]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Added gnutls_handshake_set_server_random
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Tue, 12 Feb 2013 18:43:30 +0000 (19:43 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Tue, 12 Feb 2013 18:43:30 +0000 (19:43 +0100)
lib/gnutls_handshake.c
lib/gnutls_int.h
lib/gnutls_state.c
lib/includes/gnutls/gnutls.h.in
lib/libgnutls.map

index ddd80272d785f36263853bd2985a450fd882b798..83d7b3d69997ad02b65147867e86e4e064e814fe 100644 (file)
@@ -428,8 +428,17 @@ _gnutls_read_client_hello (gnutls_session_t session, uint8_t * data,
   _gnutls_set_client_random (session, &data[pos]);
   pos += GNUTLS_RANDOM_SIZE;
 
-  _gnutls_tls_create_random (rnd);
-  _gnutls_set_server_random (session, rnd);
+  if (session->internals.server_random_set != 0) 
+    {
+      _gnutls_set_server_random (session, session->internals.resumed_security_parameters.server_random);
+      /* make sure it is used only once */
+      session->internals.server_random_set = 0;
+    }
+  else
+    {
+      _gnutls_tls_create_random (rnd);
+      _gnutls_set_server_random (session, rnd);
+    } 
 
   session->security_parameters.timestamp = gnutls_time (NULL);
 
index c03269cc70dc41e916f594f69291fb086cb8c9f0..4037436bea2642141283e2b7284f8c6fb83b8285 100644 (file)
@@ -951,6 +951,8 @@ typedef struct
   
   recv_state_t recv_state; /* state of the receive function */
   
+  unsigned int server_random_set:1;
+  
   /* If you add anything here, check _gnutls_handshake_internal_state_clear().
    */
 } internals_st;
index 40a3ff0ec2cf9494932f20a97e4a36281bc0948d..1145d6b4df0dfe832156c26be732c797e1b77354 100644 (file)
@@ -1426,3 +1426,34 @@ timespec_sub_ms (struct timespec *a, struct timespec *b)
   return (a->tv_sec * 1000 + a->tv_nsec / (1000 * 1000) -
           (b->tv_sec * 1000 + b->tv_nsec / (1000 * 1000)));
 }
+
+/**
+ * gnutls_handshake_set_server_random:
+ * @session: is a #gnutls_session_t structure.
+ * @random: a random value of 32-bytes
+ *
+ * This function will explicitly set the server hello random value
+ * in the subsequent TLS handshake. The random value should be
+ * a 32-byte value.
+ *
+ * Note that this function should not normally be used as gnutls
+ * will select automatically a random value for the handshake.
+ *
+ * This function should not be used when resuming a session.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since 3.1.9
+ **/
+int
+gnutls_handshake_set_server_random (gnutls_session_t session, gnutls_datum_t* random)
+{
+  if (random->size != GNUTLS_RANDOM_SIZE)
+    return GNUTLS_E_INVALID_REQUEST;
+  
+  session->internals.server_random_set = 1;
+  memcpy(session->internals.resumed_security_parameters.server_random, random->data, random->size);
+
+  return 0;
+}
+
index 710d77ce251be2ec173c20bf05be79b28eb57b2d..1747946cbd6d59beedab6822d199e9a8d09fcb6a 100644 (file)
@@ -877,6 +877,8 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session);
  */
   void gnutls_handshake_set_private_extensions (gnutls_session_t session,
                                                 int allow);
+  int gnutls_handshake_set_server_random (gnutls_session_t session, gnutls_datum_t* random);
+
     gnutls_handshake_description_t
     gnutls_handshake_get_last_out (gnutls_session_t session);
     gnutls_handshake_description_t
index bbc3ecaa945618b869f342cee7aa907a3d03f6c4..36a893ccd58d3a4599d8eac0a51ead6c62713ed9 100644 (file)
@@ -886,6 +886,7 @@ GNUTLS_3_1_0 {
        gnutls_range_split;
        gnutls_record_send_range;
        gnutls_db_check_entry_time;
+       gnutls_handshake_set_server_random;
        xssl_deinit;
        xssl_flush;
        xssl_read;