summaryrefslogtreecommitdiffstats
path: root/ssl/s3_srvr.c
diff options
context:
space:
mode:
authorjkim <jkim@FreeBSD.org>2014-01-22 19:27:13 +0000
committerjkim <jkim@FreeBSD.org>2014-01-22 19:27:13 +0000
commita268cbece5d2525d61465ee0e4a2fcaf0134281f (patch)
tree916b5f4a06b1f51b6af3e4437ab74e3d27e9cdd9 /ssl/s3_srvr.c
parentb9c1fb3406de31e64b6dc3d3b194b295c623f0a6 (diff)
downloadFreeBSD-src-a268cbece5d2525d61465ee0e4a2fcaf0134281f.zip
FreeBSD-src-a268cbece5d2525d61465ee0e4a2fcaf0134281f.tar.gz
Import OpenSSL 1.0.1f.
Approved by: so (delphij), benl (silence)
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r--ssl/s3_srvr.c16
1 files changed, 4 insertions, 12 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index bfb8480..52efed3 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -958,7 +958,8 @@ int ssl3_get_client_hello(SSL *s)
(s->version != DTLS1_VERSION && s->client_version < s->version))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
- if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+ if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
+ !s->enc_write_ctx && !s->write_hash)
{
/* similar to ssl3_get_record, send alert using remote version number */
s->version = s->client_version;
@@ -1193,12 +1194,9 @@ int ssl3_get_client_hello(SSL *s)
* server_random before calling tls_session_secret_cb in order to allow
* SessionTicket processing to use it in key derivation. */
{
- unsigned long Time;
unsigned char *pos;
- Time=(unsigned long)time(NULL); /* Time */
pos=s->s3->server_random;
- l2n(Time,pos);
- if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
+ if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0)
{
al=SSL_AD_INTERNAL_ERROR;
goto f_err;
@@ -1435,19 +1433,13 @@ int ssl3_send_server_hello(SSL *s)
unsigned char *p,*d;
int i,sl;
unsigned long l;
-#ifdef OPENSSL_NO_TLSEXT
- unsigned long Time;
-#endif
if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
{
buf=(unsigned char *)s->init_buf->data;
#ifdef OPENSSL_NO_TLSEXT
p=s->s3->server_random;
- /* Generate server_random if it was not needed previously */
- Time=(unsigned long)time(NULL); /* Time */
- l2n(Time,p);
- if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+ if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
return -1;
#endif
/* Do the message type and length last */
OpenPOWER on IntegriCloud