Followup on RT3334 fix: make sure that a directory that's the empty

[openssl.git] / ssl / s23_clnt.c

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 47673e740abeacc3e276756f6ab1d7d62b5ec408..2b93c639dd25402c905e70956c8599e0569b237b 100644 (file)
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -269,12 +269,35 @@ static int ssl23_no_ssl2_ciphers(SSL *s)
        return 1;
        }
 
+/* Fill a ClientRandom or ServerRandom field of length len. Returns <= 0
+ * on failure, 1 on success. */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+       {
+       int send_time = 0;
+
+       if (len < 4)
+               return 0;
+       if (server)
+               send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
+       else
+               send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
+       if (send_time)
+               {
+               unsigned long Time = (unsigned long)time(NULL);
+               unsigned char *p = result;
+               l2n(Time, p);
+               return RAND_pseudo_bytes(p, len-4);
+               }
+       else
+               return RAND_pseudo_bytes(result, len);
+       }
+
 static int ssl23_client_hello(SSL *s)
        {
        unsigned char *buf;
        unsigned char *p,*d;
        int i,ch_len;
-       unsigned long Time,l;
+       unsigned long l;
        int ssl2_compat;
        int version = 0, version_major, version_minor;
 #ifndef OPENSSL_NO_COMP
@@ -355,9 +378,7 @@ static int ssl23_client_hello(SSL *s)
 #endif
 
                p=s->s3->client_random;
-               Time=(unsigned long)time(NULL);         /* Time */
-               l2n(Time,p);
-               if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+               if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
                        return -1;
 
                if (version == TLS1_2_VERSION)