From 2583270191a8b27eed303c03ece1da97b9b69fd3 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 9 Oct 2013 10:37:53 -0400 Subject: [PATCH] Control sending time with SSL_SEND_{CLIENT,SERVER}RANDOM_MODE (I'd rather use an option, but it appears that the options field is full.) Now, we send the time in the gmt_unix_time field if the appropriate one of these mode options is set, but randomize the field if the flag is not set. --- ssl/s23_clnt.c | 17 ++++++++++++++++- ssl/ssl.h | 6 ++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 01e492adfb..65d2c26ad2 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -273,7 +273,22 @@ static int ssl23_no_ssl2_ciphers(SSL *s) * on failure, 1 on success. */ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) { - return RAND_pseudo_bytes(result, len); + int send_time = 0; + if (len < 4) + return 0; + if (server) + send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; + else + send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; + if (send_time) + { + unsigned long Time = time(NULL); + unsigned char *p = result; + l2n(Time, p); + return RAND_pseudo_bytes(p, len-4); + } + else + return RAND_pseudo_bytes(result, len); } static int ssl23_client_hello(SSL *s) diff --git a/ssl/ssl.h b/ssl/ssl.h index 593579ed36..ae852bf011 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -641,6 +641,12 @@ struct ssl_session_st * TLS only.) "Released" buffers are put onto a free-list in the context * or just freed (depending on the context's setting for freelist_max_len). */ #define SSL_MODE_RELEASE_BUFFERS 0x00000010L +/* Send the current time in the Random fields of the ClientHello and + * ServerHello records for compatibility with hypothetical implementations + * that require it. + */ +#define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L +#define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, * they cannot be used to clear bits. */ -- 2.25.1