handshake: treat reply to HRR as a reply to hello verify request

That is, re-use the client random value on the client hello which
is a reply to a hello retry request.

Relates #299

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/handshake.c b/lib/handshake.c
index d12e80e676ca2a2be261559caa05ff8d5f82a864..3746296d44dc72defa54ae2c0dde4f70ab4aa890 100644 (file)
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -1868,9 +1868,8 @@ static int send_client_hello(gnutls_session_t session, int again)
 
                /* Generate random data 
                 */
-               if (!IS_DTLS(session)
-                   || session->internals.dtls.hsk_hello_verify_requests ==
-                   0) {
+               if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
+                   !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) {
                        ret = _gnutls_gen_client_random(session);
                        if (ret < 0)
                                return gnutls_assert_val(ret);