Skip to content

Commit

Permalink
tls: use OpenSSL constant for client random size
Browse files Browse the repository at this point in the history
Avoid magic numbers in the code and use an OpenSSL constant instead.

PR-URL: #44305
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
  • Loading branch information
tniessen authored and RafaelGSS committed Sep 5, 2022
1 parent 30da2b4 commit 7039916
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions src/crypto/crypto_common.cc
Original file line number Diff line number Diff line change
Expand Up @@ -71,16 +71,19 @@ void LogSecret(
const unsigned char* secret,
size_t secretlen) {
auto keylog_cb = SSL_CTX_get_keylog_callback(SSL_get_SSL_CTX(ssl.get()));
unsigned char crandom[32];
// All supported versions of TLS/SSL fix the client random to the same size.
constexpr size_t kTlsClientRandomSize = SSL3_RANDOM_SIZE;
unsigned char crandom[kTlsClientRandomSize];

if (keylog_cb == nullptr ||
SSL_get_client_random(ssl.get(), crandom, 32) != 32) {
SSL_get_client_random(ssl.get(), crandom, kTlsClientRandomSize) !=
kTlsClientRandomSize) {
return;
}

std::string line = name;
line += " " + StringBytes::hex_encode(
reinterpret_cast<const char*>(crandom), 32);
line += " " + StringBytes::hex_encode(reinterpret_cast<const char*>(crandom),
kTlsClientRandomSize);
line += " " + StringBytes::hex_encode(
reinterpret_cast<const char*>(secret), secretlen);
keylog_cb(ssl.get(), line.c_str());
Expand Down

0 comments on commit 7039916

Please sign in to comment.