1 files changed, 37 insertions, 27 deletions

diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp
index b08e1abe2..056a7550f 100644
--- a/src/tls/c_hello.cpp
+++ b/src/tls/c_hello.cpp
@@ -11,19 +11,20 @@
 #include <botan/internal/tls_extensions.h>
 #include <botan/tls_record.h>
 #include <botan/internal/stl_util.h>
-#include <chrono>
+#include <botan/time.h>
 
 namespace Botan {
 
 namespace TLS {
 
+enum {
+   TLS_EMPTY_RENEGOTIATION_INFO_SCSV        = 0x00FF
+};
+
 MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng)
    {
    MemoryVector<byte> buf(32);
-
-   const u32bit time32 = static_cast<u32bit>(
-      std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
-
+   const u32bit time32 = system_time();
    store_be(time32, buf);
    rng.randomize(&buf[4], buf.size() - 4);
    return buf;
@@ -67,7 +68,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
                            const std::string& srp_identifier) :
    m_version(policy.pref_version()),
    m_random(make_hello_random(rng)),
-   m_suites(policy.ciphersuite_list((srp_identifier != ""))),
+   m_suites(ciphersuite_list(policy, (srp_identifier != ""))),
    m_comp_methods(policy.compression()),
    m_hostname(hostname),
    m_srp_identifier(srp_identifier),
@@ -76,7 +77,9 @@ Client_Hello::Client_Hello(Record_Writer& writer,
    m_secure_renegotiation(true),
    m_renegotiation_info(reneg_info),
    m_supported_curves(policy.allowed_ecc_curves()),
-   m_supports_session_ticket(true)
+   m_supports_session_ticket(true),
+   m_supports_heartbeats(true),
+   m_peer_can_send_heartbeats(true)
    {
    std::vector<std::string> hashes = policy.allowed_hashes();
    std::vector<std::string> sigs = policy.allowed_signature_methods();
@@ -95,21 +98,25 @@ Client_Hello::Client_Hello(Record_Writer& writer,
                            Handshake_Hash& hash,
                            const Policy& policy,
                            RandomNumberGenerator& rng,
+                           const MemoryRegion<byte>& reneg_info,
                            const Session& session,
                            bool next_protocol) :
    m_version(session.version()),
    m_session_id(session.session_id()),
    m_random(make_hello_random(rng)),
-   m_suites(policy.ciphersuite_list(session.srp_identifier() != "")),
+   m_suites(ciphersuite_list(policy, (session.srp_identifier() != ""))),
    m_comp_methods(policy.compression()),
    m_hostname(session.sni_hostname()),
    m_srp_identifier(session.srp_identifier()),
    m_next_protocol(next_protocol),
    m_fragment_size(session.fragment_size()),
    m_secure_renegotiation(session.secure_renegotiation()),
+   m_renegotiation_info(reneg_info),
    m_supported_curves(policy.allowed_ecc_curves()),
    m_supports_session_ticket(true),
-   m_session_ticket(session.session_ticket())
+   m_session_ticket(session.session_ticket()),
+   m_supports_heartbeats(true),
+   m_peer_can_send_heartbeats(true)
    {
    if(!value_exists(m_suites, session.ciphersuite_code()))
       m_suites.push_back(session.ciphersuite_code());
@@ -135,6 +142,8 @@ Client_Hello::Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type)
    m_next_protocol = false;
    m_secure_renegotiation = false;
    m_supports_session_ticket = false;
+   m_supports_heartbeats = false;
+   m_peer_can_send_heartbeats = false;
    m_fragment_size = 0;
 
    if(type == CLIENT_HELLO)
@@ -167,28 +176,23 @@ MemoryVector<byte> Client_Hello::serialize() const
 
    Extensions extensions;
 
-   // Initial handshake
-   if(m_renegotiation_info.empty())
-      {
+   if(m_secure_renegotiation)
       extensions.add(new Renegotation_Extension(m_renegotiation_info));
-      extensions.add(new Server_Name_Indicator(m_hostname));
-      extensions.add(new SRP_Identifier(m_srp_identifier));
-      extensions.add(new Supported_Elliptic_Curves(m_supported_curves));
 
-      if(m_version >= Protocol_Version::TLS_V12)
-         extensions.add(new Signature_Algorithms(m_supported_algos));
+   extensions.add(new Session_Ticket(m_session_ticket));
 
-      if(m_next_protocol)
-         extensions.add(new Next_Protocol_Notification());
+   extensions.add(new Server_Name_Indicator(m_hostname));
+   extensions.add(new SRP_Identifier(m_srp_identifier));
 
-      extensions.add(new Session_Ticket(m_session_ticket));
-      }
-   else
-      {
-      // renegotiation
-      extensions.add(new Renegotation_Extension(m_renegotiation_info));
-      extensions.add(new Session_Ticket(m_session_ticket));
-      }
+   extensions.add(new Supported_Elliptic_Curves(m_supported_curves));
+
+   if(m_version >= Protocol_Version::TLS_V12)
+      extensions.add(new Signature_Algorithms(m_supported_algos));
+
+   extensions.add(new Heartbeat_Support_Indicator(true));
+
+   if(m_renegotiation_info.empty() && m_next_protocol)
+      extensions.add(new Next_Protocol_Notification());
 
    buf += extensions.serialize();
 
@@ -337,6 +341,12 @@ void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
       m_session_ticket = ticket->contents();
       }
 
+   if(Heartbeat_Support_Indicator* hb = extensions.get<Heartbeat_Support_Indicator>())
+      {
+      m_supports_heartbeats = true;
+      m_peer_can_send_heartbeats = hb->peer_allowed_to_send();
+      }
+
    if(Renegotation_Extension* reneg = extensions.get<Renegotation_Extension>())
       {
       // checked by TLS_Client / TLS_Server as they know the handshake state