SSL now gracefully handles missing RNG
diff --git a/library/error.c b/library/error.c
index 9d76f19..6ef104d 100644
--- a/library/error.c
+++ b/library/error.c
@@ -358,8 +358,8 @@
snprintf( buf, buflen, "SSL - An unknown cipher was received" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) )
snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
- if( use_ret == -(POLARSSL_ERR_SSL_NO_SESSION_FOUND) )
- snprintf( buf, buflen, "SSL - No session to recover was found" );
+ if( use_ret == -(POLARSSL_ERR_SSL_NO_RNG) )
+ snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) )
snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) )
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0eaa531..3cde375 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -390,6 +390,12 @@
SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
+ if( ssl->f_rng == NULL )
+ {
+ SSL_DEBUG_MSG( 1, ( "no RNG provided") );
+ return( POLARSSL_ERR_SSL_NO_RNG );
+ }
+
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
{
ssl->major_ver = ssl->min_major_ver;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e44bf72..12ccb12 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1594,6 +1594,12 @@
SSL_DEBUG_MSG( 2, ( "=> write server hello" ) );
+ if( ssl->f_rng == NULL )
+ {
+ SSL_DEBUG_MSG( 1, ( "no RNG provided") );
+ return( POLARSSL_ERR_SSL_NO_RNG );
+ }
+
/*
* 0 . 0 handshake type
* 1 . 3 handshake length