[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Fri Jul 31 19:34:02 UTC 2015
The branch master has been updated
via e1e088ec7f2f33c4c4ad31312d62c536441d4358 (commit)
from 1a586b3942de1c0bd64203d09385d5e74f499d8d (commit)
- Log -----------------------------------------------------------------
commit e1e088ec7f2f33c4c4ad31312d62c536441d4358
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jun 25 14:12:25 2015 +0100
Remove erroneous server_random filling
Commit e481f9b90b164 removed OPENSSL_NO_TLSEXT from the code.
Previously if OPENSSL_NO_TLSEXT *was not* defined then the server random was
filled during getting of the ClientHello. If it *was* defined then the
server random would be filled in ssl3_send_server_hello(). Unfortunately in
commit e481f9b90b164 the OPENSSL_NO_TLSEXT guards were removed but *both*
server random fillings were left in. This could cause problems for session
ticket callbacks.
Reviewed-by: Stephen Henson <steve at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_srvr.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 72deedc..718ca2c 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1580,19 +1580,16 @@ int ssl3_send_server_hello(SSL *s)
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
buf = (unsigned char *)s->init_buf->data;
- p = s->s3->server_random;
- if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
- s->state = SSL_ST_ERR;
- return -1;
- }
-
/* Do the message type and length last */
d = p = ssl_handshake_start(s);
*(p++) = s->version >> 8;
*(p++) = s->version & 0xff;
- /* Random stuff */
+ /*
+ * Random stuff. Filling of the server_random takes place in
+ * ssl3_get_client_hello()
+ */
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
p += SSL3_RANDOM_SIZE;
More information about the openssl-commits
mailing list