Do not include a timestamp in the ServerHello Random field.

Instead, send random bytes.
2013-09-16 13:32:54 -04:00
parent 4af793036f
commit f4c93b46ed
2 changed files with 4 additions and 9 deletions
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1193,12 +1193,9 @@ int ssl3_get_client_hello(SSL *s)
 	 * server_random before calling tls_session_secret_cb in order to allow
 	 * SessionTicket processing to use it in key derivation. */
 	{
-		unsigned long Time;
 		unsigned char *pos;
-		Time=(unsigned long)time(NULL);			/* Time */
-		pos=s->s3->server_random;
-		l2n(Time,pos);
-		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
+    		pos=s->s3->server_random;
+		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE) <= 0)
 			{
 			al=SSL_AD_INTERNAL_ERROR;
 			goto f_err;