diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 68cc0275d5..51125bdb69 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -525,6 +525,8 @@ int main( void ) (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ } +/* This is global so it can be easily accessed by callback functions */ +rng_context_t rng; /* * global options @@ -688,7 +690,7 @@ void sni_free( sni_entry *head ) * * Modifies the input string! This is not production quality! */ -sni_entry *sni_parse( char *sni_string, rng_context_t *p_rng ) +sni_entry *sni_parse( char *sni_string ) { sni_entry *cur = NULL, *new = NULL; char *p = sni_string; @@ -727,7 +729,7 @@ sni_entry *sni_parse( char *sni_string, rng_context_t *p_rng ) mbedtls_pk_init( new->key ); if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, p_rng ) != 0 ) + mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, &rng ) != 0 ) goto error; if( strcmp( ca_file, "-" ) != 0 ) @@ -1045,7 +1047,8 @@ static int ssl_async_start( mbedtls_ssl_context *ssl, for( slot = 0; slot < config_data->slots_used; slot++ ) { if( mbedtls_pk_check_pair( &cert->pk, - config_data->slots[slot].pk ) == 0 ) + config_data->slots[slot].pk, + rng_get, &rng ) == 0 ) break; } if( slot == config_data->slots_used ) @@ -1271,7 +1274,6 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #endif - rng_context_t rng; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; #if defined(MBEDTLS_TIMING_C) @@ -2371,7 +2373,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Setting up SNI information..." ); fflush( stdout ); - if( ( sni_info = sni_parse( opt.sni, &rng ) ) == NULL ) + if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) { mbedtls_printf( " failed\n" ); goto exit;