diff options
author | Michael Demeter <michael.demeter@intel.com> | 2014-01-06 15:47:34 -0800 |
---|---|---|
committer | Michael Demeter <michael.demeter@intel.com> | 2014-01-06 15:47:34 -0800 |
commit | 975084c3fdbacd5f8a3c626171be8d4df27b2ac5 (patch) | |
tree | 7f18b115ac927b799ebfe55335282130047b3ec6 /ssl/s23_clnt.c | |
parent | 37a8d409f8ffc065c1b1417f0f3b5ba050e8aa95 (diff) | |
download | openssl-975084c3fdbacd5f8a3c626171be8d4df27b2ac5.tar.gz openssl-975084c3fdbacd5f8a3c626171be8d4df27b2ac5.tar.bz2 openssl-975084c3fdbacd5f8a3c626171be8d4df27b2ac5.zip |
Imported Upstream version 1.0.1fupstream/1.0.1f
Diffstat (limited to 'ssl/s23_clnt.c')
-rw-r--r-- | ssl/s23_clnt.c | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 47673e7..84670b6 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -269,12 +269,35 @@ static int ssl23_no_ssl2_ciphers(SSL *s) return 1; } +/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 + * on failure, 1 on success. */ +int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) + { + int send_time = 0; + + if (len < 4) + return 0; + if (server) + send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; + else + send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; + if (send_time) + { + unsigned long Time = time(NULL); + unsigned char *p = result; + l2n(Time, p); + return RAND_pseudo_bytes(p, len-4); + } + else + return RAND_pseudo_bytes(result, len); + } + static int ssl23_client_hello(SSL *s) { unsigned char *buf; unsigned char *p,*d; int i,ch_len; - unsigned long Time,l; + unsigned long l; int ssl2_compat; int version = 0, version_major, version_minor; #ifndef OPENSSL_NO_COMP @@ -355,9 +378,7 @@ static int ssl23_client_hello(SSL *s) #endif p=s->s3->client_random; - Time=(unsigned long)time(NULL); /* Time */ - l2n(Time,p); - if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) + if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0) return -1; if (version == TLS1_2_VERSION) |