cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-24 05:00:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10042 from bjwtaylor/remove-ssl-conf

Browse Source 
Remove mbedtls_ssl_conf_rng()
This commit is contained in:
Manuel Pégourié-Gonnard 2025-03-27 14:05:42 +00:00 committed by GitHub
commit e57ea21a1c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
25 changed files with 24 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
include/mbedtls/ssl.h
View File

@ -1405,10 +1405,6 @@ struct mbedtls_ssl_config {
void(*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */
/** Callback for getting (pseudo-)random numbers */
int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
/** Callback to retrieve a session from the cache */
mbedtls_ssl_cache_get_t *MBEDTLS_PRIVATE(f_get_cache);
/** Callback to store a session into the cache */
@ -2060,17 +2056,6 @@ void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
void *p_vrfy);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
* \brief Set the random number generator callback
*
* \param conf SSL configuration
* \param f_rng RNG function (mandatory)
* \param p_rng RNG parameter
*/
void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
/**
* \brief Set the debug callback
*

11
library/ssl_client.c
View File

@ -725,9 +725,8 @@ static int ssl_generate_random(mbedtls_ssl_context *ssl)
#endif /* MBEDTLS_HAVE_TIME */
}
ret = ssl->conf->f_rng(ssl->conf->p_rng,
randbytes + gmt_unix_time_len,
MBEDTLS_CLIENT_HELLO_RANDOM_LEN - gmt_unix_time_len);
ret = psa_generate_random(randbytes + gmt_unix_time_len,
MBEDTLS_CLIENT_HELLO_RANDOM_LEN - gmt_unix_time_len);
return ret;
}
@ -867,9 +866,9 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)
if (session_id_len != session_negotiate->id_len) {
session_negotiate->id_len = session_id_len;
if (session_id_len > 0) {
ret = ssl->conf->f_rng(ssl->conf->p_rng,
session_negotiate->id,
session_id_len);
ret = psa_generate_random(session_negotiate->id,
session_id_len);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "creating session id failed", ret);
return ret;

4
library/ssl_misc.h
View File

@ -1721,9 +1721,7 @@ void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform);
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
mbedtls_ssl_transform *transform,
mbedtls_record *rec,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
mbedtls_record *rec);
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
mbedtls_ssl_transform *transform,

21
library/ssl_msg.c
View File

@ -801,9 +801,7 @@ static void ssl_build_record_nonce(unsigned char *dst_iv,
int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
mbedtls_ssl_transform *transform,
mbedtls_record *rec,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
mbedtls_record *rec)
{
mbedtls_ssl_mode_t ssl_mode;
int auth_done = 0;
@ -825,14 +823,6 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
((void) ssl);
#endif
/* The PRNG is used for dynamic IV generation that's used
* for CBC transformations in TLS 1.2. */
#if !(defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
defined(MBEDTLS_SSL_PROTO_TLS1_2))
((void) f_rng);
((void) p_rng);
#endif
MBEDTLS_SSL_DEBUG_MSG(2, ("=> encrypt buf"));
if (transform == NULL) {
@ -1140,10 +1130,6 @@ hmac_failed_etm_disabled:
* Prepend per-record IV for block cipher in TLS v1.2 as per
* Method 1 (6.2.3.2. in RFC4346 and RFC5246)
*/
if (f_rng == NULL) {
MBEDTLS_SSL_DEBUG_MSG(1, ("No PRNG provided to encrypt_record routine"));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
if (rec->data_offset < transform->ivlen) {
MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
@ -1153,7 +1139,7 @@ hmac_failed_etm_disabled:
/*
* Generate IV
*/
ret = f_rng(p_rng, transform->iv_enc, transform->ivlen);
ret = psa_generate_random(transform->iv_enc, transform->ivlen);
if (ret != 0) {
return ret;
}
@ -2725,8 +2711,7 @@ int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, int force_flush)
rec.cid_len = 0;
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec,
ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "ssl_encrypt_buf", ret);
return ret;
}

