generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not include a timestamp in the ServerHello Random field.

Browse Source 
Instead, send random bytes.
This commit is contained in:
Nick Mathewson 2013-09-16 13:32:54 -04:00
parent 4af793036f
commit f4c93b46ed
2 changed files with 4 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/d1_srvr.c
View File

@ -912,15 +912,13 @@ int dtls1_send_server_hello(SSL *s)
unsigned char *p,*d; unsigned char *p,*d;
int i; int i;
unsigned int sl; unsigned int sl;
unsigned long l,Time; unsigned long l;
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
{ {
buf=(unsigned char *)s->init_buf->data; buf=(unsigned char *)s->init_buf->data;
p=s->s3->server_random; p=s->s3->server_random;
Time=(unsigned long)time(NULL); /* Time */ RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
l2n(Time,p);
RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
/* Do the message type and length last */ /* Do the message type and length last */
d=p= &(buf[DTLS1_HM_HEADER_LENGTH]); d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);

7
ssl/s3_srvr.c
View File

@ -1193,12 +1193,9 @@ int ssl3_get_client_hello(SSL *s)
* server_random before calling tls_session_secret_cb in order to allow * server_random before calling tls_session_secret_cb in order to allow
* SessionTicket processing to use it in key derivation. */ * SessionTicket processing to use it in key derivation. */
{ {
unsigned long Time;
unsigned char *pos; unsigned char *pos;
Time=(unsigned long)time(NULL); /* Time */ pos=s->s3->server_random;
pos=s->s3->server_random; if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE) <= 0)
l2n(Time,pos);
if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
{ {
al=SSL_AD_INTERNAL_ERROR; al=SSL_AD_INTERNAL_ERROR;
goto f_err; goto f_err;