crypto/tls: do not send the current time in hello messages
This reduces the ability to fingerprint TLS connections.
The impeteus for this change was a recent change to OpenSSL
by Nick Mathewson:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2016265dfb
LGTM=agl
R=agl
CC=golang-codereviews
https://golang.org/cl/57230043
diff --git a/src/pkg/crypto/tls/handshake_server.go b/src/pkg/crypto/tls/handshake_server.go
index ceb032a..e441ccb 100644
--- a/src/pkg/crypto/tls/handshake_server.go
+++ b/src/pkg/crypto/tls/handshake_server.go
@@ -146,17 +146,12 @@
}
hs.hello.vers = c.vers
- t := uint32(config.time().Unix())
hs.hello.random = make([]byte, 32)
- hs.hello.random[0] = byte(t >> 24)
- hs.hello.random[1] = byte(t >> 16)
- hs.hello.random[2] = byte(t >> 8)
- hs.hello.random[3] = byte(t)
- hs.hello.secureRenegotiation = hs.clientHello.secureRenegotiation
- _, err = io.ReadFull(config.rand(), hs.hello.random[4:])
+ _, err = io.ReadFull(config.rand(), hs.hello.random)
if err != nil {
return false, c.sendAlert(alertInternalError)
}
+ hs.hello.secureRenegotiation = hs.clientHello.secureRenegotiation
hs.hello.compressionMethod = compressionNone
if len(hs.clientHello.serverName) > 0 {
c.serverName = hs.clientHello.serverName
