diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-06-03 20:04:46 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2014-07-30 00:05:47 +0200 |
commit | 8dfd22089cac13f718815eb60581ad392b7f106e (patch) | |
tree | c03f2cb748342b44dda4b0b99df3a3d6f5f50492 /lib/vtls/nss.c | |
parent | 37faf55e170ecaa06846d0c9a1a37b6bed39ae57 (diff) |
vtls: make the random function mandatory in the TLS backend
To force each backend implementation to really attempt to provide proper
random. If a proper random function is missing, then we can explicitly
make use of the default one we use when TLS support is missing.
This commit makes sure it works for darwinssl, gnutls, nss and openssl.
Diffstat (limited to 'lib/vtls/nss.c')
-rw-r--r-- | lib/vtls/nss.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index b2d7f6f9f..83b3e3237 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1913,16 +1913,19 @@ int Curl_nss_seed(struct SessionHandle *data) return !!Curl_nss_force_init(data); } -void Curl_nss_random(struct SessionHandle *data, - unsigned char *entropy, - size_t length) +/* data might be NULL */ +int Curl_nss_random(struct SessionHandle *data, + unsigned char *entropy, + size_t length) { - Curl_nss_seed(data); /* Initiate the seed if not already done */ + if(data) + Curl_nss_seed(data); /* Initiate the seed if not already done */ if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length))) { /* no way to signal a failure from here, we have to abort */ failf(data, "PK11_GenerateRandom() failed, calling abort()..."); abort(); } + return 0; } void Curl_nss_md5sum(unsigned char *tmp, /* input */ |