14
library/ssl_tls.c
View File

@ -1223,11 +1223,6 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl)
return ret;
}
if (ssl->conf->f_rng == NULL) {
MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
return MBEDTLS_ERR_SSL_NO_RNG;
}
/* Space for further checks */
return 0;
@ -1526,14 +1521,6 @@ void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
{
conf->f_rng = f_rng;
conf->p_rng = p_rng;
}
void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *, int, const char *),
void *p_dbg)
@ -4479,6 +4466,7 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl)
ssl->conf->f_async_cancel(ssl);
handshake->async_in_progress = 0;
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(PSA_WANT_ALG_SHA_256)

10
library/ssl_tls12_server.c
View File

@ -2133,14 +2133,14 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
(long long) t));
#else
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) {
if ((ret = psa_generate_random(p, 4)) != 0) {
return ret;
}
p += 4;
#endif /* MBEDTLS_HAVE_TIME */
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 20)) != 0) {
if ((ret = psa_generate_random(p, 20)) != 0) {
return ret;
}
p += 20;
@ -2166,7 +2166,7 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl)
} else
#endif
{
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 8)) != 0) {
if ((ret = psa_generate_random(p, 8)) != 0) {
return ret;
}
}
@ -2197,8 +2197,8 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl)
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
{
ssl->session_negotiate->id_len = n = 32;
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, ssl->session_negotiate->id,
n)) != 0) {
if ((ret = psa_generate_random(ssl->session_negotiate->id,
n)) != 0) {
return ret;
}
}

13
library/ssl_tls13_server.c
View File

@ -1996,9 +1996,9 @@ static int ssl_tls13_prepare_server_hello(mbedtls_ssl_context *ssl)
unsigned char *server_randbytes =
ssl->handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN;
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, server_randbytes,
MBEDTLS_SERVER_HELLO_RANDOM_LEN)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret);
if ((ret = psa_generate_random(server_randbytes,
MBEDTLS_SERVER_HELLO_RANDOM_LEN)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_random", ret);
return ret;
}
@ -3172,9 +3172,8 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
#endif
/* Generate ticket_age_add */
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,
(unsigned char *) &session->ticket_age_add,
sizeof(session->ticket_age_add)) != 0)) {
if ((ret = psa_generate_random((unsigned char *) &session->ticket_age_add,
sizeof(session->ticket_age_add)) != 0)) {
MBEDTLS_SSL_DEBUG_RET(1, "generate_ticket_age_add", ret);
return ret;
}
@ -3182,7 +3181,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
(unsigned int) session->ticket_age_add));
/* Generate ticket_nonce */
ret = ssl->conf->f_rng(ssl->conf->p_rng, ticket_nonce, ticket_nonce_size);
ret = psa_generate_random(ticket_nonce, ticket_nonce_size);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "generate_ticket_nonce", ret);
return ret;

3
programs/fuzz/fuzz_client.c
View File

@ -141,9 +141,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
//There may be other options to add :
// mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
srand(1);
mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
goto exit;
}

2
programs/fuzz/fuzz_dtlsclient.c
View File

@ -68,7 +68,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
srand(1);
if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
(const unsigned char *) pers, strlen(pers)) != 0) {
goto exit;
@ -85,7 +84,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
#endif
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
goto exit;

4
programs/fuzz/fuzz_dtlsserver.c
View File

@ -98,10 +98,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
goto exit;
}
srand(1);
mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {

3
programs/fuzz/fuzz_server.c
View File

@ -112,9 +112,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
goto exit;
}
srand(1);
mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {

1
programs/ssl/dtls_client.c
View File

@ -169,7 +169,6 @@ int main(int argc, char *argv[])
* Production code should set a proper ca chain and use REQUIRED. */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);

1
programs/ssl/dtls_server.c
View File

@ -200,7 +200,6 @@ int main(void)
goto exit;
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);

2
programs/ssl/mini_client.c
View File

@ -187,8 +187,6 @@ int main(void)
goto exit;
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk),
(const unsigned char *) psk_id, sizeof(psk_id) - 1);

1
programs/ssl/ssl_client1.c
View File

@ -150,7 +150,6 @@ int main(void)
* but makes interop easier in this simplified example */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {

