From 982ac918afe6a1c02d5cf735d7b6c56443a048cc Mon Sep 17 00:00:00 2001
From: marha <marha@users.sourceforge.net>
Date: Fri, 7 Feb 2014 23:28:38 +0100
Subject: xkbcomp xkeyboard-config libxcb libxtrans fontconfig libX11 libxcb
 mesa xserver git update 7 Feb 2014

Update to openssl1.0.1f

xserver          commit 83e38eb73fd8c852513aac2da2975b4c01070ec2
libxcb           commit d7eb0bdf3b5b11ee9f40ee5e73df8fc0bdfa59f3
xkeyboard-config commit 7596672b96315465df8d8d691e3a567a52f70743
libX11           commit aacf95dacc7c598e7297894580d4d655593813b2
xkbcomp          commit 31b90ee4ffc774e0da540277907fc5540c0b012c
libxtrans        commit 3f0de269abe59353acbd7a5587d68ce0da91db67
fontconfig       commit e310d2fac2d874d5aa76c609df70cc7b871c0b6d
mesa             commit dd2229d4c68ed78a50104637aef904f8ab6d7dd3
---
 openssl/ssl/s3_srvr.c | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

(limited to 'openssl/ssl/s3_srvr.c')

diff --git a/openssl/ssl/s3_srvr.c b/openssl/ssl/s3_srvr.c
index bfb848054..52efed328 100644
--- a/openssl/ssl/s3_srvr.c
+++ b/openssl/ssl/s3_srvr.c
@@ -958,7 +958,8 @@ int ssl3_get_client_hello(SSL *s)
 	    (s->version != DTLS1_VERSION && s->client_version < s->version))
 		{
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
-		if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+		if ((s->client_version>>8) == SSL3_VERSION_MAJOR && 
+			!s->enc_write_ctx && !s->write_hash)
 			{
 			/* similar to ssl3_get_record, send alert using remote version number */
 			s->version = s->client_version;
@@ -1193,12 +1194,9 @@ int ssl3_get_client_hello(SSL *s)
 	 * server_random before calling tls_session_secret_cb in order to allow
 	 * SessionTicket processing to use it in key derivation. */
 	{
-		unsigned long Time;
 		unsigned char *pos;
-		Time=(unsigned long)time(NULL);			/* Time */
 		pos=s->s3->server_random;
-		l2n(Time,pos);
-		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
+		if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0)
 			{
 			al=SSL_AD_INTERNAL_ERROR;
 			goto f_err;
@@ -1435,19 +1433,13 @@ int ssl3_send_server_hello(SSL *s)
 	unsigned char *p,*d;
 	int i,sl;
 	unsigned long l;
-#ifdef OPENSSL_NO_TLSEXT
-	unsigned long Time;
-#endif
 
 	if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
 		{
 		buf=(unsigned char *)s->init_buf->data;
 #ifdef OPENSSL_NO_TLSEXT
 		p=s->s3->server_random;
-		/* Generate server_random if it was not needed previously */
-		Time=(unsigned long)time(NULL);			/* Time */
-		l2n(Time,p);
-		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+		if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
 			return -1;
 #endif
 		/* Do the message type and length last */
-- 
cgit v1.2.3