Do not generate new random number while receiving HRR

Signed-off-by: BensonLiou <momo1208@gmail.com>
2025-05-09 16:41:19 +08:00 · 2024-01-11 15:28:17 +08:00 · 2024-01-11 15:28:17 +08:00 · 35178fe7ec
commit 35178fe7ec
parent f149cd1a3a
1 changed files with 9 additions and 4 deletions
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@ -795,6 +795,10 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||
        (ssl->handshake->cookie == NULL))
+#endif
+    {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if (ssl->handshake->hello_retry_request_count == 0)
 #endif
        {
            ret = ssl_generate_random(ssl);
@ -803,6 +807,7 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)
                return ret;
            }
        }
+    }

    /*
     * Prepare session identifier. At that point, the length of the session