssl3_send_server_hello(). Unfortunately in commit e481f9b90b164 the OPENSSL_NO_TLSEXT guards were removed but *both* server random fillings were left in. This could cause problems for session ticket callbacks. Reviewed-by: Stephen Henson <steve@openssl.org>
This commit is contained in:
Matt Caswell
parent
1a586b3942
commit
e1e088ec7f
@ -1580,19 +1580,16 @@ int ssl3_send_server_hello(SSL *s)
|
|||||||
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
|
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
|
||||||
buf = (unsigned char *)s->init_buf->data;
|
buf = (unsigned char *)s->init_buf->data;
|
||||||
|
|
||||||
p = s->s3->server_random;
|
|
||||||
if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
|
|
||||||
s->state = SSL_ST_ERR;
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Do the message type and length last */
|
/* Do the message type and length last */
|
||||||
d = p = ssl_handshake_start(s);
|
d = p = ssl_handshake_start(s);
|
||||||
|
|
||||||
*(p++) = s->version >> 8;
|
*(p++) = s->version >> 8;
|
||||||
*(p++) = s->version & 0xff;
|
*(p++) = s->version & 0xff;
|
||||||
|
|
||||||
/* Random stuff */
|
/*
|
||||||
|
* Random stuff. Filling of the server_random takes place in
|
||||||
|
* ssl3_get_client_hello()
|
||||||
|
*/
|
||||||
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
|
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
|
||||||
p += SSL3_RANDOM_SIZE;
|
p += SSL3_RANDOM_SIZE;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user