diff options
Diffstat (limited to 'src/ssl')
-rw-r--r-- | src/ssl/tls_client.cpp | 4 | ||||
-rw-r--r-- | src/ssl/tls_server.cpp | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp index bb00886b4..8a4275d93 100644 --- a/src/ssl/tls_client.cpp +++ b/src/ssl/tls_client.cpp @@ -363,6 +363,8 @@ void TLS_Client::read_handshake(byte rec_type, void TLS_Client::process_handshake_msg(Handshake_Type type, const MemoryRegion<byte>& contents) { + rng.add_entropy(&contents[0], contents.size()); + if(type == HELLO_REQUEST) { if(state == 0) @@ -405,8 +407,6 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, state->version = state->server_hello->version(); - rng.add_entropy_vec(state->server_hello->random()); - if(state->version > state->client_hello->version()) throw TLS_Exception(HANDSHAKE_FAILURE, "TLS_Client: Server replied with bad version"); diff --git a/src/ssl/tls_server.cpp b/src/ssl/tls_server.cpp index a6e1a8758..a4cfcf7de 100644 --- a/src/ssl/tls_server.cpp +++ b/src/ssl/tls_server.cpp @@ -325,6 +325,8 @@ void TLS_Server::read_handshake(byte rec_type, void TLS_Server::process_handshake_msg(Handshake_Type type, const MemoryRegion<byte>& contents) { + rng.add_entropy(&contents[0], contents.size()); + if(state == 0) throw Unexpected_Message("Unexpected handshake message"); @@ -348,8 +350,6 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, state->client_hello = new Client_Hello(contents, type); - rng.add_entropy_vec(state->client_hello->random()); - client_requested_hostname = state->client_hello->hostname(); state->version = choose_version(state->client_hello->version(), |