http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2016265dfbab162ec30718b5e7480add42598158

Don't know the full story, but it looks like a "can't do random perfectly, so do it god awful" problem was found in 2013, and replaced with "only do it badly if a flag is set". New flags (SSL_MODE_SEND_SERVERHELLO_TIME and SSL_MODE_SEND_SERVERHELLO_TIME) were added [Ben Laurie?] to support the old scheme of "use time_t for first 4 bytes of the random buffer". Nothing uses these flags [ecosystem scan by sthen] Fully discourage use of these flags in the future by removing support & definition of them. The buflen < 4 check is also interesting, because no entropy would be returned. No callers passed such small buffers. ok miod sthen
author: deraadt <> 2014-06-07 22:23:12 +0000
committer: deraadt <> 2014-06-07 22:23:12 +0000
commit: de48c77a08514ed654e05e710444452ffab6d0aa (patch)
tree: 974be678316c95805c95e61416f75191d5b20bbe /src/lib/libssl/d1_srvr.c
parent: ffcbdf8a3fda87b9b0d60403b8bda401683595e1 (diff)
download: openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.tar.gz
openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.tar.bz2
openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 24f0a2e86e..a118e8e82f 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -909,7 +909,8 @@ dtls1_send_server_hello(SSL *s)
        if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
                buf = (unsigned char *)s->init_buf->data;
                p = s->s3->server_random;
-                ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
+                RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE);
                /* Do the message type and length last */
                d = p= &(buf[DTLS1_HM_HEADER_LENGTH]);
author	deraadt <>	2014-06-07 22:23:12 +0000
committer	deraadt <>	2014-06-07 22:23:12 +0000
commit	de48c77a08514ed654e05e710444452ffab6d0aa (patch)
tree	974be678316c95805c95e61416f75191d5b20bbe /src/lib/libssl/d1_srvr.c
parent	ffcbdf8a3fda87b9b0d60403b8bda401683595e1 (diff)
download	openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.tar.gz openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.tar.bz2 openbsd-de48c77a08514ed654e05e710444452ffab6d0aa.zip

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 24f0a2e86e..a118e8e82f 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -909,7 +909,8 @@ dtls1_send_server_hello(SSL *s)
909	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {	909	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
910	buf = (unsigned char *)s->init_buf->data;	910	buf = (unsigned char *)s->init_buf->data;
911	p = s->s3->server_random;	911	p = s->s3->server_random;
912	ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);	912	RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE);
		913
913	/* Do the message type and length last */	914	/* Do the message type and length last */
914	d = p= &(buf[DTLS1_HM_HEADER_LENGTH]);	915	d = p= &(buf[DTLS1_HM_HEADER_LENGTH]);
915		916