Commit fba7b84c authored by Matt Caswell's avatar Matt Caswell
Browse files

Swap back to using SSL3_RANDOM_SIZE instead of sizeof(clienthello.random) 



The size if fixed by the protocol and won't change even if
sizeof(clienthello.random) does.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 035b1e69

ssl/statem/statem_srvr.c

+9 −5
Original line number Diff line number Diff line
@@ -983,12 +983,16 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) 
        }

        clienthello.session_id_len = session_id_len;



        /* Load the client random and compression list. */

        challenge_len = challenge_len > sizeof(clienthello.random)

                        ? sizeof(clienthello.random) : challenge_len;

        memset(clienthello.random, 0, sizeof(clienthello.random));

        /* Load the client random and compression list. We use SSL3_RANDOM_SIZE

         * here rather than sizeof(clienthello.random) because that is the limit

         * for SSLv3 and it is fixed. It won't change even if

         * sizeof(clienthello.random) does.

         */

        challenge_len = challenge_len > SSL3_RANDOM_SIZE

                        ? SSL3_RANDOM_SIZE : challenge_len;

        memset(clienthello.random, 0, SSL3_RANDOM_SIZE);

        if (!PACKET_copy_bytes(&challenge,

                               clienthello.random + sizeof(clienthello.random) -

                               clienthello.random + SSL3_RANDOM_SIZE -

                               challenge_len, challenge_len)

            /* Advertise only null compression. */

            || !PACKET_buf_init(&compression, &null_compression, 1)) {