[tor-commits] [tor-browser/tor-browser-17.0.9esr-1] Disable timestamps in TLS handshake.

[mikeperry at torproject.org]

commit a7bd3d31373e1dd14eb67166ef4e1829efc904de
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Tue Sep 17 14:55:09 2013 -0700

    Disable timestamps in TLS handshake.
    
    Only useful for linkability anyway.
---
 security/nss/lib/ssl/ssl3con.c |   10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index bc63013..6633006 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -781,16 +781,10 @@ ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion,
 static SECStatus
 ssl3_GetNewRandom(SSL3Random *random)
 {
-    PRUint32 gmt = ssl_Time();
     SECStatus rv;
 
-    random->rand[0] = (unsigned char)(gmt >> 24);
-    random->rand[1] = (unsigned char)(gmt >> 16);
-    random->rand[2] = (unsigned char)(gmt >>  8);
-    random->rand[3] = (unsigned char)(gmt);
-
-    /* first 4 bytes are reserverd for time */
-    rv = PK11_GenerateRandom(&random->rand[4], SSL3_RANDOM_LENGTH - 4);
+    /* Timestamps? We don't need no stinking timestamps. */
+    rv = PK11_GenerateRandom(random->rand, SSL3_RANDOM_LENGTH);
     if (rv != SECSuccess) {
 	ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
     }