diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-12 19:43:30 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-12 19:43:30 +0100 |
commit | 01c02691cfe16ad8c46e1186048e32ca3d5dc44f (patch) | |
tree | 8166d9bd847412fdb7dd57414f49f1c81b631820 | |
parent | 0dc634395d61b72483c13a896fdb5e82bc84821e (diff) | |
download | gnutls-01c02691cfe16ad8c46e1186048e32ca3d5dc44f.tar.gz |
Added gnutls_handshake_set_server_random
-rw-r--r-- | lib/gnutls_handshake.c | 13 | ||||
-rw-r--r-- | lib/gnutls_int.h | 2 | ||||
-rw-r--r-- | lib/gnutls_state.c | 31 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 2 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 |
5 files changed, 47 insertions, 2 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index ddd80272d7..83d7b3d699 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -428,8 +428,17 @@ _gnutls_read_client_hello (gnutls_session_t session, uint8_t * data, _gnutls_set_client_random (session, &data[pos]); pos += GNUTLS_RANDOM_SIZE; - _gnutls_tls_create_random (rnd); - _gnutls_set_server_random (session, rnd); + if (session->internals.server_random_set != 0) + { + _gnutls_set_server_random (session, session->internals.resumed_security_parameters.server_random); + /* make sure it is used only once */ + session->internals.server_random_set = 0; + } + else + { + _gnutls_tls_create_random (rnd); + _gnutls_set_server_random (session, rnd); + } session->security_parameters.timestamp = gnutls_time (NULL); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index c03269cc70..4037436bea 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -951,6 +951,8 @@ typedef struct recv_state_t recv_state; /* state of the receive function */ + unsigned int server_random_set:1; + /* If you add anything here, check _gnutls_handshake_internal_state_clear(). */ } internals_st; diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 40a3ff0ec2..1145d6b4df 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -1426,3 +1426,34 @@ timespec_sub_ms (struct timespec *a, struct timespec *b) return (a->tv_sec * 1000 + a->tv_nsec / (1000 * 1000) - (b->tv_sec * 1000 + b->tv_nsec / (1000 * 1000))); } + +/** + * gnutls_handshake_set_server_random: + * @session: is a #gnutls_session_t structure. + * @random: a random value of 32-bytes + * + * This function will explicitly set the server hello random value + * in the subsequent TLS handshake. The random value should be + * a 32-byte value. + * + * Note that this function should not normally be used as gnutls + * will select automatically a random value for the handshake. + * + * This function should not be used when resuming a session. + * + * Returns: %GNUTLS_E_SUCCESS on success, or an error code. + * + * Since 3.1.9 + **/ +int +gnutls_handshake_set_server_random (gnutls_session_t session, gnutls_datum_t* random) +{ + if (random->size != GNUTLS_RANDOM_SIZE) + return GNUTLS_E_INVALID_REQUEST; + + session->internals.server_random_set = 1; + memcpy(session->internals.resumed_security_parameters.server_random, random->data, random->size); + + return 0; +} + diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 710d77ce25..1747946cbd 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -877,6 +877,8 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); */ void gnutls_handshake_set_private_extensions (gnutls_session_t session, int allow); + int gnutls_handshake_set_server_random (gnutls_session_t session, gnutls_datum_t* random); + gnutls_handshake_description_t gnutls_handshake_get_last_out (gnutls_session_t session); gnutls_handshake_description_t diff --git a/lib/libgnutls.map b/lib/libgnutls.map index bbc3ecaa94..36a893ccd5 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -886,6 +886,7 @@ GNUTLS_3_1_0 { gnutls_range_split; gnutls_record_send_range; gnutls_db_check_entry_time; + gnutls_handshake_set_server_random; xssl_deinit; xssl_flush; xssl_read; |