From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Sun, 8 Oct 2017 14:37:01 +0000 (+0900)
Subject: Don't change client random in Client Hello in its second flight
X-Git-Tag: OpenSSL_1_1_1-pre1~581
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=751b26b13256b9918bdb7f833fb7d701f115ab2e;p=oweals%2Fopenssl.git

Don't change client random in Client Hello in its second flight

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4490)
---

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 2ad33f2e7c..88c0889023 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1035,8 +1035,9 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
                 break;
             }
         }
-    } else
-        i = 1;
+    } else {
+        i = s->hello_retry_request == 0;
+    }
 
     if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random),
                                    DOWNGRADE_NONE) <= 0)