summaryrefslogtreecommitdiffstats
path: root/lib/libssl/tls13_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/tls13_client.c')
-rw-r--r--lib/libssl/tls13_client.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index 078730111ac..82fc50ed9e3 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.46 2020/03/10 17:23:25 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.47 2020/04/06 16:28:38 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -177,9 +177,12 @@ tls13_client_hello_build(struct tls13_ctx *ctx, CBB *cbb)
goto err;
/* Either 32-random bytes or zero length... */
- arc4random_buf(ctx->hs->legacy_session_id,
- sizeof(ctx->hs->legacy_session_id));
- ctx->hs->legacy_session_id_len = sizeof(ctx->hs->legacy_session_id);
+ if (ctx->hs->max_version >= TLS1_3_VERSION) {
+ arc4random_buf(ctx->hs->legacy_session_id,
+ sizeof(ctx->hs->legacy_session_id));
+ ctx->hs->legacy_session_id_len =
+ sizeof(ctx->hs->legacy_session_id);
+ }
if (!CBB_add_u8_length_prefixed(cbb, &session_id))
goto err;
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.