diff options
| author | Matt Caswell <matt@openssl.org> | 2015-06-25 14:12:25 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-07-31 20:30:35 +0100 |
| commit | e1e088ec7f2f33c4c4ad31312d62c536441d4358 (patch) | |
| tree | 1d7281cf2ebcbc34ac1d25ab98159622dfbdebd0 /ssl | |
| parent | 1a586b3942de1c0bd64203d09385d5e74f499d8d (diff) | |
Remove erroneous server_random filling
Commit e481f9b90b164 removed OPENSSL_NO_TLSEXT from the code.
Previously if OPENSSL_NO_TLSEXT *was not* defined then the server random was
filled during getting of the ClientHello. If it *was* defined then the
server random would be filled in ssl3_send_server_hello(). Unfortunately in
commit e481f9b90b164 the OPENSSL_NO_TLSEXT guards were removed but *both*
server random fillings were left in. This could cause problems for session
ticket callbacks.
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_srvr.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 72deedc0c5..718ca2c31b 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1580,19 +1580,16 @@ int ssl3_send_server_hello(SSL *s) if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { buf = (unsigned char *)s->init_buf->data; - p = s->s3->server_random; - if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) { - s->state = SSL_ST_ERR; - return -1; - } - /* Do the message type and length last */ d = p = ssl_handshake_start(s); *(p++) = s->version >> 8; *(p++) = s->version & 0xff; - /* Random stuff */ + /* + * Random stuff. Filling of the server_random takes place in + * ssl3_get_client_hello() + */ memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE); p += SSL3_RANDOM_SIZE; |