PR: 2778(part)
authorDr. Stephen Henson <steve@openssl.org>
Sat, 31 Mar 2012 18:02:35 +0000 (18:02 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 31 Mar 2012 18:02:35 +0000 (18:02 +0000)
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Time is always encoded as 4 bytes, not sizeof(Time).

ssl/d1_srvr.c

index 17cc0227511d16d54c77fbe30bfc2fd8fc01c040..41fac4c688699be549c2b69ac7ed9b3aeb632d9b 100644 (file)
@@ -771,7 +771,7 @@ int dtls1_send_server_hello(SSL *s)
                p=s->s3->server_random;
                Time=(unsigned long)time(NULL);                 /* Time */
                l2n(Time,p);
-               RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+               RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
                /* Do the message type and length last */
                d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);