Merge pull request #8697 from BensonLiou/random_bye_on_hrr

Do not generate new random number while receiving HRR
2025-07-30 22:43:08 +03:00 · 2024-03-14 15:59:21 +00:00
parent 50da462fc8 93b305dc8e
commit 1c5ebf4352
3 changed files with 21 additions and 5 deletions
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@ -792,10 +792,15 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)
        (ssl->handshake->cookie == NULL))
 #endif
    {
-        ret = ssl_generate_random(ssl);
-        if (ret != 0) {
-            MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
-            return ret;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if (!ssl->handshake->hello_retry_request_flag)
+#endif
+        {
+            ret = ssl_generate_random(ssl);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
+                return ret;
+            }
        }
    }