[tls] Remove current time from client random bytes

TLS versions 1.2 and earlier define a 4-byte gmt_unix_time field as
part of the 32-byte ClientHello random data block, as a (minimal) form
of protection against a broken random number generator.  iPXE has
never set this field to a correct value.  Early versions had only
relative timers and so set this field to zero.  Commit 5da7123 ("[tls]
Include current time within the client random bytes") did set this
field to the current time, but neglected to use the correct byte
ordering.

TLS version 1.3 (defined in RFC 8446) omits the gmt_unix_time field
completely and just defines the whole 32-byte value as random data.

Simplify the code by using the approach defined in RFC 8446.

Modified-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/include/ipxe/tls.h

@@ -309,10 +309,8 @@ struct tls_signature_hash_algorithm {
 
 /** TLS client random data */
 struct tls_client_random {
-	/** GMT Unix time */
-	uint32_t gmt_unix_time;
 	/** Random data */
-	uint8_t random[28];
+	uint8_t random[32];
 } __attribute__ (( packed ));
 
 /** An MD5+SHA1 context */

src/net/tls.c

@@ -30,7 +30,6 @@ FILE_SECBOOT ( PERMITTED );
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>
-#include <time.h>
 #include <errno.h>
 #include <byteswap.h>
 #include <ipxe/pending.h>
@@ -3986,7 +3985,6 @@ int add_tls ( struct interface *xfer, const char *name,
 	tls_clear_cipher ( tls, &tls->rx.cipherspec.active );
 	tls_clear_cipher ( tls, &tls->rx.cipherspec.pending );
 	tls_clear_handshake ( tls );
-	tls->client.random.gmt_unix_time = time ( NULL );
 	iob_populate ( &tls->rx.iobuf, &tls->rx.header, 0,
 		       sizeof ( tls->rx.header ) );
 	INIT_LIST_HEAD ( &tls->rx.data );