Everytime a new handshake is initialized the value s->s3-
>client_random gets filled with random numbers for the ClientHello.
The value has to be reused if the ClientHello has to be repeated
because the server sent a HelloVerifyRequest. In the function
dtls1_client_hello() is checked if client_random is still zero or
already set to decide whether new random numbers have to be generated.
In the state SSL3_ST_CW_FINISHED_A the client_random is overwritten
with zeros to indicate that the next time a ClientHello is sent new
random values have to be generated. This is not only redundant with
the memset call at the beginning of the handshake in state
SSL_ST_CONNECT, it also prevents to use the value after the handshake
is done. So the redundant memset call should be removed. This is
important for the TLS key material extractor feature which relies on
the client_random value.
--- ssl/d1_clnt.c 2008-06-04 20:35:25.000000000 +0200
+++ ssl/d1_clnt.c 2009-01-22 16:54:27.000000000 +0100
@@ -426,8 +426,6 @@
s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
}
s->init_num=0;
- /* mark client_random uninitialized */
- memset
(s->s3->client_random,0,sizeof(s->s3->client_random));
break;
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