1
programs/ssl/ssl_client2.c
View File

@ -1906,7 +1906,6 @@ usage:
#endif
#endif /* MBEDTLS_HAVE_TIME */
}
mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout);

1
programs/ssl/ssl_fork_server.c
View File

@ -160,7 +160,6 @@ int main(void)
goto exit;
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);

1
programs/ssl/ssl_mail_client.c
View File

@ -571,7 +571,6 @@ usage:
* but makes interop easier in this simplified example */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {

1
programs/ssl/ssl_pthread_server.c
View File

@ -401,7 +401,6 @@ int main(void)
goto exit;
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_mutexed_debug, stdout);
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if

1
programs/ssl/ssl_server.c
View File

@ -179,7 +179,6 @@ int main(void)
goto exit;
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
#if defined(MBEDTLS_SSL_CACHE_C)

1
programs/ssl/ssl_server2.c
View File

@ -2925,7 +2925,6 @@ usage:
#endif
#endif /* MBEDTLS_HAVE_TIME */
}
mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
#if defined(MBEDTLS_SSL_CACHE_C)

1
programs/x509/cert_app.c
View File

@ -383,7 +383,6 @@ usage:
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
}
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {

1
tests/src/test_helpers/ssl_helpers.c
View File

@ -767,7 +767,6 @@ int mbedtls_test_ssl_endpoint_init(
mbedtls_ssl_init(&(ep->ssl));
mbedtls_ssl_config_init(&(ep->conf));
mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL);
TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0);

5
tests/suites/test_suite_debug.function
View File

@ -156,7 +156,6 @@ void debug_print_msg_threshold(int threshold, int level, char *file,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -194,7 +193,6 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -229,7 +227,6 @@ void mbedtls_debug_print_buf(char *file, int line, char *text,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -267,7 +264,6 @@ void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -306,7 +302,6 @@ void mbedtls_debug_print_mpi(char *value, char *file, int line,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);

15
tests/suites/test_suite_ssl.function
View File

@ -1219,7 +1219,6 @@ void ssl_dtls_replay(data_t *prevs, data_t *new, int ret)
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT) == 0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -1341,8 +1340,7 @@ void ssl_crypt_record(int cipher_type, int hash_id,
rec_backup = rec;
/* Encrypt record */
ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
mbedtls_test_rnd_std_rand, NULL);
ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec);
TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
if (ret != 0) {
continue;
@ -1495,8 +1493,7 @@ void ssl_crypt_record_small(int cipher_type, int hash_id,
rec_backup = rec;
/* Encrypt record */
ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
mbedtls_test_rnd_std_rand, NULL);
ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec);
if (ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
/* It's ok if the output buffer is too small. We do insist
@ -1949,8 +1946,7 @@ void ssl_tls13_record_protection(int ciphersuite,
memset(&rec.ctr[0], 0, 8);
rec.ctr[7] = ctr;
TEST_ASSERT(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec,
NULL, NULL) == 0);
TEST_ASSERT(mbedtls_ssl_encrypt_buf(NULL, &transform_send, &rec) == 0);
if (padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) {
TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len,
@ -3033,7 +3029,6 @@ void conf_version(int endpoint, int transport,
mbedtls_ssl_conf_transport(&conf, transport);
mbedtls_ssl_conf_min_tls_version(&conf, min_tls_version);
mbedtls_ssl_conf_max_tls_version(&conf, max_tls_version);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == expected_ssl_setup_result);
TEST_EQUAL(mbedtls_ssl_conf_get_endpoint(
@ -3058,7 +3053,6 @@ void conf_group()
mbedtls_ssl_config conf;
mbedtls_ssl_config_init(&conf);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT);
@ -3168,7 +3162,6 @@ void cookie_parsing(data_t *cookie, int exp_ret)
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id,
@ -3223,7 +3216,6 @@ void cid_sanity()
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT)
== 0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@ -3482,7 +3474,6 @@ void ssl_ecjpake_set_password(int use_opaque_arg)
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT), 0);
mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);