Reuse random when responding to a verify request

This commit is contained in:
Manuel Pégourié-Gonnard 2014-07-22 15:59:14 +02:00 committed by Paul Bakker
parent b760f001d7
commit fb2d22371f

View File

@ -455,6 +455,17 @@ static int ssl_generate_random( ssl_context *ssl )
time_t t; time_t t;
#endif #endif
/*
* When responding to a verify request, MUST reuse random (RFC 6347 4.2.1)
*/
#if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
ssl->handshake->verify_cookie != NULL )
{
return( 0 );
}
#endif
#if defined(POLARSSL_HAVE_TIME) #if defined(POLARSSL_HAVE_TIME)
t = time( NULL ); t = time( NULL );
*p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 24 );